<%strCode=generatePassword(5)%> <% if Request.QueryString("Action")<>"" then Set re = new regexp re.Pattern ="[a-zA-Z_s]" if re.Test(Request.QueryString("Action"))=true then else Response.Redirect("error.asp") end if end if if Request.QueryString("Action")="Add" then strInputText = Request.Form("eMail") 'set the error page strErrorPage= "error.asp" ' Deal with tabs and carriage returns ' by replacing them with spaces. strTemp = Replace(strInputText, vbTab, " ") strTemp = Replace(strTemp, vbCr, " ") strTemp = Replace(strTemp, vbLf, " ") 'Remove leading and trailing spaces strTemp = Trim(strTemp) ' Combine multiple spaces down to single ones Do While InStr(1, strTemp, " ", 1) <> 0 strTemp = Replace(strTemp, " ", " ") Loop ' Get a count by splitting the string into an array ' and retreiving the number of elements in it. ' I add one to deal with the 0 lower bound. GetWordCount = UBound(Split(strTemp, " ", -1, 1)) + 1 GetCharCount = Len(strInputText) if GetCharCount > 50 then response.redirect strErrorPage end if if GetWordCount > 1 then response.redirect strErrorPage end if strInputText = Request.Form("Message") strSearchText="http" if Instr(1, strInputText, strSearchText, 1) > 0 then response.redirect strErrorPage end if strInputText = Request.Form("Message") strSearchText="url" if Instr(1, strInputText, strSearchText, 1) > 0 then response.redirect strErrorPage end if dim cn,rs,qry,url_img set cn=Server.CreateObject ("ADODB.Connection") cn.Open "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath("tauqeer.mdb") set rs = Server.CreateObject ("ADODB.Recordset") 'qry="insert into GuestBook values('" & Request.Form("Name") & "','" & Request.Form("eMl") & "','" & Request.Form("radio") & "','" & Request.Form("city") & "','" & Request.Form("Message") & "')" 'cn.Execute qry 1,3 rs.Open "select * from GuestBook" ,cn,3,2 with rs .AddNew .Fields("username")=Request.Form("Name") .Fields("email")=Request.Form("eMail") .Fields("gender")=Request.Form("radio") .Fields("city")=Request.Form("city") .Fields("message")=Request.Form("Message") .Fields("status")=0 .Fields("t_date")=now() .Update .Close end with end if %>
  Contact Us   


    :: Guest Book

Sign the Guest book

<%if Request.QueryString("Action")="Add" then%> Thank You For Posting Message.
Your Message Shall Displayed After Approval From The Administrator.

Click Here To Go Back the Guest Book. <%end if%>

<%if Request.QueryString("Action")<>"Add" then%>
 Male      Female
<%=strCode%>

<%end if%>