<%
Dim sAction
sAction = CStr(Request.QueryString("action"))
IF sAction <> "" THEN
RedirHackers(sAction)
END IF
Select Case sAction
%>
<% Case "add"
%>
<%
Case "add2"
feedname = Trim(Request("name"))
RedirHackers(feedname)
feedname = Replace(feedname,"'","")
feedname = Replace(feedname,"""","")
feedname = Replace(feedname,"\","/")
feedname = Replace(feedname,"&","and")
feedname = stripHTML(feedname)
feedname = stripDSpaces(feedname)
feedemail = Request("email")
RedirHackers(feedemail)
feedtown = Trim(Request("city"))
RedirHackers(feedtown)
feedtown = Replace(feedtown,"'","")
feedtown = Replace(feedtown,"""","")
feedtown = Replace(feedtown,"\","/")
feedtown = Replace(feedtown,"&","and")
feedtown = stripHTML(feedtown)
feedtown = stripDSpaces(feedtown)
feedCountry = Trim(Request("Country"))
RedirHackers(feedCountry)
feedCountry = Replace(feedCountry,"'","")
feedCountry = Replace(feedCountry,"""","")
feedCountry = Replace(feedCountry,"\","/")
feedCountry = Replace(feedCountry,"&","and")
feedCountry = stripHTML(feedCountry)
feedCountry = stripDSpaces(feedCountry)
feedcomment = Trim(Request("feedcomment"))
RedirHackers(feedcomment)
feedcomment = Replace(feedcomment,"''","'")
feedcomment = Replace(feedcomment,"""","'")
feedcomment = Replace(feedcomment,"'","''")
feedcomment = Replace(feedcomment,"\","/")
feedcomment = Replace(feedcomment,"&","and")
feedcomment = Replace(feedcomment,vbcrlf,"XxXxX")
feedcomment = stripHTML(feedcomment)
feedcomment = Replace(feedcomment,"XxXxX"," ")
feedcomment = stripDSpaces(feedcomment)
confirmcode = Trim(Request("confirmcode"))
RedirHackers(confirmcode)
confirmcode = stripNumbers(confirmcode)
IF feedcomment = "" OR feedname = "" OR feedemail = "" THEN
errmsg = "You need to submit at least your name, email and comments! "
ELSE
errmsg = ""
END IF
Dim myArray(8)
myArray(0)="cialis"
myArray(1)="http"
myArray(2)="www"
myArray(3)="erection"
myArray(4)=".co.uk"
myArray(5)="viagra"
myArray(6)="medicine"
myArray(7)="URL="
myArray(8)="Doxycycline"
pos = 0
For iLoop = LBound(myArray) to UBound(myArray)
Set RegularExpressionObject = New RegExp
With RegularExpressionObject
.Pattern = myArray(iLoop)
.IgnoreCase = True
.Global = True
End With
Set expressionmatch = RegularExpressionObject.Execute(feedcomment)
If expressionmatch.Count > 0 Then
For Each expressionmatched in expressionmatch
IF expressionmatched <> "" THEN
pos = pos +1
END IF
Next
End If
Set RegularExpressionObject = nothing
Next
IF pos <> 0 THEN
errmsg = errmsg & "Ahh ... our system suggests your entry includes prohibited words, and may not have much to do with our websites content"
END IF
' confirm code
' check confirmcode is correct
IF confirmcode = "" THEN
confirmcode = 0
END IF
confirmcode = Clng(confirmcode)
myday = Day(Date())
Dim myArray2(7)
myArray2(0)="15"
myArray2(1)="18"
myArray2(2)="38"
myArray2(3)="24"
myArray2(4)="6"
myArray2(5)="67"
myArray2(6)="83"
myconfirmcode = confirmcode / myday / 113
For iLoop = LBound(myArray2) to UBound(myArray2)
If CStr(myArray2(iLoop)) = CStr(myconfirmcode) then
pos = True
End If
Next
IF pos <> True THEN
errmsg = errmsg & " The confirmation code seems to be incorrect. "
END IF
IF errmsg <> "" THEN
%>
<%
ELSE
%>
This is your feedback about our
website, is it correct? |
Comments |
<%= feedcomment %>
<%= feedname %> from <%= feedtown %>, <%= feedCountry %> |
Your E-mail |
<%= feedemail %> ... (This does not
show on public pages) |
|
|
<% END IF ' end error handling %>
<% Case "add3"
feedname = Trim(Request("name"))
RedirHackers(feedname)
feedname = Replace(feedname,"'","")
feedname = Replace(feedname,"""","")
feedname = Replace(feedname,"\","/")
feedname = Replace(feedname,"&","and")
feedname = stripHTML(feedname)
feedname = stripDSpaces(feedname)
feedemail = Request("email")
RedirHackers(feedemail)
feedtown = Trim(Request("city"))
RedirHackers(feedtown)
feedtown = Replace(feedtown,"'","")
feedtown = Replace(feedtown,"""","")
feedtown = Replace(feedtown,"\","/")
feedtown = Replace(feedtown,"&","and")
feedtown = stripHTML(feedtown)
feedtown = stripDSpaces(feedtown)
feedCountry = Trim(Request("Country"))
RedirHackers(feedCountry)
feedCountry = Replace(feedCountry,"'","")
feedCountry = Replace(feedCountry,"""","")
feedCountry = Replace(feedCountry,"\","/")
feedCountry = Replace(feedCountry,"&","and")
feedCountry = stripHTML(feedCountry)
feedCountry = stripDSpaces(feedCountry)
feedcomment = Trim(Request("feedcomment"))
RedirHackers(feedcomment)
feedcomment = Replace(feedcomment,"''","'")
feedcomment = Replace(feedcomment,"""","'")
feedcomment = Replace(feedcomment,"'","''")
feedcomment = Replace(feedcomment,"\","/")
feedcomment = Replace(feedcomment,"&","and")
feedcomment = Replace(feedcomment,vbcrlf,"XxXxX")
feedcomment = Replace(feedcomment," ","XxXxX")
feedcomment = stripHTML(feedcomment)
feedcomment = Replace(feedcomment,"XxXxX"," ")
feedcomment = stripDSpaces(feedcomment)
IF feedname <> "" AND feedcomment <> "" THEN
mySQL = "INSERT INTO mfeed VALUES(NULL,'" & feedname & "','" & feedemail & "','" & feedtown & "','" & feedCountry & "','" & feedcomment & "','0')"
adoConn.Execute(mySQL)
END IF
Response.Write "Thank YouYour comments have been successfully submitted and will be visible once a member of the website team has been able to approve the content is suitable for all "
Set mySQL = Nothing
%>
<% Case "edit"
feedname = Trim(Request("name"))
RedirHackers(feedname)
feedemail = Trim(Request("email"))
RedirHackers(feedemail)
feedtown = Trim(Request("city"))
RedirHackers(feedtown)
feedCountry = Trim(Request("Country"))
RedirHackers(feedCountry)
feedcomment = Request("feedcomment")
RedirHackers(feedcomment)
feedcomment = Replace(feedcomment," ",vbcrlf)
%>
<% Case "menu"
adoConn.Close
Set adoConn = Nothing
Response.Redirect "add_feed.asp?action=add"
%>
<%
Case Else ' menu
adoConn.Close
Set adoConn = Nothing
Response.Redirect "add_feed.asp?action=add"
%>
<%
End Select
%>
|