<%=request.QueryString("msg")%> <% if request.QueryString("s") = 2 then%> Thank you for your support. If you have selected public, your message will appear on the site after validated. You may get a response from of our team members about your message. Click here to go back to the home page Preview of your support message: <%reponse = "SELECT top 1 * FROM Support2 WITH (NOLOCK) WHERE semail = '" & request.QueryString("em") & "' order by SDate DESC" set comments=Server.CreateObject("ADODB.recordset") comments.Open reponse, dw, 3 support = 1 %>
" & LIDSelect("LID") & " OrderNo:" & LIDFind("LOrder")) LIDFind.movenext loop 'Response.Write(" Last person: " & LIDSelect("LID")) if cint(LIDSelect("LID")) => LIDFind.recordcount then 'max splits selectedusr = 1 else selectedusr = LIDFind("LOrder") + 1 end if 'Adds a record Function StrQuoteReplace(strValue) StrQuoteReplace = Replace(strValue, "'", "''") End Function send = true Memo = request.Form("SMemo") posnow = instr(Memo, "<") if instr(Memo, "<") > 0 then send = false end if if instr(Memo, ">") > 0 then send = false end if if instr(Memo, " 0 then send = false end if sql="INSERT INTO Support2 (SName,SMemo,SEmail,SDate,SIP,SPublic,SApproved,LID) VALUES ('" & StrQuoteReplace(request.Form("SName")) & "','" & StrQuoteReplace(Memo) & "','" & request.Form("SEmail") & "','" & now() & "','" & Request.ServerVariables("REMOTE_ADDR") & "', '" & Request.Form("SPublic") & "', 'False', '"& selectedusr & "')" if request.Form("SName") = "" then%> You did not input data. Please click here to go back and support Madeleine. <%else if send then dw.Execute sql end if LIDSelect.close LIDFind.close if send then response.Redirect("/send.asp?s=2&em=" & request.Form("SEmail")) else SendMail "Calum MacRae", "cmacrae@infohost.co.uk", StrQuoteReplace(request.Form("SName")), request.Form("SEmail"), StrQuoteReplace(Memo) response.Redirect("/send.asp?msg=Your input had keywords that are blocked.") end if %>Thank you for your support. If you have selected public, your message will appear on the site after validated. You may get a response from of our team members about your message. Click here to go back to the home page <%end if%> <%else%> <% if request.QueryString("cmd") = "edit" then sql="Delete From Support2 WHERE IDSupport = '" & request.QueryString("id") & "'" dw.Execute sql end if%>Please fill in this form to show your support. Please do not use symbols e.g. ' " & ( ) < > http: etc. If you do you will be blocked from sections of this website for a period of time. <%end if %> <%end if%> <%end if%> |