<!#include file=/conn/dbconnasp>
<!#include file=/inc/safeasp>
<%
content=Replace_Text(requestForm(content))
content=replace(content<[)
content=replace(content>])
newsid=Replace_Text(requestForm(newsid))
ip=requestForm(ip)
rname=Replace_Text(requestForm(rname))
rname=replace(rname<[)
rname=replace(rname>])
username=Replace_Text(requestForm(username))
username=replace(username<[)
username=replace(username>])
處理發表內容是髒話
set rs=serverCreateObject(adodbrecordset)
sql=select * from badword
rsopen sqlconn
if rseof then
responseWrite(mei ziliao!)
else
on error resume next
do while not rsbof and not rseof
content=replace(contentrsfields(word)value**)
rname=replace(rnamersfields(word)value**)
rsmovenext
loop
end if
rsclose
set rs=nothing
set rs=serverCreateObject(ADODBRecordSet)
sql=select * from pl
rsopen sqlconn
rsaddnew
rs(content)=content
rs(newsid)=newsid
rs(ip)=ip
rs(rname)=rname
rs(username)=username
rsupdate
rsclose
%>
<%
set rsn=serverCreateObject(adodbrecordset)
sqln=select newsidplnumplbz from news where newsid=&newsid&
rsnopen sqlnconn
rsn(plnum)=rsn(plnum)+
rsn(plbz)=
rsnupdate
rsnclose
%>
<script>
alert(成功發布!)
parentlocationshownewsasp?newsid=<%=newsid%>
</script>
From:http://tw.wingwit.com/Article/program/net/201311/11460.html
