<% if instr(request.servervariables("http_referer"),"edit")<1 then response.redirect "index.asp" end if if instr(request.servervariables("http_referer"),"http://"&request.servervariables("host") )<1 then response.redirect "index.asp" end if dim title,email,qq,url,nei,id,rt dim exec, rs id=encodestr(Request.form("id")) title=encodestr(Request.form("title")) email=encodestr(Request.form("email")) qq=encodestr(Request.form("qq")) url=encodestr(Request.form("url")) nei=replace(Request.form("nei"),"'","""") if id="" or not theUser.reged then session("errmsg")="非法操作！！！" response.redirect("admin_error.asp") end if if len(title)>40 then title=left(title,40) end if Set rs = Server.CreateObject("ADODB.Recordset") exec="select * from ly where id="&id rs.Open exec,conn,1,2 if rs.eof then rsclose() connclose() session("errmsg")="该留言不存在！！！" response.redirect "admin_error.asp" end if rs("title")=title rs("email")=email rs("qq")=qq rs("url")=url if instr(nei,"[align=right][ 此留言被 "&theUser.name&" 修改过 ][/align]")>0 then rs("nei")=nei else rs("nei")=nei&"[align=right][ 此留言被 "&theUser.name&" 修改过 ][/align]" end if rs.update rs.requery rt=rs("rt") rsclose() connclose() if rt=0 then session("url")="show.asp?id="&id else session("url")="show.asp?id="&rt&"#"&id end if response.redirect "addok.asp" %>