<%@ LANGUAGE="VBSCRIPT" %> <% '=============================================== ' Personals System 2002 ' ©2002 vSpin.net. www.vspin.net '=============================================== ' All rights reserved. ' Use of this code is covered by the terms and ' conditions in the license agreement. No ' unauthorized duplication or distribution is ' permitted. vSpin.net copyright notices must ' remain in the ASP sections of the code. '=============================================== %> <% if NOT request("id") = "" AND NOT request("uz") = "" then user = request("uz") id = request("id") ipaddy= Request.ServerVariables("REMOTE_ADDR") banpass = "banneduserxx" set rschk = Server.CreateObject("ADODB.Recordset") rschk.ActiveConnection = MM_conn_STRING rschk.Source = "SELECT p_user, p_ban FROM p_users WHERE p_user = '" + Replace(user, "'", "''") + "' AND p_id = " + Replace(id, "'", "''") + "" rschk.CursorType = 0 rschk.CursorLocation = 2 rschk.LockType = 3 rschk.Open() p_ban = rschk("p_ban") If Not rschk.EOF Or Not rschk.BOF Then Response.Buffer = True Response.Cookies("id") = "$" Response.Cookies("id").Expires = Date() + 1 Response.Cookies("access") = "$" Response.Cookies("access").Expires = Date() + 1 Response.Cookies("rest") = id Response.Cookies("rest").Expires = Date() + 365 Session.Abandon set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_users SET p_password = '" + Replace(banpass, "'", "''") + "' WHERE p_user = '" + Replace(user, "'", "''") + "' AND p_id = " + Replace(id, "'", "''") + " " rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() set rsup = nothing set rsup = Server.CreateObject("ADODB.Command") rsup.ActiveConnection = MM_conn_STRING rsup.CommandText = "UPDATE p_ads SET p_active = 1 WHERE p_user = '" + Replace(user, "'", "''") + "' " rsup.CommandType = 1 rsup.CommandTimeout = 0 rsup.Prepared = true rsup.Execute() set rsup = nothing Function DoSpace(str) DoSpace = (Replace(str, vbCrlf, "
")) End Function %> User ID: <% = user %>
IP Address: <% = ipaddy %>

Your computer has been banned from <% = website %> for the following reason(s):

<% = DoSpace(rschk("p_ban")) %>


Your account number is: <% = id %>

Do not lose this number. You may still plead your case with your provided account number.
You may do so by clicking here. <% rschk.close set rschk = nothing %> <% end if %> <% end if %> <% if NOT request("idd") = "" then id = request("idd") ipaddy= Request.ServerVariables("REMOTE_ADDR") set rschk = Server.CreateObject("ADODB.Recordset") rschk.ActiveConnection = MM_conn_STRING rschk.Source = "SELECT p_user, p_ban, p_id FROM p_users WHERE p_id = " + Replace(id, "'", "''") + "" rschk.CursorType = 0 rschk.CursorLocation = 2 rschk.LockType = 3 rschk.Open() Function DoSpace(str) DoSpace = (Replace(str, vbCrlf, "
")) End Function %> User ID: <% = rschk("p_user") %>
IP Address: <% = ipaddy %>

Your computer has been banned from <% = website %> for the following reason(s):

<% = DoSpace(rschk("p_ban")) %>


Your account number is: <% = rschk("p_id") %>

Do not lose this number. You may still plead your case with your provided account number.
You may do so by clicking ">here. <% rschk.close set rschk = nothing %> <% end if %> <% if NOT request("unrest") = "" then id = request("unrest") %> Plead your case.

Enter account number:

Enter your plead:

<% end if %> <% if NOT request("plead") = "" then Function sqlsafe(s) pos = InStr(s, "'") While pos > 0 s = Mid(s, 1, pos) & "'" & Mid(s, pos + 1) pos = InStr(pos + 2, s, "'") Wend sqlsafe=s End Function id = request("id") set rschk2 = Server.CreateObject("ADODB.Recordset") rschk2.ActiveConnection = MM_conn_STRING rschk2.Source = "SELECT p_user, p_ban FROM p_users WHERE p_id = " + Replace(id, "'", "''") + " AND p_password = 'banneduserxx'" rschk2.CursorType = 0 rschk2.CursorLocation = 2 rschk2.LockType = 3 rschk2.Open() If Not rschk2.EOF Or Not rschk2.BOF Then banreason = rschk2("p_ban") field1 = rschk2("p_user") field5 = request("plead") field2 = "Administration" field4 = "Banned User's Plead" field3 = field5 & vbCrLf & vbCrLf & "User was banned for the following reason(s):" & vbCrLf & vbCrLf & banreason Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open MM_conn_STRING sql1 = "insert into p_messages (field1,field2,field3,field4) values('"& field1 & "','"& field2 & "','"& sqlsafe(field3) & "','"& sqlsafe(field4) & "')" conn.execute(sql1) set conn = nothing end if rschk2.close Set rschk2 = nothing MM_conn_STRING.close Set MM_conn_STRING = nothing response.redirect("restricted.asp?thankyou=true") end if If request("thankyou") = "true" then %> Thank you,

Your plead was submitted. <% end if %> <% MM_conn_STRING.close Set MM_conn_STRING = nothing %>