<%@ codepage="936" %>

<% id=Request.Querystring("id") If id ="" then Response.Write("") end if if instr(id,"'") or instr(id,"select") or instr(id,"in") or instr(id,"from") or instr(id,"len") or instr(id,"where") or instr(id,"or") or instr(id,"and") then Response.Write("") Response.End end if '在這裡過濾TMD的不良字符 conn.execute("update imgbook set click=click+1 where ID=" & id) sql="select * from imgbook where ID="&id set rs=server.createobject("adodb.recordset") rs.open sql,conn,1,1 if rs.eof then Response.Write("對不起。沒有此編號的圖片！！！") Response.end end if %> <%=rs("title")%>          上傳日期:<%=rs("updatetime")%>                              本圖片被瀏覽<%=rs("click")%>次 <% img=rs("news_content") if instr(img,"[img]") then img = Replace(img, "[img]","250)this.width=250"">") else img = Replace(img, "[uploadimg]","250)this.width=250"">") end if Response.Write(img) %> 圖片相關說明: <%sql="select * from imgbook where ID="&id set rs=server.createobject("adodb.recordset") rs.open sql,conn,1,1 if rs.eof then Response.Write("對不起。沒有此編號的圖片！！！") Response.end end if%> <%=ubbcode(rs("guestcontent"))%>   <% rsclose() set rs1=server.CreateObject("Adodb.recordset") sql1="select ID from imgbook where ID="&Request.Querystring("id")-1 rs1.open sql1,conn,1,1 if not rs1.bof then Response.Write("返回選擇分類     ") end if rs1.close sql1="select ID from imgbook where ID="&Request.Querystring("id")+1 rs1.open sql1,conn,1,1 if not rs1.bof then Response.Write("下一張圖片") end if rs1.close set rs1=nothing %> <% connclose() %>