<%@LANGUAGE="VBSCRIPT" %>
<!--#include file="dbconn.asp" -->
<% if session("USERNAME") = "" then 
response.Redirect("login_user.asp")
end if %>
<%  
queryaction = request.form("hidqueryaction")
if  ((queryaction = "ADD") ) then	
			
			txtSubject=request.form("txtSubject")
			rte1=request.form("rte1")	
			selCategory= request.form("selCategory")
			strdate = year(date()) & "-" & month(date()) & "-" & day(date())
			set rs = server.CreateObject("ADODB.Recordset")			
			txtUser = session("USERNAME")
			selsql = "select * from tblUser where UserName='" & txtUser & "'"
			rs.Open  selsql,db,3		
			UserId = rs.fields("UserId")
			AttachSign = rs.fields("AttachSign")			
		
			rs.close
			inssql = "insert into tblTopic (UserId,CategoryId,Subject,Message,ShowSignature,Date) "&_
			" values ( "& UserId &"," & selCategory & ",'" & Replace(txtSubject,"'","''") & "'  ,'"& Replace(rte1,"'","''") &"', "& AttachSign &", '"& strdate &"')"	
			
			db.execute(inssql)	
			response.Redirect("active_topics.asp?msg=Add")				
			
	
end if 
if  ((queryaction = "EDIT") ) then	
			hidtipicid = request.form("hidtipicid")
			txtSubject=request.form("txtSubject")
			rte1=request.form("rte1")				
			updsql = "update tblTopic set Subject='" & Replace(txtSubject,"'","''") & "',Message='" & Replace(rte1,"'","''")& "' where TopicId=" & hidtipicid				
			db.execute(updsql)	
			'response.Redirect("active_topics.asp?msg=Edit")			
			response.Redirect("forum_posts.asp?topic=" & hidtipicid & "&msg=Edit")				
			
	
end if 
if  ((queryaction = "DELETE") ) then	
			hidtipicid = request.form("hidtipicid")
			delsql = "delete from tblTopic where TopicId=" & hidtipicid								
			response.Write(delsql)			
			db.execute(delsql)				
			response.Redirect("active_topics.asp?msg=Delete")					
	
end if 

%>