<%
'#################################################################################
'## Copyright (C) 2000  Michael Anderson and Pierre Gorissen
'## 
'## This program is free software; you can redistribute it and/or
'## modify it under the terms of the GNU General Public License
'## as published by the Free Software Foundation; either version 2
'## of the License, or any later version.
'##
'## All copyright notices regarding Snitz Forums 2000
'## must remain intact in the scripts and in the outputted HTML
'## The "powered by" text/logo with a link back to 
'## http://forum.snitz.com in the footer of the pages MUST
'## remain visible when the pages are viewed on the internet or intranet.
'## 
'## This program is distributed in the hope that it will be useful,
'## but WITHOUT ANY WARRANTY; without even the implied warranty of
'## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
'## GNU General Public License for more details.
'## 
'## You should have received a copy of the GNU General Public License
'## along with this program; if not, write to the Free Software
'## Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
'## 
'## Support can be obtained from support forums at:
'## http://forum.snitz.com 
'##
'## Correspondence and Marketing Questions can be sent to:
'## reinhold@bigfoot.com
'## 
'## or
'## 
'## Snitz Communications 
'## C/O: Michael Anderson
'## PO Box 200
'## Harpswell, ME 04079
'#################################################################################
%>
<!--#INCLUDE FILE="config.asp" -->
<!--#INCLUDE FILE="inc_functions.asp" -->
<!--#INCLUDE FILE="inc_top.asp" -->
<%
set rs = Server.CreateObject("ADODB.RecordSet")

err_Msg = ""
ok = ""

if Request.Form("Method_Type") = "Topic" then

	'## Forum_SQL
	strSql = "SELECT MEMBER_ID, M_LEVEL, M_EMAIL, " & strDBNTSQLName
	if strAuthType = "db" then
		strSql = strSql & ", M_PASSWORD "
	end if
	strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
	strSql = strSql & " WHERE " & strDBNTSQLName & " = '" & strDBNTUserName & "'"
	strSql = strSql & " AND " & strMemberTablePrefix & "MEMBERS.M_STATUS = " & 1
	if strAuthType = "db" then
		strSql = strSql & " AND   M_PASSWORD = '" & Request.Form("Password") & "'"
		QuoteOk = (ChkQuoteOk(strDBNTUserName) and ChkQuoteOk(Request.Form("Password")))
	else
		QuoteOk = ChkQuoteOk(strDBNTUserName)
	end if

	set rs = my_Conn.Execute (strSql)

	if rs.BOF or rs.EOF or not(QuoteOk) then '##  Invalid Password
		Go_Result "Invalid UserName or Password", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
		Response.End
	Else

strSql = "SELECT MEMBER_ID, M_NAME, M_PMRECEIVE, M_PMEMAIL"
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
strSql = strSql & " WHERE M_NAME = '" & Request.Form("sendto") & "' "
set rsName = my_Conn.Execute (strSql)

if rsName.BOF or rs.EOF then '##  no one registered
Go_Result "Sorry, there is no one registered with that MemberName", 0

%>
<!--#INCLUDE FILE="inc_footer.asp" -->

<% else

if rsName("M_PMRECEIVE") = "0" then
Go_Result "Sorry, this member does not wish to receive private messages", 0

%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<% end if
end if

		txtMessage = ChkString(Request.Form("Message"),"message")
		txtSubject = ChkString(Request.Form("Subject"),"title")
		FILEZ = Request.Form("FILEZ")

		if txtMessage = " " then
			Go_Result "You must post a message!", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
			Response.End
		end if
		if Request.Form("sendto") = "" then
			Go_Result "You Must Supply a member name to send this message!", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
			Response.End
		end if
		if txtSubject = " " then
			Go_Result "You must post a subject!", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
			Response.End
		end if
		if Request.Form("sig") = "yes" and GetSig(Request.Form("UserName")) <> "" then
		     txtMessage = txtMessage & vbCrLf & vbCrLf & ChkString(GetSig(Request.Form("UserName")), "signature" )
		end if

		if Request.Form("rmail") <> "1" then
			TF = "0"
		Else
			TF = "1"
		end if

		'## Forum_SQL - Add new private message

		strSql = "INSERT INTO " & strTablePrefix & "PM ("
		strSql = strSql & " M_SUBJECT"
		strSql = strSql & ", M_MESSAGE"
		strSql = strSql & ", M_TO"
		strSql = strSql & ", M_FROM"
		strSql = strSql & ", M_SENT"
		strSql = strSql & ", M_MAIL"
   		strSql = strSql & ", M_READ"
		strSql = strSql & ", M_OUTBOX"
   		strSql = strSql & ") VALUES ("
		strSql = strSql & " '" & txtSubject & "'"
		strSql = strSql & ", '" & txtMessage & "'"
		strSql = strSql & ", " & rsName("MEMBER_ID")
		strSql = strSql & ", " & rs("MEMBER_ID")
		strSql = strSql & ", '" & DateToStr(strForumTimeAdjust) & "'"
		strSql = strSql & ", " & TF
		strSql = strSql & ", " & "0"
		if request.cookies(strCookieURL & "paging")("outbox") = "double" or request.cookies(strCookieURL & "paging")("outbox") = "single" then
			strSql = strSql & ", '" & 1 & "')"
		else
			strSql = strSql & ", '" & 0 & "')"
		end if

		my_Conn.Execute (strSql)

		if strEmail = "1" then
			if rsName("M_PMEMAIL") = "1" then
				DoReplyEmail Request.Form("sendto")
                	end if
		end if

		if Err.description <> "" then 
			err_Msg = "There was an error = " & Err.description
		Else
			err_Msg = "Updated OK"
		end if


		Go_Result err_Msg, 1
%>
<!--#INCLUDE FILE="inc_footer.asp" -->

<% 
		Response.End
	end if	
end if

if Request.Form("Method_Type") = "Reply" or Request.Form("Method_Type") = "ReplyQuote" or Request.Form("Method_Type") = "Forward" then

	if Request.Form("Method_Type") = "Forward" then
		'## Forum_SQL Convert MemberName
		strSql = "SELECT MEMBER_ID, M_Name, M_PMEMAIL"
		strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
		strSql = strSql & " WHERE M_NAME = '" & Request.Form("sendto") & "' "

    		set rsName = my_Conn.Execute (strSql)
	end if


	'## Forum_SQL
		strSql = "SELECT MEMBER_ID, M_LEVEL, M_EMAIL, M_PMEMAIL, " & strDBNTSQLName
	if strAuthType = "db" then
	strSql = strSql & ", M_PASSWORD "
	end if
	strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
	strSql = strSql & " WHERE " & strDBNTSQLName & " = '" & strDBNTUserName & "'"
	strSql = strSql & " AND " & strMemberTablePrefix & "MEMBERS.M_STATUS = " & 1
	if strAuthType = "db" then
		strSql = strSql & " AND   M_PASSWORD = '" & Request.Form("Password") &"'"
		QuoteOk = (ChkQuoteOk(strDBNTUserName) and ChkQuoteOk(Request.Form("Password")))
	else
		QuoteOk = ChkQuoteOk(strDBNTUserName)
	end if

	set rsReply = my_Conn.Execute (strSql)

	if rsReply.BOF or rsReply.EOF then '##  Invalid Password
		Go_Result "Invalid UserName or Password", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
		Response.End
	Else

	    if Request.Form("Method_Type") = "Forward" then
		txtRE = "FWD: "
	    else
	    	txtRE = "RE: "
	    end if
		txtMessage = ChkString(Request.Form("Message"),"message")
		txtSubject = ChkString(Request.Form("R_SUBJECT"),"title")
		txtSubject = Replace(txtSubject, "RE: ", "")
		txtSubject = Replace(txtSubject, "FWD: ", "")
		FILEZ = Request.Form("FILEZ")

		if txtMessage = " " then
			Go_Result "You must post a message!", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
			Response.End
		end if

		if Request.Form("sig") = "yes" and GetSig(Request.Form("UserName")) <> "" then
		     txtMessage = txtMessage & vbCrLf & vbCrLf & ChkString(GetSig(Request.Form("UserName")), "signature" )
		end if
		if Request.Form("rmail") <> "1" then
			TF = "0"
		Else 
			TF = "1"
		end if

		'## Forum_SQL - Add new private message

		strSql = "INSERT INTO " & strTablePrefix & "PM ("
		strSql = strSql & " M_SUBJECT"
		strSql = strSql & ", M_MESSAGE"
		strSql = strSql & ", M_TO"
		strSql = strSql & ", M_FROM"
		strSql = strSql & ", M_SENT"
		strSql = strSql & ", M_MAIL"
   		strSql = strSql & ", M_READ"
		strSql = strSql & ", M_OUTBOX"
		strSql = strSql & ") VALUES ("
		strSql = strSql & " '" & txtRE + txtSubject & "'"
		strSql = strSql & ", '" & txtMessage & "'"
		If Request.Form("Method_Type") = "Forward" then
			strSql = strSql & ", " & rsName("MEMBER_ID")
		else
			strSql = strSql & ", " & Request.Form("REPLY_ID")
		end if			
		strSql = strSql & ", " & rsReply("MEMBER_ID")
		strSql = strSql & ", '" & DateToStr(strForumTimeAdjust) & "'"
		strSql = strSql & ", " & TF
		strSql = strSql & ", " & "0"
		if request.cookies(strCookieURL & "paging")("outbox") = "double" or request.cookies(strCookieURL & "paging")("outbox") = "single" then 
			strSql = strSql & ", '" & 1 & "')"
		else
			strSql = strSql & ", '" & 0 & "')"
		end if

		my_Conn.Execute (strSql)

		if strEmail = "1" then
			If Request.Form("Method_Type") = "Forward" then
				if rsName("M_PMEMAIL") = "1" then
					DoReplyEmail Request.Form("sendto")
                		end if
			else
				if rsReply("M_PMEMAIL") = "1" then
					DoReplyEmail Request.Form("sendto")
                		end if
			end if
		end if

		if Err.description <> "" then 
			err_Msg = "There was an error = " & Err.description
		Else
			err_Msg = "Updated OK"
		end if


		Go_Result err_Msg, 1
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
		Response.End
	end if	
end if

sub Go_Result(str_err_Msg, boolOk)
%>
<table border="0" width="95%" align=center>
  <tr>
	<td width="33%" align="left"><font face="<% =strDefaultFontFace %>" size="<% =strDefaultFontSize %>">
	<img src="icon_folder_open.gif" border="0">&nbsp;<a href="default.asp">All Forums</a><br>
        <img src="icon_bar.gif" height=15 width=15 border="0"><img src="icon_folder_open.gif" height=15 width=15 border="0">&nbsp;<a href="pm_view.asp">Private Messages</a><br>
<% if Request.form("Method_Type") = "Topic" then %>
	<img src="icon_blank.gif" height=15 width=15 border="0"><img src="icon_bar.gif" height=15 width=15 border="0"><img src="icon_folder_open_topic.gif" height=15 width=15 border="0">&nbsp;<a href="<% =Request.Form("refer") %>"><% =ChkString(Request.Form("Subject"),"display")%></a>
<% end if %>
<% if Request.form("Method_Type") = "Reply" or _
      Request.form("Method_Type") = "ReplyQuote" or _
      Request.form("Method_Type") = "Forward" then %>
	<img src="icon_blank.gif" height=15 width=15 border="0"><img src="icon_bar.gif" height=15 width=15 border="0"><img src="icon_folder_open_topic.gif" height=15 width=15 border="0">&nbsp;<a href="<% =Request.Form("refer") %>"><% =ChkString(Request.Form("R_SUBJECT"),"display")%></a>
<% end if %>
    </font></td>
  </tr>
</table>

<%	if boolOk = 1 then %>
<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">
<%

%>
</font></p>
<meta http-equiv="Refresh" content="10; URL=pm_view.asp">

<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">
<%
		select case Request.Form("Method_Type")

			case "Topic"
				Response.Write("Your Message has been sent!")
			case "Reply"
				Response.Write("Your Reply has been sent!")
			case "ReplyQuote"
				Response.Write("Your Reply has been sent!")
			case "Forward"
				Response.Write("Your Message has been Forwarded!")
			case "Edit"
				Response.Write("Thank you for your contribution!")
			case else
				Response.Write("Have a nice day!")

		end select
%>
</font></p>

<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strDefaultFontSize %>"><a href="pm_view.asp">Back To Private Messages</font></a></p>
<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strDefaultFontSize %>"><a href="JavaScript:history.go(-2)">Back To Forum Topic</font></a></p>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%		Response.End %>
<%	Else %>
<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">There has been a problem!</font></p>

<p align="center"><font color="red" size="<% =strHeaderFontSize %>"><% =str_err_Msg %></font></p>

<p align="center"><font face="<% =strDefaultFontFace %>" size="<% =strDefaultFontSize %>"><a href="JavaScript:history.go(-1)">Go back to correct the problem.</a></font></p>

<!--#INCLUDE FILE="inc_footer.asp" -->
<%		Response.End %>
<%
	end if 
End Sub

sub DoReplyEmail(PostedBy)
	'## Emails all users who wish to receive notification of private message

	'## Forum_SQL
	strSql = " SELECT " & strMemberTablePrefix & "MEMBERS.MEMBER_ID, " & strMemberTablePrefix & "MEMBERS.M_NAME, " & strMemberTablePrefix & "MEMBERS.M_EMAIL, " & strMemberTablePrefix & "MEMBERS.M_PMEMAIL, " & strMemberTablePrefix & "PM.M_SUBJECT "
	strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
	strSql = strSql & " INNER JOIN " & strTablePrefix & "PM "
	strSql = strSql & " ON         " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & strTablePrefix & "PM.M_TO "
	strSql = strSql & " ORDER BY " & strTablePrefix & "PM.M_SENT  DESC"

	set rsTopicAuthor = my_Conn.Execute (strSql)
	
	
	strRecipientsName = rsTopicAuthor("M_NAME")
	strRecipients = rsTopicAuthor("M_EMAIL")
	strSubject = strForumTitle & " - New Private Message"
	strMessage = "Hello " & rsTopicAuthor("M_NAME") & vbCrLf & vbCrLf
	strMessage = strMessage & strDBNTUserName & " has sent you a private message at " & strForumTitle & "." & vbCrLf
	if Request.Form("Subject") = "" then
	strMessage = strMessage & "Regarding - " & txtSubject & "." & vbCrLf & vbCrLf
	else
	strMessage = strMessage & "With the subject entitled - " & Request.Form("Subject") & "." & vbCrLf & vbCrLf
	end if
	strMessage = strMessage & "You can view your message by visiting " & Left(Request.Form("refer"), InstrRev(Request.Form("refer"), "/")) & vbCrLf
%>
<!--#INCLUDE FILE="inc_mail.asp" -->
<% end sub %>