<%@LANGUAGE="VBSCRIPT" %>
<!--#include file="dbconn.asp" -->
<% if session("USERNAME") = "" then 
	response.Redirect("login_user.asp")
end if
%>
<%  
'set db=Server.CreateObject("ADODB.Connection")
'db.open "Provider=SQLOLEDB; Data Source=RANJAN; Initial Catalog=test; User ID=sa; Password=''"
'db.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("msb/msb.mdb") & ";UID='';PWD='' "
queryaction = request.form("hidqueryaction")
if  ((queryaction = "ADD") ) then	
				
			rte1=request.form("rte1")	
			strdate = year(date()) & "-" & month(date()) & "-" & day(date())
			topicid = request.form("hidtopicid")
			catid = request.form("hidcatid")
			set rs = server.CreateObject("ADODB.Recordset")			
			txtUser = session("USERNAME")
			selsql = "select * from tblUser where UserName='" & txtUser & "'"
			rs.Open  selsql,db,3		
			UserId = rs.fields("UserId")	
			rs.close			
			inssql = "insert into tblReply (CategoryId,TopicId,UserId,Reply,Date) "&_
			" values ( "& catid &"," & topicid & "," & UserId & "  ,'"& Replace(rte1,"'","''") &"', '"& strdate &"')"	
			response.write(inssql)
			db.execute(inssql)				
			'response.Redirect("active_topics.asp?msg=AddReply")				
			response.Redirect("forum_posts.asp?topic=" & topicid & "&msg=AddReply")				
			
	
end if 
%>