|
您的位置:首页 >> 发表留言
<%
on error resume next
dim conn,rs,ps,PostIntervalTime,IpLists,LoginPassWord,OnlyShowReplay
LoginPassWord = "freeway" '管理密码,请设置复杂的密码
ps = 20 '每页留言数
PostIntervalTime = 0 '同一个IP多长时间可以留一次言,单位是秒,5分钟可以用5*60表示,不限制请设置为0
OnlyShowReplay = 0 '留言是否有回复再显示,0为留言后立刻显示在留言列表中,1为需要回复后才显示在列表中。置顶的留言不受限制
IpLists = "192.168.|" '禁止留言的IP,例如:"127.0.|192.168.0.1"
%>
<%
dim act,name,email,content,reply,gid,ip,isTop
act = Request.form("act")
name = Request.form("name")
email = Request.form("email")
content = Request.form("content")
validate = Request.form("validate")
reply = Request.form("reply")
gid = Request.form("gid")
isTop = Request.form("isTop")
if cstr(isTop) <> "1" then isTop = "0"
ip = left(Request.ServerVariables("REMOTE_ADDR"),15)
name = NoJapn(name)
email = NoJapn(email)
content = NoJapn(content)
reply = NoJapn(reply)
if request.QueryString("action") = "loginout" then
session("islogin") = ""
end if
if act = "login" then
if trim(request.form("pws")) = trim(LoginPassWord) then
session("islogin") = LoginPassWord
end if
end if
Session.timeout = 20
function er(str,gourl)
%>
| <% = server.htmlencode(str) %> |
<%
Response.end
end function
set conn=Server.CreateObject("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=;Data Source=" & Server.MapPath("#truemark.asa")
if err.number<> 0 then
er "出现错误,请与管理员联系",""
end if
dim MaxPerPage,totalPut,CurrentPage,TotalPages
currentPage = Request.QueryString("page")
if currentPage = "" or isnumeric(currentPage) = false then
currentPage = 1
end if
currentPage = int(currentPage)
'提交问题/////////////////////////////////////////
if act = "save" then
if isForbid(ip) then
conn.close
set conn = nothing
er "对不起,你没有留言的权限",""
end if
if len(name) < 4 then
conn.close
set conn = nothing
er "您的网络昵称太短,至少也要4个字符吧",""
end if
if len(content) < 7 or len(content) > 1000 then
conn.close
set conn = nothing
er "内容不能少于8个字符且不多于1000个字符",""
end if
if session("valicode")<>validate then
conn.close
set conn = nothing
er "验证码输入错误",""
end If
if instr(LCase(content),"http:") > 1 or instr(LCase(content),"href") > 1 or instr(LCase(content),"url") > 1 or instr(LCase(content),"link") > 1 then
conn.close
set conn = nothing
er "内容不能包含URL解析语言",""
end If
if instr(content,"广告") > 1 or instr(content,"百荷音画驿站") > 1 or instr(content,"中天卫视") > 1 then
conn.close
set conn = nothing
er "内容不能包含广告",""
end If
if int(PostIntervalTime) > 0 then
newDate = Dateadd("s",int(PostIntervalTime)*-1,Now)
Set rs = conn.execute("select top 1 ip from feedback where ip = '"& fixsql(ip) &"' and theDate > #"& newDate &"#")
if not (rs.eof and rs.bof) then
set rs = nothing
conn.close
set conn = nothing
er "请不要频繁留言,请等分钟"& int(PostIntervalTime/60) &"留言!",""
end if
set rs = nothing
end if
dim InsertSql
InsertSql = "insert into feedback (name,email,content,ip) values('"& fixsql(name) &"','"& fixsql(email) &"','"& fixsql(content) &"','"& fixsql(ip) &"')"
conn.execute(InsertSql)
if err<> 0 then
conn.close
set conn = nothing
er "系统忙,请稍候再提交",""
else
conn.close
set conn = nothing
dim okalt
if int(OnlyShowReplay) = 1 then
okalt = ",留言需要管理员回复后才能显示。"
else
okalt = "。"
end if
er "留言已提交" & okalt,Request.ServerVariables("SCRIPT_NAME")
end if
end if
if session("islogin") = LoginPassWord then
'回复留言/////////////////////////////////////////
if act = "re" then
if isnumeric(gid) = false or gid = "" then
conn.close
set conn = nothing
er "参数错误",""
end if
if len(reply) > 1000 then
conn.close
set conn = nothing
er "回复不能多于1000个字符",""
end if
updateSql = "update feedback set content = '"& fixsql(content) &"',reply = '"& fixsql(reply) &"',isTop = "& int(isTop) &",replydate = now() where id = " & gid
conn.execute(updateSql)
if err<> 0 then
conn.close
set conn = nothing
er "系统忙,请稍候再提交",""
else
conn.close
set conn = nothing
er "操作成功。",Request.ServerVariables("SCRIPT_NAME") & "?page=" & currentPage
end if
end if
'删除留言
if act = "del" then
if isnumeric(gid) = false or gid = "" then
conn.close
set conn = nothing
er "参数错误",""
end if
delSql = "delete from feedback where id = " & gid
conn.execute(delSql)
if err<> 0 then
conn.close
set conn = nothing
er "系统忙,请稍候再提交",""
else
conn.close
set conn = Nothing
er "已删除。",Request.ServerVariables("SCRIPT_NAME") & "?page=" & currentPage
end if
end if
end if
if int(OnlyShowReplay) = 0 or (session("islogin") = LoginPassWord) then
sql = "select * from feedback order by IsTop desc,ID desc"
else
sql = "select * from feedback where len(reply) > 0 or IsTop = 1 order by IsTop desc,ID desc"
end if
set rs=Server.CreateObject("ADODB.Recordset")
rs.open sql,conn,1,1
%>
| |
|
<%
if isForbid(ip) then
Response.write " 你没有留言的权限 "
else%>
| 注意遵守:《全国人大常委会关于维护互联网安全的决定》及各项有关法律法规。 |
<%end if%>
|
|
<%
if rs.eof and rs.bof then
%>
| 暂时还没有留言 |
<%
else
%>
<%
rs.pagesize=ps
totalput=rs.recordcount
totalpages=rs.pagecount
maxperpage=rs.pagesize
if currentpage < 1 then
currentpage = 1
end if
if currentpage > totalpages then
currentpage=totalpages
end if
if currentPage=1 then
showContent
else
if (currentPage-1)*MaxPerPage < totalPut then
rs.move (currentPage-1)*MaxPerPage
dim bookmark
bookmark=rs.bookmark
showContent
end if
end if
rs.close
set rs=nothing
sub showContent
dim i
dim k
k=(totalPut-MaxPerPage*(currentPage-1))+1
i=0
do while not (rs.eof or err)
k=k-1
%>
<%if i > 0 then%>
<%end if%>
| 网络昵称: |
| <% = server.htmlencode(rs("name")) %> |
<% = rs("theDate") %> |
|
<%if session("islogin") = LoginPassWord then%>
<%else%>
| 留言内容: |
<% = replace(server.htmlencode(rs("content")),vbnewline,"
") %> |
<%if len(rs("reply")) > 0 then%>
| 网站回复: |
<% = replace(server.htmlencode(rs("reply")),vbnewline,"
") %> |
<%end if%>
<%end if%>
<%
i=i+1
if i>=MaxPerPage then exit do
rs.movenext
loop
end sub
end if
%>
|
| <%showpages()%> |
| <% logintable()%> |
<%
conn.close
set conn = nothing
Function NoJapn(byVal iStr)
if isnull(iStr) or isEmpty(iStr) then
NoJapn=""
Exit function
end if
dim F
F=array(chr(-23116),chr(-23124),chr(-23122),chr(-23120),chr(-23118),chr(-23114),chr(-23112),chr(-23110),chr(-23099),chr(-23097),chr(-23095),chr(-23075),chr(-23079),chr(-23081),chr(-23085),chr(-23087),chr(-23052),chr(-23076),chr(-23078),chr(-23082),chr(-23084),chr(-23088),chr(-23102),chr(-23104),chr(-23106),chr(-23108))
NoJapn=iStr
for i=0 to 25
NoJapn=replace(NoJapn,F(i),"")
next
End Function
function fixsql(str)
dim newstr
newstr = str
if isnull(newstr) or len(newstr) = 0 then
fixsql = newstr
exit function
end if
newstr = Replace(newstr,"'","''")
fixsql = newstr
end function
function isForbid(sip)
dim Iplist,Iparr,Ipi
Iplist = "|"& IpLists &"|"
Iparr = split(Iplist,"|")
for Ipi = 0 to ubound(Iparr)
if len(Iparr(Ipi)) > 0 and instr("|" & sip,"|" & Iparr(Ipi)) > 0 then
isForbid = true
exit function
end if
next
isForbid = false
end function
sub showpages()
pageurl = Request.ServerVariables("SCRIPT_NAME") & "?"
%>
<%
if len(totalput) = 0 then
totalput = 0
end if
if totalpages<2 then
if int(totalpages) > 0 then
response.write "总计:"&totalput&" "
end if
else
dim Page_First,Page_Previous,Page_Next,Page_Last
Page_First = "首页"
Page_Previous = "上页"
Page_Next = "下页"
Page_Last = "尾页"
%>
>>
<%if int(currentPage) = 1 Then%>
<% = Page_First %>
<% = Page_Previous %>
<% = Page_Next %>
<% = Page_Last %>
<%elseif int(currentPage) = int(totalpages) Then%>
<% = Page_First %>
<% = Page_Previous %>
<% = Page_Next %>
<% = Page_Last %>
<%else%>
<% = Page_First %>
<% = Page_Previous %>
<% = Page_Next %>
<% = Page_Last %>
<%end if%>
页次:<%=currentPage%>/<%=totalpages%> 页 转到 页 共 <%=totalput%>个留言
<%end if%><%
end sub
function logintable()
%>
<%end function%>
|
