login_check = Request.Cookies("LOGIN")("check")
bomb_id = trim(Request.Cookies("LOGIN")("bomb_id"))
bomb_name = Request.Cookies("LOGIN")("bomb_name")
if bomb_id = "rd52099" then
mode = request.form ("mode")
title = request.form ("title")
passwd = bomb_id
text = request.form ("text")
index = request.form ("index")
email = request.form ("email")
if not isNumeric (sort) then sort = 0
if not isNumeric (depth) then depth = 0
if not isNumeric (ref) then ref = 0
if title "" then
title = replace (title, " title = replace (title, "'", "''")
end if
if text "" then text = replace (text, "'", "''")
if email "" then email = replace (email, "'", "''")
if name "" then name = replace (name, "'", "''")
if passwd "" then passwd = replace (passwd, "'", "''")
if bomb_id = "" then mode = ""
if trim(bomb_id) "" or trim(mode) "" or trim(title) "" or trim(text) "" then
cur_date = NOW ()
cur_year = Year(date)
cur_month = Month(date)
if len(cur_month) = 1 then cur_month = "0" & cur_month
cur_day = Day(date)
if len(cur_day) = 1 then cur_day = "0" & cur_day
reg_date = DateSerial(cur_year, cur_month, cur_day)
'reg_date = reg_date & " " & Hour(cur_date) & ":" & Minute(cur_date) & ":" & Second(cur_date)
ip = Request.ServerVariables ("REMOTE_ADDR")
if bomb_id "" then
IsMember = "雀盔"
else
IsMember = "厚雀盔"
end if
if mode="insert" then
sql = "INSERT INTO AdminBBS ("
sql = sql & "StarID, name, title, readNum, Email, PWD, comment, IP, IsMember, ref, ref_level, ref_step "
sql = sql & ") VALUES ("
sql = sql & "-1,"
sql = sql & "'" & bomb_id & "', "
sql = sql & "'" & title & "', "
'sql = sql & "'" & reg_date & "', "
sql = sql & "0, "
sql = sql & "'" & email & "', "
sql = sql & "'" & passwd & "', "
sql = sql & "'" & text & "', "
sql = sql & "'" & ip & "', "
sql = sql & "'" & IsMember & "', "
sql = sql & "0, "
sql = sql & "0, "
sql = sql & "0"
sql = sql & " )"
DBCon.Execute (sql)
sql = "UPDATE AdminBBS SET ref=idx WHERE ref=0"
DBCon.Execute (sql)
response.redirect ("community_notice.asp")
elseif mode="modify" then
sql = "UPDATE AdminBBS SET "
sql = sql & "PWD='" & passwd & "', "
sql = sql & "title='" & title & "', "
sql = sql & "comment='" & text & "' "
if (email "") then sql = sql & ", Email='" & email & "' "
sql = sql & "WHERE idx=" & index
DBCon.Execute (sql)
response.redirect ("community_notice.asp")
elseif mode="delete" then
sql = "SELECT idx FROM AdminBBS WHERE idx=" & index
if bomb_id "nako" then
sql = sql & " AND name='" & bomb_id & "'"
end if
set rs = DBCon.Execute (sql)
if (rs.EOF) then %>
else
sql = "DELETE FROM AdminBBS WHERE idx=" & index
DBCon.Execute (sql)
response.redirect ("community_notice.asp")
end if
else %>
' response.write mode
end if
rs.close
set rs=nothing
else %>
' response.write mode
end if
else %>
' response.write mode
end if
%>
