%
'******************************************************************************************
' Software name: Max(马克斯) Content Management System
' Version:2.6_User
' Web: http://maxcms.bokecc.com
' Author: 石头、酒瓶
' Copyright (C) 2005-2009 北京梦之窗数码科技有限公司 版权所有
' 法律申明:MaxCMS程序所有代码100%原创、未引入任何网上代码,对一切抄袭行为、坚决严肃追究法律责任
'******************************************************************************************
dim templateobj,PlayTemplatePath : set templateobj = mainClassobj.createObject("MainClass.template")
dim action : action = getForm("action", "get")
dim style:style = getForm("style", "get")
Select case action
case "regsubmit","editsubmit" : regSubmit
case "checkuser" : response.clear:die checkUser("u_username")
case "checknicename" : response.Clear : die checkUser("u_nicename")
case "login" : login
case "promot" : checkLimit: head :promot
case "loginsubmit" : loginSubmit
case "myfavor" : checkLimit: head :viewMyFavorAndHistory "u_favor"
case "history" : checkLimit : head :viewMyFavorAndHistory "u_looked"
case "delFavorAndLooked" : checkLimit: delFavorAndLooked
case "movie": head : recordPromot
case "messageList":checkLimit: head :messageList
case "logout" :logOut
case "reg" : head : reg
case "edit" : checkLimit: head :edit
case "view" : checkLimit: head :view
case "sendmessage" : checkLimit: head :sendmessage
case "delmessage": checkLimit : delmessage
case "sendsubmit" : checkLimit:sendsubmit
case "presentsubmit": checkLimit : presentsubmit
case "card" : head : useCard
case "usecard" : head : cardSubmit
case else : checkLimit : head : view
End Select
foot
set user = nothing
terminateAllObjects
Sub alertMsg(str,url)
dim urlstr
if url<>"" then urlstr="top.location.href='"&url&"';"
if not isNul(str) then str ="alert('"&str&"');"
echo("")
End Sub
Sub messageList
dim mList,pcount,page,mListi,sql,mType,msgt,target : mType = getForm("mType","get") : msgt = getForm("msgt","get")
if mType = "send" then
sql = "select m_id,m_sendTo,m_title,m_sendtime,m_read,m_content from m_message where m_sendFrom = '"&user.id&"' order by m_sendTime desc"
else
select case msgt
case "1"
sql = "select m_id,m_sendFrom,m_title,m_sendtime,m_read,m_content from m_message where m_sendTo = '"&user.id&"' and m_sendFrom<>'0' order by m_sendTime desc"
case "2"
sql = "select m_id,m_sendFrom,m_title,m_sendtime,m_read,m_content from m_message where m_sendTo = '"&user.id&"' and m_sendFrom = '0' order by m_sendTime desc"
case else
sql = "select m_id,m_sendFrom,m_title,m_sendtime,m_read,m_content from m_message where m_sendTo = '"&user.id&"' order by m_sendTime desc"
end select
end if
set mList = conn.db(sql,"records1")
%>
<%
End Sub
Sub sendsubmit
dim users,usersi,usersarray,sendtitle,sendinfo,level,sendtype,sqlstr,userto,level2
users=replace(replace(trim(getForm("users","post")),chr(10),""),chr(13),""):sendinfo=encodeHtml(getForm("sendinfo","post")):level=getForm("level","post"):sendtype=getForm("sendtype","post"):sendtitle=encodeHtml(getForm("sendtitle","post"))
if isNul(sendtitle) or isNul(sendinfo) then alertMsg "请填写完整","":last
on error resume next
users=trimOuterStr(replace(users,",",","),","):usersarray=split(users,",")
dim errFlag
for usersi=0 to ubound(usersarray)
userto = parseNametoId(usersarray(usersi))
if not isNul(userto) then
conn.db "insert into m_message(m_sendfrom,m_sendto,m_sendTime,m_title,m_content) values ("&user.id&","&userto&",#"&now()&"#,'"&sendtitle&"','"&sendinfo&"')","execute"
else
errFlag = errFlag & usersarray(usersi) & ","
end if
next
if err then err.clear
if errFlag <> "" then alertMsg errFlag&"不存在","":last:die"" else alertMsg "发送成功","":last
End Sub
Sub delmessage
dim id : id = preventSqlin(getForm("id","both"),"filter")
if not isNul(id) then
if instr(id,",")>0 then
conn.db "delete from m_message where m_sendTo ='"&user.id&"' and m_id in("&trim(id)&")","execute"
else
conn.db "delete from m_message where m_sendTo ='"&user.id&"' and m_id = "&trim(id),"execute"
end if
end if
alertMsg "删除成功","?action=messageList"
End Sub
Function getuserlevel(mid)
on error resume next
if mid<>0 then
getuserlevel=conn.db("select top 1 m_groupName from m_level where m_id = "& mid &"","execute")(0)
else
getuserlevel="访客组"
end if
End Function
Sub recordPromot
on error resume next
dim promoteScore:promoteScore=loadRules("promoteScore")
dim Ip : Ip = getIp
dim userId : userId = getForm("user","get")
dim promotObj
if not isNul(userId) then
if isNum(userId) then userId=clng(userId) else echoSaveStr "safe"
set promotObj=conn.db("select u_promoteDate,u_promoteIp,u_score from {pre}user where u_id="&userId&"","records3")
if not promotObj.eof then
if promotObj("u_promoteDate")"80" then portstr=":"&Request.ServerVariables("SERVER_PORT")
domainName = LCase(Request.ServerVariables("Server_Name"))&portstr
pageName = LCase(Request.ServerVariables("Script_Name"))
getCurrentDir = mid("http://"&domainName&pageName,1,instrrev("http://"&domainName&pageName,"/"))
End Function
Sub promot
dim promoteScore:promoteScore = loadRules("promoteScore")
%>
<%
End Sub
Sub viewMyFavorAndHistory(str)
dim favor,videoArray,i,m_pic
set favor=conn.db("select "&str&" from m_user where u_id="&user.id,"records1")
%>
<%
End Sub
Sub logOut
dim backurl : backurl = getRefer
if instr(backurl,"style=line")>0 or instr(backurl,"style=quare")>0 then backurl = backurl&"&logonback=yes"
user.logout backurl
End Sub
Function checkUser(rType)
dim check,u_name: u_name = replaceStr(getForm(rType,"both"),"'","")
if u_name="" or len(u_name)>10 then checkUser = "err"
if rType = "u_username" then
set check = conn.db("select top 1 u_username from m_user where u_username='"&u_name&"'","execute")
else
set check = conn.db("select top 1 u_nicename from m_user where u_username='"&u_name&"'","execute")
end if
if check.eof then
checkUser = 0
else
checkUser = 1
end if
check.close
set check = nothing
End Function
Sub alertMsg2(str,url)
dim urlstr
if url<>"" then urlstr="self.location.href='"&url&"';"
if not isNul(str) then str ="alert('"&str&"');"
echo("")
End Sub
Sub loginSubmit
dim backurl,style : backurl = getForm("backurl","post")
if isNul(backurl) then backurl = "index.asp"
if instr(backurl,"style=line")>0 or instr(backurl,"style=quare")>0 then backurl = backurl&"&logonback=yes"
if isNul(getForm("vertify","post")) or getForm("vertify","post")<>Session("code") then alertMsg "验证码错误","":last:die""
if isNul(getForm("username","post")) or isNul(getForm("pwd","post")) then alertMsg "用户名或密码不能为空",""
user.login replaceStr(getForm("username","post"),"'",""),md5(getForm("pwd","post"),32),getForm("single","post")
chkScore
response.redirect backurl
End Sub
Sub checkLimit
user.checkuserlogin
End Sub
Sub regSubmit
dim u_username,pwd1,pwd2,u_face,u_qq,u_mail,u_age,vertify,u_id,u_nicename
if action="regsubmit" then
if clng(checkUser("u_username"))>0 then alertMsg "用户名已存在,请更换","":last:die ""
u_username=replaceStr(getForm("u_username","post"),"'","")
vertify=getForm("vertify","post")
if isNul(vertify) then echoSaveStr "null"
if not isNum(vertify) then echoSaveStr "safe"
if computeStrLen(u_username)>50 then username=getStrByLen(u_username,50)
if vertify<>session("code") then die "验证码错误"
else
u_id=getForm("u_id","get")
if not isNul(u_id) then
if not isNum(u_id) then echoSaveStr "safe"
else
alertMsg "无此用户","":last:die ""
end if
end if
u_nicename = encodeHtml(replaceStr(getForm("nicename","post"),"'",""))
if isNul(u_nicename) then alertMsg "昵称不能为空","":last:die ""
pwd1=getForm("pwd1","post")
pwd2=getForm("pwd2","post")
u_mail=encodeHtml(getForm("email","post"))
if pwd1<>pwd2 then die "两次密码不同"
u_face=encodeHtml(preventSqlin(getForm("face","post"),""))
u_qq=getForm("qq","post")
if not isNul(u_qq) then
if not isNum(u_qq) then echoSaveStr "safe"
else
u_qq=""
end if
u_age=getForm("age","post")
if not isNul(u_age) then
if not isNum(u_age) then echoSaveStr "safe"
else
u_age=0
end if
if computeStrLen(u_face)>50 then img=getStrByLen(u_face,50)
if computeStrLen(pwd1)>50 then pwd1=getStrByLen(pwd1,50)
if computeStrLen(u_mail)>50 then email=getStrByLen(u_mail,50)
if computeStrLen(u_qq)>20 then qq=getStrByLen(u_qq,20)
if computeStrLen(u_age)>3 then age=getStrByLen(u_age,3)
if action="regsubmit" then
dim urs
dim regScore : regScore = loadRules("regScore")
set urs = conn.db("select u_username,u_nicename,u_regtime,u_pwd,u_qq,u_mail,u_age,u_face,u_score,u_logTime,u_level from m_user","records3")
urs.addnew
urs("u_username")=u_username
urs("u_nicename") = u_username
urs("u_regTime") = date
urs("u_logTime") = now
urs("u_score")=regScore
urs("u_pwd")=md5(pwd1,32)
urs("u_level") = 0
else
set urs = conn.db("select u_pwd,u_qq,u_mail,u_age,u_face from m_user where u_id="&user.id,"records3")
if not isNul(pwd1) then urs("u_pwd")=md5(pwd1,32)
end if
urs("u_qq")=u_qq : urs("u_face")=u_face : urs("u_mail")=u_mail : urs("u_age")=u_age
urs.update:urs.close
if action="regsubmit" then
alertMsg "注册成功,正在转向登陆页面!","?action=login"
else
alertMsg "修改成功!","?action=view"
end if
End Sub
Sub login
dim backurl:backurl=getRefer
%>
<%
select case style
case ""
head
%>
<%
end if
response.end
end select
End Sub
Sub view
dim userInfo,mList
set userInfo = conn.db("select u_username,u_regtime,u_face,u_qq,u_mail,u_score,u_level,u_nicename from {pre}user where u_id="&user.id&"","records1")
if userInfo.eof then
userInfo.close
set userInfo = nothing
alertMsg "账号出错","":last:die""
else
%>
<%
set mList=conn.db("select top 6 m_sendFrom,m_title,m_sendTime from {pre}message where m_sendTo='"&user.id&"' and m_read=0 order by m_sendTime desc","records1")
if mList.eof then echo "暂时没有消息"
do while(not mList.eof)
%>
<%
mList.movenext
loop
mList.close
set mList = nothing
%>
<%
end if
userInfo.close
set userInfo = nothing
End Sub
Sub edit
dim userObj,i
set userObj=conn.db("select u_id,u_username,u_nicename,u_qq,u_mail,u_age,u_score,u_face,u_pwd from m_user where u_id="&cint(user.id),"records1")
if userObj.eof then alertMsg "无此用户","":last:die ""
if userObj("u_username")<>user.name then alertMsg "无此用户","":last:die ""
%>
<%
End Sub
Sub head
dim channelTemplatePath : channelTemplatePath = "/"&sitePath&"template/"&defaultTemplate&"/"&templateFileFolder&"/user_head.html"
dim templateobj : set templateobj = mainClassobj.createObject("MainClass.template")
dim cacheName : cacheName = "parse_user_"&user.level
if cacheStart = 1 then
if cacheObj.chkCache(cacheName) then
echo cacheObj.getCache(cacheName)
else
templateobj.load channelTemplatePath
with templateObj
.parseTop():.parseFoot():.parseSelf() : .parseGlobal() : .parseMenuList("") :.parseNewsList: .parseVideoList() : .parseTopicList() :.content=replaceCurrentTypeId(.content):.parseIf():.content = replace(.content,"{maxcms:runinfo}",getRunTime()):cacheObj.setCache cacheName,.content : echo .content
end with
end if
else
templateobj.load channelTemplatePath
with templateObj
.parseTop():.parseFoot():.parseSelf() : .parseGlobal() : .parseMenuList("") :.parseNewsList: .parseVideoList() : .parseTopicList() :.content=replaceCurrentTypeId(.content):.parseIf():.content = replace(.content,"{maxcms:runinfo}",getRunTime()):echo .content
end with
end if
%>
<%
End Sub
Sub presentsubmit
dim presentFrom,presentTo,Score : presentFrom = user.id : presentTo = getForm("presentTo","post") : Score = getForm("score","post")
if isNul(presentTo) or isNul(Score) then alertMsg "信息不完整","":last:die""
if isNum(Score) then Score = clng(Score) else echoSaveStr("safe")
if clng(score) < 0 then alertMsg "包包不能为负数","":last:die""
if clng(score) > clng(user.score) then alertMsg "包包不够赠送","":last:die""
presentTo = preventSqlin(presentTo,"") : presentTo = parseNametoId(presentTo)
if isNul(presentTo) then alertMsg "用户不存在","":last:die""
if cstr(presentTo) = cstr(presentFrom) then alertMsg "不能给自己赠送","":last:die""
conn.db "update {pre}user set u_score=u_score+"&score&" where u_id="&presentTo,"execute"
conn.db "update {pre}user set u_score=u_score-"&score&" where u_id="&presentFrom,"execute"
user.score = clng(user.score) - clng(score)
chkScore
alertMsg "赠送成功","":last:die""
End Sub
Sub delFavorAndLooked
dim mType : mType = getForm("mType","get")
select case mType
case "u_favor"
dim favor : favor = getForm("u_favor","post")
if not isNul(favor) then
user.modFavor favor,"del"
alertMsg "删除成功","?action=myfavor"
else
alertMsg "没有选择要删除的收藏","":last:die""
end if
case "u_looked"
dim looked : looked = getForm("u_looked","post")
if not isNul(looked) then
user.dellooked looked
alertMsg "删除成功","?action=history"
else
alertMsg "没有选择要删除历史记录","":last:die""
end if
case else : alertMsg "错误","":last:die""
end select
End Sub
Sub useCard
%>
<%
End Sub
Sub cardSubmit
dim user1,user2,cardno,cardpwd : user1 = replaceStr(getForm("user1","post"),"'",""): user2 = replaceStr(getForm("user2","post"),"'",""): cardno = replaceStr(getForm("cardno","post"),"'",""): cardpwd = replaceStr(getForm("cardpwd","post"),"'","")
if isNul(user1) then alertMsg "用户名不能为空","":last:die""
if user1<>user2 then alertMsg "两次输入用户名不一致","":last:die""
if isNul(cardno) then alertMsg "卡号不能为空","":last:die""
if isNul(cardpwd) then alertMsg "用密码不能为空","":last:die""
dim cardType : cardType = right(cardno,2)
if conn.db("select u_username from {pre}user where u_username ='"&user1&"'","execute").eof then alertMsg "用户不存在","":last:die""
select case cardType
case "JF"
dim JF,JFScore
set JF = conn.db("select m_score,m_state,m_user from {pre}card where m_CardNo='"&cardno&"' and m_CardPwd = '"&cardpwd&"'","records3")
if JF.eof then
JF.close
set JF = nothing
alertMsg "卡号密码不正确","":last:die""
else
select case JF("m_state")
case "0" : JF.close : set JF = nothing : alertMsg "该卡未激活\n请通知管理员修改为\'已发卡\'","":last:die""
case "1"
conn.db "update {pre}user set u_score = u_score+"&JF("m_score")&" where u_username='"&user1&"'","execute"
JF("m_state") = "2"
JF("m_user") = user1
JFScore = JF("m_score")
JF.update
JF.close
set JF = nothing
if not isNul(user.score) then user.score = clng(user.score) + clng(JFScore)
chkScore
alertMsg "充值成功\n充值金额:"&JFScore&"包包","":last:die""
case "2" : JF.close : set JF = nothing : alertMsg "该卡已使用过","":last:die""
end select
end if
case "WD" : alertMsg "暂未开通无敌卡","":last:die""
case else : alertMsg "卡号错误","":last:die""
end select
End Sub
Sub foot
if style<>"out" then
dim channelTemplatePath : channelTemplatePath = "/"&sitePath&"template/"&defaultTemplate&"/"&templateFileFolder&"/foot.html"
dim templateobj : set templateobj = mainClassobj.createObject("MainClass.template")
templateobj.load channelTemplatePath
with templateObj
.parseTop():.parseFoot():.parseSelf() : .parseGlobal() : .parseMenuList("") :.parseNewsList: .parseVideoList() : .parseTopicList() :.content=replaceCurrentTypeId(.content):.parseIf():.content = replace(.content,"{maxcms:runinfo}",getRunTime()):echo .content
end with
echo "