<%
'on error resume next
dim concenturl
concenturl=""
if trim(concenturl)<>"" and checkserver(concenturl)=false then
response.write "document.write ('数据被保护,禁止被其他站点调用!');"
response.end
end if
Private function checkserver(str)
dim i,servername
checkserver=false
if str="" then exit function
str=split(Cstr(str),",")
servername=Request.ServerVariables("HTTP_REFERER")
for i=0 to Ubound(str)
if right(str(i),1)="/" then str(i)=left(trim(str(i)),len(str(i))-1)
if Lcase(left(servername,len(str(i))))=Lcase(str(i)) then
checkserver=true
exit for
else
checkserver=false
end if
next
end Function
If cardid<>"" Then
If Left(cardid,2)<>"53" Then errmsg("系统不允许外省身份证投票!")
If Not conn.execute("select ip from card where ip='"&ip&"'").eof then errmsg("您已经投过票了")
If not conn.execute("select idcard from card where idcard='"&cardid&"'").eof Then errmsg("一个身份证,只能投一次票")
call CheckCardId(cardid)
Else
errmsg("身份证不能为空!")
End If
sub errmsg(str)
response.write "<script type=""text/javascript"">window.alert('"&str&"');window.location.href=""index.asp"";</script></body></html>"
response.end
End sub
Function CheckCardId(cardid)
'''身份证验证程序省略
End Function
If request.form("selectv")="" or UBound(Split(request.Form("selectv"),","))+1>10 Then
ErrMsg("您不能不选择,并且最多只能选择10个人进行投票!")
End If
For Each vid In request.Form("selectv")
response.write vid&"<br>"
sql="update person set vote=vote+1 where id="&vid
conn.execute sql
Next
sql1="insert into card (idcard,vote,ip) values ('"&cardid&"','"&request.Form("selectv")&"','"&ip&"')"
conn.execute sql1
errmsg("投票成功!")
%>