Using ASP to build website forum DIY-4

3, the construction article publish part
The article publishing module has only two pages, one is the submit.asp used to provide the input form, and the other is the subresult.asp for processing form input. The front page is very simple, basically is an HTML form, there is nothing to talk about, the following look at the contents of the subresult.asp:
html>
head>
title> published an article on/title>
"Meta http-equiv=" Content-type "content=" text/html; charset=gb2312 ">
/head>
Body bgcolor= "#FFFFFF"
%
Author=request ("author")
Password=request ("password")
Topicid=request ("TopicID")
Boardid=request ("Boardid")
Content=request ("content")
Title=request ("title")
Note: This section takes out the table submitted in submit.asp but the contents are placed in the corresponding variable.
html>
head>
title> published an article on/title>
"Meta http-equiv=" Content-type "content=" text/html; charset=gb2312 ">
/head>
Body bgcolor= "#FFFFFF"
%
Author=request ("author")
Password=request ("password")
Topicid=request ("TopicID")
Boardid=request ("Boardid")
Content=request ("content")
Title=request ("title")
(1) query whether the author already exists
Cmd.commandtext = "SELECT * from author table where id= '" & Author & "'"
Set rs = cmd. Execute ()
(2) Check permissions
Cmd.commandtext = "SELECT * from author table where id= '" & Author & "'"
Set rs = cmd. Execute ()
Note: This section is for the author's permission to check, for the account does not exist or password error to make the appropriate error handling. Here you can see the usage of Response.End, which is used to end the current ASP script. Combined with an If statement, you can handle the expected errors in the program. In a good Web application, error handling is essential.
(3) Change the single quotation mark in the data to two single quotes and enclose the single quotation mark before and after
Function sqlstr (data)
Sqlstr = "'" & Replace (data, "'", "" ") &" "
End Function
' Write to the database
sql = "Insert into content table (Kanban ID, subject ID, author ID, title, content) Values ("
sql = SQL & Sqlstr (topicid) & ","
sql = SQL & Sqlstr (boardid) & ","
sql = SQL & Sqlstr (author) & ","
sql = SQL & Sqlstr (title) & ","
sql = SQL & SQLSTR (content) & ")"
Conn. Execute SQL
%>
The h2> article has been sent to the database, and when the /body>
/html>
Here, the article has been saved in the database. However, it can not be immediately displayed, but also need to be approved by the moderator to do. Next, take a look at the content of the Management section of the Forum.
4, the Forum Management Section
This is the heart of our forum, but it is nothing special to realize. Or those old things: Form processing, database query, in the use of ASP to their organic combination. When entering the article review mode (referred to the Board processing), the most important content, should be the identity of the moderator to verify. below to see moderator landing page:
%boardid=request ("Boardid")%>
(Note: The Boardid is passed through the connection to this page and is the ID of the kanban to be handled by the board.) It is through it to know that the board is dealing with the board. ）
Set conn = erver. CreateObject ("ADODB.") Connection ")
Conn. Open "Driver={microsoft accessdriver (*.mdb)};d bq=" & Server.MapPath ("Bbssystem.mdb")
Set cmd = Server.CreateObject ("Adodb.command")
Set cmd. ActiveConnection = conn
Cmd.commandtext = "board Master password Query"
ReDim param (0)
Param (0) = CLng (Boardid)//NOTE: CLng can not be ignored
Set rs = cmd. Execute (, param)
Boardmanager=rs ("board Master")
Set cmd=nothing
%>
html>
head>
title>untitled document</title>
"Meta http-equiv=" Content-type "content=" text/html; charset=gb2312 ">
/head>
Body bgcolor= "#FFFFFF"
p> only the%=boardmanager%> can enter this place. </p>
Please enter a p> password and, in order to remain authenticated, open your browser's cookies. </p>
Form method= "POST" action= "managerloginrest.asp"
Input type= "password" name= "password"
[Input Type= "hidden" name= "Boardid" value=<%=boardid%>>
Input type= "Submit" name= "Submit" value= "OK"
/form>
Note: This page is only used for landing, it gets the password entered by the moderator, and can not be validated, but the validation of the work on the next page. In fact, the work of password input and validation can be done in one page, but the structure of the program code is a bit cumbersome.
/body>
/html>
%
Set rs=nothing
Conn.close
Set conn=nothing
%>
Now get the moderator ID and entered the password, the following is the work of validation managerloginrest.asp, it accepts the above file form content, and related processing:
% Response.buffer=true%>
Note: Set the buffer to allow use. In general, this should be added to the header of each ASP page, which can improve the performance of ASP pages. After opening the buffer, there are some special usages in the ASP, which are mentioned later.
Boardid=request ("Boardid")
Password=request ("password")
Set conn = Server.CreateObject ("ADODB. Connection ")
Conn. Open "Driver={microsoft accessdriver (*.mdb)};d bq=" & Server.MapPath ("Bbssystem.mdb")
Set cmd = Server.CreateObject ("Adodb.command")
Set cmd. ActiveConnection = conn
Cmd.commandtext = "board Master password Query"
ReDim param (0) ' statement
Param (0) = CLng (Boardid)//NOTE: CLng can not be ignored
Set rs = cmd. Execute (, param)
Boardmanager=rs ("board Master")
If password< > RS ("password") then%>
html>
head>
title> Authentication,/title>
"Meta http-equiv=" Content-type "content=" text/html; charset=gb2312 ">
/head>
Body bgcolor= "#FFFFFF"
Bad password
/body>
/html>
%
Else
Session ("Beenthere") =boarded
Note: Use session to maintain authentication to moderators, which requires that the cookie for the client browser be opened. Because the session is implemented through cookies. Here, the Kanban ID is assigned to the session variable Beenthere, indicating that the moderator master has passed the authentication. In each subsequent version of the page, check to see if the Beenthere and the corresponding version ID match.
Url= "boardmanager.asp?boardid=" & Boardid
Response.Redirect URL