<%@ LANGUAGE=VBScript %> <%Response.Buffer=TRUE%> <% Dim DBConn, rs, SQLText Set DBConn = Server.CreateObject("ADODB.Connection") DBConn.Open "Forum_i2k_dsn" Set rs = Server.CreateObject("ADODB.Recordset") If Request.Form("Submit") = "" Then Dim Subject, Quote Subject = "" Quote = "" ''A message has not been submitted yet, display that form If Request.QueryString("MID") <> "" Then SQLText = "SELECT Subject, Text, Handle, TimeStamp FROM Messages WHERE MID = " & _ Request.QueryString("MID") rs.Open SQLText, DBConn If not(rs.EOF) Then If Left(rs("Subject"),3) <> "Re:" Then Subject = "Re: " & rs("Subject") Else Subject = rs("Subject") End If End If If Request.QueryString("q") <> "" And Request.QueryString("q") = 1 Then Quote = "On " & rs("TimeStamp") & ", " & rs("Handle") & " wrote: " & _ Chr(13) & Chr(10) & Chr(13) & Chr(10) & """" & rs("Text") & """" End If End If %>
"> (Please do not use '<' or '>' in any of the fields)
Nickname (Required):
First Name (Optional):
Last Name (Optional):
Town of Residence (Optional):
E-mail adress (Required, but not shown):
Subject (Required):
">
Message Text:


     

&">Return to <%=Request.QueryString("Forum")%> Topics <%Else Function CheckString(my_input) Dim x For x = 0 To Len(my_input) If Left(Right(my_input,(Len(my_input)-x)),1) = "<" Or _ Left(Right(my_input,(Len(my_input)-x)),1) = ">" then Response.Write "Please do not use '<' or '>' in any of the fields. Please use the " Response.Write "back button on your browser to return." CheckString = false Exit Function End If Next if InStr (my_input, "fuck") > 0 or InStr (my_input, "FUCK") > 0 or InStr (my_input, "F U C K") > 0 or InStr (my_input, "S H I T") > 0 or InStr (my_input, "Fuck") > 0 or InStr (my_input, "biatch") > 0 or InStr (my_input, "BIATCH") > 0 or InStr (my_input, "B I A T C H") > 0 or InStr (my_input, "biteme") > 0 or InStr (my_input, "b i a t c h") > 0 or InStr (my_input, "sucked my dick") > 0 or InStr (my_input, "suck a dick") > 0 or InStr (my_input, "suck your dick") > 0 then Response.Write "Sorry, we don't accept profane postings. Try another forum, or edit your post to skip the profanity." Response.Write "

If you're replying to a profane posting, hit 'Back' and edit out the profane parts -- then your posting will work." Response.Write "

If you don't like this policy, you can write me at jesse@Speakout.com -- I don't believe in censorship but this forum should be readable." CheckString = false Exit Function end if CheckString = true End Function Dim temprs, x Set temprs = Server.CreateObject("ADODB.Recordset") SQLText = "SELECT * FROM Messages WHERE MID = 1" rs.Open SQLText, DBConn, 1, 2 rs.AddNew For Each x in Request.Form If Request.Form(x) <> "" And Left(x,3) = "txt" Then If CheckString(Request.Form(x)) Then rs(Right(x,Len(x)-3)) = Request.Form(x) Else rs.Cancel DBConn.Close Set rs = Nothing Set DBConn = Nothing Response.End End If End If Next ''''''' Can't do this because it breaks on apostrophes! -- jkag 9/9/2004 ''''''' 9/9/04: Check for exact duplicate entries (mistakes, or spamming) ' SQLText="SELECT * FROM Messages WHERE Subject = '" & Request.Form("txtSubject") & "' and Forum = '" & Request.Form("txtForum") & "' and Text = '" & Request.Form("txtText") & "'" ' temprs.Open SQLText, DBConn, 1, 2 ' If Not(temprs.EOF) Then ' ''' Found an exact duplicate ' Response.Redirect "forum_duplicate.asp?Forum=" & Request.Form("txtForum") ' End If ' ' temprs.Close ''''''' 9/9/04: END -- Check for exact duplicate entries (mistakes, or spamming) rs("ThreadLevel")=1 If Request.Form("MID") <> "" Then 'This is a response to a post rs("Re") = Request.Form("MID") SQLText="SELECT Re, Fwd, NumRe, ThreadLevel FROM Messages WHERE MID = " & Request.Form("MID") temprs.Open SQLText, DBConn, 1, 2 If Not(temprs.EOF) Then 'Set the threadlevel rs("ThreadLevel") = temprs("ThreadLevel")+1 'Set the Fwd field to true for the message being responded to temprs("Fwd")=1 temprs.Update 'Now increment the topmost thread's NumRe field While Not(temprs.EOF) And temprs("Re") <> 0 'Go to the topmost thread SQLText = "SELECT Re, NumRe FROM Messages WHERE MID = " & temprs("Re") temprs.Close temprs.Open SQLText, DBConn, 1, 2 Wend 'Increment NumRe If Not(temprs.EOF) Then temprs("NumRe") = temprs("NumRe") + 1 temprs.Update End If End If temprs.Close End If Response.Write "ADDR:" & Request.ServerVariables("REMOTE_ADDR") Response.Write "
HOST:" & Request.ServerVariables("REMOTE_HOST") Response.Write "
USER:" & Request.ServerVariables("REMOTE_USER") dim check_IP check_IP = "" If Not(IsNull(Request.ServerVariables("REMOTE_ADDR"))) Then check_IP = Request.ServerVariables("REMOTE_ADDR") rs("IPAddress")= check_IP End If If Not(IsNull(Request.ServerVariables("REMOTE_HOST"))) Then rs("Host")=Request.ServerVariables("REMOTE_HOST") End If rs("TimeStamp")=Now() '' This list didn't keep the badmouther off and it did block legit posters so forget it. '' check_IP = "69.44.62.216" or check_IP = "205.147.33.2" or check_IP = "66.98.168.100" or check_IP = "216.127.78.98" or check_IP = "69.44.60.74" or check_IP = "207.44.132.115" or check_IP = "64.246.58.26" or check_IP = "64.246.26.86" or check_IP = "207.10.191.2" or check_IP = "218.108.20.242" or check_IP = "207.44.134.33" or check_IP = "207.44.132.115" or check_IP = "207.44.134.33" or check_IP = "200.207.83.179" or check_IP = "205.188.116.207" or check_IP = "67.37.87.108" or check_IP = "67.37.86.46" or check_IP = "67.37.87.147" or check_IP = "68.73.32.45" or check_IP = "67.37.86.222" or check_IP = "67.37.85.201" or check_IP = "202.68.143.122" or '' reinstated for Della, 4/6/05 '' Block everyone for a while from the Bush blog, to get the Bad Guy off. -- JKAG 3/6/2006 -- This is Terry Collins idea! '' if Request.Form("txtForum") = "George_W__Bush" then '' if instr (Request.Form("txtEmail"), "tlctlc@strato.net") > 0 or instr (Request.Form("txtEmail"), "hammingitup9@earthlink.net") > 0 or instr (Request.Form("txtEmail"), "whynot@aol.com") > 0 or instr (Request.Form("txtEmail"), "unitedwestand@aol.com") > 0 or instr (Request.Form("txtEmail"), "blogon@erols.net") > 0 or instr (Request.Form("txtEmail"), "gijoe@yahoo.com") > 0 or instr (Request.Form("txtEmail"), "wssc@erols.com") > 0 then '' '' ok only for those chosen few '' rs.Update '' Response.Redirect "forum_main.asp?Forum=" & Request.Form("txtForum") '' else '' Response.Redirect "forum_blocked.asp" '' end if '' Badmouthers get blocked -- JKAG 4/25/04 --added 24.110.10.219 to help Terry Collins -- JKAG 1/22/2006 if check_IP = "222.222.77.82" or check_IP = "68.107.128.50" or check_IP = "24.154.157.82" or check_IP = "213.64.244.163" or check_IP = "200.88.223.98" or check_IP = "68.215.155.132" or check_IP = "207.114.129.12" or check_IP = "70.107.231.148" or check_IP = "24.110.10.219" or check_IP = "69.44.62.216" or check_IP = "67.37.86.144X" or check_IP = "67.37.87.92X" then Response.Redirect "forum_blocked.asp" '' new 3/24/2008 -- can have more than a dozen or so on one line! but it's hard to debug, so don't! elseif check_IP = "86.96.226.14" or check_IP = "69.252.198.242" or check_IP = "218.106.244.90" or check_IP = "165.166.195.66" or check_IP = "89.19.165.197" or check_IP = "62.80.37.53" or check_IP = "83.167.112.226" or check_IP = "85.114.132.138" or check_IP = "66.125.60.156" or check_IP = "222.222.77.82" then Response.Redirect "forum_blocked.asp" elseif instr (Request.Form("txtHandle"), "bite-me") > 0 or instr (Request.Form("txtHandle"), "Bite-me") > 0 or instr (Request.Form("txtHandle"), "fuck") > 0 or InStr (my_input, "F U C K") > 0 or InStr (my_input, "S H I T") > 0 or instr (Request.Form("txtHandle"), "Fuck") > 0 or instr (Request.Form("txtHandle"), "FUCK") > 0 then ''' Some of these are unneeded because the CheckString function includes the Handle. But it's here to allow direct blocking by Handle name. Response.Redirect "forum_blocked.asp" else rs.Update Response.Redirect "forum_main.asp?Forum=" & Request.Form("txtForum") end if End If If rs.State <> 0 Then rs.Close End If DBConn.Close Set rs = Nothing Set DBConn = Nothing %>