%
Response.Addheader "Content-Type","text/html; charset=gb2312"
if gbookStart = 0 then die "留言功能已经关闭"
dim CONST_USER,CONST_PWD,timeSpan
CONST_USER=gbookuser : CONST_PWD=gbookpwd : timeSpan=gbooktime
dim action,page,temp: action = getForm("action", "get")
page=getForm("page","get")
if isNul(page) then
page=1
else
if not isNum(page) then echoSaveStr "safe" else page=clng(page)
end if
if page<1 then page=1
Const CachePage=1
dim templateobj
Sub viewmain
dim channelTemplatePath,cacheName : channelTemplatePath = "/"&sitePath&"template/"&defaultTemplate&"/"&templateFileFolder&"/gbook.html"
set templateobj = mainClassobj.createObject("MainClass.template")
templateobj.load channelTemplatePath
cacheName="parse_book_"
if cacheStart=1 then
if cacheObj.chkCache(cacheName) then
templateObj.content = cacheObj.getCache(cacheName)
else
parseBook
cacheObj.setCache cacheName,templateObj.content
end if
else
parseBook
end if
echo replace(replace(templateObj.content,"{gbook:viewLeaveWord}",viewLeaveWord),"{maxcms:runinfo}",getRunTime())
SET templateobj=nothing
end sub
Sub parseBook
with templateObj:.parseTopAndFoot():.parseSelf():.parseGlobal():.content=replaceCurrentTypeId(.content):.content = replace(.content,"{gbook:main}",main):.parseMenuList(""):.parseAreaList():.parseTopicList():.parseVideoList():.parseNewsList():.parseLinkList():.parseIf():end with
End Sub
Select case action
case "add" : leaveWord
case "list" :
if isLogin then
echo replaceStr(leaveWordList,"{maxcms:runinfo}",getRunTime())
else
if page<=CachePage then tryDieCacheFile 0,"gbook/"&page
temp=leaveWordList:if page<=CachePage then WriteCacheFile 0,"gbook/"&page,temp
echo replaceStr(temp,"{maxcms:runinfo}",getRunTime())
end if
case "login" : loginLeaveWord
case "logout" : logOut
case "state" : viewLoginState
case "del" : delLeaveWord
case "reply" : replyLeaveWord
case else:viewmain
end Select
terminateAllObjects
Function main
main = "
"&siteName&"留言板
"
End Function
Function transferSpecialStr(Byval str)
dim templateobj:set templateobj = mainClassObj.createObject("MainClass.template")
if instr(str,"[URL]")>0 then
str=templateobj.regExpReplace(str,"\[URL\](\S+?)\[\/URL\]","$1")
else
str=templateobj.regExpReplace(str,"(http://\S+)[\s|\n]*","$1")
end if
set templateobj=nothing
transferSpecialStr=str
End Function
Sub replyLeaveWord
if not isLogin then die "err"
dim id : id=getForm("id","get")
dim m_content : m_content=transferSpecialStr(preventSqlin(getForm("m_replycontent","post"),"filter"))
dim m_ip : m_ip=preventSqlin(getIp(),"filter")
on error resume next
if isNul(id) then
die "err"
else
if not isNum(id) then echoSaveStr "safe" else id=clng(id)
end if
conn.db "insert into {pre}leaveword(m_replyid,m_content,m_ip) values("&id&",'"&m_content&"','"&m_ip&"')","execute"
if err then echo "err" else echo "ok"
dim fp:fp="/"&sitepath&"webcache\0\0\0gbook":if isExistFolder(fp) then delFolder fp
End Sub
Sub delLeaveWord
if not isLogin then die "err"
dim id : id=getForm("id","get")
dim ptype : ptype=clng(preventSqlin(getForm("type","get"),"filter"))
on error resume next
if isNul(id) then
die "err"
else
if not isNum(id) then echoSaveStr "safe" else id=clng(id)
end if
if ptype=1 then conn.db "delete from {pre}leaveword where m_id="&id,"execute" else
conn.db "delete from {pre}leaveword where m_replyid="&id,"execute"
if err then echo "err" else echo "ok"
dim fp:fp="/"&sitepath&"webcache\0\0\0gbook":if isExistFolder(fp) then delFolder fp
End Sub
Function ChleaveWord(x)
Dim rg:SET rg=new RegExp
rg.ignoreCase=true
rg.Global=false
rg.Pattern="[\u4e00-\u9fa5]"
ChleaveWord=rg.test(x)
SET rg=nothing
End Function
Sub leaveWord
if getTimeSpan("lastGbookTime")15 then m_ip=getStrByLen(m_ip,15)
CheckBanIP m_ip
m_content=encodeHtml(filterDirty(preventSqlin(m_content,"filter")))
if computeStrLen(m_content)>500 then m_content=getStrByLen(m_content,500)
CheckBanWords m_content
on error resume next
m_author=encodeHtml(filterDirty(preventSqlin(getForm("m_author","post"),"filter")))
if computeStrLen(m_author)>20 then m_author=getStrByLen(m_author,20)
m_qq=encodeHtml(filterDirty(preventSqlin(getForm("m_qq","post"),"filter")))
if computeStrLen(m_qq)>15 then m_qq=getStrByLen(m_qq,15)
m_mail=encodeHtml(filterDirty(preventSqlin(getForm("m_mail","post"),"filter")))
if computeStrLen(m_mail)>30 then m_mail=getStrByLen(m_mail,30)
m_addtime=now
conn.db "insert into {pre}leaveword(m_author,m_qq,m_mail,m_content,m_ip,m_addtime) values ('"&m_author&"','"&m_qq&"','"&m_mail&"','"&replacedirtyWords(m_content)&"','"&m_ip&"','"&m_addtime&"')","execute"
setSession "lastGbookTime",now
if err then echo "err" else echo "ok"
dim fp:fp="/"&sitepath&"webcache\0\0\0gbook":if isExistFolder(fp) then delFolder fp
End Sub
Sub logOut
session("loginflag")=""
End Sub
Sub loginLeaveWord
dim m_username,m_pwd,m_login
on error resume next
m_username=preventSqlin(getForm("m_username","post"),"filter")
m_pwd=preventSqlin(getForm("m_pwd","post"),"filter")
m_login=preventSqlin(getForm("m_login","post"),"filter")
if err then
echo "err"
else
if m_username=CONST_USER and m_pwd=CONST_PWD and m_login="ok" then
session("loginflag")=CONST_USER&CONST_PWD : echo "ok"
else
echo "no"
end if
end if
End Sub
function leaveWordList
dim Qe,ary,n,i,rsObj,lsort,txt
set Qe = mainClassobj.createObject("MainClass.DataPage")
Qe.Query "SELECT m_id,m_author,m_qq,m_mail,m_content,m_ip,m_addtime FROM {pre}leaveword WHERE m_replyid=0 ORDER BY m_id DESC"
Qe.absolutepage=page
Qe.pagesize=10
ary = Qe.GetRows()
if page > Qe.pagecount then page=Qe.pagecount
if Qe.recordcount>0 then
n=ubound(ary,2):lsort=n
for i=0 to n
set rsObj=conn.db("select top 1 m_content,m_ip,m_addtime from {pre}leaveword where m_replyid="&ary(0,i),"records1")
txt=txt&"
"&_
"
"
if page = Qe.pagecount then
txt=txt&(lsort+1)
else
txt=txt&(Qe.recordcount- Qe.pagesize *page +lsort + 1)
end if
txt=txt&"条留言
"
txt=txt&"
"
txt=txt&"发表于 "&ary(6,i)
txt=txt&""&_
"
"&ary(1,i)&"
"
if isLogin then
txt=txt&" 删除 | "
if rsObj.eof then
txt=txt&"回复 | "
else
txt=txt&"删除回复 | "
end if
end If
txt=txt&"
"&showFace(ary(4,i))&"
"
if not rsObj.eof then txt=txt&"
管理员回复
"&rsObj("m_content")&"
"
rsObj.close : set rsObj=nothing
txt=txt&"
"
lsort=lsort-1
next
else
txt="
当前没有留言
"
end if
txt=txt&"
"
if page=1 then
txt=txt&"首页上一页"
else
txt=txt&"首页上一页"
end if
dim m,x,y
x=page-5:y=page+5
if x<1 then x=1
if y>Qe.pagecount then y=Qe.pagecount
for m=x to y
if page=m then
txt=txt&""&m&" "
else
txt=txt&" "&m&""
end if
next
if page=Qe.pagecount then
txt=txt&"下一页尾页"
else
txt=txt&"下一页尾页"
end if
txt=txt&"
"
set Qe = nothing
leaveWordList=txt
End function
Sub viewLoginState
if isLogin then
%>
已登陆: 退出
<%
else
%>
留言管理
<%
end if
End Sub
Function viewLeaveWord
dim key : key=server.HTMLEncode(getForm("key","get"))
dim mystr: mystr = ""
mystr = mystr&"
"&_
""&_
"
"&_
""&_
""&_
"
"
viewLeaveWord = mystr
End Function
Function isLogin()
if session("loginflag")=CONST_USER&CONST_PWD then isLogin=true else isLogin=false
End Function
Function getBanWords()
on error resume next:getBanWords=BanWords
End Function
Sub CheckBanWords(m_content)
if ""&getBanWords="" OR m_content="" then Exit Sub
Dim Ban,i,l:Ban=Split(getBanWords,","):l=UBound(Ban)
for i=0 to l
if Ban(i)<>"" then
if InStr(" "&m_content,Ban(i))>0 then die "haveleave"
end if
next
End Sub
Function getBanIPS()
on error resume next:getBanIPS=BanIPS
End Function
Sub CheckBanIP(m_ip)
if ""&getBanIPS="" then Exit Sub
dim x,y,i,l,Ban:Ban=Split(ReplaceStr(getBanIPS," ",""),","):l=UBound(Ban)
if InStr(" ,"&getBanIPS&",",","&m_ip&",")>0 then die "havecomment"
for i=0 to l
if InStr(" "&Ban(i),"*")>0 then
x=Split(Ban(i),"."):y=Split(m_ip,".")
if UBound(x)=3 then
if (x(0)=y(0) OR x(0)="*") AND (x(1)=y(1) OR x(1)="*") AND (x(2)=y(2) OR x(2)="*") AND (x(3)=y(3) OR x(3)="*") then
die "haveleave"
end if
end if
elseif Ban(i)=m_ip then
die "haveleave"
end if
next
End Sub
%>