|
NetArchitect
Starting Member
USA
26 Posts |
 Posted - 29 January 2003 : 04:51:36
|
Hi All
I have re-developed a nice little Script for you to Add to your codebase if you want it. It plugs up most ALL of the Security holes for non members/non registered users for anyone running on the ServerHacker V8 Set-up as well as many others who have Modified Codebases which show menu's to unregistered guests - and non logged in members... Since I am running many versions of the Snitz Codebase, as well as a Couple other hybrids, I am constantly being challenged with new and exciting ways to stop the breaks in the code ect.
Anyhow Iam including it in this post. It is based on the Modified V8 Version, but not added anything else so modify & use accordingly.
It is called inc_header_login.asp
What it does is adds the Main menu of non access resources and shows the active users, but does not allow access to the site without being logged in. ie... it sends you back to the login page without throwing up sha errors.
I am running the text based menu when I developed this, so ya might want to tweak it accordingly.
Once you have it tweaked for your Menu Structure, Change the inc_header.asp to inc_header_login.asp on all the top level pages. There is also a faq tweak, I made which shows the faq, but only the top level menu. Try it out on Policy or register to make sure the settings are working for your site, then add it to:
faq.asp
policy.asp
password.asp
register.asp
and any other top level pages where people can get to upon entry, that will give them access to your site without being registered - or logged in. This will allow you to re - implement your "lost password" link page as well. To see what i am talking about before you implement it, log out, then as your logged check your menu structure/sub menu structure on your menus showing, to enter the site without being logged in, and get errors, click on Active Users while logged out. I Think you'll see what I mean. Also, when your logged out, click on live chat, it will take you there, but when you try to log in from there, it throws up sha errors. This will fix all that or most of it, I am still working on it.
Cheers, and keep up the great work
 The NetArchitect & Duskieone 
(The Full Code Modify Accordingly)
<%
'#################################################################################
'## Copyright (C) 2000-02 Michael Anderson, Pierre Gorissen,
'## Huw Reddick and Richard Kinser
'##
'## This program is free software; you can redistribute it and/or
'## modify it under the terms of the GNU General Public License
'## as published by the Free Software Foundation; either version 2
'## of the License, or any later version.
'##
'## All copyright notices regarding Snitz Forums 2000
'## must remain intact in the scripts and in the outputted HTML
'## The "powered by" text/logo with a link back to
'## http://forum.snitz.com in the footer of the pages MUST
'## remain visible when the pages are viewed on the internet or intranet.
'##
'## This program is distributed in the hope that it will be useful,
'## but WITHOUT ANY WARRANTY; without even the implied warranty of
'## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
'## GNU General Public License for more details.
'##
'## You should have received a copy of the GNU General Public License
'## along with this program; if not, write to the Free Software
'## Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
'##
'## Support can be obtained from support forums at:
'## http://forum.snitz.com
'##
'## Correspondence and Marketing Questions can be sent to:
'## reinhold@bigfoot.com
'##
'## or
'##
'## Snitz Communications
'## C/O: Michael Anderson
'## PO Box 200
'## Harpswell, ME 04079
'#################################################################################
%>
<!--#INCLUDE FILE="inc_func_common.asp" -->
<%
if strShowTimer = "1" then
'### start of timer code
Dim StopWatch(19)
sub StartTimer(x)
StopWatch(x) = timer
end sub
function StopTimer(x)
EndTime = Timer
'Watch for the midnight wraparound...
if EndTime < StopWatch(x) then
EndTime = EndTime + (86400)
end if
StopTimer = EndTime - StopWatch(x)
end function
StartTimer 1
'### end of timer code
end if
strArchiveTablePrefix = strTablePrefix & "A_"
strScriptName = request.servervariables("script_name")
if Application(strCookieURL & "down") then
if not Instr(strScriptName,"admin_") > 0 then
Response.redirect("down.asp")
end if
end if
if strPageBGImageURL = "" then
strTmpPageBGImageURL = ""
elseif Instr(strPageBGImageURL,"/") > 0 or Instr(strPageBGImageURL,"\") > 0 then
strTmpPageBGImageURL = " background=""" & strPageBGImageURL & """"
else
strTmpPageBGImageURL = " background=""" & strImageUrl & strPageBGImageURL & """"
end if
If strDBType = "" then
Response.Write "<html>" & vbNewLine & _
"<head>" & vbNewline & _
"<title>" & strForumTitle & "</title>" & vbNewline
'## START - REMOVAL, MODIFICATION OR CIRCUMVENTING THIS CODE WILL VIOLATE THE SNITZ FORUMS 2000 LICENSE AGREEMENT
Response.Write "<meta name=""copyright"" content=""This Forum code is Copyright (C) 2000-02 Michael Anderson, Pierre Gorissen, Huw Reddick and Richard Kinser, Non-Forum Related code is Copyright (C) " & strCopyright & """>" & vbNewline
'## END - REMOVAL, MODIFICATION OR CIRCUMVENTING THIS CODE WILL VIOLATE THE SNITZ FORUMS 2000 LICENSE AGREEMENT
Response.Write "</head>" & vbNewLine & _
"<body" & strTmpPageBGImageURL & " bgColor=""" & strPageBGColor & """ text=""" & strDefaultFontColor & """ link=""" & strLinkColor & """ aLink=""" & strActiveLinkColor & """ vLink=""" & strVisitedLinkColor & """>" & vbNewLine & _
"<table border=""0"" cellspacing=""0"" cellpadding=""5"" width=""50%"" height=""40%"" align=""center"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td bgColor=""navyblue"" align=""center""><p><font face=""Verdana, Arial, Helvetica"" size=""2"">" & _
"<b>There has been a problem...</b><br /><br />" & _
"Your <b>strDBType</b> is not set, please edit your <b>config.asp</b><br />to reflect your database type." & _
"</font></p></td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td align=""center""><font face=""Verdana, Arial, Helvetica"" size=""2"">" & _
"<a href=""default.asp"" target=""_top"">Click here to retry.</a></font></td>" & vbNewLine & _
" </tr>" & vbNewLine & _
"</table>" & vbNewLine & _
"</body>" & vbNewLine & _
"</html>" & vbNewLine
Response.End
end if
set my_Conn = Server.CreateObject("ADODB.Connection")
my_Conn.Open strConnString
if (strAuthType = "nt") then
call NTauthenticate()
if (ChkAccountReg() = "1") then
call NTUser()
end if
end if
if strGroupCategories = "1" then
if Request.QueryString("Group") = "" then
if Request.Cookies(strCookieURL & "GROUP") = "" Then
Group = 2
else
Group = Request.Cookies(strCookieURL & "GROUP")
end if
else
Group = cLng(Request.QueryString("Group"))
end if
'set default
Session(strCookieURL & "GROUP_ICON") = "icon_group_categories.gif"
Session(strCookieURL & "GROUP_IMAGE") = strTitleImage
'Forum_SQL - Group exists ?
strSql = "SELECT GROUP_ID, GROUP_NAME, GROUP_ICON, GROUP_IMAGE "
strSql = strSql & " FROM " & strTablePrefix & "GROUP_NAMES "
strSql = strSql & " WHERE GROUP_ID = " & Group
set rs2 = my_Conn.Execute (strSql)
if rs2.EOF or rs2.BOF then
Group = 2
strSql = "SELECT GROUP_ID, GROUP_NAME, GROUP_ICON, GROUP_IMAGE "
strSql = strSql & " FROM " & strTablePrefix & "GROUP_NAMES "
strSql = strSql & " WHERE GROUP_ID = " & Group
set rs2 = my_Conn.Execute (strSql)
end if
Session(strCookieURL & "GROUP_NAME") = rs2("GROUP_NAME")
if instr(rs2("GROUP_ICON"), ".") then
Session(strCookieURL & "GROUP_ICON") = rs2("GROUP_ICON")
end if
if instr(rs2("GROUP_IMAGE"), ".") then
Session(strCookieURL & "GROUP_IMAGE") = rs2("GROUP_IMAGE")
end if
rs2.Close
set rs2 = nothing
Response.Cookies(strCookieURL & "GROUP") = Group
Response.Cookies(strCookieURL & "GROUP").Expires = dateAdd("d", intCookieDuration, strForumTimeAdjust)
if Session(strCookieURL & "GROUP_IMAGE") <> "" then
strTitleImage = Session(strCookieURL & "GROUP_IMAGE")
end if
end if
strDBNTUserName = Request.Cookies(strUniqueID & "User")("Name")
strDBNTFUserName = trim(chkString(Request.Form("Name"),"SQLString"))
if strDBNTFUserName = "" then strDBNTFUserName = trim(chkString(Request.Form("User"),"SQLString"))
if strAuthType = "nt" then
strDBNTUserName = Session(strCookieURL & "userID")
strDBNTFUserName = Session(strCookieURL & "userID")
end if
if strRequireReg = "1" and strDBNTUserName = "" then
if not Instr(strScriptName,"policy.asp") > 0 and _
not Instr(strScriptName,"register.asp") > 0 and _
not Instr(strScriptName,"password.asp") > 0 and _
not Instr(strScriptName,"faq.asp") > 0 and _
not Instr(strScriptName,"login.asp") > 0 then
scriptname = split(request.servervariables("SCRIPT_NAME"),"/")
if Request.QueryString <> "" then
Response.Redirect("login.asp?target=" & lcase(scriptname(ubound(scriptname))) & "?" & Request.QueryString)
else
Response.Redirect("login.asp?target=" & lcase(scriptname(ubound(scriptname))))
end if
end if
end if
select case Request.Form("Method_Type")
case "login"
strEncodedPassword = sha256("" & Request.Form("Password"))
select case chkUser(strDBNTFUserName, strEncodedPassword,-1)
case 1, 2, 3, 4
Call DoCookies(Request.Form("SavePassword"))
strLoginStatus = 1
case else
strLoginStatus = 0
end select
case "logout"
Call ClearCookies()
end select
if trim(strDBNTUserName) <> "" and trim(Request.Cookies(strUniqueID & "User")("Pword")) <> "" then
chkCookie = 1
mLev = cLng(chkUser(strDBNTUserName, Request.Cookies(strUniqueID & "User")("Pword"),-1))
chkCookie = 0
else
MemberID = -1
mLev = 0
end if
select case Request.Form("Method_Type")
case "login"
if strLoginStatus = 1 then
AUHandleLoging()
end if
case "logout"
AUHandleLoging()
end select
ActiveUserTracker()
if mLev = 4 and strEmailVal = "1" and strRestrictReg = "1" and strEmail = "1" then
'## Forum_SQL - Get membercount from DB
strSql = "SELECT COUNT(MEMBER_ID) AS U_COUNT FROM " & strMemberTablePrefix & "MEMBERS_PENDING WHERE M_APPROVE = " & 0
set rs = Server.CreateObject("ADODB.Recordset")
rs.open strSql, my_Conn
if not rs.EOF then
User_Count = cLng(rs("U_COUNT"))
else
User_Count = 0
end if
rs.close
set rs = nothing
end if
Response.Write "<html>" & vbNewline & vbNewline & _
"<head>" & vbNewline & _
"<title>" & GetNewTitle(strScriptName) & "</title>" & vbNewline
'########################## serverhacker.com modz Dropdown Menu ##########################
'Response.Write "<script type=""text/javascript"" language=""javascript"" src=""resources/sniffer.js""></script>" & vbNewLine & _
' "<script type=""text/javascript"" language=""javascript1.2"" src=""resources/custom.js""></script>" & vbNewLine & _
' "<script type=""text/javascript"" language=""javascript1.2"" src=""resources/style.js""></script>" & vbNewLine
'########################## serverhacker.com modz Dropdown Menu ##########################
'## START - REMOVAL, MODIFICATION OR CIRCUMVENTING THIS CODE WILL VIOLATE THE SNITZ FORUMS 2000 LICENSE AGREEMENT
Response.Write "<meta name=""copyright"" content=""This Forum code is Copyright (C) 2000-02 Michael Anderson, Pierre Gorissen, Huw Reddick and Richard Kinser, Non-Forum Related code is Copyright (C) " & strCopyright & """>" & vbNewline
'## END - REMOVAL, MODIFICATION OR CIRCUMVENTING THIS CODE WILL VIOLATE THE SNITZ FORUMS 2000 LICENSE AGREEMENT
Response.Write "<script language=""JavaScript"" type=""text/javascript"">" & vbNewLine & _
"<!-- hide from JavaScript-challenged browsers" & vbNewLine & _
"function admin(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=750,height=500,scrollbars=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function viewfull(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=500,height=400,scrollbars=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindow(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=400,height=400')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindow2(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=400,height=450')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindow3(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=400,height=450,scrollbars=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindow4(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=400,height=525')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindow5(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=450,height=525,scrollbars=yes,toolbars=yes,menubar=yes,resizable=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindow6(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=500,height=450,scrollbars=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function openWindowHelp(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=470,height=200,scrollbars=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function openGameWindow(url) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width=full,height=full,scrollbars=no,menubar=no,resizable=yes')" & vbNewLine & _
"}" & vbNewLine & _
"// ################## Poll Mod ##################" & vbNewLine & _
"function openPollWindow(url,w,h) {" & vbNewLine & _
" popupWin = window.open(url,'new_page','width='+w+',height='+h+',scrollbars=yes')" & vbNewLine & _
"}" & vbNewLine & _
"function submitPoll(btnPressed) {" & vbNewLine & _
" btnPressed.disabled=true;" & vbNewLine & _
" if (btnPressed.name == ""results"") {" & vbNewLine & _
" document.Poll.Method_Type.value = ""guest_vote"";" & vbNewLine & _
" } else {" & vbNewLine & _
" document.Poll.Method_Type.value = ""member_vote"";" & vbNewLine & _
" }" & vbNewLine & _
" document.Poll.submit();" & vbNewLine & _
"}" & vbNewLine & _
"// #############################################" & vbNewLine & _
"function OpenSpellCheck()" & vbNewLine & _
"{" & vbNewLine & _
"var curCookie = ""strMessagePreview="" + escape(document.PostTopic.Message.value);" & vbNewLine & _
"document.cookie = curCookie;" & vbNewLine & _
"popupWin = window.open('pop_spellcheck.asp', 'preview_page', 'scrollbars=yes,width=650,height=400')" & vbNewLine & _
"}" & vbNewLine & _
"// done hiding -->" & vbNewLine & _
"</script>" & vbNewLine & _
"<style type=""text/css"">" & vbNewLine & _
"<!--" & vbNewLine
Response.Write "/* ##### Extended Color Code Mod ##### */" & vbNewLine & _
"body {Scrollbar-Face-Color:" & strScrollbarFaceColor & ";Scrollbar-Arrow-Color:" & strScrollbarArrowColor & ";Scrollbar-Track-Color:" & strScrollbarTrackColor & ";Scrollbar-Shadow-Color:" & strScrollbarShadowColor & ";Scrollbar-Highlight-Color:" & strScrollbarHighlightColor & ";Scrollbar-3Dlight-Color:" & strScrollbar3DlightColor & "}" & vbNewLine & _
"a:link {color:" & strLinkColor & ";background-color:" & strLinkBGColor & ";text-decoration:" & strLinkTextDecoration & "}" & vbNewLine & _
"a:visited {color:" & strVisitedLinkColor & ";background-color:" & strVisitedLinkBGColor & ";text-decoration:" & strVisitedTextDecoration & "}" & vbNewLine & _
"a:hover {color:" & strHoverFontColor & ";background-color:" & strHoverFontBGColor & ";text-decoration:" & strHoverTextDecoration & "}" & vbNewLine & _
"a:active {color:" & strActiveLinkColor & ";background-color:" & strActiveLinkBGColor & ";text-decoration:" & strActiveTextDecoration & "}" & vbNewLine & _
".spnMessageText a:link {color:" & strForumLinkColor & ";background-color:" & strForumLinkBGColor & ";text-decoration:" & strForumLinkTextDecoration & "}" & vbNewLine & _
".spnMessageText a:visited {color:" & strForumVisitedLinkColor & ";background-color:" & strForumVisitedLinkBGColor & ";text-decoration:" & strForumVisitedTextDecoration & "}" & vbNewLine & _
".spnMessageText a:hover {color:" & strForumHoverFontColor & ";background-color:" & strForumHoverFontBGColor & ";text-decoration:" & strForumHoverTextDecoration & "}" & vbNewLine & _
".spnMessageText a:active {color:" & strForumActiveLinkColor & ";background-color:" & strForumActiveLinkBGColor & ";text-decoration:" & strForumActiveTextDecoration & "}" & vbNewLine & _
"/* ################################### */" & vbNewLine
Response.Write "select {background-color:" & StrForumCellColor & "; color: " & StrDefaultFontColor & "; border-width:0; border-color:" & StrTableborderColor & "}" & vbNewLine & _
"textarea {background-color:" & StrForumCellColor & "; color: " & StrDefaultFontColor & "; border-width:1; border-color:" & StrTableborderColor & "}" & vbNewLine & _
"input.buttons {background-color:" & StrForumCellColor & "; color: " & StrDefaultFontColor & "; border-width:1; border-color:" & StrTableborderColor & "}" & vbNewLine & _
"input.buttons2 {background-color:" & StrAltForumCellColor & "; color: " & StrDefaultFontColor & "; border-width:1; border-color:" & StrTableborderColor & "}" & vbNewLine & _
"input.newLogin {background-color:" & StrForumCellColor & "; color:" & StrDefaultFontColor & "; border-width:1; border-color:" & StrTableborderColor & "}" & vbNewLine & _
"input.search {background-color:" & StrAltForumCellColor & "; color:" & StrDefaultFontColor & "; border-width:1; border-color:" & StrTableborderColor & "}" & vbNewLine & _
"input.radio {background-color:""; color:#000000}" & vbNewLine
Response.Write "a:link {color:" & strLinkColor & ";text-decoration:" & strLinkTextDecoration & "}" & vbNewLine & _
"a:visited {color:" & strVisitedLinkColor & ";text-decoration:" & strVisitedTextDecoration & "}" & vbNewLine & _
"a:hover {color:" & strHoverFontColor & ";text-decoration:" & strHoverTextDecoration & "}" & vbNewLine & _
"a:active {color:" & strActiveLinkColor & ";text-decoration:" & strActiveTextDecoration & "}" & vbNewLine & _
".spnMessageText a:link {color:" & strForumLinkColor & ";text-decoration:" & strForumLinkTextDecoration & "}" & vbNewLine & _
".spnMessageText a:visited {color:" & strForumVisitedLinkColor & ";text-decoration:" & strForumVisitedTextDecoration & "}" & vbNewLine & _
".spnMessageText a:hover {color:" & strForumHoverFontColor & ";text-decoration:" & strForumHoverTextDecoration & "}" & vbNewLine & _
".spnMessageText a:active {color:" & strForumActiveLinkColor & ";text-decoration:" & strForumActiveTextDecoration & "}" & vbNewLine & _
".spnSearchHighlight {background-color:" & strSearchHiLiteColor & "}" & vbNewLine & _
"-->" & vbNewLine & _
"</style>" & vbNewLine & _
"</head>" & vbNewLine & _
vbNewLine & _
"<body" & strTmpPageBGImageURL & " bgColor=""" & strPageBGColor & """ text=""" & strDefaultFontColor & """ link=""" & strLinkColor & """ aLink=""" & strActiveLinkColor & """ vLink=""" & strVisitedLinkColor & """ topmargin=""20"" leftmargin=""20"">" & vbNewLine
'########################## serverhacker.com modz Dropdown Menu ##########################
'Response.Write "<script type=""text/javascript"" language=""javascript1.2"" src=""resources/menu.js""></script>" & vbNewline
'########################## serverhacker.com modz Dropdown Menu ##########################
Response.Write "<a name=""top""></a><font face=""" & strDefaultFontFace & """>" & vbNewLine & _
"<table align=""center"" border=""0"" bgColor=""" & strPageBGColor & """ bordercolor=""" & strPageBGColor & """ cellPadding=""0"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td align=""left"" width=""20""><IMG SRC=""" & strImageURL & "table_top_left.gif"" WIDTH=20 HEIGHT=20></td>" & vbNewLine & _
" <td align=""center"" width=""100%"" background=""" & strImageURL & "table_top.gif""><IMG SRC=""" & strImageURL & "table_top.gif"" WIDTH=40 HEIGHT=20></td>" & vbNewLine & _
" <td align=""right"" width=""20""><IMG SRC=""" & strImageURL & "table_top_right.gif"" WIDTH=20 HEIGHT=20></td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td width=""20"" background=""" & strImageURL & "table_left.gif""><IMG SRC=""" & strImageURL & "table_left.gif"" WIDTH=20 HEIGHT=""100%""></td>" & vbNewLine & _
" <td width=""100%"">" & vbNewLine & _
"<table align=""center"" border=""0"" cellPadding=""0"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
"<td width=""50%"" height=""120"">" & vbNewLine
'"<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """><b>" & strForumTitle & "</b></font><br>" & vbNewLine & _
Response.Write "<a href=""" & strHomeURL & """ tabindex=""-1"">" & getCurrentIcon(strTitleImage & "||",strForumTitle,"") & "</a><br>" & vbNewLine & _
"</td>" & vbNewLine & _
" <td align=""right"" valign=""middle"" width=""50%"" height=""120"">" & vbNewLine & _
" <table border=""0"" cellPadding=""2"" cellSpacing=""0"">" & vbNewLine
'########################## serverhacker.com modz ##########################
select case Request.Form("Method_Type")
case "login"
Response.Write " </table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
"<tr>" & vbNewLine & _
"<td width=""100%"">" & vbNewLine & _
"<table border=""0"" bgcolor=""" & strTableBorderColor & """ align=""left"" cellPadding=""0"" cellSpacing=""1"" width=""100%"">" & vbNewLine & _
"<tr><td bgcolor=""" & StrHeadCellColor & """ height=""27"">" & vbNewLine & _
"<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """> " & vbNewLine& _
"</font></td></tr><tr><td bgcolor=""" & StrForumCellColor & """>" & vbNewLine
if strLoginStatus = 0 then
Response.Write "<p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """ color=""" & strDefaultFontColor & """><br><b>Your username and/or password were incorrect.</b></font></p>" & vbNewLine & _
"<p align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strHeaderFontSize & """ color=""" & strDefaultFontColor & """><b>Please either try again or register for an account.</b><br><br></font></p>" & vbNewLine & _
"<p align=""center""><a href=""sitenews.asp"">try again</a> | " & vbNewLine & _
"<a href=""register.asp"">register for an account</a></p>" & vbNewLine & _
"<table align=""center"" border=""0"" cellPadding=""0"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td>" & vbNewLine
else
Response.Write "<p align=""center""><font face=""" & strDefaultFontFace & """ size=3 color=""" & strDefaultFontColor & """><b><br>You are being logged on please standby...</font></b></p>" & vbNewLine & _
"<meta http-equiv=""Refresh"" content=""2; URL=" & Request.ServerVariables("HTTP_REFERER") & """>" & vbNewLine & _
"<br>" & vbNewLine & _
"<table align=""center"" border=""0"" cellPadding=""0"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td>" & vbNewLine
end if
WriteFooter
Response.End
case "logout"
Response.Write " </table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
"<tr>" & vbNewLine & _
"<td width=""100%"">" & vbNewLine & _
"<table border=""0"" bgcolor=""" & strTableBorderColor & """ align=""left"" cellPadding=""0"" cellSpacing=""1"" width=""100%"">" & vbNewLine & _
"<tr><td bgcolor=""" & StrHeadCellColor & """ height=""27"">" & vbNewLine & _
"<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """> " & vbNewLine& _
"</font></td></tr><tr><td bgcolor=""" & StrForumCellColor & """>" & vbNewLine & _
"<p align=""center""><b><font face=""" & strDefaultFontFace & """ size=3 color=""" & strDefaultFontColor & """><br>You are being logged out please standby...</font></b></p><br>" & vbNewLine & _
"<meta http-equiv=""Refresh"" content=""2; URL=default.asp"">" & vbNewLine & _
"<table align=""center"" border=""0"" cellPadding=""0"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td>" & vbNewLine
WriteFooter
Response.End
end select
if (mlev = 0) then
if not(Instr(Request.ServerVariables("Path_Info"), "register.asp") > 0) and _
not(Instr(Request.ServerVariables("Path_Info"), "policy.asp") > 0) and _
not(Instr(Request.ServerVariables("Path_Info"), "pop_profile.asp") > 0) and _
not(Instr(Request.ServerVariables("Path_Info"), "search.asp") > 0) and _
not(Instr(Request.ServerVariables("Path_Info"), "login.asp") > 0) and _
not(Instr(Request.ServerVariables("Path_Info"), "faq.asp") > 0) and _
not(Instr(Request.ServerVariables("Path_Info"), "password.asp") > 0) then
Response.Write " <form action=""" & Request.ServerVariables("URL") & """ method=""post"" id=""form1"" name=""form1"">" & vbNewLine & _
" <input type=""hidden"" name=""Method_Type"" value=""login"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td align=""right"">" & vbNewLine & _
" <table border=""0"" cellpadding=""4"" cellspacing="""">" & vbNewLine & _
" <tr><td>" & vbNewLine
if (strAuthType = "db") then
Response.Write " <table border=""0"" cellpadding=""1"" cellspacing=""0""><tr><td align=""right"" width=""1""><img SRC=""" & strImageURL & "icon_member.gif""></td><td align=""left"" width=""100""><font face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """ color=""" & StrDefaultFontColor & """><b>Username:</b></font></td></tr>" & vbNewLine & _
" <tr><td colspan=""2"" align=""left""><input type=""text"" class=""newLogin"" name=""Name"" size=""15"" maxLength=""25"" value=""""></td></tr>" & vbNewLine & _
" <tr><td align=""right"" width=""1""><img SRC=""" & strImageURL & "icon_lock2.gif""></td><td align=""left"" width=""100""><font face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """ color=""" & StrDefaultFontColor & """><b>Password:</b></font></td></tr>" & vbNewLine & _
" <tr><td colspan=""2"" align=""left""><input type=""password"" class=""newLogin"" name=""Password"" size=""15"" maxLength=""25"" value=""""></td></tr>" & vbNewLine & _
" <tr><td colspan=""2"" align=""left""><font face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """ color=""" & StrDefaultFontColor & """>" & vbNewLine & _
" <input type=""checkbox"" class=""radio"" name=""SavePassWord"" value=""true"" tabindex=""-1"" CHECKED><b> Save Password</b></font></td></tr></table>" & vbNewLine & _
" <td align=""center"" valign=""top""><br>" & vbNewLine
if strGfxButtons = "1" then
Response.Write " <input src=""" & strImageUrl & "button_login.gif"" type=""image"" border=""0"" value=""Login"" id=""submit1"" name=""Login"">" & vbNewLine
else
Response.Write " <input type=""submit"" value=""Login"" id=""submit1"" name=""submit1"">" & vbNewLine
end if
Response.Write " <br><font face=""" & strDefaultFontFace & """ size=""3""><a href=""policy.asp"" tabindex=""-1""><b>Register</b></a></font>" & vbNewLine
if (lcase(strEmail) = "1") then
Response.Write " <br><font face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """><a href=""password.asp""" & dWStatus("Choose a new password if you have forgotten your current one...") & " tabindex=""-1"">Forgot "
if strAuthType = "nt" then Response.Write("Admin ")
Response.Write "Password?</a></font>" & vbNewLine
Response.Write " </td>" & vbNewLine
else
if (strAuthType = "nt") then
Response.Write " <td><font face=""" & strDefaultFontFace & """ size=""1"" color=""" & strHiLiteFontColor & """>Please <a href=""policy.asp"" tabindex=""-1"">register</a> to post in these Forums</font></td>" & vbNewLine
end if
end if
Response.Write " </tr>" & vbNewLine
if (lcase(strNoCookies) = "1") then
Response.Write " |" & vbNewLine & _
" <a href=""admin_home.asp""" & dWStatus("Access the Forum Admin Functions...") & " tabindex=""-1"">Admin Options</a>" & vbNewLine
end if
Response.Write " </font></td>" & vbNewLine & _
" </td></tr>" & vbNewLine
end if
Response.Write " </table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" </form>" & vbNewLine
end if
else
Response.Write " <form action=""" & Request.ServerVariables("URL") & """ method=""post"" id=""form2"" name=""form2"">" & vbNewLine & _
" <input type=""hidden"" name=""Method_Type"" value=""logout"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td align=""center"">" & vbNewLine & _
" <table border=""0"" cellpadding=""4"" cellspacing="""">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """ color=""" & strDefaultFontColor & """>You are logged on as<br />"
if strAuthType="nt" then
Response.Write "<b>" & Session(strCookieURL & "username") & " (" & Session(strCookieURL & "userid") & ")</b></font></td>" & vbNewLine & _
" <td> " & vbNewLine
else
if strAuthType = "db" then
Response.Write "<font size=""3"" color=""" & strForumLinkColor & """>" & ChkString(strDBNTUserName, "display") & "</font><br>" & vbNewLine
if strGfxButtons = "1" then
Response.Write "<input src=""" & strImageUrl & "button_logout.gif"" type=""image"" border=""0"" value=""Logout"" id=""submit1"" name=""Logout"" tabindex=""-1"">"
else
Response.Write "<input type=""submit"" value=""Logout"" id=""submit1"" name=""submit1"" tabindex=""-1"">"
end if
end if
end if
Response.Write "</td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" </table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine
if (mlev = 4) or (lcase(strNoCookies) = "1") then
Response.Write " <tr>" & vbNewLine & _
" <td align=""center""><font face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """><a href=""admin_home.asp""" & dWStatus("Access the Forum Admin Functions...") & " tabindex=""-1"">Admin Options</a>"
if mLev = 4 and (strEmailVal = "1" and strRestrictReg = "1" and strEmail = "1" and User_Count > 0) then Response.Write(" | <a href=""admin_accounts_pending.asp""" & dWStatus("(" & User_Count & ") Member(s) awaiting approval") & " tabindex=""-1"">(" & User_Count & ") Member(s) awaiting approval</a>")
Response.Write "<br /><br /></font></td>" & vbNewLine & _
" </tr>" & vbNewLine
end if
Response.Write " </form>" & vbNewLine
end if
Response.Write " </table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td colspan=""2"">" & vbNewLine & _
" <table border=""0"" bgcolor=""" & strTableBorderColor & """ align=""left"" cellPadding=""0"" cellSpacing=""1"" width=""100%"" height=""27"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td bgcolor=""" & StrHeadCellColor & """ width=""100%"">" & vbNewLine & _
"<table align=""center"" border=""0"" cellPadding=""4"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td>" & vbNewLine
'Response.Write " " & vbNewLine
sForumNavigation()
'
'<!--#include file ="dropmenu/inc_dropmenu.asp"-->
'
Response.Write " </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
"</table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td bgColor=""" & strForumCellColor & """>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td bgcolor=""" & StrForumCellColor & """ align=""left"" width=""100%"" nowrap>" & vbNewLine
Response.Write "<table align=""center"" border=""0"" cellPadding=""4"" cellSpacing=""0"" width=""100%"">" & vbNewLine & _
" <tr>" & vbNewLine & _
" <td>" & vbNewLine
%>
<!--#include file="inc_activeusers2.asp"-->
<%
Response.Write " </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
"</table>" & vbNewLine & _
" </td>" & vbNewLine & _
" </tr>" & vbNewLine& _
" <tr>" & vbNewLine & _
" <td>" & vbNewLine
Response.Write "<table align=""center"" border=""0"" cellPadding=""4"" cellSpacing=""0"" width=""100%"">" & vbNewLine
%>
<!--#include file="privatemess.asp"-->
<%
Response.Write " </td>" & vbNewLine & _
" </tr>" & vbNewLine & _
"</table>" & vbNewLine & _
"<tr>" & vbNewLine & _
"<td bgcolor=""" & StrForumCellColor & """>" & vbNewLine & _
"<table bgcolor=""" & StrForumCellColor & """ align=""center"" border=""0"" cellPadding=""0"" cellSpacing=""0"" width=""100%"">" & vbNewLine
'########################## serverhacker.com modz ##########################
'########### GROUP Categories ########### %>
<!--#INCLUDE FILE="inc_groupjump_to.asp" -->
<% '######## GROUP Categories ##############
Response.Write " <tr>" & vbNewLine & _
" <td colspan=""3"">" & vbNewLine
sub sForumNavigation()
' DEM --> Added code to show the subscription line
if strSubscription > 0 and strEmail = "1" then
if mlev > 0 then
strSql = "SELECT COUNT(*) AS MySubCount FROM " & strTablePrefix & "SUBSCRIPTIONS"
strSql = strSql & " WHERE MEMBER_ID = " & MemberID
set rsCount = my_Conn.Execute (strSql)
if rsCount.BOF or rsCount.EOF then
' No Subscriptions found, do nothing
MySubCount = 0
rsCount.Close
set rsCount = nothing
else
MySubCount = rsCount("MySubCount")
rsCount.Close
set rsCount = nothing
end if
if mLev = 4 then
strSql = "SELECT COUNT(*) AS SubCount FROM " & strTablePrefix & "SUBSCRIPTIONS"
set rsCount = my_Conn.Execute (strSql)
if rsCount.BOF or rsCount.EOF then
' No Subscriptions found, do nothing
SubCount = 0
rsCount.Close
set rsCount = nothing
else
SubCount = rsCount("SubCount")
rsCount.Close
set rsCount = nothing
end if
end if
else
SubCount = 0
MySubCount = 0
end if
else
SubCount = 0
MySubCount = 0
end if
Response.Write " <font face=""" & strDefaultFontFace & """ size=""2""> <a href=""" & strHomeURL & """" & dWStatus("Homepage") & " tabindex=""-1""><acronym title=""Homepage""><img src=""" &StrImageURL & "icon_nav_home.gif"" border=0> Home</acronym></a>" & vbNewline & _
" " & vbNewline
Response.Write " <a href=""default.asp""" & dWStatus("See whats going on in the forum") & " tabindex=""-1""><acronym title=""See whats going on in the forum""><img src=""" &StrImageURL & "icon_folder_open_topic.gif"" border=0> Forums</acronym></a>" & vbNewline
Response.Write " " & vbNewline
if (mlev = 1 or mlev = 2 or mlev = 3 or mlev = 4) or (lcase(strNoCookies) = "1") then
if strUseExtendedProfile then
Response.Write " <a href=""pop_profile.asp?mode=Edit""" & dWStatus("Edit your personal profile...") & " tabindex=""-1""><acronym title=""Edit your personal profile...""><img src=""" &StrImageURL & "icon_member.gif"" border=0> Profile</acronym></a>" & vbNewline
Response.Write " " & vbNewline
else
Response.Write " <a href=""javascript:openWindow3('pop_profile.asp?mode=Edit')""" & dWStatus("Edit your personal profile...") & " tabindex=""-1""><acronym title=""Edit your personal profile...""><img src=""" &StrImageURL & "icon_member.gif"" border=0> Profile</acronym></a>" & vbNewline
Response.Write " " & vbNewline
end if
else
end if
' DEM --> Start of code added to show subscriptions if they exist
if (strSubscription > 0) then
if mlev = 4 and SubCount > 0 then
Response.Write " <a href=""subscription_list.asp?MODE=all""" & dWStatus("See all current subscriptions") & " tabindex=""-1""><acronym title=""See all current subscriptions""><img src=""" &StrImageURL & "icon_subscribe.gif"" border=0> All Subscriptions</acronym></a>" & vbNewline
Response.Write " " & vbNewline
end if
if MySubCount > 0 then
Response.Write " <a href=""subscription_list.asp""" & dWStatus("See all of your subscriptions") & " tabindex=""-1""><acronym title=""See all of your subscriptions""><img src=""" &StrImageURL & "icon_subscribe.gif"" border=0> My Subscriptions</acronym></a>" & vbNewline
Response.Write " " & vbNewline
end if
end if
' DEM --> End of Code added to show subscriptions if they exist
Response.Write " <a href=""cal.asp""" & dWStatus("Check out the events calendar") & " tabindex=""-1""><acronym title=""Check out the events calendar""><img src=""" &StrImageURL & "icon_nav_calendar.gif"" border=0> Events Calendar</acronym></a>" & vbNewline & _
" " & vbNewline & _
" <a href=""about.asp""" & dWStatus("Come and Meet Your Hosts") & " tabindex=""-1""><acronym title=""Come In & Meet Your Hosts""><img src=""" &StrImageURL & "banghead_125.gif"" border=0> Your Hosts</acronym></a>" & vbNewline & _
" " & vbNewline & _
" <a href=""guestbook.asp""" & dWStatus("Please sign our Guestbook") & " tabindex=""-1""><acronym title=""Please sign our Guestbook""><img src=""" &StrImageURL & "icon_nav_guestbook.gif"" border=0> Guestbook</acronym></a>" & vbNewline & _
" " & vbNewline & _
" <a href=""faq.asp""" & dWStatus("Answers to Frequently Asked Questions...") & " tabindex=""-1""><acronym title=""Answers to Frequently Asked Questions...""><img src=""" &StrImageURL & "icon_nav_help.gif"" border=0> FAQ</acronym></a>" & vbNewline & _
" " & vbNewline
if strAutoLogon <> "1" then
If mlev = 0 then
if strProhibitNewMembers <> "1" then
Response.Write " " & vbNewline & _
" <a href=""policy.asp""" & dWStatus("Register to post to our forum...") & " tabindex=""-1""><acronym title=""Register to post to our forum...""><img src=""" &StrImageURL & "icon_nav_register.gif"" border=0> Register</acronym></a>" & vbNewline
end if
else
end if
end if
Response.Write "</font>" & vbNewline
end sub
if strGroupCategories = "1" then
if Session(strCookieURL & "GROUP_NAME") = "" then
GROUPNAME = " Default Groups "
else
GROUPNAME = Session(strCookieURL & "GROUP_NAME")
end if
'Forum_SQL - Get Groups
strSql = "SELECT GROUP_ID, GROUP_CATID "
strSql = strSql & " FROM " & strTablePrefix & "GROUPS "
strSql = strSql & " WHERE GROUP_ID = " & Group
set rsgroups = Server.CreateObject("ADODB.Recordset")
rsgroups.Open strSql, my_Conn, adOpenForwardOnly, adLockReadOnly, adCmdText
if rsgroups.EOF then
recGroupCatCount = ""
else
allGroupCatData = rsgroups.GetRows(adGetRowsRest)
recGroupCatCount = UBound(allGroupCatData, 2)
end if
rsgroups.Close
set rsgroups = nothing
end if
%> |
-We don't need Alien Races to come from other planets to Steal Our Children - We have CPS for that and they wouldn't take too kindly to some Outsider cutting in on their Action- |
|
Topic Locked
