<% dim title,name,pass,email,qq,url,pic,nei,t,rt,yd,hf,jh,bl,male,face dim exec1, rs1, rs, rs2, id,isPrivate, foundErr title=encodestr(Request.form("title")) name=encodestr(Request.form("name")) pass=encodestr(Request.form("pass")) email=encodestr(Request.form("email")) qq=encodestr(Request.form("qq")) url=encodestr(Request.form("url")) nei=replace(Request.form("nei"),"'","""") pic=encodestr(Request.form("pic")) male=int(Request.form("male")) face=encodestr(Request.form("face")) isPrivate=encodestr(Request.form("isPrivate")) bl=0 if len(title)<3 then session("error")="请认真填写留言标题！！
" foundErr=true end if if len(name)=0 and not theUser.reged then session("error")=session("error") & "请填写用户名！！
" foundErr=true end if if len(nei)<2 then session("error")=session("error") & "请认真填写留言内容！！
" foundErr=true end if if len(nei)>maxLength then session("error")=session("error") & "留言内容最多"& maxLength &"个字符，请减少你的留言内容！！
" foundErr=true end if if len(title)>40 then session("error")=session("error") & "留言标题不可以超过40个字符！！
" foundErr=true end if if len(name)>10 then session("error")=session("error") & "用户名不可以超过10个字符！！
" foundErr=true end if if foundErr then connclose() response.redirect("error.asp") end if if theUser.reged then name=theUser.name qq=theUser.qq email=theUser.email url=theUser.url male=theUser.male face=theUser.face bl=1 elseif pass<>"" then pass=MD5(pass) exec1="select * from blyh where name='"&name&"'" Set RS1 = Server.CreateObject("ADODB.RecordSet") rs1.Open exec1, Conn, 1, 2 if not rs1.eof then if pass=rs1("pass") then qq=rs1("qq") email=rs1("email") url=rs1("url") male=rs1("male") face=rs1("face") bl=1 else rs1.close : set rs1=nothing connclose() session("error")="保留用户密码帐号不对应！！！" response.redirect "error.asp" end if else Set rs2 = Server.CreateObject("ADODB.Recordset") exec1="select top 1 * from blyh" rs2.Open exec1,conn,1,2 rs2.addnew rs2("name")=name rs2("pass")=pass rs2("email")=email rs2("qq")=qq rs2("url")=url rs2("male")=male rs2("face")=face rs2("t1")=dateAdd("h",timeDiff,now) rs2.update rs2.close set rs2=nothing exec1="update const set userNum=userNum+1" conn.execute(exec1) bl=1 end if rs1.close set rs1=nothing end if Set rs = Server.CreateObject("ADODB.Recordset") exec1="select top 1 * from ly order by id desc" rs.Open exec1,conn,1,2 rs.addnew rs("name")=name rs("title")=title rs("email")=email rs("qq")=qq rs("url")=url rs("male")=male rs("face")=face rs("nei")=nei rs("t")=dateAdd("h",timeDiff,now) rs("pic")=pic rs("bl")=bl rs("yd")=0 rs("hf")=0 rs("jh")=0 rs("rt")=0 rs("ip")=request.servervariables("remote_addr") rs("comefrom")=getFrom(request.servervariables("remote_addr")) if isPrivate="1" then rs("isPrivate")=1 end if rs.update 'rs.close rs.requery id=rs("id") rs("reid")=rs("id") rs("reTime")=rs("t") rs.update rs.close set rs=nothing exec1="update const set topicNum=topicNum+1" conn.execute(exec1) if bl=1 then exec1="update blyh set postNum=postNum+1 where name='"& name &"'" conn.execute(exec1) end if if bl=1 and isPrivate="1" then exec1="update const set privateNum=privateNum+1" conn.execute(exec1) exec1="update blyh set privateNum=privateNum+1 where name='"& name &"' " conn.execute(exec1) end if conn.close set conn=nothing connIpclose() if not theUser.reged then response.cookies("gbook")("username")=name response.cookies("gbook")("password")=pass end if session("url")="show.asp?id="&id response.redirect "addok.asp" %>