程序
<!--#include file="../conn/dbconn1.asp"-->
<!--#include file="../inc/safe.asp"-->
<%
content=Replace_Text(request.Form("content"))
content=replace(content,"<","[")
content=replace(content,">","]")
newsid=Replace_Text(request.Form("newsid"))
ip=request.Form("ip")
rname=Replace_Text(request.Form("rname"))
rname=replace(rname,"<","[")
rname=replace(rname,">","]")
'username=Replace_Text(request.Form("username"))
'username=replace(username,"<","[")
'username=replace(username,">","]")
'处理发表内容是脏话
set rs=server.CreateObject("adodb.recordset")
sql="select * from badword"
rs.open sql,conn,3,3
if rs.eof then
response.Write("mei ziliao!")
else
on error resume next
do while not rs.bof and not rs.eof
content=replace(content,rs.fields("word").value,"**")
rname=replace(rname,rs.fields("word").value,"**")
rs.movenext
loop
end if
rs.close
set rs=nothing
''''''''''''''''''''''''''''''
set rs=server.CreateObject("ADODB.RecordSet")
sql="select * from pl"
rs.open sql,conn,3,3
rs.addnew
rs("content")=content
rs("newsid")=newsid
rs("ip")=ip
rs("rname")=rname
rs("username")=username
rs.update
rs.close
%>
<%
set rsn=server.CreateObject("adodb.recordset")
sqln="select newsid,plnum,plbz from news where newsid="&newsid&""
rsn.open sqln,conn,1,3
rsn("plnum")=rsn("plnum")+1
rsn("plbz")=1
rsn.update
rsn.close
%>
<script>
alert("成功发布!")
parent.location.href="shownews.asp?newsid=<%=newsid%>"
</script>