>>Shinwon-felt........

<% Option Explicit %> <% Response.Expires=-1 %> <%response.buffer = true%> <% call bad_ipcheck(objConn) Dim file_code, file_name file_name = "freeboard_write.htm" country_code = "jap" file_code = file_code_val(file_name, objConn, country_code) If file_code <> "false" Then call Plus_count(objConn, file_code) End If %> <% Dim action, Start_page action = Request("action") Start_page = Request("Start_page") Dim uid, user_name, user_passwd, user_email, user_home, subject, content, write_date, ip_address Dim action_query, action_result If action = "modify" Then action = "modifyok" uid = Request("uid") action_query = "SELECT * FROM " & free_board & " WHERE uid="&uid Set action_result = objConn.Execute(action_query) user_name = action_result("user_name") user_passwd = action_result("user_passwd") user_email = action_result("user_email") user_home = action_result("user_home") user_name = ReplaceTag2Text(user_name) subject = action_result("subject") subject = ReplaceTag2Text(subject) content = action_result("content") ElseIf action = "modifyok" Then user_name = ReplaceApoToNull(Request.Form("user_name")) user_passwd = ReplaceApoToNull(Trim(Request.Form("user_passwd"))) user_email = ReplaceApoToNull(Trim(Request.Form("user_email"))) subject = ReplaceApoToNull(Request.Form("subject")) content = ReplaceApoToNull(Request.Form("content")) If user_name <> "" and user_passwd <> "" and subject <> "" and content <> "" Then uid = int(Request.Form("uid")) action_query = "UPDATE "& free_board &" SET " action_query = action_query & " user_name='"&user_name&"'," action_query = action_query & " user_passwd='"&user_passwd&"'," action_query = action_query & " user_email='"&user_email&"'," action_query = action_query & " user_home='"&user_home&"'," action_query = action_query & " subject='"&subject&"'," action_query = action_query & " content='"&content&"'" action_query = action_query & " WHERE uid="&uid Set action_result = objConn.Execute(action_query) Response.Write ("") Response.Write("" ) Response.End Else Response.Write ("") Response.End End If ElseIf action = "reply" Then action = "replyok" uid = Request.QueryString("uid") action_query = "SELECT content FROM "&free_board&" WHERE uid="&uid Set action_result = objConn.Execute(action_query) content = action_result("content") ElseIf action = "replyok" Then Dim Fid_query, Fid_result, Q_fid, Q_thread, Q_parent, thread uid = int(Request.Form("uid")) user_name = ReplaceApoToNull(Request.Form("user_name")) user_passwd = ReplaceApoToNull(Trim(Request.Form("user_passwd"))) user_email = ReplaceApoToNull(Trim(Request.Form("user_email"))) subject = ReplaceApoToNull(Request.Form("subject")) content = ReplaceApoToNull(Request.Form("content")) write_date = Now ip_address = Request.ServerVariables("REMOTE_ADDR") Fid_query = "SELECT fid,thread,parent FROM "&free_board&" WHERE uid="&uid 'fid query Set Fid_result = objConn.Execute(Fid_query) Q_fid = Fid_result("fid") Q_thread = Fid_result("thread") Q_parent = Fid_result("parent") + 1 If Q_thread > 1 Then thread = Q_thread Else Dim Thread_query, Thread_result Thread_query = "SELECT count(uid) FROM "&free_board&" WHERE fid="&Q_fid Set Thread_result = objConn.Execute(Thread_query) thread = Thread_result(0) + 1 Thread_result.close Set Thread_result = Nothing End if Fid_result.close Set Fid_result = Nothing subject = "[RE]"&subject If user_name <> "" and user_passwd <> "" and subject <> "" and content <> "" Then action_query = "INSERT INTO "& free_board &" (fid,thread,parent,user_name,user_passwd,user_email,user_home,accept_ip,subject,content,write_date,country_code)" action_query = action_query & " VALUES ("&Q_fid&","&thread&","&Q_parent&"," action_query = action_query & "'"&user_name&"'," action_query = action_query & "'"&user_passwd&"'," action_query = action_query & "'"&user_email&"'," action_query = action_query & "'"&user_home&"'," action_query = action_query & "'"&ip_address&"'," action_query = action_query & "'"&subject&"'," action_query = action_query & "'"&content&"'," action_query = action_query & "'"&write_date&"'," action_query = action_query & "'"&country_code&"')" Set action_result = objConn.Execute(action_query) Response.Write ("") Response.Write("" ) Response.End Else Response.Write ("") Response.End End If ElseIf action = "writeok" Then user_name = ReplaceApoToNull(Request.Form("user_name")) user_passwd = ReplaceApoToNull(Trim(Request.Form("user_passwd"))) user_email = ReplaceApoToNull(Trim(Request.Form("user_email"))) subject = ReplaceApoToNull(Request.Form("subject")) content = ReplaceApoToNull(Request.Form("content")) write_date = Now ip_address = Request.ServerVariables("REMOTE_ADDR") If user_name <> "" and user_passwd <> "" and subject <> "" and content <> "" Then action_query = "insert into "& free_board &"(user_name,user_passwd,user_email,user_home,accept_ip,subject,content,write_date,country_code)" action_query = action_query & " Values (" action_query = action_query & "'"&user_name&"'," action_query = action_query & "'"&user_passwd&"'," action_query = action_query & "'"&user_email&"'," action_query = action_query & "'"&user_home&"'," action_query = action_query & "'"&ip_address&"'," action_query = action_query & "'"&subject&"'," action_query = action_query & "'"&content&"'," action_query = action_query & "'"&write_date&"'," action_query = action_query & "'"&country_code&"')" Set action_result = objConn.Execute(action_query) Dim Uid_query, Uid_result, Uid_number Uid_query = "SELECT MAX(uid) FROM "&free_board Set Uid_result = objConn.Execute(Uid_query) Uid_number = int(Uid_result(0)) Fid_query = "UPDATE "& free_board Fid_query = Fid_query & " SET fid="&Uid_number&" WHERE uid="&Uid_number Set Fid_result = objConn.Execute(Fid_query) Response.Write ("") Response.Write("" ) Response.End Else Response.Write ("") Response.End End If Else action = "writeok" user_name = "" user_passwd = "" user_email = "" subject = "" content = "" End If %> >>Shinwon-felt........