<% Option Explicit %>
<!--#include file="common.asp" -->
<!--#include file="langauge_file.inc" -->
<%
'****************************************************************************************
'**  Copyright Notice    
'**
'**  Web Wiz Guide ASP Discussion Forum
'**                                                              
'**  Copyright 2001 Bruce Corkhill All Rights Reserved.                                
'**
'**  This program is free software; you can redistribute it and/or modify
'**  it under the terms of the GNU General Public License as published by
'**  the Free Software Foundation; either version 2 of the License, or
'**  any later version.
'**
'**  All copyright notices must remain intacked in the scripts and the 
'**  outputted HTML.
'**
'**  You may not pass the whole or any part of this application off as your own work.
'**   
'**  All links to Web Wiz Guide must remain in place and the powered by
'**  logo with link back to Web Wiz Guide must remain visiable when the pages
'**  are viewed.
'**
'**  This program is distributed in the hope that it will be useful,
'**  but WITHOUT ANY WARRANTY; without even the implied warranty of
'**  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
'**  GNU General Public License for more details.
'**    
'**  You should have received a copy of the GNU General Public License
'**  along with this program; if not, write to the Free Software
'**  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA	
'** 
'**
'**  No official support is available for this program but you may post support questions at: -
'**  http://www.webwizguide.info/forum
'**
'**  Support questions are NOT answered by e-mail ever!
'**
'**  For correspondence or non support questions contact: -
'**  info@webwizguide.com
'**
'**  or at: -
'**
'**  Web Wiz Guide, PO Box 4982, Bournemouth, BH8 8XP, United Kingdom
'****************************************************************************************


Response.Buffer = True 

'Dimension variables
Dim rsCheckPassword		'Holds the recordset of the users password
Dim strUsername			'Holds the users username
Dim strPassword			'Holds the usres password
Dim blnAutoLogin		'Holds whether the user wnats to be automactically logged in
Dim lngUserID			'Holds the users Id number
Dim strUserCode			'Holds the users ID code
Dim strReturnPage		'Holds the page to return to 
Dim strReturnPageProperties	'Holds the properties of the return page


'Intialise variables
blnAutoLogin = True

'Get the forum page to return to
Select Case Request.QueryString("ReturnPage")
	Case "Topic"
		'Read in the forum and topic to return to
		strReturnPage = "display_forum_topics.asp"
		strReturnPageProperties = "?ReturnPage=" & Request.QueryString("ReturnPage") & "&ForumID=" & CInt(Request.QueryString("ForumID")) & "&PagePosition=" & CInt(Request.QueryString("PagePosition"))
	
	'Read in the thread and forum to return to
	Case "Thread"
		strReturnPage = "display_topic_threads.asp"
		strReturnPageProperties = "?ReturnPage=" & Request.QueryString("ReturnPage") & "&ForumID=" & CInt(Request.QueryString("ForumID")) & "&TopicID=" & CLng(Request.QueryString("TopicID")) & "&PagePosition=" & CInt(Request.QueryString("PagePosition"))
	
	'Read in the search to return to
	Case "Search"
		strReturnPage = "search.asp"
		strReturnPageProperties = "?ReturnPage=" & Request.QueryString("ReturnPage") & "&SearchPagePosition=" & Request.QueryString("SearchPagePosition") & "&search=" & Server.URLEncode(Request.QueryString("search")) & "&searchMode=" & Request.QueryString("searchMode") & "&searchIn=" & Request.QueryString("searchIn") & "&forum=" & Request.QueryString("forum") & "&searchSort=" & Request.QueryString("searchSort")
	
	'Else return to the forum main page
	Case Else
		strReturnPage = "default.asp"
		strReturnPageProperties = "?ForumID=0"
End Select


'Read in the users details from the form
strUsername = Request.Form("name")
strPassword = Request.Form("password")

'Replace harmful SQL quotation marks with doubles
strUsername = Replace(strUsername, "'", "''")
  
    
'If a username has been entered check that the password is correct
If NOT strUsername = "" Then
	
	'Intialise the ADO recordset object
	Set rsCheckPassword = Server.CreateObject("ADODB.Recordset")
	
	'Read the various forums from the database
	'Initalise the strSQL variable with an SQL statement to query the database
	strSQL = "SELECT tblAuthor.Password, tblAuthor.Author_ID, tblAuthor.Login_cookie, tblAuthor.User_code "
	strSQL = strSQL & "FROM tblAuthor "
	strSQL = strSQL & "WHERE tblAuthor.Username = '" & strUsername & "';"
	
	'Set the Lock Type for the records so that the record set is only locked when it is updated
	rsCheckPassword.LockType = 3
	
	'Query the database
	rsCheckPassword.Open strSQL, strCon
	
	'If the query has returned a value to the recordset then check the password is correct
	If NOT rsCheckPassword.EOF Then
	
		'Check the password is correct, if it is get the user ID and set a cookie
		If strPassword = rsCheckPassword("Password") Then
			
			'Read in the users ID number and whether they want to be automactically logged in when they return to the forum
			lngUserID = CLng(rsCheckPassword("Author_ID"))
			blnAutoLogin = CBool(rsCheckPassword("Login_cookie"))
			strUserCode = rsCheckPassword("User_code")			
			
			'Write a cookie with the User ID number so the user logged in throughout the forum	
			'Write the cookie with the name Forum containing the value UserID number
			Response.Cookies("Forum")("UserID") = strUserCode
			
			'If the user has selected to be remebered when they next login then set the expiry date for the cookie for 1 year
			If blnAutoLogin = True Then
				
				'Set the expiry date for 1 year (365 days)
				'If no expiry date is set the cookie is deleted from the users system 20 minutes after they leave the forum
				Response.Cookies("Forum").Expires = Now() + 365
			End If	
			
			'Reset Server Objects
			Set adoCon = Nothing
			Set strCon = Nothing
			Set rsCheckPassword = Nothing
		
			'Redirect the user back to the forum page they have just come from
			Response.Redirect strReturnPage & strReturnPageProperties
		End If
	End If
End If
	

'Reset Server Objects
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckPassword = Nothing

'Replace the doble quotes we put in fpr the SQL back to single quote to display in the text box
strUsername = Replace(strUsername, "''", "'")
%>  
<html>
<head>
<meta name="copyright" content="Copyright (C) 2001-2202 Bruce Corkhill">
<title>Login User</title>

<!-- The Web Wiz Guide Forum is written and produced by Bruce Corkhill Š2001
     	If you want your own Forum then goto http://www.webwizguide.info -->
		
<!-- Check the from is filled in correctly before submitting -->
<script  language="JavaScript">
<!-- Hide from older browsers...

//Function to check form is filled in correctly before submitting
function CheckForm () {

	var errorMsg = "";

	//Check for a Username
	if (document.frmLogin.name.value==""){
		errorMsg += "\n\t<% = strTxtErrorUsername %>"; 	
	}
	
	//Check for a Password
	if (document.frmLogin.password.value==""){
		errorMsg += "\n\t<% = strTxtErrorPassword %>";
	}
	
	//If there is aproblem with the form then display an error
	if (errorMsg != ""){
		msg = "<% = strTxtErrorDisplayLine %>\n\n";
		msg += "<% = strTxtErrorDisplayLine1 %>\n";
		msg += "<% = strTxtErrorDisplayLine2 %>\n";
		msg += "<% = strTxtErrorDisplayLine %>\n\n";
		msg += "<% = strTxtErrorDisplayLine3 %>\n";
		
		errorMsg += alert(msg + errorMsg + "\n\n");
		return false;
	}
	
	return true;
}

//Function to open pop up window
function openWin(theURL,winName,features) {
  	window.open(theURL,winName,features);
}

// -->
</script>

<style type="text/css">
<!--
.text {font-family: <% = strTextType %>; font-size: <% = intTextSize %>px; color: <% = strTextColour %>}
.bold {font-family: <% = strTextType %>; font-size: <% = intTextSize %>px; color: <% = strTextColour %>; font-weight: bold;}
.heading {font-family: <% = strTextType %>; font-size: 18px; color: <% = strTextColour %>}
a {font-family: <% = strTextType %>; font-size: <% = intTextSize %>px; color: <% = strLinkColour %>}
a:hover {font-family: <% = strTextType %>; font-size: <% = intTextSize %>px; color: <% = strHoverLinkColour %>}
a:visited {font-family: <% = strTextType %>; font-size: <% = intTextSize %>px; color: <% = strVisitedLinkColour %>}
a:visited:hover {font-family: <% = strTextType %>; font-size: <% = intTextSize %>px; color: <% = strHoverLinkColour %>}
-->
</style>

</head>
<body bgcolor="<% = strBgColour %>" text="<% = strTextColour %>">
<!--#include file="header.inc" -->
<h1 align="center" class="heading"><% = strTxtLogin %></h1>
<div align="center"><a href="<% = strReturnPage & strReturnPageProperties %>" target="_self"><% = strTxtReturnToDiscussionForum %></a><br>
  <br>
</div>
<%
'If the user has unsuccesfully tried logging in before then display a password incorrect error
If NOT strUsername = "" Then
%>
<table width="98%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td align="center" class="bold"><% = strTxtSorryUsernamePasswordIncorrect %><br>
      <% = strTxtPleaseTryAgain %></td>
  </tr>
</table>
<%
End If
%>
<form method="post" name="frmLogin" action="login_user.asp<% = strReturnPageProperties %>" onSubmit="return CheckForm();" onReset="return confirm('<% = strResetFormConfirm %>');">
  <table width="310" border="0" cellspacing="0" cellpadding="0" align="center" bgcolor="<% = strTableBorderColour %>" height="30">
    <tr> 
      <td height="2" width="483" align="center"> 
        <table width="100%" border="0" cellspacing="1" cellpadding="2">
          <tr>
            <td bgcolor="<% = strTableTitleColour %>">
              <table width="100%" border="0" cellspacing="0" cellpadding="2">
                <tr>
                  <td align="right" width="31%"><span class="text"> 
                    <% = strTxtUsername %>
                    :&nbsp;</span>&nbsp;</td>
                  <td width="69%"> 
                    <input type="text" name="name" size="15" maxlength="15" value="<% = strUsername %>">
                  </td>
                </tr>
                <tr> 
                  <td align="right" width="31%"><span class="text"> 
                    <% = strTxtPassword %>
                    :</span>&nbsp; </td>
                  <td width="69%"> 
                    <input type="password" name="password" size="15" maxlength="15" >
                  </td>
                </tr>
                <tr> 
                  <td align="right" width="31%">&nbsp;<a href="http://www.webwizguide.info"></a></td>
                  <td width="69%"> 
                    <input type="submit" name="Submit" value="<% = strTxtLoginUser %>">
                  </td>
                </tr>
              </table>
            </td>
          </tr>
        </table>
      </td>
    </tr>
  </table>
</form>
<table width="63%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr> 
    <td align="center" class="text"> 
      <%
	If blnEmail = True Then 
	%>
      <a href="JavaScript:openWin('forgotten_password.asp','forgot_pass','toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=1,width=550,height=300')"><% = strTxtClickHereForgottenPass %></a><br>
      <br>
	  <%
	  End If
	  %>
      <% = strTxtMustBeRegistered %><br>
      <br>
      <a href="register_form.asp<% = strReturnPageProperties %>" target="_self"><% = strClickHereIfNotRegistered %></a><br>
      <br>
    </tr>
  </table>
 <div align="center">
<% 
'***** START WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ******
If blnLCode = "True" Then
	If blnTextLinks = "True" Then 
		Response.Write("<span class=""text"">Powered by: - </span><a href=""http://www.webwizguide.info"" target=""_blank"">Web Wiz Guide Discussion Forums</a>")
	Else
  		Response.Write("<a href=""http://www.webwizguide.info"" target=""_blank""><img src=""forum_images/web_wiz_guide.gif"" width=""116"" height=""39"" border=""0"" alt=""Web Wiz Guide!""></a></div>")
	End If
End If 
'***** END WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ******
%>
</div> 
<br>
</body>
</html>