<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%> <% ' *** Logout the current user. MM_Logout = CStr(Request.ServerVariables("URL")) & "?MM_Logoutnow=1" If (CStr(Request("MM_Logoutnow")) = "1") Then Session.Contents.Remove("MM_Username") Session.Contents.Remove("MM_Fullname") Session.Contents.Remove("MM_EmailAdd") Session.Contents.Remove("MM_UserAuthorization") Session.Contents.Remove("MM_UID") MM_logoutRedirectPage = "index.asp" ' redirect with URL parameters (remove the "MM_Logoutnow" query param). if (MM_logoutRedirectPage = "") Then MM_logoutRedirectPage = CStr(Request.ServerVariables("URL")) If (InStr(1, UC_redirectPage, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_newQS = "?" For Each Item In Request.QueryString If (Item <> "MM_Logoutnow") Then If (Len(MM_newQS) > 1) Then MM_newQS = MM_newQS & "&" MM_newQS = MM_newQS & Item & "=" & Server.URLencode(Request.QueryString(Item)) End If Next if (Len(MM_newQS) > 1) Then MM_logoutRedirectPage = MM_logoutRedirectPage & MM_newQS End If Response.Redirect(MM_logoutRedirectPage) End If %> <% Dim MM_editAction MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString) End If ' boolean to abort record edit Dim MM_abortEdit MM_abortEdit = false 'Check if the passwords match If (Request.Form("Password") <> "") Or (Request.Form("ConfirmPassword") <> "") Or (Request.Form("EmailAddress") <> "") Or (Request.Form("ConfirmEmailAddress") <> "") Then If Request.Form("Password") <> Request.Form("ConfirmPassword") Then MM_abortEdit = True ErrorMsg = "Error: The passwords do not match, please make sure that both passwords match" End If 'Check if the email address is valid and that both email addresses are the same If (Not IsValidEmail(Request.Form("EmailAddress"))) or (Request.Form("EmailAddress") <> Request.Form("ConfirmEmailAddress")) Then MM_abortEdit = True ErrorMsg = "Error: The email address you have entered does not seem to be a valid email address.
Please confirm that the email address is correct in both text boxes." End If End If %> <% ' IIf implementation Function MM_IIf(condition, ifTrue, ifFalse) If condition = "" Then MM_IIf = ifFalse Else MM_IIf = ifTrue End If End Function Function IsValidEmail(strEmail) Dim bIsValid bIsValid = True If Len(strEmail) < 5 Then bIsValid = False Else If Instr(1, strEmail, " ") <> 0 AND Instr(1, strEmail, ";") = 0 Then bIsValid = False Else If InStr(1, strEmail, "@", 1) < 2 Then bIsValid = False Else If InStrRev(strEmail, ".") < InStr(1, strEmail, "@", 1) + 2 Then bIsValid = False End If End If End If End If IsValidEmail = bIsValid End Function %> <% If (CStr(Request("MM_insert")) = "form3") Then If (Not MM_abortEdit) Then ' execute the insert Dim MM_editCmd Dim ActivationKey Dim New_hex Randomize top_number = 9999 Do While Len(ActivationKey) < 50 New_hex = Int(Rnd * top_number)+1 ActivationKey = ActivationKey & Hex(New_hex) Loop Set MM_editCmd = Server.CreateObject ("ADODB.Command") MM_editCmd.ActiveConnection = MM_Forum_STRING MM_editCmd.CommandText = "INSERT INTO hcforum.users (Username, Password, FirstName, Surname, EmailAddress, AccessID, ActivationKey) VALUES (?, ?, ?, ?, ?, ?, ?)" MM_editCmd.Prepared = true MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param1", 201, 1, 100, Request.Form("Username")) ' adLongVarChar MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param2", 201, 1, 100, Request.Form("Password")) ' adLongVarChar MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param3", 201, 1, 255, Request.Form("FirstName")) ' adLongVarChar MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param4", 201, 1, 255, Request.Form("Surname")) ' adLongVarChar MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param5", 201, 1, 255, Request.Form("EmailAddress")) ' adLongVarChar MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param6", 5, 1, -1, MM_IIF(Request.Form("AccessID"), Request.Form("AccessID"), null)) ' adDouble MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param7", 201, 1, 255, ActivationKey) ' adLongVarChar MM_editCmd.Execute MM_editCmd.ActiveConnection.Close ' append the query string to the redirect URL Dim MM_editRedirectUrl MM_editRedirectUrl = "email.asp?ID=" & Request.Form("EmailAddress") & "&U=" & Request.Form("Username") & "&P=" & Request.Form("Password") & "&K=" & ActivationKey If (Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0) Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If Response.Redirect(MM_editRedirectUrl) End If End If %> <% ' *** Validate request to log in to this site. MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString) MM_valUsername = CStr(Request.Form("txtUsername")) If MM_valUsername <> "" Then Dim MM_fldUserAuthorization Dim MM_redirectLoginSuccess Dim MM_redirectLoginFailed Dim MM_loginSQL Dim MM_rsUser Dim MM_rsUser_cmd MM_fldUserAuthorization = "AccessID" MM_redirectLoginSuccess = "index.asp" MM_redirectLoginFailed = "index.asp?Error=InvUID" MM_loginSQL = "SELECT UID, Username, Password, FirstName, Surname, EmailAddress, ActivationKey" If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization MM_loginSQL = MM_loginSQL & " FROM hcforum.users WHERE Username = ? AND Password = ?" Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command") MM_rsUser_cmd.ActiveConnection = MM_Forum_STRING MM_rsUser_cmd.CommandText = MM_loginSQL MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 100, MM_valUsername) ' adVarChar MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 100, Request.Form("txtPassword")) ' adVarChar MM_rsUser_cmd.Prepared = true Set MM_rsUser = MM_rsUser_cmd.Execute If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername Session("MM_FullName") = MM_rsUser.Fields.Item("FirstName").Value + " " + MM_rsUser.Fields.Item("Surname").Value Session("MM_EmailAdd") = MM_rsUser.Fields.Item("EmailAddress").Value Session("MM_UID") = MM_rsUser.Fields.Item("UID").Value If (MM_fldUserAuthorization <> "") AND (MM_rsUser.Fields.Item("ActivationKey").Value = "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "#" End If if CStr(Request.QueryString("accessdenied")) <> "" And true Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If %> | The Glass Forum | Powered By Hayden Craft |
Hayden Craft <%= Advert %>
| Forum Home || Our Home Page || Contact Us |
Welcome to The Glass Forum
<% If Session("MM_Username") = "" Then %>
Username: Password:

[Forgot my password] [Register]
You are welcome to view this forum. If you wish to post a comment or start a new topic, you will be required to log in first.
If you do not yet have a username and password, please click here to register. <%Else%> You are logged in as <%= Session("MM_FullName") %>. [Logout] <%End If%>
The Glass Forum
Register

<%= ErrorMsg %>
Username: " size="32">
Password: " size="32" maxlength="15">
Confirm Password:
First Name: " size="32">
Surname: " size="32">
Email Address: " size="32" />
Confirm Email Address: " size="32" />
 

 

© 2006 Hayden Craft
Proudly designed by Brendan Hayden