protected void Page_Load(object sender, EventArgs e) { action = Request.Params["action"]; id = Request.Params["id"]; page = Request.Params["page"]; commentparentid = Request.Params["commentparentid"]; commentuser = Request.Params["commentuser"]; commenttext = Request.Params["commenttext"]; commentvalidate = Request.Params["commentvalidate"];//51^aspx if (action == "ajax_getcomment") { ajax_getcomment(id, Int32.Parse(page)); } else if (action == "ajax_sendcomment") { if (Session["VerifyCode"].ToString().ToLower() != commentvalidate.ToLower()) { Response.Write("ERROR!"); } else { DBQuery.ExecuteScalar("insert into comment(commentparentid,commentuser,commenttext,commentreply,commentip) values('" + commentparentid + "','" + commentuser + "','" + Server.HtmlEncode(commenttext) + "','','" + Request.ServerVariables["REMOTE_ADDR"] + "')"); Response.Write("评论发表成功!"); } } else { Response.Write("error!"); } }