<% strsql = "SELECT G_ID, G_VARFIELD1, G_VARFIELD2, G_VARFIELD3, G_V1_SWITCH, G_V2_SWITCH, G_V3_SWITCH, G_MESSAGE FROM " & strTablePrefix & "GB_OPTIONS WHERE G_ID=1" set optionrs = my_conn.execute(strsql) strV1 = optionrs("G_VARFIELD1") strV2 = optionrs("G_VARFIELD2") strV3 = optionrs("G_VARFIELD3") strV1E = optionrs("G_V1_SWITCH") strV2E = optionrs("G_V2_SWITCH") strV3E = optionrs("G_V3_SWITCH") strGuestbookWelcome = optionrs("G_MESSAGE") set optionrs = nothing strTempFont = "" strModSecure = request.cookies("securemod") if strModSecure <> strUniqueId then if request.form("username") = "" then %>

&action=<%=request.querystring("action")%><%if request.querystring("action") = "edit" then response.write("&s=no")%>"> Only Administrators can Use this page

UserName: PassWord:">

<% else strsql = "SELECT M_NAME, M_PASSWORD FROM " & strTablePrefix & "MEMBERS WHERE M_NAME='" & request.form("username") & "'" strsql = strsql & " AND M_PASSWORD='" & request.form("password") & "' AND M_LEVEL > 2" set adminrs = my_conn.execute(strsql) if adminrs.eof then response.write("Login Failed") else response.cookies("securemod") = strUniqueId response.redirect("admin_guestbook.asp?action=" & request.querystring("action") & "&g_id=" & request.querystring("g_id") & "&s=" & request.querystring("s")) End if End if Else %>

All Forums  GuestBook

<% strGAction = request.querystring("action") strGID = request.querystring("g_id") Select Case strGAction Case "delete" if (request.querystring("confirm") = "no" or request.querystring("confirm") = "" and strGID <> "") then response.write(strTempFont & "Are you sure you want to delete this guestbook entry?
" & vbcrlf & _ "" & _ "Yes | " & _ "No") elseif request.querystring("confirm") = "yes" and strGID <> "" then strsql = "DELETE FROM " & strTablePrefix & "GUESTBOOK WHERE G_ID=" & strGID my_conn.execute(strsql) response.write(strTempFont & "Entry Deleted
" & vbcrlf & "Back to guestbook") Elseif request.querystring("confirm") = "cancel" and strGID <> "" then response.redirect("guestbook.asp") End if Case "edit" Select Case request.querystring("s") Case "no" strsql = "SELECT G_ID, G_NAME, G_EMAIL, G_WEBSITE, G_ICQ, G_DATE, G_VARFIELD1, G_VARFIELD2, G_VARFIELD3, G_MESSAGE FROM " & strTablePrefix & "GUESTBOOK WHERE G_ID=" & strGID & " ORDER BY G_ID DESC" set grs = my_conn.execute(strsql) strMessage = grs("G_MESSAGE") strTempMessage = CleanCode(strMessage) strTempID = grs("G_ID") strTempName = grs("G_NAME") strTempEmail = grs("G_EMAIL") stringWebsite = grs("G_WEBSITE") strTempICQ = grs("G_ICQ") strTempDate = strToDate(grs("G_DATE")) if grs("G_VARFIELD1") <> "" and strV1E = 1 then strTempField1 = ChkString(grs("G_VARFIELD1"), "display") End if if grs("G_VARFIELD2") <> "" and strV2E = 1 then strTempField2 = ChkString(grs("G_VARFIELD2"), "display") End if if grs("G_VARFIELD3") <> "" and strV3E = 1 then strTempField3 = ChkString(grs("G_VARFIELD3"), "display") End if %>

<%if strV1 <> "" and strV1E = 1 then%> <%end if if strV2 <> "" and strV2E = 1 then%> <%end if if strV3 <> "" and strV3E = 1 then%> <%end if%>

<%=strTempFont%>Name:
<%=strTempFont%>Email:
<%=strTempFont%>Website:
<%=strTempFont%>ICQ:
<%=strTempFont%>Date:
<%=strTempFont%><%=strV1%>	<%=strTempFont%>
<%=strTempFont%><%=strV2%>
<%=strTempFont%><%=strV3%>
<%=strTempFont%>Message:	<%=strTempMessage%>

<% set grs = nothing Case "yes" strFormName = ChkString(request.form("name"), "name") strFormEmail = ChkString(request.form("email"), "email") strFormWebsite = ChkString(request.form("website"), "url") strFormIcq = ChkString(request.form("icq"), "number") strFormDate = DateToStr(request.form("date")) strFormMessage = ChkString(request.form("message"), "message") If request.form("website") = "http://" or request.form("website") = " " or request.form("website") = "" then strFormWebsite = "" End if strFormField1 = request.form("field1") if strFormField1 = "" then strFormField1 = " " end if strFormField2 = request.form("field2") if strFormField2 = "" then strFormField2 = " " end if strFormField3 = request.form("field3") if strFormField3 = "" then strFormField3 = " " end if strsql = "UPDATE " & strTablePrefix & "GUESTBOOK SET G_NAME='"& strFormName &"', G_EMAIL='"& strFormEmail &"', G_WEBSITE='"& strFormWebsite &"', G_ICQ='"& strFormIcq &"', G_MESSAGE='"& strFormMessage &"', G_DATE='"& strFormDate&"', G_VARFIELD1='" & strFormField1 & "', G_VARFIELD2='" & strFormField2 & "', G_VARFIELD3='" & strFormField3 & "' WHERE G_ID=" & strGID my_conn.execute(strsql) response.write(strTempFont & "Entry Updated
" & vbcrlf & "Click Here to return to the guestbook") End Select Case "options" strsql = "SELECT G_ID, G_VARFIELD1, G_VARFIELD2, G_VARFIELD3, G_V1_SWITCH, G_V2_SWITCH, G_V3_SWITCH, G_MESSAGE FROM " & strTablePrefix & "GB_OPTIONS WHERE G_ID=1" set drs = my_conn.execute(strsql) strField1 = drs("G_VARFIELD1") strField2 = drs("G_VARFIELD2") strField3 = drs("G_VARFIELD3") strSwitch1 = drs("G_V1_SWITCH") strSwitch2 = drs("G_V2_SWITCH") strSwitch3 = drs("G_V3_SWITCH") strGuestbookWelcome = drs("G_MESSAGE") set drs = nothing %>

<%=strTempFont%>Optional Field Name	<%=strTempFont%>Enabled?
	> yes
	> yes
	> yes
<%=strTempFont%>Guestbook Welcome Message
<%=CleanCode(strGuestbookWelcome)%>

<% Case "options_info" strFormField1 = request.form("field1") strFormField2 = request.form("field2") strFormField3 = request.form("field3") strFormSwitch1 = request.form("switch1") if strFormSwitch1 = "yes" then strFormSwitch1 = 1 else strFormSwitch1 = 0 End if strFormSwitch2 = request.form("switch2") if strFormSwitch2 = "yes" then strFormSwitch2 = 1 else strFormSwitch2 = 0 End if strFormSwitch3 = request.form("switch3") if strFormSwitch3 = "yes" then strFormSwitch3 = 1 else strFormSwitch3 = 0 End if strFormWelcome = request.form("guestbookwelcome") strsql = "UPDATE " & strTablePrefix & "GB_OPTIONS SET G_VARFIELD1='" & strFormField1 & "', G_VARFIELD2='" & strFormField2 & "', G_VARFIELD3='" & strFormField3 & "', G_V1_SWITCH=" & strFormSwitch1 & ", G_V2_SWITCH=" & strFormSwitch2 & ", G_V3_SWITCH=" & strFormSwitch3 & ", G_MESSAGE = '" & ChkString(strFormWelcome, "message") & "' WHERE G_ID=1" my_conn.execute(strsql) response.write(strTempFont & "Options Updated
" & vbcrlf & _ "Back to Guestbook") End Select End if WriteFooter %>