Function htmlencode(fString)
If not isnull(fString) then
fString = replace(fString, ">", ">")
fString = replace(fString, "<", "<")
fString = Replace(fString, CHR(32), " ")
fString = Replace(fString, CHR(9), " ")
fString = Replace(fString, CHR(34), """) ‘ “
fString = Replace(fString, CHR(39), "'") ‘ ‘
fString = Replace(fString, CHR(13), "")
fString = Replace(fString, CHR(10) & CHR(10), "</p><p> ")
fString = Replace(fString, CHR(10), "<br> ")
htmlencode = fString
End If
End Function
Function uhtmlencode(fString)
If not isnull(fString) then
fString = Replace(fString, " ", CHR(32))
fString = Replace(fString, " ", CHR(9))
fString = Replace(fString, """, CHR(34))
fString = Replace(fString, "'", CHR(39))
fString = Replace(fString, "", CHR(13))
fString = Replace(fString, "</p><p> ", CHR(10) & CHR(10))
fString = Replace(fString, "<br> ", CHR(10))
uhtmlencode = fString
End If
End Function
…….
'提交数据
Books_mingzi=htmlencode(Request.form("mingzi"))
If Books_mingzi="" then Books_mingzi="匿名者" End If
Books_biaoti=htmlencode(Request.form("biaoti"))
Books_neirong=htmlencode(Request.form("neirong"))
……
Set mRs= Server.CreateObject("adodb.recordSet")
mRs.open "Select * from dqe_gustbook", conn, 1, 3
mRs.addnew
mRs("who") = Books_mingzi
mRs("biaoti") = Books_biaoti
mRs("neirong") = Books_neirong
mRs("lanmu") = lanmu
mRs("zhiding") = 0
mRs("shijian") = now()
UserIP = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
If UserIP = "" Then userip = Request.ServerVariables("REMOTE_ADDR")
mRs("ip") = UserIP
mRs.update
mRs.close
Set mRs = nothing
Response.Write "<script>alert('留言添加成功\n\花木兰官网
http://www.77f77.com');this.location.href='"&Url&"';</SCRIPT>" Response.End
