<% if lock="1" then errinfo="
  • 留言本已经被管理员锁定,您无法留言。" call showError() end if select case Request.QueryString("act") case "addnew" call addnew() case "" pagename="写留言" call bodySkin() sub pageContent() submitForm() end sub end select function submitForm() %>
    <%if notice<>"" then%>
    <%=UBBcode(notice,1)%>
    <%end if%>
    *** 您的称呼:
    ">
    性别及头像:
    男性:           
    女性:           
    中性:           
    网站:
    <%dim myURL if Request.Cookies("SranM_userinfo")("SranM_userURL") = "" then myURL = "http://" else myURL = Request.Cookies("SranM_userinfo")("SranM_userURL") end if%>
    电子邮件:
    ">
    QQ号码:
    ">
    标题:
    *** 正文:

    当前字数:0,最大字数:<%=maxnum%>
    <%if UBBcfg_emot=1 then%>
    <%call getEmot()%>
    <%end if%>
    悄悄话   回复查看码(可不填):
    回复查看码用于以后查看管理员对悄悄话的回复。 若不填,管理员将无法回复此悄悄话。

         
    <% end function sub addnew() '//////// 将留言加入数据库 dim servername1,servername2 servername1=Cstr(Request.ServerVariables("HTTP_REFERER")) servername2=Cstr(Request.ServerVariables("SERVER_NAME")) if mid(servername1,8,len(servername2))<>servername2 then errinfo="
  • 非法的提交动作!" call showError() end if if session("postTime")<>"" and minute(NOW() - session("postTime")) < 1 and not(login) then session("postTime")=NOW() errinfo="
  • 您的提交时间间隔过短,请一分钟后再次提交。" call showError() '//////// 此处是为了防止恶意的重复提交 end if dim username,xingbie,userface,userURL,usermail,userqq dim usertitle,usercontent,whisper,checked,replycode username=trim(sql_filter(request.Form("username"))) if request.Form("userface") < 6 then xingbie=1 elseif request.Form("userface") < 11 then xingbie=2 else xingbie=3 end if userface=sql_filter(request.Form("userface")) if trim(sql_filter(request.form("userURL")))="http://" then userURL = "" else userURL=trim(sql_filter(request.form("userURL"))) end if usermail=trim(sql_filter(request.form("usermail"))) userqq=trim(sql_filter(request.form("userqq"))) usertitle=trim(sql_filter(request.form("usertitle"))) usercontent=Rtrim(sql_filter(request.form("usercontent"))) if not request.form("whisper")="1" then whisper=0 else whisper=1 end if replycode=sql_filter(trim(request.form("replycode"))) Response.Cookies("SranM_userinfo")("SranM_username") = username Response.Cookies("SranM_userinfo")("SranM_userURL") = userURL Response.Cookies("SranM_userinfo")("SranM_usermail") = usermail Response.Cookies("SranM_userinfo")("SranM_userqq") = userqq Response.Cookies("SranM_userinfo").expires=date+365 if username="" then errinfo=errinfo & "
  • 未填写您的称呼" else if len(username)>20 then errinfo=errinfo & "
  • 过长的称呼" if (UCase(username)=UCase(name) or username="管理员") and not(login) then errinfo=errinfo & "
  • 请勿使用管理员的称呼" end if if len(usertitle)>50 then errinfo=errinfo & "
  • 过长的标题" end if dim re Set re=new RegExp re.IgnoreCase =true re.Global=true re.Pattern="(\[(.[^\]]*)\])" if trim(re.Replace(Replace(request.form("usercontent"), CHR(13)&CHR(10), ""),""))="" then errinfo=errinfo & "
  • 未填写留言内容" elseif len(usercontent)>maxnum then errinfo=errinfo & "
  • 过长的留言内容" end if if not adword="" then dim alladword,i alladword=split(adword,chr(13)&chr(10)) for i = lbound(alladword) to ubound(alladword) if instr(UCase(usercontent & usertitle),UCase(trim(alladword(i))))>0 and trim(alladword(i))<>"" then errinfo="
  • 未知错误。" call showError() response.end end if next end if If userURL<>"" then dim isURL re.Pattern="http://([\w-]+\.)+[\w-]+(/[\w- ./?%&=]*)?" isURL=re.test(userURL) if not isURL then errinfo=errinfo & "
  • 个人主页地址填写有误" elseif len(userURL)>200 then errinfo=errinfo & "
  • 过长的个人主页地址" end if end if If usermail<>"" then dim isEmail re.Pattern="^[\w-\.]{1,}\@([\da-zA-Z-]{1,}\.){1,}[\da-zA-Z-]{2,3}$" isEmail=re.test(usermail) if not isEmail then errinfo=errinfo & "
  • 电子邮件地址填写有误" elseif len(usermail)>100 then errinfo=errinfo & "
  • 过长的电子邮件地址" end if end if set re=Nothing if trim(userqq)<>"" then if not(isnumeric(userqq)) then errinfo=errinfo & "
  • QQ号码填写有误" elseif len(userqq)>10 then errinfo=errinfo & "
  • 过长的QQ号码" end if end if if len(replycode)>45 then errinfo=errinfo & "
  • 过长的回复查看码" end if call showError() if needcheck=0 or whisper=1 then checked=1 else checked=0 end if Set rs= Server.CreateObject("ADODB.Recordset") sql="select * from [topic]" rs.open sql,conn,3,2 rs.addnew rs("username")=username rs("xingbie")=xingbie rs("userface")=userface rs("userURL")=userURL rs("usermail")=usermail rs("userqq")=userqq rs("usertime")=now() rs("usertitle")=usertitle rs("usercontent")=usercontent rs("whisper")=whisper rs("replycode")=replycode rs("top")="0" rs("reply")="0" rs("ip")=user_ip rs("checked")=checked rs.update rs.close session("postTime")=NOW() if checked=0 then response.write"" else if whisper=1 then if replycode="" then response.write"" else response.write"" end if else Response.Redirect "index.asp" Response.Flush end if end if end sub %>