searchfunction.asp
上传用户:rblchem
上传日期:2022-04-27
资源大小:1941k
文件大小:13k
源码类别:

编辑器/阅读器

开发平台:

C#

  1. <%
  2. Function SearchSelectCate(cateid1,cateid2,Action)
  3. If Action="SaveEditSetting" then
  4. If cstr(cateid1)=cstr(cateid2) then
  5. SearchSelectCate="selected"
  6. else
  7.     SearchSelectCate=""
  8. End if
  9. Else
  10. SearchSelectCate=""
  11. End if
  12. End Function
  13. Function SearchSelectChecked(radio1,radio2,Action)
  14. If Action="SaveEditSetting" then
  15. If cstr(radio1)=cstr(radio2) then
  16. SearchSelectChecked="checked=""checked"""
  17. else
  18.     SearchSelectChecked=""
  19. End if
  20. Else
  21. SearchSelectChecked=""
  22. End if
  23. End Function
  24. Function CheckNumeric(Byval CHECK_ID)
  25. If CHECK_ID<>"" and IsNumeric(CHECK_ID) Then _
  26. CHECK_ID = cCur(CHECK_ID) _
  27. Else _
  28. CHECK_ID = 0
  29. CheckNumeric = CHECK_ID
  30. End Function
  31. %>
  32. <%
  33. Sub SearchTable(searchtype,Action)
  34. %>
  35. <tr>
  36. <td height="26">标题包含</td>
  37. <td colspan=5><input name="s_title" type=text id="s_title" size=45 value="<%=OutPutSearchValue(searchtype,"s_title")%>"</td>
  38. </tr>
  39. <tr>
  40. <td height="28">分类为</td>
  41. <td colspan=5>
  42. <select name="s_cate" size=1 id="s_cate">
  43. <option value=0 <%=SearchSelectCate(0,OutPutSearchValue(searchtype,"s_cate"),Action)%>>任意</option>
  44. <%
  45. Set conn=ConnectDB()
  46. set RS=conn.execute("SELECT * FROM [Category]")
  47. WHILE NOT RS.EOF%>
  48. <option value="<%=RS("Category_ID")%>" <%=SearchSelectCate(RS("Category_ID"),OutPutSearchValue(searchtype,"s_cate"),Action)%>><%=RS("Category_Name")%></option><%
  49. RS.MOVENEXT
  50. WEND
  51. RS.CLOSE
  52. SET RS=NOTHING
  53. closedb(conn)
  54. %>
  55. </select>
  56. </td>
  57. </tr>
  58. <tr>
  59. <td height="26">作者包含</td>
  60. <td colspan=5><input name="s_author" type=text id="s_author" size=45 value="<%=OutPutSearchValue(searchtype,"s_author")%>"></td>
  61. </tr>
  62. <tr>
  63.   <td rowspan="5">时间段</td>
  64.   <td height="22" colspan=5><input name="radiobutton" type="radio" value="1" <%=SearchSelectChecked(1,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
  65.     任意</td>
  66. </tr>
  67. <tr>
  68.   <td height="26" colspan=5><input name="radiobutton" type="radio" value="2" <%=SearchSelectChecked(2,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
  69.     小于
  70. <input name="s_timex" type="text" id="s_timex" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_timex")%>">
  71. <input type="button" name="change2" value="选择"  onclick="show_cele_date(change2,'','',s_timex)">
  72.   
  73.   </td>
  74. </tr>
  75. <tr>
  76.   <td height="26" colspan=5><input name="radiobutton" type="radio" value="3" <%=SearchSelectChecked(3,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
  77.     大于
  78. <input name="s_timed" type="text" id="s_timed" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_timed")%>">
  79. <input type="button" name="change3" value="选择"  onclick="show_cele_date(change3,'','',s_timed)"></td>
  80. </tr>
  81. <tr>
  82. <td height="26" colspan=5><input name="radiobutton" type="radio" value="4" <%=SearchSelectChecked(4,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>
  83. <input name="s_time1" type="text" id="s_time1" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_time1")%>">
  84. <input type="button" name="change4" value="选择"  onclick="show_cele_date(change4,'','',s_time1)">
  85.   与 
  86. <input name="s_time2" type="text" id="s_time2" size="26" maxlength="19" value="<%=OutPutSearchValue(searchtype,"s_time2")%>">
  87. <input type="button" name="change5" value="选择"  onclick="show_cele_date(change5,'','',s_time2)">
  88.   之间</td>
  89. </tr>
  90. <tr>
  91. <td height="26" colspan=5><input name="radiobutton" type="radio" value="5" <%=SearchSelectChecked(5,OutPutSearchValue(searchtype,"radiobutton"),Action)%>/>天数限制:<INPUT TYPE="text" NAME="Sdate" value="<%=OutPutSearchValue(searchtype,"Sdate")%>" size="3">(获取多少天内条目,1为当天。若为空则日期不限,建议为空。)</td>
  92. </tr>
  93. <tr>
  94. <td height="34"><u>URL(link)包含:</u><br />
  95.   日志内容所在地(唯一标识)</td>
  96. <td colspan=5><input name="s_url" type=text id="s_url" size=45 value="<%=OutPutSearchValue(searchtype,"s_url")%>"></td>
  97. </tr>
  98. <tr>
  99. <td height="26"><u>网站地址(site)包含:</u><br />
  100.   隶属于哪个总站<br /></td>
  101. <td colspan=5><input name="s_site" type=text id="s_site" size=45 value="<%=OutPutSearchValue(searchtype,"s_site")%>"></td>
  102. </tr>
  103. <tr>
  104.   <td height="26">描述包含</td>
  105.   <td colspan=5><input name="s_description" type=text id="s_description" size=45  value="<%=OutPutSearchValue(searchtype,"s_description")%>"/></td>
  106. </tr>
  107. <%if searchtype<>1 and searchtype<>2 then%>
  108. <tr>
  109.   <td height="26">
  110.   每页显示
  111.   </td>
  112.   <td colspan=5><input name="maxperpage" type="text" id="maxperpage" size="20"  value="<%=OutPutSearchValue(searchtype,"maxperpage")%>"/>
  113. 条</td>
  114. </tr>
  115. <%end if%>
  116. <tr>
  117. <td height="28">排序按照</td>
  118. <td colspan=5><select name="OrderBy">
  119. <option value="pubdate" <%=SearchSelectCate("pubdate",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>发布时间</option>
  120. <option value="author" <%=SearchSelectCate("author",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>作者</option>
  121. <option value="title"  <%=SearchSelectCate("title",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>标题</option>
  122. <option value="Category_id" <%=SearchSelectCate("Category_id",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>分类</option>
  123. <option value="site" <%=SearchSelectCate("site",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>站点(site)</option>
  124. <option value="link"  <%=SearchSelectCate("link",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>URL(link)</option>
  125. <option value="description"  <%=SearchSelectCate("description",OutPutSearchValue(searchtype,"OrderBy"),Action)%>>描述</option>
  126. </select>
  127.   <select name="DescAsc">
  128.     <option value="desc"  <%=SearchSelectCate("desc",OutPutSearchValue(searchtype,"DescAsc"),Action)%>>降序</option>
  129. <option value="Asc"  <%=SearchSelectCate("Asc",OutPutSearchValue(searchtype,"DescAsc"),Action)%>>升序</option>
  130.   </select></td>
  131. </tr>
  132. <tr>
  133. <td height="28"><U>取多少条:</U></td>
  134. <td colspan=5>显示<INPUT TYPE="text" NAME="Total" size="3" value="<%=OutPutSearchValue(searchtype,"Total")%>">条记录。(为空就是取所有记录)
  135. </td>
  136. </tr>
  137. <%
  138. End Sub
  139. Public NewsSql
  140. Sub SearchRequestAction
  141.     If validate_string(Lcase(Request.QueryString))=False then
  142. response.write "Don't try to hack."
  143. Response.end
  144. End If
  145.     Sqlstr=""
  146. If trim(Request("s_title")) <> "" Then
  147.     s_title=CStr(Replace(Request("s_title"),chr(39),chr(39)&chr(39)))
  148. If Sqlstr = "" Then
  149. Sqlstr = " Article.title LIKE '%" & s_title & "%'"
  150. Else
  151. Sqlstr = Sqlstr & " AND Article.title LIKE '%" & s_title & "%'"
  152. End If
  153. End If
  154. If trim(Request("s_author")) <> "" Then
  155. s_author=CStr(Replace(Request("s_author"),chr(39),chr(39)&chr(39)))
  156. If Sqlstr = "" Then
  157. Sqlstr = " author LIKE '%" & s_author & "%'"
  158. Else
  159. Sqlstr = Sqlstr & " AND author LIKE '%" & s_author & "%'"
  160. End If
  161. End If
  162. If trim(URLDecode(Request("s_url"))) <> "" Then
  163.     s_url=CStr(Replace(URLDecode(Request("s_url")),chr(39),chr(39)&chr(39)))
  164. If Sqlstr = "" Then
  165. Sqlstr = " link LIKE '%" & s_url & "%'"
  166. Else
  167. Sqlstr = Sqlstr & " AND link LIKE '%" & s_url & "%'"
  168. End If
  169. End If
  170. If trim(URLDecode(Request("s_site"))) <> "" Then
  171. s_site=CStr(Replace(URLDecode(Request("s_site")),chr(39),chr(39)&chr(39)))
  172. If Sqlstr = "" Then
  173. Sqlstr = " site LIKE '%" & s_site & "%'"
  174. Else
  175. Sqlstr = Sqlstr & " AND site LIKE '%" & s_site & "%'"
  176. End If
  177. End If
  178. If trim(Request("s_description")) <> "" Then
  179. s_description=CStr(Replace(Request("s_description"),chr(39),chr(39)&chr(39)))
  180. If Sqlstr = "" Then
  181. Sqlstr = " Article.description LIKE '%" & URLDecode(s_description) & "%'"
  182. Else
  183. Sqlstr = Sqlstr & " AND Article.description LIKE '%" & URLDecode(s_description) & "%'"
  184. End If
  185. End If
  186. If isempty(Request("s_cate")) then 
  187. s_cate=0
  188. else
  189.        If trim(Request("s_cate"))="" then
  190.         s_cate=0
  191.        else
  192.     s_cate=Request("s_cate")
  193.    end if
  194.     end if
  195.     call CheckParameter(s_cate,"int",0)
  196. If s_cate<>0 Then
  197. If Sqlstr = "" Then
  198. Sqlstr = " Article.Category_id =" & s_cate & " "
  199. Else
  200. Sqlstr = Sqlstr & " AND Article.Category_id =" & s_cate & " "
  201. End If
  202. End If
  203.     If isempty(Request("OrderBy")) then 
  204. OrderBy="pubdate"
  205. DescASC="desc"
  206. else
  207.        If trim(Request("OrderBy"))="" then
  208.         OrderBy="pubdate"
  209.     DescASC="desc"
  210.        else
  211.     OrderBy=Request("OrderBy")
  212. DescAsc=Request("DescAsc")
  213.     end if
  214.   end if
  215. OrderBy=CStr(Replace(OrderBy,chr(39),chr(39)&chr(39)))
  216. DescAsc=CStr(Replace(DescAsc,chr(39),chr(39)&chr(39)))
  217.     DIM News_Total
  218. News_Total = Request("Total")
  219.     call CheckParameter(News_Total,"int",0)
  220. If cint(News_Total)<=0 Then
  221. News_Total=""
  222. Else
  223.     News_Total=" TOP "&CSTR(News_Total)&" "
  224. End If
  225.     If not isempty("radiobutton") then
  226.     if request("radiobutton")<>"" then
  227. call CheckParameter(request("radiobutton"),"int",1)
  228. If request("radiobutton")<>1 Then
  229.    If request("radiobutton")=2 then
  230. If Sqlstr = "" Then
  231. Sqlstr = " [pubdate] < #"&request("s_timex")&"# "
  232. Else
  233. Sqlstr = Sqlstr & " AND [pubdate] < #" & request("s_timex") & "# "
  234. End If
  235. End if'If request("radiobutton")=2
  236. If request("radiobutton")=3 then
  237. If Sqlstr = "" Then
  238. Sqlstr = " [pubdate] > #"&request("s_timed")&"# "
  239. Else
  240. Sqlstr = Sqlstr & " AND [pubdate] > #" & request("s_timed") & "# "
  241. End If
  242. End if'If request("radiobutton")=3
  243. If request("radiobutton")=4 then
  244. If Sqlstr = "" Then
  245. Sqlstr = " [pubdate] > #"&request("s_time1")&"# and [pubdate] < #"&request("s_time2")&"# "
  246. Else
  247. Sqlstr = Sqlstr & " AND [pubdate] > #"&request("s_time1")&"# and [pubdate] < #"&request("s_time2")&"# "
  248. End If
  249. End if'If request("radiobutton")=4
  250. If request("radiobutton")=5 then
  251.     Sdate=CheckNumeric(Request("Sdate"))
  252.                     If Sqlstr = "" Then
  253. If Sdate>0 Then
  254. If IsSqlDataBase=1 Then
  255. Sqlstr = " Datediff(day,pubdate,'"&SqlNowString&"') < " & Sdate
  256. Else
  257. Sqlstr = " Datediff('d',pubdate,'"&SqlNowString&"') < " & Sdate
  258. End If
  259. End If
  260. Else
  261.     If Sdate>0 Then
  262. If IsSqlDataBase=1 Then
  263. Sqlstr = Sqlstr & " AND Datediff(day,pubdate,'"&SqlNowString&"') < " & Sdate
  264. Else
  265. Sqlstr = Sqlstr & " AND Datediff('d',pubdate,'"&SqlNowString&"') < " & Sdate
  266. End If
  267. End If
  268. End If
  269. End if'If request("radiobutton")=5
  270. End If'If request("radiobutton")<>1 Then
  271. end if'if request("radiobutton")<>"" then
  272. end if'If not isempty(radiobutton) then
  273.     If trim(request("delsql"))<>"" then
  274.     if Sqlstr<>"" then
  275. conn.execute("DELETE * FROM [Article] WHERE " & Sqlstr &" ")
  276. response.write "删除成功"
  277. response.end
  278. else
  279.         conn.execute("DELETE * FROM [Article]")
  280. response.write "删除成功"
  281. response.end
  282. end if
  283. else
  284.     if OrderBy="title" then OrderBy="Article.title"
  285. if OrderBy="description" then OrderBy="Article.description"
  286. if OrderBy="Category_id" then OrderBy="Article.Category_id"
  287. if Sqlstr<>"" then
  288. sql="SELECT "& News_Total &" * FROM (([Article] INNER JOIN [LinkXML] ON Article.xmlid=LinkXML.id)INNER JOIN [Category] ON Article.Category_id = Category.Category_id) WHERE " & Sqlstr & " order by " & OrderBy &" "& DescASC
  289. else
  290. sql="SELECT "& News_Total &" * FROM (([Article] INNER JOIN [LinkXML] ON Article.xmlid=LinkXML.id)INNER JOIN [Category] ON Article.Category_id = Category.Category_id) order by "& OrderBy &" "& DescASC
  291. end if
  292. end if
  293. NewsSql = sql
  294. End Sub
  295. %>
  296. <%
  297. Function OutPutSearchValue(searchtype,default)
  298. if searchtype=1 then
  299. OutPutSearchValue=Node.getAttribute(default)
  300. elseif searchtype=0 and default="maxperpage" then
  301. OutPutSearchValue="20"
  302. end if
  303. end Function
  304.  Function URLDecode(enStr)
  305.   dim deStr
  306.   dim c,i,v
  307.   deStr=""
  308.   for i=1 to len(enStr)
  309.   c=Mid(enStr,i,1)
  310.   if c="%" then
  311.   v=eval("&h"+Mid(enStr,i+1,2))
  312.   if v<128 then
  313.   deStr=deStr&chr(v)
  314.   i=i+2
  315.   else
  316.   if isvalidhex(mid(enstr,i,3)) then
  317.   if isvalidhex(mid(enstr,i+3,3)) then
  318.   v=eval("&h"+Mid(enStr,i+1,2)+Mid(enStr,i+4,2))
  319.   deStr=deStr&chr(v)
  320.   i=i+5
  321.   else
  322.   v=eval("&h"+Mid(enStr,i+1,2)+cstr(hex(asc(Mid(enStr,i+3,1)))))
  323.   deStr=deStr&chr(v)
  324.   i=i+3 
  325.   end if 
  326.   else 
  327.   destr=destr&c
  328.   end if
  329.   end if
  330.   else
  331.   if c="+" then
  332.   deStr=deStr&" "
  333.   else
  334.   deStr=deStr&c
  335.   end if
  336.   end if
  337.   next
  338.   URLDecode=deStr
  339.   end function
  340.   function isvalidhex(str)
  341.   isvalidhex=true
  342.   str=ucase(str)
  343.   if len(str)<>3 then isvalidhex=false:exit function
  344.   if left(str,1)<>"%" then isvalidhex=false:exit function
  345.   c=mid(str,2,1)
  346.   if not (((c>="0") and (c<="9")) or ((c>="A") and (c<="Z"))) then isvalidhex=false:exit function
  347.   c=mid(str,3,1)
  348.   if not (((c>="0") and (c<="9")) or ((c>="A") and (c<="Z"))) then isvalidhex=false:exit function
  349.   end function
  350. function validate_string(input) 
  351. known_bad=array("select","insert","update","delete","drop","—","'",";","#") 
  352. validate_string=true 
  353. for i=lbound(known_bad) to ubound(known_bad) 
  354. if(instr(1,input,known_bad(i),vbtextcompare)<>0) then 
  355. validate_string=false 
  356. exit function 
  357. end if 
  358. next 
  359. end function 
  360. %>