<% '**************************************************************************************** '** Copyright Notice '** '** Web Wiz Guide - Web Wiz Journal '** '** Copyright 2001-2002 Bruce Corkhill All Rights Reserved. '** '** This program is free software; you can modify (at your own risk) any part of it '** under the terms of the License that accompanies this software and use it both '** privately and commercially. '** '** All copyright notices must remain in tacked in the scripts and the '** outputted HTML. '** '** You may use parts of this program in your own private work, but you may NOT '** redistribute, repackage, or sell the whole or any part of this program even '** if it is modified or reverse engineered in whole or in part without express '** permission from the author. '** '** You may not pass the whole or any part of this application off as your own work. '** '** All links to Web Wiz Guide and powered by logo's must remain unchanged and in place '** and must remain visible when the pages are viewed unless permission is first granted '** by the copyright holder. '** '** This program is distributed in the hope that it will be useful, '** but WITHOUT ANY WARRANTY; without even the implied warranty of '** MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR ANY OTHER '** WARRANTIES WHETHER EXPRESSED OR IMPLIED. '** '** You should have received a copy of the License along with this program; '** if not, write to:- Web Wiz Guide, PO Box 4982, Bournemouth, BH8 8XP, United Kingdom. '** '** '** No official support is available for this program but you may post support questions at: - '** http://www.webwizguide.info/forum '** '** Support questions are NOT answered by e-mail ever! '** '** For correspondence or non support questions contact: - '** info@webwizguide.com '** '** or at: - '** '** Web Wiz Guide, PO Box 4982, Bournemouth, BH8 8XP, United Kingdom '** '**************************************************************************************** 'Set the response buffer to true as we maybe redirecting Response.Buffer = True '*********************************************** 'Function to strip non alphanumeric characters for links and email addresses Private Function characterStrip(strTextInput) 'Dimension variable Dim intLoopCounter 'Holds the loop counter 'Loop through the ASCII characters For intLoopCounter = 0 to 37 strTextInput = Replace(strTextInput, CHR(intLoopCounter), "", 1, -1, 0) Next 'Loop through the ASCII characters For intLoopCounter = 39 to 44 strTextInput = Replace(strTextInput, CHR(intLoopCounter), "", 1, -1, 0) Next 'Loop through the ASCII characters numeric characters to lower-case characters For intLoopCounter = 65 to 94 strTextInput = Replace(strTextInput, CHR(intLoopCounter), "", 1, -1, 0) Next 'Loop through the extended ASCII characters For intLoopCounter = 123 to 125 strTextInput = Replace(strTextInput, CHR(intLoopCounter), "", 1, -1, 0) Next 'Loop through the extended ASCII characters For intLoopCounter = 127 to 255 strTextInput = Replace(strTextInput, CHR(intLoopCounter), "", 1, -1, 0) Next 'Strip individul ASCII characters left out from above left over strTextInput = Replace(strTextInput, CHR(59), "", 1, -1, 0) strTextInput = Replace(strTextInput, CHR(60), "", 1, -1, 0) strTextInput = Replace(strTextInput, CHR(62), "", 1, -1, 0) strTextInput = Replace(strTextInput, CHR(96), "", 1, -1, 0) 'Return the string characterStrip = strTextInput End Function '******************************************************* 'Dimension variables Dim rsSmut 'Database Recordset holding the smut table Dim rsAddJournalComments 'Database recordset to add new comments Dim strInputName 'Holds the Users name Dim strInputCountry 'Holds the users country Dim strInputEmailAddress 'Holds the Users e-mail address Dim strInputComments 'Holds the Users comments Dim saryCommentWord 'Array to hold each word in the comments enetred by the user Dim intCheckWordLengthLoopCounter 'Loop counter Dim intWordLength 'Holds the length of the word to be checked Dim blnWordLenthOK 'Boolean set to False if any words in the description are above 30 characters Dim intLongestWordLength 'Holds the number of characters in the longest word entered in the description Dim lngJournalID 'Holds the Journal item ID number Dim strEmailSubject 'Holds the subject of the e-mail notification Dim strEmailBody 'Holds the body of the e-mail Dim blnEmailSent 'Set to tru if the e-mail is sent Dim blnAlreadyPostsed 'Set to true if the person has already posted comments in for this Journal item 'Read in the ID number of the Journal item we are looking at the comments of If isNull(Request.QueryString("JournalID")) = True Or isNumeric(Request.QueryString("JournalID")) = False Then Response.Write "Journal_comments.asp" Else lngJournalID = CLng(Request.QueryString("JournalID")) End If 'Read in user deatils from the comments form strInputName = Trim(Mid(Request.Form("name"), 1, 30)) strInputCountry = Trim(Mid(Request.Form("country"), 1, 40)) strInputEmailAddress = Trim(Mid(Request.Form("email"), 1, 50)) strInputComments = Trim(Request.Form("comments")) 'Strip HTML tags strInputName = Replace(strInputName, "<", "<", 1, -1, 1) strInputName = Replace(strInputName, ">", ">", 1, -1, 1) strInputComments = Replace(strInputComments, "<", "<", 1, -1, 1) strInputComments = Replace(strInputComments, ">", ">", 1, -1, 1) 'Strip malicious code from the homepage and email links strInputEmailAddress = characterStrip(LCase(strInputEmailAddress)) 'Split-up each word in the comments from the user to check that no word entered is over 50 characters saryCommentWord = Split(Trim(strInputComments), " ") 'Initialse the word length variable blnWordLenthOK = True 'Loop round to check that each word in the comments entered by the user is not above 50 characters For intCheckWordLengthLoopCounter = 0 To UBound(saryCommentWord) 'Initialise the intWordLength variable with the length of the word to be searched intWordLength = Len(saryCommentWord(intCheckWordLengthLoopCounter)) 'Get the number of characters in the longest word If intWordLength => intLongestWordLength Then intLongestWordLength = intWordLength End If 'If the word length to be searched is more than or equal to 50 then set the blnWordLegthOK to false If intWordLength => 50 Then blnWordLenthOK = False End If Next 'Change my own codes for bold and italic HTML tags back to the normal satndrd HTML tags now that the check for unwated HTML tags is over strInputComments = Replace(strInputComments, "[B]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[/B]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[I]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[/I]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[U]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[/U]", "", 1, -1, 1) 'Change the emotion symbols for the path to the relative smiley icon strInputComments = Replace(strInputComments, "[:)]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[;)]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:o]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:D]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:errr:]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:(]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:x]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:o)]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:oops:]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:star:]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[xx(]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[|)]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:V:]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[:^:]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[}:)]", "", 1, -1, 1) strInputComments = Replace(strInputComments, "[8D]", "", 1, -1, 1) 'Replace the vb new line code for the HTML new break code strInputComments = Replace(strInputComments, vbCrLf, "
") 'Get rid of repeated return key hits so there arn't two many new lines going half way down the page (
is the HTML tag for new line) 'Loop though the comments entered by the user till all cases of two new lines togather are replaced by one new line Do While InStr(1, strInputComments, "

" ,vbTextCompare) > 0 'Replace

with one case of
strInputComments = Replace(strInputComments , "

", "
") Loop 'Create recordset object Set rsSmut = Server.CreateObject("ADODB.Recordset") 'Replace swear words with other words with *** 'Initalise the SQL string with a query to read in all the words from the smut table strSQL = "SELECT tblSmut.* FROM tblSmut;" 'Open the recordset rsSmut.Open strSQL, strCon 'Loop through all the words to check for Do While NOT rsSmut.EOF 'Replace the swear words with the words in the database the swear words strInputComments = Replace(strInputComments, rsSmut("Smut"), rsSmut("Word_replace"), 1, -1, 1) strInputName = Replace(strInputName, rsSmut("Smut"), rsSmut("Word_replace"), 1, -1, 1) strInputCountry = Replace(strInputCountry, rsSmut("Smut"), rsSmut("Word_replace"), 1, -1, 1) 'Move to the next word in the recordset rsSmut.MoveNext Loop 'Reset recordset rsSmut.Close Set rsSmut = Nothing 'Create recorset object Set rsAddJournalComments = Server.CreateObject("ADODB.Recordset") 'Initalise the SQL string with a query to read in all the comments from the database strSQL = "SELECT TOP 1 tblComments.*, tblJournal.Journal_title FROM tblJournal INNER JOIN tblComments ON tblJournal.Journal_ID = tblComments.Journal_ID WHERE tblComments.Journal_ID = " & lngJournalID & " ORDER BY tblComments.Comment_ID DESC;" 'Set the cursor type property of the record set to Dynamic so we can navigate through the record set rsAddJournalComments.CursorType = 2 'Set the Lock Type for the records so that the record set is only locked when it is updated rsAddJournalComments.LockType = 3 'Open the recordset rsAddJournalComments.Open strSQL, strCon 'If cookies anti spam settings are enabled check a cookie has not already been set If blnCookieSet = True Then If CBool(Request.Cookies("WWGJournal")("Comments" & lngJournalID)) = True Then blnAlreadyPostsed = True End If 'If IP blooking ant-spam settings are enabled check the IP address of the last poster If blnIPBlocking = True Then If NOT rsAddJournalComments.EOF Then If rsAddJournalComments("IP") = Request.ServerVariables("REMOTE_ADDR") Then blnAlreadyPostsed = True End If End If 'Write to the database if there are no unwanted HTML tags or the word lengths in the commets entered by the user are OK If blnWordLenthOK = True AND blnAlreadyPostsed = False Then 'Add a new record to the recordset rsAddJournalComments.AddNew rsAddJournalComments.Fields("Name") = strInputName rsAddJournalComments.Fields("Country") = strInputCountry rsAddJournalComments.Fields("EMail") = strInputEmailAddress rsAddJournalComments.Fields("Comments") = strInputComments rsAddJournalComments.Fields("Journal_ID") = lngJournalID rsAddJournalComments.Fields("IP") = Request.ServerVariables("REMOTE_ADDR") 'Update the database with the new recordset rsAddJournalComments.Update 'Requery the database to make sure that the new comments have been added 'This will make the script wait until Database has updated itself as sometimes Access can be a little slow at updating rsAddJournalComments.Requery 'If cookies anti-spam settings are enabled set a cookie on the users machine If blnCookieSet = True Then Response.Cookies("WWGJournal")("Comments" & lngJournalID) = True Response.Cookies("WWGJournal").Expires = DateAdd("n", 30, Now()) End If 'If the Journal is configured to send an e-mail then send one If blnEmail = True Then 'Turn the smiley image paths back into text :) strInputComments = Replace(strInputComments, "", ":)", 1, -1, 1) strInputComments = Replace(strInputComments, "", ";)", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":o", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":D", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":errr:", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":(", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":x", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":o)", 1, -1, 1) strInputComments = Replace(strInputComments, "", "[:oops:]", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":X:", 1, -1, 1) strInputComments = Replace(strInputComments, "", "xx(", 1, -1, 1) strInputComments = Replace(strInputComments, "", "|)", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":V:", 1, -1, 1) strInputComments = Replace(strInputComments, "", ":^:", 1, -1, 1) strInputComments = Replace(strInputComments, "", "}:)", 1, -1, 1) strInputComments = Replace(strInputComments, "", "8D", 1, -1, 1) 'Initilise the subject of the e-mail strEmailSubject = "Site Journal Comment Notification" 'Initailise the e-mail body variable with the body of the e-mail strEmailBody = "Hi " strEmailBody = strEmailBody & "

This e-mail is automactically generated by the Site Journal on your web site." strEmailBody = strEmailBody & "
The following comment has been posted in the Journal Item, " & rsAddJournalComments.Fields("Journal_title") & ": -" strEmailBody = strEmailBody & "

Name: " & strInputName strEmailBody = strEmailBody & "
E-Mail: " & strInputEmailAddress strEmailBody = strEmailBody & "
Country: " & strInputCountry strEmailBody = strEmailBody & "
Comments: -
" & strInputComments 'Call the funtion to send the e-mail blnEmailSent = SendMail(strEmailBody, strWebSiteEmailAddress, strEmailSubject, strMailComponent) End If 'Reset Sever Objects rsAddJournalComments.Close Set rsAddJournalComments = Nothing Set adoCon = Nothing Set strCon = Nothing 'Return to the comments page Response.Redirect "journal_comments.asp?JournalID=" & lngJournalID & "&PagePosition=" & Request.QueryString("PagePosition") End If 'Reset Sever Objects rsAddJournalComments.Close Set rsAddJournalComments = Nothing Set adoCon = Nothing Set strCon = Nothing %> Sign the Guest Book
Journal Item Comments
" target="_self">Return to the the Journal Item
<% 'If word length is to long display an error message If blnAlreadyPostsed = True Then %> Our records show that you have already posted comments for this Journal Item
<% 'If the user has already posted display an error message Else %> Sorry, one or more of the words used in your Comments where to long

Edit my comments
<% End If %>



<% '***** START WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** If blnLCode = True Then Response.Write("Powered by Web Wiz Site Journal version 3.05") Response.Write("
Copyright ©2001-2002 Web Wiz Guide") End If '***** END WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** %>