Stephen Conley : Guestbook

<% If Request.Querystring("approve") <> "" and Request.Querystring("mID") <> "" then dbLoc = Server.MapPath("\database\guestbook.mdb") Set oConn = Server.CreateObject("ADODB.Connection") sConnString = "Provider=Microsoft.Jet.OLEDB.4.0;" & _ "Data Source=" & dbLoc & ";" & _ "Persist Security Info=False" oConn.Mode = 3 oConn.Open(sConnString) If Request.Querystring("approve") = "true" then sql = "update guestbook set approved = true where messageid = " & Request.Querystring("mID") End If If Request.Querystring("approve") = "false" then sql = "delete from guestbook where messageid = " & Request.Querystring("mID") End If 'response.write sql oConn.Execute(sql) Set oConn = nothing End If If Request.Form("comments") <> "" and Request.Form("name") <> "" then strName = replace(Request.Form("name"),"'","''") strEmail = replace(Request.Form("email"),"'","''") strComments = replace(Request.Form("comments"),"'","''") dbLoc = Server.MapPath("\database\guestbook.mdb") Set oConn = Server.CreateObject("ADODB.Connection") sConnString = "Provider=Microsoft.Jet.OLEDB.4.0;" & _ "Data Source=" & dbLoc & ";" & _ "Persist Security Info=False" oConn.Mode = 3 oConn.Open(sConnString) sql = "insert into guestbook (entrydate, name, email, comments) values(now,'" & strName & "','" & strEmail & "','" & strComments & "')" 'oConn.Execute(sql) sql = "select max(MessageID)from guestbook" Set RS = oConn.Execute(sql) MessageID = RS(0) sql = "select name, email, comments from guestbook where MessageID = " & MessageID Set RS = oConn.Execute(sql) name = RS(0) email = RS(1) comments = RS(2) Set RS = nothing Set oConn = nothing ApproveURL = "http://www.conleyart.com/guestbook.asp?approve=true&mID=" & MessageID DeleteURL = "http://www.conleyart.com/guestbook.asp?approve=false&mID=" & MessageID body = "A Guestbook entry was made at " & now & " that requires approval.
" &_ "The details are below. Use these links to approve the entry or delete it.

" &_ "Approve Entry Delete Entry

" &_ "Name: " & name & "
Email: " & email & "

" & comments Set objCDO = Server.CreateObject("CDONTS.NewMail") objCDO.BodyFormat = 0 objCDO.MailFormat = 0 'objCDO.To = "sconley@nep.net" objCDO.To = "kurt.dean@gmail.com" objCDO.From = "webmaster@conleyart.com" objCDO.Subject = "Guestbook Entry Requires Approval" objCDO.Body = body objCDO.Send Set objCDO = nothing End If %> Stephen Conley : Guestbook

conleyart.com : the art of Stephen Conley

: Home
: Bio
: Guestbook
: Contact

Early Work

Portraits

Recent Work

Animal Behavior

Comments

<% Set oConn = Server.CreateObject("ADODB.Connection") sConnString = "Provider=Microsoft.Jet.OLEDB.4.0;" & _ "Data Source=" & Server.MapPath("\database\guestbook.mdb") & ";" & _ "Persist Security Info=False" oConn.Open(sConnString) sql = "select * from guestbook where approved = true order by entryDate desc" Set RS = oConn.Execute(sql) Do While Not RS.EOF%> <% RS.MoveNext Loop Set RS = nothing Set oConn = nothing %>

<%=RS("name")%> <%if request.querystring("showemail")="Y" then response.write "
" & RS("email")%>

<%=RS("comments")%>