<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <% dbpath = server.mappath("mdb.mdb") set conn = server.createobject("adodb.connection") connstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&dbpath conn.Open connstr function HTMLEncode(fString) if not isnull(fString) then fString = replace(fString, ">", ">") fString = replace(fString, "<", "<") fString = Replace(fString, CHR(32), " ") fString = Replace(fString, CHR(9), " ") fString = Replace(fString, CHR(34), """) fString = Replace(fString, CHR(39), "'") fString = Replace(fString, CHR(13), "") fString = Replace(fString, CHR(10) & CHR(10), "

") fString = Replace(fString, CHR(10), "
") HTMLEncode = fString end if end function function UHTMLEncode(fString) if not isnull(fString) then fString = Replace(fString, " ", CHR(32)) fString = Replace(fString, " ", CHR(9)) fString = Replace(fString, """, CHR(34)) fString = Replace(fString, "'", CHR(39)) fString = Replace(fString, "", CHR(13)) fString = Replace(fString, "

", CHR(10) & CHR(10)) fString = Replace(fString, "
", CHR(10)) HTMLEncode2 = fString end if end function function checkadmin() if session("Admin")="" then response.redirect filename&"?action=login" response.end end if end function action=request.querystring("action") id=request.querystring("id") if id<>"" and not isnumeric(id) then response.write "" response.end end if %> <% dh=5 maxpagesize=8 '每页显示留言数 Response.Buffer=True Response.Expires = -1 reply=0 modify=0 errormsg="" %> <% action=request.querystring("action") select case action case "userwrite" if request.form("user")="" then errormsg=errormsg&"您忘了填写自己的名字了!"&"

" end if if request.form("content")="" then errormsg=errormsg&"您没有填写留言信息!"&"

" end if if request.form("email")="" then errormsg=errormsg&"您没有填写邮箱!"&"

" end if verifycode=request.Form("verifycode") if IsNumeric(verifycode) then verifycode=cint(verifycode) else verifycode=0 if verifycode<>cint(session("numcode")) then errormsg=errormsg&"验证码输入有误!"&"

" end if if errormsg="" then set rs=Server.CreateObject("ADODB.Recordset") sql="select * from guestbook where User='"&request.form("user")&"'" rs.open sql,conn,1,3 if not rs.eof then if rs("pwd")<>md5(request.form("pwd")) then errormsg=errormsg&"该名字已被保留!"&"

" else rs.addnew rs("User")=code(request.form("User")) rs("email")=code(request.form("email")) rs("content")=code(request.form("content")) rs("sex")=code(request.form("sex")) secret=request.form("secret") rs("from")=Request.ServerVariables("REMOTE_ADDR") if secret<>1 then secret=0 rs("secret")=secret rs("pwd")=md5(request.form("pwd")) mdate=date()&" "&time() rs("Mdate")=mdate rs.update set rs=nothing response.Redirect "index.asp" response.end end if else rs.addnew rs("User")=code(request.form("User")) rs("email")=code(request.form("email")) rs("content")=code(request.form("content")) rs("sex")=code(request.form("sex")) secret=request.form("secret") rs("from")=Request.ServerVariables("REMOTE_ADDR") if secret<>1 then secret=0 rs("secret")=secret rs("pwd")=md5(request.form("pwd")) mdate=date()&" "&time() rs("Mdate")=mdate rs.update set rs=nothing response.Redirect "index.asp" response.end end if end if case "delete" if request.cookies("administrator")="admin" then MessageID=request.querystring("MessageID") set rs=Server.CreateObject("ADODB.Recordset") sql="delete * from guestbook where MessageID="&MessageID&"" rs.open sql,conn,1,3 set rs=nothing end if case "reply" if request.cookies("administrator")="admin" then reply=1 end if case "replyok" if request.cookies("administrator")="admin" then MessageID=request.querystring("MessageID") set rs=Server.CreateObject("ADODB.Recordset") sql="select * from guestbook where MessageID="&MessageID&"" rs.open sql,conn,1,3 rs("Reply")=code_admin(request.form("reply")) Rdate=date()&" "&time() rs("Rdate")=Rdate rs.update set rs=nothing end if case "ontop" if request.cookies("administrator")="admin" then MessageID=request.querystring("MessageID") set rs=Server.CreateObject("ADODB.Recordset") sql="select * from guestbook where MessageID="&MessageID&"" rs.open sql,conn,1,3 rs("ontop")=code_admin(request.form("ontop")) rs.update set rs=nothing end if case "modify" if request.cookies("administrator")="admin" then modify=1 end if case "modifyok" if request.cookies("administrator")="admin" then MessageID=request.querystring("MessageID") set rs=Server.CreateObject("ADODB.Recordset") sql="select * from guestbook where MessageID="&MessageID&"" rs.open sql,conn,1,3 rs("Reply")=code_admin(request.form("reply")) Rdate=date()&" "&time() rs("Rdate")=Rdate rs.update set rs=nothing end if end select %> golf oilpaintings made in china人体油画几何装饰画名画复制画框批发零售广州维美油画中心留言本 <% txt=500 '留言的最大字数 %>
油画 oil paintings
首 页 维美简介油画展示油画价格购买方法运输办法联系方式留言本English

  签写留言
* 名字:
密码:  保留用户
* 邮箱: 悄悄话
* 验证:  
* 留言内容:
最多字数: > 已用字数: 剩余字数: >
  查看留言
<% if errormsg<>"" then errormsgbox() response.end end if set rs=Server.CreateObject("ADODB.Recordset") if reply=1 then sql="select * from guestbook where MessageID="&request.querystring("MessageID")&"" rs.open sql,conn,1,3 guestbookbox(reply) elseif modify=1 then sql="select * from guestbook where MessageID="&request.querystring("MessageID")&"" rs.open sql,conn,1,3 guestbookbox(modify) else sql="select * from guestbook order by MessageID desc" rs.open sql,conn,1,3 if not rs.eof then rs.pagesize=maxpagesize ipagecount=rs.pagecount if len(request.querystring("page"))=0 then curpage=1 else curpage=cint(request.querystring("page")) end if rs.absolutepage=curpage strurl="" ii=0 do until rs.eof or ii=maxpagesize guestbookbox(show) ii=ii+1 rs.movenext loop %>
<% showpagebar ipagecount,curpage,strurl %>
<% end if end if %>
  <% select case action case "modpassed" checkadmin User=htmlencode(request.form("User")) oldpass=md5(request.form("oldpass")) newpass=md5(request.form("newpass")) newpass2=md5(request.form("confirm")) sub Checkpass(password) set rs=conn.execute("SELECT * FROM [Admin] WHERE user='"&session("Admin")&"' AND pass='"&password&"'") if rs.eof then response.write "" response.end end if end sub Checkpass oldpass if newpass="" then response.write "" response.end end if if newpass<>newpass2 then response.write "" response.end end if conn.execute("update [Admin] SET pass='"&newpass&"' WHERE user='"&session("Admin")&"'") session("Admin")=User response.write "" response.end case "logout" response.write "" response.cookies("administrator")="" response.end case "logout" response.write "" response.cookies("administrator")="" response.end case "logincheck" User=htmlencode(request.form("User")) password=md5(request.form("password")) function CheckLogin(User,password) set rs=conn.execute("SELECT * FROM [admin] WHERE user='"&User&"' AND pass='"&password&"'") if not rs.eof then session("admin")=rs("user") response.write "" response.cookies("administrator")="admin" response.end else response.write "" response.end end if end function CheckLogin User,password case "login" %>
管理员登录
管理员:
密  码:
    



<% case "modpass" checkadmin %>
登录帐号修改
登录名: " size="20" maxlength="16" readonly class="input">
旧密码:
新密码:
确  认:
    
<% end select %>
网络搜索 友情链接艺术评论投稿方法壁画制作内框绷法画家笑话油画常识设为首页

电话/传真:0086 20 84056091   手机: 0086 13556123858   联系人:林明   网址: http://www.oilpainting-china.com
邮编:510310  地址:广州市海珠区大塘聚德西路汇源新街2巷4号1楼  QQ:103504405  Email: 020@oilpainting-china.com
OILPAINTING-CHINA.COM 版权所有 © 2007
Rss
粤ICP备06053743号   邮箱登录
<% sub showpagebar(totalpage,curpage,strurl) dim strpage crupage=getvalidpageno(totalpage,curpage) response.write "" response.write "
" response.write "页数:"&curpage&"/"&totalpage&" " if instr(strurl,"?")=0 then strpage="?page=" else strpage="&page=" end if if curpage>1 then response.write " [第一页] " else response.write " [第一页] " end if if curpage>=2 then response.write " [上一页] " else response.write " [上一页] " end if if cint(curpage)下一页] " else response.write " [下一页] " end if if cint(curpage)<>cint(totalpage) then response.write " [最末页] " else response.write " [最末页] " end if if request.cookies("administrator")="admin" then response.write "
" else response.write "管理留言" end if end sub function getvalidpageno(pagecount,curpage) dim ipage ipage=curpage if cint(curpage)<1 then ipage=1 end if if cint(ipage)>cint(pagecount) then ipage=pagecount end if getvalidpageno=ipage end function Function code(strers) strer=strers strer=replace(strer,"<","<") strer=replace(strer,">",">") strer=replace(strer," "," ") strer=replace(strer,CHR(9)," ") strer=replace(strer,CHR(32)," ") strer=replace(strer,CHR(13),"
") strer=replace(strer,vbCrlf,"
") strer=replace(strer,"'","'") strer=replace(strer,"""",""") code=strer end function Function code_admin(strers) strer=strers strer=replace(strer,vbCrlf,"
") code_admin=strer end function Function recode_admin(strers) strer=strers strer=replace(strer,"
",vbCrlf) recode_admin=strer end function function guestbookbox(action)%>
<%if request.cookies("administrator")="admin" then%> <% end if%>
第<%=rs("messageid")%>条留言:" ><%=rs("user")%>(<%=rs("sex")%>)于 <%=rs("MDate")%> 说:
IP:" class="input"> [')" >删除] <% if rs("reply")<>"" then %>[回复] [" >修改] <% else %> [" >回复] <%end if%> [">置顶] [注销] [密码]
<% if rs("secret")=0 then%><%=rs("content")%><% else %><% if request.cookies("administrator")="admin" then%><%=rs("user")%> 说的悄悄话:
<%=rs("content")%><%else%>悄悄话... <% end if end if %>
<% if reply=1 then replybox(reply) elseif modify=1 then replybox(modify) elseif rs("reply")<>"" then replybox(show) end if %>
<%end function function replybox(action) %> <% if action=show then%> <% elseif action=reply then%>"> <% elseif action=modify then%> "> <% end if %>
站长回复 <% if action<>show then %>可以使用HTML标记 <% end if %> <%if action<>show then%> <%end if%>[<%=rs("RDate")%>]
<% if action=show then%> <%=rs("reply")%> <% elseif action=reply then%> <% elseif action=modify then%> <% end if %>
<% end function sub errormsgbox() %>
发生错误了!

<%=errormsg%>
<% end sub %>