<%@ LANGUAGE="VBSCRIPT" %> <% rem ---------------------- rem ------主程序开始------ rem ---------------------- dim announceid dim UserName dim userPassword dim useremail dim article dim Topic dim body dim dateTimeStr dim addAll dim newUser dim UserID dim ip dim Expression dim boardID dim sql dim rs dim FoundUser dim boardtype dim signflag dim mailflag dim TIME_ADJUST dim lockboard dim boardskin dim boardstat boardskin=1 rem ------获得asp文件参数------ call getInput() rem -----检查user输入数据的合法性------ call chkData() if FoundErr then call nav() call headline(2) call Error() else call checkUser() call nav() call headline(2) if FoundErr then call Error() else call saveAnnounce() end if end if set rs=nothing call endline() rem ---------------------- rem ------主程序结束------ rem ---------------------- rem 检测用户输入数据合法性 sub checkUser() call boardinfo(boardid) select case boardskin case 1 case 2 exit sub case 3 if not(boardmaster or master) then Founderr=true Errmsg=Errmsg+"
"+"
  • 评论论坛,坛主和版主允许发言,其他注册用户只能回复" exit sub end if case 4 if not(boardmaster or master) then Founderr=true Errmsg=Errmsg+"
    "+"
  • 精华区,只允许版主和坛主发言和操作" exit sub end if case 5 if username="" then founderr=true Errmsg=Errmsg+"
    "+"
  • 本论坛为认证论坛,请登陆并确认您的用户名已经得到管理员的认证后进入。" exit sub else if chkboardlogin(boardid,username)=false then founderr=true Errmsg=Errmsg+"
    "+"
  • 本论坛为认证论坛,请确认您的用户名已经得到管理员的认证后进入。" exit sub end if end if case 6 if username="" then Founderr=true Errmsg=Errmsg+"
    "+"
  • 正规论坛,只有登陆用户才能浏览论坛并发言" exit sub end if end select usercookies=request.Cookies("aspsky")("usercookies") if isnull(usercookies) or usercookies="" then usercookies=3 if chkuserlogin(username,userpassword,usercookies,2)=false then errmsg=errmsg+"
    "+"
  • 您的用户名并不存在,或者您的密码错误,或者您的帐号已被管理员锁定。" founderr=true exit sub end if if lockboard=1 then if not master then Errmsg=ErrMsg+"
    "+"
  • 您没有权限在本版面发布贴子!" FoundErr=true end if end if stats=boardtype & "发表帖子成功" end sub rem 保存贴子信息 sub saveAnnounce() DateTimeStr=CSTR(NOW()+TIMEADJUST/24) Sql="insert into bbs1(Boardid,ParentID,Child,username,topic,body,DateAndTime,hits,length,rootid,layer,orders,ip,Expression,locktopic,signflag,emailflag,istop,isbest,isvote,times) values "&_ "("&_ boardid&",0,0,'"&_ username&"','"&_ topic&"','"&_ body&"','"&_ DateTimeStr&"',0,'"&_ strlength(body)&"',0,1,0,'"&ip&"','"&_ Expression&"',0,"&signflag&","&mailflag&",0,0,0,0)" 'response.write sql conn.execute(sql) set rs=conn.execute("select top 1 announceid from bbs1 order by announceid desc") announceid=rs(0) sql="update bbs1 set rootid="&announceid&",times="&announceid&" where announceid="&announceid conn.execute(sql) if topic="" then Topic=cutStr(body,20) else Topic=cutStr(topic,20) end if sql="update board set lastpostuser='"&username&"',lastposttime='"&datetimestr&"',lastbbsnum=lastbbsnum+1,lasttopicnum=lasttopicnum+1,todaynum="&boardtoday(boardid)&",lastrootid="&announceid&",lasttopic='"&topic&"' where boardid="&cstr(boardID) conn.execute(sql) conn.execute("update config set topicnum=topicnum+1,bbsnum=bbsnum+1,todayNum="&alltodays()&"") if err.number<>0 then err.clear ErrMsg=ErrMsg+"
    "+"
  • 数据库操作失败,请以后再试"&err.Description call Error() else call success() end if set rs=nothing end sub '今日帖子 function boardtoday(boardid) tmprs=conn.execute("Select count(announceid) from bbs1 Where datediff('d',dateandtime,Now())=0 and boardid="&boardid) boardtoday=tmprs(0) set tmprs=nothing if isnull(boardtoday) then boardtoday=0 end function function alltodays() tmprs=conn.execute("Select count(announceid) from bbs1 Where datediff('d',dateandtime,Now())=0") alltodays=tmprs(0) set tmprs=nothing if isnull(alltodays) then alltodays=0 end function '更新用户在线资料 sub activeuser() dim rsactiveusers,activeuser ComeFrom=address(Request.ServerVariables("REMOTE_HOST")) actCome=address(Request.ServerVariables("HTTP_X_FORWARDED_FOR")) statuserid=replace(Request.ServerVariables("REMOTE_HOST"),".","") set rsactiveusers=server.createobject("adodb.recordset") activeuser="select * from online where username='"&membername&"'" rsactiveusers.open activeuser,conn,1,3 if rsactiveusers.eof and rsactiveusers.bof then activeuser="insert into online(id,username,userclass,ip,startime,lastimebk,lastime,browser,stats,ComeFrom,actCome) values "&_ "("&statuserid&",'"&membername&"','"&memberclass&"','"&_ Request.ServerVariables("REMOTE_HOST")&"',Now(),Now(),'"&DateToStr(now())&"','"&_ Request.ServerVariables("HTTP_USER_AGENT")&"','"&_ boardtype&"','"&ComeFrom&"','"&actCome&"')" conn.execute(activeuser) else activeuser="update online set lastimebk=Now(),lastime='"&DateToStr(now())&"',stats='"&boardtype&"' where username='"&membername&"'" conn.execute(activeuser) end if if session("userid")<>"" then activeuser="delete from online where id="&cstr(session("userid")) Conn.Execute activeuser end if rsactiveusers.close set rsactiveusers=nothing end sub rem ------获得asp文件参数------ sub getInput() if request("boardid")="" then FoundErr=true Errmsg=Errmsg+"
    "+"
  • 请指定论坛版面。" elseif not isInteger(request("boardid")) then FoundErr=true Errmsg=Errmsg+"
    "+"
  • 非法的版面参数。" else boardID=request("boardID") end if IP=Request.ServerVariables("REMOTE_ADDR") Expression=Checkstr(Request.Form("Expression")&".gif") Topic=Checkstr(trim(request("subject"))) Body=Checkstr(trim(request.form("Content"))) UserName=Checkstr(trim(request("username"))) boardtype=Checkstr(trim(request("boardtype"))) signflag=Checkstr(trim(request("signflag"))) mailflag=Checkstr(trim(request("emailflag"))) UserPassWord=Checkstr(trim(request("passwd"))) if signflag="yes" then signflag=1 else signflag=0 end if if mailflag="yes" then mailflag=1 else mailflag=0 end if end sub rem -----检查user输入数据的合法性------ function chkData() if boardmaster or master then guestlist="" else guestlist=" lockboard=0 and " end if if instr(Expression,"face")=0 then Randomize Do While Len(rndnum)<1 num1=CStr(Chr((57-48)*rnd+48)) rndnum=rndnum&num1 loop Expression="face" & rndnum & ".gif" end if limitime=10 if not (isnull(session("lastpost")) or boardmaster or master) then if DateDiff("s",session("lastpost"),Now())"+"
  • 本论坛限制发贴距离时间为10秒,请稍后再发。" FoundErr=True end if end if if UserName="" or strLength(UserName)>20 then ErrMsg=ErrMsg+"
    "+"
  • 请输入姓名(长度不能大于20)" FoundErr=True end if if Topic="" then FoundErr=True if Len(ErrMsg)=0 then ErrMsg=ErrMsg+"
    "+"
  • 主题不应为空。" else ErrMsg=ErrMsg+"
    "+"
  • 主题不应为空。" end if elseif strLength(topic)>100 then FoundErr=True if strLength(ErrMsg)=0 then ErrMsg=ErrMsg+"
    "+"
  • 主题长度不能超过100" else ErrMsg=ErrMsg+"
    "+"
  • 主题长度不能超过100" end if end if if strLength(body)>AnnounceMaxBytes then ErrMsg=ErrMsg+"
    "+"
  • 发言内容不得大于" & CSTR(AnnounceMaxBytes) & "bytes" FoundErr=true end if if body="" then ErrMsg=ErrMsg+"
    "+"
  • 没有填写内容。" FoundErr=true end if session("lastpost")=Now() if err.number<>0 then err.clear end function sub success() response.write "" response.write "
    "&_ "
    "&_ ""&_ "
    状态:您发表帖子成功
    "&_ "本页面将在3秒后自动返回您所发表的帖子页面,您可以选择以下操作:
    " end sub Function Checkstr(str) str=replace(str,"'","''") Checkstr=str End Function %>