Split(?) & Flood Control

schutzgeist

schutzgeist

Erfahrenes Mitglied
Ich bastel gerade an meinem Gästebuch und suche dafür noch 2 Scripts, da ich bisher leider nicht selbst auf die Lösung gekommen bin.

Zum einen möchte ich bei der Textausgabe, dass mit Wörter/Zeichenketten die länger als 20 Zeichen sind mit einer Leerstelle getrennt werden (zwecks Layout auseinander ziehen).
Ist bestimmt total einfach :(
Hab mich bei google halbtot gesucht, nichts passendes, oder nur Beispiele für php gefunden :(

Zum anderen such ich was, das mir nachdem ein Beitrag abgeschickt wurde der Absender erst 5min warten muss, bevor er einen neuen Beitrag verfassen kann und der Submit-Button über/ausgeblendet wird.
Ich schätz mal, das ganze muss irgendwie über nen Cookie oder so laufen. Wovon ich aber leider absolut keine Ahnung hab :confused:

Danke schonmal fürs Lesen,
schutzgeist
 
Zur 1. Frage

Ein Wort mit 20 Zeichen kommt ja selten vor. U.u. handelt es sich hier um eine längere URL oder jemand macht dies, um Dich zu ärgern oder jemand möchte Dir einen Code unterschieben. Wenn ein solches Wort vorkommt, lass den Eintrag nicht zu, sondern setz eine Meldung, dass er das Wort trennen soll.

Du solltest die Ausgabe des Gästbuchtextes auch encodieren. z.B. mit

dim Eintrag
eintrag = rs("eintrag")
Response.write Server.HTMLEncode(eintrag)

http://www.tutorials.de/tutorials194841.html

Zur 2. Frage

Direkt nach Einfügen des Datensatzes erzeugst du einen Cookie und setzst die Lebensdauer auf 5 min.

Response.Cookies("update") = true
Response.Cookies("update").Expires = dateAdd("n",5, now())

Dann fragest Du den Cookie ab, ob er gefüllt ist und erzeugst eine Variable, die den Button disabled setzt.

dim nextDisabled
nextDisabled = ""
if Request.Cookies("update") = true then nextDisabled = "disabled"

<input <%=nextDisabled%> type="submit" name="submit" value="eintrag"/>

Weitere Infos zum Thema Cookie auch hier.
http://www.aspextra.de/asp/praxis/Cookies_in_ASP.html
 
Zuletzt bearbeitet:
Hi

hier mal ein Testformular, kannst Dir mal in eine leer Seite speichern und ausprobieren.
Code: 
<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<%
option explicit
' -- Abfrage, ob Submit-Button dargestellt wird

dim nextDisabled
nextDisabled = ""
if Request.Cookies("update") = "1" then nextDisabled = "disabled"

' --- Funktion überprüft das Eingabefeld, ob ein Wort länger als 20 Zeichen existiert
' --- Liefert als Werteausgabe true zurück.
 
function Langwort(b)
dim a,x
a = split(b," ")
	for i = 0 to ubound(a)
		if len(a(i)) > 20 then
			x = true
		end if
	next
Langwort = x
end function
%>
<html>
<head>
<title>fdasdfasdf</title> 
<meta http-equiv="Content-Type" content="text/html;">
</head>
<body>
<%
dim allesok, message, spltext, Fehler, i

' --- Feldüberprüfung

if Request.Form.count > 0 then
allesok = true
message = Replace(Request.form("message"),"'","''")
	if langwort(message) then
		allesok = false
		Fehler = "zu langes Wort"
	end if

	if isnull(message) or message="" then
		allesok = false
		Fehler = "Bitte einen Eintrag machen"
	end if
end if
if allesok then
' --- hier an dieser Stelle kann das Script zum Eintrag in die Datenbank rein
' --- hier wird der Cookie mit Lebensdauer 5 Min. gesetzt.
Response.Cookies("update") = 1
Response.Cookies("update").Expires = dateAdd("n",5, now()) 
Response.redirect Request.ServerVariables("Script_name") 
end if
%>
Der Cookie hat den Wert: <% = Request.Cookies("update") %>
<form name="form1" method="post" action="<% =Request.ServerVariables("Script_name")%>">
  <h1>Eintrag machen  </h1>
       <textarea name="message" id="message"><% = message %></textarea>
    <% = Fehler%>
    <br>
    <br>
    <input <%= nextDisabled %> type="submit" name="submit" value="eintrag"/>
 
</form>
</body>
</html>
 
Zuletzt bearbeitet:
Heho

Das mit dem Zeichen trennen hab ich jetzt andersweitig gelöst bekommen...
Aber an dem Floodding beiß ich mir momentan noch die Zähne aus...
Egal wie ich es reinschreib, umstell, etc. er mecker immer das Option Explicit an und bringt mir ne Meldung von wegen Kompilierungsfehler :(

Fehlertyp:
Kompilierungsfehler in Microsoft VBScript (0x800A0400)
Anweisung erwartet
 
Hi

option explicit muss immer in der 1. Zeile nach der Sprachangabe stehen, wenn Du es einbauen willst. Es ist optional und prüft, ob alle Variablen benannt sind.

Ansonsten kann ich nur sagen, dass ich nicht Hellsehen kann.
Musst schon Deinen Scriptcode hier posten.
 
Code: 
<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="Connections/gb.asp" -->
<%
option explicit
dim nextDisabled
nextDisabled = ""
if Request.Cookies("update") = "1" then nextDisabled = "disabled"
Response.Cookies("update") = 1
Response.Cookies("update").Expires = dateAdd("s", 20, now()) 
Response.redirect Request.ServerVariables("Script_name") 
end if
%>
%>
<%
' *** Edit Operations: declare variables

Dim MM_editAction
Dim MM_abortEdit
Dim MM_editQuery
Dim MM_editCmd

Dim MM_editConnection
Dim MM_editTable
Dim MM_editRedirectUrl
Dim MM_editColumn
Dim MM_recordId

Dim MM_fieldsStr
Dim MM_columnsStr
Dim MM_fields
Dim MM_columns
Dim MM_typeArray
Dim MM_formVal
Dim MM_delim
Dim MM_altVal
Dim MM_emptyVal
Dim MM_i

MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME"))
If (Request.QueryString <> "") Then
  MM_editAction = MM_editAction & "?" & Request.QueryString
End If

' boolean to abort record edit
MM_abortEdit = false

' query string to execute
MM_editQuery = ""
%>
<%
' *** Insert Record: set variables

If (CStr(Request("MM_insert")) = "form1") Then

  MM_editConnection = MM_gb_STRING
  MM_editTable = "gb"
  MM_editRedirectUrl = "gb.asp"
  MM_fieldsStr  = "name|value|email|value|url|value|msg|value|datum|value"
  MM_columnsStr = "Name|',none,''|eMail|',none,''|URL|',none,''|Message|',none,''|Datum_Zeit|',none,''"

  ' create the MM_fields and MM_columns arrays
  MM_fields = Split(MM_fieldsStr, "|")
  MM_columns = Split(MM_columnsStr, "|")
  
  ' set the form values
  For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
    MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i)))
  Next

  ' append the query string to the redirect URL
  If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then
    If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then
      MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
    Else
      MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
    End If
  End If

End If
%>
<%
' *** Insert Record: construct a sql insert statement and execute it

Dim MM_tableValues
Dim MM_dbValues

If (CStr(Request("MM_insert")) <> "") Then

  ' create the sql insert statement
  MM_tableValues = ""
  MM_dbValues = ""
  For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
    MM_formVal = MM_fields(MM_i+1)
    MM_typeArray = Split(MM_columns(MM_i+1),",")
    MM_delim = MM_typeArray(0)
    If (MM_delim = "none") Then MM_delim = ""
    MM_altVal = MM_typeArray(1)
    If (MM_altVal = "none") Then MM_altVal = ""
    MM_emptyVal = MM_typeArray(2)
    If (MM_emptyVal = "none") Then MM_emptyVal = ""
    If (MM_formVal = "") Then
      MM_formVal = MM_emptyVal
    Else
      If (MM_altVal <> "") Then
        MM_formVal = MM_altVal
      ElseIf (MM_delim = "'") Then  ' escape quotes
        MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'"
      Else
        MM_formVal = MM_delim + MM_formVal + MM_delim
      End If
    End If
    If (MM_i <> LBound(MM_fields)) Then
      MM_tableValues = MM_tableValues & ","
      MM_dbValues = MM_dbValues & ","
    End If
    MM_tableValues = MM_tableValues & MM_columns(MM_i)
    MM_dbValues = MM_dbValues & MM_formVal
  Next
  MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ") values (" & MM_dbValues & ")"

  If (Not MM_abortEdit) Then
    ' execute the insert
    Set MM_editCmd = Server.CreateObject("ADODB.Command")
    MM_editCmd.ActiveConnection = MM_editConnection
    MM_editCmd.CommandText = MM_editQuery
    MM_editCmd.Execute
    MM_editCmd.ActiveConnection.Close

    If (MM_editRedirectUrl <> "") Then
      Response.Redirect(MM_editRedirectUrl)
    End If
  End If

End If
%>
<%
Dim gbook
Dim gbook_numRows

Set gbook = Server.CreateObject("ADODB.Recordset")
gbook.ActiveConnection = MM_gb_STRING
gbook.Source = "SELECT * FROM gb ORDER BY ID_GB DESC"
gbook.CursorType = 0
gbook.CursorLocation = 2
gbook.LockType = 1
gbook.Open()

gbook_numRows = 0
%>
<%
Dim Repeat1__numRows
Dim Repeat1__index

Repeat1__numRows = 10
Repeat1__index = 0
gbook_numRows = gbook_numRows + Repeat1__numRows
%>
<%
'  *** Recordset Stats, Move To Record, and Go To Record: declare stats variables

Dim gbook_total
Dim gbook_first
Dim gbook_last

' set the record count
gbook_total = gbook.RecordCount

' set the number of rows displayed on this page
If (gbook_numRows < 0) Then
  gbook_numRows = gbook_total
Elseif (gbook_numRows = 0) Then
  gbook_numRows = 1
End If

' set the first and last displayed record
gbook_first = 1
gbook_last  = gbook_first + gbook_numRows - 1

' if we have the correct record count, check the other stats
If (gbook_total <> -1) Then
  If (gbook_first > gbook_total) Then
    gbook_first = gbook_total
  End If
  If (gbook_last > gbook_total) Then
    gbook_last = gbook_total
  End If
  If (gbook_numRows > gbook_total) Then
    gbook_numRows = gbook_total
  End If
End If
%>
<%
' *** Recordset Stats: if we don't know the record count, manually count them

If (gbook_total = -1) Then

  ' count the total records by iterating through the recordset
  gbook_total=0
  While (Not gbook.EOF)
    gbook_total = gbook_total + 1
    gbook.MoveNext
  Wend

  ' reset the cursor to the beginning
  If (gbook.CursorType > 0) Then
    gbook.MoveFirst
  Else
    gbook.Requery
  End If

  ' set the number of rows displayed on this page
  If (gbook_numRows < 0 Or gbook_numRows > gbook_total) Then
    gbook_numRows = gbook_total
  End If

  ' set the first and last displayed record
  gbook_first = 1
  gbook_last = gbook_first + gbook_numRows - 1
  
  If (gbook_first > gbook_total) Then
    gbook_first = gbook_total
  End If
  If (gbook_last > gbook_total) Then
    gbook_last = gbook_total
  End If

End If
%>
<%
Dim MM_paramName 
%>
<%
' *** Move To Record and Go To Record: declare variables

Dim MM_rs
Dim MM_rsCount
Dim MM_size
Dim MM_uniqueCol
Dim MM_offset
Dim MM_atTotal
Dim MM_paramIsDefined

Dim MM_param
Dim MM_index

Set MM_rs    = gbook
MM_rsCount   = gbook_total
MM_size      = gbook_numRows
MM_uniqueCol = ""
MM_paramName = ""
MM_offset = 0
MM_atTotal = false
MM_paramIsDefined = false
If (MM_paramName <> "") Then
  MM_paramIsDefined = (Request.QueryString(MM_paramName) <> "")
End If
%>
<%
' *** Move To Record: handle 'index' or 'offset' parameter

if (Not MM_paramIsDefined And MM_rsCount <> 0) then

  ' use index parameter if defined, otherwise use offset parameter
  MM_param = Request.QueryString("index")
  If (MM_param = "") Then
    MM_param = Request.QueryString("offset")
  End If
  If (MM_param <> "") Then
    MM_offset = Int(MM_param)
  End If

  ' if we have a record count, check if we are past the end of the recordset
  If (MM_rsCount <> -1) Then
    If (MM_offset >= MM_rsCount Or MM_offset = -1) Then  ' past end or move last
      If ((MM_rsCount Mod MM_size) > 0) Then         ' last page not a full repeat region
        MM_offset = MM_rsCount - (MM_rsCount Mod MM_size)
      Else
        MM_offset = MM_rsCount - MM_size
      End If
    End If
  End If

  ' move the cursor to the selected record
  MM_index = 0
  While ((Not MM_rs.EOF) And (MM_index < MM_offset Or MM_offset = -1))
    MM_rs.MoveNext
    MM_index = MM_index + 1
  Wend
  If (MM_rs.EOF) Then 
    MM_offset = MM_index  ' set MM_offset to the last possible record
  End If

End If
%>
<%
' *** Move To Record: if we dont know the record count, check the display range

If (MM_rsCount = -1) Then

  ' walk to the end of the display range for this page
  MM_index = MM_offset
  While (Not MM_rs.EOF And (MM_size < 0 Or MM_index < MM_offset + MM_size))
    MM_rs.MoveNext
    MM_index = MM_index + 1
  Wend

  ' if we walked off the end of the recordset, set MM_rsCount and MM_size
  If (MM_rs.EOF) Then
    MM_rsCount = MM_index
    If (MM_size < 0 Or MM_size > MM_rsCount) Then
      MM_size = MM_rsCount
    End If
  End If

  ' if we walked off the end, set the offset based on page size
  If (MM_rs.EOF And Not MM_paramIsDefined) Then
    If (MM_offset > MM_rsCount - MM_size Or MM_offset = -1) Then
      If ((MM_rsCount Mod MM_size) > 0) Then
        MM_offset = MM_rsCount - (MM_rsCount Mod MM_size)
      Else
        MM_offset = MM_rsCount - MM_size
      End If
    End If
  End If

  ' reset the cursor to the beginning
  If (MM_rs.CursorType > 0) Then
    MM_rs.MoveFirst
  Else
    MM_rs.Requery
  End If

  ' move the cursor to the selected record
  MM_index = 0
  While (Not MM_rs.EOF And MM_index < MM_offset)
    MM_rs.MoveNext
    MM_index = MM_index + 1
  Wend
End If
%>
<%
' *** Move To Record: update recordset stats

' set the first and last displayed record
gbook_first = MM_offset + 1
gbook_last  = MM_offset + MM_size

If (MM_rsCount <> -1) Then
  If (gbook_first > MM_rsCount) Then
    gbook_first = MM_rsCount
  End If
  If (gbook_last > MM_rsCount) Then
    gbook_last = MM_rsCount
  End If
End If

' set the boolean used by hide region to check if we are on the last record
MM_atTotal = (MM_rsCount <> -1 And MM_offset + MM_size >= MM_rsCount)
%>
<%
' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters

Dim MM_keepNone
Dim MM_keepURL
Dim MM_keepForm
Dim MM_keepBoth

Dim MM_removeList
Dim MM_item
Dim MM_nextItem

' create the list of parameters which should not be maintained
MM_removeList = "&index="
If (MM_paramName <> "") Then
  MM_removeList = MM_removeList & "&" & MM_paramName & "="
End If

MM_keepURL=""
MM_keepForm=""
MM_keepBoth=""
MM_keepNone=""

' add the URL parameters to the MM_keepURL string
For Each MM_item In Request.QueryString
  MM_nextItem = "&" & MM_item & "="
  If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
    MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item))
  End If
Next

' add the Form variables to the MM_keepForm string
For Each MM_item In Request.Form
  MM_nextItem = "&" & MM_item & "="
  If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
    MM_keepForm = MM_keepForm & MM_nextItem & Server.URLencode(Request.Form(MM_item))
  End If
Next

' create the Form + URL string and remove the intial '&' from each of the strings
MM_keepBoth = MM_keepURL & MM_keepForm
If (MM_keepBoth <> "") Then 
  MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
End If
If (MM_keepURL <> "")  Then
  MM_keepURL  = Right(MM_keepURL, Len(MM_keepURL) - 1)
End If
If (MM_keepForm <> "") Then
  MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
End If

' a utility function used for adding additional parameters to these strings
Function MM_joinChar(firstItem)
  If (firstItem <> "") Then
    MM_joinChar = "&"
  Else
    MM_joinChar = ""
  End If
End Function
%>
<%
' *** Move To Record: set the strings for the first, last, next, and previous links

Dim MM_keepMove
Dim MM_moveParam
Dim MM_moveFirst
Dim MM_moveLast
Dim MM_moveNext
Dim MM_movePrev

Dim MM_urlStr
Dim MM_paramList
Dim MM_paramIndex
Dim MM_nextParam

MM_keepMove = MM_keepBoth
MM_moveParam = "index"

' if the page has a repeated region, remove 'offset' from the maintained parameters
If (MM_size > 1) Then
  MM_moveParam = "offset"
  If (MM_keepMove <> "") Then
    MM_paramList = Split(MM_keepMove, "&")
    MM_keepMove = ""
    For MM_paramIndex = 0 To UBound(MM_paramList)
      MM_nextParam = Left(MM_paramList(MM_paramIndex), InStr(MM_paramList(MM_paramIndex),"=") - 1)
      If (StrComp(MM_nextParam,MM_moveParam,1) <> 0) Then
        MM_keepMove = MM_keepMove & "&" & MM_paramList(MM_paramIndex)
      End If
    Next
    If (MM_keepMove <> "") Then
      MM_keepMove = Right(MM_keepMove, Len(MM_keepMove) - 1)
    End If
  End If
End If

' set the strings for the move to links
If (MM_keepMove <> "") Then 
  MM_keepMove = MM_keepMove & "&"
End If

MM_urlStr = Request.ServerVariables("URL") & "?" & MM_keepMove & MM_moveParam & "="

MM_moveFirst = MM_urlStr & "0"
MM_moveLast  = MM_urlStr & "-1"
MM_moveNext  = MM_urlStr & CStr(MM_offset + MM_size)
If (MM_offset - MM_size < 0) Then
  MM_movePrev = MM_urlStr & "0"
Else
  MM_movePrev = MM_urlStr & CStr(MM_offset - MM_size)
End If
%>

[...]

</head>

<body>
<form name="form1" method="POST" action="<% =Request.ServerVariables("Script_name")%>">
    
  <table width="330" border="0" align="center" cellpadding="1" cellspacing="1">
    <tr> 
      <td width="133" valign="top">Name</td>
      <td width="189"> <input name="name" type="text" id="name" onSubmit="MM_validateForm('name','','R','email','','RisEmail','msg','','R');return document.MM_returnValue"></td>
    </tr>
    <tr> 
      <td valign="top">email</td>
      <td> <input name="email" type="text" id="email"></td>
    </tr>
    <tr> 
      <td valign="top">url</td>
      <td> <input name="url" type="text" id="url"></td>
    </tr>
    <tr> 
      <td valign="top">message</td>
      <td> <textarea name="msg" rows="5" id="msg"></textarea></td>
    </tr>
    <tr>
      <td colspan="2"> <div align="center"><A href="javascript:smile();"><img src="smilies/smile.gif" alt="smile" border="0"></a> 
          <A href="javascript:sad();"><img src="smilies/sad.gif" alt="sad" border="0"></a> 
          <A href="javascript:wacko();"><img src="smilies/wacko.gif" alt="wacko" border="0"></a> 
        </div></td>
    </tr>
    <tr> 
      <td colspan="2"> <input name="datum" type="hidden" id="datum" value="<% = now %>"> 
        <div align="center"> 
          <input name="Send" <%= nextDisabled %> type="submit" onClick="MM_validateForm('name','','R','email','','RisEmail','msg','','R');return document.MM_returnValue" value="Send" border="0">
         
		  <input type="reset" name="Reset" value="Reset" border="0">
        </div></td>
    </tr>
  </table>

  <p>
    <input type="hidden" name="MM_insert" value="form1">
  </p>
  </form>

[...]

Ebenso versteh ich nicht, wo ich dann mein <%=MM_editAction%> einbauen muss, dass sonst in der Action drin steht...
 
Hi

achso, ist Dreamweaver-Scriptcode.
Nimm, bis auf dies, mal alles im 1. Teil oben heraus.

Code: 
<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="Connections/gb.asp" -->
<%
dim nextDisabled
nextDisabled = ""
if Request.Cookies("update") = "1" then nextDisabled = "disabled"
end if
%>

<%
' *** Edit Operations: declare variables

Dim MM_editAction
Dim MM_abortEdit
Dim MM_editQuery
Dim MM_editCmd
[...]

Den Cookieteil musst erst, nachdem die Eingabe getätigt worden ist, schreiben, das ist ja logisch, oder ?

Code: 
 If (Not MM_abortEdit) Then
    ' execute the insert
    Set MM_editCmd = Server.CreateObject("ADODB.Command")
    MM_editCmd.ActiveConnection = MM_editConnection
    MM_editCmd.CommandText = MM_editQuery
    MM_editCmd.Execute
	MM_editCmd.ActiveConnection.Close
	Response.Cookies("update") = 1
	Response.Cookies("update").Expires = dateAdd("n",5, now()) 
	If (MM_editRedirectUrl <> "") Then
	    Response.Redirect(MM_editRedirectUrl)
    End If
  End If

Aber wie gesagt, dies ist ein Eingriff in das gen. Verhalten. Wenn Änderungen zu machen sind, dann nur noch im Scriptcode.
 
Um antworten zu können musst du eingeloggt sein.

Neue Beiträge

Zurück