") fString = Replace(fString, CHR(10), "
") htmlencode = fString End If End Function Function uhtmlencode(fString) If not isnull(fString) then fString = Replace(fString, " ", CHR(32)) fString = Replace(fString, " ", CHR(9)) fString = Replace(fString, """, CHR(34)) fString = Replace(fString, "'", CHR(39)) fString = Replace(fString, "", CHR(13)) fString = Replace(fString, "

", CHR(10) & CHR(10)) fString = Replace(fString, "
", CHR(10)) uhtmlencode = fString End If End Function '判断是否登陆 Function checkadmin() If Session("5izt_Admin")="" then Response.redirect "?action=login" Response.End End If End Function '获取浏览器action action=Request.Querystring("action") '获取浏览器id Id=Request.Querystring("Id") 'Id是否为空 If Id<>"" and not isnumeric(Id) then Response.Write "" Response.End End If %>

首页

关于我们

核心业务

产品中心

客户需求

留言本

招贤纳士

Contact Us

当前位置：首页 > 在线留言

<% Select Case action '添加留言调用 Case "add" '判断是否外部提交 dim From_url,Serv_url From_url = Cstr(Request.ServerVariables("HTTP_Referer")) Serv_url = Cstr(Request.ServerVariables("Server_Name")) If mid(From_url,8,len(Serv_url)) <> Serv_url Then Response.Write "" Response.End End If '二次判断，防止屏蔽JS后提交数据 Books_Name=htmlencode(Request.form("Books_Name")) Books_Qq=htmlencode(Request.form("Books_Qq")) Books_Mail=htmlencode(Request.form("Books_Mail")) Books_DH=htmlencode(Request.form("Books_DH")) Books_DZ=htmlencode(Request.form("Books_DZ")) Books_BT=htmlencode(Request.form("Books_BT")) Books_YP=htmlencode(Request.form("Books_YP")) Books_QZ=htmlencode(Request.form("Books_QZ")) Books_ZY=htmlencode(Request.form("Books_ZY")) Books_DW=htmlencode(Request.form("Books_DW")) Books_Info=htmlencode(Request.form("Books_Info")) If Books_name="" or Books_qq="" or Books_mail="" or Books_info="" or Books_DH="" or Books_DZ="" then Response.Write "" ElseIf Books_BT="" or Books_YP="" or Books_QZ="" or Books_ZY="" or Books_DW="" then Response.Write "" ElseIf len(Books_name)>10 then Response.Write "" ElseIf not (isNumeric(Books_Qq) or Books_Qq="") then Response.Write "" ElseIf len(Books_Qq)<5 or len(Books_Qq)>10 then Response.Write "" ElseIf Instr(Books_mail,".")<=0 or Instr(Books_mail,"@")<=0 then Response.Write "" ElseIf len(Books_info)>600 or len(Books_info)<5 then Response.Write "" Else Set mRs= Server.CreateObject("adodb.recordSet") mRs.open "Select * from [5izt_Books]", conn, 1, 3 mRs.addnew mRs("Books_Name") = Books_Name mRs("Books_Mail") = Books_Mail mRs("Books_DZ") = Books_DZ mRs("Books_DH") = Books_DH mRs("Books_BT") = Books_BT mRs("Books_YP") = Books_YP mRs("Books_QZ") = Books_QZ mRs("Books_ZY") = Books_ZY mRs("Books_DW") = Books_DW mRs("Books_Qq") = Books_Qq mRs("Books_Info") = Books_Info mRs("Books_Time") = now() mRs("Books_Ip") = Request.ServerVariables("REMOTE_ADDR") mRs.update mRs.close Set mRs = nothing Response.Write "" Response.End End If '回复留言调用 Case "Reply" checkadmin If Id="" then Response.Write "" Response.End End If Set mRs=Server.CreateObject("adodb.recordSet") Sql="Select * from [5izt_Books] where Books_Id="&Id mRs.open Sql,conn,1,3 mRs("Books_Name")= htmlencode(Request.form("Books_Name")) mRs("Books_Qq")= htmlencode(Request.form("Books_Qq")) mRs("Books_Mail")= htmlencode(Request.form("Books_Mail")) mRs("Books_DZ")= htmlencode(Request.form("Books_DZ")) mRs("Books_DH")= htmlencode(Request.form("Books_DH")) mRs("Books_BT")= htmlencode(Request.form("Books_BT")) mRs("Books_QZ")= htmlencode(Request.form("Books_QZ")) mRs("Books_ZY")= htmlencode(Request.form("Books_ZY")) mRs("Books_DW")= htmlencode(Request.form("Books_DW")) mRs("Books_YP")= htmlencode(Request.form("Books_YP")) mRs("Books_Info")= htmlencode(uhtmlencode(Request.form("Books_Info"))) mRs("Books_Reply")= htmlencode(Request.form("Books_Reply")) mRs.update mRs.close Set mRs=nothing Response.Write "" Response.End '删除留言调用 Case "del" checkadmin If Id="" then Response.Write "" Response.End End If conn.execute("delete from [5izt_Books] where Books_Id="&Id) Response.Write "" Response.End '修改管理员密码调用 Case "modpassed" checkadmin Admin_User=htmlencode(Request.form("Admin_User")) Admin_Gps=md5(Request.form("Admin_Gps")) Admin_Nps=md5(Request.form("Admin_Nps")) Admin_Pass=md5(Request.form("Admin_Pass")) Set mRs=conn.execute("select * from [5izt_Admin] where Admin_User='"&Session("5izt_Admin")&"' and Admin_Pass='"&Admin_Gps&"'") If mRs.eof then Response.Write "" Response.End End If conn.execute("update [5izt_Admin] Set Admin_User='"&Admin_User&"',Admin_Pass='"&Admin_Pass&"' where Admin_User='"&Session("5izt_Admin")&"'") Session.Contents.Remove("5izt_Admin") Response.Write "" response.End '退出后台调用 Case "logout" Session.Contents.Remove("5izt_Admin") Response.Write "" Response.End '登陆后台调用 Case "logincheck" Admin_User=htmlencode(Request.form("Admin_User")) Admin_Pass=md5(Request.form("Admin_Pass")) Set mRs=conn.execute("select * from [5izt_Admin] where Admin_User='"&Admin_User&"' and Admin_Pass='"&Admin_Pass&"'") If not mRs.eof then Session("5izt_Admin")=mRs("Admin_User") Response.Write "" Response.End Else Response.Write "" Response.End End If '登陆页面 Case "login" %>  · 管理登陆 · 管理员： 密  码：    <% '修改密码页面 Case "modpass" checkadmin %>  · 管理员帐号修改 · 登录名： " maxlength="16" class="input"> 旧密码： 新密码： 确  认：    <% '回复页面调用 Case "reply" checkadmin If Id="" then Response.Write "" Response.End End If Set mRs=conn.execute("select * from [5izt_Books] where Books_Id="&Id) If mRs.eof then Response.Write "" Response.End End If %>  · 回复留言 · 昵称： "> 邮编： "> 电话： "> 传真： "> 邮箱： " class="input"> 主页： "> 地址： "> 单位： "> 标题： "> Q  Q： "> 留言： <% =mRs("Books_Info") %> 回复： <% =mRs("Books_Reply") %>    返回   <% mRs.close Set mRs=nothing '列表页面调用 Case Else %>  尊敬的客户:     欢迎浏览我们的网站,如果您需要了解我们的公司及产品，请填写下列资料，您将会在最短的时间内得到我们的回复。 　　 谢谢您的支持!  · 客户反馈 · 昵称： * 邮编： * 电话： * 传真： * 邮箱： * 主页： * 地址： * 单位： * 标题： * Q  Q： * 内容： *    · 留言列表 · <% If Session("5izt_Admin")<>"" then Response.Write "欢迎管理员『 "&Session("5izt_Admin")&" 』" Response.Write "  修改帐号" Response.Write "  退出管理" Else Response.Write"管理员登录" End If %> <% Sql="select * from [5izt_Books] order by Books_Id desc" Set mRs=Server.CreateObject("adodb.recordSet") mRs.open sql,conn,1,1 If mRs.bof and mRs.eof then Response.Write"没有任何记录" Response.End Else mRs.PageSize =6'每页记录条数 iCount=mRs.RecordCount '记录总数 iPageSize=mRs.PageSize maxpage=mRs.PageCount page=request("page") If Not IsNumeric(page) or page="" then page=1 Else page=cint(page) End If If page<1 then page=1 ElseIf page>maxpage then page=maxpage End If mRs.AbsolutePage=Page If page=maxpage then x=iCount-(maxpage-1)*iPageSize Else x=iPageSize End If End If for i=1 to mRs.pagesize %> <% Response.Write(""&CStr(i)&"") %> 昵称为：<% =mRs("Books_Name") %>在<% =mRs("Books_Time") %>的留言： <% If Session("5izt_Admin")<>"" then Response.Write " 回复" Response.Write " 删除" Response.Write " IP为："&mRs("Books_Ip")&"" End If %> <% = mRs("Books_Info") %><% If mRs("Books_Reply")<>"" then Response.Write" 回复： "&mRs("Books_Reply")&"" End If %> <% mRs.movenext If mRs.eof then exit for next mRs.close Set mRs=nothing %> <% call PageControl(iCount,maxpage,page,"border=0 align=center"," ") Sub PageControl(iCount,pagecount,page,table_style,font_style) '生成上一页下一页链接 Dim query, a, x, temp action = "http://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("SCRIPT_NAME") query = Split(Request.ServerVariables("QUERY_STRING"), "&") For Each x In query a = Split(x, "=") If StrComp(a(0), "page", vbTextCompare) <> 0 Then temp = temp & a(0) & "=" & a(1) & "&" End If Next Response.Write("") Response.Write("") Response.Write("") Response.Write(" ") If page<=1 then Response.Write ("首页 " ) Response.Write ("上一页 ") Else Response.Write("首页 ") Response.Write("上一页 ") End If If page>=pagecount then Response.Write ("下一页 ") Response.Write ("尾页 ") Else Response.Write("下一页 ") Response.Write("尾页 ") End If Response.Write(" 页次：" & page & "/" & pageCount & "页") Response.Write(" 共有" & iCount & "条留言") Response.Write(" 转到" & "" & "页 ") Response.Write(" ") End Sub End Select conn.close Set conn=nothing %>

增值电信业务经营许可证[粤B2-20080020] ©　深圳市润迅通信息技术有限公司  版权所有 地址:深圳市罗湖区湖贝路华佳广场2109B　电话：0755-8238 5880 8238 5881 传真：0755-8238 5887