标题:[求助]asp点歌插件无法多用户发送且判断语句不正常执行
只看楼主
thbwn
Rank: 1
等 级:新手上路
帖 子:235
专家分:0
注 册:2007-10-2
结帖率:80%
 问题点数:0 回复次数:0 
[求助]asp点歌插件无法多用户发送且判断语句不正常执行
以下代码大致有如下问题:
1、此页有文件格式设置,如mp3等,但事实是不管用,格式不对也能发送成功;
2、多用户发送点歌祝福不成功,只为所填第一个会员成功发送。
3、超过5个用户,也不报错,且为所填第一个会员成功发送!

按道理讲,只要有判断不符合设置,都应该通过“success()”调用来显示错误信息,每条信息前都有小圆点且分行显示,但事实上远没达到所要的效果。最主要的是乍看代码,向多用户发送应该行的,但却不能成功,问题应该出在“success()”调用上,请高手帮忙!


<!--#include file="inc.asp"-->
<!--#include file="qq_dgconn.asp"-->
<!--#include file="qq_ClsMain.asp"-->
<%
If Not BBS94KK.Founduser Then BBS94KK.GoToErr(10)
bbs94kk.head("点歌发送")
dim errmsg,isfull,Content
isfull=false        
Content=Content&"<center><table border='0' width='100%' cellpadding=0 cellspacing=0 align=center><tr height='25'><td width='33.3%' align=center><a href=qq_dglistall.asp><b>所有点歌列表</b></a></td><td width='33.3%' align=center><a href=qq_dglistme.asp><b>我的点歌列表</b></a></td><td width='33.3%' align=center><a href=qq_dgwrite.asp><b>我要点歌</b></a></td></tr></table></center><br>"
dim lincept,lcontent,lmedianame,lurl,successmsg

'===================================================
'BY 凌峰 ,修正点歌漏洞.增加JS脚本检测函数和格式检查
'===================================================
    lincept=FilterJS(replace(Request.Form("incept"),"'",""))
    lincept=Trim(lincept)
    lcontent=FilterJS(replace(Request.Form("content"),"'",""))
    lcontent=replace(server.htmlencode(lcontent),chr(13)," ")
    lmedianame=FilterJS(replace(Request.Form("medianame"),"'",""))
    lurl=Trim(Request.Form("url"))
    lurl=FilterJS(replace(lurl,"'","''"))
    If Not CheckExt(lurl) Then
    errmsg=errmsg+"<br>"+"<li>未支持的歌曲格式,请检查歌曲连接!"    
    end if
'=====================================================
    
        if instr(lincept,"全体会员")>0 then
            lincept="全体会员"
            isfull=true
        else
            lincept=split(lincept,"|")
            if ubound(lincept)>=5 then
                errmsg=errmsg+"<br>"+"<li>最多只能发送给5个用户"
        end if
        end if    
    
    
    if len(lmedianame)>20 then '--------------判断名字
        errmsg=errmsg+"<br>"+"<li>歌曲名不能多于20字"
    end if
    if len(lcontent)>50 then '--------------判断名字
        errmsg=errmsg+"<br>"+"<li>祝福语不能多于50字"
    end if
    dim haverr      '是否有不存在的用户
    haverr=false
    call updata()
    call CloseDB()
    call success()
bbs94kk.footer()

'===================================
sub updata()
    dim sql,rs,ii
    if isfull then
            SQL = "INSERT INTO [media] (sender,incept,content,sendtime,medianame,url)VALUES ('"& bbs94kk.myname &"','"& lincept &"','"& lcontent &"',"&dg_NowString&",'"& lmedianame &"','"& lurl &"')"
            connDG.ExeCute(SQL)
            errmsg=""
            call showmessage("点歌祝福已成功发出!<br><li>你向论坛所有的会员发送了点歌祝福<br>","qq_dgwrite.asp")    
    else
        for ii=0 to ubound(lincept)
            sql="select name from [kk_user] where name='"&lincept(ii)&"'"
            set rs=bbs94kk.Execute(Sql)
            if rs.eof and rs.bof then
                errmsg="<li>论坛没有<font color=red>["&lincept(ii)&"]</font>这个用户"
                haverr=true
            else
                rs.close
                sql="select * from [kk_user] where name='"&bbs94kk.myname&"'"
                set rs=bbs94kk.Execute(Sql)
                if rs("coin")<dg_money then  '此处判断使用点歌必须拥有的最低资产标准,可自行修改为你所需要的
                    errmsg="您的社区币已经低于<font color=#FF0000>"&dg_money&"</font>元,不能再点歌了。每点一首歌将花费您<font color=#FF0000>"&dg_money&"</font>元社区币<br>"
                    haverr=true
                else
                    
                    SQL = "INSERT INTO media (sender,incept,content,sendtime,medianame,url)VALUES ('"& bbs94kk.myname &"','"& lincept(ii) &"','"& lcontent &"',"&dg_NowString&",'"& lmedianame &"','"& lurl &"')"
                    connDG.ExeCute(SQL)
                    BBS94KK.Execute"update [kk_user] set coin=coin-'"&dg_money&"' where name='"&bbs94kk.myname&"'"
                    dim sender,title,body
                    sender=bbs94kk.myname
                    title="送给您的祝福"
                    body=""&bbs94kk.myname&" 点了一首歌 "&lmedianame&" 给你!"&chr(10)&"祝福语:"&lcontent&" "&chr(10)&"[B][URL=qq_dglistme.asp]点击这里查看点歌[/URL][/B]"
                    bbs94kk.Execute("update [kk_user] set NewSmsNum=NewSmsNum+1 where name='"&lincept(ii)&"'")
                    sql="insert into [kk_sms] (name,Content,Myname) values('"&sender&"','"&body&"','"&lincept(ii)&"')"
                    bbs94kk.Execute(sql)
                    Call showmessage("<li>点歌祝福已成功发出!系统已向<font color=green>["&lincept(ii)&"]</font>发出短消息通知,并自动扣除您金钱:<font color=#FF0000>"&dg_money&"</font>元!","qq_dgwrite.asp")
                    Session(BBS94KK.CacheName & "MyInfo") = Empty
                    rs.close
                    set rs=nothing
                end if
            end if
        next
    end if
end sub

'=======================================================
'BY 凌峰 ,修正点歌漏洞.增加JS脚本检测函数和格式检查函数
'=======================================================
Function FilterJS(v)
    If  Not Isnull(V) Then
        Dim t
        Dim re
        Dim reContent
        Set re=new RegExp
        re.IgnoreCase =True
        re.Global=True
        re.Pattern="(&#)"
        t=re.Replace(v,"<I>&#</I>")
        re.Pattern="(script)"
        t=re.Replace(t,"<I>script</I>")
        re.Pattern="(js:)"
        t=re.Replace(t,"<I>js:</I>")
        re.Pattern="(value)"
        t=re.Replace(t,"<I>value</I>")
        re.Pattern="(about:)"
        t=re.Replace(t,"<I>about:</I>")
        re.Pattern="(file:)"
        t=re.Replace(t,"<I>file:</I>")
        re.Pattern="(Document.cookie)"
        t=re.Replace(t,"<I>Documents.cookie</I>")
        re.Pattern="(vbs:)"
        t=re.Replace(t,"<I>vbs:</I>")
        re.Pattern="(on(mouse|Exit|error|click|key))"
        t=re.Replace(t,"<I>on$2</I>")
        t = Replace(t,"--","--")
        t = Replace(t,";",";")
        t = Replace(t,",",",")
        t = Replace(t,"(","(")
        t = Replace(t,")",")")
        t = Replace(t,"0x","Ox")
        t = Replace(t,"@","@")
        t = Replace(t,"%","%")
        t = Replace(t,"<","<")
        t = Replace(t,">",">")
        FilterJS=t
        Set Re=Nothing
    End If
End Function

Function CheckExt(Name)
    if Not Isnull(Name) Then
        dim temp
        temp = LCase(Right(Name,4))
        if Instr(temp,"mp3") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"mid") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"avi") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"wav") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"wma") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"swf") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"mpg") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"ram") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"asf") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"ra") <> 0 then
            CheckExt = True
        ElseIf Instr(temp,"rm") <> 0 then
            CheckExt = True
        Else
            CheckExt = False
        End If
    End If
End Function
'====================================================
'函数结束
'===================================================

sub success()
Content=Content&"<table border='0' width='100%' cellpadding=0 cellspacing=0 align=center ><tr><td width='100%'>"
if haverr then
Content=Content&"<ul><b>操作结果:</b><br>"&errmsg&""
Else
Content=Content&"<ul><b>操作结果:</b><br>"&errmsg&""
end if
Content=Content&"</td></tr><tr><td width='100%' align='center'><a href='javascript:history.go(-1)'> << 返回上一页</a></td></tr></table><br>"
Call BBS94KK.ShowTable("点歌发送情况",Content)
end sub
%>


[[it] 本帖最后由 thbwn 于 2008-2-11 14:37 编辑 [/it]]
搜索更多相关主题的帖子: 语句 asp 插件 点歌 用户 
2008-02-11 14:34



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-199703-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 1.271461 second(s), 7 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved