<% dim title,name,pass,email,qq,url,pic,nei,t,rt,yd,hf,jh,bl,male,face dim rtid, rs, exec1, rs2, rs1, reID, reTime,isPrivate, foundErr title=encodestr(Request.form("title")) name=encodestr(Request.form("name")) pass=encodestr(Request.form("pass")) email=encodestr(Request.form("email")) qq=encodestr(Request.form("qq")) url=encodestr(Request.form("url")) male=int(Request.form("male")) face=encodestr(Request.form("face")) nei=replace(Request.form("nei"),"'","""") pic=encodestr(Request.form("pic")) rtid=encodestr(Request.form("rtid")) isPrivate=encodestr(Request.form("isPrivate")) bl=0 if len(title)<3 then session("error")="请认真填写留言标题！！
" foundErr=true end if if len(name)=0 and not theUser.reged then session("error")=session("error") & "请填写用户名！！
" foundErr=true end if if len(nei)<2 then session("error")=session("error") & "请认真填写留言内容！！
" foundErr=true end if if len(nei)>maxLength then session("error")=session("error") & "留言内容最多"& maxLength &"个字符，请减少你的留言内容！！
" foundErr=true end if if len(title)>40 then session("error")=session("error") & "留言标题不可以超过40个字符！！
" foundErr=true end if if len(name)>10 then session("error")=session("error") & "用户名不可以超过10个字符！！
" foundErr=true end if if foundErr then response.redirect("error.asp") end if if theUser.reged then name=theUser.name qq=theUser.qq email=theUser.email url=theUser.url male=theUser.male face=theUser.face bl=1 elseif pass<>"" then pass=MD5(pass) exec1="select * from blyh where name='"&name&"'" Set RS = Server.CreateObject("ADODB.RecordSet") rs.Open exec1, Conn, 1, 1 if not rs.eof then if pass=rs("pass") then qq=rs("qq") email=rs("email") url=rs("url") male=rs("male") face=rs("face") rsclose() bl=1 else rsclose() connclose() session("error")="保留用户密码帐号不对应！！！" response.redirect "error.asp" end if else rsclose() Set rs = Server.CreateObject("ADODB.Recordset") exec1="select top 1 * from blyh" rs.Open exec1,conn,1,2 rs.addnew rs("name")=name rs("pass")=pass rs("email")=email rs("qq")=qq rs("url")=url rs("male")=male rs("face")=face rs("t1")=dateAdd("h",timeDiff,now) rs.update rsclose() exec1="update const set userNum=userNum+1" conn.execute(exec1) bl=1 end if end if Set rs = Server.CreateObject("ADODB.Recordset") exec1="select top 1 * from ly order by id desc" rs.Open exec1,conn,1,2 rs.addnew rs("name")=name rs("title")=title rs("email")=email rs("qq")=qq rs("male")=male rs("face")=face rs("url")=url rs("nei")=nei rs("t")=dateAdd("h",timeDiff,now) rs("retime")=dateAdd("h",timeDiff,now) rs("pic")=pic rs("bl")=bl rs("yd")=0 rs("hf")=0 rs("jh")=0 rs("rt")=rtid rs("ip")=request.servervariables("remote_addr") rs("comefrom")=getFrom(request.servervariables("remote_addr")) if isPrivate="1" then rs("isPrivate")=1 end if rs.update rs.requery reID=rs("id") reTime=rs("t") rs.close exec1="select top 1 * from ly where id="& Cstr(rtid) rs.open exec1,conn,1,3 if not (rs.eof and rs.bof) then rs("hf")=rs("hf")+1 rs("reid")=reid rs("reTime")=dateAdd("h",timeDiff,now) rs.update end if rsclose() if bl=1 then exec1="update blyh set postNum=postNum+1 where name='"& name &"'" conn.execute(exec1) end if connclose() if not theUser.reged then response.cookies("gbook")("username")=name response.cookies("gbook")("password")=pass end if session("url")="show.asp?id="&rtid response.redirect "addok.asp" %>