<% id=Request.Querystring("id") If id ="" then Response.Write("") end if if instr(id,"'") or instr(id,"select") or instr(id,"in") or instr(id,"from") or instr(id,"len") or instr(id,"where") or instr(id,"or") or instr(id,"and") then Response.Write("") Response.End end if '在这里过滤TMD的不良字符 conn.execute("update imgbook set click=click+1 where ID=" & id) sql="select * from imgbook where ID="&id set rs=server.createobject("adodb.recordset") rs.open sql,conn,1,1 if rs.eof then Response.Write("对不起。没有此编号的图片！！！") Response.end end if %>

<%=rs("title")%>    添加时间:<%=rs("updatetime")%>  浏览<%=rs("click")%>次

<% img=rs("news_content") if instr(img,"[img]") then img = Replace(img, "[img]","500)this.width=500"">") else img = Replace(img, "[uploadimg]","500)this.width=500"">") end if Response.Write(img) %>

图片相关说明:

<%=ubbcode(rs("guestcontent"))%>

<% rsclose() set rs1=server.CreateObject("Adodb.recordset") sql1="select ID from imgbook where ID="&Request.Querystring("id")+1 rs1.open sql1,conn,1,1 if not rs1.bof then Response.Write("上一张图片") end if rs1.close sql1="select ID from imgbook where ID="&Request.Querystring("id")-1 rs1.open sql1,conn,1,1 if not rs1.bof then Response.Write("下一张图片     ") end if rs1.close set rs1=nothing %>

<% connclose() %>