<% 'Check if user is valid if session("uservalid") = "" then response.Redirect("register.asp") end if %> <% 'Check if Security is valid if session("Security") = "0" then response.Redirect("index.asp") end if %> <% 'Check if Security is valid if session("Security") = "1" then response.Redirect("index.asp") end if %> <% 'Check if Security is valid if session("Security") = "2" then response.Redirect("index.asp") end if %> <% 'declare your variables Dim Message, Author, PCaddress Dim sConnString, connection, sSQL ' Receiving values from Form, assign the values entered to variables Message = replace(request.Form("txtMessage"),"'","''") Author = replace(request.Form("txtAuthor"),"'","''") PCaddress =Request.ServerVariables("REMOTE_ADDR") Function AccessDateTime (dateandtime) Dim myDay Dim myMonth Dim myYear myDay = Day(dateandtime) If Len(myDay)=1 Then myDay="0" & myDay myMonth = Month(dateandtime) If Len(myMonth)=1 Then myMonth="0" & myMonth myYear = Year(dateandtime) AccessDateTime = myYear & "-" & myMonth & "-" & myDay & " " & Time() End Function 'declare SQL statement that will query the database sSQL = "INSERT into comments_tbl (Message, Author, PCaddress, dDate) values ('" & _ Message & "', '" & Author & "', '" & PCaddress & "', #" & AccessDateTime(NOW()) & "#)" 'define the connection string, specify database 'driver and the location of database sConnString="PROVIDER=Microsoft.Jet.OLEDB.4.0;" & _ "Data Source=D:\Sites\Pungo8\dadmin2\database\core.mdb;" & _ "Persist Security Info=False" 'create an ADO connection object Set connection = Server.CreateObject("ADODB.Connection") 'Open the connection to the database connection.Open(sConnString) 'execute the SQL connection.execute(sSQL) response.write "Thank You.
Your Comment was inserted successfully.
" ' Done. Close the connection object connection.Close Set connection = Nothing %>