<%
'#################################################################################
'## Copyright (C) 2000 Michael Anderson and Pierre Gorissen
'##
'## This program is free software; you can redistribute it and/or
'## modify it under the terms of the GNU General Public License
'## as published by the Free Software Foundation; either version 2
'## of the License, or any later version.
'##
'## All copyright notices regarding Snitz Forums 2000
'## must remain intact in the scripts and in the outputted HTML
'## The "powered by" text/logo with a link back to
'## http://forum.snitz.com in the footer of the pages MUST
'## remain visible when the pages are viewed on the internet or intranet.
'##
'## This program is distributed in the hope that it will be useful,
'## but WITHOUT ANY WARRANTY; without even the implied warranty of
'## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
'## GNU General Public License for more details.
'##
'## You should have received a copy of the GNU General Public License
'## along with this program; if not, write to the Free Software
'## Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
'##
'## Support can be obtained from support forums at:
'## http://forum.snitz.com
'##
'## Correspondence and Marketing Questions can be sent to:
'## reinhold@bigfoot.com
'##
'## or
'##
'## Snitz Communications
'## C/O: Michael Anderson
'## PO Box 200
'## Harpswell, ME 04079
'#################################################################################
%>
<%
if strAuthType = "db" then
strDBNTUserName = Request.Form("UserName")
end if
set rs = Server.CreateObject("ADODB.RecordSet")
err_Msg = ""
ok = ""
if Request.Form("Method_Type") = "Edit" then
member = cint(ChkUser(strDBNTUserName, Request.Form("Password")))
Select Case Member
case 0 '## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post so OK
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only Admins, Moderators and the Author can change this post", 0
%>
<%
Response.End
case 3 '## Moderator so OK - check the Moderator of this forum
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only Admins, Moderators and the Author can change this post", 0
end if
case 4 '## Admin so OK
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
Err_Msg = ""
if txtMessage = " " then
Err_Msg = Err_Msg & "You Must Enter a Message for your Reply"
end if
if Err_Msg = "" then
if strEditedByDate = "1" and mlev < 4 then
txtMessage = txtMessage & vbCrLf & vbCrLf & "Edited by - "
txtMessage = txtMessage & ChkString(STRdbntUserName, "display") & " on " & ChkDate(DateToStr(strForumTimeAdjust)) & " " & ChkTime(DateToStr(strForumTimeAdjust))
end if
'## Forum_SQL - Do DB Update
strSql = "UPDATE " & strTablePrefix & "REPLY "
strSql = strSql & " SET R_MESSAGE = '" & txtMessage & "'"
if lcase(strEmail) = "1" then '**
if Request.Form("rmail") <> "1" then
TF = "0"
else
TF = "1"
end if
strSql = strSql & ", R_MAIL = " & TF
end if
strSql = strSql & " WHERE REPLY_ID=" & Request.Form("REPLY_ID")
my_Conn.Execute (strSql)
if mLev <> 4 then
'## Forum_SQL - Update Last Post
strSql = " UPDATE " & strTablePrefix & "FORUM"
strSql = strSql & " SET F_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", F_LAST_POST_AUTHOR = " & getMemberID(STRdbntUserName)
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
'## Forum_SQL - Update Last Post
strSql = " UPDATE " & strTablePrefix & "TOPICS"
strSql = strSql & " SET T_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", T_LAST_POST_AUTHOR = " & getMemberID(STRdbntUserName)
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
my_Conn.Execute (strSql)
end if
err_Msg = ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
Go_Result "Updated OK", 1
end if
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "TOPICS "
strSql = strSql & " SET T_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", T_LAST_POST_AUTHOR = " & getMemberID(STRdbntUserName)
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
my_Conn.Execute (strSql)
err_Msg = ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
Go_Result "Updated OK", 1
%>
<%
Response.End
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "EditTopic" then
member = cint(ChkUser(STRdbntUserName, Request.Form("Password")))
select case Member
case 0 '## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post so OK
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only Admins, Moderators and the Author can change this post", 0
%>
<%
Response.End
case 3 '## Moderator so
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only Admins, Moderators and the Author can change this post", 0
end if
case 4 '## Admin so OK
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "You Must Enter a Subject for the Topic"
end if
if txtMessage = " " then
Err_Msg = Err_Msg & "You Must Enter a Message for the Topic"
end if
if Err_Msg = "" then
if strEditedByDate = "1" and mlev < 4 then
txtMessage = txtMessage & vbCrLf & vbCrLf & "Edited by - "
txtMessage = txtMessage & Chkstring(STRdbntUserName, "display") & " on " & ChkDate(DateToStr(strForumTimeAdjust)) & " " & ChkTime(DateToStr(strForumTimeAdjust))
end if
'## Set array to pull out CAT_ID and FORUM_ID from dropdown values in post.asp
aryForum = split(Request.Form("Forum"), "|")
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "TOPICS "
strSql = strSql & " SET T_MESSAGE = '" & txtMessage & "'"
strSql = strSql & ", T_SUBJECT = '" & txtSubject & "'"
if Request.Form("FORUM_ID") <> "" and Request.Form("FORUM_ID") <> aryForum(1) then
strSql = strSql & ", CAT_ID = " & aryForum(0)
strSql = strSql & ", FORUM_ID = " & aryForum(1)
end if
if lcase(strEmail) = "1" then '**
if Request.Form("rmail") <> "1" then
TF = "0"
else
TF = "1"
end if
strSql = strSql & ", T_MAIL = " & TF
end if
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
my_Conn.Execute(strSql)
if Request.Form("FORUM_ID") <> aryForum(1) then
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "REPLY "
strSql = strSql & " SET CAT_ID = " & aryForum(0)
strSql = strSql & ", FORUM_ID = " & aryForum(1)
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
my_Conn.Execute(strSql)
set rs = Server.CreateObject("ADODB.Recordset")
'## Forum_SQL - count total number of replies in Topics table
strSql = "SELECT T_REPLIES, T_LAST_POST, T_LAST_POST_AUTHOR "
strSql = strSql & " FROM " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
set rs = my_Conn.Execute (strSql)
intResetCount = rs("T_REPLIES") + 1
strT_Last_Post = rs("T_LAST_POST")
strT_Last_Post_Author = rs("T_LAST_POST_AUTHOR")
rs.Close
set rs = nothing
'## Forum_SQL - Get last_post and last_post_author for MoveFrom-Forum
strSql = "SELECT T_LAST_POST, T_LAST_POST_AUTHOR "
strSql = strSql & " FROM " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID") & " "
strSql = strSql & " ORDER BY T_LAST_POST DESC;"
set rs = my_Conn.Execute (strSql)
if not rs.eof then
strLast_Post = rs("T_LAST_POST")
strLast_Post_Author = rs("T_LAST_POST_AUTHOR")
else
strLast_Post = ""
strLast_Post_Author = ""
end if
rs.Close
set rs = nothing
'## Forum_SQL - Update count of replies to a topic in Forum table
strSql = "UPDATE " & strTablePrefix & "FORUM SET "
strSql = strSql & " F_COUNT = F_COUNT - " & intResetCount
if strLast_Post <> "" then
strSql = strSql & ", F_LAST_POST = '" & strLast_Post & "'"
if strLast_Post_Author <> "" then
strSql = strSql & ", F_LAST_POST_AUTHOR = " & strLast_Post_Author
end if
end if
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute(strSql)
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "FORUM SET "
strSql = strSql & " F_TOPICS = F_TOPICS - 1 "
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute(strSql)
'## Forum_SQL - Get last_post and last_post_author for Forum
strSql = "SELECT T_LAST_POST, T_LAST_POST_AUTHOR "
strSql = strSql & " FROM " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE FORUM_ID = " & aryForum(1) & " "
strSql = strSql & " ORDER BY T_LAST_POST DESC;"
set rs = my_Conn.Execute (strSql)
if not rs.eof then
strLast_Post = rs("T_LAST_POST")
strLast_Post_Author = rs("T_LAST_POST_AUTHOR")
else
strLast_Post = ""
strLast_Post_Author = ""
end if
rs.Close
set rs = nothing
'## Forum_SQL - Update count of replies to a topic in Forum table
strSql = "UPDATE " & strTablePrefix & "FORUM SET "
strSql = strSql & " F_COUNT = (F_COUNT + " & intResetCount & ")"
if strLast_Post <> "" then
strSql = strSql & ", F_LAST_POST = '" & strLast_Post & "'"
if strLast_Post_Author <> "" then
strSql = strSql & ", F_LAST_POST_AUTHOR = " & strLast_Post_Author
end if
end if
strSql = strSql & " WHERE FORUM_ID = " & aryForum(1)
my_Conn.Execute(strSql)
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "FORUM SET "
strSql = strSql & " F_TOPICS = F_TOPICS + 1 "
strSql = strSql & " WHERE FORUM_ID = " & aryForum(1)
my_Conn.Execute(strSql)
end if
err_Msg = ""
aryForum = ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "Topic" then
'## Forum_SQL
strSql = "SELECT MEMBER_ID, M_LEVEL, M_EMAIL, "&Strdbntsqlname
if strAuthType = "db" then
strSql = strSql & ", M_PASSWORD "
end if
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
strSql = strSql & " WHERE "&Strdbntsqlname&" = '" & STRdbntUserName & "'"
strSql = strSql & " AND " & strMemberTablePrefix & "MEMBERS.M_STATUS = " & 1
if strAuthType = "db" then
strSql = strSql & " AND M_PASSWORD = '" & Request.Form("Password") &"'"
QuoteOk = (ChkQuoteOk(STRdbntUserName) and ChkQuoteOk(Request.Form("Password")))
else
QuoteOk = ChkQuoteOk(Session(strCookieURL & "userid"))
end if
set rs = my_Conn.Execute (strSql)
if rs.BOF or rs.EOF or not(QuoteOk) then '## Invalid Password
Go_Result "Invalid UserName or Password", 0
%>
<%
Response.End
else
if not(chkForumAccess(Request.Form("FORUM_ID"))) then
Go_Result "You are not allowed to post in this forum !", 0
end if
txtMessage = ChkString(Request.Form("Message"),"message")
txtSubject = ChkString(Request.Form("Subject"),"title")
if txtMessage = " " then
Go_Result "You must post a message!", 0
%>
<%
Response.End
end if
if txtSubject = " " then
Go_Result "You must post a subject!", 0
%>
<%
Response.End
end if
if Request.Form("sig") = "yes" and GetSig(STRdbntUserName) <> "" then
txtMessage = txtMessage & vbCrLf & vbCrLf & ChkString(GetSig(STRdbntUserName), "signature" )
end if
'
if Request.Form("rmail") <> "1" then
TF = "0"
else
TF = "1"
end if
'## Forum_SQL - Add new post to Topics Table
strSql = "INSERT INTO " & strTablePrefix & "TOPICS (FORUM_ID"
strSql = strSql & ", CAT_ID"
strSql = strSql & ", T_SUBJECT"
strSql = strSql & ", T_MESSAGE"
strSql = strSql & ", T_AUTHOR"
strSql = strSql & ", T_LAST_POST"
strSql = strSql & ", T_LAST_POST_AUTHOR"
strSql = strSql & ", T_DATE"
strSql = strSql & ", T_STATUS"
if strIPLogging <> "0" then
strSql = strSql & ", T_IP"
end if
strSql = strSql & ", T_MAIL"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("FORUM_ID")
strSql = strSql & ", " & Request.Form("CAT_ID")
strSql = strSql & ", '" & txtSubject & "'"
strSql = strSql & ", '" & txtMessage & "'"
strSql = strSql & ", " & rs("MEMBER_ID")
strSql = strSql & ", '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", " & rs("MEMBER_ID")
strSql = strSql & ", '" & DateToStr(strForumTimeAdjust) & "'"
if Request.Form("lock") = 1 then
strSql = strSql & ", 0 "
else
strSql = strSql & ", 1 "
end if
if strIPLogging <> "0" then
strSql = strSql & ", '" & Request.ServerVariables("REMOTE_ADDR") & "'"
end if
strSql = strSql & ", " & TF & ")"
my_Conn.Execute (strSql)
if Err.description <> "" then
err_Msg = "There was an error = " & Err.description
else
err_Msg = "Updated OK"
end if
'## Forum_SQL - Increase count of topics and replies in Forum table by 1
strSql = "UPDATE " & strTablePrefix & "FORUM "
strSql = strSql & " SET F_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", F_TOPICS = F_TOPICS + 1"
strSql = strSql & ", F_COUNT = F_COUNT + 1"
strSql = strSql & ", F_LAST_POST_AUTHOR = " & rs("MEMBER_ID") & ""
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
Go_Result err_Msg, 1
%>
<%
Response.End
end if
end if
if Request.Form("Method_Type") = "Reply" or Request.Form("Method_Type") = "ReplyQuote" or Request.Form("Method_Type") = "TopicQuote" then
'## Forum_SQL
strSql = "SELECT MEMBER_ID, M_LEVEL, M_EMAIL, "&Strdbntsqlname
if strAuthType = "db" then
strSql = strSql & ", M_PASSWORD "
end if
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
strSql = strSql & " WHERE "&Strdbntsqlname&" = '" & STRdbntUserName & "'"
strSql = strSql & " AND " & strMemberTablePrefix & "MEMBERS.M_STATUS = " & 1
if strAuthType = "db" then
strSql = strSql & " AND M_PASSWORD = '" & Request.Form("Password") &"'"
QuoteOk = (ChkQuoteOk(STRdbntUserName) and ChkQuoteOk(Request.Form("Password")))
else
QuoteOk = ChkQuoteOk(STRdbntUserName)
end if
set rs = my_Conn.Execute (strSql)
if rs.BOF or rs.EOF or not(QuoteOk) then '## Invalid Password
err_Msg = "Invalid Password or User Name"
Go_Result(err_Msg), 0
%>
<%
Response.End
else
if not(chkForumAccess(Request.Form("FORUM_ID"))) then
Go_Result "You are not allowed to post in this forum !", 0
end if
txtMessage = ChkString(Request.Form("Message"),"message")
if txtMessage = " " then
Go_Result "You must post a message!", 0
%>
<%
Response.End
end if
if Request.Form("sig") = "yes" and GetSig(STRdbntUserName) <> "" then
txtMessage = txtMessage & vbCrLf & vbCrLf & ChkString(GetSig(STRdbntUserName), "signature" )
end if
DoReplyEmail Request.Form("TOPIC_ID"), rs("MEMBER_ID"), Request.Form("UserName")
if Request.Form("rmail") <> "1" then
RF = "0"
else
RF = "1"
end if
'## Forum_SQL
strSql = "INSERT INTO " & strTablePrefix & "REPLY "
strSql = strSql & "(TOPIC_ID"
strSql = strSql & ", FORUM_ID"
strSql = strSql & ", CAT_ID"
strSql = strSql & ", R_AUTHOR"
strSql = strSql & ", R_DATE "
if strIPLogging <> "0" then
strSql = strSql & ", R_IP"
end if
strSql = strSql & ", R_MAIL"
strSql = strSql & ", R_MESSAGE"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("TOPIC_ID")
strSql = strSql & ", " & Request.Form("FORUM_ID")
strSql = strSql & ", " & Request.Form("CAT_ID")
strSql = strSql & ", " & rs("MEMBER_ID")
strSql = strSql & ", " & "'" & DateToStr(strForumTimeAdjust) & "'"
if strIPLogging <> "0" then
strSql = strSql & ", " & "'" & Request.ServerVariables("REMOTE_ADDR") & "'"
end if
strSql = strSql & ", " & RF
strSql = strSql & ", " & "'" & txtMessage & "'"
strSql = strSql & ")"
my_Conn.Execute (strSql)
'## Forum_SQL - Update Last Post and count
strSql = "UPDATE " & strTablePrefix & "TOPICS "
strSql = strSql & " SET T_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", T_REPLIES = T_REPLIES + 1 "
strSql = strSql & ", T_LAST_POST_AUTHOR = " & rs("MEMBER_ID")
if Request.Form("lock") = 1 then
strSql = strSql & ", T_STATUS = 0 "
end if
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
my_Conn.Execute (strSql)
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "FORUM "
strSql = strSql & " SET F_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", F_LAST_POST_AUTHOR = " & rs("MEMBER_ID")
strSql = strSql & ", F_COUNT = F_COUNT + 1 "
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
if Request.Form("M") = "1" then
'## Forum_SQL
strSql = "SELECT " & strMemberTablePrefix & "MEMBERS.M_NAME, " & strMemberTablePrefix & "MEMBERS.M_EMAIL "
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS, " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & strTablePrefix & "TOPICS.T_AUTHOR "
strSql = strSql & " AND " & strTablePrefix & "TOPICS.TOPIC_ID = " & Request.Form("TOPIC_ID")
set rs2 = my_Conn.Execute (strSql)
DoEmail rs2("M_EMAIL"), rs2("M_NAME")
rs2.close
set rs2 = nothing
end if
Go_Result "Updated OK", 1
%>
<%
Response.End
end if
end if
end if
if Request.Form("Method_Type") = "Forum" then
member = cint(ChkUser(strDBNTUserName, Request.Form("Password")))
select case Member
case 0
'## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only the Moderator can create a Forum", 0
%>
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only the Moderator can create a Forum", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "You Must Enter a Subject for the New Forum"
end if
if txtMessage = "" then
Err_Msg = Err_Msg & "You Must Enter a Message for the New Forum"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "INSERT INTO " & strTablePrefix & "FORUM "
strSql = strSql & "(CAT_ID"
if strPrivateForums = "1" then
strSql = strSql & ", F_PRIVATEFORUMS"
strSql = strSql & ", F_PASSWORD_NEW"
end if
strSql = strSql & ", F_LAST_POST"
strSql = strSql & ", F_SUBJECT"
strSql = strSql & ", F_DESCRIPTION"
strSql = strSql & ", F_TYPE"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("CAT_ID")
if strPrivateForums = "1" then
strSql = strSql & ", " & Request.Form("AuthType") & ""
strSql = strSql & ", '" & ChkString(Request.Form("AuthPassword"),"password") & "'"
end if
strSql = strSql & ", " & "'" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", '" & txtSubject & "'"
strSql = strSql & ", '" & txtMessage & "'"
strSql = strSql & ", " & Request.Form("Type")
strSql = strSql & ")"
my_Conn.Execute (strSql)
err_Msg = ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
Else
'######## Update allowed user list##################################
set rsCount = my_Conn.execute("SELECT MAX(FORUM_ID) AS maxForumID FROM " & strTablePrefix & "FORUM ")
newForumMembers rsCount("maxForumId")
'##################################################################
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "URL" then
member = cint(ChkUser(strDBNTUserName, Request.Form("Password")))
select case Member
case 0'## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only the Moderator can create a web link", 0
%>
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only the Moderator can create a web link", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtAddress = ChkString(Request.Form("Address"),"url")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "You Must Enter a Subject for the New URL"
end if
if txtAddress = " " or lcase(txtAddress) = "http://" or lcase(txtAddress) = "https://" or lcase(txtAddress) = "file:///" then
Err_Msg = Err_Msg & "You Must Enter an Address for the New URL"
end if
if (left(lcase(txtAddress), 7) <> "http://" and left(lcase(txtAddress), 8) <> "https://") and txtAddress <> "" then
Err_Msg = Err_Msg & "You Must prefix the Address with http://, https:// or file:///"
end if
if txtMessage = " " then
Err_Msg = Err_Msg & "You Must Enter a Message for the New URL"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "INSERT INTO " & strTablePrefix & "FORUM "
strSql = strSql & "(CAT_ID"
if strPrivateForums = "1" then
strSql = strSql & ", F_PRIVATEFORUMS"
end if
strSql = strSql & ", F_LAST_POST"
strSql = strSql & ", F_LAST_POST_AUTHOR"
strSql = strSql & ", F_SUBJECT"
strSql = strSql & ", F_URL"
strSql = strSql & ", F_DESCRIPTION"
strSql = strSql & ", F_TYPE"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("CAT_ID")
if strPrivateForums = "1" then
strSql = strSql & ", " & Request.Form("AuthType") & ""
end if
strSql = strSql & ", " & "'" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", " & getMemberID(Request.Form("UserName")) & " "
strSql = strSql & ", " & "'" & txtSubject & "'"
strSql = strSql & ", " & "'" & txtAddress & "'"
strSql = strSql & ", " & "'" & txtMessage & "'"
strSql = strSql & ", " & Request.Form("Type")
strSql = strSql & ") "
my_Conn.Execute (strSql)
err_Msg = ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
'########### Update allowed user list ##############################
set rsCount = my_Conn.execute("SELECT MAX(FORUM_ID) AS maxForumID FROM " & strTablePrefix & "FORUM ")
newForumMembers rsCount("maxForumId")
'##################################################################
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "EditForum" then
member = cint(ChkUser(STRdbntUserName, Request.Form("Password")))
select case Member
case 0
'## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only Admins and Moderators can change this Forum", 0
%>
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only Admins and Moderators change this Forum", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "You Must Enter a Subject for the Forum"
end if
if txtMessage = " " then
Err_Msg = Err_Msg & "You Must Enter a Message for the Forum"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "UPDATE " & strTablePrefix & "FORUM "
strSql = strSql & " SET CAT_ID = " & Request.Form("Category")
if strPrivateForums = "1" then
strSql = strSql & ", F_PRIVATEFORUMS = " & Request.Form("AuthType") & ""
strSql = strSql & ", F_PASSWORD_NEW = '" & ChkString(Request.Form("AuthPassword"),"password") & "'"
end if
strSql = strSql & ", F_SUBJECT = '" & txtSubject & "'"
strSql = strSql & ", F_DESCRIPTION = '" & txtMessage & "'"
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
err_Msg= ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
'########## Update Allowed user List ###############################
set rsCount = my_Conn.execute("SELECT MAX(FORUM_ID) AS maxForumID FROM " & strTablePrefix & "FORUM ")
updateForumMembers Request.Form("FORUM_ID")
'###################################################################
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "EditURL" then
member = cint(ChkUser(strDBNTUserName, Request.Form("Password")))
select case Member
case 0
'## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only Admins and Moderators can change this Forum", 0
%>
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only Admins and Moderators change this Forum", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtAddress = ChkString(Request.Form("Address"),"url")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "You Must Enter a Subject for the New URL"
end if
if txtAddress = " " or lcase(txtAddress) = "http://" or lcase(txtAddress) = "https://" or lcase(txtAddress) = "file:///" then
Err_Msg = Err_Msg & "You Must Enter an Address for the New URL"
end if
if (left(lcase(txtAddress), 7) <> "http://" and left(lcase(txtAddress), 8) <> "https://" and left(lcase(txtAddress), 8) <> "file:///") and (txtAddress <> "") then
Err_Msg = Err_Msg & "You Must prefix the Address with http://, https:// or file:///"
end if
if txtMessage = "" then
Err_Msg = Err_Msg & "You Must Enter a Message for the New URL"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "UPDATE " & strTablePrefix & "FORUM "
strSql = strSql & " SET CAT_ID = " & Request.Form("Category")
if strPrivateForums = "1" then
strSql = strSql & ", F_PRIVATEFORUMS = " & Request.Form("AuthType") & ""
end if
strSql = strSql & ", F_SUBJECT = '" & txtSubject & "'"
strSql = strSql & ", F_URL = '" & txtAddress & "'"
strSql = strSql & ", F_DESCRIPTION = '" & txtMessage & "'"
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
err_Msg= ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
'########## Update Allowed user List ###############################
set rsCount = my_Conn.execute("SELECT MAX(FORUM_ID) AS maxForumID FROM " & strTablePrefix & "FORUM ")
updateForumMembers Request.Form("FORUM_ID")
'###################################################################
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "Category" then
member = cint(ChkUser(STRdbntUserName, Request.Form("Password")))
select case Member
case 0
'## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only an administrator can create a category", 0
%>
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only an administrator can create a category", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
Err_Msg = ""
if Request.Form("Subject") = "" then
Err_Msg = Err_Msg & "You Must Enter a Subject for the New Category"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "INSERT INTO " & strTablePrefix & "CATEGORY (CAT_NAME) "
strSql = strSql & " VALUES ('" & ChkString(Request.Form("Subject"),"title") & "')"
my_Conn.Execute (strSql)
err_Msg= ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
if Request.Form("Method_Type") = "EditCategory" then
member = cint(ChkUser(STRdbntUserName, Request.Form("Password")))
select case Member
case 0
'## Invalid Pword
Go_Result "Invalid Password or UserName", 0
%>
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "Only an administrator can change a category", 0
%>
<%
Response.End
case 3 '## Moderator
'## Do Nothing
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "Only an administrator can change a category", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<%
Response.End
end select
Err_Msg = ""
if Request.Form("Subject") = "" then
Err_Msg = Err_Msg & "You Must Enter a Subject for the Category"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "UPDATE " & strTablePrefix & "CATEGORY "
strSql = strSql & " SET CAT_NAME = '" & ChkString(Request.Form("Subject"),"title") & "'"
strSql = strSql & " WHERE CAT_ID = " & Request.Form("CAT_ID")
my_Conn.Execute (strSql)
err_Msg= ""
if Err.description <> "" then
Go_Result "There was an error = " & Err.description, 0
%>
<%
Response.End
else
Go_Result "Updated OK", 1
end if
else
%>
There Was A Problem With Your Details
>Go Back To Enter Data
<%
end if
end if
%>
<% set rs = nothing %>
<%
sub DoEmail(email, user_name)
'## Emails Topic Author if Requested.
'## This needs to be Edited to use your own email component
'## if you don't have one, try the w3Jmail component from www.dimac.net it's free!
if lcase(strEmail) = "1" then
strRecipientsName = user_name
strRecipients = email
strSubject = strForumTitle & " - Reply to your posting"
strMessage = "Hello " & user_name & vbCrLf & vbCrLf
strMessage = strMessage & "You have received a reply to your posting on " & strForumTitle & "." & vbCrLf
strMessage = strMessage & "Regarding the subject - " & Request.Form("Topic_Title") & "." & vbCrLf & vbCrLf
strMessage = strMessage & "You can view the reply at " & Request.Form("Refer") & vbCrLf
%>
<%
end if
end sub
sub DoReplyEmail(TopicNum, PostedBy, PostedByName)
'## Emails all users who wish to receive a mail if topic
'## has a reply but only send one per member.
'## Forum_SQL
strSql = "SELECT " & strMemberTablePrefix & "MEMBERS.M_NAME, " & strMemberTablePrefix & "MEMBERS.MEMBER_ID, " & strMemberTablePrefix & "MEMBERS.M_EMAIL "
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS, " & strTablePrefix & "REPLY "
strSql = strSql & " WHERE " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & strTablePrefix & "REPLY.R_AUTHOR "
strSql = strSql & " AND TOPIC_ID = " & TopicNum
strSql = strSql & " AND R_MAIL = 1 "
strSql = strSql & " ORDER BY " & strMemberTablePrefix & "MEMBERS.MEMBER_ID"
set rsReply = my_Conn.Execute (strSql)
'## Forum_SQL
strSql = " SELECT " & strMemberTablePrefix & "MEMBERS.MEMBER_ID, " & strMemberTablePrefix & "MEMBERS.M_NAME, " & strMemberTablePrefix & "MEMBERS.M_EMAIL, " & strTablePrefix & "TOPICS.T_MAIL "
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS, "
strSql = strSql & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & strTablePrefix & "TOPICS.T_AUTHOR "
strSql = strSql & " AND " & strTablePrefix & "TOPICS.TOPIC_ID = " & TopicNum
set rsTopicAuthor = my_Conn.Execute (strSql)
MailSendToAuthor = false
if (rsTopicAuthor("T_MAIL") = 1) and (PostedBy <> rsTopicAuthor("MEMBER_ID")) then
strRecipientsName = rsTopicAuthor("M_NAME")
strRecipients = rsTopicAuthor("M_EMAIL")
strSubject = strForumTitle & " - Reply to a posting"
strMessage = "Hello " & rsTopicAuthor("M_NAME") & vbCrLf & vbCrLf
strMessage = strMessage & PostedByName & " has replied to a topic on " & strForumTitle & " that you requested notification to. "
strMessage = strMessage & "Regarding the subject - " & Request.Form("Topic_Title") & "." & vbCrLf & vbCrLf
strMessage = strMessage & "You can view the reply at " & Left(Request.Form("refer"), InstrRev(Request.Form("refer"), "/")) & "link.asp?TOPIC_ID=" & TopicNum & vbCrLf
%>
<%
MailSendToAuthor = true
end if
prevMember = ""
do while (not rsReply.EOF) and (not rsReply.BOF)
if (prevMember <> rsReply("MEMBER_ID")) and (PostedBy <> rsReply("MEMBER_ID")) then
if (rsTopicAuthor("MEMBER_ID") = rsReply("MEMBER_ID")) and (MailSendToAuthor) then
'## Do Nothing
'## The reply was done by the author, and he/she allready has got a mail
else
if (rsTopicAuthor("MEMBER_ID") = rsReply("MEMBER_ID")) then
MailSendToAuthor = true
end if
strRecipientsName = rsReply("M_Name")
strRecipients = rsReply("M_EMAIL")
strSubject = strForumTitle & " - Reply to a posting"
strMessage = "Hello " & rsReply("M_NAME") & vbCrLf & vbCrLf
strMessage = strMessage & PostedByName & " has replied to a topic on " & strForumTitle & " that you requested notification to. "
strMessage = strMessage & "Regarding the subject - " & Request.Form("Topic_Title") & "." & vbCrLf & vbCrLf
strMessage = strMessage & "You can view the reply at " & Left(Request.Form("refer"), InstrRev(Request.Form("refer"), "/")) & "link.asp?TOPIC_ID=" & TopicNum & vbCrLf
' strMessage = strMessage & "You can view the reply at " & Request.Form("refer") & vbCrLf
%>
<%
end if
end if
prevMember = rsReply("MEMBER_ID")
rsReply.MoveNext
loop
rsReply.Close
set rsReply = nothing
rsTopicAuthor.Close
set rsTopicAuthor = nothing
end sub
sub Go_Result(str_err_Msg, boolOk)
%>
<%
if boolOk = 1 then
%>
<%
select case Request.Form("Method_Type")
case "Edit"
Response.Write("Your Reply Was Changed Successfully!")
case "EditCategory"
Response.Write("Category Name Changed Successfully!")
case "EditForum"
Response.Write("FORUM Information Updated Successfully!")
case "EditTopic"
Response.Write("Topic Changed Successfully!")
case "EditURL"
Response.Write("URL Information Updated Successfully!")
case "Reply"
Response.Write("New Reply Posted!")
DoPCount
DoUCount Request.Form("UserName")
DoULastPost Request.Form("UserName")
case "ReplyQuote"
Response.Write("New Reply Posted!")
DoPCount
DoUCount Request.Form("UserName")
DoULastPost Request.Form("UserName")
case "TopicQuote"
Response.Write("New Reply Posted!")
DoPCount
DoUCount Request.Form("UserName")
DoULastPost Request.Form("UserName")
case "Topic"
DoTCount
DoPCount
DoUCount Request.Form("UserName")
DoULastPost Request.Form("UserName")
Response.Write("New Topic Posted!")
case "Forum"
Response.Write("New Forum Created!")
case "URL"
Response.Write("New URL Created!")
case "Category"
Response.Write("New Category Created!")
case else
Response.Write("Complete!")
DoPCount
DoUCount Request.Form("UserName")
DoULastPost Request.Form("UserName")
end select
%>
">
<%
select case Request.Form("Method_Type")
case "Category"
Response.Write("Remember to create at least one new forum in this category.")
case "EditCategory"
Response.Write("Thank you for your contribution!")
case "Forum"
Response.Write("The new forum is ready for users to begin posting!")
case "EditForum"
Response.Write("Thank you for your contribution!")
case "URL"
Response.Write("The new URL is in place!")
case "EditURL"
Response.Write("Cheers! Have a nice day!")
case "Topic"
Response.Write("Thank you for your contribution!")
case "TopicQuote"
Response.Write("Thank you for your contribution!")
case "EditTopic"
Response.Write("Thank you for your contribution!")
case "Reply"
Response.Write("Thank you for your contribution!")
case "ReplyQuote"
Response.Write("Thank you for your contribution!")
case "Edit"
Response.Write("Thank you for your contribution!")
case else
Response.Write("Have a nice day!")
end select
%>
">Back To Forum
<%
Response.End
else
%>
There has been a problem!
<% =str_err_Msg %>
Go back to correct the problem.
<%
Response.End
end if
end sub
sub newForumMembers(fForumID)
on error resume next
if Request.Form("AuthUsers") = "" then
exit Sub
end if
Users = split(Request.Form("AuthUsers"),",")
for count = Lbound(Users) to Ubound(Users)
strSql = "INSERT INTO " & strMemberTablePrefix & "ALLOWED_MEMBERS ("
strSql = strSql & " MEMBER_ID, FORUM_ID) VALUES ( "& Users(count) & ", " & fForumID & ")"
my_conn.execute (strSql)
if err.number <> 0 then
Go_REsult err.description, 0
end if
next
end sub
sub updateForumMembers(fForumID)
my_Conn.execute ("DELETE FROM " & strMemberTablePrefix & "ALLOWED_MEMBERS WHERE FORUM_ID = " & fForumId)
newForumMembers(fForumID)
end sub
%>
All Forums
"><% =Request.Form("Topic_Title")%>
<%
end if
%>