<!--#include file="inc/config.asp"-->
<!--#include file="inc/conn.asp"-->
<%
if ks=0 then
   response.write kssm
   response.end
end if

server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "你提交的路径有误，禁止从站点外部提交数据！"
response.end
end if

vid=Request.QueryString("id")

Function getIP() 
getIP = Request.ServerVariables("HTTP_X_FORWARDED_FOR") 
If getIP = "" Then getIP = (Request.ServerVariables("REMOTE_ADDR"))
End Function

ipdate=vid&getIP&date()

if ipdate<>"" then   
   Set rs = Server.CreateObject( "ADODB.Recordset" )
    Set rs1 = Server.CreateObject( "ADODB.Recordset" )
Set rs2 = Server.CreateObject( "ADODB.Recordset" )
set rssum=server.createobject("adodb.recordset")
exec="select sum(addps) as sumps from Result where addip='" & getIP & "' and addtime>=#"& now()-1 &"#"
rssum.open exec,conn,1,1
sumps=rssum("sumps")
set rssum3=server.createobject("adodb.recordset")
exec2="select sum(addps) as sumps from Result where addip='" & getIP & "'"
rssum3.open exec2,conn,1,1
sumps3=rssum3("sumps")
    sql = "select * from Result"
    rs.open sql,conn,1,3
   
   if int(sumps)>=int(gz) then
      Response.write("<script language='javascript'>alert('每天只有3次投票机会，您已经投票，请24小时后再来投票!');location='index.asp';</script>")
  response.End()
   else
    sql2 ="select sum(addps) as sumps from Result where addip='" & getIP & "' and voteid='"&vid&"' and addtime>=#"& now()-1 &"#"
rs2.open sql2,conn,1,1
sumps2=rs2("sumps")
if int(sumps2)>=int(xxps) then
  Response.write("<script language='javascript'>alert('您对该作品的投票已达上限，请24小时后再来投票!');location='index.asp';</script>")
   response.End()
    else
   

   sql1= "select * from Result where addip='" & getIP & "' and voteid='"&vid&"'"
   rs1.open sql1,conn,1,3
   if not (rs1.bof and rs1.eof) then


    if sumps=0 then
      sqlu="update Result set addtime='"& now() &"',ipdate='"&ipdate&"',addps=1 where addip='" & getIP & "'"   
else
    sqlu="update Result set addps=addps+1 where addip='" & getIP & "' and voteid='"&vid&"'"
     
end if
conn.execute(sqlu)

else  
      rs.addnew   
      rs("voteid")=vid
      rs("addip")=getIP
      rs("ipdate")=ipdate
  rs("addps")=1
      rs.update
      rs.close
end if  
  
      Set rs=nothing

      sql="update Info set ps=ps+1 where id="&vid
      conn.execute(sql)
      Response.write "<script language='javascript'>alert('恭喜您,投票成功,谢谢您的参与!');location='index.asp';</script>"
  end if
   end if
end if
%>