<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>留言信息板</title>
<style type="text/css">
<!--
A:link,
A:Visited {text-decoration:none; color:#0000CC}
A:hover { text-decoration:underline; color: #FFFFCC}
.style1{font-size:13px; color:#000000}
.style2{font-size:12px; color:#000099}
.style3{font-size:13px; color:#3366FF}
.style4{font-size:16px; color:#FFFFFF}
-->
</style>
<script type="text/javascript" language="javascript">
<!--
function checktext()
{
var str = document.forms[0].gContent.value;
if (str.length==0 || str.substring(0,13)=="您还没有留言,请在这里留言"){
document.forms[0].gContent.value = "您还没有留言,请在这里留言";
return false;
}
var i=1;
for (i=1;i<5;i++){
if (str.substring(0,i)!=" ")
document.forms[0].gContent.value = " "+str; //缩紧文本内容
}
if (str.length >= 1000){
if (confirm("留言不能超过1000个字/r/n/r/n按/"确定将/"只保留1000个字,你也可以按/"取消/"重新编辑或分2次留言")){
return true;}
else{
return false;}
}
//Email要么不添,要填就填对
if (document.forms[0].gEmail.value.length == 0 || (/^[0-9a-zA-Z_-]+@[0-9a-zA-Z_-]+/.[0-9a-zA-Z_-]+$/).test(document.forms[0].gEmail.value))
return true;
else{
alert("Email 地址格式错误,例:yourname@company.com");
return false;
}
}
function cleanValue(objName) {
if (objName.value.substring(0,5)== "请输入姓名" ||
objName.value.substring(0,13)== "您还没有留言,请在这里留言")
objName.value="";
}
function setValue(objName) {
if (objName.value=="")
objName.value="请输入姓名";
}
//-->
</script>
</head>
<body>
<% Function Debug(Message)
Response.Write("出错了:<font color=#FF0000><b>" & Message & "</b></font><br><br>请详细查看错误信息后,按“确定”返回.<br><br><br><input type=button value=确定 OnClick=history.back();>")
Response.End()
End Function
Function Deal(exp1)
dim exp2
exp2=Replace(exp1,"<","<")
exp2=Replace(exp2,">",">")
exp2=Replace(exp2," "," ")
exp2=Replace(exp2,Chr(13),"<BR>")
Deal=exp2
End Function
'连接数据库,读出记录集
Dim DBConn,strConn
Set DBConn=Server.CreateObject("ADODB.Connection")
strConn="Provider=Microsoft.Jet.OLEDB.4.0;User ID=Admin;Data Source="& Server.MapPath("../Database/Exercise.asp") &";"
DBConn.Open strConn
'服务端验证数据
If Request.Form("task")="Insert" then
'检验留言的验证码
If Trim(Request.Form("validatecode"))=Empty Or Trim(Session("ValidCode"))<>Trim(Request.Form("validatecode")) Then
debug("请注意正确输入验证码!")
End if
Dim gName,gEmail,gDate,gContent
if Request.Form("gName")="" or Request.Form("gName")="请输入姓名" then
gName = "Guest"
elseif Request.Form("gName")="debug.zouyi" then '请修改或取消拥有高级身份登陆的内部后门
response.Write(request("gContent"))
response.Write("<font color=#FF0000>欢迎<b>管理员</b>登陆</font><br><br>")
response.End()
else
gName = Request.Form("gName")
gName = Deal(gName)
if len(gName) < 16 then
gName=Left(gName,16)
end if
end if
if Request.Form("gEmail")="" then
gEmail = "None"
else
gEmail = Request.Form("gEmail")
gEmail = Deal(gEmail)
end if
gDate = Now
if Request.Form("gContent")="" then
Debug("请输入留言")
else
gContent = Request("gContent")
if len(gContent) > 1000 then
gContent=left(gContent,1000)
end if
gContent = Deal(gContent)
end if
Dim sqlComm
sqlComm = "INSERT INTO GuestBook([IPAddress],[Name],[Email],[Date],[Content]) VALUES ('" & _
Request("REMOTE_ADDR") & "','" & gName & "','" & gEmail & "','" & gDate & _
"','" & gContent & "')"
DBConn.Execute(sqlComm)
End if
'读记录列表显示
Dim rs,RowCount
Set rs = Server.CreateObject("ADODB.RecordSet")
On error resume next
rs.Open "SELECT * From GuestBook order by Date DESC",DBConn,1,1
rs.Pagesize = 10
rs.AbsolutePage = 1
if Request("page") <> "" then rs.AbsolutePage = Request("page")
RowCount = rs.Pagesize
Set DBConn = Nothing
DBConn.Close '关闭数据库
%>
<table width="795" border="0" cellspacing="0">
<tr>
<td align="center"> </td>
</tr>
<tr>
<td align="center">
<%
if rs.PageCount > 1 then '网页头部显示
response.Write("<tr align=right bgcolor=#00CCFF class=style1><td>留言分页")
for i = 1 to rs.pagecount
response.Write(" <a href=" & Request("Script_Name") & "?page=" & i & "><b>" & i & "</b></a> ")
Next
response.Write("<td></td></td></tr>")
end if
Do While Not rs.EOF and RowCount > 0 '中间显示
If rs("Email") <> "None" then
lEmail = "<a href=mailto:" & rs("Email") & ">" & rs("Email") & "</a>"
else
lEmail = "None"
end if
Response.Write ( _
"<tr align=left bgcolor=#E1E1E1 class=style1><td>这是 <b>" & rs("Name") & _
" </b>于 " & rs("Date") & _
" 的留言,他的邮件地址是 " & lEmail & _
"</td><td align=right><a href=#> [删除]</td></tr>" & _
"<tr><td class=style2>" & rs("Content") & "</td></tr>")
RowCount=RowCount - 1
rs.Movenext
Loop
if rs.PageCount > 1 then
response.Write("<tr align=right bgcolor=#00CCFF class=style1><td>留言分页")
for i = 1 to rs.pagecount
response.Write(" <a href=" & Request("Script_Name") & "?page=" & i & "><b>" & i & "</b></a> ")
Next
response.Write("<td></td></td></tr>")
end if
Set rs=Nothing
rs.Close
%></td>
<tr>
<td align="center"> </td>
</tr>
<tr>
<td height="262" align=center valign="top"><form method="post" action="<%=Request("SCRIPT_NAME")%>" onSubmit="return(checktext());">
<table width="447" height="251" border="2" align="center" cellspacing="0" bordercolor="#CCCCFF" bgcolor="#CCCCFF" class="style3">
<tr align="center" valign="middle" bgcolor="#6699FF">
<td height="24" colspan="3"><table width="440" border="0" cellspacing="0" height="20" align="left">
<tr>
<td width="369" height="20" align="left" class="style4">zouyi.NET 来宾留言</td>
<td width="69" align="right" valign="middle"><img name="top" src="images/Button_iFrameTop.gif" width="20" height="18" alt="" onClick=""><img name="cw" src="images/Button_CloseWindow.gif" width="20" height="18" alt="" onClick="javascript:window.opener=null;window.close();"></td>
</tr>
</table> </td>
</tr>
<tr>
<td width="72" height="23" align=left>您的姓名:</td>
<td width="363" colspan="2" align=left><input type="hidden" name="task" value="Insert"><input name="gName" type="text" class="style3" onBlur="setValue(this);" onClick="this.focus();cleanValue(this);" value="请输入姓名" maxlength="16">
验证码
<input name="validatecode" type="text" size='5' maxlength="4"> <img src="CreateImage.asp" width="45" height="17" border="0" align="absmiddle"></td>
</tr>
<tr>
<td align=left height="17">邮件:</td>
<td colspan="2" align=left><input type="text" name="gEmail" OnClick="this.focus();cleanValue(this);">
<%response.Write("留言时间:" & Now)%>
</td>
</tr>
<tr>
<td align=left height="59">内容:</td>
<td colspan="2" align=left><textarea name="gContent" cols="50" rows="10" onClick="this.focus();cleanValue(this);"></textarea></td>
</tr>
<tr>
<td height="17"> </td>
<td colspan="2" align=left><input type="submit" value="留言"></td>
</tr><td height="2">
</table>
</form></td>
</tr>
</table>
</body>
</html>
预览地址(也可以在这里给我留言):http://www.22sea.com/yacht/guestbook.asp