<%@LANGUAGE="VBSCRIPT"%> <% '=============================================== ' Personals System 2002 ' ©2002 vSpin.net. www.vspin.net '=============================================== ' All rights reserved. ' Use of this code is covered by the terms and ' conditions in the license agreement. No ' unauthorized duplication or distribution is ' permitted. vSpin.net copyright notices must ' remain in the ASP sections of the code. '=============================================== %> <% Dim MM_authorizedUsers, MM_authFailedURL, MM_grantAccess ' *** Restrict Access To Page: Grant or deny access to this page MM_authorizedUsers="user,admin" MM_authFailedURL="login.asp" MM_grantAccess=false If Session("MM_Username") <> "" Then If (false Or CStr(Session("MM_UserAuthorization"))="") Or _ (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then MM_grantAccess = true End If End If If Not MM_grantAccess Then MM_qsChar = "?" If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&" MM_referrer = Request.ServerVariables("URL") if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString() MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer) Response.Redirect(MM_authFailedURL) End If %> <% dim xxxxm, rsheadUpdatee, rsheadUpdatee_numRows %> <% If rsSession("p_access") = "admin" OR rsSession("p_access") = "admin2" Then %> <% if not request("admindelete") = "" then dim idd idd = request("admindelete") response.redirect("executedelete.asp?admindelete=" & idd) end if if request("approving")= "yes" then field1 = request("id") set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_ads SET p_photoapprove = '2' WHERE p_id = " + Replace(field1, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?message=20&mode=approve") elseif request("approving")= "no" then field1 = request("id") field2 = request("em") field3 = request("reason") set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_ads SET p_photoapprove = '0' WHERE p_id = " + Replace(field1, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() thepath=Server.MapPath("ad_photos/") set fs=CreateObject("Scripting.FileSystemObject") aryFileType = split("jpg,jpeg,gif,png",",",-1) 'SPLITS LIST OF ACCEPTABLE FILE TYPES IN CONFIG.ASP INTO ARRAY numFileLoopCounter = Ubound(aryFileType) Do while numFileLoopCounter>-1 ImageName = field1 & "." & aryFileType(numFileLoopCounter) set fs=CreateObject("Scripting.FileSystemObject") If fs.FileExists(thepath & "\" & ImageName) then fs.DeleteFile(thepath & "\" & ImageName) End if numFileLoopCounter = numFileLoopCounter-1 Loop set fs=nothing Dim objCDO, objConfig, email, body body = "We're sorry to inform you, but your personals photo was not approved for the following reason:" & vbCrLf & vbCrLf body = body & "" & field3 & vbCrLf set objCDO = createobject("cdo.message") set objConfig = createobject("cdo.configuration") ' Setting the SMTP Server Set Flds = objConfig.Fields Flds.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 Flds.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.abac.com" Flds.update Set objCDO.Configuration = objConfig objCDO.To = field2 objCDO.From = webemail objCDO.Subject = "Personals Photo" objCDO.TextBody = body objCDO.fields.update objCDO.Send set objCDO = nothing set objConfig = nothing MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?message=21&mode=approve") end if %> <% if request("mode") = "admin" then If rsSession("p_access") = "admin" Then Dim rsv, rsv_numRows, userid, access, rsupd if request("submit") = "Deadmin User" then userid = request("userid") set rsv = Server.CreateObject("ADODB.Recordset") rsv.ActiveConnection = MM_conn_STRING rsv.Source = "SELECT * FROM p_users WHERE p_user = '" + Replace(userid, "'", "''") + "'" rsv.CursorType = 0 rsv.CursorLocation = 2 rsv.LockType = 3 rsv.Open() rsv_numRows = 0 If Not rsv.EOF Or Not rsv.BOF Then access = "user" set rsupd = Server.CreateObject("ADODB.Command") rsupd.ActiveConnection = MM_conn_STRING rsupd.CommandText = "UPDATE p_users SET p_access = '" + Replace(access, "'", "''") + "' WHERE p_user = '" + Replace(userid, "'", "''") + "'" rsupd.CommandType = 1 rsupd.CommandTimeout = 0 rsupd.Prepared = true rsupd.Execute() rsv.Close MM_conn_STRING.Close set rsv = nothing set MM_conn_STRING = nothing set rsupd = nothing response.redirect("admin.asp?mode=admin&message=24") elseIf rsv.EOF Or rsv.BOF Then response.redirect("admin.asp?mode=admin&message=25&idd=" & userid) end if elseif request("submit") = "Admin User" then userid = request("userid") if request("check") = "y" then access = "admin" elseif request("check") <> "y" then access = "admin2" end if set rsv = Server.CreateObject("ADODB.Recordset") rsv.ActiveConnection = MM_conn_STRING rsv.Source = "SELECT * FROM p_users WHERE p_user = '" + Replace(userid, "'", "''") + "'" rsv.CursorType = 0 rsv.CursorLocation = 2 rsv.LockType = 3 rsv.Open() rsv_numRows = 0 If Not rsv.EOF Or Not rsv.BOF Then set rsupd = Server.CreateObject("ADODB.Command") rsupd.ActiveConnection = MM_conn_STRING rsupd.CommandText = "UPDATE p_users SET p_access = '" + Replace(access, "'", "''") + "' WHERE p_user = '" + Replace(userid, "'", "''") + "'" rsupd.CommandType = 1 rsupd.CommandTimeout = 0 rsupd.Prepared = true rsupd.Execute() rsv.Close MM_conn_STRING.Close set rsv = nothing set MM_conn_STRING = nothing set rsupd = nothing if access = "admin" then response.redirect("admin.asp?mode=admin&message=22") elseif access = "admin2" then response.redirect("admin.asp?mode=admin&message=23") end if elseIf rsv.EOF Or rsv.BOF Then response.redirect("admin.asp?mode=admin&message=25&idd=" & userid & ("&ac=") & access) end if end if set rsv = Server.CreateObject("ADODB.Recordset") rsv.ActiveConnection = MM_conn_STRING rsv.Source = "SELECT p_user, p_access FROM p_users WHERE p_access = 'admin' OR p_access = 'admin2' order by p_access" rsv.CursorType = 0 rsv.CursorLocation = 2 rsv.LockType = 3 rsv.Open() rsv_numRows = 0 Dim repeat3__numRows repeat3__numRows = -1 Dim repeat3__index repeat3__index = 0 rsv_numRows = rsv_numRows + repeat3__numRows %>
  Set Admin Controls

    Enter User ID:
  ">
 checked<% end if %>>Give Admin/Deadmin Controls (option only for "Admin User")
  Warning: this option gives the user rights to Admin/Deadmin
  any user he or she chooses, such as yourself!

  


  
  
<% end if elseif request("mode") = "newsletter" then If NOT request.form("subject") = "" then 'our variables for the email and for our objects Dim strTo , strFrom , strSubject , strBody, objRS 'get the results from the create newsletter form strSubject = Request.Form("subject") strBody = Request.Form("message") set objRS = Server.CreateObject("ADODB.Recordset") objRS.ActiveConnection = MM_conn_STRING objRS.Source = "SELECT Distinct p_email FROM p_users WHERE p_newsletter = 'y' AND p_approve = 'y' AND (p_ban is null)" objRS.CursorType = 0 objRS.CursorLocation = 2 objRS.LockType = 3 objRS.Open() objRS_numRows = 0 'just a message to the admin Response.Write ("
  Newsletters are being sent..") response.Write ("

") 'loop through entries While not objRS.EOF set objCDO = createobject("cdo.message") set objConfig = createobject("cdo.configuration") ' Setting the SMTP Server Set Flds = objConfig.Fields Flds.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 Flds.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.abac.com" Flds.update Set objCDO.Configuration = objConfig objCDO.To = objRS("p_email") objCDO.From = webemail objCDO.Subject = strSubject objCDO.TextBody = strBody objCDO.fields.update objCDO.Send set objCDO = nothing set objConfig = nothing 'print message for every entry Response.Write ("  Newsletter sent to " & objRS("p_email") & "

") 'move to next entry in database objRS.MoveNext Wend objRS.close set objRS = nothing MM_conn_STRING.close set MM_conn_STRING = nothing 'message to admin saying creation has completed Response.Write ("  Newsletter creation completed..") else %>

Create Newsletter

From
Subject
message

 
<% end if elseif request("mode") = "approve" then Dim p_idd, p_user2, rse, rse_numRows, aryFileType, numFileLoopCounter, strFileStatus, thepath, fs, numFilePresentCheck, field1, field2, field3, ImageName set rsap = Server.CreateObject("ADODB.Recordset") rsap.ActiveConnection = MM_conn_STRING rsap.Source = "SELECT * FROM p_ads WHERE p_photoapprove = '1'" rsap.CursorType = 0 rsap.CursorLocation = 2 rsap.LockType = 3 rsap.Open() rsap_numRows = 0 Dim repeat__numRows repeat__numRows = 5 Dim repeat__index repeat__index = 0 rsap_numRows = rsap_numRows + repeat__numRows If rsap.EOF Or rsap.BOF Then rsap.Close MM_conn_STRING.Close set rsap = nothing set MM_conn_STRING = nothing response.redirect("admin.asp") elseIf Not rsap.EOF Or Not rsap.BOF Then %> <% If Not rsap.EOF Or Not rsap.BOF Then 'If the recordset rsap is not empty ' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables ' set the record count rsap_total = rsap.RecordCount ' set the number of rows displayed on this page If (rsap_numRows < 0) Then rsap_numRows = rsap_total Elseif (rsap_numRows = 0) Then rsap_numRows = 1 End If ' set the first and last displayed record rsap_first = 1 rsap_last = rsap_first + rsap_numRows - 1 ' if we have the correct record count, check the other stats If (rsap_total <> -1) Then If (rsap_first > rsap_total) Then rsap_first = rsap_total If (rsap_last > rsap_total) Then rsap_last = rsap_total If (rsap_numRows > rsap_total) Then rsap_numRows = rsap_total End If %> <% ' *** Recordset Stats: if we don't know the record count, manually count them If (rsap_total = -1) Then ' count the total records by iterating through the recordset rsap_total=0 While (Not rsap.EOF) rsap_total = rsap_total + 1 rsap.MoveNext Wend ' reset the cursor to the beginning If (rsap.CursorType > 0) Then rsap.MoveFirst Else rsap.Requery End If ' set the number of rows displayed on this page If (rsap_numRows < 0 Or rsap_numRows > rsap_total) Then rsap_numRows = rsap_total End If ' set the first and last displayed record rsap_first = 1 rsap_last = rsap_first + rsap_numRows - 1 If (rsap_first > rsap_total) Then rsap_first = rsap_total If (rsap_last > rsap_total) Then rsap_last = rsap_total End If %> <% ' *** Move To Record and Go To Record: declare variables Set MM_rs = rsap MM_rsCount = rsap_total MM_size = rsap_numRows MM_uniqueCol = "" MM_paramName = "" MM_offset = 0 MM_atTotal = false MM_paramIsDefined = false If (MM_paramName <> "") Then MM_paramIsDefined = (Request.QueryString(MM_paramName) <> "") End If %> <% ' *** Move To Record: handle 'index' or 'offset' parameter if (Not MM_paramIsDefined And MM_rsCount <> 0) then ' use index parameter if defined, otherwise use offset parameter r = Request.QueryString("index") If r = "" Then r = Request.QueryString("offset") If r <> "" Then MM_offset = Int(r) ' if we have a record count, check if we are past the end of the recordset If (MM_rsCount <> -1) Then If (MM_offset >= MM_rsCount Or MM_offset = -1) Then ' past end or move last If ((MM_rsCount Mod MM_size) > 0) Then ' last page not a full repeat region MM_offset = MM_rsCount - (MM_rsCount Mod MM_size) Else MM_offset = MM_rsCount - MM_size End If End If End If ' move the cursor to the selected record i = 0 While ((Not MM_rs.EOF) And (i < MM_offset Or MM_offset = -1)) MM_rs.MoveNext i = i + 1 Wend If (MM_rs.EOF) Then MM_offset = i ' set MM_offset to the last possible record End If %> <% ' *** Move To Record: if we dont know the record count, check the display range If (MM_rsCount = -1) Then ' walk to the end of the display range for this page i = MM_offset While (Not MM_rs.EOF And (MM_size < 0 Or i < MM_offset + MM_size)) MM_rs.MoveNext i = i + 1 Wend ' if we walked off the end of the recordset, set MM_rsCount and MM_size If (MM_rs.EOF) Then MM_rsCount = i If (MM_size < 0 Or MM_size > MM_rsCount) Then MM_size = MM_rsCount End If ' if we walked off the end, set the offset based on page size If (MM_rs.EOF And Not MM_paramIsDefined) Then If (MM_offset > MM_rsCount - MM_size Or MM_offset = -1) Then If ((MM_rsCount Mod MM_size) > 0) Then MM_offset = MM_rsCount - (MM_rsCount Mod MM_size) Else MM_offset = MM_rsCount - MM_size End If End If End If ' reset the cursor to the beginning If (MM_rs.CursorType > 0) Then MM_rs.MoveFirst Else MM_rs.Requery End If ' move the cursor to the selected record i = 0 While (Not MM_rs.EOF And i < MM_offset) MM_rs.MoveNext i = i + 1 Wend End If %> <% ' *** Move To Record: update recordset stats ' set the first and last displayed record rsap_first = MM_offset + 1 rsap_last = MM_offset + MM_size If (MM_rsCount <> -1) Then If (rsap_first > MM_rsCount) Then rsap_first = MM_rsCount If (rsap_last > MM_rsCount) Then rsap_last = MM_rsCount End If ' set the boolean used by hide region to check if we are on the last record MM_atTotal = (MM_rsCount <> -1 And MM_offset + MM_size >= MM_rsCount) %> <% ' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters ' create the list of parameters which should not be maintained MM_removeList = "&index=" If (MM_paramName <> "") Then MM_removeList = MM_removeList & "&" & MM_paramName & "=" MM_keepURL="":MM_keepForm="":MM_keepBoth="":MM_keepNone="" ' add the URL parameters to the MM_keepURL string For Each Item In Request.QueryString NextItem = "&" & Item & "=" If (InStr(1,MM_removeList,NextItem,1) = 0) Then MM_keepURL = MM_keepURL & NextItem & Server.URLencode(Request.QueryString(Item)) End If Next ' add the Form variables to the MM_keepForm string For Each Item In Request.Form NextItem = "&" & Item & "=" If (InStr(1,MM_removeList,NextItem,1) = 0) Then MM_keepForm = MM_keepForm & NextItem & Server.URLencode(Request.Form(Item)) End If Next ' create the Form + URL string and remove the intial '&' from each of the strings MM_keepBoth = MM_keepURL & MM_keepForm if (MM_keepBoth <> "") Then MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1) if (MM_keepURL <> "") Then MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1) if (MM_keepForm <> "") Then MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1) ' a utility function used for adding additional parameters to these strings Function MM_joinChar(firstItem) If (firstItem <> "") Then MM_joinChar = "&" Else MM_joinChar = "" End If End Function %> <% ' *** Move To Record: set the strings for the first, last, next, and previous links MM_keepMove = MM_keepBoth MM_moveParam = "index" ' if the page has a repeated region, remove 'offset' from the maintained parameters If (MM_size > 0) Then MM_moveParam = "offset" If (MM_keepMove <> "") Then params = Split(MM_keepMove, "&") MM_keepMove = "" For i = 0 To UBound(params) nextItem = Left(params(i), InStr(params(i),"=") - 1) If (StrComp(nextItem,MM_moveParam,1) <> 0) Then MM_keepMove = MM_keepMove & "&" & params(i) End If Next If (MM_keepMove <> "") Then MM_keepMove = Right(MM_keepMove, Len(MM_keepMove) - 1) End If End If End If ' set the strings for the move to links If (MM_keepMove <> "") Then MM_keepMove = MM_keepMove & "&" urlStr = Request.ServerVariables("URL") & "?" & MM_keepMove & MM_moveParam & "=" MM_moveFirst = urlStr & "0" MM_moveLast = urlStr & "-1" MM_moveNext = urlStr & Cstr(MM_offset + MM_size) prev = MM_offset - MM_size If (prev < 0) Then prev = 0 MM_movePrev = urlStr & Cstr(prev) End If 'End If recordset rsap is empty. %>
  Photo Approve
  Showing Photos <%=(rsap_first)%> to <%=(rsap_last)%> of <%=(rsap_total)%>
Return to Admin Controlsw
<% If MM_offset <> 0 Then %> Previous   <% End If ' end MM_offset <> 0 %><% If Not MM_atTotal Then %> Next  <% End If ' end Not MM_atTotal %>
<% While ((repeat__numRows <> 0) AND (NOT rsap.EOF)) p_idd = rsap("p_id") p_user2 = rsap("p_user") set rse = Server.CreateObject("ADODB.Recordset") rse.ActiveConnection = MM_conn_STRING rse.Source = "SELECT p_email FROM p_users WHERE p_user = '" + Replace(p_user2, "'", "''") + "'" rse.CursorType = 0 rse.CursorLocation = 2 rse.LockType = 3 rse.Open() rse_numRows = 0 %>
  User ID: <% = rsap("p_user") %>   View Ad
  <% aryFileType = split("jpg,jpeg,gif,png",",",-1) 'SPLITS LIST OF ACCEPTABLE FILE TYPES IN CONFIG.ASP INTO ARRAY numFileLoopCounter = Ubound(aryFileType) strFileStatus = "" Do while numFileLoopCounter>-1 thepath = Server.MapPath("ad_photos/" & p_idd & "." & aryFileType(numFileLoopCounter)) set fs=CreateObject("Scripting.FileSystemObject") If fs.FileExists(thepath) then strFileStatus = "" numFilePresentCheck = 1 End if numFileLoopCounter = numFileLoopCounter-1 Loop response.write(strFileStatus) %>
 
  
  
">
<% repeat__index=repeat__index+1 repeat__numRows=repeat__numRows-1 rsap.MoveNext() Wend %>
<% If MM_offset <> 0 Then %> Previous   <% End If ' end MM_offset <> 0 %><% If Not MM_atTotal Then %> Next  <% End If ' end Not MM_atTotal %>
<% rsap.Close MM_conn_STRING.Close set rse = nothing set rsap = nothing set MM_conn_STRING = nothing end if elseif request("mode") = "location" then Dim rsloca, rsloca_numRows, location, locationnew, rslocav, rslocav_numRows, rsup, rsAutoDele, Conn, sql1 if request("submit") = "Rename to ->" then location = request("locat") locationnew = request("locatname") set rslocav = Server.CreateObject("ADODB.Recordset") rslocav.ActiveConnection = MM_conn_STRING rslocav.Source = "SELECT * FROM p_locations Where p_location = '" + Replace(locationnew, "'", "''") + "'" rslocav.CursorType = 0 rslocav.CursorLocation = 2 rslocav.LockType = 3 rslocav.Open() rslocav_numRows = 0 If NOT rslocav.EOF Or NOT rslocav.BOF Then MM_conn_STRING.Close rslocav.Close set rslocav = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=location&message=26") Else set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_locations SET p_location = '" + Replace(locationnew, "'", "''") + "' WHERE p_idl = " + Replace(location, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=location&message=29") end if elseif request("submit") = "Remove" then location = request("locat") set rsAutoDele = Server.CreateObject("ADODB.Command") rsAutoDele.ActiveConnection = MM_conn_STRING rsAutoDele.CommandText = "delete from p_locations WHERE p_idl= " + Replace(location, "'", "''") + "" rsAutoDele.CommandType = 1 rsAutoDele.CommandTimeout = 0 rsAutoDele.Prepared = true rsAutoDele.Execute() MM_conn_STRING.Close set rsAutoDele = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=location&message=28") elseif request("submit") = "Add ->" then location = request("locatnew") set rslocav = Server.CreateObject("ADODB.Recordset") rslocav.ActiveConnection = MM_conn_STRING rslocav.Source = "SELECT * FROM p_locations Where p_location = '" + Replace(location, "'", "''") + "'" rslocav.CursorType = 0 rslocav.CursorLocation = 2 rslocav.LockType = 3 rslocav.Open() rslocav_numRows = 0 If NOT rslocav.EOF Or NOT rslocav.BOF Then MM_conn_STRING.Close rslocav.Close set rslocav = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=location&message=26") Else Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open MM_conn_STRING sql1 = "insert into p_locations (p_location) values('"& location & "')" conn.execute(sql1) response.redirect("admin.asp?mode=location&message=27") conn.close set conn = nothing MM_conn_STRING.Close rslocav.Close set rslocav = nothing set MM_conn_STRING = nothing end if end if set rsloca = Server.CreateObject("ADODB.Recordset") rsloca.ActiveConnection = MM_conn_STRING rsloca.Source = "SELECT * FROM p_locations ORDER BY p_location ASC" rsloca.CursorType = 0 rsloca.CursorLocation = 2 rsloca.LockType = 3 rsloca.Open() rsloca_numRows = 0 Dim repeat21__numRows repeat21__numRows = -1 Dim repeat21__index repeat21__index = 0 rsloca_numRows = rsloca_numRows + repeat21__numRows %>

 Edit Locations


  
    
  
    
<% MM_conn_STRING.Close set rsloca = nothing set MM_conn_STRING = nothing %> <% elseif request("mode") = "ban" then %> <% If request("submit") = "Unban User" then userid = request("userid") empty_n = request("empty") set rsunban = Server.CreateObject("ADODB.Recordset") rsunban.ActiveConnection = MM_conn_STRING rsunban.Source = "SELECT p_email, p_user FROM p_users WHERE p_id = " + Replace(userid, "'", "''") + "" rsunban.CursorType = 0 rsunban.CursorLocation = 2 rsunban.LockType = 3 rsunban.Open() rsunban_numRows = 0 set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_users SET p_ban = NULL, p_password = 'unbannedxx' WHERE p_id = " + Replace(userid, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() uuser = rsunban("p_user") uemail = rsunban("p_email") body = "Hello " & uuser & vbCrLf & vbCrLf body = body & "You have been unbanned from " & website & ". Follow the URL below to complete the process." & vbCrLf & vbCrLf body = body & weburl & "unban.asp?userid=" & uuser & vbCrLf set objCDO = createobject("cdo.message") set objConfig = createobject("cdo.configuration") ' Setting the SMTP Server Set Flds = objConfig.Fields Flds.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 Flds.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "localhost" Flds.update Set objCDO.Configuration = objConfig objCDO.To = uemail objCDO.From = webemail objCDO.Subject = "You have been unbanned!" objCDO.TextBody = body objCDO.fields.update objCDO.Send set objCDO = nothing set objConfig = nothing rsunban.close MM_conn_STRING.close Set rsunban = Nothing Set rsup = Nothing Set MM_conn_STRING = Nothing response.redirect("admin.asp?mode=ban&message=48") end if If request("submit") = "Ban User" then userid= request("userid") reason= request("banreason") set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_users SET p_ban = '" + Replace(reason, "'", "''") + "' WHERE p_user = '" + Replace(userid, "'", "''") + "' " rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=ban&message=43") end if %>

 Ban User:

 Enter User ID: Required

 Enter reason for banishment: Required
 
 



 Unban User:

<% set rsf = Server.CreateObject("ADODB.Recordset") rsf.ActiveConnection = MM_conn_STRING rsf.Source = "SELECT p_id, p_user FROM p_users WHERE (NOT p_ban is null)" rsf.CursorType = 0 rsf.CursorLocation = 2 rsf.LockType = 3 rsf.Open() rsf_numRows = 0 repeat33__numRows = -1 Dim repeat33__index repea33__index = 0 rsf_numRows = rsf_numRows + repeat33__numRows %>
 
 
 Warn User:

From: 

Administration

To: 

Subject: 

Warning from Administration

Message: 

(2000 characters max)


Characters remaining:


<% MM_conn_STRING.Close set rsf = nothing set MM_conn_STRING = nothing %> <% elseif request("mode") = "forum" then %> <% If request("forumup") = "forumup" then FOR_NAME = REQUEST("FOR_NAME") FOR_DESCRIPTION = REQUEST("FOR_DESCRIPTION") FOR_ID = REQUEST("FOR_ID") set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE FORUMS SET FOR_NAME = '" + Replace(FOR_NAME, "'", "''") + "', FOR_DESCRIPTION = '" + Replace(FOR_DESCRIPTION, "'", "''") + "' WHERE FOR_ID = " + Replace(FOR_ID, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=forum&message=40") end if If request("forumdelete") = "message" then MSG_IDD = REQUEST("MSG_ID") FORID = REQUEST("forid") rep_count = REQUEST("rep_count") set rsDelete = Server.CreateObject("ADODB.Command") rsDelete.ActiveConnection = MM_conn_STRING rsDelete.CommandText = "delete from MESSAGES WHERE MSG_ID= " + Replace(MSG_IDD, "'", "''") + "" rsDelete.CommandType = 1 rsDelete.CommandTimeout = 0 rsDelete.Prepared = true rsDelete.Execute() set rsDel = Server.CreateObject("ADODB.Command") rsDel.ActiveConnection = MM_conn_STRING rsDel.CommandText = "delete from REPLIES WHERE MSG_ID= " + Replace(MSG_IDD, "'", "''") + "" rsDel.CommandType = 1 rsDel.CommandTimeout = 0 rsDel.Prepared = true rsDel.Execute() set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE FORUMS SET FOR_REPLY_COUNT = FOR_REPLY_COUNT - " + Replace(rep_count, "'", "''") + ", FOR_TOPIC_COUNT = FOR_TOPIC_COUNT - 1 WHERE FOR_ID = " + Replace(FORID, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsDelete = nothing set rsDel = nothing set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=forum&message=35") elseIf request("forumdelete") = "reply" then MSG_IDD = REQUEST("MSG_ID") MSG_ID2 = REQUEST("MSG_ID2") FORID = REQUEST("forid") set rsDel = Server.CreateObject("ADODB.Command") rsDel.ActiveConnection = MM_conn_STRING rsDel.CommandText = "delete from REPLIES WHERE REP_ID= " + Replace(MSG_IDD, "'", "''") + "" rsDel.CommandType = 1 rsDel.CommandTimeout = 0 rsDel.Prepared = true rsDel.Execute() set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE FORUMS SET FOR_REPLY_COUNT = FOR_REPLY_COUNT - 1 WHERE FOR_ID = " + Replace(FORID, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE MESSAGES SET MSG_REPLY_COUNT = MSG_REPLY_COUNT - 1 WHERE MSG_ID = " + Replace(MSG_ID2, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsDel = nothing set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=forum&message=36") End if ' *** Edit Operations: declare variables MM_editAction = CStr(Request("URL")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Request.QueryString End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Insert Record: set variables If (CStr(Request("MM_insert")) <> "") Then MM_editConnection = MM_conn_STRING MM_editTable = "FORUMS" MM_editRedirectUrl = "" MM_fieldsStr = "FOR_NAME|value|FOR_DESCRIPTION|value" MM_columnsStr = "FOR_NAME|',none,''|FOR_DESCRIPTION|',none,''" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(i+1) = CStr(Request.Form(MM_fields(i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Update Record: set variables If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_conn_STRING MM_editTable = "FORUMS" MM_editColumn = "MSG_ID" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "admin.asp?mode=forum" MM_fieldsStr = "FOR_ID|value" MM_columnsStr = "FOR_ID|none,none,NULL" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(i+1) = CStr(Request.Form(MM_fields(i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Insert Record: construct a sql insert statement and execute it If (CStr(Request("MM_insert")) <> "") Then ' create the sql insert statement MM_tableValues = "" MM_dbValues = "" For i = LBound(MM_fields) To UBound(MM_fields) Step 2 FormVal = MM_fields(i+1) MM_typeArray = Split(MM_columns(i+1),",") Delim = MM_typeArray(0) If (Delim = "none") Then Delim = "" AltVal = MM_typeArray(1) If (AltVal = "none") Then AltVal = "" EmptyVal = MM_typeArray(2) If (EmptyVal = "none") Then EmptyVal = "" If (FormVal = "") Then FormVal = EmptyVal Else If (AltVal <> "") Then FormVal = AltVal ElseIf (Delim = "'") Then ' escape quotes FormVal = "'" & Replace(FormVal,"'","''") & "'" Else FormVal = Delim + FormVal + Delim End If End If If (i <> LBound(MM_fields)) Then MM_tableValues = MM_tableValues & "," MM_dbValues = MM_dbValues & "," End if MM_tableValues = MM_tableValues & MM_columns(i) MM_dbValues = MM_dbValues & FormVal Next MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ") values (" & MM_dbValues & ")" If (Not MM_abortEdit) Then FOR_NAME = REQUEST("FOR_NAME") set rsforchk = Server.CreateObject("ADODB.Recordset") rsforchk.ActiveConnection = MM_conn_STRING rsforchk.Source = "SELECT FOR_NAME FROM FORUMS WHERE FOR_NAME = '" + Replace(FOR_NAME, "'", "''") + "'" rsforchk.CursorType = 0 rsforchk.CursorLocation = 2 rsforchk.LockType = 3 rsforchk.Open() rsforchk_numRows = 0 If Not rsforchk.EOF Or Not rsforchk.BOF Then MM_conn_STRING.Close rsforchk.Close set rsforchk = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=forum&message=42") end if ' execute the insert Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close Response.redirect("admin.asp?mode=forum&message=41") If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% If request("editforum2") = "Edit Forum" then FORID = request("forumid") set rsf = Server.CreateObject("ADODB.Recordset") rsf.ActiveConnection = MM_conn_STRING rsf.Source = "SELECT FOR_ID, FOR_NAME, FOR_DESCRIPTION FROM FORUMS WHERE FOR_ID = " + Replace(FORID, "'", "''") + "" rsf.CursorType = 0 rsf.CursorLocation = 2 rsf.LockType = 3 rsf.Open() rsf_numRows = 0 elseif request("editforum") = "Delete Forum & Messages" then FORID = REQUEST("forumid") set rsf = Server.CreateObject("ADODB.Recordset") rsf.ActiveConnection = MM_conn_STRING rsf.Source = "SELECT MSG_ID FROM MESSAGES WHERE FOR_ID = " + Replace(FORID, "'", "''") + "" rsf.CursorType = 0 rsf.CursorLocation = 2 rsf.LockType = 3 rsf.Open() rsf_numRows = 0 repeat5__numRows = -1 Dim repeat5__index repeat5__index = 0 rsf_numRows = rsf_numRows + repeat5__numRows While ((repeat5__numRows <> 0) AND (NOT rsf.EOF)) msgid = rsf("MSG_ID") set rsDel = Server.CreateObject("ADODB.Command") rsDel.ActiveConnection = MM_conn_STRING rsDel.CommandText = "delete from REPLIES WHERE MSG_ID= " + Replace(msgid, "'", "''") + "" rsDel.CommandType = 1 rsDel.CommandTimeout = 0 rsDel.Prepared = true rsDel.Execute() repeat5__index=repeat5__index+1 repeat5__numRows=repeat5__numRows-1 rsf.MoveNext() Wend set rsDel = Server.CreateObject("ADODB.Command") rsDel.ActiveConnection = MM_conn_STRING rsDel.CommandText = "delete from MESSAGES WHERE FOR_ID= " + Replace(FORID, "'", "''") + "" rsDel.CommandType = 1 rsDel.CommandTimeout = 0 rsDel.Prepared = true rsDel.Execute() set rsDel = Server.CreateObject("ADODB.Command") rsDel.ActiveConnection = MM_conn_STRING rsDel.CommandText = "delete from FORUMS WHERE FOR_ID= " + Replace(FORID, "'", "''") + "" rsDel.CommandType = 1 rsDel.CommandTimeout = 0 rsDel.Prepared = true rsDel.Execute() rsf.Close set rsf = nothing set rsDel = nothing response.redirect("admin.asp?mode=forum&message=39") end if ' *** Update Record: construct a sql update statement and execute it If (CStr(Request("MM_update")) <> "reply" And CStr(Request("MM_recordId")) <> "") Then field2 = request.form("MSG_BODY") field3 = request.form("MSG_SUBJECT") field4 = request.form("MSG_AUTHOR") field5 = request.form("MSG_DATE") field6 = request.form("MM_recordId") set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE MESSAGES SET MSG_BODY = '" + Replace(field2, "'", "''") + "', MSG_SUBJECT = '" + Replace(field3, "'", "''") + "', MSG_AUTHOR ='" + Replace(field4, "'", "''") + "', MSG_DATE= '" + Replace(field5, "'", "''") + "' WHERE MSG_ID = " + Replace(field6, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=forum&message=37") elseIf (CStr(Request("MM_update")) <> "message" And CStr(Request("MM_recordId")) <> "") Then field3 = request.form("REP_AUTHOR") field4 = request.form("REP_BODY") field6 = request.form("MM_recordId") set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE REPLIES SET REP_BODY = '" + Replace(field4, "'", "''") + "', REP_AUTHOR = '" + Replace(field3, "'", "''") + "' WHERE REP_ID = " + Replace(field6, "'", "''") + "" rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() MM_conn_STRING.Close set rsup = nothing set MM_conn_STRING = nothing response.redirect("admin.asp?mode=forum&message=38") End If %> <% Dim rsAdminEditMsg__MMColParam rsAdminEditMsg__MMColParam = "1" if (Request.QueryString("ID") <> "") then rsAdminEditMsg__MMColParam = Request.QueryString("ID") %> <% set rsAdminEditMsg = Server.CreateObject("ADODB.Recordset") rsAdminEditMsg.ActiveConnection = MM_conn_STRING rsAdminEditMsg.Source = "SELECT * FROM MESSAGES WHERE MSG_ID = " + Replace(rsAdminEditMsg__MMColParam, "'", "''") + "" rsAdminEditMsg.CursorType = 0 rsAdminEditMsg.CursorLocation = 2 rsAdminEditMsg.LockType = 3 rsAdminEditMsg.Open() rsAdminEditMsg_numRows = 0 %> <% Dim rsAdminEditRep__MMColParam rsAdminEditRep__MMColParam = "1" if (Request.QueryString("REPID") <> "") then rsAdminEditRep__MMColParam = Request.QueryString("REPID") %> <% set rsAdminEditRep = Server.CreateObject("ADODB.Recordset") rsAdminEditRep.ActiveConnection = MM_conn_STRING rsAdminEditRep.Source = "SELECT REP_AUTHOR, REP_ID, REP_BODY FROM REPLIES WHERE REP_ID = " + Replace(rsAdminEditRep__MMColParam, "'", "''") + "" rsAdminEditRep.CursorType = 0 rsAdminEditRep.CursorLocation = 2 rsAdminEditRep.LockType = 3 rsAdminEditRep.Open() rsAdminEditRep_numRows = 0 set rsv = Server.CreateObject("ADODB.Recordset") rsv.ActiveConnection = MM_conn_STRING rsv.Source = "SELECT FOR_ID, FOR_NAME FROM FORUMS order by FOR_NAME ASC" rsv.CursorType = 0 rsv.CursorLocation = 2 rsv.LockType = 3 rsv.Open() rsv_numRows = 0 repeat3__numRows = -1 repeat3__index = 0 rsv_numRows = rsv_numRows + repeat3__numRows %>
 MANAGING FORUMS  

<% IF request.form("editforum2") = "Edit Forum" then %>
Edit forum:
FORUM NAME: " size="32" class="Fields">
FORUM DESCRIPTION:
 

">

<% end if %> <% If Not rsAdminEditRep.EOF Or Not rsAdminEditRep.BOF Then %>
Edit reply:
REPLY AUTHOR: " size="32" class="Fields">
REPLY BODY:
 
">

<% End If ' end Not rsAdminEditRep.EOF Or NOT rsAdminEditRep.BOF %> <% If Not rsAdminEditMsg.EOF Or Not rsAdminEditMsg.BOF Then %>
Edit message:
MESSAGE DATE: " size="32" class="Fields">
MESSAGE AUTHOR: " size="32" class="Fields">
MESSAGE SUBJECT: " size="32" class="Fields">
MESSAGE BODY:
 
">

<% End If ' end Not rsAdminEditMsg.EOF Or NOT rsAdminEditMsg.BOF %>
Add a new forum:
FORUM NAME:
FORUM DESCRIPTION:
 

Edit / Delete forums:
 

<% rsv.Close() MM_conn_STRING.Close set rsv = nothing set MM_conn_STRING = nothing %> <% elseif request("mode") = "reports" then %> <% Dim MM_editAction, MM_abortEdit, MM_editQuery, readl, rsap_total, rsap_first, rsap_last, MM_rs, MM_rsCount, MM_size, MM_uniqueCol, MM_paramName, MM_offset, MM_atTotal, MM_paramIsDefined, r, i, MM_removeList, MM_keepURL, MM_keepForm, MM_keepBoth, MM_keepNone, Item, NextItem, MM_keepMove, MM_moveParam, params, urlStr, MM_moveFirst, MM_moveLast, MM_moveNext, prev, MM_movePrev if request.querystring("id") then readl = "readyes" end if ' *** Edit Operations: declare variables MM_editAction = CStr(Request("URL")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Request.QueryString End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Delete Record: declare variables if (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_conn_STRING MM_editTable = "p_messages" MM_editColumn = "id" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "admin.asp?message=13" ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Delete Record: construct a sql delete statement and execute it If (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then if (Session("MM_Username") <> "") then rsSession__MMColParam = Session("MM_Username") ' create the sql delete statement MM_editQuery = "delete from p_messages where id = " + Replace(MM_recordId, "'", "''") + "" If (Not MM_abortEdit) Then ' execute the delete Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% set rsap = Server.CreateObject("ADODB.Recordset") rsap.ActiveConnection = MM_conn_STRING rsap.Source = "SELECT * FROM p_messages WHERE field2 = 'Administration' ORDER BY date DESC" rsap.CursorType = 0 rsap.CursorLocation = 2 rsap.LockType = 3 rsap.Open() rsap_numRows = 0 Dim repeat4__numRows repeat4__numRows = 10 Dim repeat4__index repeat4__index = 0 rsap_numRows = rsap_numRows + repeat4__numRows %> <% if readl ="readyes" then Dim rsread__MMColParam, rsread, rsread_numRows, rs, MM_editConnection, MM_editTable, MM_editColumn, MM_recordId, MM_editRedirectUrl, MM_editCmd rsread__MMColParam = "1" if (Request.QueryString("id") <> "") then rsread__MMColParam = Request.QueryString("id") %> <% set rsread = Server.CreateObject("ADODB.Recordset") rsread.ActiveConnection = MM_conn_STRING rsread.Source = "SELECT * FROM p_messages WHERE field2 = 'Administration' AND id = " + Replace(rsread__MMColParam, "'", "''") + "" rsread.CursorType = 0 rsread.CursorLocation = 2 rsread.LockType = 3 rsread.Open() rsread_numRows = 0 %> <% set rs = Server.CreateObject("ADODB.Command") rs.ActiveConnection = MM_conn_STRING rs.CommandText = "UPDATE p_messages SET status = 'r' WHERE id = " + Replace(rsread__MMColParam, "'", "''") + " " rs.CommandType = 1 rs.CommandTimeout = 0 rs.Prepared = true rs.Execute() If rsread("field5") = "y" then user2 = rsread("field1") set rsad = Server.CreateObject("ADODB.Recordset") rsad.ActiveConnection = MM_conn_STRING rsad.Source = "SELECT p_id FROM p_ads WHERE p_user = '" + Replace(user2, "'", "''") + "'" rsad.CursorType = 0 rsad.CursorLocation = 2 rsad.LockType = 3 rsad.Open() rsad_numRows = 0 end if Function DoSpace(str) DoSpace = (Replace(str, vbCrlf, "
")) End Function %> <% If NOT rsread.EOF And NOT rsread.BOF Then %>

 Report Details

&subj=Re: <%= Server.HTMLEncode((rsread.Fields.Item("field4").Value)) %>">
">

From: 

<%= Server.HTMLEncode((rsread.Fields.Item("field1").Value)) %>

Subject: 

<%= Server.HTMLEncode((rsread.Fields.Item("field4").Value)) %>

Message: 

<%= DoSpace(Server.HTMLEncode((rsread.Fields.Item("field3").Value))) %> <% If rsread("field5") = "y" then %> <% If NOT rsad.EOF And NOT rsad.BOF Then %>

">Click Here to view my Personals Ad. <% end if %> <% end if %>

Dated:  

 <%= (rsread.Fields.Item("date").Value) %>

<% end if %> <% rsread.Close() %> <% end if %> <% If Not rsap.EOF Or Not rsap.BOF Then 'If the recordset rsap is not empty ' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables ' set the record count rsap_total = rsap.RecordCount ' set the number of rows displayed on this page If (rsap_numRows < 0) Then rsap_numRows = rsap_total Elseif (rsap_numRows = 0) Then rsap_numRows = 1 End If ' set the first and last displayed record rsap_first = 1 rsap_last = rsap_first + rsap_numRows - 1 ' if we have the correct record count, check the other stats If (rsap_total <> -1) Then If (rsap_first > rsap_total) Then rsap_first = rsap_total If (rsap_last > rsap_total) Then rsap_last = rsap_total If (rsap_numRows > rsap_total) Then rsap_numRows = rsap_total End If %> <% ' *** Recordset Stats: if we don't know the record count, manually count them If (rsap_total = -1) Then ' count the total records by iterating through the recordset rsap_total=0 While (Not rsap.EOF) rsap_total = rsap_total + 1 rsap.MoveNext Wend ' reset the cursor to the beginning If (rsap.CursorType > 0) Then rsap.MoveFirst Else rsap.Requery End If ' set the number of rows displayed on this page If (rsap_numRows < 0 Or rsap_numRows > rsap_total) Then rsap_numRows = rsap_total End If ' set the first and last displayed record rsap_first = 1 rsap_last = rsap_first + rsap_numRows - 1 If (rsap_first > rsap_total) Then rsap_first = rsap_total If (rsap_last > rsap_total) Then rsap_last = rsap_total End If %> <% ' *** Move To Record and Go To Record: declare variables Set MM_rs = rsap MM_rsCount = rsap_total MM_size = rsap_numRows MM_uniqueCol = "" MM_paramName = "" MM_offset = 0 MM_atTotal = false MM_paramIsDefined = false If (MM_paramName <> "") Then MM_paramIsDefined = (Request.QueryString(MM_paramName) <> "") End If %> <% ' *** Move To Record: handle 'index' or 'offset' parameter if (Not MM_paramIsDefined And MM_rsCount <> 0) then ' use index parameter if defined, otherwise use offset parameter r = Request.QueryString("index") If r = "" Then r = Request.QueryString("offset") If r <> "" Then MM_offset = Int(r) ' if we have a record count, check if we are past the end of the recordset If (MM_rsCount <> -1) Then If (MM_offset >= MM_rsCount Or MM_offset = -1) Then ' past end or move last If ((MM_rsCount Mod MM_size) > 0) Then ' last page not a full repeat region MM_offset = MM_rsCount - (MM_rsCount Mod MM_size) Else MM_offset = MM_rsCount - MM_size End If End If End If ' move the cursor to the selected record i = 0 While ((Not MM_rs.EOF) And (i < MM_offset Or MM_offset = -1)) MM_rs.MoveNext i = i + 1 Wend If (MM_rs.EOF) Then MM_offset = i ' set MM_offset to the last possible record End If %> <% ' *** Move To Record: if we dont know the record count, check the display range If (MM_rsCount = -1) Then ' walk to the end of the display range for this page i = MM_offset While (Not MM_rs.EOF And (MM_size < 0 Or i < MM_offset + MM_size)) MM_rs.MoveNext i = i + 1 Wend ' if we walked off the end of the recordset, set MM_rsCount and MM_size If (MM_rs.EOF) Then MM_rsCount = i If (MM_size < 0 Or MM_size > MM_rsCount) Then MM_size = MM_rsCount End If ' if we walked off the end, set the offset based on page size If (MM_rs.EOF And Not MM_paramIsDefined) Then If (MM_offset > MM_rsCount - MM_size Or MM_offset = -1) Then If ((MM_rsCount Mod MM_size) > 0) Then MM_offset = MM_rsCount - (MM_rsCount Mod MM_size) Else MM_offset = MM_rsCount - MM_size End If End If End If ' reset the cursor to the beginning If (MM_rs.CursorType > 0) Then MM_rs.MoveFirst Else MM_rs.Requery End If ' move the cursor to the selected record i = 0 While (Not MM_rs.EOF And i < MM_offset) MM_rs.MoveNext i = i + 1 Wend End If %> <% ' *** Move To Record: update recordset stats ' set the first and last displayed record rsap_first = MM_offset + 1 rsap_last = MM_offset + MM_size If (MM_rsCount <> -1) Then If (rsap_first > MM_rsCount) Then rsap_first = MM_rsCount If (rsap_last > MM_rsCount) Then rsap_last = MM_rsCount End If ' set the boolean used by hide region to check if we are on the last record MM_atTotal = (MM_rsCount <> -1 And MM_offset + MM_size >= MM_rsCount) %> <% ' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters ' create the list of parameters which should not be maintained MM_removeList = "&index=" If (MM_paramName <> "") Then MM_removeList = MM_removeList & "&" & MM_paramName & "=" MM_keepURL="":MM_keepForm="":MM_keepBoth="":MM_keepNone="" ' add the URL parameters to the MM_keepURL string For Each Item In Request.QueryString NextItem = "&" & Item & "=" If (InStr(1,MM_removeList,NextItem,1) = 0) Then MM_keepURL = MM_keepURL & NextItem & Server.URLencode(Request.QueryString(Item)) End If Next ' add the Form variables to the MM_keepForm string For Each Item In Request.Form NextItem = "&" & Item & "=" If (InStr(1,MM_removeList,NextItem,1) = 0) Then MM_keepForm = MM_keepForm & NextItem & Server.URLencode(Request.Form(Item)) End If Next ' create the Form + URL string and remove the intial '&' from each of the strings MM_keepBoth = MM_keepURL & MM_keepForm if (MM_keepBoth <> "") Then MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1) if (MM_keepURL <> "") Then MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1) if (MM_keepForm <> "") Then MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1) ' a utility function used for adding additional parameters to these strings Function MM_joinChar(firstItem) If (firstItem <> "") Then MM_joinChar = "&" Else MM_joinChar = "" End If End Function %> <% ' *** Move To Record: set the strings for the first, last, next, and previous links MM_keepMove = MM_keepBoth MM_moveParam = "index" ' if the page has a repeated region, remove 'offset' from the maintained parameters If (MM_size > 0) Then MM_moveParam = "offset" If (MM_keepMove <> "") Then params = Split(MM_keepMove, "&") MM_keepMove = "" For i = 0 To UBound(params) nextItem = Left(params(i), InStr(params(i),"=") - 1) If (StrComp(nextItem,MM_moveParam,1) <> 0) Then MM_keepMove = MM_keepMove & "&" & params(i) End If Next If (MM_keepMove <> "") Then MM_keepMove = Right(MM_keepMove, Len(MM_keepMove) - 1) End If End If End If ' set the strings for the move to links If (MM_keepMove <> "") Then MM_keepMove = MM_keepMove & "&" urlStr = Request.ServerVariables("URL") & "?" & MM_keepMove & MM_moveParam & "=" MM_moveFirst = urlStr & "0" MM_moveLast = urlStr & "-1" MM_moveNext = urlStr & Cstr(MM_offset + MM_size) prev = MM_offset - MM_size If (prev < 0) Then prev = 0 MM_movePrev = urlStr & Cstr(prev) End If 'End If recordset rsap is empty. %>
  Admin Reports
<% If Not rsap.EOF Or Not rsap.BOF Then %>   Showing Reports <%=(rsap_first)%> to <%=(rsap_last)%> of <%=(rsap_total)%> <% end if %>
Return to Admin Controlsw
<% If Not rsap.EOF Or Not rsap.BOF Then %>
<% If MM_offset <> 0 Then %> Previous   <% End If ' end MM_offset <> 0 %><% If Not MM_atTotal Then %> Next  <% End If ' end Not MM_atTotal %>
 <% end if %>
<% While ((repeat4__numRows <> 0) AND (NOT rsap.EOF)) %> <% repeat4__index=repeat4__index+1 repeat4__numRows=repeat4__numRows-1 rsap.MoveNext() Wend %> <% If rsap.EOF And rsap.BOF Then response.redirect("admin.asp") %> <% End If ' end rsap.EOF And rsap.BOF %>

From

Subject (click to view)

Received

Delete

<%= Server.HTMLEncode((rsap.Fields.Item("field1").Value)) %>

&mode=reports"><% If rsap.Fields.Item("status") ="n" then %><% end if %><%=left(Server.HTMLEncode(rsap("field4")), 30) %>...<% If rsap.Fields.Item("status") ="n" then %> New<% end if %>

<%=(rsap.Fields.Item("date").Value)%>

">
<% If Not rsap.EOF Or Not rsap.BOF Then %>
<% If MM_offset <> 0 Then %> Previous   <% End If ' end MM_offset <> 0 %><% If Not MM_atTotal Then %> Next  <% End If ' end Not MM_atTotal %>
<% end if %> <% else Dim rsre Dim rsre_numRows set rsre = Server.CreateObject("ADODB.Recordset") rsre.ActiveConnection = MM_conn_STRING rsre.Source = "SELECT * FROM p_messages WHERE field2 = 'Administration'" rsre.CursorType = 0 rsre.CursorLocation = 2 rsre.LockType = 3 rsre.Open() rsre_numRows = 0 Dim rsap Dim rsap_numRows set rsap = Server.CreateObject("ADODB.Recordset") rsap.ActiveConnection = MM_conn_STRING rsap.Source = "SELECT * FROM p_ads WHERE p_photoapprove = '1'" rsap.CursorType = 0 rsap.CursorLocation = 2 rsap.LockType = 3 rsap.Open() rsap_numRows = 0 Dim rsdate2 Dim rsdate2_numRows set rsdate2 = Server.CreateObject("ADODB.Recordset") rsdate2.ActiveConnection = MM_conn_STRING rsdate2.Source = "SELECT * FROM p_users WHERE p_date < Date () + 2 AND p_approve = 'n'" rsdate2.CursorType = 0 rsdate2.CursorLocation = 2 rsdate2.LockType = 3 rsdate2.Open() rsdate2_numRows = 0 Dim rsdate Dim rsdate_numRows set rsdate = Server.CreateObject("ADODB.Recordset") rsdate.ActiveConnection = MM_conn_STRING rsdate.Source = "SELECT * FROM p_users WHERE p_expdate < Date ()" rsdate.CursorType = 0 rsdate.CursorLocation = 2 rsdate.LockType = 3 rsdate.Open() rsdate_numRows = 0 if request("delete") = "month" then Dim user, rsimage, rsimage_numRows, rsAutoDelete, rsAutoDel, rsAutoDelet Dim repeat2__numRows repeat2__numRows = -1 Dim repeat2__index repeat2__index = 0 rsdate_numRows = rsdate_numRows + repeat2__numRows If Not rsdate.EOF Or Not rsdate.BOF Then While ((repeat2__numRows <> 0) AND (NOT rsdate.EOF)) user = rsdate("p_user") set rsimage = Server.CreateObject("ADODB.Recordset") rsimage.ActiveConnection = MM_conn_STRING rsimage.Source = "SELECT * FROM p_ads WHERE p_user ='" + Replace(user, "'", "''") + "'" rsimage.CursorType = 0 rsimage.CursorLocation = 2 rsimage.LockType = 3 rsimage.Open() rsimage_numRows = 0 If Not rsimage.EOF Or Not rsimage.BOF Then p_idd = rsimage("p_id") elseIf rsimage.EOF Or rsimage.BOF Then p_idd = 0 end if set rsAutoDelete = Server.CreateObject("ADODB.Command") rsAutoDelete.ActiveConnection = MM_conn_STRING rsAutoDelete.CommandText = "delete from p_ads WHERE p_user= '" + Replace(user, "'", "''") + "'" rsAutoDelete.CommandType = 1 rsAutoDelete.CommandTimeout = 0 rsAutoDelete.Prepared = true rsAutoDelete.Execute() set rsAutoDelete = Server.CreateObject("ADODB.Command") rsAutoDelete.ActiveConnection = MM_conn_STRING rsAutoDelete.CommandText = "delete from p_messages WHERE field2= '" + Replace(user, "'", "''") + "'" rsAutoDelete.CommandType = 1 rsAutoDelete.CommandTimeout = 0 rsAutoDelete.Prepared = true rsAutoDelete.Execute() set rsAutoDelete = Server.CreateObject("ADODB.Command") rsAutoDelete.ActiveConnection = MM_conn_STRING rsAutoDelete.CommandText = "delete from p_favorites WHERE fav_user= '" + Replace(user, "'", "''") + "' OR p_user= '" + Replace(user, "'", "''") + "'" rsAutoDelete.CommandType = 1 rsAutoDelete.CommandTimeout = 0 rsAutoDelete.Prepared = true rsAutoDelete.Execute() set rsAutoDelete = Server.CreateObject("ADODB.Command") rsAutoDelete.ActiveConnection = MM_conn_STRING rsAutoDelete.CommandText = "delete from p_users WHERE p_user='" + Replace(user, "'", "''") + "'" rsAutoDelete.CommandType = 1 rsAutoDelete.CommandTimeout = 0 rsAutoDelete.Prepared = true rsAutoDelete.Execute() set rsAutoDelete = Server.CreateObject("ADODB.Command") rsAutoDelete.ActiveConnection = MM_conn_STRING rsAutoDelete.CommandText = "delete from p_questions WHERE p_user='" + Replace(user, "'", "''") + "'" rsAutoDelete.CommandType = 1 rsAutoDelete.CommandTimeout = 0 rsAutoDelete.Prepared = true rsAutoDelete.Execute() thepath=Server.MapPath("ad_photos/") set fs=CreateObject("Scripting.FileSystemObject") aryFileType = split("jpg,jpeg,gif,png",",",-1) 'SPLITS LIST OF ACCEPTABLE FILE TYPES IN CONFIG.ASP INTO ARRAY numFileLoopCounter = Ubound(aryFileType) Do while numFileLoopCounter>-1 ImageName = p_idd & "." & aryFileType(numFileLoopCounter) set fs=CreateObject("Scripting.FileSystemObject") If fs.FileExists(thepath & "\" & ImageName) then fs.DeleteFile(thepath & "\" & ImageName) End if numFileLoopCounter = numFileLoopCounter-1 Loop set fs=nothing repeat2__index=repeat2__index+1 repeat2__numRows=repeat2__numRows-1 rsdate.MoveNext() Wend set rsAutoDelete = nothing set MM_conn_STRING = nothing response.redirect("admin.asp") end if elseif request("delete") = "hour" then Dim rshour If Not rsdate2.EOF Or Not rsdate2.BOF Then set rshour = Server.CreateObject("ADODB.Command") rshour.ActiveConnection = MM_conn_STRING rshour.CommandText = "delete from p_users WHERE p_date < Date () + 2 AND p_approve = 'n'" rshour.CommandType = 1 rshour.CommandTimeout = 0 rshour.Prepared = true rshour.Execute() set rshour = nothing set MM_conn_STRING = nothing response.redirect("admin.asp") end if end if %>
  Admin Controls   

<% If rsSession("p_access") = "admin" Then %>
  Admin / Deadmin User:  
<% end if %>
  Approve Photos:  <% if rsap.EOF Or rsap.BOF Then %>none<% else %><% end if %>
  Delete 24 Hours Inactivated Accounts:  <% if rsdate2.EOF Or rsdate2.BOF Then %>none<% else %><% end if %>
  Delete 1 year Inactive Accounts:  <% if rsdate.EOF Or rsdate.BOF Then %>none<% else %><% end if %>
  Read Reported Listings:  <% if rsre.EOF Or rsre.BOF Then %>none<% else %><% end if %>
  Warn / Ban User:  
  Edit / Add / Remove Location(s):  
  Message Board Controls:  
  Newsletter:  
<% end if %> <% end if %>