<%Response.contentType = "text/xml"%> <% dim url,connstr,conn,show_username dim rs,SQL const issqldate=false if not issqldate then Dim Db 'access数据库连接参数：第一次使用请修改本处数据库地址并相应修改data目录中数据库名称，如将oblog2.mdb修改为oblog2.asp Db = "data/oblogxx.mdb" ConnStr = "Provider = Microsoft.Jet.OLEDB.4.0;Data Source = " & Server.MapPath(db) else 'sql数据库连接参数：数据库名、用户密码、用户名、连接名（本地用local，外地用IP） Dim SqlDatabaseName,SqlPassword,SqlUsername,SqlLocalName SqlDatabaseName = "oblog" SqlPassword = "oblog" SqlUsername = "oblog" SqlLocalName = "(local)" ConnStr = "Provider = Sqloledb; User ID = " & SqlUsername & "; Password = " & SqlPassword & "; Initial Catalog = " & SqlDatabaseName & "; Data Source = " & SqlLocalName & ";" end if Set conn = Server.CreateObject("ADODB.Connection") conn.open ConnStr set rs=conn.execute("select siteurl,sitetitle,copyrighturl,webmastername,webmasteremail from bloginfo") url=trim(rs(0)) %> <%=rs(0)%> <%=rs(1)%> <%=rs(2)%> Oblog 2.52 <%=rs(4)%> <% show_username=ReplaceBadChar(request.QueryString("name")) 'set rs = Server.CreateObject("ADODB.Recordset") if issqldate then if show_username<>"" then SQL="select top 10 * from blog where username='"&show_username&"' and ishide<>'true' and passcheck<>'false' and isnull(ispassword,'true')='true' and (isnull(blog_password,'true')='true' or blog_password='') order by id desc" else SQL = "Select top 10 * from blog where ishide<>'true' and passcheck<>'false' and (isnull(blog_password,'true')='true' or blog_password='') and isnull(ispassword,'true')='true' order by id desc" end if else if show_username<>"" then SQL="select top 10 * from blog where username='"&show_username&"' and ishide<>'true' and passcheck<>'false' and isnull(ispassword)=true and (isnull(blog_password)=true or blog_password='') order by id desc" else SQL = "Select top 10 * from blog where ishide<>'true' and passcheck<>'false' and isnull(ispassword)=true and (isnull(blog_password)=true or blog_password='') order by id desc" end if end if set rs=conn.execute(SQL) if rs.Eof or rs.Bof then response.write "" end if while not rs.Eof response.Write "" & vbcrlf Response.write "" & vbcrlf response.write ""&url&"more.asp?name="&rs("username")&"&id="&rs("id")&"" & vbcrlf response.write ""&rs("username")&"" & vbcrlf response.write ""&rs("addtime")&"" & vbcrlf response.write "" & vbcrlf response.write "" rs.MoveNext wend set rs=nothing conn.Close set conn = nothing function ReplaceBadChar(strChar) if strChar="" then ReplaceBadChar="" else ReplaceBadChar=replace(replace(replace(replace(replace(replace(replace(strChar,"'",""),"*",""),"?",""),"(",""),")",""),"<",""),".","") end if end function %>