<% Response.Buffer = True Response.ExpiresAbsolute = Now() - 1 Response.Expires = 0 Response.CacheControl = "no-cache" Response.Charset="gb2312" 'Response.Addheader "Content-Type","text/html; charset=gb2312" From_url = Cstr(Request.ServerVariables("HTTP_REFERER")) Serv_url = Cstr(Request.ServerVariables("SERVER_NAME")) if mid(From_url,8,len(Serv_url)) <> Serv_url then 'response.write " " 'response.end end if Set CmsDjView = New CmsDj_Com_View Set CmsDjPublic = New CmsDj_Com_Public Set CmsDjShare = New CmsDj_Com_Share Set CmsDjFeed = New CmsDj_Com_Feed Set CmsDjUser = New CmsDj_Com_User Set CmsDjPay = New CmsDj_Com_Pay Set CmsDjShop = New CmsDj_Com_Shop UserTrueIP=Replace(Request.ServerVariables("HTTP_X_FORWARDED_FOR"),"'","") If UserTrueIP="" or isnull(UserTrueIP) Then UserTrueIP=Replace(Request.ServerVariables ("REMOTE_ADDR"),"'","") aaa=SafeRequest("aaa","get") bbb=SafeRequest("bbb","get") id=SafeRequest("id","get") l=SafeRequest("l","get") content=SafeRequest("content","get") action=SafeRequest("action","get") if action="checkusername" then UserName=SafeRequest("UserName","get") Set Rs=CmsDjUser.GetRs("UserName",0,"UserName='"&UserName&"'") if not Rs.eof then Response.Write(escape(" (此登陆帐号已存在, 请更改!!)")) else Response.Write(escape("")) end if rs.close set rs=nothing elseif action="checknicheng" then NiCheng=SafeRequest("NiCheng","get") Set Rs=CmsDjUser.GetRs("NiCheng",0,"NiCheng='"&NiCheng&"'") if not Rs.eof then Response.Write(escape(" (此呢称已存在, 请更改!!)")) else Response.Write(escape("")) end if rs.close set rs=nothing elseif action="userskin" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Conn.DB "update CmsDj_User set userskin='"&aaa&"' where UserID="&CmsDj_Com_UserID,"exe" Response.Write(escape("Err_001")) Response.End elseif action="delmsg" then Conn.DB "delete from CmsDj_Message where id="&id,"exe" Response.Write(escape("Err_002")) Response.End elseif action="delpic" then Conn.DB "delete from CmsDj_Pic where id="&id,"exe" Conn.DB "delete from CmsDj_View where channel=1 and cid="&id,"exe" Conn.DB "delete from CmsDj_Feed where FeedA=2 and FeedB="&id,"exe" Conn.DB "delete from CmsDj_Feed where FeedA=6 and FeedB="&id,"exe" Response.Write(escape("Err_003")) Response.End elseif action="addcomment" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If if l="1" then set RsFeed=Conn.DB ("SELECT * FROM CmsDj_Pic where ID="&id,"exe") FUserID=RsFeed("UserID") FeedID="6" elseif l="2" then set RsFeed=Conn.DB ("SELECT * FROM CmsDj_Art where ID="&id,"exe") FUserID=RsFeed("UserID") FeedID="5" end if Arr1=Array("channel","ClassID","cid","content","cuid","cname","ctime","cip") Arr2=Array(l,0,id,content,CmsDj_Com_UserID,CmsDj_Com_UserName,Now(),UserTrueIP) Call CmsDjView.add(Arr1,Arr2) if l="1" or l="2" then Conn.DB "insert into [CmsDj_Feed] (UserID,UserName,FeedA,FeedB,FeedC,FeedD,FeedE) values ("&CmsDj_Com_UserID&",'"&CmsDj_Com_UserName&"',"&FeedID&","&id&","&FUserID&",0,'"&Now()&"')","exe" end if Response.Write(escape("Err_004")) elseif action="comment" then page=int(request.QueryString ("page")) if page<=0 or page="" then page=1'初始化分页参数 showconnent="" Response.Write(escape(showconnent)) elseif action="delcomment" then Conn.DB "delete from CmsDj_View where id="&id,"exe" Response.Write(escape("Err_005")) Response.End elseif action="deldaily" then Conn.DB "delete from CmsDj_Art where id="&id,"exe" Conn.DB "delete from CmsDj_View where channel=2 and cid="&id,"exe" Conn.DB "delete from CmsDj_Feed where FeedA=1 and FeedB="&id,"exe" Conn.DB "delete from CmsDj_Feed where FeedA=5 and FeedB="&id,"exe" Response.Write(escape("Err_006")) Response.End elseif action="delfriend" then Conn.DB "delete from CmsDj_Public where CD_ID="&id,"exe" Response.Write(escape("Err_007")) Response.End elseif action="addfriend" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If If aaa=""&CmsDj_Com_UserID&"" Then Response.Write(escape("Err_009")) Response.End End If CmsDj_FriendNum = Conn.DB ("select count(*) from CmsDj_Public where CD_AA=0 and CD_CC="&CmsDj_Com_UserID&"","exe")(0) Set Rs=CmsDjPublic.GetRs("CD_ID",0,"CD_AA=0 and CD_BB="&aaa&" and CD_CC="&CmsDj_Com_UserID) If Not(rs.bof And rs.EOF) Then Response.Write(escape("Err_011")) Response.End Else If CmsDj_FriendNum>CmsDj_Com_FriendNum-1 Then Response.Write(escape("Err_010")) Response.End End If Arr1=Array("CD_AA","CD_BB","CD_CC","CD_DD") Arr2=Array(0,aaa,CmsDj_Com_UserID,Now()) Call CmsDjPublic.add(Arr1,Arr2) title="好友信息通知" bodyMessage="会员 "&CmsDj_Com_UserName&" 已将您添加为好友!" Conn.DB "insert into [CmsDj_Message] (sender,incept,title,content,sendtime,flag,delR,delS) values('"&CmsDj_Com_UserName&"','"&GetUserName(aaa,0)&"','"&title&"','"&bodyMessage&"','"&now()&"',0,0,0)","exe" Conn.DB "insert into [CmsDj_Feed] (UserID,UserName,FeedA,FeedB,FeedC,FeedD,FeedE) values ("&CmsDj_Com_UserID&",'"&CmsDj_Com_UserName&"',0,"&aaa&",0,0,'"&Now()&"')","exe" Response.Write(escape("Err_012")) Response.End End If rs.Close Set rs=nothing elseif action="send_share" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If link=SafeRequest("link","get") general=SafeRequest("general","get") if left(link,4)<>"http" then Response.Write(escape("Err_015")) Response.End end if F_Ext = Mid(link, InStrRev(link, ".") + 1) FileExt="."&LCase(F_Ext) '转为小写 CD_UserID=CmsDj_Com_UserID CD_UserName=CmsDj_Com_UserName CD_ShareD=RemoveHTML(link) CD_ShareC=RemoveHTML(general) if FileExt=".com" or FileExt=".cn" or FileExt=".net" or FileExt=".org" or FileExt=".info" or FileExt=".cc" or FileExt=".tv" or FileExt=".biz" or FileExt=".mobi" or FileExt=".name" or FileExt=".dj" or FileExt=".中国" or FileExt=".网络" or FileExt=".公司" then CD_ShareA=1 CD_ShareB="网址" elseif FileExt=".mp3" or FileExt=".wma" then CD_ShareA=2 CD_ShareB="音乐" elseif FileExt=".swf" then CD_ShareA=3 CD_ShareB="Flash" elseif left(link,26)="http://v.youku.com/v_show/" then FileExt=Mid(link,InStrRev(link,"/")+1) FileExt=replace(FileExt,"id_","") FileExt=replace(FileExt,"=.html","") CD_ShareA=4 CD_ShareB="视频" CD_ShareF="youku.com" CD_ShareG=FileExt elseif left(link,30)="http://v.ku6.com/special/show_" then FileExt=Mid(link,InStrRev(link,"/")+1) FileExt=replace(FileExt,".html","") CD_ShareA=4 CD_ShareB="视频" CD_ShareF="ku6.com" CD_ShareG=FileExt elseif left(link,29)="http://you.video.sina.com.cn/" then FileExt=Mid(link,InStrRev(link,"/")+1) FileExt=replace(FileExt,".html","") CD_ShareA=4 CD_ShareB="视频" CD_ShareF="sina.com.cn" CD_ShareG=FileExt elseif left(link,28)="http://v.blog.sohu.com/u/vw/" then FileExt=Mid(link,InStrRev(link,"/")+1) CD_ShareA=4 CD_ShareB="视频" CD_ShareF="sohu.com" CD_ShareG=FileExt else CD_ShareA=1 CD_ShareB="网址" end if CD_ShareE=0 CD_ShareTime=Now() Arr1=Array("UserID","UserName","ShareA","ShareB","ShareC","ShareD","ShareE","ShareF","ShareG","ShareH","ShareTime") Arr2=Array(CmsDj_Com_UserID,CmsDj_Com_UserName,CD_ShareA,CD_ShareB,CD_ShareC,CD_ShareD,CD_ShareE,CD_ShareF,CD_ShareG,0,CD_ShareTime) Call CmsDjShare.add(Arr1,Arr2) Response.Write(escape("Err_013")) elseif action="delshare" then Call CmsDjShare.del("ShareID="&ID) Response.Write(escape("Err_014")) Response.End elseif action="delfeed" then Call CmsDjFeed.del("ID="&id) elseif action="seng_pay" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Set Rs=CmsDjPay.GetRs("",0,"CD_ID="&aaa) if CmsDj_Com_MoneyTrue Then Response.Write(escape("Err_008")) Response.End End If if CmsDj_Com_Grade=1 then founderr=true Response.Write(escape("Err_018")) Response.End elseif zhvip<>"yes" then founderr=true Response.Write(escape("Err_019")) Response.End elseif CmsDj_Com_Points<=zvippoints-1 then founderr=true Response.Write(escape("Err_020")) Response.End else if founderr=false and CmsDj_Com_Grade=0 then msgcontent="亲爱的用户"&CmsDj_Com_UserName&":"& chr(10) & CD_WebName&"正式接收你为VIP会员!"& chr(10) & "您的VIP资格有效期为:"&viptime&" 天,从"&now()&" 开始生效!" Conn.DB "insert into CmsDj_Message(incept,sender,title,content,sendtime,flag,delR,delS) values('"&CmsDj_Com_UserName&"','系统消息','VIP会员申请成功','"&msgContent&"','"&Now()&"',0,0,0)","exe" VipendDatea=date()+viptime Conn.DB "update [CmsDj_User] set UserGrade=1,VipinDate='"&date()&"',VipendDate='"&VipendDatea&"',points=points-"&zvippoints&" where UserName='"&CmsDj_Com_UserName&"'","exe" Conn.DB "insert into [CmsDj_Feed] (UserID,UserName,FeedA,FeedB,FeedC,FeedD,FeedE) values ("&CmsDj_Com_UserID&",'"&CmsDj_Com_UserName&"',10,0,0,0,'"&Now()&"')","exe" Response.Write(escape("Err_021")) end if end if elseif action="edit_info" then sex=SafeRequest("sex","get") qq=SafeRequest("qq","get") xuanyan=SafeRequest("xuanyan","get") nicheng=SafeRequest("nicheng","get") birthday=SafeRequest("birthday","get") whe=SafeRequest("whe","get") address=SafeRequest("address","get") if CmsDj_Com_NiCheng<>nicheng then Set RsUser=CmsDjUser.GetRs("NiCheng",0,"NiCheng='"&NiCheng&"'") if not RsUser.eof then Response.Write(escape("Err_023")) Response.End end if end if Set Rs=CmsDjUser.GetRs("",0,"UserID="&CmsDj_Com_UserID) rs("sex")=sex rs("qq")=qq rs("UserSign")=xuanyan rs("NiCheng")=nicheng rs("birthday")=birthday rs("whe")=whe rs("address")=address rs.update rs.close set rs=nothing Response.Write(escape("Err_024")) Response.End elseif action="send_theme" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Conn.DB "update CmsDj_Web set WebMb='"&aaa&"' where UserID="&CmsDj_Com_UserID,"exe" Conn.DB "update CmsDj_WebMold set WebMoldHits=WebMoldHits+1 where WebMoldID="&aaa,"exe" Response.Write(escape("Err_029")) Response.End elseif action="send_shop" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Set Rs=CmsDjPublic.GetRs("CD_ID",0,"CD_AA=6 and CD_BB="&aaa&" and CD_CC="&CmsDj_Com_UserID) If Not(rs.bof And rs.EOF) Then Response.Write(escape("Err_030")) Response.End Else If bbb > ""&CmsDj_Com_Points&"" Then Response.Write(escape("Err_031")) Response.End End If Arr1=Array("CD_AA","CD_BB","CD_CC","CD_DD","CD_EE","CD_FF","CD_GG") Arr2=Array(6,aaa,CmsDj_Com_UserID,Now(),28,86,0) Call CmsDjPublic.add(Arr1,Arr2) Set RsUser=CmsDjUser.GetRs("",0,"UserID="&CmsDj_Com_UserID) RsUser("Points")=RsUser("Points")-bbb RsUser.Update Set RsUser=nothing Response.Write(escape("Err_032")) Response.End End If rs.Close Set rs=nothing elseif action="send_shopdata" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Set RsShop=CmsDjShop.GetRs("",0,"ShopID="&aaa) If RsShop("SClass")="播放器" Then Conn.DB "UPDATE CmsDj_Web SET WebA='"&aaa&"' where UserID="&CmsDj_Com_UserID,"exe" ElseIf RsShop("SClass")="鼠标" Then Conn.DB "UPDATE CmsDj_Web SET WebB='"&aaa&"' where UserID="&CmsDj_Com_UserID,"exe" End If RsShop.close Set RsShop=nothing Response.Write(escape("Err_033")) Response.End elseif action="edit_shopdata" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If If GetMyShop(aaa,5)="播放器" Then Conn.DB "UPDATE CmsDj_Web SET WebA='' where UserID="&CmsDj_Com_UserID,"exe" ElseIf GetMyShop(aaa,5)="鼠标" Then Conn.DB "UPDATE CmsDj_Web SET WebB='' where UserID="&CmsDj_Com_UserID,"exe" End If Conn.DB "UPDATE CmsDj_Web SET WebA='' where UserID="&CmsDj_Com_UserID,"exe" Response.Write(escape("Err_034")) Response.End elseif action="delshopdata" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Call CmsDjPublic.del("CD_CC="&CmsDj_Com_UserID&" and CD_ID="&aaa) Response.Write(escape("Err_035")) Response.End elseif action="delmymusic" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Call CmsDjPublic.del("CD_CC="&CmsDj_Com_UserID&" and CD_ID="&aaa) Response.Write(escape("Err_036")) Response.End elseif action="delfav" then If UserLogined<>True Then Response.Write(escape("Err_008")) Response.End End If Conn.DB "delete from CmsDj_Public where CD_AA=2 and CD_CC="&Cmsdj_Com_UserID&" and CD_ID="&id,"exe" Response.Write(escape("Err_037")) Response.End end if If isObject(CmsDjView) Then Set CmsDjView = Nothing If isObject(CmsDjPublic) Then Set CmsDjPublic = Nothing If isObject(CmsDjShare) Then Set CmsDjShare = Nothing If isObject(CmsDjFeed) Then Set CmsDjFeed = Nothing %>