register.asp

电子商务网络购物系统

<% Option Explicit %>
<!-- #include file="includes/header.asp" -->
<!--#include file="functions/sendmail.asp" -->
<!--#include file="functions/editpost.asp" -->
<!--#include file="functions/formatpost.asp" -->
<!--#include file="includes/emoticons.asp" -->
<!--#include file="functions/hash.asp" -->
<%
Response.Buffer = True

Dim strUsername              
Dim strPassword               
Dim strUserCode        
Dim strEmail                
Dim intUsersGroupID         
Dim blnShowEmail         
Dim strLocation            
Dim strHomepage             
Dim strAvatar               
Dim strCheckUsername         
Dim blnAutoLogin               
Dim strImageFileExtension      
Dim blnAccountReactivate     
Dim blnSentEmail             
Dim strEmailBody              
Dim strSubject            
Dim strSignature          
Dim intForumID                
Dim strICQNum              
Dim strAIMAddress          
Dim strMSNAddress           
Dim strYahooAddress        
Dim strjob          
Dim strInterests             
Dim dtmDateOfBirth           
Dim blnPMNotify           
Dim strmistWord           
Dim strmistWordReplace       
Dim strMode                  
Dim blnEmailOK               
Dim blnUsernameOK          
Dim intForumStartingGroup     
Dim strSalt                  
Dim strEncyptedPassword      
Dim blnPasswordChange         
Dim blnEmailBlocked           
Dim strCheckEmailAddress     
Dim lngUserProfileID          
Dim blnAdminMode         
Dim blnUserActive           
Dim lngPosts                 
Dim intDOBYear
Dim intDOBMonth
Dim intDOBDay	
Dim strRealName	
Dim strMemberTitle

blnUsernameOK = True
blnEmailOK = True
blnShowEmail = False
blnAutoLogin = True
blnAccountReactivate = False
blnWYsiWYGEditor = True
blnAttachSignature = True
blnPasswordChange = False
blnEmailBlocked = False
blnAdminMode = False
lngUserProfileID = lngLoggedInUserID


strMode = Request.Form("mode")
If Request("M") = "A" Then blnAdminMode = True
If Request.Form("Reg") <> "OK" AND strMode = "reg" Then
        Set rsConn = Nothing
	adoCon.Close
	Set adoCon = Nothing
        Response.Redirect("reg.asp?fid=" & intForumID)
End If
If (strMode = "new" OR strMode = "reg") AND intGroupID <> 2 Then strMode = ""
If (intGroupID = 2 OR blnActiveMember = False) AND NOT (strMode = "reg" OR strMode = "new") Then
        Set rsConn = Nothing
	adoCon.Close
	Set adoCon = Nothing
        Response.Redirect("nopermission.asp?fid=" & intForumID)
End If

If blnAdminMode Then
        If blnAdmin = False Then
                strSQL = "SELECT timesaccess.Moderate "
                strSQL = strSQL & "FROM timesaccess "
                strSQL = strSQL & "WHERE timesaccess.grpid = " & intGroupID & " AND  timesaccess.Moderate = True;"
                rsConn.Open strSQL, adoCon
                If NOT rsConn.EOF Then blnModerator = True
                rsConn.Close
        End If
        lngUserProfileID = CLng(Request("pf"))
        blnEmailActivation = False
        If (blnAdmin = False AND blnModerator = False) Then
                Set rsConn = Nothing
		adoCon.Close
		Set adoCon = Nothing
                Response.Redirect("nopermission.asp?fid=" & intForumID)
        End If
End If
If blnAdminMode AND blnAdmin AND strMode = "update" AND Request.Form("delete") Then
        Set rsConn = Nothing
	adoCon.Close
	Set adoCon = Nothing
	Response.Redirect("delmember.asp?MID=" & lngUserProfileID)
End If
If strMode = "update" OR strMode = "new" Then
	Call checkSessionID(Request.Form("sessionID"))
        If strMode = "new" Then strUsername = Trim(Mid(Request.Form("name"), 1, 15))
        strPassword = LCase(Trim(Mid(Request.Form("password"), 1, 15)))
        strEmail = Trim(Mid(Request.Form("email"), 1, 60))
        blnShowEmail = CBool(Request.Form("emailShow"))
        strRealName = Trim(Mid(Request.Form("realName"), 1, 27))
        strLocation = Request.Form("location")
        strHomepage = Trim(Mid(Request.Form("homepage"), 1, 48))
        strSignature = Mid(Request.Form("signature"), 1, 200)
        blnAutoLogin = CBool(Request.Form("Login"))
        strDateFormat = Trim(Mid(Request.Form("dateFormat"), 1, 10))
        strTimeOffSet = Trim(Mid(Request.Form("serverOffSet"), 1, 1))
        intTimeOffSet = CInt(Request.Form("serverOffSetHours"))
        blnReplyNotify = CBool(Request.Form("replyNotify"))
        blnAttachSignature = CBool(Request.Form("attachSig"))
        blnWYsiWYGEditor = CBool(Request.Form("ieEditor"))
        If isNumeric(Request.Form("ICQ")) Then strICQNum = Trim(Mid(Request.Form("ICQ"), 1, 15))
        strAIMAddress = Trim(Mid(Request.Form("AIM"), 1, 60))
        strMSNAddress = Trim(Mid(Request.Form("MSN"), 1, 60))
        strYahooAddress = Trim(Mid(Request.Form("Yahoo"), 1, 60))
        strjob = Mid(Request.Form("job"), 1, 40)
        strInterests = Mid(Request.Form("interests"), 1, 130)
        If Request.Form("DOBday") <> 0 AND Request.Form("DOBmonth") <> 0 AND Request.Form("DOByear") <> 0 Then
        	dtmDateOfBirth = CDate(DateSerial(Request.Form("DOByear"), Request.Form("DOBmonth"), Request.Form("DOBday")))
	End If
        blnPMNotify = CBool(Request.Form("pmNotify"))
        If blnAdminMode Then
        	If lngUserProfileID > 2 Then blnUserActive = CBool(Request.Form("active"))
        	If lngUserProfileID > 2 Then intUsersGroupID = CInt(Request.Form("group"))
        	If isNumeric(Request.Form("posts")) Then lngPosts = CLng(Request.Form("posts"))
        	strMemberTitle = Trim(Mid(Request.Form("memTitle"), 1, 40))
        End If
        If blnAvatar = True Then
                strAvatar = Trim(Mid(Request.Form("txtAvatar"), 1, 95))
                If strAvatar = "http://" OR strAvatar = "" Then strAvatar = Trim(Request.Form("SelectAvatar"))
                If strAvatar = "" Then strAvatar = Request.Form("oldAvatar")
                If strAvatar = "avatars/blank.gif" Then strAvatar = ""
        Else
                strAvatar = ""
        End If
        strRealName = removeAllTags(strRealName)
        strRealName = formatInput(strRealName)
        strHomepage = formatLink(strHomepage)
        strHomepage = formatInput(strHomepage)
        strAIMAddress = formatLink(strAIMAddress)
        strAIMAddress = formatInput(strAIMAddress)
        strMSNAddress = formatLink(strMSNAddress)
        strMSNAddress = formatInput(strMSNAddress)
        strYahooAddress = formatLink(strYahooAddress)
        strYahooAddress = formatInput(strYahooAddress)
        strjob = removeAllTags(strjob)
        strjob = formatInput(strjob)
        strInterests = removeAllTags(strInterests)
        strInterests = formatInput(strInterests)
        strMemberTitle = removeAllTags(strMemberTitle) 
	strMemberTitle = formatInput(strMemberTitle)
        strSignature = FormatPost(strSignature)
	strSignature = FormatForumCodes(strSignature)
        strSignature = checkHTML(strSignature)
        If strHomepage = "http://" Then strHomepage = ""
        If strAvatar <> "" Then
                If inStr(1, strAvatar, ".", 1) = 0 Then
                        strAvatar = ""
                Else
                        strAvatar = checkImages(strAvatar)
                        strAvatar = formatInput(strAvatar)
                End If
        End If
        If strMode = "new" Then
                If strUsername = "" Then blnUsernameOK = False
                If InStr(1, strUsername, "admin", vbTextCompare) Then blnUsernameOK = False
                If InStr(1, strUsername, "password", vbTextCompare) Then blnUsernameOK = False
                If InStr(1, strUsername, "salt", vbTextCompare) Then blnUsernameOK = False
                If InStr(1, strUsername, "author", vbTextCompare) Then blnUsernameOK = False
                If InStr(1, strUsername, "code", vbTextCompare) Then blnUsernameOK = False
                If InStr(1, strUsername, "username", vbTextCompare) Then blnUsernameOK = False
                If InStr(1, strUsername, "N0act", vbTextCompare) Then blnUsernameOK = False
                strUsername = formatSQLInput(strUsername)
        End If
        strSQL = "SELECT timesword.* FROM timesword;"
        rsConn.Open strSQL, adoCon
        Do While NOT rsConn.EOF