<% '============================================================================== '软件名称:风讯网站信息管理系统 '当前版本:Foosun Content Manager System(FoosunCMS V3.2SP1) '最新更新:2006.50 '============================================================================== 'Copyright (C) 2002-2004 Foosun.Net All rights reserved. '商业注册联系:028-85098980-601,项目开发:028-85098980-606、609,客户支持:608 '产品咨询QQ:394226379,159410,125114015 '技术支持QQ:315485710,66252421 '项目开发QQ:415637671,655071 '程序开发:四川风讯科技发展有限公司(Foosun Inc.) 'Email:service@Foosun.cn 'MSN:skoolls@hotmail.com '论坛支持:风讯在线论坛(http:/bbs.foosun.net) '官方网站:www.Foosun.cn 演示站点:test.cooin.com '网站通系列(智能快速建站系列):www.ewebs.cn '============================================================================== '免费版本请在程序首页保留版权信息,并做上本站LOGO友情连接 '风讯公司保留此程序的法律追究权利 '============================================================================== Set DBC = New DataBaseClass Set Conn = DBC.OpenConnection() DBC.ConnStr = "DBQ=" + Server.MapPath(UserDBConnectStr) + ";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};" Set UserConn = DBC.OpenConnection() Set DBC = Nothing dim Fs_User set Fs_User = New Cls_User if Request("Newsid")="" and Request("Downloadid")="" Then Response.Write("") Response.End end if Dim TempRsNewsObj,TempFlag,Downloadid,Newsid TempFlag = true Newsid=Replace(Replace(Trim(Request("Newsid")),"'",""),Chr(39),"") Downloadid=Replace(Replace(Trim(Request("Downloadid")),"'",""),Chr(39),"") if Newsid <> "" Then Set TempRsNewsObj = Conn.Execute("Select ReviewTF from FS_News where Newsid='" & Newsid & "'") if Not TempRsNewsObj.Eof then if cint(TempRsNewsObj("ReviewTF")) = 0 then TempFlag = False end if else TempFlag = False end if if TempFlag = False then Response.Write("") Response.End end if elseif Downloadid <> "" Then Set TempRsNewsObj = Conn.Execute("Select ReviewTF from FS_Download where Downloadid='" & Downloadid & "'") if Not TempRsNewsObj.Eof then if cint(TempRsNewsObj("ReviewTF")) = 0 then TempFlag = False end if else TempFlag = False end if if TempFlag = False then Response.Write("") Response.End end if end if if request.Form("action")="add" then if request.Form("NoName")<>"1" then if request.Form("MemName")="" And Request.Cookies("Foosun")("MemName")="" then Response.Write("") Response.End end if if request.Form("Password")="" And Request.Cookies("Foosun")("MemPassword")="" then Response.Write("") Response.End end If Dim t_StrName,t_StrPwd,t_return If Request.Cookies("Foosun")("MemName")="" Or Request.Cookies("Foosun")("MemPassword")="" Then t_StrName = Replace(Replace(trim(request.Form("MemName")),"'",""),Chr(39),"") t_StrPwd = MD5(Replace(Replace(trim(request.Form("Password")),"'","''"),Chr(39),""),16) session("return_url")="" t_return = Fs_User.Login(t_StrName,t_StrPwd) Else t_StrName = Replace(trim(Request.Cookies("Foosun")("MemName")),"'","") t_StrPwd = Replace(trim(Request.Cookies("Foosun")("MemPassword")),"'","") t_return = Fs_User.checkStat(t_StrName,Replace(trim(request.Form("Password")),"'","''")) End If if t_return=False then Response.Cookies("Foosun")("MemName") = "" Response.Cookies("Foosun")("MemPassword") = "" Response.Write("") Response.End end if End if if request.Form("RevContent")="" then Response.Write("") Response.End end if if Len(request.Form("RevContent"))>300 then Response.Write("") Response.End end if set Rs1 = server.CreateObject(G_FS_RS) Sql1 = "select * from FS_Review where 1=0" Rs1.Open Sql1,UserConn,1,3 Rs1.addnew if Request.Form("NoName")="" then Rs1("UserID")=Replace(request("MemName"),"'","''") else Rs1("UserID")="匿名" end if if Newsid <> "" Then Rs1("NewsID")=Replace(Request.form("NewsID"),"'","''") Rs1("Types") = 1 elseif Downloadid <> "" Then Rs1("NewsID") = Replace(Request.form("DownloadID"),"'","''") Rs1("Types") = 2 End if Rs1("Content")=CutBadChar(NoCSSHackInput(Request.form("RevContent"))) If GetConfig(19)=0 then Rs1("Audit") = 1 Else Rs1("Audit") = 0 End if Rs1("IP")=Request.ServerVariables("Remote_Addr") Rs1("AddTime")=now() Rs1("Isv")=1 Rs1.update if Newsid <> "" Then Response.Redirect("NewsReview.asp?Newsid="& Newsid&"") elseif Downloadid <> "" Then Response.Redirect("NewsReview.asp?Downloadid="&Downloadid&"") End if response.end end if strpage=request.querystring("page") if len(strpage)=0 then strpage="1" end if set Rs = server.CreateObject(G_FS_RS) if Newsid <> "" Then Sql = "select * from FS_Review where Newsid='" &Newsid &"' and Types = 1 and isv=1 and Audit=1 order by ID desc" elseif Downloadid <> "" Then Sql = "select * from FS_Review where Newsid='" &Downloadid&"' and Types = 2 and isv=1 and Audit=1 order by ID desc" end if Rs.Open Sql,UserConn,1,1 %> <% = GetConfig(1) %>_____用户评论
新闻/下载评论
<% if Rs.eof and Rs.bof then Response.write "

未找到评论

" Else rs.pagesize=20 rs.absolutepage=cint(strpage) select_count=rs.recordcount select_pagecount=rs.pagecount %> <% for i=1 to rs.pagesize if rs.eof then exit for end if %> <% rs.movenext next %>
·来自:<%=Replace(rs("IP"),Mid(rs("IP"),InstrRev(rs("IP"),".")+1),"**")%> <% if rs("Userid")="匿名" or rs("Userid")="" then Members="匿名用户" else Members= ""&rs("Userid")&"" end if %> <% = Members%> 于<%=rs("AddTime")%>对 <% set Rs1 = server.CreateObject(G_FS_RS) if Newsid <> "" Then Sql1 = "select * from FS_News where NewsId='" &Replace(request("NewsId"),"'","''")&"'" Rs1.Open Sql1,Conn,1,1 Dim NewsPath If GetConfig(21)=1 then NewsPath = Rs1("Path") Else NewsPath = "" End if Dim RsClassObj Set RsClassObj = Conn.execute("Select ClassID,ClassEname,SaveFilePath From FS_NewsClass Where ClassID='"& Replace(Replace(Rs1("ClassID"),"'",""),Chr(39),"")&"'") %> target="_blank"><%=rs1("Title")%> <% rs1.close set rs1=nothing Set RsClassObj= nothing elseif Downloadid <> "" Then Sql1 = "select * from FS_Download where DownloadId='" &Replace(request("DownloadId"),"'","''")&"'" Rs1.Open Sql1,Conn,1,1 Set RsClassObj = Conn.execute("Select ClassID,ClassEname,SaveFilePath From FS_NewsClass Where ClassID='"& Replace(Replace(Rs1("ClassID"),"'",""),Chr(39),"")&"'") %> target="_blank"><%=rs1("Name")%> <% rs1.close set rs1=nothing Set RsClassObj = Nothing End if %> 发表的的评论:
<% if GetConfig(19) = 1 then if RS("Audit") = 1 then Response.Write(rs("Content")) else Response.Write("管理员还没有审核此评论,暂时不显示。") end if else Response.Write(rs("Content")) end if %>
<% response.write"  共"& select_pagecount &"" & select_count &"条记录,本页是第"& strpage &"页。" if int(strpage)>1 then response.Write"   第一页 " response.Write"   上一页 " end if if int(strpage)下一页" response.Write"   最后一页 " end if response.Write"
" end if %>
"> "> 会员名称:
 "> 匿名 ·注册用户 ·忘记密码? ·查看我的评论
密码:
 ">
评论内容:
(最多300个字符)
      

· 尊重网上道德,遵守《全国人大常委会关于维护互联网安全的决定》和《互联网电子公告服务管理规定》及中华人民共和国其他各项有关法律法规。
· 严禁发表危害国家安全、损害国家利益、破坏民族团结、破坏国家宗教政策、破坏社会稳定、侮辱、诽谤、教唆、淫秽等内容的作品 。
· 用户需对自己在使用本站服务过程中的行为承担法律责任(直接或间接导致的)。
· 本论坛版主有权保留或删除其管辖论坛中的任意内容。
· 社区内所有的文章版权归原文作者和本站共同所有,任何人需要转载社区内文章,必须征得原文作者或本站授权。

· 本贴提交者发言纯属个人意见,与本网站立场无关。