<% sql="select * from bar where city='"&request("city")&"'" Set rs= Server.CreateObject("ADODB.Recordset") rs.open sql,conn,1,2 if rs.eof then error="error" else id=rs("id") city=rs("city") barname=rs("barname") typical=rs("typical") money=rs("money") number=rs("number") add=rs("add") people=rs("people") oicq=rs("oicq") phone=rs("phone") email=rs("email") zip=rs("zip") homepage=rs("homepage") intros=rs("intros") count=rs("count") adddate=rs("date") photo=rs("photo") show=rs("show") yytime=rs("yytime") yymj=rs("yymj") if request.cookies("jynetbar")<>barname then rs("count").value = rs("count").value + 1 rs.Update() end if end if Response.cookies("jynetbar")=barname %> <% '--------定义部份------------------ Dim Fy_Post,Fy_Get,Fy_In,Fy_Inf,Fy_Xh,Fy_db,Fy_dbstr '自定义需要过滤的字串,用 "枫" 分隔 Fy_In = "'枫;枫and枫exec枫insert枫select枫delete枫update枫count枫*枫%枫chr枫mid枫master枫truncate枫char枫declare" '---------------------------------- %> <% Fy_Inf = split(Fy_In,"枫") '--------POST部份------------------ If Request.Form<>"" Then For Each Fy_Post In Request.Form For Fy_Xh=0 To Ubound(Fy_Inf) If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then '--------写入数据库----------头----- Fy_dbstr="DBQ="+server.mappath("../SqlIn.mdb")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};" Set Fy_db=Server.CreateObject("ADODB.CONNECTION") Fy_db.open Fy_dbstr Fy_db.Execute("insert into SqlIn(Sqlin_IP,SqlIn_Web,SqlIn_FS,SqlIn_CS,SqlIn_SJ) values('"&Request.ServerVariables("REMOTE_ADDR")&"','"&Request.ServerVariables("URL")&"','POST','"&Fy_Post&"','"&replace(Request.Form(Fy_Post),"'","''")&"')") Fy_db.close Set Fy_db = Nothing '--------写入数据库----------尾----- Response.Write "" Response.Write "非法操作!系统做了如下记录↓
" Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"
" Response.Write "操作时间:"&Now&"
" Response.Write "操作页面:"&Request.ServerVariables("URL")&"
" Response.Write "提交方式:POST
" Response.Write "提交参数:"&Fy_Post&"
" Response.Write "提交数据:"&Request.Form(Fy_Post) Response.End End If Next Next End If '---------------------------------- '--------GET部份------------------- If Request.QueryString<>"" Then For Each Fy_Get In Request.QueryString For Fy_Xh=0 To Ubound(Fy_Inf) If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then '--------写入数据库----------头----- Fy_dbstr="DBQ="+server.mappath("../SqlIn.mdb")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};" Set Fy_db=Server.CreateObject("ADODB.CONNECTION") Fy_db.open Fy_dbstr Fy_db.Execute("insert into SqlIn(Sqlin_IP,SqlIn_Web,SqlIn_FS,SqlIn_CS,SqlIn_SJ) values('"&Request.ServerVariables("REMOTE_ADDR")&"','"&Request.ServerVariables("URL")&"','GET','"&Fy_Get&"','"&replace(Request.QueryString(Fy_Get),"'","''")&"')") Fy_db.close Set Fy_db = Nothing '--------写入数据库----------尾----- Response.Write "" Response.Write "非法操作!系统做了如下记录↓
" Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"
" Response.Write "操作时间:"&Now&"
" Response.Write "操作页面:"&Request.ServerVariables("URL")&"
" Response.Write "提交方式:GET
" Response.Write "提交参数:"&Fy_Get&"
" Response.Write "提交数据:"&Request.QueryString(Fy_Get) Response.End End If Next Next End If %> <%=rs("city")%>乐队列表-吉他星空
乐队搜索引擎.
地区:
乐队:
   
推荐乐队 Top10
<%sql="select top 10 id,barname,intros,photo,city from bar where show>1 order by id desc" Set Rs=conn.Execute(sql) if not(rs.eof and rs.bof) then i=0 do while not rs.eof %> <% i=i+1 if i>=10 then exit do rs.movenext loop end if rs.close%>
 ·" target="_blank">[<%=rs("city")%>] <%=rs("barname")%>
  乐队名称 乐队性质 联系电话 联系人  
<% sql="select * from bar where city='"&request("city")&"'" Set rs= Server.CreateObject("ADODB.Recordset") rs.open sql,conn,1,1 if not isempty(request("page")) and request("page")<>"" then currentPage=cint(request("page")) else currentPage=1 end if MaxPerPage=200 '###每页显示条数 if not rs.eof then rs.pagesize=MaxPerPage '得到每页数 mpage=rs.pagecount '得到总页数 totalPut=rs.recordcount if currentpage<1 then currentpage=1 end if rs.move (currentPage-1)*MaxPerPage end if if not rs.eof and not rs.bof then i=0 do while not rs.eof %> <%i=i+1 if i>=MaxPerPage then exit do rs.movenext loop end if %>
<%=rs("id")%> " target="_blank"><%=rs("barname")%> <%=rs("typical")%> <%if rs("phone")<>"" then%> <%=rs("phone")%> <%else%> - <%end if%> <%=rs("people")%>
页次:<%=currentPage%>/<%=mpage%> 每页 <%=MaxPerPage%> 乐队总数 <%=rs.recordcount%>  <% pageno=currentPage %> <%if cint(pageno)>1 then%> <%end if%> 9  <%if cint(pageno)>1 then%> title="上一页"> <%end if%> 7 <% pp=cint(pageno)-5 if pp<1 then pp=1 end if for pno=pp to mpage p=p+1 if pno*1=cint(pageno)*1 then %>  [<%=pno%>] <%else%>  >[<%=pno%>] <%end if%> <% if p>=9 then exit for next%> <%if cint(pageno)< mpage then%> title="下一页"> <%end if%> 8  <%if cint(pageno)< mpage then%> <%end if%> :
<% rs.close set rs=nothing conn.close set conn=nothing %>