<%=gbook_name%>

<%@ language=VBScript %> <% if Request("menu") = "addto" then call addto() else call index() end if sub index() %> <%=gbook_name%>

<%=gbook_name%>

当前位置:><%=name%> - >留言首页 - 添加留言

进入时间:<%=time%>

你的昵称(必须)

你的电邮(可选)

你的主页(可选)

你的OICQ(可选)

你的表情(可选)

你的头像(可选)

你的留言(必须)

[查看帖子长度]
[查看代码帮助]

点击发送(必须)

<% call htmlend() Response.End end sub sub addto() dim username, email, homeurl, qq, body, addtime, sql, Rs, ip, face, brow username=htmlencode2(trim(Request.form("username"))) email=htmlencode2(trim(Request.form("email"))) homeurl=htmlencode2(trim(Request.form("homeurl"))) qq=htmlencode2(trim(Request.form("qq"))) body=icode2html(htmlencode2(Request.form("body")), false, true) face=Request.form("face") ip=Request.ServerVariables("REMOTE_ADDR") brow=Request.form("brow") if username = "" then message="您得填写您的名字哦!\n" end if sql="select * from retain where userid='"&userid&"'" set nrs = Server.CreateObject("ADODB.Recordset") nrs.open sql,conn,1,1 do while not nrs.eof if username <>"" and username = nrs("retain_name") then message=message&"您填写的名字已经被站长保留了!\n" end if nrs.movenext loop nrs.close set nrs = nothing if email <> "" and IsValidEmail(email)=false then message=message&"您的电子邮件是不是错了?\n" end if if qq <> "" and isInteger(qq) = false then message=message&"对不起，您所填写的QQ号码不是数字哦,这样是不行的!\n" end if if qq <> "" and len(qq) < 4 then message=message&"好像没有小于4位号码的QQ吧!\n" end if if qq <> "" and len(qq) > 11 then message=message&"好像还没有超过11位号码的QQ吧!\n" end if if homeurl = "http://" or homeurl="" then homeurl="http://www.eieu.com" end if if body = "" then message=message&"留言内容不能为空!\n" end if if face = "" then face="images/face01.gif" end if if body <> "" and Len(body)> bodymax then message=message&"对不起,留言字数不能超过 "&bodymax&" 字,谢谢!\n" end if if brow = "" then brow="images/em01.gif" end if if message<> "" then call error(""&message&"") else sql = "select * from gbook" Set Rs = Server.CreateObject("ADODB.Recordset") Rs.open sql,conn,3,2 Rs.addnew Rs("username")=username Rs("email")=email Rs("homeurl")=homeurl Rs("qq")=qq Rs("body")=body Rs("face")=face Rs("brow")=brow Rs("ip")=ip Rs("addtime")=now Rs("userid")=userid Rs.update Rs.close sql="select * from admin where id="&userid Rs.open sql,conn,3,2 if date <> today_time then Rs("today_count") = 1 else Rs("today_count") = Rs("today_count")+1 end if Rs("today_time") = date Rs.update Rs.close set Rs = nothing conn.close set conn = nothing Response.redirect "index.asp?userid="&userid Response.End end if end sub %>