<%@LANGUAGE="VBSCRIPT"%> <% '=============================================== ' Personals System 2002 ' Š2002 vSpin.net. www.vspin.net '=============================================== ' All rights reserved. ' Use of this code is covered by the terms and ' conditions in the license agreement. No ' unauthorized duplication or distribution is ' permitted. vSpin.net copyright notices must ' remain in the ASP sections of the code. '=============================================== %> <% ' *** Restrict Access To Page: Grant or deny access to this page Dim MM_authorizedUsers, MM_authFailedURL, MM_grantAccess MM_authorizedUsers="" MM_authFailedURL="login.asp" MM_grantAccess=false If Session("MM_Username") <> "" Then If (true Or CStr(Session("MM_UserAuthorization"))="") Or _ (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then MM_grantAccess = true End If End If If Not MM_grantAccess Then MM_qsChar = "?" If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&" MM_referrer = Request.ServerVariables("URL") if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString() MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer) Response.Redirect(MM_authFailedURL) End If %> <% dim xxxxm, rsheadUpdatee, rsheadUpdatee_numRows Dim MM_editAction, MM_abortEdit, MM_editQuery, rsMail, rsMail_numRows, count_sqry, count_sqry_n, numin, numin_n, inbox, inbox_n, readl, user, rsRead, rsRead_numRows, rs, MM_editConnection, MM_editTable, MM_editColumn, MM_recordId, MM_editRedirectUrl, MM_editCmd' Function DoSpace(str) DoSpace = (Replace(str, vbCrlf, "
")) End Function if request.querystring("id") then readl = "readyes" end if ' *** Edit Operations: declare variables MM_editAction = CStr(Request("URL")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Request.QueryString End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Delete Record: declare variables if (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_conn_STRING MM_editTable = "p_messages" MM_editColumn = "id" MM_recordId = "" + Request("MM_recordId") + "" ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Delete Record: construct a sql delete statement and execute it If (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then if (Session("MM_Username") <> "") then rsSession__MMColParam = Session("MM_Username") ' create the sql delete statement MM_editQuery = "delete from p_messages where field2 ='" + Replace(rsSession__MMColparam, "'", "''") + "' AND id = " + Replace(MM_recordId, "'", "''") + "" If (Not MM_abortEdit) Then ' execute the delete Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close Response.Redirect("read.asp?message=13") End If End If %> <% Dim rsMail__MMColParam rsMail__MMColParam = "1" if (Session("MM_Username") <> "") then rsMail__MMColParam = Session("MM_Username") %> <% set rsMail = Server.CreateObject("ADODB.Recordset") rsMail.ActiveConnection = MM_conn_STRING rsMail.Source = "SELECT * FROM p_messages WHERE field2 = '" + Replace(rsMail__MMColParam, "'", "''") + "' ORDER BY date DESC" rsMail.CursorType = 0 rsMail.CursorLocation = 2 rsMail.LockType = 3 rsMail.Open() rsMail_numRows = 0 %> <% Dim Repeat1__numRows Repeat1__numRows = -1 Dim Repeat1__index Repeat1__index = 0 rsMail_numRows = rsMail_numRows + Repeat1__numRows count_sqry = "Select count(*) as t_Count From p_messages where field2 = '" & Session("MM_Username") &"'" count_sqry_n = "Select count(*) as n_count From p_messages where field2 = '" & Session("MM_Username") &"' and status = 'n'" set numin=MM_conn_STRING.Execute (count_Sqry) set numin_n=MM_conn_STRING.Execute (count_Sqry_n) inbox = numin("t_count") inbox_n = numin_n("n_count") %> <% if readl ="readyes" then Dim rsRead__MMColParam rsRead__MMColParam = "1" if (Request.QueryString("id") <> "") then rsRead__MMColParam = Request.QueryString("id") user = rsSession("p_user") %> <% set rsRead = Server.CreateObject("ADODB.Recordset") rsRead.ActiveConnection = MM_conn_STRING rsRead.Source = "SELECT * FROM p_messages WHERE field2 = '" + Replace(user, "'", "''") + "' AND id = " + Replace(rsRead__MMColParam, "'", "''") + "" rsRead.CursorType = 0 rsRead.CursorLocation = 2 rsRead.LockType = 3 rsRead.Open() rsRead_numRows = 0 %> <% set rs = Server.CreateObject("ADODB.Command") rs.ActiveConnection = MM_conn_STRING rs.CommandText = "UPDATE p_messages SET status = 'r' WHERE id = " + Replace(rsRead__MMColParam, "'", "''") + " " rs.CommandType = 1 rs.CommandTimeout = 0 rs.Prepared = true rs.Execute() set rs = nothing If rsRead("field5") = "y" then user2 = rsRead("field1") set rsad = Server.CreateObject("ADODB.Recordset") rsad.ActiveConnection = MM_conn_STRING rsad.Source = "SELECT p_id FROM p_ads WHERE p_user = '" + Replace(user2, "'", "''") + "'" rsad.CursorType = 0 rsad.CursorLocation = 2 rsad.LockType = 3 rsad.Open() rsad_numRows = 0 end if %> <% If NOT rsRead.EOF And NOT rsRead.BOF Then %>

Message Details

&subj=Re: <%= Server.HTMLEncode((rsRead.Fields.Item("field4").Value)) %>">">">">


	From:	<%= Server.HTMLEncode((rsRead.Fields.Item("field1").Value)) %>
	Subject:	<%= Server.HTMLEncode((rsRead.Fields.Item("field4").Value)) %>
	Message:	<%= DoSpace(Server.HTMLEncode((rsRead.Fields.Item("field3").Value))) %> <% If rsRead("field5") = "y" then %> <% If NOT rsad.EOF And NOT rsad.BOF Then %> ">Click Here to view my Personals Ad. <% rsad.Close set rsad = nothing end if %> <% end if %>

	Dated:	<%= (rsRead.Fields.Item("date").Value) %>

<% end if %> <% rsRead.Close set rsRead = nothing %> <% end if %>

Read Messages

	You have <%= inbox_n %> new message(s) of <%= inbox %>.

<% While ((Repeat1__numRows <> 0) AND (NOT rsMail.EOF)) %> <% Repeat1__index=Repeat1__index+1 Repeat1__numRows=Repeat1__numRows-1 rsMail.MoveNext() Wend %> <% If rsMail.EOF And rsMail.BOF Then %> <% End If ' end rsMail.EOF And rsMail.BOF %>


From	Subject (click to view)	Received	Delete

<%= Server.HTMLEncode((rsMail.Fields.Item("field1").Value)) %>	"><% If rsMail.Fields.Item("status") ="n" then %><% end if %><%=left(Server.HTMLEncode(rsMail("field4")), 30) %>...<% If rsMail.Fields.Item("status") ="n" then %> New<% end if %>	<%=(rsMail.Fields.Item("date").Value)%>	">

No Messages

<% rsMail.Close MM_conn_STRING.Close set MM_conn_STRING = nothing set numin_n = nothing set numin = nothing set rsMail = nothing %>