%
Dvbbs.LoadTemplates("paper_even_toplist")
Dim Rs,Sql,i,TempStr,isshow,cansmallpaper
Select Case Request("t")
Case "toplist"
Show_Toplist()
Case "even"
Show_Even()
Case "paper"
Show_Paper()
Case "smallpaper"
Show_SmallPaper()
Case Else
Show_Toplist()
End Select
Dvbbs.ActiveOnline()
Dvbbs.Footer()
Sub Show_Toplist()
Dvbbs.stats=template.Strings(6)
If Dvbbs.GroupSetting(1)="0" Then Dvbbs.AddErrCode(64)
Dvbbs.ShowErr()
Dim Page,Orders,ordername,Rs,SQL,keyword
Dim select1,select2,select3,select4,select5,select6,select7,select8
Dim TempStr,TempStr1,TempStr2,TempStr3,TempArray,TopTempArray
Dim TotalRec,i,Pcount
TotalRec=0
Page=request("page")
If Page="" Or Not IsNumerIc(Page) Then Page=1
Page=Clng(Page)
If Not IsNumerIc(request("orders")) Or request("orders")="" Then
Orders=1
Else
Orders=Cint(request("orders"))
End If
keyword=Request("keyword")
If keyword<>"" Then keyword = Dvbbs.CheckStr(keyword)
If Dvbbs.Forum_Setting(17)="0" Then keyword = ""
TempStr = template.html(7)
TopTempArray = Split(template.html(9),"||")
If Dvbbs.Forum_Setting(17)="1" Then
TempStr = Replace(TempStr,"{$isusersearch}",TopTempArray(4))
TempStr = Replace(TempStr,"{$keyword}",keyword)
Else
TempStr = Replace(TempStr,"{$isusersearch}","")
End If
SQL="username,useremail,userclass,UserIM,UserPost,JoinDate,userwealth,userid"
Select Case orders
Case 1
orders=1
ordername=Replace(template.Strings(7),"{$toplistnum}",Dvbbs.Forum_Setting(68))
select1="selected"
If keyword<>"" Then keyword = " Where UserName='"&keyword&"'"
SQL="select top "&Dvbbs.Forum_Setting(68)&" "&SQL&" from [dv_user] "&keyword&" order by UserPost desc"
If Dvbbs.Forum_Setting(31)="0" Then Response.redirect "showerr.asp?ErrCodes=
"&template.Strings(12)&"&action=OtherErr"
Case 2
orders=2
ordername=template.Strings(8)
select2="selected"
If keyword<>"" Then keyword = " Where UserName='"&keyword&"'"
SQL="select top "&Dvbbs.Forum_Setting(68)&" "&SQL&" from [dv_user] "&keyword&" order by JoinDate desc"
If Dvbbs.Forum_Setting(31)="0" Then Response.redirect "showerr.asp?ErrCodes="&template.Strings(12)&"&action=OtherErr"
Case 3
orders=3
ordername=Replace(template.Strings(9),"{$toplistnum}",Dvbbs.Forum_Setting(68))
select3="selected"
If keyword<>"" Then keyword = " Where UserName='"&keyword&"'"
SQL="select top "&Dvbbs.Forum_Setting(68)&" "&SQL&" from [dv_user] "&keyword&" order by userwealth desc"
If Dvbbs.Forum_Setting(31)="0" Then Response.redirect "showerr.asp?ErrCodes="&template.Strings(12)&"&action=OtherErr"
Case 7
orders=7
ordername=template.Strings(10)
select7="selected"
If keyword<>"" Then keyword = " Where UserName='"&keyword&"'"
SQL="select "&SQL&" from [dv_user] "&keyword&" order by userid desc"
If Dvbbs.Forum_Setting(27)="0" Then Response.redirect "showerr.asp?ErrCodes="&template.Strings(14)&"&action=OtherErr"
Case 8
orders=8
ordername=template.Strings(11)
select8="selected"
If keyword<>"" Then keyword = " And UserName='"&keyword&"'"
SQL="select "&SQL&" from [dv_user] where usergroupid<=3 "&keyword&" order by usergroupid,UserPost desc"
If Dvbbs.Forum_Setting(18)="0" Then Response.redirect "showerr.asp?ErrCodes="&template.Strings(13)&"&action=OtherErr"
Case Else
orders=1
ordername=Replace(template.Strings(7),"{$toplistnum}",Dvbbs.Forum_Setting(68))
select1="selected"
If keyword<>"" Then keyword = " Where UserName='"&keyword&"'"
SQL="select top "&Dvbbs.Forum_Setting(68)&" "&SQL&" from [dv_user] "&keyword&" order by UserPost desc"
If Dvbbs.Forum_Setting(31)="0" Then Response.redirect "showerr.asp?ErrCodes="&template.Strings(12)&"&action=OtherErr"
End Select
Dvbbs.Stats = ordername
Dvbbs.Nav()
Dvbbs.ShowErr()
Dvbbs.Head_var 0,0,template.Strings(6),"InfoList.asp?t=toplist"
Set Rs=Dvbbs.Execute("Select Forum_PostNum,Forum_UserNum From Dv_Setup")
TempStr = Replace(TempStr,"{$postnum}",Rs(0))
TempStr = Replace(TempStr,"{$usernum}",Rs(1))
If Orders=7 and keyword="" Then
TotalRec=Rs(1)
If IsSqlDataBase=1 And IsBuss=1 Then
Dim Cmd
Set cmd = Server.CreateObject("ADODB.Command")
Set cmd.ActiveConnection=conn
cmd.CommandText="dv_toplist"
cmd.CommandType=4
cmd.Parameters.Append cmd.CreateParameter("@pagenow",3)
cmd.Parameters.Append cmd.CreateParameter("@pagesize",3)
cmd.Parameters.Append cmd.CreateParameter("@reture_value",3,2)
cmd.Parameters.Append cmd.CreateParameter("@intUserRecordCount",3,2)
cmd("@pagenow")=Page
cmd("@pagesize")=Cint(Dvbbs.Forum_Setting(11))
If Not IsObject(Conn) Then ConnectionDatabase
Set Rs=Cmd.Execute
Else
Set Rs=Server.CreateObject("ADODB.RecordSet")
If Not IsObject(Conn) Then ConnectionDatabase
Rs.Open SQL,Conn,1,1
If Not Rs.Eof Then TotalRec=Rs.RecordCount
End If
Else
Set Rs=Server.CreateObject("ADODB.RecordSet")
If Not IsObject(Conn) Then ConnectionDatabase
Rs.Open SQL,Conn,1,1
If Not Rs.Eof Then TotalRec=Rs.RecordCount
End If
Dvbbs.SqlQueryNum = Dvbbs.SqlQueryNum + 1
If Rs.Eof And Rs.Bof Then
TempStr = Replace(TempStr,"{$toplistloop}",TopTempArray(0))
TempStr = Replace(TempStr,"{$pagelist}","")
Else
If TotalRec Mod Dvbbs.Forum_Setting(11)=0 Then
Pcount= TotalRec \ Dvbbs.Forum_Setting(11)
Else
Pcount= TotalRec \ Dvbbs.Forum_Setting(11)+1
End If
If Not (IsSqlDataBase=1 And Orders=7 And IsBuss=1) Then
RS.MoveFirst
if Page > Pcount then Page = Pcount
if Page < 1 then Page=1
RS.Move (Page-1) * Dvbbs.Forum_Setting(11)
SQL=Rs.GetRows(Dvbbs.Forum_Setting(11))
Else
SQL=Rs.GetRows(-1)
End If
Set Rs=Nothing
'username=0,useremail=1,userclass=2,UserIM=3,UserPost=4,JoinDate=5,userwealth=6,userid=7
TempStr1 = template.html(8)
For i = 0 To Ubound(SQL,2)
TempStr2 = TempStr1
TempArray = Split(Dvbbs.HtmlEncode(Replace(SQL(3,i)&"","'","\'")),"|||")
TempStr2 = Replace(TempStr2,"{$userid}",SQL(7,i))
TempStr2 = Replace(TempStr2,"{$username}",Dvbbs.HtmlEncode(SQL(0,i)))
TempStr2 = Replace(TempStr2,"{$adddate}",SQL(5,i)&"")
TempStr2 = Replace(TempStr2,"{$userclass}",SQL(2,i)&"")
REM 修正文章数NULL值出错问题 2004-5-21 Dv.Yz
TempStr2 = Replace(TempStr2,"{$article}",SQL(4,i)&"")
TempStr2 = Replace(TempStr2,"{$wealth}",SQL(6,i))
If Ubound(TempArray)>1 Then
TempStr2 = Replace(TempStr2,"{$homepage}",TempArray(0))
TempStr2 = Replace(TempStr2,"{$oicq}",TempArray(1))
TempStr2 = Replace(TempStr2,"{$site}",Dvbbs.Forum_Info(0))
Else
TempStr2 = Replace(TempStr2,"{$homepage}","")
TempStr2 = Replace(TempStr2,"{$oicq}","")
TempStr2 = Replace(TempStr2,"{$site}","")
End If
TempStr3 = TempStr3 & TempStr2
Next
If IsSqlDataBase=1 And Orders=7 And keyword="" And IsBuss=1 Then
TotalRec=cmd("@intUserRecordCount")
If TotalRec Mod Dvbbs.Forum_Setting(11)=0 Then
Pcount= TotalRec \ Dvbbs.Forum_Setting(11)
Else
Pcount= TotalRec \ Dvbbs.Forum_Setting(11)+1
End If
Set Cmd = Nothing
End If
TempStr = Replace(TempStr,"{$toplistloop}",TempStr3)
TempStr = Replace(TempStr,"{$pagelist}",template.html(3))
TempStr = Replace(TempStr,"{$page}",page)
TempStr = Replace(TempStr,"{$Pcount}",Pcount)
TempStr = Replace(TempStr,"{$action}","t=toplist&")
TempStr = Replace(TempStr,"{$keyword}",Request("keyword"))
TempStr = Replace(TempStr,"{$width}",Dvbbs.mainsetting(0))
TempStr = Replace(TempStr,"{$alertcolor}",Dvbbs.mainsetting(1))
TempStr = Replace(TempStr,"{$pagelimited}",Dvbbs.Forum_Setting(11))
TempStr = Replace(TempStr,"{$listnum}",totalrec)
TempStr = Replace(TempStr,"{$boardid}","0&orders="&orders)
TempStr = Replace(TempStr,"{$oicqpic}",template.pic(1))
TempStr = Replace(TempStr,"{$homepagepic}",template.pic(2))
TempStr = Replace(TempStr,"{$msgpic}",template.pic(3))
'管理团队
If Dvbbs.Forum_Setting(18)<>"0" Then
TempStr = Replace(TempStr,"{$myselect3}",TopTempArray(3))
Else
TempStr = Replace(TempStr,"{$myselect3}","")
End If
'用户排行
If Dvbbs.Forum_Setting(31)<>"0" Then
TempStr = Replace(TempStr,"{$myselect1}",TopTempArray(1))
Else
TempStr = Replace(TempStr,"{$myselect1}","")
End If
'所有用户
If Dvbbs.Forum_Setting(27)<>"0" Then
TempStr = Replace(TempStr,"{$myselect2}",TopTempArray(2))
Else
TempStr = Replace(TempStr,"{$myselect2}","")
End If
TempStr = Replace(TempStr,"{$ordername}",ordername)
TempStr = Replace(TempStr,"{$pagelistnum}",Dvbbs.Forum_Setting(11))
TempStr = Replace(TempStr,"{$select1}",select1)
TempStr = Replace(TempStr,"{$select2}",select2)
TempStr = Replace(TempStr,"{$select3}",select3)
TempStr = Replace(TempStr,"{$select7}",select7)
TempStr = Replace(TempStr,"{$select8}",select8)
Response.Write TempStr
End If
End Sub
Sub Show_Paper()
If dvbbs.boardid=0 Then
dvbbs.stats=template.Strings(0)
Dvbbs.Nav()
Dvbbs.Head_var 2,0,"",""
Else
dvbbs.stats=template.Strings(1)
Dvbbs.Nav()
Dvbbs.Head_var 1,Application(Dvbbs.CacheName&"_boardlist").documentElement.selectSingleNode("board[@boardid='"&Dvbbs.BoardID&"']/@depth").text,"",""
End If
If Not(Dvbbs.boardmaster or Dvbbs.master or Dvbbs.superboardmaster) Then Response.redirect "showerr.asp?ErrCodes=只有管理员才能登录。&action=OtherErr"
'If Dvbbs.Forum_Setting(56)=0 Then Dvbbs.AddErrCode(52)
Dvbbs.ShowErr()
If request("action")="delpaper" Then
call batch()
Else
call boardpaper()
End If
Dvbbs.ShowErr()
End Sub
Sub Show_Even()
isshow=False
If Dvbbs.BoardID=0 then
Dvbbs.stats=template.Strings(4)
Dvbbs.nav()
Dvbbs.Head_var 2,0,"",""
Else
Dvbbs.stats=template.Strings(5)
Dvbbs.nav()
Dvbbs.Head_var 1,Application(Dvbbs.CacheName&"_boardlist").documentElement.selectSingleNode("board[@boardid='"&Dvbbs.BoardID&"']/@depth").text,"",""
End If
If Cint(Dvbbs.GroupSetting(39))=0 And Not Dvbbs.master Then Dvbbs.AddErrCode(55)
Dvbbs.ShowErr
boardeven()
End Sub
Sub Show_SmallPaper()
cansmallpaper=false
Dvbbs.stats=Template.Strings(16)
GetBoardPermission
Dvbbs.Nav
Dvbbs.ShowErr()
If Cint(Dvbbs.GroupSetting(17))=0 then
Response.redirect "showerr.asp?ErrCodes="&template.Strings(18)&"&action=OtherErr"
Else
If Dvbbs.userid=0 then
Dvbb.membername=Template.Strings(19)
End If
cansmallpaper=True
End If
Dvbbs.ShowErr()
If Request("action")="savepaper" then
SavePaper
Else
SmallPaper_Main
End If
End Sub
Sub boardpaper()
Dim totalrec
Dim n
Dim currentpage,page_count,Pcount
Pcount=0
totalrec=0
currentPage=request("page")
If currentpage="" Or not IsNumeric(currentpage) Then
currentpage=1
Else
currentpage=clng(currentpage)
End If
Dim TempArray,TempStr1,TempStr2,TempStr3
TempStr = template.html(0)
TempArray = Split(template.html(1),"||")
TempStr2 = template.html(2)
If Dvbbs.GroupSetting(27)="1" Then TempStr = Replace(TempStr,"{$manageinfo}",TempArray(2))
TempStr = Replace(TempStr,"{$manageinfo}","")
set rs=server.createobject("adodb.recordset")
If dvbbs.boardid=0 Then
sql="select * from dv_smallpaper order by s_addtime desc"
Else
sql="select * from dv_smallpaper where s_boardid="&dvbbs.boardid&" order by s_addtime desc"
End If
If Not IsObject(Conn) Then ConnectionDatabase
rs.open sql,conn,1,1
If rs.bof And rs.eof Then
TempStr1 = TempArray(0)
TempStr = Replace(TempStr,"{$pagelist}","")
Else
rs.PageSize = Dvbbs.Forum_Setting(11)
rs.AbsolutePage=currentpage
page_count=0
totalrec=rs.recordcount
while (not rs.eof) And (not page_count = rs.PageSize)
TempStr3 = TempStr2
TempStr3 = Replace(TempStr3,"{$username}",Dvbbs.HtmlEncode(rs("s_username")))
TempStr3 = Replace(TempStr3,"{$addtime}",rs("s_addtime"))
TempStr3 = Replace(TempStr3,"{$title}",Dvbbs.HtmlEncode(rs("s_title")))
TempStr3 = Replace(TempStr3,"{$boardid}",rs("s_boardid"))
If Dvbbs.GroupSetting(27)="1" Then
TempStr3 = Replace(TempStr3,"{$manageinfo1}",TempArray(1) & rs("s_hits"))
Else
TempStr3 = Replace(TempStr3,"{$manageinfo1}",rs("s_hits"))
End If
TempStr3 = Replace(TempStr3,"{$sid}",rs("s_id"))
TempStr1 = TempStr1 & TempStr3
page_count = page_count + 1
rs.movenext
wend
Pcount=rs.PageCount
rs.close
set rs=nothing
End If
TempStr = Replace(TempStr,"{$paperloop}",TempStr1)
TempStr = Replace(TempStr,"{$pagelist}",template.html(3))
TempStr = Replace(TempStr,"{$page}",currentpage)
TempStr = Replace(TempStr,"{$keyword}",Request.QueryString("keyword"))
TempStr = Replace(TempStr,"{$Pcount}",Pcount)
TempStr = Replace(TempStr,"{$action}","t=paper&")
TempStr = Replace(TempStr,"{$width}",Dvbbs.mainsetting(0))
TempStr = Replace(TempStr,"{$alertcolor}",Dvbbs.mainsetting(1))
TempStr = Replace(TempStr,"{$pagelimited}",Dvbbs.Forum_Setting(11))
TempStr = Replace(TempStr,"{$listnum}",totalrec)
Response.Write TempStr
%>
<%
End Sub
Sub batch()
Dim sid,fixid
Dim adminpaper
adminpaper=False
If dvbbs.userid=0 Then
Dvbbs.AddErrCode(34)
End If
If (dvbbs.master Or dvbbs.superboardmaster Or dvbbs.boardmaster) And Cint(dvbbs.GroupSetting(27))=1 Then
adminpaper=True
Else
adminpaper=False
End If
If dvbbs.UserGroupID>3 And Cint(dvbbs.GroupSetting(27))=1 Then
adminpaper=True
End If
If dvbbs.FoundUserPer And Cint(dvbbs.GroupSetting(27))=1 Then
adminpaper=True
ElseIf dvbbs.FoundUserPer And Cint(dvbbs.GroupSetting(27))=0 Then
adminpaper=False
End If
If not adminpaper Then
Dvbbs.AddErrCode(28)
End If
If request.form("sid")="" Then
Dvbbs.AddErrCode(35)
Else
sid=replace(request.Form("sid"),"'","")
sid=replace(sid,";","")
sid=replace(sid,"--","")
sid=replace(sid,")","")
fixid=replace(sid," ","")
fixid=replace(fixid,",","")
If Not IsNumeric(fixid) Then
Dvbbs.AddErrCode(35)
Exit Sub
End If
End If
If dvbbs.ErrCodes<>"" Then exit Sub
Dvbbs.Execute("delete from dv_smallpaper where s_id in ("&sid&")")
LoadBoardNews_Paper()
Dvbbs.Dvbbs_Suc(template.Strings(2))
Dvbbs.Execute("Insert Into Dv_Log (l_AnnounceID,l_BoardID,l_touser,l_username,l_content,l_ip,l_type) values (0,"&Dvbbs.BoardID&",'小字报','" & Dvbbs.MemberName & "','在 "&Dvbbs.boardtype&"删除小字报','" & Dvbbs.userTrueIP & "',3)")
End Sub
Sub boardeven()
Dim currentpage,page_count,Pcount
Dim endpage
Dim totalrec
totalrec=0
currentPage=request("page")
If currentpage="" Or Not IsNumeric(currentpage) Then
currentpage=1
Else
currentpage=clng(currentpage)
End If
Dim TempStr,TempStr1,TempStr2,TempStr3
Dim TempArray
TempStr = template.html(5)
TempArray = Split(template.html(6),"||")
TempStr2 = TempArray(1)
Dim keyword,addstr
If Dvbbs.Master Or Dvbbs.Superboardmaster Then
keyword=Dvbbs.Checkstr(Request("keyword"))
If keyword<>"" Then
addstr="and (l_touser like '%"&keyword&"%' Or l_content like '%"&keyword&"%' Or l_username like '%"&keyword&"%')"
End If
End If
Set Rs=Server.CreateObject("ADODB.RecordSet")
If Dvbbs.BoardID>0 Then
sql="select * from dv_log where l_boardid="&DVbbs.BoardID&" and l_type >2 "&addstr&" order by l_addtime desc"
Else
sql="select * from dv_log where l_type > 2 "&addstr&" order by l_addtime desc"
End If
If Not IsObject(Conn) Then ConnectionDatabase
Rs.Open sql,conn,1,1
If rs.bof And rs.eof Then
TempStr1 = TempArray(0)
Else
chkshow()
rs.PageSize = Dvbbs.Forum_Setting(11)
rs.AbsolutePage=currentpage
page_count=0
totalrec=rs.recordcount
While (Not rs.eof) And (Not page_count = rs.PageSize)
TempArray = rs("l_touser") & "||" & rs("l_content") & "||" & rs("l_username")
TempArray = Dvbbs.HtmlEncode(TempArray)
TempArray = Split(TempArray,"||")
TempStr3 = TempStr2
TempStr3 = Replace(TempStr3,"{$username}",TempArray(0))
TempStr3 = Replace(TempStr3,"{$content}",TempArray(1))
TempStr3 = Replace(TempStr3,"{$addtime}",rs("l_addtime"))
If isshow or Dvbbs.MemberName=rs("l_username") Then
TempStr3 = Replace(TempStr3,"{$postuser}",""&TempArray(2)&"")
Else
TempStr3 = Replace(TempStr3,"{$postuser}","保密")
End If
TempStr1 = TempStr1 & TempStr3
page_count = page_count + 1
Rs.Movenext
Wend
End If
If totalrec Mod Dvbbs.Forum_Setting(11)=0 Then
Pcount= totalrec \ Dvbbs.Forum_Setting(11)
Else
Pcount= totalrec \ Dvbbs.Forum_Setting(11)+1
End If
TempStr = Replace(TempStr,"{$evenloop}",TempStr1)
TempStr = Replace(TempStr,"{$pagelist}",template.html(3))
TempStr = Replace(TempStr,"{$page}",currentpage)
TempStr = Replace(TempStr,"{$Pcount}",Pcount)
TempStr = Replace(TempStr,"{$action}","t=even&")
TempStr = Replace(TempStr,"{$width}",Dvbbs.mainsetting(0))
TempStr = Replace(TempStr,"{$alertcolor}",Dvbbs.mainsetting(1))
TempStr = Replace(TempStr,"{$pagelimited}",Dvbbs.Forum_Setting(11))
TempStr = Replace(TempStr,"{$listnum}",totalrec)
TempStr = Replace(TempStr,"{$boardid}",Dvbbs.BoardID)
Dim Searchstr
If Dvbbs.Master Or Dvbbs.Superboardmaster Then
Searchstr=Replace(template.html(11),"{$boardid}",Dvbbs.BoardID)
Searchstr=Replace(Searchstr,"{$keyword}",Request("keyword"))
Response.Write Searchstr
TempStr = Replace(TempStr,"{$keyword}",Request("keyword"))
Else
TempStr = Replace(TempStr,"{$keyword}","")
End If
Response.Write TempStr
Rs.Close
Set Rs=Nothing
End Sub
Sub chkshow()
If Dvbbs.master or Dvbbs.superboardmaster Then
isshow=True
ElseIf Dvbbs.BoardID<>0 Then
If Dvbbs.Board_Setting(36)<>"" and IsNumeric(Dvbbs.Board_Setting(36)) Then
If Cint(Dvbbs.Board_Setting(36))=1 Then
isshow=True
Else
isshow=False
End If
End If
Else
isshow=False
End If
End Sub
Sub SmallPaper_Main()
Dim redcolor,ispass1,ispass2
Dim Tempwrite,SQL
redcolor=Dvbbs.Mainsetting(1)
If Dvbbs.Forum_Setting(35) then
ispass1=Template.Strings(21)
Else
ispass1=Template.Strings(20)
End if
If Dvbbs.Forum_Setting(34) then
ispass2=Template.Strings(21)
Else
ispass2=Template.Strings(20)
End If
If Not IsObject(Conn) Then ConnectionDatabase
Dim tmp
If IsSqlDataBase=1 Then
SQL="delete from Dv_smallpaper where datediff(d,s_addtime,"&SqlNowString&")>1"
Else
SQL="delete from Dv_smallpaper where datediff('d',s_addtime,"&SqlNowString&")>1"
End If
Conn.Execute SQL,tmp
If TMP >0 Or Not IsObject(Application(Dvbbs.CacheName & "_smallpaper")) Then
LoadBoardNews_Paper()
End If
Dvbbs.head_var 1,Application(Dvbbs.CacheName&"_boardlist").documentElement.selectSingleNode("board[@boardid='"&Dvbbs.BoardID&"']/@depth").text,"",""
Tempwrite=Template.html(10)
Tempwrite=Replace(Tempwrite,"{$username}",Dvbbs.HtmlEnCode(Dvbbs.Membername))
Tempwrite=Replace(Tempwrite,"{$password}",Dvbbs.Memberword)
Tempwrite=Replace(Tempwrite,"{$redcolor}",redcolor)
Tempwrite=Replace(Tempwrite,"{$paymoney}",Dvbbs.GroupSetting(46))
Tempwrite=Replace(Tempwrite,"{$ispass1}",ispass1)
Tempwrite=Replace(Tempwrite,"{$ispass2}",ispass2)
Tempwrite=Replace(Tempwrite,"{$boardid}",Dvbbs.Boardid)
Response.Write Tempwrite
End Sub
Sub savepaper()
Dim username
Dim password
Dim title
Dim content
userName=Dvbbs.Checkstr(trim(request.form("username")))
PassWord=Dvbbs.Checkstr(trim(request.form("password")))
title=Dvbbs.Checkstr(trim(request.form("title")))
Content=Dvbbs.Checkstr(request.form("Content"))
If Dvbbs.chkpost=False Then
Dvbbs.AddErrCode(16)
End If
If UserName="" Or Dvbbs.strLength(userName)>Cint(Dvbbs.Forum_setting(41)) Or Dvbbs.strLength(userName) < Cint(Dvbbs.Forum_setting(40)) then
Dvbbs.AddErrCode(66)
End If
If title="" Then
Response.redirect "showerr.asp?ErrCodes="&template.Strings(22)&"&action=OtherErr"
ElseIf Dvbbs.strLength(title)>80 then
Response.redirect "showerr.asp?ErrCodes="&template.Strings(23)&"&action=OtherErr"
End If
If content="" Then
Dvbbs.AddErrCode(80)
ElseIf Dvbbs.strLength(content)>500 then
Response.redirect "showerr.asp?ErrCodes="&template.Strings(24)&"&action=OtherErr"
End If
Dvbbs.ShowErr()
'客人不允许发,验证用户
If cansmallpaper Then
If Not ChkUserLogin(password,username) Then
Dvbbs.AddErrCode(12)
Dvbbs.Showerr()
End If
Dim Rs,SQL
Set Rs=server.createobject("adodb.recordset")
sql="Select userWealth From [Dv_User] Where UserName='"&UserName&"'"
Rs.open sql,conn,1,3
If Not(rs.eof and rs.bof) Then
If CLng(rs("UserWealth"))"&template.Strings(25)&"&action=OtherErr"
Else
rs("UserWealth")=rs("UserWealth")-Cint(Dvbbs.GroupSetting(46))
rs.update
End If
Else
If Dvbbs.userid<>0 or username<>Template.Strings(19) Then
Response.redirect "showerr.asp?ErrCodes="&template.Strings(26)&"&action=OtherErr"
End If
End If
Rs.close:Set Rs=Nothing
End If
Dvbbs.ShowErr()
sql="insert into Dv_smallpaper (s_boardid,s_username,s_title,s_content) values "&_
"("&_
Dvbbs.boardid&",'"&_
username&"','"&_
title&"','"&_
content&"')"
'response.write sql
Dvbbs.execute(sql)
'发表小字报成功后RELOAD缓存
LoadBoardNews_Paper()
Dvbbs.head_var 1,Application(Dvbbs.CacheName&"_boardlist").documentElement.selectSingleNode("board[@boardid='"&Dvbbs.BoardID&"']/@depth").text,"",""
Dvbbs.Dvbbs_suc(""&Template.Strings(27))
End Sub
'检查用户身份
Public Function ChkUserLogin(password,username)
Dim SQL,Rs
ChkUserLogin=False
If PassWord<>Dvbbs.MemberWord Then PassWord=md5(PassWord,16)
'校验用户名和密码是否合法
If Not IstrueName(UserName) Then Dvbbs.AddErrCode(18)
If Len(PassWord)<>16 AND Len(PassWord)<>32 Then Dvbbs.AddErrCode(18)
If UserName=Dvbbs.MemberName Then PassWord=Dvbbs.MemberWord
Dvbbs.ShowErr()
SQL = "Select UserGroupID,userpassword,lockuser,TruePassWord From [Dv_User] Where UserName='"&UserName&"' "
Set Rs=Dvbbs.Execute(SQL)
If Not Rs.EOF Then
If PassWord<>rs(1) And PassWord<>rs(3) Then
ChkUserLogin=False
ElseIf rs(2)=1 or rs(0)=5 Then
ChkUserLogin=False
Else
ChkUserLogin=True
End If
Else
Exit Function
End If:Set Rs = Nothing
End Function
'通用函数
Function IstrueName(uName)
IstrueName=False
If InStr(uName,"=")>0 Then Exit Function
If InStr(uName,"%")>0 Then Exit Function
If InStr(uName,Chr(32))>0 Then Exit Function
If InStr(uName,"?")>0 Then Exit Function
If InStr(uName,"&")>0 Then Exit Function
If InStr(uName,";")>0 Then Exit Function
If InStr(uName,",")>0 Then Exit Function
If InStr(uName,"'")>0 Then Exit Function
If InStr(uName,Chr(34))>0 Then Exit Function
If InStr(uName,chr(9))>0 Then Exit Function
If InStr(uName,"")>0 Then Exit Function
If InStr(uName,"$")>0 Then Exit Function
IstrueName=True
End Function
%>