<%@LANGUAGE="VBSCRIPT" %> <% queryaction = request.form("hidqueryaction") if ((queryaction = "ADD") ) then txtUser=request.form("txtUser") txtPassword=request.form("txtPassword") txtEmail=request.form("txtEmail") 'txtJoinDate=date() strdate = year(date()) & "-" & month(date()) & "-" & day(date()) SelAvatar=request.form("SelAvatar") txtSignature = request.form("txtSignature") radAttachSign = request.form("radAttachSign") radEmailReply = request.form("radEmailReply") txtRole = "U" ' check for available user set rs = server.CreateObject("ADODB.Recordset") selsql = "select * from tblUser where UserName='" & txtUser & "'" rs.Open selsql,db,3 if rs.recordcount >= 1 then response.Redirect("register.asp?errmsg=1") rs.close else inssql = "insert into tblUser (UserName,Password,Email,AvtarImage,Signature,AttachSign,EmailOnReply,Role,JoinDate) "&_ " values ('" & txtUser & "' , '"& txtPassword &"' , '"& txtEmail &"' , '"& SelAvatar &"' , '"& txtSignature &"', '"& radAttachSign &"','"& radEmailReply &"', '"& txtRole &"' ,'"& strdate &"')" db.execute(inssql) call mailForEnquiry() response.Redirect("login_user.asp?errmsg=3") end if end if if ((queryaction = "EDIT") ) then if session("USERNAME") = "" then response.Redirect("login_user.asp") end if user = session("USERNAME") txtPassword=request.form("txtPassword") txtEmail=request.form("txtEmail") SelAvatar=request.form("SelAvatar") txtSignature = request.form("txtSignature") radAttachSign = request.form("radAttachSign") radEmailReply = request.form("radEmailReply") updsql = "update tblUser set Password='" & txtPassword & "',Email='" & txtEmail & "',AvtarImage='" & SelAvatar & "',Signature='" & txtSignature & "',AttachSign='" & radAttachSign & "',EmailOnReply='" & radEmailReply &"' where UserName='" & user &"'" response.write(updsql) 'response.End() db.execute(updsql) response.Redirect("members.asp?errmsg=4") end if %>