searchfunction.asp
上传用户:rblchem
上传日期:2022-04-27
资源大小:1941k
文件大小:13k
- <%
- Function SearchSelectCate(cateid1,cateid2,Action)
- If Action="SaveEditSetting" then
- If cstr(cateid1)=cstr(cateid2) then
- SearchSelectCate="selected"
- else
- SearchSelectCate=""
- End if
- Else
- SearchSelectCate=""
- End if
- End Function
- Function SearchSelectChecked(radio1,radio2,Action)
- If Action="SaveEditSetting" then
- If cstr(radio1)=cstr(radio2) then
- SearchSelectChecked="checked=""checked"""
- else
- SearchSelectChecked=""
- End if
- Else
- SearchSelectChecked=""
- End if
- End Function
- Function CheckNumeric(Byval CHECK_ID)
- If CHECK_ID<>"" and IsNumeric(CHECK_ID) Then _
- CHECK_ID = cCur(CHECK_ID) _
- Else _
- CHECK_ID = 0
- CheckNumeric = CHECK_ID
- End Function
- %>
- <%
- Sub SearchTable(searchtype,Action)
- %>
- <tr>
- <td height="26">标题包含</td>
- <td colspan=5><input name="s_title" type=text id="s_title" size=45 value="<%=OutPutSearchValue(searchtype,"s_title")%>"</td>
- </tr>
- <tr>
- <td height="28">分类为</td>
- <td colspan=5>
- <select name="s_cate" size=1 id="s_cate">
- <option value=0 <%=SearchSelectCate(0,OutPutSearchValue(searchtype,"s_cate"),Action)%>>任意</option>
- <%
- Set conn=ConnectDB()
- set RS=conn.execute("SELECT * FROM [Category]")
- WHILE NOT RS.EOF%>
- <option value="<%=RS("Category_ID")%>" <%=SearchSelectCate(RS("Category_ID"),OutPutSearchValue(searchtype,"s_cate"),Action)%>><%=RS("Category_Name")%></option><%
- RS.MOVENEXT
- WEND
- RS.CLOSE
- SET RS=NOTHING
- closedb(conn)
- %>
- </select>
- </td>
- </tr>
- <tr>
- <td height="26">作者包含</td>
- <td colspan=5><input name="s_author" type=text id="s_author" size=45 value="<%=OutPutSearchValue(searchtype,"s_author")%>"></td>
- </tr>
- <tr>
- <td rowspan="5">时间段</td>
- <td height="22" colspan=5><input name="radiobutton" type="radio" value="1" <%=SearchSelectChecked(1,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
- 任意</td>
- </tr>
- <tr>
- <td height="26" colspan=5><input name="radiobutton" type="radio" value="2" <%=SearchSelectChecked(2,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
- 小于
- <input name="s_timex" type="text" id="s_timex" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_timex")%>">
- <input type="button" name="change2" value="选择" onclick="show_cele_date(change2,'','',s_timex)">
-
- </td>
- </tr>
- <tr>
- <td height="26" colspan=5><input name="radiobutton" type="radio" value="3" <%=SearchSelectChecked(3,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
- 大于
- <input name="s_timed" type="text" id="s_timed" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_timed")%>">
- <input type="button" name="change3" value="选择" onclick="show_cele_date(change3,'','',s_timed)"></td>
- </tr>
- <tr>
- <td height="26" colspan=5><input name="radiobutton" type="radio" value="4" <%=SearchSelectChecked(4,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
- <input name="s_time1" type="text" id="s_time1" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_time1")%>">
- <input type="button" name="change4" value="选择" onclick="show_cele_date(change4,'','',s_time1)">
- 与
- <input name="s_time2" type="text" id="s_time2" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_time2")%>">
- <input type="button" name="change5" value="选择" onclick="show_cele_date(change5,'','',s_time2)">
- 之间</td>
- </tr>
- <tr>
- <td height="26" colspan=5><input name="radiobutton" type="radio" value="5" <%=SearchSelectChecked(5,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>天数限制:<INPUT TYPE="text" NAME="Sdate" value="<%=OutPutSearchValue(searchtype,"Sdate")%>" size="3">(获取多少天内条目,1为当天。若为空则日期不限,建议为空。)</td>
- </tr>
- <tr>
- <td height="34"><u>URL(link)包含:</u><br />
- 日志内容所在地(唯一标识)</td>
- <td colspan=5><input name="s_url" type=text id="s_url" size=45 value="<%=OutPutSearchValue(searchtype,"s_url")%>"></td>
- </tr>
- <tr>
- <td height="26"><u>网站地址(site)包含:</u><br />
- 隶属于哪个总站<br /></td>
- <td colspan=5><input name="s_site" type=text id="s_site" size=45 value="<%=OutPutSearchValue(searchtype,"s_site")%>"></td>
- </tr>
- <tr>
- <td height="26">描述包含</td>
- <td colspan=5><input name="s_description" type=text id="s_description" size=45 value="<%=OutPutSearchValue(searchtype,"s_description")%>"/></td>
- </tr>
- <%if searchtype<>1 and searchtype<>2 then%>
- <tr>
- <td height="26">
- 每页显示
- </td>
- <td colspan=5><input name="maxperpage" type="text" id="maxperpage" size="20" value="<%=OutPutSearchValue(searchtype,"maxperpage")%>"/>
- 条</td>
- </tr>
- <%end if%>
- <tr>
- <td height="28">排序按照</td>
- <td colspan=5><select name="OrderBy">
- <option value="pubdate" <%=SearchSelectCate("pubdate",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>发布时间</option>
- <option value="author" <%=SearchSelectCate("author",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>作者</option>
- <option value="title" <%=SearchSelectCate("title",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>标题</option>
- <option value="Category_id" <%=SearchSelectCate("Category_id",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>分类</option>
- <option value="site" <%=SearchSelectCate("site",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>站点(site)</option>
- <option value="link" <%=SearchSelectCate("link",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>URL(link)</option>
- <option value="description" <%=SearchSelectCate("description",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>描述</option>
- </select>
- <select name="DescAsc">
- <option value="desc" <%=SearchSelectCate("desc",OutPutSearchValue(searchtype,"DescAsc"),Action)%>>降序</option>
- <option value="Asc" <%=SearchSelectCate("Asc",OutPutSearchValue(searchtype,"DescAsc"),Action)%>>升序</option>
- </select></td>
- </tr>
- <tr>
- <td height="28"><U>取多少条:</U></td>
- <td colspan=5>显示<INPUT TYPE="text" NAME="Total" size="3" value="<%=OutPutSearchValue(searchtype,"Total")%>">条记录。(为空就是取所有记录)
- </td>
- </tr>
- <%
- End Sub
- Public NewsSql
- Sub SearchRequestAction
- If validate_string(Lcase(Request.QueryString))=False then
- response.write "Don't try to hack."
- Response.end
- End If
- Sqlstr=""
- If trim(Request("s_title")) <> "" Then
- s_title=CStr(Replace(Request("s_title"),chr(39),chr(39)&chr(39)))
- If Sqlstr = "" Then
- Sqlstr = " Article.title LIKE '%" & s_title & "%'"
- Else
- Sqlstr = Sqlstr & " AND Article.title LIKE '%" & s_title & "%'"
- End If
- End If
- If trim(Request("s_author")) <> "" Then
- s_author=CStr(Replace(Request("s_author"),chr(39),chr(39)&chr(39)))
- If Sqlstr = "" Then
- Sqlstr = " author LIKE '%" & s_author & "%'"
- Else
- Sqlstr = Sqlstr & " AND author LIKE '%" & s_author & "%'"
- End If
- End If
- If trim(URLDecode(Request("s_url"))) <> "" Then
- s_url=CStr(Replace(URLDecode(Request("s_url")),chr(39),chr(39)&chr(39)))
- If Sqlstr = "" Then
- Sqlstr = " link LIKE '%" & s_url & "%'"
- Else
- Sqlstr = Sqlstr & " AND link LIKE '%" & s_url & "%'"
- End If
- End If
- If trim(URLDecode(Request("s_site"))) <> "" Then
- s_site=CStr(Replace(URLDecode(Request("s_site")),chr(39),chr(39)&chr(39)))
- If Sqlstr = "" Then
- Sqlstr = " site LIKE '%" & s_site & "%'"
- Else
- Sqlstr = Sqlstr & " AND site LIKE '%" & s_site & "%'"
- End If
- End If
- If trim(Request("s_description")) <> "" Then
- s_description=CStr(Replace(Request("s_description"),chr(39),chr(39)&chr(39)))
- If Sqlstr = "" Then
- Sqlstr = " Article.description LIKE '%" & URLDecode(s_description) & "%'"
- Else
- Sqlstr = Sqlstr & " AND Article.description LIKE '%" & URLDecode(s_description) & "%'"
- End If
- End If
- If isempty(Request("s_cate")) then
- s_cate=0
- else
- If trim(Request("s_cate"))="" then
- s_cate=0
- else
- s_cate=Request("s_cate")
- end if
- end if
- call CheckParameter(s_cate,"int",0)
- If s_cate<>0 Then
- If Sqlstr = "" Then
- Sqlstr = " Article.Category_id =" & s_cate & " "
- Else
- Sqlstr = Sqlstr & " AND Article.Category_id =" & s_cate & " "
- End If
- End If
- If isempty(Request("OrderBy")) then
- OrderBy="pubdate"
- DescASC="desc"
- else
- If trim(Request("OrderBy"))="" then
- OrderBy="pubdate"
- DescASC="desc"
- else
- OrderBy=Request("OrderBy")
- DescAsc=Request("DescAsc")
- end if
- end if
- OrderBy=CStr(Replace(OrderBy,chr(39),chr(39)&chr(39)))
- DescAsc=CStr(Replace(DescAsc,chr(39),chr(39)&chr(39)))
- DIM News_Total
- News_Total = Request("Total")
- call CheckParameter(News_Total,"int",0)
- If cint(News_Total)<=0 Then
- News_Total=""
- Else
- News_Total=" TOP "&CSTR(News_Total)&" "
- End If
- If not isempty("radiobutton") then
- if request("radiobutton")<>"" then
- call CheckParameter(request("radiobutton"),"int",1)
- If request("radiobutton")<>1 Then
- If request("radiobutton")=2 then
- If Sqlstr = "" Then
- Sqlstr = " [pubdate] < #"&request("s_timex")&"# "
- Else
- Sqlstr = Sqlstr & " AND [pubdate] < #" & request("s_timex") & "# "
- End If
- End if'If request("radiobutton")=2
- If request("radiobutton")=3 then
- If Sqlstr = "" Then
- Sqlstr = " [pubdate] > #"&request("s_timed")&"# "
- Else
- Sqlstr = Sqlstr & " AND [pubdate] > #" & request("s_timed") & "# "
- End If
- End if'If request("radiobutton")=3
- If request("radiobutton")=4 then
- If Sqlstr = "" Then
- Sqlstr = " [pubdate] > #"&request("s_time1")&"# and [pubdate] < #"&request("s_time2")&"# "
- Else
- Sqlstr = Sqlstr & " AND [pubdate] > #"&request("s_time1")&"# and [pubdate] < #"&request("s_time2")&"# "
- End If
- End if'If request("radiobutton")=4
- If request("radiobutton")=5 then
- Sdate=CheckNumeric(Request("Sdate"))
- If Sqlstr = "" Then
- If Sdate>0 Then
- If IsSqlDataBase=1 Then
- Sqlstr = " Datediff(day,pubdate,'"&SqlNowString&"') < " & Sdate
- Else
- Sqlstr = " Datediff('d',pubdate,'"&SqlNowString&"') < " & Sdate
- End If
- End If
- Else
- If Sdate>0 Then
- If IsSqlDataBase=1 Then
- Sqlstr = Sqlstr & " AND Datediff(day,pubdate,'"&SqlNowString&"') < " & Sdate
- Else
- Sqlstr = Sqlstr & " AND Datediff('d',pubdate,'"&SqlNowString&"') < " & Sdate
- End If
- End If
- End If
- End if'If request("radiobutton")=5
- End If'If request("radiobutton")<>1 Then
- end if'if request("radiobutton")<>"" then
- end if'If not isempty(radiobutton) then
- If trim(request("delsql"))<>"" then
- if Sqlstr<>"" then
- conn.execute("DELETE * FROM [Article] WHERE " & Sqlstr &" ")
- response.write "删除成功"
- response.end
- else
- conn.execute("DELETE * FROM [Article]")
- response.write "删除成功"
- response.end
- end if
- else
- if OrderBy="title" then OrderBy="Article.title"
- if OrderBy="description" then OrderBy="Article.description"
- if OrderBy="Category_id" then OrderBy="Article.Category_id"
- if Sqlstr<>"" then
- sql="SELECT "& News_Total &" * FROM (([Article] INNER JOIN [LinkXML] ON Article.xmlid=LinkXML.id)INNER JOIN [Category] ON Article.Category_id = Category.Category_id) WHERE " & Sqlstr & " order by " & OrderBy &" "& DescASC
- else
- sql="SELECT "& News_Total &" * FROM (([Article] INNER JOIN [LinkXML] ON Article.xmlid=LinkXML.id)INNER JOIN [Category] ON Article.Category_id = Category.Category_id) order by "& OrderBy &" "& DescASC
- end if
- end if
- NewsSql = sql
- End Sub
- %>
- <%
- Function OutPutSearchValue(searchtype,default)
- if searchtype=1 then
- OutPutSearchValue=Node.getAttribute(default)
- elseif searchtype=0 and default="maxperpage" then
- OutPutSearchValue="20"
- end if
- end Function
- Function URLDecode(enStr)
- dim deStr
- dim c,i,v
- deStr=""
- for i=1 to len(enStr)
- c=Mid(enStr,i,1)
- if c="%" then
- v=eval("&h"+Mid(enStr,i+1,2))
- if v<128 then
- deStr=deStr&chr(v)
- i=i+2
- else
- if isvalidhex(mid(enstr,i,3)) then
- if isvalidhex(mid(enstr,i+3,3)) then
- v=eval("&h"+Mid(enStr,i+1,2)+Mid(enStr,i+4,2))
- deStr=deStr&chr(v)
- i=i+5
- else
- v=eval("&h"+Mid(enStr,i+1,2)+cstr(hex(asc(Mid(enStr,i+3,1)))))
- deStr=deStr&chr(v)
- i=i+3
- end if
- else
- destr=destr&c
- end if
- end if
- else
- if c="+" then
- deStr=deStr&" "
- else
- deStr=deStr&c
- end if
- end if
- next
- URLDecode=deStr
- end function
- function isvalidhex(str)
- isvalidhex=true
- str=ucase(str)
- if len(str)<>3 then isvalidhex=false:exit function
- if left(str,1)<>"%" then isvalidhex=false:exit function
- c=mid(str,2,1)
- if not (((c>="0") and (c<="9")) or ((c>="A") and (c<="Z"))) then isvalidhex=false:exit function
- c=mid(str,3,1)
- if not (((c>="0") and (c<="9")) or ((c>="A") and (c<="Z"))) then isvalidhex=false:exit function
- end function
- function validate_string(input)
- known_bad=array("select","insert","update","delete","drop","—","'",";","#")
- validate_string=true
- for i=lbound(known_bad) to ubound(known_bad)
- if(instr(1,input,known_bad(i),vbtextcompare)<>0) then
- validate_string=false
- exit function
- end if
- next
- end function
- %>