<% Option Explicit %> <% '**************************************************************************************** '** Copyright Notice '** '** Web Wiz Guide - Web Wiz Mailing List '** '** Copyright 2001-2004 Bruce Corkhill All Rights Reserved. '** '** This program is free software; you can modify (at your own risk) any part of it '** under the terms of the License that accompanies this software and use it both '** privately and commercially. '** '** All copyright notices must remain in tacked in the scripts and the '** outputted HTML. '** '** You may use parts of this program in your own private work, but you may NOT '** redistribute, repackage, or sell the whole or any part of this program even '** if it is modified or reverse engineered in whole or in part without express '** permission from the author. '** '** You may not pass the whole or any part of this application off as your own work. '** '** All links to Web Wiz Guide and powered by logo's must remain unchanged and in place '** and must remain visible when the pages are viewed unless permission is first granted '** by the copyright holder. '** '** This program is distributed in the hope that it will be useful, '** but WITHOUT ANY WARRANTY; without even the implied warranty of '** MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR ANY OTHER '** WARRANTIES WHETHER EXPRESSED OR IMPLIED. '** '** You should have received a copy of the License along with this program; '** if not, write to:- Web Wiz Guide, PO Box 4982, Bournemouth, BH8 8XP, United Kingdom. '** '** '** No official support is available for this program but you may post support questions at: - '** http://www.webwizguide.info/forum '** '** Support questions are NOT answered by e-mail ever! '** '** For correspondence or non support questions contact: - '** info@webwizguide.info '** '** or at: - '** '** Web Wiz Guide, PO Box 4982, Bournemouth, BH8 8XP, United Kingdom '** '**************************************************************************************** 'Set the response buffer to true as we maybe redirecting Response.Buffer = True 'Declare variables Dim rsCommon2 'Recordset to hold second RS Dim strEmail 'Holds the users e-mail address Dim strOldEmail 'Holds the users old email address Dim strUserName 'Holds the members name Dim strPassword 'Holds the user password Dim strUsersSalt 'Holds the salt value for ecrypted passwords Dim strOldPassword 'Holds the old password for the user Dim strOldSalt 'Holds the salt value for the old password Dim strOldPasswordInput 'Holds the old password the user has entered Dim blnHTMLformat 'Set to true if email is to be in HTML format Dim blnEmailOK 'Set to true if the email address is valid Dim lngMemberID 'Holds the members ID number Dim laryCatID 'Holds the cat ID Dim blnChecked 'Set to true if the category checkbox is to be checked Dim blnConfirmPassOK 'Set to true if the old password matches the confirmed pass Dim blnUpadteEmailAddr 'Set to true if updating the users email address Dim blnUpdatePass 'Set to true if the password is updated Dim strSubject 'Holds the subject of te email Dim strEmailBody 'Holds the email body Dim strUserID 'Holds the users ID Dim blnActive 'Hods the state of the users account Dim blnEmailBanned 'Holds if the email address or domain are banned Dim strCheckEmailAddress'Holds the banned email address list to check Dim strBlockedEmailAddress 'Hoilds the blocked email address 'Initialise variables blnEmailOK = True blnEmailBanned = false blnConfirmPassOK = True lngMemberID = 0 blnUpdatePass = false 'Read in the users ID code strUserID = Trim(Mid(Request.QueryString("ID"), 1, 22)) 'Clean up the USER ID address getting rid of unwanted characters strUserID = IDcharacterStrip(strUserID) 'Get the users details from the database If NOT strUserID = "" Then 'Initalise the strSQL variable with an SQL statement to query the database strSQL = "SELECT " & strDbTable & "Members.* " & _ "FROM " & strDbTable & "Members " & _ "WHERE " & strDbTable & "Members.ID_Code = '" & strUserID & "';" With rsCommon 'Set the cursor type property of the record set to Dynamic so we can navigate through the record set .CursorType = 2 'Set the Lock Type for the records so that the record set is only locked when it is updated .LockType = 3 'Query the database .Open strSQL, adoCon 'If a record is found read in the details If NOT .EOF Then 'Get the members details lngMemberID = .Fields("Mail_ID") strUserName = .Fields("Name") strOldEmail = .Fields("Email") strOldPassword = .Fields("Password") strOldSalt = .Fields("Salt") blnHTMLformat = CBool(.Fields("HTMLformat")) blnActive = CBool(.Fields("Active")) 'Else no record is found so send the user away Else 'Clean up rsCommon.Close Set rsCommon = Nothing adoCon.Close Set adoCon = Nothing 'Redirect to login page Response.Redirect("default.asp") End If End With 'If the user code is not enterd or does not match bounce the user to the login page Else 'Clean up Set rsCommon = Nothing adoCon.Close Set adoCon = Nothing 'Redirect to login page Response.Redirect("default.asp") end if 'Intialise the ADO recordset object Set rsCommon2 = Server.CreateObject("ADODB.Recordset") 'Read in the form details If Request.Form("postBack") Then 'Read in the email address strEmail = Trim(Mid(LCase(Request("email")), 1, 35)) 'Clean up the email address address getting rid of unwanted characters strEmail = characterStrip(strEmail) 'Check to see if the user has entered an e-mail address and that it is a valid address If Len(strEmail) < 5 OR NOT Instr(1, strEmail, " ") = 0 OR InStr(1, strEmail, "@", 1) < 2 OR InStrRev(strEmail, ".") < InStr(1, strEmail, "@", 1) Then 'Set an error message if the users has not enetered a valid e-mail address blnEmailOK = False 'Else the email address is OK Else blnEmailOK = True End If 'Read in the form details strUserName = removeAllTags(Trim(Mid(Request.Form("name"), 1, 25))) strPassword = removeAllTags(Trim(Mid(Request.Form("password"), 1, 25))) strOldPasswordInput = removeAllTags(Trim(Mid(Request.Form("oldPassword"), 1, 25))) If blnPlainTextOption = true Then blnHTMLformat = CBool(Request.Form("HTMLformat")) Else blnHTMLformat = true 'Check to see if the email address or email domain entered is banned 'Initalise the strSQL variable with an SQL statement to query the database strSQL = "SELECT " & strDbTable & "EmailBanList.Email FROM " & strDbTable & "EmailBanList;" 'Query the database rsCommon2.Open strSQL, adoCon 'If records are returned check-em out 'Loop through the email address and check 'em out Do while NOT rsCommon2.EOF 'Read in the email address to check strCheckEmailAddress = rsCommon2("Email") 'If a whildcard character is found then check that If Instr(1, strCheckEmailAddress, "*", 1) > 0 Then 'Remove the wildcard charcter from the email address to check strCheckEmailAddress = Replace(strCheckEmailAddress, "*", "", 1, -1, 1) 'If the banned email and the email entered match up then don't let em sign up If InStr(1, strEmail, strCheckEmailAddress, 1) Then blnEmailBanned = True strBlockedEmailAddress = rsCommon2("Email") End If 'Else check the actual name doesn't match Else 'If the banned email and the email entered match up then don't let em sign up If strCheckEmailAddress = strEmail Then blnEmailBanned = True strBlockedEmailAddress = strCheckEmailAddress End If End If 'Move to the next record rsCommon2.MoveNext Loop 'Distroy server objects rsCommon2.Close End If 'If this is a post back run update code If Request.Form("postBack") AND blnEmailOK AND strUserName <> "" AND blnEmailBanned = false Then 'Check the password if the user is updating their password If strPassword <> "" Then 'If the passwords are encrypted first encrypt the password If blnEncryptPasswords Then strOldPasswordInput = HashEncode(strOldPasswordInput & strOldSalt) 'Check the old password is correct If strOldPasswordInput = strOldPassword Then 'If the password is to be encrypted then do so If blnEncryptPasswords Then 'Create a new salt value strUsersSalt = hexValue(Len(strPassword)) 'Encrypt the password strPassword = HashEncode(strPassword & strUsersSalt) 'Update the recordset rsCommon.Fields("Salt") = strUsersSalt End If 'Update recordset with new password rsCommon.Fields("Password") = strPassword 'Set the conformed pass is OK blnConfirmPassOK = True blnUpdatePass = True 'Else the conirmed pass doesn't match the old one Else blnConfirmPassOK = false End If End If 'Check to see if the email address is being updated 'If the email address are the same the email is not being updated If strOldEmail = strEmail Then blnUpadteEmailAddr = false 'The email address is being updated Else blnUpadteEmailAddr = true strOldEmail = strEmail End If 'Update the database If blnConfirmPassOK Then 'Set database fields rsCommon.Fields("Name") = strUserName If blnUpadteEmailAddr Then rsCommon.Fields("Email") = strEmail If blnActivate AND blnUpadteEmailAddr Then rsCommon.Fields("Active") = False rsCommon.Fields("HTMLformat") = blnHTMLformat 'Update the database rsCommon.Update 'Delete category details from the database before the update strSQL = "DELETE FROM " & strDbTable & "MemCat WHERE " & strDbTable & "MemCat.Mail_ID=" & lngMemberID & ";" 'Write to database adoCon.Execute(strSQL) 'Add the category details to the database For each laryCatID in Request.Form("catID") 'Add cat choices strSQL = "INSERT INTO " & strDbTable & "MemCat " & _ "(" & _ "[Mail_ID], " & _ "[Cat_ID] " & _ ") " & _ "VALUES " & _ "('" & lngMemberID & "', " & _ "'" & CLng(laryCatID) & "' " & _ ")" 'Write to database adoCon.Execute(strSQL) Next 'If email activation is enabled then the user will need to re-activate their account so send email If blnActivate AND blnUpadteEmailAddr Then 'Set the subject of the email strSubject = strWebsiteName & ": " & strTxtReConfirmYourSubscriptionTo & " " & strTxtMailingList 'set the message body of the activation email strEmailBody = strTxtHi & " " & strUserName & "," & _ vbCrLf & vbCrLf & strTxtGreetingsFrom & " " & strWebsiteName & "." & _ vbCrLf & vbCrLf & strTxtYouHaveSucessfullyChangedYour & " " & strWebsiteName & " " & strTxtMailingList & " " & strTxtPreferences & "." & _ vbCrLf & vbCrLf & strTxtAsYourEmailAddressHasCHangedYouWillNeedToReactivateYourAccount & ":-" & _ vbCrLf & vbCrLf & strWebsiteAddress & "/activate.asp?M=RE&ID=" & strUserID & _ vbCrLf & vbCrLf & strTxtIfYouDidNotSubscribe & "." & _ vbCrLf & vbCrLf & strTxtThankYouForYourInterest & "." & _ vbCrLf & vbCrLf & strSignature 'Create email object Call createMailObject(strMailComponent) '***** START WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** 'Write a remove from mailing list message to add to the end of the e-mail in HTML Format strEmailBody = strEmailBody & mailBody("text", strEmail, blnLCode) '- This needs to stay in place for the software to stay legal in most countries '***** END WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** 'Send the email Call SendMail(strUserName, strEmail, strMailComponent, "text") 'Drop email component Call dropMailObject(strMailComponent) 'Clean up rsCommon.close Set rsCommon = Nothing Set rsCommon2 = Nothing adoCon.Close Set adoCon = Nothing 'Redirect to actiavtion page Response.Redirect("management_centre_update.asp?ID=" & Server.URLEncode(strUserID) & "&PU=" & blnUpdatePass & "&RA=1") 'Else send a mail letting the user know they have updated their prefences Else 'Set the subject of the email strSubject = strWebsiteName & ": " & strTxtMailingListPreferencesUpdated 'set the message body of the prefernce update email strEmailBody = strTxtHi & " " & strUserName & "," & _ vbCrLf & vbCrLf & strTxtGreetingsFrom & " " & strWebsiteName & "." & _ vbCrLf & vbCrLf & strTxtYouHaveSucessfullyChangedYour & " " & strWebsiteName & " " & strTxtMailingList & " " & strTxtPreferences & "." & _ vbCrLf & vbCrLf & strTxtIfYouWouldLikeToChangeYourPreferencesAgain & ":-" & _ vbCrLf & strWebsiteAddress & "/default.asp?email=" & Server.URLEncode(strEmail) & _ vbCrLf & vbCrLf & strSignature 'Create email object Call createMailObject(strMailComponent) '***** START WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** 'Write a remove from mailing list message to add to the end of the e-mail in HTML Format strEmailBody = strEmailBody & mailBody("text", strEmail, blnLCode) '***** END WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** 'Send the email Call SendMail(strUserName, strEmail, strMailComponent, "text") 'Drop email component Call dropMailObject(strMailComponent) 'Clean up rsCommon.close Set rsCommon = Nothing Set rsCommon2 = Nothing adoCon.Close Set adoCon = Nothing 'Redirect to actiavtion page Response.Redirect("management_centre_update.asp?ID=" & Server.URLEncode(strUserID) & "&PU=" & blnUpdatePass & "&RA=0") End If End If End If 'Clean up rsCommon.close %> Mailing List: Management Centre
<% = strWebsiteName & "'s " & strTxtMailingList & " " & strTxtManagementCentre %>
<% 'If there is a problem tell the user If blnEmailOK = false OR blnEmailBanned OR (Request.Form("postBack") AND (strUserName = "")) Then %>

<% = strTxtYourSubscriptionRequestCouldNotBeProcessed %>.
<% If blnEmailOK = false Then Response.Write(strTxtEmailAdressNotValid & ".") ElseIf blnEmailBanned Then Response.Write(strTxtTheEmailAddressOrDomainEntered & ", " & strBlockedEmailAddress & ", " & strTxtIsNotPermittedPleaseEnterNew & ".") ElseIf strUserName = "" Then Response.Write(strTxtPleaseEnterAValidName& ".") ElseIf blnConfirmPassOK = false Then Response.Write(strTxtTheCurrentPasswordIsIncorrect & ".") End If %>
<% End If %>
<% 'If the user can choose to have a plain text email sent give them the option If blnPlainTextOption Then %> <% End If %>
<% = strTxtYourAccountDetails %> (<% = strTxtAllFieldsAreRequired %>)
<% = strTxtIfYouWouldLikeToChangeYour & " " & strWebsiteName & "'s " & strTxtMailingList & " " & strTxtDetailsUseTheFormBelow %>.
<% = strTxtName %>:
<% = strTxtEmailAddress %>:
<% = strTxtEmailDeliveryFormat %>: /><% = strTxtHTML %>  /><% = strTxtPlainText %>
<% = strTxtConfirmSubscription %>: <% If blnActive Then Response.Write(strTxtYourSubscriptionIsPresentlyConfirmed) Else Response.Write(strTxtYourSubscriptionIsPresentlyNOTConfirmed & ". " & strTxtReSendConfirmationEmail & ".") %>
 

<% = strTxtYourPassword %>
<% = strTxtIfYouWouldLikeToChnageYourPassword %>.
<% = strTxtCurrentPassword %>:   <% = strTxtForgottenYourPassword %>?
<% = strTxtNewPassword %>:
<% = strTxtConfirmPassword %>:
 

<% 'Initalise the strSQL variable with an SQL statement to query the database strSQL = "SELECT " & strDbTable & "Category.* FROM " & strDbTable & "Category ORDER BY Cat_Order ASC;" 'Query the database rsCommon.Open strSQL, adoCon 'Initalise the strSQL variable with an SQL statement to query the database strSQL = "SELECT " & strDbTable & "MemCat.* FROM " & strDbTable & "MemCat WHERE " & strDbTable & "MemCat.Mail_ID=" & lngMemberID & ";" 'Query the database rsCommon2.Open strSQL, adoCon 'Loop through cats Do While NOT rsCommon.EOF 'Initliase variable blnChecked = false 'Check to see if the user has checked this in last submission If Request.Form("postBack") Then For each laryCatID in Request.Form("catID") 'If the cat has been checked before set blnChecked to true If CLng(laryCatID) = CLng(rsCommon("Cat_ID")) Then blnChecked = true Next 'Else get the users choosen categories form the database ElseIf NOT rsCommon2.EOF Then 'Loop through records to see if the user has checked this cat Do While NOT rsCommon2.EOF 'If this cat is selected by the user then set checked boolen to true If CLng(rsCommon2("Cat_ID")) = CLng(rsCommon("Cat_ID")) Then blnChecked = true 'Move to next record rsCommon2.MoveNext Loop 'Move to first record rsCommon2.MoveFirst End If Response.Write(vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " ") 'Move to next record in rs rsCommon.MoveNext Loop 'Clean up rsCommon2.Close Set rsCommon2 = Nothing rsCommon.Close Set rsCommon = Nothing adoCon.Close Set adoCon = Nothing %>
<% = strTxtMailingList & " " & strTxtCategories %>
<% = strTxtYouSubscribedToTheChecked & " " & strWebsiteName & " " & strTxtMailingList & " " & strTxtCategoriesBelowToChangeCheckBoxes %>.
" & rsCommon("Cat_Name") & "
 



?');">
<% = strTxtUnsubscribeFrom & " " & strTxtMailingList %>
<% = strTxtIfYouWouldLikeToUnsubscribeFromThe & " " & strWebsiteName & " " & strTxtMailingList & " " & strTxtAndHaveYourAccountDeleted %>.

<% = strTxtOnceYourUnsubscribeYouWillGetEmail & " " & strWebsiteName & " " & strTxtToConfirmYourSubscriptionToThe & " " & strWebsiteName & " " & strTxtMailingList & " " & strTxtIsClosed %>.
<% Response.Write("
") '***** START WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** If blnLCode = True Then Response.Write("Powered by Web Wiz Mailing List version " & strVersion & "") Response.Write("
Copyright ©2001-2004 Web Wiz Guide") End If '***** END WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** %>