<!-- #Include File="Fun.asp" -->
<!-- #Include File="Md5.asp" -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>留言板</title>
<link type="text/css" rel="stylesheet" href="Common.css">
<script language="javascript">
String.prototype.Trim = function()
{
return this.replace(/(^\s*)|(\s*$)/g, "");
}
function isEmail(strEmail) {
if (strEmail.search(/^\w+((-\w+)|(\.\w+))*\@[A-Za-z0-9]+((\.|-)[A-Za-z0-9]+)*\.[A-Za-z0-9]+$/) != -1)
return true;
else
return false;
}
</script>
<style type="text/css">
body{margin:0; background:#003142;}
td,p {font-size: 12px;}
form{margin:0;}
a{
color:#000;
font-size:12px;
text-decoration: none;
}
a:hover {
text-decoration: underline;
color: #F00;
}
TEXTAREA {
FONT-SIZE: 12px;
BORDER: #000 1px solid;
}
INPUT {
FONT-SIZE: 12px;
BORDER: #000 1px solid;
}
.con{padding:10px;line-height:22px;word-break:break-all;word-wrap:break-word;}
</style>
</head>
<body>
<%
Call CreConn(Conn)
Action=FormatRequest(1,"Action",1,"")
Select Case Action
Case "Add"
Call Add()
Case "SaveAdd"
Call SaveAdd()
Case "Login"
Call Login()
Case "ChkLogin"
Call ChkLogin()
Case "EditPwd"
Call EditPwd()
Case "SavePwd"
Call SavePwd()
Case "LoginOut"
Call LoginOut()
Case "Reply"
Call Reply()
Case "SaveReply"
Call SaveReply()
Case "Del"
Call Del()
Case Else
Call Main()
End Select
Sub Main()
Page=FormatRequest(1,"Page",0,1)
If Page<=0 Then Page=1
PSize=10
TbName="Book_List"
GetCol="ID,UserName,Title,Content,AddDate,Reply,HomePage,EMail"
PCol="ID"
SortCol="ID"
StrW="IsShow=True"
CT=""
TCount=Conn.Execute("Select Count(ID) From Book_List Where IsShow=True")(0)
PCount=GetPageCount(TCount,PSize)
If Page>PCount And PCount>0 Then Page=PCount
PIndex=Page
Set Rs=Conn.Execute(GetPageList(TBName,GetCol,PCol,SortCol,1,StrW,PSize,PIndex))
If Not Rs.Eof Then
%>
<table align="center" width="98%" style="margin-top:10px;" cellpadding="0" cellspacing="1" border="0" bgcolor="#CCCCCC">
<tr bgcolor="#FFFFFF">
<td height="22" align="center" colspan="4"><a href="?Action=Add" style="color:#F00;text-decoration:underline">签写留言</a> <%If Session("AdUser")="" Or IsNull(Session("AdUser")) Then%><a href="?Action=Login" style="text-decoration:underline">管理登录</a><%Else%><a href="?Action=EditPwd">修改密码</a> <a href="?Action=LoginOut">退出登录</a><%End If%></td>
</tr>
<tr>
<td height="1" width="10%"></td>
<td width="40%"></td>
<td width="20%"></td>
<td width="30%"></td>
</tr>
<%
Do While Not Rs.Eof
%>
<tr bgcolor="#FFFFFF">
<td height="25" align="center">留言主题</td>
<td> <%=Rs(2)%></td>
<td>留言者:<a href="<%=Rs(6)%>" target="_blank"><%=Rs(1)%></a></td>
<td>留言时间:<%=Rs(4)%></td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center" height="100">留言内容</td>
<td colspan="3" valign="top" class="con"><%=Replace(Left(Rs(3),500),chr(10),"<br>")%></td>
</tr>
<%
TmpReply=Rs(5)
If Trim(TmpReply)<>"" Then
%>
<tr bgcolor="#FFFFFF">
<td height="50" align="center" style="color:#F00">管理员回复</td>
<td colspan="3" valign="top" class="con" style="color:#FF0000"><%=TmpReply%></td>
</tr>
<%End If
If Session("AdUser")<>"" Then
%>
<tr bgcolor="#FFFFFF">
<td height="25" align="center" style="color:#00F">留言管理</td>
<td colspan="2"> 电子邮件:<a href="<%=Rs(6)%>" target="_blank"><%=Rs(7)%></a></td>
<td align="center"><a href="?Action=Reply&ID=<%=Rs(0)%>&Page=<%=Page%>" style="color:#F00">回复留言</a> <a href="?Action=Del&ID=<%=Rs(0)%>&Page=<%=Page%>" style="color:#F00">删除留言</a></td>
</tr>
<%End If%>
<tr>
<td height="10" bgcolor="#FAFAFA" colspan="4"></td>
</tr>
<%
Rs.MoveNext
Loop
%>
</table>
<%
If PCount>1 Then
Response.Write PageList(3,PCount,Page,CT)
Else
Response.Write "<br>"
End If
Else
Response.Write "<div style=""text-align:center;font-size:14px;color:#F00;""><br><br>没有留言<br><br><a href=""?Action=Add"" style=""color:#F00; text-decoration:underline"">我要签写留言</a><br><br></div>"
End If
End Sub
Sub Add()
%>
<script language="javascript">
function ChkBook(obj)
{
if(obj.UserName.value.Trim()=="")
{
alert("请输入用户名!");
obj.UserName.focus();
return false;
}
if(obj.EMail.value.Trim()=="")
{
alert("请输入电子邮件!");
obj.EMail.focus();
return false;
}
if(!isEmail(obj.EMail.value.Trim()))
{
alert("您输入的电子邮件不正确!");
obj.EMail.focus();
return false;
}
if(obj.Title.value.Trim()=="")
{
alert("请输入留言标题!");
obj.Title.focus();
return false;
}
if(obj.Content.value.Trim()=="")
{
alert("请输入留言内容!");
obj.Content.focus();
return false;
}
}
</script>
<table align="center" width="95%" cellpadding="0" cellspacing="1" border="0" bgcolor="#F0F0F0" style="margin-top:10px;">
<form action="index-book.asp" method="post" onsubmit="return ChkBook(this);">
<input type="hidden" name="Action" value="SaveAdd">
<tr bgcolor="#FFFFFF">
<td height="22" align="center" colspan="2"><a href="index-book.asp" style="color:#FF0000; text-decoration:underline">返回留言列表</a></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25" width="15%" align="center">姓 名:</td>
<td width="85%"> <input type="text" name="UserName" style="width:200px;" maxlength="20"></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25" align="center">联系方式:</td>
<td> <input type="text" name="Title" style="width:200px;" maxlength="100"></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25" align="center">留言主题:</td>
<td> <input type="text" name="Title" style="width:200px;" maxlength="25"></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="25" align="center">留言内容:</td>
<td> <textarea name="Content" cols="60" rows="8"></textarea></td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="30" colspan="2" align="center"><input type="submit" value="确认留言"> <input type="reset" value="重写留言"></td>
</tr>
</form>
</table>
<%
End Sub
Sub SaveAdd()
UserName=FormatRequest(2,"UserName",1,"")
EMail=FormatRequest(2,"EMail",1,"")
Title=FormatRequest(2,"Title",1,"")
Content=FormatRequest(2,"Content",1,"")
Conn.Execute("Insert Into Book_List(UserName,Title,Content,EMail,IP) Values('"&UserName&"','"&Title&"','"&Content&"','"&Email&"','"&Get_UserIp()&"')")
Call ShowErrMsg(1,"留言成功!","index-book.asp")
End Sub
Sub Login()
%>
<script language="javascript">
function CheckLogin(obj)
{
if(obj.UserName.value.Trim()=="")
{
alert("请输入用户名!");
return false;
}
if(obj.UserPwd.value.Trim()=="")
{
alert("请输入密码!");
return false;
}
}
</script>
<table align="center" width="80%" cellpadding="0" cellspacing="1" border="0" bgcolor="#F0F0F0" style="margin-top:10px;">
<form action="index-book.asp" method="post" onsubmit="return CheckLogin(this);">
<input type="hidden" name="Action" value="ChkLogin">
<tr bgcolor="#FFFFFF">
<td height="22" align="center" colspan="2">管理员登录 <a href="index-book.asp" style="color:#FF0000; text-decoration:underline">返回留言列表</a></td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center" height="30">用户名:<input type="text" name="UserName" style="width:80px;" maxlength="30">
密码:<input type="password" name="UserPwd" style="width:80px;" maxlength="30">
<input type="submit" value="确认登录">
</td>
</tr>
</form>
</table>
<%
End Sub
Sub ChkLogin()
UserName=FormatRequest(2,"UserName",1,"")
UserPwd=Md5(Request.Form("UserPwd"))
Set Rs=Conn.Execute("Select UPwd From Ad_List Where UName='"&UserName&"'")
If Not Rs.Eof Then
UPwd=Rs(0)
If UserPwd<>UPwd Then
Call ShowErrMsg(3,"密码错误!","")
Else
Session("AdUser")=UserName
Conn.Execute("Update Ad_List Set LoginDate='"&Now()&"',LoginIP='"&Get_UserIp()&"' Where UName='"&UserName&"'")
Call ShowErrMsg(1,"登录成功!","index-book.asp")
End If
Else
Call ShowErrMsg(3,"用户不存在!","")
End If
Rs.Close
Set Rs=Nothing
End Sub
Sub EditPwd()
If Session("AdUser")="" Or IsNull(Session("AdUser")) Then Call ShowErrMsg(3,"非法操作!","")
%>
<script language="javascript">
function ChkPwd(obj)
{
if(obj.OldPwd.value.Trim()=="")
{
alert("请输入旧密码!");
return false;
}
if(obj.NewPwd.value.Trim()=="")
{
alert("请输入新密码!");
return false;
}
}
</script>
<table align="center" width="80%" cellpadding="0" cellspacing="1" border="0" bgcolor="#F0F0F0" style="margin-top:10px;">
<form action="index-book.asp" method="post" onsubmit="return ChkPwd(this);">
<input type="hidden" name="Action" value="SavePwd">
<tr bgcolor="#FFFFFF">
<td height="22" align="center" colspan="2">修改密码 <a href="?Action=LoginOut">退出登录</a> <a href="index-book.asp" style="color:#FF0000; text-decoration:underline">返回留言列表</a></td>
</tr>
<tr bgcolor="#FFFFFF">
<td align="center" height="30">用户名:<input type="text" name="UserName" style="width:80px;" readonly value="<%=Session("AdUser")%>" maxlength="30">
旧密码:<input type="password" name="OldPwd" style="width:80px;" maxlength="30">
新密码:<input type="password" name="NewPwd" style="width:80px;" maxlength="30">
<input type="submit" value="确认修改">
</td>
</tr>
</form>
</table>