<%@ LANGUAGE=VBScript codepage ="936" %>
<!--#include file="const.asp"-->
<%Response.Buffer=true
Response.CacheControl ="no-cache" 
Response.AddHeader "Pragma", "no-cache" 
Response.Expires = 0
if jiutian_jhname="" then Response.Redirect "error.asp?id=000"
sername=Request.ServerVariables("SERVER_NAME")
if InStr(Request.ServerVariables("HTTP_USER_AGENT"),"MSIE")=0 then Response.Redirect "error.asp?id=010"
allhttp=LCase(Request.ServerVariables("ALL_HTTP"))
if jiutian_disproxy="1" and (Instr(allhttp,"proxy")<>0 or Instr(allhttp,"http_via")<>0 or Instr(allhttp,"http_pragma")<>0) then Response.Redirect "error.asp?id=011"
n=Year(date())
y=Month(date())
r=Day(date())
if len(y)=1 then y="0" & y
if len(r)=1 then r="0" & r
twt_nowsj=n & "-" & y & "-" & r & " "
application("twt_nowsj")=twt_nowsj
s=Hour(time())
f=Minute(time())
m=Second(time())
if len(s)=1 then s="0" & s
if len(f)=1 then f="0" & f
if len(m)=1 then m="0" & m
twt_nowsj=application("twt_nowsj")
sj1=s & ":" & f & ":" & m
sj=twt_nowsj & sj1
userip=Request.ServerVariables("REMOTE_ADDR")
if jiutian_disnewuser="1" then Response.Redirect "error.asp?id=100"
if int(Application("hxf_c_chatrs"))>=int(jiutian_maxpeople) then Response.Redirect "error.asp?id=101"
nickname=Trim(Request.Form("name"))
password=Trim(Request.Form("pass"))
nickname=CStr(Replace(nickname,chr(13)&chr(10),""))
password=CStr(Replace(password,chr(13)&chr(10),""))
if nickname="" then Response.Redirect "error.asp?id=127"
if password="" then Response.Redirect "error.asp?id=128"
if LCase(nickname)=LCase(password) then Response.Redirect "error.asp?id=129"
if server.HTMLEncode(nickname)<>nickname or InStr(nickname,"【")<>0 or InStr(nickname,"】")<>0 or InStr(nickname," ")<>0 or InStr(nickname,"　")<>0 or InStr(nickname,"")<>0 or InStr(nickname,"|")<>0 then Response.Redirect "error.asp?id=120"
if server.URLEncode(password)<>password then Response.Redirect "error.asp?id=121"
namelen=0
for i=1 to len(nickname)
zh=mid(nickname,i,1)
zhasc=asc(zh)
if zhasc<0 then
namelen=namelen+2
else
namelen=namelen+1
if CStr(server.URLEncode(zh))<>CStr(zh) then Response.Redirect "error.asp?id=120"
end if
next
if namelen>10 then Response.Redirect "error.asp?id=125"
if nickname="大家" or nickname=jiutian_dabusi or nickname="无" or nickname="江湖管理员" then Response.Redirect "error.asp?id=130"
if InStr(LCase(nickname),"fuck")<>0 or InStr(LCase(nickname),"sex")<>0 or InStr(nickname,"奸")<>0 or InStr(nickname,"淫")<>0 or InStr(nickname,"娼")<>0 or InStr(nickname,"嫖")<>0 or InStr(nickname,"性")<>0 and InStr(nickname,"交")<>0 or InStr(nickname,"妓")<>0 or InStr(nickname,"色")<>0 and InStr(nickname,"黄")<>0 or InStr(nickname,"色")<>0 and InStr(nickname,"情")<>0 or InStr(nickname,"日")<>0 and InStr(nickname,"妈")<>0 or InStr(nickname,"日")<>0 and InStr(nickname,"妹")<>0 or InStr(nickname,"日")<>0 and InStr(nickname,"姐")<>0 or InStr(nickname,"日")<>0 and InStr(nickname,"娘")<>0 or InStr(nickname,"日")<>0 and InStr(nickname,"奶")<>0 or InStr(nickname,"乳")<>0 or InStr(nickname,"阴")<>0 or InStr(nickname,"操")<>0 then Response.Redirect "error.asp?id=131"
ipk=split(userip,".",-1)
if Instr(jiutian_hkip,ipk(0)&".*.*.*")<>0 or Instr(jiutian_hkip,ipk(0)&"."&ipk(1)&".*.*")<>0 or Instr(jiutian_hkip,ipk(0)&"."&ipk(1)&"."&ipk(2)&".*")<>0  then Response.Redirect "error.asp?id=111"
iplocktime=int(jiutian_iplocktime)
Set conn=Server.CreateObject("ADODB.CONNECTION")
Set rs=Server.CreateObject("ADODB.RecordSet")
connstr=Application("hg_connstr")
conn.open connstr
dcz=0
sql="SELECT ip FROM iplocktemp WHERE DateDiff('n',lockdate,#" & sj & "#)>=" & iplocktime
rs.open sql,conn,1,1
if Not(rs.Eof and rs.Bof) then dcz=1
rs.close
if dcz=1 then
sql="DELETE FROM iplocktemp WHERE DateDiff('n',lockdate,#" & sj & "#)>=" & iplocktime
conn.Execute(sql)
end if
sql="SELECT ip,lockdate FROM iplocktemp WHERE ip='" & userip & "'"
rs.open sql,conn,1,1
if NOT(rs.Eof and rs.Bof) then
lockdate=rs("lockdate")
rs.close
conn.close
set rs=nothing
set conn=nothing
Response.Redirect "error.asp?id=110&lockdate=" & server.URLEncode(lockdate)
end if
rs.close
yzc=0
sql="SELECT 姓名,密码,门派,lastkick FROM 用户 WHERE 姓名='" & nickname & "'"
rs.open sql,conn,1,1
if NOT(rs.Eof and rs.Bof) then
yzc=1
regpass=rs(1)
reggrade=rs(2)
reglastkick=rs("lastkick")
end if
rs.close
%>
<!--#include file="pass.asp"-->
<%
password=jiamipass(password)

if yzc=1 and CStr(password)<>CStr(regpass) then
conn.close
set rs=nothing
set conn=nothing
Response.Redirect "error.asp?id=141"
end if
chatroominfo=split(Application("hxf_c_chatroominfo"),";")
For i=0 to ubound(chatroominfo)
if Instr(LCase(Application("hxf_c_useronlinename"&i)),LCase(nickname))>0 then
chatroomsn=i
exit for
end if
Next
if chatroomsn<>"" then
Application.Lock
onlinelist=Application("hxf_c_onlinelist"&chatroomsn)
dim newonlinelist()
useronlinename=""
onliners=0
js=1
ubl=UBound(onlinelist)
for i=1 to ubl step 6
if CStr(onlinelist(i+1))<>CStr(nickname) then
onliners=onliners+1
useronlinename=useronlinename & " " & onlinelist(i+1)
Redim Preserve newonlinelist(js),newonlinelist(js+1),newonlinelist(js+2),newonlinelist(js+3),newonlinelist(js+4),newonlinelist(js+5)
newonlinelist(js)=onlinelist(i)
newonlinelist(js+1)=onlinelist(i+1)
newonlinelist(js+2)=onlinelist(i+2)
newonlinelist(js+3)=onlinelist(i+3)
newonlinelist(js+4)=onlinelist(i+4)
newonlinelist(js+5)=onlinelist(i+5)
js=js+6
end if
next
useronlinename=useronlinename&" "
if onliners=0 then
dim listnull(0)
Application("hxf_c_onlinelist"&chatroomsn)=listnull
else
Application("hxf_c_onlinelist"&chatroomsn)=newonlinelist
end if
Application("hxf_c_useronlinename"&chatroomsn)=useronlinename
Application("hxf_c_chatrs"&chatroomsn)=onliners
onliners=0
for x=0 to ubound(chatroominfo)
onliners=onliners+Application("hxf_c_chatrs"&x)
next
Application("hxf_c_chatrs")=onliners
sd=Application("hxf_c_sd"&chatroomsn)
line=int(Application("hxf_c_line"&chatroomsn))+1
Application("hxf_c_line"&chatroomsn)=line
for i=1 to 95
sd(i)=sd(i+5)
next
sd(96)=line
'sd(116)=1
sd(97)=0
sd(98)="消息"
sd(99)="大家"
sd(100)="<font color=black>【吊线自救】</font><font color=F08000>〖" & nickname & "〗<font color=black>踢自己的小屁股了！</font>〖原因〗</font>卡在聊天室了！<font class=t>(" & sj1 & ")</font>"
sd(100)="parent.sh(1,0,""消息"",""大家"",""#660099"",""#660099"",""对"",""" & sd(100) & """);"
Application("hxf_c_sd"&chatroomsn)=sd
Application.UnLock
end if
if Not(IsNull(reglastkick)) then
if len(reglastkick)>10 then
if DateDiff("s",CDate(reglastkick),sj)<=300 then
conn.close
set rs=nothing
set conn=nothing
Response.Redirect "error.asp?id=143&lastkick=" & server.URLEncode(reglastkick)
end if
end if
end if
if yzc=1 then
sql="SELECT id, 姓名,grade,allvalue,mvalue,times,lasttime,lastip,regtime,olds,killyue,状态,登录,体力,内力,武功 FROM 用户 where 姓名='" & nickname & "'"
rs.open sql,conn,1,3
allvalue=clng(rs("allvalue"))
allv=int(allvalue)
mvalue=rs("mvalue")
grade=int(rs("grade"))
olds=int(sqr(rs("allvalue")/40))+1
prevtime=CDate(rs("lasttime"))
if allvalue>=int(jiutian_level1to2) and grade<2 then grade=2
if allvalue>=int(jiutian_level2to3) and grade<3 then grade=3
if allvalue>=int(jiutian_level3to4) and grade<4 then grade=4
if allvalue>=int(jiutian_level4to5) and grade<5 then grade=5
if DateDiff("m",prevtime,sj)<>0 then rs("killyue")=0
rs("grade")=grade
rs("times")=rs("times")+1
rs("lasttime")=sj
rs("lastip")=userip
rs("olds")=olds
rs.update
dim TWT_ARR(8)
TWT_ARR(0)=nickname
TWT_ARR(1)=rs("id")
TWT_ARR(2)=int(rs("grade"))
TWT_ARR(3)=0
TWT_ARR(4)=" ,"
TWT_ARR(5)=int(Application("hxf_c_line0"))
TWT_ARR(6)=0
TWT_ARR(7)=sj
TWT_ARR(8)=sj
session("TWT_ARR_ArgALL")=JOIN(TWT_ARR,"=")
wg=rs("武功")
nl=rs("内力")
if (rs("grade")>=10 and Instr(twt_sys_grade,"|" & nickname & "|")=0) or(Instr(jiutian_hkip,userip)<>0) then
sql="delete * FROM 用户 where 姓名='" & nickname& "'" 
set Rs=conn.Execute(sql) 
conn.close 
session.Abandon 
Response.write "这里不欢迎黑客,请你出去" 
response.end 
end if 
if rs("状态")="无" then
conn.close
session.Abandon 
Response.Redirect "error.asp?id=423"
response.end
end if
dim DengLu
DengLu=rs("登录")
if DengLu>now() and rs("状态")="眠" then
conn.close
session.Abandon 
Response.Redirect "error.asp?id=490&arg=" & DengLu
response.end
elseif rs("状态")="眠" then
conn.execute("update 用户 set 状态='正常' where 姓名='"&nickname&"'")
end if
if rs("状态")="牢" then
conn.close
session.Abandon 
Response.Redirect "error.asp?id=420"
response.end
end if
if rs("登录")>now() and rs("状态")="狱" then
conn.close
session.Abandon 
Response.Redirect "error.asp?id=422"
response.end
end if
if rs("体力")<-1000  or rs("状态")="死" then 
conn.close
session.Abandon 
Response.Redirect "error.asp?id=421"
response.end
end if

if rs("mvalue")<0 then
sql="update 用户 set mvalue=0,体力=0 where 姓名='" & nickname & "'"
conn.execute sql 
conn.close
session.Abandon 
Response.Redirect "error.asp?id=500"
response.end
end if 

if rs("killyue")>=100 then
sql="update 用户 set 状态='死' where 姓名='" & nickname & "'"
conn.execute sql 
conn.close
session.Abandon 
Response.Redirect "error.asp?id=462"
response.end
end if

if wg<0 then 
conn.execute("update 用户 set 武功=0 where 姓名='" & nickname & "'")
end if
if nl<0 then 
conn.execute("update 用户 set 内力=0 where 姓名='" & nickname & "'")
end if
sql="update 用户 set 老虎指甲=0, 武功=(内力+体力)/1000"
set Rs=conn.execute(sql)
conn.close
set rs=nothing
set conn=nothing

yish=Application("twt_c_yisheng")
Application.lock
Application("twt_c_yisheng")=Replace(yish, " " & nickname & " ","")
Application.unlock
Response.Redirect "jh.asp"
Response.End
else
Response.Redirect "error.asp?id=423"
response.end
end if
%>

<html><script language="JavaScript">