%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%> <% dim king,action:action=request("action") set king=new kingcms king.head 0,0 select case action case"" king_def case"info" king_info case"pass" king_pass case"msg" king_msg case"pm" king_pm case"report" king_report'举报 case"my" king_my case"photo" king_photo case"nav" king_nav case"favorite" king_favorite'收藏夹另做一个表,并只能收藏100个帖子或文章 case else king.error("system/error") end select king_outhtm set king=nothing 'nav *** *** www.KingCMS.com *** *** sub king_nav() response.expires=0 response.expiresabsolute=now()-1 response.addheader "pragma","no-cache" response.addheader "cache-control","private" response.cachecontrol="no-cache" dim rs,msgcount,outjs if king.id=0 then Il lllIl(""&king.lang("login")&"-"&king.lang("reg")&"-"&king.lang("common/search")&"") else set rs=conn.execute("select msgid from kingmsg where isview=0 and getusername='"&king.name&"' and getdel=0;") if not rs.eof and not rs.bof then Il lllIl("
") Il"var val=1;"&vbcrlf Il"function wait(){"&vbcrlf Il"if(val==1){setTimeout(""wait()"","&king_msgtime&"000);val--;}"&vbcrlf Il"else{document.getElementById('popmsg').style.display='none';}}"&vbcrlf Il"onLoad=wait();" msgcount=ubound(rs.getrows(),2)+1 else msgcount=0 end if set rs=nothing outjs=""&king.name&"-"&king.lang("common/search")&"-"&king.lang("user/reinfo")&"-"&king.lang("user/repass")&"-" if cdbl(msgcount)>0 then outjs=outjs&""&king.lang("msg")&"["&msgcount&"]" else outjs=outjs&""&king.lang("msg")&"" end if outjs=outjs&"-"&king.lang("login/logout")&"" Il lllIl(outjs) end if response.end end sub 'def *** *** www.KingCMS.com *** *** sub king_def() dim userid:userid=l1ll("userid",2) dim username:username=l1ll("username",0) '过滤掉所有的特殊符号就可以避免注入了. dim chrs:chrs=split(king_chr,",") for i=0 to ubound(chrs) if instr(username,chr(chrs(i)))>0 then king.error("system/error") next dim sql,rs,data,insql,ims,i,userim,xmlim,imtext ims=split("qq,icq,msn,yahoo,talk,popo,uc,skype,aim,taobao",",")'10 if king.id=0 then king.error("login/level") sql="userid,username,joindate,isusermail,usermail,usersign,userintro,usertitle,usersex,userskill,userfrom,userclass,usermark,userprestige,counttopic"'14 sql=sql&",counttopicbest,counttopicdel,userphoto,userwidth,userheight,userim,lastlogin,lastpostdate,onlinetime,userlogins,userviews,userbirthday,usersite"'27 sql=sql&",zname,ztel,zmobile,zfax,zpost,znation,zaddress,zaddressexp,zteltime,zuserinfo, userquestion,userlogins,userviews"'40 if II11(userid,2) then insql=" userid="&userid elseif cstr(username)<>"" then insql=" username='"&username&"'" else insql=" userid="&king.id end if if cstr(userid)="" then userid=0 set rs=conn.execute("select top 1 "&sql&" from kinguser where userdel=0 and userlock=0 and "&insql&";") if not rs.eof and not rs.bof then data=rs.getrows() if len(data(20,0))>0 then else for i=0 to ubound(ims) imtext=imtext&"<"&ims(i)&">"&ims(i)&">" next data(20,0)="会员名 | "&data(1,0) if not king.id=data(0,0) then ol=ol&" [发信]" end if ol=ol&" |
---|---|
UID | "&data(0,0)&" |
在线时间 | "
while (oltime>=k)
olevel=olevel+1
k=k+(olevel+2)*king_rank
' ol=ol&"k="&k&"|level:"&olevel&" " wend ol=ol&" "
for i=1 to int(olevel/16)
ol=ol&""
next
for i=1 to int((olevel mod 16)/4)
ol=ol&""
next
for i=1 to (olevel mod 4)
ol=ol&""
next
ol=ol&" 总计在线 "&formatnumber(oltime,1,true)&" 小时 剩余升级时间 "&formatnumber(k-oltime,1,true)&" 小时"
ol=ol&" |
用户组 | "&king.grade(data(11,0),data(12,0),0)&" "&king.grade(data(11,0),data(12,0),1)&" |
积分 | "&data(12,0)&" |
威望 | "&data(13,0)&" |
发帖数 | "&data(14,0)&" |
平均每日发帖 | "&formatnumber(data(14,0)/(datediff("d",data(2,0),tnow)+1),2,true)&" |
精华贴 | "&data(15,0)&" |
被删除帖子 | "&data(16,0)&" |
登录次数 | "&data(39,0)&" |
被浏览次数 | "&data(40,0)&" [PV] |
注册日期 | "&data(2,0)&" |
上次访问 | "&data(21,0)&" |
最后发表 | "&data(22,0)&" |
性别 | "&king.lang("user/sex/sex"&data(8,0))&" |
头衔 | "&htmlencode(data(7,0))&" |
来自 | "&htmlencode(data(10,0))&" |
特长 | "&htmlencode(data(9,0))&" |
头像 | |
签名 | "&king.ubbencode(data(5,0),1,1,false)&" |
个人简介 | "&htmlencode(data(6,0))&" |
网站 | "&htmlencode(data(27,0))&" |
" if cstr(data(3,0))="1" then if len(data(4,0))>0 then ol=ol&replace(data(4,0),"@","") end if else ol=ol&"不公开" end if ol=ol&" | |
"&king.lang("user/im/"&ims(i))&" | "&replace(userim,"@","")&" |
"&king.lang("user/im/"&ims(i))&" | "&userim&" |
真实姓名 | "&htmlencode(data(28,0))&" |
---|---|
生日 | "&htmlencode(data(26,0))&" |
移动电话 | "&htmlencode(data(30,0))&" |
固定电话 | "&htmlencode(data(29,0))&" |
打电话的最佳时间 | "&king.lang("user/ztel/z"&data(36,0))&" |
传真 | "&htmlencode(data(31,0))&" |
国家 | "&htmlencode(data(33,0))&" |
通信住址 | "&htmlencode(data(34,0))&" |
通信住址(扩展) | "&htmlencode(data(35,0))&" |
邮编 | "&htmlencode(data(32,0))&" |
备注 | "&htmlencode(data(37,0))&" |
提问 | "&king.lang("user/question/q"&data(38,0))&" |
---|---|
回答 | ****** |
没有短信息 |
Icon | Type | 主题 | 回/看 | 更新时间 | 最后回复 |
---|---|---|---|---|---|
" ol=ol&" | " if cstr(king.data(11,i))<>"0" then ol=ol&"" end if ol=ol&" | " ol=ol&""'主题 ol=ol&"["&king.data(9,i)&"]" if ll11("0,1",data(3,0)) then '静态页面下的连接 ol=ol&"" else ol=ol&"" end if if cstr(king.data(2,i))="1" then'是否有最新回复 ol=ol&""&king.lefte(king.data(1,i),30)&"" else ol=ol&king.lefte(king.data(1,i),30) end if ol=ol&"" ol=ol&lllllI(king.inst&data(0,0)&"/"&III11(king.data(12,i))&"/"&king.data(0,i),king.data(3,i),pagenumber,data(3,0)) if datediff("h",king.data(12,i),tnow)<=8 then ol=ol&" " end if ol=ol&" | " ol=ol&""&king.data(3,i)&"/"&king.data(4,i)&" | "'回/看 ol=ol&""&king.date(king.data(5,i))&" | "'更新时间 ol=ol&""&king.data(6,i)&" | "'最后回复 ol=ol&"
我还没发表任何主题贴 |