Forkert - her kommer den...
<%@LANGUAGE=\"VBSCRIPT\"%>
<!-- #Include file=\"db\\Inc_Conn.asp\" -->
<%
set RsCat = Server.CreateObject(\"ADODB.Recordset\")
RsCat.ActiveConnection = strConn
RsCat.Source = \"SELECT tblCategory.nCategoryID, tblCategory.cCategory, tblSubCategory.nCategoryID AS nCategoryID2, tblSubCategory.nSubCategoryID, tblSubCategory.cSubCategory FROM tblCategory INNER JOIN tblSubCategory ON tblCategory.nCategoryID = tblSubCategory.nCategoryID ORDER BY tblCategory.nCategoryID, tblSubCategory.cSubCategory;\"
RsCat.CursorType = adOpenStatic
RsCat.CursorLocation = 2
RsCat.LockType = adLockOptimistic
RsCat.Open
%>
<%
\' *** Insert Record: construct a sql insert statement and execute it
MM_editAction = CStr(Request(\"URL\"))
If (Request.QueryString <> \"\") Then
MM_editAction = MM_editAction & \"?\" & Request.QueryString
End If
If (CStr(Request(\"MM_insert\")) <> \"\") Then
MM_tableName = \"tblAds\"
MM_fields = \"hiddenField,nUserID,none,none,NULL,txtTitle,cTitle,\',none,\'\',txtShortDescription,cShortDescription,\',none,\'\',txtDescription,cDescription,\',none,\'\',Category,cCategory,\',none,\'\',SubCategory,cSubCategory,\',none,\'\',country,cCountry,\',none,\'\',City,cCity,\',none,\'\',txtContact,cContact,\',none,\'\',dExpired,dExpiryDate,\',none,\'\',cNetAddress,cNetAddress,\',none,\'\'\"
MM_redirectPage = \"ModifyAds.asp?nUserID=\" & Session(\"Brugernavn\")
\' create the insert sql statement
MM_tableValues = \"\"
MM_dbValues = \"\"
MM_fieldsArray = Split(MM_fields, \",\")
For i = LBound(MM_fieldsArray) To UBound(MM_fieldsArray) Step 5
FormVal = CStr(Request.Form(MM_fieldsArray(i)))
Delim = MM_fieldsArray(i+2)
If (Delim = \"none\") Then Delim = \"\"
AltVal = MM_fieldsArray(i+3)
If (AltVal = \"none\") Then AltVal = \"\"
EmptyVal = MM_fieldsArray(i+4)
If (EmptyVal = \"none\") Then EmptyVal = \"\"
If (FormVal = \"\") Then
FormVal = EmptyVal
Else
If (AltVal <> \"\") Then
FormVal = AltVal
ElseIf (Delim = \"\'\") Then \' escape quotes
FormVal = \"\'\" & Replace(FormVal,\"\'\",\"\'\'\") & \"\'\"
Else
FormVal = Delim + FormVal + Delim
End If
End If
If (i <> LBound(MM_fieldsArray)) Then
MM_tableValues = MM_tableValues & \",\"
MM_dbValues = MM_dbValues & \",\"
End if
MM_tableValues = MM_tableValues & MM_fieldsArray(i+1)
MM_dbValues = MM_dbValues & FormVal
Next
MM_insertStr = \"insert into \" & MM_tableName & \" (\" & MM_tableValues & \") values (\" & MM_dbValues & \")\"
\' finish the sql and execute it
Set MM_insertCmd = Server.CreateObject(\"ADODB.Command\")
MM_insertCmd.ActiveConnection = strConn
MM_insertCmd.CommandText = MM_insertStr
MM_insertCmd.Execute
\' redirect with URL parameters
If (MM_redirectPage = \"\") Then
MM_redirectPage = CStr(Request(\"URL\"))
End If
If (InStr(1, MM_redirectPage, \"?\", vbTextCompare) = 0 And (Request.QueryString <> \"\")) Then
MM_redirectPage = MM_redirectPage & \"?\" & Request.QueryString
End If
Call Response.Redirect(MM_redirectPage)
End If
%>
<html>
<head>
<SCRIPT language=\"JavaScript\">
var Category = new Array(\"(\'Select Category\',\'\',true,true)\",<%
While NOT rsCat.EOF strCategory = (RsCat.Fields.Item(\"cCategory\").Value)
If strCategory <> strCategory2 Then%>
\"(\'<%=strCategory%>\')\"<%
Else
End If
strCategory2 = (RsCat.Fields.Item(\"cCategory\").Value)
rsCat.MoveNext()
If NOT rsCat.EOF Then
strCategory = (RsCat.Fields.Item(\"cCategory\").Value)
If strCategory <> strCategory2 Then Response.Write \",\"
End If
Wend
rsCat.MoveFirst() %>);
<%
strSubCategorySQL = (RsCat.Fields.Item(\"nCategoryID2\").Value)
For intCategory = 1 to 10
strCiteria = \"nCategoryID2 LIKE \'\" & strSubCategorySQL & \"\'\"
\'strCiteria = \"nCategoryID2 LIKE \'\" & (RsCat.Fields.Item(\"nCategoryID2\").Value) & \"\'\"
rsCat.Filter = strCiteria
If NOT rsCat.EOF Then
%>
var <%=(rsCat.Fields.Item(\"cCategory\").Value)%>Array = new Array(\"(\'Select SubCategory\',\'OTHER\',true,true)\",<%
While NOT rsCat.EOF
strSubCategory = (rsCat.Fields.Item(\"cSubCategory\").Value)
If strSubCategory <> strSubCategory2 Then%>
\"(\'<%=strSubCategory%>\')\"<%
Else
End If
strSubCategory2 = (rsCat.Fields.Item(\"cSubCategory\").Value)
rsCat.MoveNext()
If NOT rsCat.EOF Then
strSubCategory = (rsCat.Fields.Item(\"cSubCategory\").Value)
If strSubCategory <> strSubCategory2 Then Response.Write \",\"
End If
Wend
%>);
<%
rsCat.MoveFirst()
strSubCategorySQL = strSubCategorySQL + 1
End If
Next
rsCat.Filter = \"\"
rsCat.Close
%>
function populateSubCategory(inForm,selected)
{
var selectedArray = eval(selected + \"Array\");
while (selectedArray.length < inForm.SubCategory.options.length)
{
inForm.SubCategory.options[(inForm.SubCategory.options.length - 1)] = null;
}
for (var i=0; i < selectedArray.length; i++)
{
eval(\"inForm.SubCategory.options[i]=\" + \"new Option\" + selectedArray[i]);
}
if (inForm.Category.options[0].value == \'\')
{
inForm.Category.options[0]= null;
if ( navigator.appName == \'Netscape\')
{
if (parseInt(navigator.appVersion) < 4)
{
window.history.go(0);
}
else
{
if (navigator.platform == \'Win32\' || navigator.platform == \'Win16\')
{
window.history.go(0);
}
}
}
}
}
function VerifyData()
{
if (isTitle() && isShortDescription() && isDescription() && isCategory() && isCountry() && isCity() && isLink())
{
return true;
}
else
return false;
}
function isTitle()
{
smut=\" !\";
cmp=\"sex babes shit fuck damn porno < > cunt prick pecker ass \"
+\"asshole pedophile man-boy man/boy dong twat \";
txt=document.forms[0].elements[2].value;
tstx=\"\";
if (document.forms[0].elements[2].value == \'\')
{
alert(\"I\'m sorry. Title cannot be empty, as it is used to view your posting details\");
document.forms[0].elements[2].focus();
return false;
}
else
for (var i=0;i<16;i++)
{
pos=cmp.indexOf(\" \");
wrd=cmp.substring(0,pos);
wrdl=wrd.length
cmp=cmp.substring(pos+1,cmp.length);
while (txt.indexOf(wrd)>-1)
{
pos=txt.indexOf(wrd);
txt=txt.substring(0,pos)+smut.substring(0,wrdl)
+txt.substring((pos+wrdl),txt.length);
}
}
document.forms[0].elements[2].value=txt;
return true;
}
function isShortDescription()
{
smut=\" !\";
cmp=\"sex babes shit fuck damn porno < > cunt prick pecker ass \"
+\"asshole pedophile man-boy man/boy dong twat \";
txt=document.forms[0].elements[3].value;
tstx=\"\";
if (document.forms[0].elements[3].value == \'\')
{
alert(\"I\'m sorry. The -Short Description- field cannot be empty\");
document.forms[0].elements[3].focus();
return false;
}
else
for (var i=0;i<16;i++)
{
pos=cmp.indexOf(\" \");
wrd=cmp.substring(0,pos);
wrdl=wrd.length
cmp=cmp.substring(pos+1,cmp.length);
while (txt.indexOf(wrd)>-1)
{
pos=txt.indexOf(wrd);
txt=txt.substring(0,pos)+smut.substring(0,wrdl)
+txt.substring((pos+wrdl),txt.length);
}
}
document.forms[0].elements[3].value=txt;
return true;
}
function isDescription()
{
smut=\" !\";
cmp=\"sex babes shit fuck damn porno < > cunt prick pecker ass \"
+\"asshole pedophile man-boy man/boy dong twat \";
txt=document.forms[0].elements[4].value;
tstx=\"\";
if (document.forms[0].elements[4].value == \'\')
{
alert(\"I\'m sorry. The -Description- field cannot be empty\");
document.forms[0].elements[4].focus();
return false;
}
else
for (var i=0;i<16;i++)
{
pos=cmp.indexOf(\" \");
wrd=cmp.substring(0,pos);
wrdl=wrd.length
cmp=cmp.substring(pos+1,cmp.length);
while (txt.indexOf(wrd)>-1)
{
pos=txt.indexOf(wrd);
txt=txt.substring(0,pos)+smut.substring(0,wrdl)
+txt.substring((pos+wrdl),txt.length);
}
}
document.forms[0].elements[4].value=txt;
return true;
}
function isCountry()
{
smut=\" !\";
cmp=\"sex babes shit fuck damn porno < > cunt prick pecker ass \"
+\"asshole pedophile man-boy man/boy dong twat \";
txt=document.forms[0].elements[7].value;
tstx=\"\";
for (var i=0;i<16;i++)
{
pos=cmp.indexOf(\" \");
wrd=cmp.substring(0,pos);
wrdl=wrd.length
cmp=cmp.substring(pos+1,cmp.length);
while (txt.indexOf(wrd)>-1)
{
pos=txt.indexOf(wrd);
txt=txt.substring(0,pos)+smut.substring(0,wrdl)
+txt.substring((pos+wrdl),txt.length);
}
}
document.forms[0].elements[7].value=txt;
return true;
}
function isCity()
{
smut=\" !\";
cmp=\"sex babes shit fuck damn porno < > cunt prick pecker ass \"
+\"asshole pedophile man-boy man/boy dong twat \";
txt=document.forms[0].elements[8].value;
tstx=\"\";
for (var i=0;i<16;i++)
{
pos=cmp.indexOf(\" \");
wrd=cmp.substring(0,pos);
wrdl=wrd.length
cmp=cmp.substring(pos+1,cmp.length);
while (txt.indexOf(wrd)>-1)
{
pos=txt.indexOf(wrd);
txt=txt.substring(0,pos)+smut.substring(0,wrdl)
+txt.substring((pos+wrdl),txt.length);
}
}
document.forms[0].elements[8].value=txt;
return true;
}
function isLink()
{
cntvalue=document.forms[0].elements[9].value;
cntemail=\'<a href=\"mailto:\' + cntvalue + \'\">\' + cntvalue + \'</a>\';
cntwebsite=\'<a href=\"
http://\' + cntvalue + \'\">\' + cntvalue + \'</a>\';
if (document.forms[0].selectContact.options[document.forms[0].selectContact.selectedIndex].value == \'email\')
{
document.forms[0].elements[9].value=cntemail;
return true;
}
else
if (document.forms[0].selectContact.options[document.forms[0].selectContact.selectedIndex].value == \'website\')
{
document.forms[0].elements[9].value=cntwebsite;
return true;
}
else
document.forms[0].elements[9].value=cntvalue;
return true;
}
function isCategory()
{
if (document.forms[0].Category.options[document.forms[0].Category.selectedIndex].value == \'\')
{
alert(\"Please select a category for posting\");
document.forms[0].Category.focus();
return false;
}
else
return true;
}
function isSubCategory()
{
if (document.forms[0].SubCategory.value == \'\')
{
alert(\"Please select a sub-category for posting\");
document.forms[0].SubCategory.focus();
return false;
}
else
return true;
}
</SCRIPT>
<title>[ .. ForskningsForum .. Den Akademiske Protal .. ]</title>
<style type=\"text/css\">
<!--
.txtwhite { color: #FFFFFF; text-decoration: underline}
-->
</style>
<link rel=\"stylesheet\" href=\"cssGlobal.css\">
</head>
<!-- #INCLUDE VIRTUAL=\"/inc/headerforside.asp\" -->
<body bgcolor=\"#18949C\" leftmargin=\"0\" link=\"#003F5C\" vlink=\"#003F5C\" alink=\"#003F5C\">
<table border=\"0\" width=\"516\" height=\"100%\">
<tr>
<td width=\"115\" valign=\"top\" align=\"middle\" height=\"100%\">
<!-- #INCLUDE VIRTUAL=\"/inc/leftmenu.asp\" -->
</td>
<td bgcolor=\"#FFFFFF\" width=\"650\" valign=\"top\" height=\"100%\">
<!-- Her er det reele indhold af siden. -->
<div align=\"center\">
<h1> </h1>
<h1><font face=\"Verdana, Arial, Helvetica, sans-serif\" color=\"#000080\">BaZar - Køb Salg Bytte</font></h1>
<table border=0 width=57%>
<tr align=CENTER>
<td width=33%><font face=\"Verdana, Arial, Helvetica, sans-serif\"><b><font size=\"2\"><a href=\"modifyAds.asp?nUserID=<%= Session(\"Brugernavn\") %>\">[Se/Ændre
Annoncer]</a></font></b></font></td>
<td width=33%>
<p><font face=\"Verdana, Arial, Helvetica, sans-serif\"><b><font size=\"2\">[Ny annonce]</font></b></font></p>
</td>
<td width=33%><font face=\"Verdana, Arial, Helvetica, sans-serif\"><b><font size=\"2\"><a href=\"Register.asp?Update=True\">[Registration
Info]</a></font></b></font></td>
</tr>
</table>
<h3><font face=\"Verdana, Arial, Helvetica, sans-serif\">Indsætte ny annonce</font></h3>
<form name=\"form1\" method=\"post\" action=\"<%=MM_editAction%>\" onSubmit=\"return VerifyData()\">
<table width=\"615\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">
<tr>
<td width=\"93\">
<input type=\"hidden\" name=\"cNetAddress\" value=\"<%= Request.ServerVariables(\"Remote_addr\")%>\">
</td>
<td width=\"500\">
<input type=\"hidden\" name=\"hiddenField\" value=\"<% = Session(\"Brugernavn\") %>\">
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">TITEL:</td>
<td width=\"500\">
<input type=\"text\" name=\"txtTitle\" maxlength=\"60\" size=\"60\">
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">KORT BESKRIVELSE:</td>
<td width=\"500\">
<input type=\"text\" name=\"txtShortDescription\" size=\"60\" value=\"\" maxlength=\"100\">
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">ANNONCE TEKST:</td>
<td width=\"500\">
<textarea name=\"txtDescription\" cols=\"51\" rows=\"4\"></textarea>
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">KATEGORI</td>
<%
set rsCategory = Server.CreateObject(\"ADODB.Recordset\")
rsCategory.ActiveConnection = strConn
rsCategory.Source = \"SELECT cCategory FROM tblCategory\"
rsCategory.CursorType = 0
rsCategory.CursorLocation = 2
rsCategory.LockType = 3
rsCategory.Open
rsCategory_numRows = 0
%>
<td width=\"500\">
<select name=\"Category\" onChange=\"populateSubCategory(document.form1,document.form1.Category.options[document.form1.Category.selectedIndex].value)\" size=\"1\">
<option>Vælg</option>
<%
While (NOT rsCategory.EOF)
%>
<option value=\"<%=(rsCategory.Fields.Item(\"cCategory\").Value)%>\"><%=(rsCategory.Fields.Item(\"cCategory\").Value)%></option>
<%
rsCategory.MoveNext()
Wend
%>
</select>
<% rsCategory.Close
Set rsCategory = Nothing
Set strConn = Nothing
%> </td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">SUB-KATEGORI</td>
<td width=\"500\">
<select name=\"SubCategory\" size=\"1\">
<option value=\"Vælg Under-kategori\">Vælg</option>
</select>
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">LAND</td>
<td width=\"500\">
<input type=\"text\" name=\"country\" size=\"20\" maxlength=\"20\">
BB<i><font size=\"1\" face=\"Verdana, Arial, Helvetica, sans-serif\">Undlad
at skrive her hvis din annonce skal være global</font></i></td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">BY</td>
<td width=\"500\">
<input type=\"text\" name=\"City\" size=\"20\" maxlength=\"20\"> <font size=\"1\" face=\"Verdana, Arial, Helvetica, sans-serif\"><i>Undlad
at skrive her hvis din annonce skal være global</i></font>
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td valign=\"top\" width=\"93\">NAVN & TLF/HJEMMESIDE/E-MAIL</td>
<td valign=\"top\" width=\"500\">
<input type=\"text\" name=\"txtContact\" size=\"60\">
<select name=\"selectContact\" size=\"1\">
<option value=\"email\">E-mail adresse</option>
<option value=\"website\">Hjemmeside</option>
<option value=\"other\">Fri tekst</option>
</select>
<br>
<i><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"1\">Skriv</font><font size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\">
</font><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"1\">din
</font><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"1\">adresse,
telefon nummer, Site <a href=\"
Http://www\">www</a>. etc. eller email
adresse</font></i><br>
<i><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"1\"><b>vigtigt</b><font size=\"2\">:
</font> </font><font size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\">Hvis
du vælger et</font><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"1\">
link til din website, skal du skrive adressen <b>uden</b> "
http://" (ex: "
www.minside.dk/index.htm")</font></i> <br>
</td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\">ANNONCE UDLØBER OM: </td>
<td width=\"500\">
<select name=\"dExpired\">
<option>3</option>
<option>5</option>
<option>7</option>
<option>15</option>
<option>30</option>
<option>60</option>
<option>90</option>
</select>
dage </td>
<td width=\"4\"> </td>
</tr>
<tr>
<td width=\"93\"> </td>
<td width=\"500\">
<input type=\"submit\" name=\"Submit\" value=\"Submit\">
<input type=\"reset\" name=\"Reset\" value=\"Reset\">
</td>
<td width=\"4\"> </td>
</tr>
</table>
<input type=\"hidden\" name=\"MM_insert\" value=\"true\">
</form>
<p> </p>
<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\" bgcolor=\"#FCEDB3\">
<tr>
<td colspan=\"3\">
<div align=\"center\"><a href=\"Main.asp\"><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"2\">[Forside]</font></a>
<font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"2\"><a href=\"Main.asp#Category\">[Kategorier]</a>
<a href=\"Search.asp?action=search\">[søg]</a> <a href=\"Search.asp?selectCategory=ALL&selectSubCategory=ALL&selectCountry=Any&selectCity=Any&Operator=Contains&Keyword=&Submit=Submit\">[seneste
annoncer]</a> <a href=\"login.asp\">[login]</a> <a href=\"/forside.asp\">[logout]</a></font></div>
</td>
</tr>
<tr>
<td> </td>
<td>
<div align=\"center\"><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=\"2\">copyright
© ForskningsForum.dk<br>
For yderligere information - kontakt<br>
<a href=\"mailto:BaZar@ForskningsForum.dk\">annoncer@ForskningsForum.dk</a></font></div>
</td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
</table>
<p> </p>
</div>
<%
Set MM_insertCmd = Nothing
%>
</body>
