<%@ LANGUAGE="VBSCRIPT" %>
<%
rem ----------------------
rem ------主程序开始------
rem ----------------------
dim announceid
dim UserName
dim userPassword
dim useremail
dim article
dim Topic
dim body
dim dateTimeStr
dim addAll
dim newUser
dim UserID
dim ip
dim Expression
dim boardID
dim sql
dim rs
dim FoundUser
dim boardtype
dim signflag
dim mailflag
dim TIME_ADJUST
dim lockboard
dim boardskin
dim boardstat
dim votetype,vote,votenum
stats="发表投票"
boardskin=1
rem ------获得asp文件参数------
call getInput()
rem -----检查user输入数据的合法性------
call chkData()
if FoundErr then
call nav()
call headline(2)
call Error()
else
call checkUser()
call nav()
call headline(2)
if FoundErr then
call Error()
else
call saveAnnounce()
call savevote()
end if
end if
call endline()
rem ----------------------
rem ------主程序结束------
rem ----------------------
rem 检测用户输入数据合法性
sub checkUser()
call boardinfo(boardid)
select case boardskin
case 1
case 2
exit sub
case 3
if not(boardmaster or master) then
Founderr=true
Errmsg=Errmsg+" "+"
评论论坛,坛主和版主允许发言,其他注册用户只能回复"
exit sub
end if
case 4
if not(boardmaster or master) then
Founderr=true
Errmsg=Errmsg+" "+"
精华区,只允许版主和坛主发言和操作"
exit sub
end if
case 5
if username="" then
founderr=true
Errmsg=Errmsg+" "+"
本论坛为认证论坛,请登陆并确认您的用户名已经得到管理员的认证后进入。"
exit sub
else
if chkboardlogin(boardid,username)=false then
founderr=true
Errmsg=Errmsg+" "+"
本论坛为认证论坛,请确认您的用户名已经得到管理员的认证后进入。"
exit sub
end if
end if
case 6
if username="" then
Founderr=true
Errmsg=Errmsg+" "+"
正规论坛,只有登陆用户才能浏览论坛并发言"
exit sub
end if
end select
usercookies=request.Cookies("aspsky")("usercookies")
if isnull(usercookies) or usercookies="" then usercookies=3
if chkuserlogin(username,userpassword,usercookies,2)=false then
errmsg=errmsg+" "+"
您的用户名并不存在,或者您的密码错误,或者您的帐号已被管理员锁定。"
founderr=true
exit sub
end if
if lockboard=1 then
if not master then
Errmsg=ErrMsg+" "+"
您没有权限在本版面发布贴子!"
FoundErr=true
end if
end if
end sub
rem 保存贴子信息
sub saveAnnounce()
DateTimeStr=CSTR(NOW()+TIMEADJUST/24)
Sql="insert into bbs1(Boardid,ParentID,Child,username,topic,body,DateAndTime,hits,length,rootid,layer,orders,ip,Expression,locktopic,signflag,emailflag,istop,isbest,isvote,times) values "&_
"("&_
boardid&",0,0,'"&_
username&"','"&_
topic&"','"&_
body&"','"&_
DateTimeStr&"',0,'"&_
strlength(body)&"',0,1,0,'"&ip&"','"&_
Expression&"',0,"&signflag&","&mailflag&",0,0,1,0)"
conn.execute(sql)
set rs=conn.execute("select top 1 announceid from bbs1 order by announceid desc")
announceid=rs(0)
sql="update bbs1 set rootid="&announceid&",times="&announceid&" where announceid="&announceid
conn.execute(sql)
if topic="" then
Topic=cutStr(body,20)
else
Topic=cutStr(topic,20)
end if
sql="update board set lastpostuser='"&username&"',lastposttime='"&datetimestr&"',lastbbsnum=lastbbsnum+1,lasttopicnum=lasttopicnum+1,todaynum="&boardtoday(boardid)&",lastrootid="&announceid&",lasttopic='"&topic&"' where boardid="&cstr(boardID)
conn.execute(sql)
conn.execute("update config set topicnum=topicnum+1,bbsnum=bbsnum+1,todayNum="&alltodays()&"")
if err.number<>0 then
err.clear
ErrMsg=ErrMsg+" "+"
数据库操作失败,请以后再试"&err.Description
call Error()
else
end if
set rs=nothing
end sub
'今日帖子
function boardtoday(boardid)
tmprs=conn.execute("Select count(announceid) from bbs1 Where datediff('d',dateandtime,Now())=0 and boardid="&boardid)
boardtoday=tmprs(0)
set tmprs=nothing
if isnull(boardtoday) then boardtoday=0
end function
function alltodays()
tmprs=conn.execute("Select count(announceid) from bbs1 Where datediff('d',dateandtime,Now())=0")
alltodays=tmprs(0)
set tmprs=nothing
if isnull(alltodays) then alltodays=0
end function
sub savevote()
set vrs=server.createobject("adodb.recordset")
sql="select * from vote"
vrs.open sql,conn,1,3
vrs.addnew
vrs("announceid")=announceid
vrs("vote")=vote
vrs("votenum")=votenum
vrs("votetype")=votetype
vrs("voteuser")=username
vrs.update
vrs.close
set vrs=nothing
if err.number<>0 then
err.clear
ErrMsg=ErrMsg+" "+"
数据库操作失败,请以后再试"&err.Description
call Error()
else
call success()
end if
end sub
'更新用户在线资料
sub activeuser()
dim rsactiveusers,activeuser
dim membername
dim memberword
dim memberclass
membername=request.cookies("aspsky")("username")
memberword=request.cookies("aspsky")("password")
memberclass=request.cookies("aspsky")("userclass")
ComeFrom=address(Request.ServerVariables("REMOTE_HOST"))
actCome=address(Request.ServerVariables("HTTP_X_FORWARDED_FOR"))
statuserid=replace(Request.ServerVariables("REMOTE_HOST"),".","")
set rsactiveusers=server.createobject("adodb.recordset")
activeuser="select * from online where username='"&membername&"'"
rsactiveusers.open activeuser,conn,1,3
if rsactiveusers.eof and rsactiveusers.bof then
activeuser="insert into online(id,username,userclass,ip,startime,lastimebk,lastime,browser,stats,ComeFrom,actCome) values "&_
"("&statuserid&",'"&membername&"','"&memberclass&"','"&_
Request.ServerVariables("REMOTE_HOST")&"',Now(),Now(),'"&DateToStr(now())&"','"&_
Request.ServerVariables("HTTP_USER_AGENT")&"','"&_
boardtype&"','"&ComeFrom&"','"&actCome&"')"
conn.execute(activeuser)
else
activeuser="update online set lastimebk=Now(),lastime='"&DateToStr(now())&"',stats='"&boardtype&"' where username='"&membername&"'"
conn.execute(activeuser)
end if
if session("userid")<>"" then
activeuser="delete from online where id="&cstr(session("userid"))
Conn.Execute activeuser
end if
rsactiveusers.close
set rsactiveusers=nothing
end sub
rem ------获得asp文件参数------
sub getInput()
if request("boardid")="" then
FoundErr=true
Errmsg=Errmsg+" "+"
请指定论坛版面。"
elseif not isInteger(request("boardid")) then
FoundErr=true
Errmsg=Errmsg+" "+"
非法的版面参数。"
else
boardID=request("boardID")
end if
IP=Request.ServerVariables("REMOTE_ADDR")
Expression=Checkstr(Request.Form("Expression")&".gif")
Topic=Checkstr(trim(request("subject")))
Body=Checkstr(trim(request("Content")))
UserName=Checkstr(trim(request("username")))
boardtype=Checkstr(trim(request("boardtype")))
signflag=Checkstr(trim(request("signflag")))
mailflag=Checkstr(trim(request("emailflag")))
UserPassWord=Checkstr(trim(request("passwd")))
votetype=Checkstr(request("votetype"))
vote=Checkstr(trim(request("vote")))
end sub
rem -----检查user输入数据的合法性------
function chkData()
if instr(Expression,"face")=0 then
Randomize
Do While Len(rndnum)<1
num1=CStr(Chr((57-48)*rnd+48))
rndnum=rndnum&num1
loop
Expression="face" & rndnum & ".gif"
end if
if signflag="yes" then
signflag=1
else
signflag=0
end if
if mailflag="yes" then
mailflag=1
else
mailflag=0
end if
limitime=10
if not (isnull(session("lastpost")) or boardmaster or master) then
if DateDiff("s",session("lastpost"),Now())"+"
本论坛限制发贴距离时间为10秒,请稍后再发。"
FoundErr=True
end if
end if
if UserName="" or strLength(UserName)>20 then
ErrMsg=ErrMsg+" "+"
请输入姓名(长度不能大于20)"
FoundErr=True
end if
if Topic="" then
FoundErr=True
if Len(ErrMsg)=0 then
ErrMsg=ErrMsg+" "+"
主题不应为空。"
else
ErrMsg=ErrMsg+" "+"
主题不应为空。"
end if
elseif strLength(topic)>100 then
FoundErr=True
if strLength(ErrMsg)=0 then
ErrMsg=ErrMsg+" "+"
主题长度不能超过100"
else
ErrMsg=ErrMsg+" "+"
主题长度不能超过100"
end if
end if
if strLength(body)>AnnounceMaxBytes then
ErrMsg=ErrMsg+" "+"
发言内容不得大于" & CSTR(AnnounceMaxBytes) & "bytes"
FoundErr=true
end if
if body="" then
ErrMsg=ErrMsg+" "+"
没有填写内容。"
FoundErr=true
end if
if vote="" then
ErrMsg=ErrMsg+" "+"
请输入投票内容"
FoundErr=true
else
vote=split(vote,chr(13)&chr(10))
j=0
for i = 0 to ubound(vote)
if not (vote(i)="" or vote(i)=" ") then
vote_1=""&vote_1&""&vote(i)&"|"
j=j+1
end if
if i>8 then exit for
next
for k = 1 to j
votenum=""&votenum&"0|"
next
votelen=len(vote_1)
votenumlen=len(votenum)
votenum=left(votenum,votenumlen-1)
vote=left(vote_1,votelen-1)
end if
if err.number<>0 then err.clear
session("lastpost")=Now()
end function
sub success()
response.write ""
response.write "