<!--#include file="../../conn.asp"-->
<%
'=====================================================================
'安全校验码
dim vercode

vercode=""   '此处取值请自行修改，必须与发布规则的检查网址中vercode参数一致

if vercode<>trim(request("vercode")) then
 response.Write("[err]invalid vercode[/err]")
 response.End()
end if

'=====================================================================
%>


<!--#include file="../inc/setup.asp"-->
<!--#include file="../inc/const.asp"-->
<%
'替换inc/check.asp 开始
'zzcity add 登录模块
Dim adminname
if chklogin<>"" then
 response.Write(chklogin)
 response.End()
end if

function chklogin()
 Dim Rs,SQL
 Dim  RandomCode
 adminname = Newasp.CheckBadstr(Request("adminname"))

 If Not IsObject(Conn) Then ConnectionDatabase
 Set Rs = NewAsp.CreateAXObject("ADODB.Recordset")
 SQL = "SELECT * FROM NC_Admin WHERE  username='" & adminname & "'"
 Rs.Open SQL, Conn, 1, 3
 If Rs.BOF And Rs.EOF Then
  chklogin="[err]您输入的用户名和密码不正确或者您不是系统管理员。[/err]"
  Exit function
 Else
  If Rs("isLock") <> 0 Or Rs("isLock") = "" Then
   chklogin="[err]你的用户名已被锁定,你不能登陆！如要开通此帐号，请联系管理员。[/err]"
   Exit function
  End If
  RandomCode = NewAsp.GetRandomCode(16)
  Rs("LoginTime") = Now()
  Rs("Loginip") = NewAsp.UserTrueIP
  Rs("RandomCode") = RandomCode
  Rs.Update
  If FoundErr = False Then
   Session(AdminSessionName & "_AdminName") = Rs("username")
   Session(AdminSessionName & "_AdminPass") = Rs("password")
   Session(AdminSessionName & "_AdminGrade") = Rs("AdminGrade")
   Session(AdminSessionName & "_Adminflag") = Rs("Adminflag")
   Session(AdminSessionName & "_AdminStatus") = Rs("Status")
   Session(AdminSessionName & "_AdminRandomCode") = RandomCode
   Session(AdminSessionName & "_AdminID") = Rs("id")
   Session.Timeout=45
   If IsAdminValidate Then
    Session(AdminSessionName & "_validate") = Trim(Request.Form("validate"))
   End If
'   If UseAdminCookies Then
'    Response.Cookies(AdminCookiesName).path = "/"
'    Response.Cookies(AdminCookiesName)("AdminName") = Rs("username")
'    Response.Cookies(AdminCookiesName)("AdminPass") = Rs("password")
'    Response.Cookies(AdminCookiesName)("AdminGrade") = Rs("AdminGrade")
'    Response.Cookies(AdminCookiesName)("Adminflag") = Rs("Adminflag")
'    Response.Cookies(AdminCookiesName)("AdminStatus") = Rs("Status")
'    Response.Cookies(AdminCookiesName)("RandomCode") = RandomCode
'    Response.Cookies(AdminCookiesName)("AdminID") = Rs("id")
'    If IsAdminValidate Then
'     Response.Cookies(AdminCookiesName)("validate") = Trim(Request.Form("validate"))
'    End If
'   End If
  End If
 End If
 Rs.Close:Set Rs = Nothing
End function
'替换inc/check.asp 结束

Dim InstallDir_ChannelDir,Channel_Setting
If ChannelID=0 Then
 ChannelID=1
Else
 InstallDir_ChannelDir = Trim(NewAsp.InstallDir & NewAsp.ChannelDir)
 Channel_Setting = Split(NewAsp.Channel_Setting & "|||||||||||||||", "|||")
End If

'If Not ChkAdmin("Article_"&ChannelID) Then
' Call Transfer_error()
'End If

'替换article const.asp 结束
'< !--#include file="../../inc/ubbcode.asp"-->
%>
<!--#include file="../inc/cls_tags.asp"-->
<!--#include file="../inc/common.asp"-->
<!--#include file="../../common/news/show.asp"-->


<%
'Admin_header
'=====================================================================
' 软件名称：新云网站管理系统
' 当前版本：NewAsp. Content Management System Version 4.0
' 文件名称：admin_save.asp
' 更新日期：2008-06-16
' 官方网站：新云网络(www.NewAsp.net www.NewAsp.cn) QQ：94022511
'=====================================================================
' Copyright 2003-2008 NewAsp.net - All Rights Reserved.
' NewAsp. is a trademark of NewAsp.net
'=====================================================================
Dim Action,TextContent,ArticleTop,ArticleBest,ForbidEssay,ArticleAccept
'If Not ChkAdmin("PostArticle_"&ChannelID) Then
' Call Transfer_error()
'End If
'Action = LCase(Request("action"))
Action = "save"
'Select Case Trim(Action)
'Case "save"
 Call SaveNewArticle()
'Case "modify"
' Call ModifyArticle()
'Case Else
' 'Call showmain
'End Select

If FoundErr = True Then
 'response.Write(ErrMsg)
End If
'Admin_footer
'SaveLogInfo(AdminName)
NewAsp.PageEnd

Sub AddUpdateTags(act)
 Tag.ChannelID=ChannelID
 Tag.Modules=NewAsp.Modules
 Tag.classid=NewAsp.CheckNumeric(Request.Form("ClassID"))
 Tag.Taghits=NewAsp.CheckNumeric(Request.Form("AllHits"))
 Tag.IsBest=NewAsp.ChkNumeric(Request.Form("IsBest"))
 Tag.IsTop=NewAsp.ChkNumeric(Request.Form("isTop"))
 Tag.TagString=Trim(Request.Form("Tagstring"))
 Tag.tagList=Trim(Request.Form("Taglist"))
 If act=1 Then
  Tag.AddNewTags()
 Else
  Tag.UpdateTags()
 End If
 Taglist=Tag.tagList&"|"&Tag.checkTagString(Request.Form("Tagstring"))
End Sub

Sub SaveNewArticle()
 '替换checksave
 Dim ColorMode,FontMode,Author,ComeFrom,PointNum,star,UserGroup,SpecialID,AllHits,WriteTime
 If Trim(Request("title")) = "" Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]标题不能为空！[/err]"
  Exit Sub
 End If
 If Len(Request("title")) => 200 Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]标题不能超过200个字符！[/err]"
  Exit Sub
 End If
 
 ColorMode=NewAsp.ChkNumeric(Trim(Request.Form("ColorMode")))
 FontMode=NewAsp.ChkNumeric(Trim(Request.Form("FontMode")))
 If Len(Request.Form("Related")) => 220 Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]相关" & NewAsp.ModuleName & "不能超过220个字符！[/err]"
  Exit Sub
 End If
 Author= Trim(Request.Form("Author"))
 If Author = "" Then
  Author="佚名"
 End If
 ComeFrom=Trim(Request.Form("ComeFrom"))
 If ComeFrom = "" Then
  ComeFrom="本站整理"
 End If
 PointNum=NewAsp.ChkNumeric(Trim(Request.Form("PointNum")))
 star=NewAsp.ChkNumeric(Request.Form("star"))
 If star=0 Then
  star=3
 End If
 UserGroup=NewAsp.ChkNumeric(Request.Form("UserGroup"))
 If Not IsNumeric(Request.Form("ClassID")) Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]缺少分类ID，不能添加" & NewAsp.ModuleName & "！[/err]"
  Exit Sub
 End If
 If Trim(Request.Form("ClassID")) = "0" Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]该分类是外部连接，不能添加" & NewAsp.ModuleName & "！[/err]"
  Exit Sub
 End If
 AllHits=NewAsp.ChkNumeric(Trim(Request.Form("AllHits")))
 If Not IsNumeric(AllHits) Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]初始点击数请输入整数！[/err]"
  Exit Sub
 End If
 SpecialID=NewAsp.ChkNumeric(Request.Form("SpecialID"))
 WriteTime=Trim(Request.Form("WriteTime"))
 If WriteTime= "" Then
  WriteTime=now()
 End If
 TextContent = Request("content")
 If Trim(TextContent) = "" Then
  FoundErr = True
  ErrMsg = ErrMsg + "[err]要添加的内容不能为空！[/err]"
  Exit Sub
 End If
' If NewAsp.setAdminEditor(0) <> 0 Then
'  TextContent = NewAsp.HTMLEncodes(TextContent)
' End If
 TextContent = CheckHtmlCode(Re_Replace(TextContent, InstallDir_ChannelDir, "[InstallDir_ChannelDir]"))

 ArticleTop = NewAsp.ChkNumeric(Request.Form("isTop"))
 ArticleBest = NewAsp.ChkNumeric(Request.Form("isBest"))
 ForbidEssay = NewAsp.ChkNumeric(Request.Form("ForbidEssay"))
 ArticleAccept = NewAsp.ChkNumeric(Request.Form("isAccept"))
 

 Dim Rs,SQL
 If Founderr = True Then Exit Sub
 'Call AddUpdateTags(1)
 Tag.ChannelID=ChannelID
 Tag.Modules=NewAsp.Modules
 Tag.classid=NewAsp.CheckNumeric(Request.Form("ClassID"))
 Tag.Taghits=AllHits
 Tag.IsBest=NewAsp.ChkNumeric(Request.Form("IsBest"))
 Tag.IsTop=NewAsp.ChkNumeric(Request.Form("isTop"))
 Tag.TagString=Trim(Request.Form("Tagstring"))
 Tag.tagList=Trim(Request.Form("Taglist"))
' If act=1 Then
  Tag.AddNewTags()
' Else
'  Tag.UpdateTags()
' End If
 Taglist=Tag.tagList&"|"&Tag.checkTagString(Request.Form("Tagstring"))
 
 
 Set Rs = NewAsp.CreateAXObject("ADODB.Recordset")
 SQL = "SELECT * FROM NC_Article WHERE (ArticleID is null)"
 Rs.Open SQL,Conn,1,3
 Rs.Addnew
  Rs("ChannelID") = ChannelID
  Rs("ClassID") = NewAsp.ChkNumeric(Request.Form("classid"))
  Rs("SpecialID") = SpecialID
  Rs("title") = NewAsp.RequestForm(Request.Form("title"),255)
  Rs("subtitle") = NewAsp.RequestForm(Request.Form("subtitle"),255)
  Rs("ColorMode") = ColorMode
  Rs("FontMode") = FontMode
  Rs("content") = TextContent
  Rs("OuterLinks") = NewAsp.RequestForm(Request.Form("OuterLinks"),255)
  Rs("Related") = NewAsp.RequestForm(Request.Form("Related"),255)
  Rs("Author") = NewAsp.RequestForm(Author,50)
  Rs("ComeFrom") = NewAsp.RequestForm(ComeFrom,50)
  
  Rs("star") = star
  Rs("isTop") = ArticleTop
  Rs("AllHits") = AllHits
  Rs("DayHits") = AllHits
  Rs("WeekHits") =AllHits
  Rs("MonthHits") = AllHits
  Rs("HitsTime") = Now()
  Rs("WriteTime") = Formatime(WriteTime)
  Rs("HtmlFileDate") = Trim(NewAsp.HtmlRndFileName)
  Rs("username") = Trim(AdminName)
  Rs("isBest") = ArticleBest
  Rs("BriefTopic") = NewAsp.ChkNumeric(Request.Form("BriefTopic"))
  Rs("ImageUrl") = Trim(Request.Form("ImageUrl"))
  Rs("UploadImage") = Trim(Request.Form("UploadFileList"))

  Rs("UserGroup") = UserGroup
  Rs("PointNum") = PointNum
  Rs("isUpdate") = 1
  Rs("isAccept") = ArticleAccept
  Rs("ForbidEssay") = ForbidEssay
  Rs("AlphaIndex") = NewAsp.ReadAlpha(ubb.CheckSpecialChar(Request.Form("title")))
  Rs("AutoPages") = NewAsp.ChkNumeric(Request.Form("AutoPages"))
  Rs("good") = NewAsp.CheckNumeric(Request.Form("good"))
  Rs("bad") = NewAsp.CheckNumeric(Request.Form("bad"))
  Rs("Taglist")=Taglist
 Rs.update
 Rs.Close
 
 Rs.Open "SELECT TOP 1 ArticleID FROM NC_Article WHERE ChannelID=" & ChannelID & " ORDER BY ArticleID DESC", Conn, 1, 1
 ArticleID = Rs("ArticleID")
 Rs.Close:Set Rs = Nothing
 ClassUpdateCount NewAsp.ChkNumeric(Request.Form("classid")),1
 Call RemoveCache
' --生成HTML
 
 If CInt(NewAsp.IsCreateHtml) <> 0 Then
  Call BeginCreated(ArticleID)
 
  SQL = "SELECT TOP 1 ArticleID FROM NC_Article WHERE ChannelID=" & ChannelID & " And isAccept <> 0 And ArticleID < " & ArticleID & " ORDER BY ArticleID DESC"
  Set Rs = NewAsp.Execute(SQL)
  If Not (Rs.EOF And Rs.BOF) Then
   Call BeginCreated(Rs("ArticleID"))

  End If
  Rs.Close
  Set Rs = Nothing
 End If

 response.Write("[ok]")
End Sub

'Sub CheckSave()
' Dim i
' If Trim(Request.Form("title")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]标题不能为空！[/err]"
' End If
' If Len(Request.Form("title")) => 200 Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]标题不能超过200个字符！[/err]"
' End If
' If Trim(Request.Form("ColorMode")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "<li>标题颜色参数错误！</li>"
' End If
'
' If Trim(Request.Form("FontMode")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]标题字体参数错误！[/err]"
' End If
' If Len(Request.Form("Related")) => 220 Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]相关" & NewAsp.ModuleName & "不能超过220个字符！[/err]"
' End If
' If Trim(Request.Form("Author")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]" & NewAsp.ModuleName & "作者不能为空！[/err]"
' End If
' If Trim(Request.Form("ComeFrom")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]" & NewAsp.ModuleName & "来源不能为空！[/err]"
' End If
' If Trim(Request.Form("PointNum")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]阅览所需的点数不能为空！如果不想设置请输入零。[/err]"
' End If
' If Not IsNumeric(Request.Form("star")) Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]推荐星级不能为空。[/err]"
' End If
' If Not IsNumeric(Request.Form("UserGroup")) Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]阅览等级参数错误！[/err]"
' End If
' If Not IsNumeric(Request.Form("ClassID")) Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]该一级分类已经有下属分类，不能添加" & NewAsp.ModuleName & "！[/err]"
'  Exit Sub
' End If
' If Trim(Request.Form("ClassID")) = 0 Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]该分类是外部连接，不能添加" & NewAsp.ModuleName & "！[/err]"
' End If
' If Trim(Request.Form("AllHits")) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]初始点击数不能为空！[/err]"
' End If
' If Not IsNumeric(Request("AllHits")) Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]初始点击数请输入整数！[/err]"
'  Exit Sub
' End If
' If Not IsNumeric(Request("SpecialID")) Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]专题ID参数错误！[/err]"
'  Exit Sub
' End If
' TextContent = ""
' For i = 1 To Request.Form("content").Count
'  TextContent = TextContent & Request.Form("content")(i)
' Next
' If Trim(TextContent) = "" Then
'  FoundErr = True
'  ErrMsg = ErrMsg + "[err]要添加的内容不能为空！[/err]"
' End If
' If NewAsp.setAdminEditor(0) <> 0 Then
'  TextContent = NewAsp.HTMLEncodes(TextContent)
' End If
' TextContent = CheckHtmlCode(Re_Replace(TextContent, InstallDir_ChannelDir, "[InstallDir_ChannelDir]"))
'
' ArticleTop = NewAsp.ChkNumeric(Request.Form("isTop"))
' ArticleBest = NewAsp.ChkNumeric(Request.Form("isBest"))
' ForbidEssay = NewAsp.ChkNumeric(Request.Form("ForbidEssay"))
' ArticleAccept = NewAsp.ChkNumeric(Request.Form("isAccept"))
'End Sub

Function AddUserPointNum(username,stype)
 On Error Resume Next
 Dim rsuser,GroupSetting,userpoint
 Set rsuser = NewAsp.Execute("SELECT userid,UserGrade,userpoint FROM NC_User WHERE username='"& username &"'")
 If Not(rsuser.BOF And rsuser.EOF) Then
  GroupSetting = Split(NewAsp.UserGroupSetting(rsuser("UserGrade")), "|||")(9)
  If stype = 1 Then
   userpoint = CLng(rsuser("userpoint") + GroupSetting)
   NewAsp.Execute ("UPDATE NC_User SET userpoint="& userpoint &",experience=experience+2,charm=charm+1 WHERE userid="& rsuser("userid"))
  Else
   userpoint = CLng(rsuser("userpoint") - GroupSetting)
   NewAsp.Execute ("UPDATE NC_User SET userpoint="& userpoint &",experience=experience-2,charm=charm-1 WHERE userid="& rsuser("userid"))
  End If
 End If
 Set rsuser = Nothing
End Function

Function ClassUpdateCount(sortid,stype)
 Dim rscount,Parentstr
 On Error Resume Next
 Set rscount = NewAsp.Execute("SELECT ClassID,Parentstr FROM [NC_Classify] WHERE ChannelID=" & ChannelID & " And ClassID=" & CLng(sortid))
 If Not (rscount.BOF And rscount.EOF) Then
  Parentstr = rscount("Parentstr") &","& rscount("ClassID")
  If CInt(stype) = 1 Then
   NewAsp.Execute ("UPDATE [NC_Classify] SET ShowCount=ShowCount+1,isUpdate=1 WHERE ChannelID="& ChannelID &" And ClassID in (" & Parentstr & ")")
  ElseIf stype = 2 Then
   NewAsp.Execute ("UPDATE [NC_Classify] SET isUpdate=1 WHERE ChannelID="& ChannelID &" And ClassID in (" & Parentstr & ")")
  Else
   NewAsp.Execute ("UPDATE [NC_Classify] SET ShowCount=ShowCount-1,isUpdate=1 WHERE ChannelID="& ChannelID &" And ClassID in (" & Parentstr & ")")
  End If
 End If
 Set rscount = Nothing
End Function

Sub RemoveCache()
 RemoveAppCache "statistic_news"
 RemoveLabelCache 1
End Sub
'-------------------HTML
Sub BeginCreated(AID)
  IsNowOutputText = False
'  If showid=0 Then
'   ArticleID=NewAsp.ChkNumeric(Request("id"))
'   CurrentPage=NewAsp.ChkNumeric(Request("page"))
'   If ArticleID=0 Then ArticleID=NewAsp.ChkNumeric(Request("ArticleID"))
'  Else
'   ArticleID=NewAsp.ChkNumeric(showid)
'  End If
  ArticleID=NewAsp.ChkNumeric(AID)
  IsOutTags=False
  If CurrentPage=0 Then CurrentPage=1
  iBackCount=0:iNextCount=0:Pcount=1
  ubb.BasePath = NewAsp.ChannelPath
  ubb.setUbbcode = Join(NewAsp.setUserEditor,"|")
  ubb.Keyword = NewAsp.KeywordList
 
  PageMode=NewAsp.ChkNumeric(TPL_Config(27))
 
  LoadArticleData()
 
  TPL_FileName=Check_TPL_File(TPL_FilePath,"show",ArticleID,classid)
  HtmlContent = NewAsp.LoadTemplate(TPL_FilePath&"\"&TPL_FileName)
  HtmlContent = Replace(HtmlContent, "{$pagetitle}", Replace(m_strTitle, "{$", "{ $"))
  HtmlContent = Replace(HtmlContent, "{$channelid}", ChannelID)
  HtmlContent = Replace(HtmlContent, "{$classid}", classid)
  HtmlContent = Replace(HtmlContent, "{$articleid}", ArticleID)
  HtmlContent = Replace(HtmlContent, "{$postid}", ArticleID)
  HtmlContent = Replace(HtmlContent, "{$channeldir}", NewAsp.ChannelPath)
  TPL_Scan HtmlContent
  Set XMLDom = Nothing : Set dataNode = Nothing
  HtmlFilePath=NewAsp.CheckHtmlFilePath(HtmlFileName)
  NewAsp.CreatPathEx HtmlFilePath
  NewAsp.CreatedTextFile HtmlFileName,TPL_Memory
  TPL_Memory=""
  If IsObject(TPL_XmlDom) Then Set TPL_XmlDom=Nothing 
End Sub
%>