!--#include file="../conn/dbconn1.asp"--
!--#include file="../inc/safe.asp"--
%
content=Replace_Text(request.Form("content"))
content=replace(content,"","[")
content=replace(content,"","]")
newsid=Replace_Text(request.Form("newsid"))
ip=request.Form("ip")
rname=Replace_Text(request.Form("rname"))
rname=replace(rname,"","[")
rname=replace(rname,"","]")
'username=Replace_Text(request.Form("username"))
'username=replace(username,"","[")
'username=replace(username,"","]")
'处理发表内容是脏话
set rs=server.CreateObject("adodb.recordset")
sql="select * from badword"
rs.open sql,conn,3,3
if rs.eof then
response.Write("mei ziliao!")
else
on error resume next
do while not rs.bof and not rs.eof
content=replace(content,rs.fields("word").value,"**")
rname=replace(rname,rs.fields("word").value,"**")
rs.movenext
loop
end if
rs.close
set rs=nothing
''''''''''''''''''''''''''''''
set rs=server.CreateObject("ADODB.RecordSet")
sql="select * from pl"
rs.open sql,conn,3,3
rs.addnew
rs("content")=content
rs("newsid")=newsid
rs("ip")=ip
rs("rname")=rname
rs("username")=username
rs.update
rs.close
%
%
set rsn=server.CreateObject("adodb.recordset")
sqln="select newsid,plnum,plbz from news where newsid="&newsid&""
rsn.open sqln,conn,1,3
rsn("plnum")=rsn("plnum")+1
rsn("plbz")=1
rsn.update
rsn.close
%
script
alert("成功发布!")
parent.location.href="shownews.asp?newsid=%=newsid%"
/script
