<% dim tid,t_name,neirong tid = Trim(Request.QueryString("tid")) t_name = Trim(Request.QueryString("t_name")) 't_userid= Trim(Request.QueryString("t_userid")) '如果家长已经登录,家长所预约的教员直接主动预约家长所登记的家教信息 if Request.Cookies("lx")="student" and tid="" and t_name="" then response.Write"" response.End end if if Request.Cookies("lx")="student" and tid<>"" and t_name<>"" then set rs=server.createobject("adodb.recordset") sql11="select email,name,userid from tc where num='"&tid&"'" rs.open sql11,conn,1,1 tcemail=rs("email") tcname=rs("name") t_userid=rs("userid") rs.close set rs=nothing STid=right(Request.Cookies("HZJJ8User"),len(Request.Cookies("HZJJ8User"))-3) set rs=server.createobject("adodb.recordset") sql="Select * from ApplyList where Userid='"&t_userid&"' and STid=" & STid rs.open sql,conn,1,3 if rs.recordcount>0 then response.Write"" response.End else '发信 Set msg = Server.CreateObject("JMail.Message") msg.silent = true msg.Logging = true msg.Charset = "gb2312" msg.MailServerUserName = mailname msg.MailServerPassword = MailPwd msg.From = mailname msg.FromName = webname msg.AddRecipient (tcemail) msg.Subject = tcname& ",你好:" &webname&"有家长预约你-新家教编号:" & Request.Cookies("HZJJ8User") msg.Body = "学员编号:" & request.Cookies("HZJJ8User") & vbcrlf msg.Body = msg.Body & "想了解该学员具体信息请点击该学员链接:" & website & "/StuDetail.asp?UserId=" &Request.Cookies("HZJJ8User")& vbcrlf msg.Body = msg.Body & "发布时间:" & now & vbcrlf msg.Send (mailserver) msg.close set msg = nothing '发信结束 'set rs=server.createobject("adodb.recordset") ' sql="select * from ApplyList" ' rs.open sql,conn,1,3 rs.addnew rs("STid")=STid rs("Userid")=t_userid rs("yuyuefankui")="该学员主动预约教员" rs.update rs.close rs.open "Select * from st where ID=" &STid,conn,1,3 rs("logins") = rs("logins")+1 rs.update rs.close set rs=nothing ' Response.Redirect("StuDetail.asp?UserId=" &Request.Cookies("HZJJ8User")&"#yuyue") response.Write"" response.End end if end if '如果家长已经登录,家长所预约的教员直接主动预约家长所登记的家教信息结束 if tid<>"" and t_name<>"" then neirong = "免费预约:"&t_name&",编号:"&tid&vbcrlf if request("action")="save" then call DeterLocalFormAttack() '防止攻击者自制本地表单提交非法数据到服务器以达到攻击服务端的目的。 'On Error Resume Next '---------------------------------------------------------------------------------- '下面就是验证了 pSN=UCase(Trim(Request.Form("pSN"))) true_psn=UCase(Cstr(Session("pSN"))) '验证码错误 If pSN="" Or pSN<>true_psn Then Response.Write "" Response.End End If Session("pSN")="" '---------------------------------------------------------------------------------- checkbox=request.form("checkbox") if checkbox<>"checkbox" then strMsg="" & vbCrlf Response.Write strMsg response.end end if '************************************* '防止外部提交 '************************************* function ChkPost() dim server_v1,server_v2 chkpost=false server_v1=Cstr(Request.ServerVariables("HTTP_REFERER")) server_v2=Cstr(Request.ServerVariables("SERVER_NAME")) If Mid(server_v1,8,Len(server_v2))<>server_v2 then chkpost=False else chkpost=True end If end function call ChkPost() if chkpost=False then strMsg="" & vbCrlf Response.Write strMsg response.end end if '*********************************** '字符过滤 TxtFilter="exec/insert/select/delete/update/countchr/mid/master/truncate/char/declare/script/frame" function CheckTxt(str) txtContent=str TxtFilterArr=split(TxtFilter,"/") '过滤脏话 for t=0 to ubound(TxtFilterArr) txtContent=replace(txtContent,TxtFilterArr(t),"***") next if txtContent<>str then '=================================恶意发布信息处理 db =Dataname '记录数据库路径修改为你的数据库路径 dim killConn,killConnstr,ClientIp 'On Error Resume Next Set killConn = Server.CreateObject("ADODB.Connection") killConnstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(db) killConn.Open killConnstr ClientIp=Request.ServerVariables("REMOTE_ADDR")'用户IP set rsKill=server.createobject("adodb.recordset") sqlKill="select Sqlin_IP from SqlIn where Sqlin_IP='"&ClientIp&"'" rsKill.open sqlKill,killConn,1,3 '查询该ip是否存在,如果存在则锁定ip,否则加入ip记录 if rsKill.eof and rsKill.bof then '不存在,插入入ip killConn.Execute("insert into SqlIn(Sqlin_IP,Kill_Ip,hits,SqlIn_SJ) values('"&ClientIp&"','0','1','非法字符:"&str&"')") else killConn.Execute("update SqlIn set Kill_Ip=1 where Sqlin_IP='"&ClientIp&"'") end if '================================== response.write "" response.End() end if end function teacher=request.form("teacher") name=request.form("name") sex=request.form("sex") sex2=request.form("sex2") dq=request.form("dq") dq2=request.form("dq2") qk=request.form("qk") Tel1=request.form("Tel1") Tel2=request.form("Tel2") km=request.form("km") bc=request.form("bc") yq=request.form("yq") nj=request.form("nj") qq=request.form("qq") x=request.form("x") y=request.form("y") z=request.form("z") email="每周"& request.form("chi") &"次;每次"& request.form("shi") &"小时" times=request.form("times") userIp="注册ip:"&Request.ServerVariables("REMOTE_ADDR") &"" CheckTxt(Tel1) CheckTxt(name) CheckTxt(dq2) CheckTxt(km) CheckTxt(qk) CheckTxt(yq) set rs=server.createobject("adodb.recordset") sql="select top 1 * from st" rs.open sql,conn,1,3 rs.Addnew Randomize() i= int((9999*rnd)+1000) STid=rs("id") rs("num")="100"&rs("id") temp="100"&rs("id") StuNum="100"&rs("id") rs("userid")="100"&rs("id") rs("psw")=i rs("name")=name rs("email")=email rs("sex")=sex rs("sex2")=sex2 rs("dq")=dq rs("dq2")=dq2 rs("Tel1")=Tel1 rs("qq")=qq rs("nj")=nj rs("km")=km rs("times")=times rs("qk")=qk rs("yq")=yq rs("bc")=bc rs("islock")=True rs("zhiding")=1 rs("AdminBZ")=userIp if x <>"" then rs("x")=x rs("y")=y rs("z")=z end if rs.update rs.close ''==================写Cookie Response.Cookies("HZJJ8User")=temp Response.Cookies("name")=name Response.Cookies("lx")="student" Response.Cookies("HZJJ8User").expires =date()+30 Response.Cookies("name").expires =date()+30 Response.Cookies("lx").expires =date()+30 'session("addxinxi")=now() ''========================== '向发送通知管理员 ' mailserver="smtp.qq.com" ' mailname="549362622@qq.com" ' mailpassword="" Set msg = Server.CreateObject("JMail.Message") msg.silent = true msg.Logging = true msg.Charset = "gb2312" msg.MailServerUserName = mailname msg.MailServerPassword = MailPwd msg.From = mailname msg.FromName = webname msg.AddRecipient (Agentqq1 & "@qq.com") msg.Subject = "新家教编号:" & StuNum msg.Body = "学员编号:" & StuNum & vbcrlf msg.Body = msg.Body & "联系姓名:" & name & vbcrlf msg.Body = msg.Body & "联系电话:" & Tel1 & vbcrlf msg.Body = msg.Body & "联系地址:" & dq & "." &dq2 & vbcrlf msg.Body = msg.Body & "年级性别:" & nj & "." & sex & vbcrlf msg.Body = msg.Body & "求教学科:" & km & vbcrlf msg.Body = msg.Body & "学员情况:" & qk & vbcrlf msg.Body = msg.Body & "教员要求:" & yq & vbcrlf msg.Body = msg.Body & "想了解该学员具体信息请点击该学员链接:" & website & "/StuDetail.asp?UserId=" &StuNum& vbcrlf msg.Body = msg.Body & "发布时间:" & now & vbcrlf msg.Send (mailserver) msg.close set msg = nothing '发信结束 '========================== '如果是家长预约老师的话 发送信息给教员 if teacher<>"" then set rs=server.createobject("adodb.recordset") sql11="select email,name,userid from tc where num='"&teacher&"'" rs.open sql11,conn,1,1 tcemail=rs("email") tcname=rs("name") t_userid=rs("userid") rs.close set rs=nothing Set msg = Server.CreateObject("JMail.Message") msg.silent = true msg.Logging = true msg.Charset = "gb2312" msg.MailServerUserName = mailname msg.MailServerPassword = MailPwd msg.From = mailname msg.FromName = webname msg.AddRecipient (tcemail) msg.Subject = tcname& ",你好:" &webname&"有家长预约你-新家教编号:" & StuNum msg.Body = "学员编号:" & StuNum & vbcrlf msg.Body = msg.Body & "联系姓名:" & name & vbcrlf msg.Body = msg.Body & "联系地址:" & dq & "." &dq2 & vbcrlf msg.Body = msg.Body & "年级性别:" & nj & "." & sex & vbcrlf msg.Body = msg.Body & "求教学科:" & km & vbcrlf msg.Body = msg.Body & "学员情况:" & qk & vbcrlf msg.Body = msg.Body & "教员要求:" & yq & vbcrlf msg.Body = msg.Body & "想了解该学员具体信息请点击该学员链接:" & website & "/StuDetail.asp?UserId=" &StuNum& vbcrlf msg.Body = msg.Body & "发布时间:" & now & vbcrlf msg.Send (mailserver) msg.close set msg = nothing set rs=server.createobject("adodb.recordset") sql="select * from ApplyList" rs.open sql,conn,1,3 rs.addnew rs("STid")=STid rs("Userid")=t_userid rs.update rs.close rs.open "Select * from st where ID=" &STid,conn,1,3 rs("logins") = rs("logins")+1 rs.update rs.close set rs=nothing end if '发信结束 Response.Redirect("StudentAddSucceed.asp?uid="&temp&"&pwd="& i) end if %>

请家长(学员)填写以下家教需求信息

<% if tid<>"" and t_name<>"" then %> <% end if %>
<%=webname%>相信:每个孩子都有适合他/她的老师,我们承诺为学员免费更换教员,直至满意为止,直至满意为止!
我要预约的教员: <%= tid %> <%=t_name%>
*联系人姓名:

如学生家长姓名或学生本人姓名,如"李先生"、"周同学"

*请填写手机号码:
电话号码仅网站工作人员可见,请放心填写
QQ:
此项可不填。您的QQ仅工作人员可见,请放心填写
学员性别:
男  男女不限
*所在城区:
*家教上课地点:
推荐地图标记您的位置:
*学员目前年级:
*家教时间安排:
每周上 次课 ;每次课上 小时;
*可授课时间:
周一
周二
周三
周四
上午 下午 晚上
上午 下午 晚上
上午 下午 晚上
上午 下午 晚上
周五
周六
周日
时间面议
上午 下午 晚上
上午 下午 晚上
上午 下午 晚上
*辅导科目:
如果有多门学科以","分隔,如"钢琴,数学,计算机"
学员学习情况描述:
选择教员性别:
要女教员  要男教员  男女教员不限
对教员具体的要求:
*支付给老师的报酬:
元/小时   点击查看家教薪资参考标准
*请输入右边的验证码
刷新验证码
  因虚假信息而引发的任何后果,一概由填表人负责,与本站无关。