<% '****************************************************************************************** ' Software name: Max(马克斯) Content Management System ' Version:4.0 ' Web: http://www.maxcms.net ' Author: 石头(maxcms2008@qq.com),yuet,长明,酒瓶 ' Copyright (C) 2005-2009 马克斯官方 版权所有 ' 法律申明:MaxCMS程序所有代码100%原创、未引入任何网上代码,对一切抄袭行为、坚决严肃追究法律责任 '****************************************************************************************** response.Charset="gbk" if gbookStart = 0 then die "留言功能已经关闭" dim CONST_USER,CONST_PWD,timeSpan CONST_USER=gbookuser : CONST_PWD=gbookpwd : timeSpan=gbooktime dim action,page,temp: action = getForm("action", "get") page=getForm("page","get") if isNul(page) then page=1 else if not isNum(page) then echoSaveStr "safe" else page=clng(page) end if if page<1 then page=1 Const CachePage=1 dim templateobj Sub viewmain dim channelTemplatePath,cacheName : channelTemplatePath = "/"&sitePath&"template/"&defaultTemplate&"/"&templateFileFolder&"/gbook.html" set templateobj = mainClassobj.createObject("MainClass.template") templateobj.load channelTemplatePath cacheName="parse_book_" if cacheStart=1 then if cacheObj.chkCache(cacheName) then templateObj.content = cacheObj.getCache(cacheName) else parseBook cacheObj.setCache cacheName,templateObj.content end if else parseBook end if echo replace(replace(templateObj.content,"{gbook:viewLeaveWord}",viewLeaveWord),"{maxcms:runinfo}",getRunTime()) SET templateobj=nothing end sub Sub parseBook with templateObj:.parseTopAndFoot():.parseSelf():.parseGlobal():.content=replaceCurrentTypeId(.content):.content = replace(.content,"{gbook:main}",main):.parseMenuList(""):.parseAreaList():.parseTopicList():.parseVideoList():.parseNewsList():.parseLinkList():.parseIf():end with End Sub Select case action case "add" : leaveWord case "list" : if isLogin then echo replaceStr(leaveWordList,"{maxcms:runinfo}",getRunTime()) else if page<=CachePage then tryDieCacheFile 0,"gbook/"&page temp=leaveWordList:if page<=CachePage then WriteCacheFile 0,"gbook/"&page,temp echo replaceStr(temp,"{maxcms:runinfo}",getRunTime()) end if case "login" : loginLeaveWord case "logout" : logOut case "state" : viewLoginState case "del" : delLeaveWord case "reply" : replyLeaveWord case else:viewmain end Select terminateAllObjects Function main main = "

"&siteName&"留言板

" End Function Function transferSpecialStr(Byval str) dim templateobj:set templateobj = mainClassObj.createObject("MainClass.template") if instr(str,"[URL]")>0 then str=templateobj.regExpReplace(str,"\[URL\](\S+?)\[\/URL\]","$1") else str=templateobj.regExpReplace(str,"(http://\S+)[\s|\n]*","$1") end if set templateobj=nothing transferSpecialStr=str End Function Sub replyLeaveWord if not isLogin then die "err" dim id : id=getForm("id","get") dim m_content : m_content=transferSpecialStr(preventSqlin(getForm("m_replycontent","post"),"filter")) dim m_ip : m_ip=preventSqlin(getIp(),"filter") on error resume next if isNul(id) then die "err" else if not isNum(id) then echoSaveStr "safe" else id=clng(id) end if conn.db "insert into {pre}leaveword(m_replyid,m_content,m_ip) values("&id&",'"&m_content&"','"&m_ip&"')","execute" if err then echo "err" else echo "ok" dim fp:fp="/"&sitepath&"webcache\0\0\0gbook":if isExistFolder(fp) then delFolder fp End Sub Sub delLeaveWord if not isLogin then die "err" dim id : id=getForm("id","get") dim ptype : ptype=clng(preventSqlin(getForm("type","get"),"filter")) on error resume next if isNul(id) then die "err" else if not isNum(id) then echoSaveStr "safe" else id=clng(id) end if if ptype=1 then conn.db "delete from {pre}leaveword where m_id="&id,"execute" else conn.db "delete from {pre}leaveword where m_replyid="&id,"execute" if err then echo "err" else echo "ok" dim fp:fp="/"&sitepath&"webcache\0\0\0gbook":if isExistFolder(fp) then delFolder fp End Sub Function ChleaveWord(x) Dim rg:SET rg=new RegExp rg.ignoreCase=true rg.Global=false rg.Pattern="[\u4e00-\u9fa5]" ChleaveWord=rg.test(x) SET rg=nothing End Function Sub leaveWord if getTimeSpan("lastGbookTime")15 then m_ip=getStrByLen(m_ip,15) CheckBanIP m_ip m_content=encodeHtml(filterDirty(preventSqlin(m_content,"filter"))) if computeStrLen(m_content)>500 then m_content=getStrByLen(m_content,500) CheckBanWords m_content on error resume next m_author=encodeHtml(filterDirty(preventSqlin(getForm("m_author","post"),"filter"))) if computeStrLen(m_author)>20 then m_author=getStrByLen(m_author,20) m_qq=encodeHtml(filterDirty(preventSqlin(getForm("m_qq","post"),"filter"))) if computeStrLen(m_qq)>15 then m_qq=getStrByLen(m_qq,15) m_mail=encodeHtml(filterDirty(preventSqlin(getForm("m_mail","post"),"filter"))) if computeStrLen(m_mail)>30 then m_mail=getStrByLen(m_mail,30) m_addtime=now conn.db "insert into {pre}leaveword(m_author,m_qq,m_mail,m_content,m_ip,m_addtime) values ('"&m_author&"','"&m_qq&"','"&m_mail&"','"&replacedirtyWords(m_content)&"','"&m_ip&"','"&m_addtime&"')","execute" setSession "lastGbookTime",now if err then echo "err" else echo "ok" dim fp:fp="/"&sitepath&"webcache\0\0\0gbook":if isExistFolder(fp) then delFolder fp End Sub Sub logOut session("loginflag")="" End Sub Sub loginLeaveWord dim m_username,m_pwd,m_login on error resume next m_username=preventSqlin(getForm("m_username","post"),"filter") m_pwd=preventSqlin(getForm("m_pwd","post"),"filter") m_login=preventSqlin(getForm("m_login","post"),"filter") if err then echo "err" else if m_username=CONST_USER and m_pwd=CONST_PWD and m_login="ok" then session("loginflag")=CONST_USER&CONST_PWD : echo "ok" else echo "no" end if end if End Sub function leaveWordList dim Qe,ary,n,i,rsObj,lsort,txt set Qe = mainClassobj.createObject("MainClass.DataPage") Qe.Query "SELECT m_id,m_author,m_qq,m_mail,m_content,m_ip,m_addtime FROM {pre}leaveword WHERE m_replyid=0 ORDER BY m_id DESC" Qe.absolutepage=page Qe.pagesize=10 ary = Qe.GetRows() if page > Qe.pagecount then page=Qe.pagecount if Qe.recordcount>0 then n=ubound(ary,2):lsort=n for i=0 to n set rsObj=conn.db("select top 1 m_content,m_ip,m_addtime from {pre}leaveword where m_replyid="&ary(0,i),"records1") txt=txt&"" lsort=lsort-1 next else txt="" end if txt=txt&"
共"&Qe.pagecount&"页" if page=1 then txt=txt&"首页上一页" else txt=txt&"首页上一页" end if dim m,x,y x=page-5:y=page+5 if x<1 then x=1 if y>Qe.pagecount then y=Qe.pagecount for m=x to y if page=m then txt=txt&""&m&" " else txt=txt&" "&m&"" end if next if page=Qe.pagecount then txt=txt&"下一页尾页" else txt=txt&"下一页 尾页" end if txt=txt&"
" set Qe = nothing leaveWordList=txt End function Sub viewLoginState if isLogin then %> 已登陆: 退出 <% else %> 留言管理 <% end if End Sub Function viewLeaveWord dim key : key=server.HTMLEncode(getForm("key","get")) dim mystr: mystr = "" mystr = mystr&"
"&_ "
"&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ "
昵称: "&_ "*
表情:"&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ ""&_ "
内容: *
    
"&_ "
"&_ "
"&_ ""&_ "

" viewLeaveWord = mystr End Function Function isLogin() if session("loginflag")=CONST_USER&CONST_PWD then isLogin=true else isLogin=false End Function Function getBanWords() on error resume next:getBanWords=BanWords End Function Sub CheckBanWords(m_content) if ""&getBanWords="" OR m_content="" then Exit Sub Dim Ban,i,l:Ban=Split(getBanWords,","):l=UBound(Ban) for i=0 to l if Ban(i)<>"" then if InStr(" "&m_content,Ban(i))>0 then die "haveleave" end if next End Sub Function getBanIPS() on error resume next:getBanIPS=BanIPS End Function Sub CheckBanIP(m_ip) if ""&getBanIPS="" then Exit Sub dim x,y,i,l,Ban:Ban=Split(ReplaceStr(getBanIPS," ",""),","):l=UBound(Ban) if InStr(" ,"&getBanIPS&",",","&m_ip&",")>0 then die "havecomment" for i=0 to l if InStr(" "&Ban(i),"*")>0 then x=Split(Ban(i),"."):y=Split(m_ip,".") if UBound(x)=3 then if (x(0)=y(0) OR x(0)="*") AND (x(1)=y(1) OR x(1)="*") AND (x(2)=y(2) OR x(2)="*") AND (x(3)=y(3) OR x(3)="*") then die "haveleave" end if end if elseif Ban(i)=m_ip then die "haveleave" end if next End Sub %>