<% @language="vbscript" %> <% entries = 50 %> mauroworld guestbook
<% '=============================================== '==================see entries====================== '=============================================== if request.querystring("action") = "" then %> <% set rs = server.createobject("ADODB.recordset") set rs2 = server.createobject("ADODB.recordset") rs2.open "select message_id from guestbook",con,3,1 totaal = rs2.recordcount set rs2 = nothing if request.querystring("start") <> "" and isnumeric(request.querystring("start")) then rs.open "select * from guestbook order by posted desc limit " & cint(request.querystring("start")) & ", " & entries & ";",con,3,1 else rs.open "select * from guestbook order by posted desc limit 0,50",con,3,1 end if 'onderstaande session variabele zegt dat eerst gastenboek moet "gelezen" zijn, pas daarna mag gepost worden ' = poging om spambots tegen te gaan session("eerstgelezen") = "ja" %>
Sign Guestbook

<% if rs.recordcount < 1 then %>

no messages yet

<% else rs.movefirst %> <% do while not(rs.EOF) message = Replace(rs("message"),vbcrlf,"
") %>

author : <%= rs("author") %>   <% if rs("email")<>"" then %>(">e-mail)<% end if %> <% if rs("website") <> "" then %> ("http://" then %>htpp://<%end if%><%= rs("website") %>">homepage)<% end if %>
date : <%= day(rs("posted"))%>-<%= month(rs("posted"))%>-<%= year(rs("posted"))%> : <%= lcase(formatdatetime(rs("posted"),vbshorttime)) %>
message :

<%= message %>
<% rs.movenext loop %> <% ' attempted pageing aantalpaginas = cint(totaal / entries) %> <% for i = 1 to aantalpaginas %> <%= i %> <% next %> <% end if %> <% rs.close con.close set rs=nothing set con = nothing %>

Sign Guestbook <% '=============================================== '============message to nasty ip===================== '=============================================== '---> versie : hardnekkig blocken elseif request.querystring("action")="sign" and (Request.ServerVariables("remote_addr") = "195.212.50.144" or Request.ServerVariables("remote_addr") = "194.7.166.58" or Request.ServerVariables("remote_addr") = "80.200.248.200") then con.close %>

 

<% '=============================================== '============sign the guestbook form=================== '=============================================== elseif request.querystring("action")="sign" then %> <% if request.querystring("error")<>"" then %>

* name and message are required fields

<% end if %>

name :

message :
e-mail :

website :

<% '=============================================== '==========add entry to guestbook (asp action)============== '=============================================== elseif request.querystring("action")="add" then ber = request.form("fmessage") ' block any spam-like words : instr(ber, "wordtoblock") > 0 if instr(ber, "casino") > 0 OR instr(ber, "viagra") > 0 OR instr(ber, " 0 OR instr(ber, "webspace") > 0 OR instr(ber, "tramadol") > 0 OR _ instr(ber, "cialis") > 0 OR instr(ber, "valium") > 0 OR instr(ber, "pussy") > 0 OR _ instr(ber, "pharmacy") > 0 OR instr(ber, "rolex") > 0 OR instr(ber, "xanax") > 0 OR _ instr(ber, "Usefull information") > 0 OR instr(ber, ".bravehost") > 0 OR instr(ber, ".ru") > 0 OR _ instr(ber, "useful site") > 0 OR instr(ber, "site is helpful") > 0 OR instr(ber, "Hot Galleries") > 0 OR _ instr(ber, "I will bookmark") > 0 OR instr(ber, "resource very") > 0 OR instr(ber, "very usefull resource") > 0 OR _ instr(ber, "onlinedating") > 0 OR instr(ber, "refinance home loan ") > 0 OR instr(ber, "bestmarket") > 0 OR _ instr(ber, "I bookmarked") > 0 OR instr(ber, "tramadol") > 0 OR instr(ber, ".atspace.") > 0 OR _ instr(ber, "vicodin") > 0 OR instr(ber, "cheap loans") > 0 OR instr(ber, "online dating") > 0 OR _ instr(ber, "<A href") > 0 OR instr(ber, "assfuck") > 0 OR _ session("eerstgelezen") <> "ja" then response.redirect "gb788845.asp" end if %> <% if request.form("fname") <> "" and ber <> "" then %> <% set rs = server.createobject("ADODB.recordset") rs.open "select * from guestbook",con,1,2 if request.form("fwebsite")<>"" then if left(request.form("fwebsite"),7) <> "http://" then website = "http://"&request.form("fwebsite") else website = request.form("fwebsite") end if end if themessage = replace(request.form("fmessage"),"<","<") theip = Request.ServerVariables("remote_addr") rs.addnew rs("author") = request.form("fname") rs("email") = request.form("femail") rs("website") = website rs("message") = themessage rs("posted") = now() rs("author_ip") = theip rs.update rs.close con.close set rs=nothing set con=nothing response.redirect "gb788845.asp" %> <% else set con=nothing response.redirect "gb788845.asp?action=sign&error=true" end if end if %>