<% strAction = request("action") Select Case strAction Case "addBlog" strHeader = request.Form("header") strHeader = replace(strHeader,"'","''") strContent = request.Form("main") strContent = replace(strContent,"'","''") strContent = replace(strContent,vbCrLf,"
") strContent = replace(strContent,"","") strContent = replace(strContent,"","") strDateT = request.Form("theDate") strDateT = CDate(strDateT) strDate = CDate(FormatDateTime(strDateT,vbShortDate)) strDate = dateToInt(strDate) strTime = request.Form("theTime") strTime = FormatDateTime(strDateT,vbShortTime) intMonth = request.Form("month") intYear = request.Form("year") strAuthor = request.Form("author") intPublished= request.Form("publish") strSQL = "INSERT INTO T_WEBLOG (b_headline, b_content, b_date, b_time,b_month,b_year,b_author,b_published) values ('"&strHeader&"','"&strContent&"',"&strDate&",'"&strTime&"',"&intMonth&","&intYear&",'"&strAuthor&"',"&intPublished&")" response.Write(strSQL) 'response.End() Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing response.Redirect("default.asp?cmd=bloglist") %> <% Case "updateBlog" strHeader = request.Form("header") strHeader = replace(strHeader,"'","''") strContent = request.Form("main") strContent = replace(strContent,"'","''") strContent = replace(strContent,vbCrLf,"
") strContent = replace(strContent,"","") strContent = replace(strContent,"","") strID = request.Form("id") strPublish = request.Form("publish") if strPublish = "" Then strPublish = false end if strSQL = "UPDATE T_WEBLOG SET b_headline = '"&strHeader&"', b_content = '"&strContent&"', b_published = "&strPublish&" WHERE id = "& strID Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn response.Write(strSQL) 'response.End() MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing response.Redirect("default.asp?cmd=bloglist&view=calendar") %> <% Case "publish" strStatus = request.QueryString("status") strID = request.QueryString("id") strSQL = "UPDATE T_WEBLOG set b_published = "&strStatus&" WHERE id = " & strID response.Write(strSQL) Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing %> <% Case "preview" response.write("") response.Write("") response.Write("

") response.Write("

") response.Write(request.Form("header")) response.Write("

") response.Write(replace(request.Form("main"),vbCrLf," ")) response.Write("

") %> <% Case "updateComment" strComment = request.Form("main") strComment = replace(strComment,"'","''") strComment = replace(strComment,vbCrLf,"
") strID = request.Form("id") strRedir = request.Form("redir") strRedir = replace(strRedir,"|","&") strSQL = "UPDATE T_COMMENTS set c_content = '"&strComment&"' WHERE id = " & strID response.Write(strSQL) Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing response.Redirect("default.asp"&strRedir) %> <% Case "save_settings" str_lcid = request.Form("lcid") str_displaymode = request.Form("displaymode") str_topcount = request.form("topcount") str_commenttext = request.form("commenttext") str_permalinktext = request.Form("permalinktext") str_commentheader = request.Form("commentheader") str_nocomments = request.Form("nocomments") str_nameempty = request.Form("nameempty") str_approveComments=request.Form("approveComments") if str_approveComments = "" then str_approveComments = false end if str_pollallowmultiple=request.Form("pollallowmultiple") if str_pollallowmultiple = "" then str_pollallowmultiple = false end if str_polltext_button = request.Form("polltext_button") str_polltext_viewres= request.Form("polltext_viewres") str_polltext_votes = request.Form("polltext_votes") strSQL = "UPDATE T_SETTINGS set lcid = "&str_lcid&", displaymode = "&str_displaymode&", topcount = "&str_topcount&", commenttext = '"&str_commenttext&"', permalinktext = '"&str_permalinktext&"', commentheader = '"&str_commentheader&"', nocomments = '"&str_nocomments&"', nameempty = '"&str_nameempty&"', approveComments = "&str_approveComments&", pollallowmultiple = "&str_pollallowmultiple&", polltext_button = '"&str_polltext_button&"', polltext_viewres = '"&str_polltext_viewres&"', polltext_votes = '"&str_polltext_votes&"'" Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing response.Redirect("default.asp?cmd=settings&view=global") %> <% Case "insert_user" strFullname = request.Form("fullname") strUsername = request.Form("username") strPassword = request.Form("password") strEmail = request.Form("email") strDate = Now() strSQL = "INSERT INTO T_USERS(uFULLNAME,uUSERNAME,uPASSWORD,uEMAIL,uDATECREATED) values ('"&strFullname&"','"&strUsername&"','"&strPassword&"','"&strEmail&"','"&strDate&"')" Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing response.Redirect("default.asp?cmd=settings&view=users") %> <% Case "update_user" strFullname = request.Form("fullname") strUsername = request.Form("username") strPassword = request.Form("password") strEmail = request.Form("email") intID = request.Form("id") strSQL = "UPDATE T_USERS set uFULLNAME = '"&strFullname&"',uUSERNAME = '"&strUsername&"',uPASSWORD = '"&strPassword&"',uEMAIL = '"&strEmail&"' WHERE id = " & intID Set MyConn = Server.CreateObject("ADODB.Connection") MyConn.Open strConn MyConn.Execute(strSQL) MyConn.Close Set MyConn = Nothing response.Redirect("default.asp?cmd=settings&view=users") %> <% end select %>