Events<% If Request.ServerVariables("HTTP_HOST") = "server" Then ' Local Server %>: Local Server<% End If %>

<% Set conn = Server.CreateObject("ADODB.Connection") If Request.ServerVariables("HTTP_HOST") = "server" Then ' Local Server dbLoc = Server.MapPath("/orchardicings/databases/events.mdb") Else ' Production Server dbLoc = Server.MapPath("/databases/events.mdb") End If conn.Open("DRIVER=Microsoft Access Driver (*.mdb);DBQ=" & dbLoc) %>

<% Set Records = Server.CreateObject("ADODB.Recordset") if request("action")="login" then ' Check to see if this account exists: SQLString = "SELECT * FROM Users WHERE UserName='" & Request("UserName") & "' AND UserPassword='" & Request("UserPassword") & "';" Records.Open SQLString, conn If Records.EOF Then Records.Close SQLString="SELECT * FROM Users WHERE UserName='" & Request("UserName") & "';" Records.Open SQLString,conn If Records.EOF Then %> The username you entered does not exist, and is available for use. If you would like to create a new account, simply fill in the details below and click the continue button. If you already have an account and would like to try to log in again, click here.

Create A New Account

<% else if request("emailhint")="E-mail a hint!" then AllText = "Here's your password hint for the Orchard Icings Event Reminder Service:" & vbcrlf & Records("UserHint") Set objSendMail = CreateObject("CDONTS.NewMail") objSendMail.From = "event_reminder@orchardicings.com" objSendMail.To = Records("UserEmail") objSendMail.Subject = "Orchard Icings Event Reminder Password Hint" objSendMail.Body = AllText objSendMail.Send Set objSendMail = Nothing end if %> The username you entered already exists, but the password you entered is incorrect. If this is your account, but you have forgotten your password, click the e-mail button, and a hint will be sent to the e-mail address that you supplied when you set up your account. You may also have just miss-typed your password, in which case you might like to re-enter it here...

<% end if else 'Logged In session("loggedin")=1 session("UserID")=records("UserID") Records.Close %> Welcome back... click here to proceed. <% End If elseif request("action")="emailcheck" then 'Check to see if this username is already in use SQLString="SELECT * FROM Users WHERE UserName='" & Request("UserName") & "';" Records.Open SQLString, conn If NOT Records.EOF Then %> Oops!...
The username you have chosen is already in use. Please choose another.

<% Response.End End If Records.Close 'Check to see if e-mail is valid if Len(Request("UserName"))<1 Then %> Oops!...

You'll left your username blank... we kinda need a username...
<% Response.End End If If InStr(Request.Form.Item("UserEmail"),"@")<1 Or InStr(Request.Form.Item("UserEmail"),".")<1 Then %> Oops!...

The e-mail address you entered doesn't look like an e-mail address. Please enter your correct address to continue...
<% Response.End End If 'Check to see if date is valid If Not (IsDate(Request("UserDOB"))) Then %> Oops!...

I'm just a silly computer, and I didn't understand your birthdate. Please enter your birthdate in the format like these examples:
"July 3 1984" or "November 8 1970"
<% 'Response.Write "The date you entered is not valid." Response.End End If 'Add new details Set fs = CreateObject("Scripting.FileSystemObject") TempPass=Right(fs.GetBaseName(fs.GetTempName), Len(fs.GetBaseName(fs.GetTempName)) - 3) Set CommandObject=Server.CreateObject("ADODB.Command") Set CommandObject.ActiveConnection=conn SQLString="INSERT INTO Users " &_ "(UserName,UserEmail,UserPassword,UserDOB) " &_ "VALUES (?,?,?,?);" CommandObject.CommandText=SQLString CommandObject.Prepared=True CommandObject.Parameters.Append _ CommandObject.CreateParameter("UserName",200, ,255) CommandObject.Parameters.Append _ CommandObject.CreateParameter("UserEmail",200, ,255) CommandObject.Parameters.Append _ CommandObject.CreateParameter("UserPassword",201, ,255) CommandObject.Parameters.Append _ CommandObject.CreateParameter("UserDOB",200, ,255) CommandObject("UserName")=Request.Form.Item("UserName") CommandObject("UserEmail")=Request.Form.Item("UserEmail") CommandObject("UserPassword")=TempPass CommandObject("UserDOB")=Request.Form.Item("UserDOB") CommandObject.Execute() SQLString = "SELECT TOP 1 UserID FROM Users " &_ "WHERE UserPassword=" & chr(39) & TempPass & chr(39) &_ " ORDER BY UserRecordCreated DESC;" Records.Open SQLString, conn UserID=Records("UserID") Records.close() AllText = "Thank you for creating a new account with the Orchard Icings Event Reminder Service. " & vbcrlf &_ vbcrlf & "Your password is : " & TempPass & vbcrlf & vbcrlf &_ "If you did not attempt to create a new account, someone else did using your e-mail address. " & vbcrlf &_ "If this is the case, we apologise for the unsolicited e-mail." Set objSendMail = CreateObject("CDONTS.NewMail") objSendMail.From = "event_reminder@orchardicings.com" objSendMail.To = Request("UserEmail") objSendMail.Subject = "Orchard Icings Event Reminder Password" objSendMail.Body = AllText objSendMail.Send Set objSendMail = Nothing %> Nearly Done

A new account has been created. We've already made up a password for you, and sent it to the e-mail address you supplied. Now all you need to do is check your e-mail, and copy that password into the first box below. Then you can also enter a new password of your choice, and a hint to help you remember it. For example, your password might be "Bouncer47" and your hint might be "best friend's dog's name and my street number". <% elseif request("action")="newaccountdone" then 'Select data for this user ID SQLString="SELECT * FROM Users WHERE UserID=" & request("UserID") & ";" Records.Open SQLString, conn 'Check to see if password supplied matches the one in the database if (request("UserPassword")=Records("UserPassword") AND NOT Records.EOF) then 'Update record with new password and hint. Set UpdateRecordset=Server.CreateObject("ADODB.Recordset") UpdateRecordset.ActiveConnection=conn UpdateRecordset.CursorType=1 UpdateRecordset.CursorLocation=2 UpdateRecordset.LockType=3 UpdateRecordset.Source="Users" UpdateRecordset.Filter="UserID="& Request("UserID") UpdateRecordset.Open If UpdateRecordset.EOF Then UserRecordset.Close Set UserRecordset=Nothing Response.Write "There has been a problem. Please go back and try again." Response.End Else UpdateRecordset("UserPassword") = Request("NewPassword") UpdateRecordset("UserHint") = Request("NewPasswordHint") UpdateRecordset.Update UpdateRecordset.Close Set UpdateRecordset=Nothing end if Session("UserID")=request("UserID") Session("loggedin")=1 %> Congratulations

You have created a new account, and you can now start using it. Click here to proceed. <% else 'Passwords do not match %> Oops!...

The password you entered does not match the password that we e-mailed to you. Click your browser's back button and try again. <% Response.End Records.close end if else %>

If you have already used this service and have a username and password, enter them below and press the Log In button. If you are a new user, make up your own username and password, and we'll create a new account for you:.

<% end if %>