<%@ LANGUAGE="VBSCRIPT" %>
<%
'===============================================
' Personals System 2002					
' Š2002 vSpin.net. www.vspin.net
'===============================================
' All rights reserved.							
' Use of this code is covered by the terms and	
' conditions in the license agreement. No		
' unauthorized duplication or distribution is	
' permitted. vSpin.net copyright notices must	
' remain in the ASP sections of the code.		
'===============================================
%>
<!--#include file="config.asp"-->
<!--#include file="connection/cookie.asp"-->
<%
' *** Restrict Access To Page: Grant or deny access to this page
Dim MM_authorizedUsers, MM_authFailedURL, MM_grantAccess
MM_authorizedUsers=""
MM_authFailedURL="login.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
  If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
  End If
End If
If Not MM_grantAccess Then
  MM_qsChar = "?"
  If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
  MM_referrer = Request.ServerVariables("URL")
  if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
  MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
  Response.Redirect(MM_authFailedURL)
End If
%>
<%
dim xxxxm, rsheadUpdatee, rsheadUpdatee_numRows
Dim field1, field2, rs_main_numRows, Conn, sql1

		field1 = rsSession("p_user")
		field2 = Request.Querystring("uz")

set rs_main = Server.CreateObject("ADODB.Recordset")
rs_main.ActiveConnection = MM_conn_STRING
rs_main.Source = "SELECT p_user FROM p_favorites WHERE p_user = '" + Replace(field1, "'", "''") + "' AND fav_user='" + Replace(field2, "'", "''") + "'"
rs_main.CursorType = 0
rs_main.CursorLocation = 2
rs_main.LockType = 3
rs_main.Open()
rs_main_numRows = 0

If rs_main.EOF Or rs_main.BOF Then

		field1 = rsSession("p_user")
		field2 = Request.Querystring("uz")

		Set Conn = Server.CreateObject("ADODB.Connection")
		Conn.Open MM_conn_STRING
			sql1 = "insert into p_favorites (p_user,fav_user) values('"& field1 & "','"& field2 & "')"
			conn.execute(sql1)
			rs_main.Close
            MM_conn_STRING.Close
            set rs_main = nothing
            set MM_conn_STRING = nothing
			conn.close
            set conn = nothing
			response.redirect("default.asp?message=10")
			
elseIf NOT rs_main.EOF Or NOT rs_main.BOF Then
response.redirect("default.asp?message=11")
end if
%>