home *** CD-ROM | disk | FTP | other *** search
/ 221.214.14.186 / 221.214.14.186.tar / 221.214.14.186 / zb / Notepad-zb / rpost_do.asp < prev    next >
Text File  |  2005-12-26  |  6KB  |  270 lines
  1. <!--#include file="conn.asp"-->
  2. <!--#include file="connip.asp"-->
  3. <!--#include file=const.asp -->
  4. <!--#include file=md5.asp -->
  5. <%
  6.  
  7. dim title,name,pass,email,qq,url,pic,nei,t,rt,yd,hf,jh,bl,male,face,icq,msn
  8. dim rtid, rs, exec, rs2, rs1, reID, reTime,isPrivate, foundErr
  9.   
  10. title=encodestr(Request.form("title"))
  11. name=encodestr(Request.form("name"))
  12. pass=encodestr(Request.form("pass"))
  13. email=encodestr(Request.form("email"))
  14. qq=encodestr(Request.form("qq"))
  15. icq=encodestr(Request.form("icq"))
  16. msn=encodestr(Request.form("msn"))
  17. url=encodestr(Request.form("url"))
  18. male=encodestr(Request.form("male"))
  19. face=encodestr(Request.form("face"))
  20. nei=replace(Request.form("nei"),"'","""")
  21. pic=encodestr(Request.form("pic"))
  22. rtid=encodestr(Request.form("rtid"))
  23. isPrivate=encodestr(Request.form("isPrivate"))
  24. bl=0
  25.  
  26. if isDate(request.cookies("gbook")("lastpost")) then
  27.     if dateDiff("s",Cdate(request.cookies("gbook")("lastPost")),now)<=postLimit then
  28.         session("error")="╟δ▓╗╥¬╣α╦«úíúí<br>"
  29.         foundErr=true
  30.     end if
  31. end if
  32. if len(title)<3 then
  33.     session("error")="╟δ╚╧╒µ╠ε╨┤┴⌠╤╘▒Ω╠Γúíúí<br>"
  34.     foundErr=true
  35. end if
  36. if len(name)=0 and not theUser.reged then
  37.     session("error")=session("error") & "╟δ╠ε╨┤╙├╗º├√úíúí<br>"
  38.     foundErr=true
  39. end if
  40. if len(nei)<2 then
  41.     session("error")=session("error") & "╟δ╚╧╒µ╠ε╨┤┴⌠╤╘─┌╚▌úíúí<br>"
  42.     foundErr=true
  43. end if
  44. if len(nei)>maxLength then
  45.     session("error")=session("error") & "┴⌠╤╘─┌╚▌╫ε╢α"& maxLength &"╕÷╫╓╖√ú¼╟δ╝⌡╔┘─π╡─┴⌠╤╘─┌╚▌úíúí<br>"
  46.     foundErr=true
  47. end if
  48. if len(title)>40 then
  49.     session("error")=session("error") & "┴⌠╤╘▒Ω╠Γ▓╗┐╔╥╘│¼╣²40╕÷╫╓╖√úíúí<br>"
  50.     foundErr=true
  51. end if
  52. if len(name)>10 then
  53.     session("error")=session("error") & "╙├╗º├√▓╗┐╔╥╘│¼╣²10╕÷╫╓╖√úíúí<br>"
  54.     foundErr=true
  55. end if
  56.  
  57. if foundErr then
  58.     response.redirect("error.asp")
  59. end if
  60.  
  61. if theUser.reged then
  62.     name=theUser.name
  63.     qq=theUser.qq
  64.     icq=theUser.icq
  65.     msn=theUser.msn
  66.     email=theUser.email
  67.     url=theUser.url
  68.     if theUser.male then
  69.         male="1"
  70.     else
  71.         male="0"
  72.     end if
  73.     face=theUser.face
  74.     bl=1
  75. elseif pass<>"" then
  76.     pass=MD5(pass)
  77.     exec="select * from [user] where username='"&name&"'"
  78.     Set RS = Server.CreateObject("ADODB.RecordSet") 
  79.     rs.Open exec, Conn, 1, 1
  80.     if not rs.eof then
  81.         if pass=rs("userpassword") then
  82.             qq=rs("oicq")
  83.             icq=rs("icq")
  84.             msn=rs("msn")
  85.             email=rs("useremail")
  86.             url=rs("homepage")
  87.             male=rs("sex")
  88.             face=rs("GBface")
  89.             rsclose()
  90.             bl=1
  91.         else
  92.                rsclose()
  93.             connclose()
  94.             session("error")="▒ú┴⌠╙├╗º├▄┬δ╒╩║┼▓╗╢╘╙ªúíúíúí"
  95.             response.redirect "error.asp"
  96.         end if
  97.     else
  98.         rsclose()
  99.         if email<>"" and not validEmail(email) then
  100.             connclose()
  101.             session("error")="╟δ╩Σ╚δ╒²╚╖╡─email╡╪╓╖úíúíúí"
  102.             response.redirect "error.asp"
  103.         end if
  104.         if isLikeMasterName(name) then
  105.             connclose()
  106.             session("error")="╟δ▓╗╥¬╩╣╙├╙δ░µ╓≈├√╧α╦╞╡─╙├╗º├√úíúíúí"
  107.             response.redirect "error.asp"
  108.         end if
  109.         
  110.         Set rs = Server.CreateObject("ADODB.Recordset")
  111.         exec="select * from [user] where userid=0"
  112.         rs.Open exec,conn,1,2
  113.         rs.addnew
  114.         rs("username")=name
  115.         rs("userpassword")=pass
  116.         if email<>"" then
  117.             rs("useremail")=email
  118.         end if
  119.         if qq<>"" then
  120.             rs("oicq")=qq
  121.         end if
  122.         if icq<>"" then
  123.             rs("icq")=icq
  124.         end if
  125.         if msn<>"" then
  126.             rs("msn")=msn
  127.         end if
  128.         if url<>"" then
  129.             rs("homepage")=url
  130.         end if
  131.         rs("sex")=male
  132.         rs("GBface")=face
  133.         rs("GBpostNum")=0
  134.         rs("GBprivateNum")=0
  135.         rs("AddDate")=dateAdd("h",timeDiff,now)
  136.         rs.update
  137.         rsclose()
  138.         exec="update GBconst set userNum=userNum+1"
  139.         conn.execute(exec)
  140.     bl=1
  141.     end if
  142. else
  143.     '╬┤╫ó▓ß,╬┤╠ε├▄┬δ
  144.     if mustReg then
  145.         connclose()
  146.         session("error")="╓╗╙╨╫ó▓ß╙├╗º┐╔╥╘╖ó╤╘ú¼╟δ╫ó▓ßúí"
  147.         response.redirect "error.asp"
  148.     end if
  149.     if email<>"" and not validEmail(email) then
  150.         connclose()
  151.         session("error")="╟δ╩Σ╚δ╒²╚╖╡─email╡╪╓╖úíúíúí"
  152.         response.redirect "error.asp"
  153.     end if
  154.     if isLikeMasterName(name) then
  155.         connclose()
  156.         session("error")="╟δ▓╗╥¬╩╣╙├╙δ░µ╓≈├√╧α╦╞╡─╙├╗º├√úíúíúí"
  157.         response.redirect "error.asp"
  158.     end if
  159.     
  160.     exec="select top 1 userid from [user] where username='"& name &"'"
  161.     set rs=conn.execute(exec)
  162.     if not rs.eof then
  163.         connclose()
  164.         session("error")="─·╩╣╙├╡─╙├╗º├√╩▄╡╜▒ú╗ñ,╟δ╕ⁿ╗╗!"
  165.         response.redirect("error.asp")
  166.     end if
  167.     rs.close
  168.     set rs=nothing
  169.     if request.cookies("gbookGuestName")<>"" then
  170.         if name<>request.cookies("gbookGuestName") then
  171.             connclose()
  172.             session("error")="╟δ▓╗╥¬╩╣╙├╢α╕÷╙├╗º├√┴⌠╤╘"
  173.             response.redirect "error.asp"
  174.         end if
  175.     else
  176.         if cookiePath<>"" then
  177.             response.cookies("gbookGuestName").Path=cookiePath
  178.         end if
  179.         response.cookies("gbookGuestName")=name
  180.     end if
  181. end if
  182.  
  183. '╕╕╠√╩╟▓╗╩╟╕∙╠√
  184. exec="select rt from ly where id="& rtid
  185. set rs=conn.execute(exec)
  186. if rs.eof then
  187.     connclose()
  188.     session("error")="─·╥¬╗╪╕┤╡─┴⌠╤╘╥╤▓╗┤µ╘┌!"
  189.     response.redirect("error.asp")
  190. else
  191.     if rs(0)>0 then
  192.         rtid=rs(0)
  193.     end if
  194. end if
  195.  
  196. Set rs = Server.CreateObject("ADODB.Recordset")
  197. exec="select * from ly where id=0"
  198. rs.Open exec,conn,1,2
  199.     rs.addnew
  200.     rs("name")=name
  201.     rs("title")=title
  202.     if email<>"" then
  203.         rs("email")=email
  204.     end if
  205.     if qq<>"" then
  206.         rs("qq")=qq
  207.     end if
  208.     if icq<>"" then
  209.         rs("icq")=icq
  210.     end if
  211.     if msn<>"" then
  212.         rs("msn")=msn
  213.     end if
  214.     if url<>"" then
  215.         rs("url")=url
  216.     end if
  217.     rs("male")=male
  218.     rs("face")=face
  219.     rs("nei")=nei
  220.     rs("t")=dateAdd("h",timeDiff,now)
  221.     rs("retime")=dateAdd("h",timeDiff,now)
  222.     rs("pic")=pic
  223.     rs("bl")=bl
  224.     rs("yd")=0
  225.     rs("hf")=0
  226.     rs("jh")=0
  227.     rs("rt")=rtid
  228.     rs("ip")=request.servervariables("remote_addr")
  229.     rs("comefrom")=getFrom(request.servervariables("remote_addr"))
  230.     if isPrivate="1" then
  231.         rs("isPrivate")=1
  232.     end if
  233.     rs.update
  234.     rs.close
  235.     exec="select max(id) from ly"
  236.     rs.open exec,conn,1,1
  237.     reID=rs(0)
  238.     rs.close
  239.     
  240.  
  241. exec="select top 1 * from ly where id="& Cstr(rtid)
  242. rs.open exec,conn,1,3
  243. if not (rs.eof and rs.bof) then
  244.     rs("hf")=rs("hf")+1
  245.     rs("reid")=reid
  246.     rs("reTime")=dateAdd("h",timeDiff,now)
  247.     rs.update
  248. end if
  249. rsclose()
  250.  
  251. if bl=1 then
  252.     exec="update [user] set GBpostNum=GBpostNum+1 where username='"& name &"'"
  253.     conn.execute(exec)
  254. end if
  255.  
  256. connclose()
  257.  
  258. if cookiePath<>"" then
  259.     response.cookies("gbook").Path=cookiePath
  260. end if
  261. response.cookies("gbook")("lastPost")=now
  262.  
  263. if not theUser.reged then
  264.     response.cookies("gbook")("username")=vbescape(name)
  265.     response.cookies("gbook")("password")=pass
  266. end if
  267.  
  268. session("url")="show.asp?id="&rtid
  269. response.redirect "addok.asp"    
  270. %>