BACKSTAGE

Logged in as <%= Session("Username") %> (<%= Session("User_Name") %>) - Logout

UNDERdog.be

Backstage

<% Response.Expires = -1 Dim recordcounter Dim objConn Set objConn = Server.CreateObject("ADODB.Connection") %><% objConn.Open If Request.Form("SAVE") then myTitle=Request.Form("TITLE") myEmail=Session("User_Name") myAuthor=Session("Username") myMessage=Request.Form("MESSAGE") mreplyTo=Request.Form("REPLYTO") veri1=Request.Form("VERIFY1") veri2=Request.Form("VERIFY2") If veri1=veri2 and myMessage<>"" and myAuthor<>"" and myTitle<>"" and mreplyTo<>"" and InStr(mymessage, "[") = 0 and InStr(mymessage, "a href") = 0 and InStr(mymessage, "fuck") = 0 and InStr(mymessage, "gay") = 0 and InStr(myTitle, "<") = 0 and InStr(myAuthor, "<") = 0 then myMessage = replace( Request.Form("MESSAGE"), "'", "''") myMessage = replace( myMessage, "<", "-") myMessage = replace( myMessage, ">", "-") myMessage = replace( myMessage, "FUCK", "F**K") myMessage = replace( myMessage, "SUCK", "S**K") myMessage = replace( myMessage, "BITCH", "FEMALE DOG") myMessage = replace( myMessage, "GAY", "HAPPY") Dim MyCols MyCols="TITLE,AUTHOR,EMAIL,MESSAGE,REPLYTO,mDATE" Dim saveSQL saveSQL="INSERT INTO udb_UDMESSAGES ("&MyCols&") VALUES ( '"& replace( Request.Form("TITLE"), "'", "''") &"','"& replace( myAuthor, "'", "''") &"','"& myEmail &"','"& myMessage &"','"& Request.Form("REPLYTO") &"','"& Request.Form("mDATE") &"')" set objRS=objConn.execute(saveSQL) myState = "

YOUR MESSAGE HAS BEEN ADDED, THANK YOU FOR YOUR FEEDBACK!

" myTitle="" myAuthor="" myMessage="" else myState = "

ERROR SAVING MESSAGE...
PLEASE FILL IN ALL FIELDS!
BAD LANGUAGE & TAGS ARE NOT ALLOWED!
VERIFY SECURITY CODE!

" end if myID=Request.Form("REPLYTO") myGAME=Request.Form("GAME") else myID=Request.Querystring("ID") myGAME=Request.Querystring("GAME") end if %>

<% Response.Write(myGAME) %>

<% if myState <> "" then %> <% Response.Write(myState) %> <% end if %> <% Dim myText mySQL="SELECT TITLE,MESSAGE,AUTHOR,mDATE,ID from udb_UDMESSAGES WHERE REPLYTO='"& myID &"' ORDER BY mDATE DESC" set objRS=objConn.execute(mySQL) if Request.Querystring("page") then Gnr=1+Request.Querystring("page")*5 Page=Request.Querystring("page") else Gnr=1 end if recordcounter=1 do until objRS.eof if recordcounter>=Gnr and recordcounter< Gnr+5 then msgTitle=objRS(0) msgMessage=objRS(1) msgMessage = Replace(msgMessage,vbcrlf,"
") msgAuthor=objRS(2) msgDate=objRS(3) msgID=objRS(4) %>

<% =msgTitle %> by <% =msgAuthor %>

<% =msgDate %>
<% =msgMessage %>
<% if Request.Cookies("edit") = "true" then %> - EDIT <% end if %>

<% end if recordcounter=recordcounter+1 objRS.movenext loop objConn.close set objConn=nothing %>
<% If Page > 0 then %> PREVIOUS PAGE <% End if %> <% Response.Write(Gnr) %> to <% Response.Write(Gnr+4) %> of <% Response.Write(recordcounter-1) %> <% If Gnr+5 < recordcounter then %> NEXT PAGE <% End if function tweedelig(wert) if len(wert)<2 then wert = "0" & wert tweedelig = wert end function %>
" /> <% randomize Dim mRand mRand=int(rnd*8000)+1000 %>




Please do not use any BAD language... young people also visit our website. Thank you!
(your IP: <% =Request.ServerVariables("REMOTE_HOST") %>)