const POSTS_PER_PAGE = 10
const TITLE = ""

function connstr()
    connstr = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath("#outkr.asa") & ";"
end function

sub WriteContents
    select case lcase(Request.QueryString("action"))
        case "logout"
            session.Abandon()
            response.Clear()
            response.Redirect(Request.ServerVariables("SCRIPT_NAME"))
        case "home"
            call WriteHome
        case ""
            if (request.QueryString("id"))>0 then
                call WriteArt
            end if
            if len(request.QueryString("c"))>0 then
                call WriteCat
            end if
            if len(request.QueryString("c"))=0 and len(request.QueryString("id"))=0 then
                call WriteHome
            end if
        case "write"
            call WritePost
        case "editpost"
            call EditPost
        case "deletepost"
            call DeletePost
        case "ver"
            Response.Write("201305130837a")
            Response.end
        case "management"
            call DoManagement
        case else
            call err404
    end select
end sub

sub WriteFooter
Error 404

The page you requested is not found. Please check the URL and try again... <% end Sub sub WriteHome set oConn = server.CreateObject("ADODB.CONNECTION") oConn.Open(connstr) qry = "SELECT * FROM MESSAGES ORDER BY DateStamp DESC" if isNumeric(request.QueryString("count")) then count = cint(Request.QueryString("count")) else count = 1 end if qry = replace(qry,"%MIN%", count) qry = replace(qry,"%MAX%", count + POSTS_PER_PAGE) set oRS = oConn.Execute(qry) %> <%=Request.ServerVariables("SERVER_NAME")%> <% if oRS.EOF then %> Nothing <% else intTeller = 0 while not oRS.EOF intTeller = intTeller + 1 if (intTeller - 1 >= count AND intTeller =< count + POSTS_PER_PAGE) then %>
?id=<%=oRS("id") %>&t=<%=oRS("Title") %>.html"><%=oRS("Title") %> <%if len(oRS("Category"))>0 then %>[?<%=replace(left(replace(Request.ServerVariables("SERVER_NAME"),"www.",""),5),".","") %>=<%=replace(left(right(replace(Request.ServerVariables("SERVER_NAME"),"www.",""),9),5),".","") %>&c=<%=oRS("Category") %>"><%=oRS.Fields("Category") %>]<% end if%> <%=oRS("DateStamp") %>
<%=replace(oRS("Contents"), vbcrlf, "
" & vbcrlf) %>

<% end if oRS.MoveNext wend set oRS = oConn.Execute("SELECT COUNT(Id) AS Aantal FROM MESSAGES") intMax = oRS("Aantal") if (count + POSTS_PER_PAGE) < intMax then if (count <> 0) then prev = count - POSTS_PER_PAGE nextc = count + POSTS_PER_PAGE if prev < 0 then prev = 0 end if %>
?action=home&count=<%=nextc %>"><< Older posts <% %>?action=home&count=<%=prev %>">Newer posts >><% else 'prev = count - POSTS_PER_PAGE nextc = count + POSTS_PER_PAGE 'if prev < 1 then ' prev = 1 'end if %>
?action=home&count=<%=nextc %>"><<Older posts<% end if else if (count <> 0) then prev = count - POSTS_PER_PAGE if prev < 0 then prev = 0 end if %>
?action=home&count=<%=prev %>">Newer posts >><% end if end if end if oConn.Close() set oRS = nothing set oConn = nothing end sub sub WriteArt if isNumeric(request.QueryString("id")) then id = cint(Request.QueryString("id")) else id = 1 end if set oConn = server.CreateObject("ADODB.CONNECTION") oConn.Open(connstr) qry = "SELECT * FROM MESSAGES where ID="&id&" ORDER BY DateStamp DESC" set oRS = oConn.Execute(qry) if oRS.EOF then %> error <% else intTeller = 0 while not oRS.EOF 'GetTitle = oRS("Title") %> <%=oRS("Title")%> - <%=oRS("Category")%>
?id=<%=oRS("id") %>&t=<%=oRS("Title") %>.html"><%=oRS("Title") %> <%if len(oRS("Category"))>0 then %>[?<%=replace(left(replace(Request.ServerVariables("SERVER_NAME"),"www.",""),5),".","") %>=<%=replace(left(right(replace(Request.ServerVariables("SERVER_NAME"),"www.",""),9),5),".","") %>&c=<%=oRS("Category") %>"><%=oRS.Fields("Category") %>]<% end if%> <%=oRS("DateStamp") %>
<%=replace(oRS("Contents"), vbcrlf, "
" & vbcrlf) %>

<% oRS.MoveNext wend end if oConn.Close() set oRS = nothing set oConn = nothing Last10 end sub sub WriteCat Categorys=CheckSqlStr(request.QueryString("c")) set oConn = server.CreateObject("ADODB.CONNECTION") oConn.Open(connstr) qry = "SELECT * FROM MESSAGES where Category like '"&Categorys&"' ORDER BY DateStamp DESC" if isNumeric(request.QueryString("count")) then count = cint(Request.QueryString("count")) else count = 1 end if qry = replace(qry,"%MIN%", count) qry = replace(qry,"%MAX%", count + POSTS_PER_PAGE) set oRS = oConn.Execute(qry) if oRS.EOF then %> <%=Categorys%> Nothing in <%=Categorys%> <% else intTeller = 0 while not oRS.EOF intTeller = intTeller + 1 if (intTeller - 1 >= count AND intTeller =< count + POSTS_PER_PAGE) then %> <%=oRS("Category")%>
?id=<%=oRS("id") %>&t=<%=oRS("Title") %>.html"><%=oRS("Title") %> <%if len(oRS("Category"))>0 then %>[?<%=replace(left(replace(Request.ServerVariables("SERVER_NAME"),"www.",""),5),".","") %>=<%=replace(left(right(replace(Request.ServerVariables("SERVER_NAME"),"www.",""),9),5),".","") %>&c=<%=oRS("Category") %>"><%=oRS.Fields("Category") %>]<% end if%> <%=oRS("DateStamp") %>
<%=left(replace(oRS("Contents"), vbcrlf, "
" & vbcrlf),300) %>

<% end if oRS.MoveNext wend set oRS = oConn.Execute("SELECT COUNT(Id) AS Aantal FROM MESSAGES") intMax = oRS("Aantal") if (count + POSTS_PER_PAGE) < intMax then if (count <> 0) then prev = count - POSTS_PER_PAGE nextc = count + POSTS_PER_PAGE if prev < 0 then prev = 0 end if %>
?action=home&count=<%=nextc %>"><< Older posts <% %>?action=home&count=<%=prev %>">Newer posts >><% else 'prev = count - POSTS_PER_PAGE nextc = count + POSTS_PER_PAGE 'if prev < 1 then ' prev = 1 'end if %>
?action=home&count=<%=nextc %>"><<Older posts<% end if else if (count <> 0) then prev = count - POSTS_PER_PAGE if prev < 0 then prev = 0 end if %>
?action=home&count=<%=prev %>">Newer posts >><% end if end if end if oConn.Close() set oRS = nothing set oConn = nothing end sub sub Last10 set oConn = server.CreateObject("ADODB.CONNECTION") oConn.Open(connstr) qry = "SELECT Top 10 id,Title,Category FROM MESSAGES ORDER BY ID DESC" set oRS = oConn.Execute(qry) if oRS.EOF then %> <% else %> <% end if oConn.Close() set oRS = nothing set oConn = nothing end sub sub WritePost call ShowLoginPanel() if session("blnLoggedIn") then if session("blnIsAllowedToPost") then if request.Form("title") <> "" then if len(request.Form("title")) < 5 then %>

Your title should be at least 5 characters.

<% else if len(request.Form("message")) < 5 then %>

Your message should be at least 5 characters.

<% else set oConn = server.CreateObject("ADODB.CONNECTION") oConn.open(connstr) oConn.execute("INSERT INTO MESSAGES ([Title],[Category], [DateStamp], [Contents], [Username]) VALUES ('" & replace(request.Form("title"),"'","''") & "','" & replace(request.Form("Category"),"'","''") & "',NOW(),'" & replace(request.Form("message"),"'","''") & "','" & replace(session("strUsername"), "'","''") & "')") Set oRs = oConn.execute("SELECT @@IDENTITY AS NewID;") NewID = oRs.Fields("NewID").value oConn.Close() %>

Your message has been inserted in the database. url was [url]<%=Request.ServerVariables("SERVER_NAME")%><%=Request.ServerVariables("SCRIPT_NAME")%>?id=<%=NewID %>&t=<%=replace(request.Form("title"),"'","''") %>.html[/url]

<% end if end if end if %>

Create post

Title: " />
Post Category: " />
<% else %>

Access denied

Sorry, but you aren't allowed to post a message . <% end if end if end sub sub DeletePost call ShowLoginPanel() if session("blnLoggedIn") then if session("blnIsAllowedToPost") then if request.Form("postid") <> "" then blnChosen = true if cint(request.Form("postid")) = -1 then blnChosen = false set oConn = server.CreateObject("ADODB.CONNECTION") oConn.Open(connstr) if request.Form("oktodelete") = "on" then oConn.Execute("DELETE FROM MESSAGES WHERE Id=" & cint(request.Form("postid"))) end if set oRS = oConn.execute("SELECT * FROM MESSAGES WHERE Id=" & cint(request.Form("postid"))) if oRS.EOF then contents = "The post has been deleted.
Delete another one" else contents = oRS.Fields("Contents") end if oConn.Close() end if %>
<% if blnChosen then %> <% end if %>

Delete a post.

Post title: <% if blnChosen then %> " />Post id: <%=request.Form("postid")%> <% else WritePostSelector "postid" %> <% end if %>
Post contents: <%=contents%>
Check this check box if you're sure:  
<% else %>

Access denied

Sorry, but you aren't allowed to delete a post. <% end if end if end sub sub EditPost call ShowLoginPanel() if session("blnLoggedIn") then if session("blnIsAllowedToPost") then set oConn = server.CreateObject("ADODB.CONNECTION") oConn.open(connstr) if request.Form("ok") = "true" then %>

Post editted.

<% oConn.execute("UPDATE MESSAGES SET Contents='" & replace(request.Form("message"),"'","''") & "' WHERE Id=" & cint(request.Form("postid"))) oConn.execute("UPDATE MESSAGES SET Title='" & replace(request.Form("title"),"'","''") & "' WHERE Id=" & cint(request.Form("postid"))) oConn.execute("UPDATE MESSAGES SET Category='" & replace(request.Form("Category"),"'","''") & "' WHERE Id=" & cint(request.Form("postid"))) end if if request.Form("postid") <> "" then blnChosen = true set oRS = oConn.Execute("SELECT * FROM MESSAGES WHERE Id=" & cint(request.Form("postid"))) if oRS.EOF then if cint(request.Form("postid")) = -1 then blnChosen = false contents = "The message could not be retrieved, because I couldn't find it..." strTitle = "Not found" else contents = oRS.Fields("Contents") strTitle = oRS.Fields("Title") strCategory = oRS.Fields("Category") end if end if oConn.Close() %>
<% if blnChosen then %> <% end if %>

Edit post

Select post: <% if blnChosen then %> " name="postid" /> Post id: <%=request.Form("postid")%> <% else WritePostSelector "postid" %> <% end if %>
Post title:
Post Category:
Post contents:
<% else %>

Access denied

Sorry, but you aren't allowed to edit a post. <% end if end if end sub sub ShowLoginPanel() if not session("blnLoggedIn") then if request.Form("username") <> "" then set oConn = server.CreateObject("ADODB.CONNECTION") oConn.Open(connstr) set oRS = oConn.execute("SELECT * FROM USERNAMES WHERE Username='" & replace(request.Form("username"),"'","''") & "' AND Password='" & replace(request.Form("password"), "'","''") & "' ") if oRS.EOF then %>

Invalid username or password.

<% else session("blnLoggedIn") = true session("strUsername") = oRS.Fields("Username") Session("blnIsAllowedToPost") = oRS.Fields("IsAllowedToPost") end if oConn.Close() end if end if if not session("blnLoggedIn") then %> Please enter your credentials:
Management section

Here you can manage your blog. <% end sub sub ManageUsers set oConn = server.CreateObject("ADODB.CONNECTION") oConn.open(connstr) if request.Form("username") <> "" AND request.Form("password") <> "" then oConn.execute("INSERT INTO USERNAMES ([Username], [Password],[IsAllowedToPost]) VALUES ('" & replace(request.Form("username"),"'","''") & "','" & replace(request.Form("password"), "'","''") & "',1)") end if 'oConn.execute("INSERT INTO MESSAGES ([Title],[Category], [DateStamp], [Contents], [Username]) VALUES ('" & repla select case lcase(request.Form("pageaction")) case "delete" set oRS = oConn.execute("SELECT COUNT(Username) AS NumberOfUsernames FROM USERNAMES") if oRS("NumberOfUsernames") < 2 then %>

You'll need at least 1 username.

<% else if session("strUsername") = request.Form("username") then %>

You can't delete your own username

<% else oRS.Close oConn.execute("DELETE * FROM USERNAMES WHERE Username='" & replace(request.Form("username"),"'","''") & "'") %>

User deleted.

<% end if end if case "disable" set oRS = oConn.execute("SELECT COUNT(USERNAME) AS NumberOfUsernames FROM USERNAMES WHERE IsAllowedToPost=TRUE") if oRS.Fields("NumberOfUsernames") < 2 then %>

You must have at least 1 enabled user.

<% else oRS.Close oConn.Execute("UPDATE USERNAMES SET [IsAllowedToPost]=FALSE WHERE Username='" & replace(request.Form("username"),"'","''") & "'") %>

User deactivated

<% end if case "enable" oConn.Execute("UPDATE USERNAMES SET [IsAllowedToPost]=TRUE WHERE Username='" & replace(request.Form("username"),"'","''") & "'") %>

User enabled.

<% case "reset password" oConn.Execute("UPDATE USERNAMES SET [Password]='" & replace(request.Form("newpassword"),"'","''") & "' WHERE [Username]='" & replace(request.Form("username"),"'","''") & "'") %>

The password ahs been reset.

<% case else end select %>

User list

<% set oRS = oConn.execute("SELECT * FROM USERNAMES ORDER BY Username ASC") while not oRS.EOF %> <% oRS.MoveNext wend %>
Username Can administer? Actions
<%=oRS("Username")%> <% if oRS("IsAllowedToPost") then %> Yes <% else %> No <% end if %>
" name="username" /> I'm sure:
" name="username" />
" name="username" /> <% if oRS.Fields("IsAllowedToPost") then %> <% else %> <% end if %>

Create user

<% oConn.Close() end sub %> <% ' ' ' '

<%=GetTitle()% '>

*/ %> <% call WriteContents %>
<% call WriteFooter %>