<% Option Explicit %> <% Dim DBC,conn ClassID=request.QueryString("ClassID") Set DBC = new databaseclass Set Conn = DBC.openconnection() Dim I,RsConfigObj Set RsConfigObj = Conn.Execute("Select SiteName,UserConfer,Copyright,isEmail,isChange,IsShop from FS_Config") Set DBC = Nothing %> <% If Request.Form("action")="add" then If Replace(Replace(Replace(request.form("Title"),"'",""),"\",""),"/","")="" or request.form("Content")="" then Response.Write("") Response.End End if If Replace(Replace(Replace(request.form("Author"),"'",""),"\",""),"/","")="" or request.form("Content")="" then Response.Write("") Response.End End if Dim Rs,Sql1,ClassID Set Rs = server.createobject(G_FS_RS) Sql1 = "select * from FS_Contribution where 1=0" Rs.open sql1,conn,1,3 Rs.addnew Rs("ContID") = GetRandomID18() Rs("Title")=NoCSSHackInput(Replace(Replace(Replace(request.form("Title"),"'",""),"\",""),"/","")) If Replace(request.form("SubTitle"),"'","")<>"" then Rs("SubTitle")=NoCSSHackInput(Replace(request.form("SubTitle"),"'","")) End if Rs("Content")=NoCSSHackContent(Request.Form("Content")) Rs("AddTime")=Now() Rs("KeyWords")=NoCSSHackInput(Replace(request.form("KeyWords"),"'","")) Rs("Author")=NoCSSHackInput(Replace(Request.Form("Author"),"'","")) Rs("ClassID")=NoCSSHackInput(Cstr(Request.Form("ClassID"))) Rs.update Conn.execute("update FS_members set ConNum=ConNum+1 where MemName='"&Replace(Replace(Request.Form("Author"),"""",""),"'","")&"'") Response.Write("") Response.End Rs.close() Set rs=nothing End If Dim NewsContent NewsContent = Replace(Replace(Request.Form("Content"),"""","%22"),"'","%27") %> 兰州天瑞软件销售服务有限公司
 
 
网站首页 公司简介 新闻动态 产品中心 下载中心 成功案例 服务客户 在线咨询 联系我们
联系人
联系电话
         电子邮箱
兰州天瑞软件销售服务有限公司 版权所有 copyright © 2010
地址:兰州市城关区东岗东路525号(地堪局机关服务中心三楼)
联系电话:0931-8877463 13993189254 15009319525 传真:0931-8877463