<%@ LANGUAGE = "VBScript" %>
<%
If NOT session("discussionlogin") Then response.redirect "login.asp"
Set dbConn = Server.CreateObject("ADODB.Connection")
Set rs1 = Server.CreateObject("ADODB.Recordset")
dbConn.Open ConStr
sql = "Select * from FORUM_MESSAGES where id=" & int(request("id"))
rs1.Open sql, dbConn, 1,2
If not session("userisadmin") Then
If rs1("AuthorEmail")<>session("useremail") then
rs1.Close
dbconn.Close
Set dbConn = Nothing
Set rs1 = Nothing
response.redirect "error.asp?message=" & "You dont have permission to Edit this record."
End if
End if
If request("button")="Save" then
if request("topic") = "" then response.redirect "error.asp?message=" & "Please prove a Topic"
if request("MESSAGE") = "" then response.redirect "error.asp?message=" & "Please prove a Message"
rs1("topic") = request("topic")
rs1("comments") = request("MESSAGE")
rs1("DatePosted") = now()
rs1.update
result = "Message Updated: "
prevpage = request("prevpage")
Else
prevpage = request.servervariables("HTTP_REFERER")
End if
%>
<%=sitename%>
<%=meta%>
<%searchbox%><%loginform%>