<%@ LANGUAGE="VBSCRIPT" %> WYSIWYG Text Editor <% for each item in request.servervariables response.write(item & " " & request.servervariables(item) & "
") next 'item %> <% passtest="0" username=request.form("username") if username="" then username=session("username") password=request.form("password") if password="" then password=session("password") if username="ryan.mcgreal" and password="mcgr1310" then passtest="1" session("username")=username session("password")=password else passtest="0" end if if passtest="0" then %> <% else formfilled=request.form("formfilled") auth_id=request.form("auth_id") title=request.form("title") title=SafeSQL(title) 'format date_issues thisdate=dateadd("h",3,now()) if month(thisdate)<10 then thismonth=0&month(thisdate) else thismonth=month(thisdate) end if if day(thisdate)<10 then thisday=0&day(thisdate) else thisday=day(thisdate) end if date_issued=year(thisdate) & "/" & thismonth & "/" & thisday & " " & cstr(FormatDateTime(thisdate,3)) pagecontent=request.form("pagecontent") if auth_id<>"" and title<>"" and pagecontent<>"" then ' ADD RECORD TO DATABASE Set Conn = Server.CreateObject("ADODB.Connection") MdbFilePath = "C:\hshome\hammerti\logs\rth.mdb" Conn.open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & MdbFilePath SQL="insert into blog ([auth_id], [title], [date_issued]) values (" & auth_id & ", '" & title & "', '" & date_issued & "')" response.write(SQL & "
") Set RS = Conn.Execute(SQL) SQL="select max(blog_id) as maxid from blog" Set RS = Conn.Execute(SQL) if not RS.EOF then id=RS.Fields("maxid") end if RS.Close Conn.Close Set Conn = Nothing ' POST TEXT FILE const ForWriting=2 rthpath = "C:\hshome\hammerti\logs\blog\" & id & ".inc" Set fs=CreateObject("Scripting.FileSystemObject") Set wfile=fs.OpenTextFile(rthpath,ForWriting,true) wfile.write(pagecontent) wfile.close set wfile = nothing set fs = nothing ' POST COMMENTS FILE rthpath = "C:\hshome\hammerti\logs\blog\comments\" & id & ".inc" Set fs=CreateObject("Scripting.FileSystemObject") Set wfile=fs.OpenTextFile(rthpath,ForWriting,true) wfile.write("" & vbcrlf) wfile.close set wfile = nothing set fs = nothing response.write("

RTH Blog

" & vbcrlf) response.write("

The blog item was created successfully as blog.asp?id=" & id & "!

" & vbcrlf) articletext="

" & title & "

" & vbcrlf articletext=articletext&"

By " & auth_id & "

" & vbcrlf articletext=articletext&pagecontent auth_id="" title="" pagecontent="" elseif formfilled="1" then response.write("

Please fill in every field.

") end if 'news item form has already been filled %>

Post RTH Blog Item

Input Form

Author:
Title:
Paste Blog Item (with HTML tags)
Edit Mode (Switch to Preview Mode) Preview Mode (Switch to Edit Mode) <%=pagecontent%>	Text Styles Block Styles Headings: Links & Anchors Images Lists Replace

<% response.write(articletext) end if 'login was successful %> <% Function SafeSQL(sqltext) sqltext=replace(sqltext,"'","'") SafeSQL=sqltext End Function %>

Username:
Password: