<% dim rs,sql dim reviewable dim reviewer,email,url,content set rs=server.createobject("adodb.recordset") '查找是否开放评论权限 rs.open "select * from news_parameter where parameterid=1",conn,1,1 if not rs.bof and not rs.eof then if rs("reviewable")<>1 then rs.close response.write "对不起,评论功能已被管理员关闭!!!返回" response.end end if end if rs.close set rs=nothing function invert(str) invert=replace(replace(replace(replace(str,"<","<"),">",">"),chr(13),"
")," "," ") invert=replace(replace(replace(replace(invert,"[img]",""),"[red]",""),"[blue]","") invert=replace(replace(replace(replace(invert,"[/img]",">"),"[/b]",""),"[/red]",""),"[/blue]","") end function reviewer=trim(request("reviewer")) email=trim(request("email")) url=trim(request("url")) content=invert(request("content")) if url="http://" then url="" end if if email<>"" then if instr(email,"@")<2 or len(email)<8 or instr(email,".")<5 then response.write"错误!!您的电子邮件填写不规范!!!返回" response.end end if end if if url<>"" then if instr(url,".")<1 then response.write"错误!!您的主页地址填写不规范!!!返回" response.end end if isnot=" !@$^*()'`|[]}{;<>" for i=1 to len(url) for j=1 to len(isnot) if mid(url,i,1)=mid(isnot,j,1) then response.write"错误!!您的主页地址填写不规范!!!返回" response.end end if next next end if if reviewer="" or trim(request("content"))="" then response.write "错误!!带*号的为必填项返回!!" response.end else set rs=server.createobject("adodb.recordset") rs.open "select * from review",conn,1,3 rs.addnew rs("newsid")=cstr(request("newsid")) rs("reviewer")=reviewer rs("uip")=request("remote_addr") rs("email")=email rs("url")=url rs("content")=content rs.update rs.close set rs=nothing end if response.redirect "review.asp?newsid=" & request("newsid") %>