写留言 查看留言 |
% 'call aspsql() set rs=conn_book.execute("select * from book_setup") maxlength=clng(rs("maxlength")) view=cstr(rs("view")) mailyes=clng(rs("mailyes")) randomize yzm=int(8999*rnd()+1000) %> <% if request("send")="ok" then username=trim(request.form("username")) usermail=trim(request.form("usermail")) if mailyes=0 then '邮箱为必填时检查邮箱是否合法 if Instr(usermail,".")<=0 or Instr(usermail,"@")<=0 or len(usermail)<5 or len(usermail)>100 then response.write "" response.end end if end if if request("myweb")<>"haohaoweb.cn" then response.Redirect("message.asp") response.End() end if set rs=Server.CreateObject("ADODB.RecordSet") sql="select * from book where online='1' order by Postdate desc" rs.open sql,conn_book,1,3 rs.Addnew rs("username")=dvHTMLEncode(left(Request("username"),30)) rs("comments")=dvHTMLEncode(Request("comments")) rs("usermail")=dvHTMLEncode(left(Request("usermail"),50)) rs("Face")=dvHTMLEncode(left(Request("Face"),30)) rs("url")=dvHTMLEncode(left(Request("url"),50)) rs("qq")=dvHTMLEncode(left(Request("qq"),10)) rs("online")=view rs("IP")=Request.serverVariables("REMOTE_ADDR") rs.Update session("book_error")=session("book_error")+1 rs.close set rs=nothing response.write "" response.end end if %>