%
Response.Buffer = true
Response.Expires = -1
Response.ExpiresAbsolute = Now() -2
Response.AddHeader "pragma", "no-cache"
Response.AddHeader "cache-control", "private"
Response.CacheControl = "no-cache"
if Session("name") = "" OR Session("uid") = "" then
Response.Redirect("login.asp")
else
struserID = Session("uid")
strUserName = Session("name")
strUserName = uCase(Left(strUserName,1)) & lCase(Mid(strUserName ,2))
strMedlems_ID = Session("Medlems_ID")
strMedlemsnummer = Session("Medlemsnummer")
strEPost = Session("epost")
Dim rs
Dim rs_cmd
Dim rs_numRows
Set rs_cmd = Server.CreateObject ("ADODB.Command")
rs_cmd.ActiveConnection = MM_rsconn_STRING
rs_cmd.CommandText = "SELECT * FROM SVFKFordon WHERE Fordons_ID = " & request.QueryString("Fordons_ID") & " AND Medlems_ID = " & strMedlems_ID
rs_cmd.Prepared = true
Set rs = rs_cmd.Execute
rs_numRows = 0
If rs.EOF then
Response.write("
Du har inte rättigheter att radera denna post!.
Ditt konto är nu inaktiverat!
")
Call dbOpen(conn)
loggusername = Session("name")
loggmedlemsid = Session("Medlems_ID")
Ip = Request.Servervariables("REMOTE_ADDR")
systemmessage = "ILLEGAL -- DEL Fordon: Fordons_ID:" & request.querystring("Fordons_ID") & " Medlems_ID:" & strMedlems_ID
Conn.Execute("Insert Into SVFKLogg(Ip, username, Medlems_ID, systemmessage) Values('"& ip &"', '"& loggusername &"', '"& loggmedlemsid &"', '"& systemmessage &"')")
Conn.Execute("UPDATE SVFKuTB SET active='5' WHERE userID=" & CInt(struserID) & " AND Medlems_ID='" & strMedlems_ID & "'")
Session("uid") = ""
Session("name")=""
Session("Medlems_ID") = ""
Session("Medlemsnummer") = ""
Call dbClose(conn)
Response.AddHeader "Refresh", "5;URL=default.asp"
else
loggusername = Session("name")
loggmedlemsid = Session("Medlems_ID")
Ip = Request.Servervariables("REMOTE_ADDR")
systemmessage = "DEL Fordon: Fordons_ID:" & request.querystring("Fordons_ID") & " Medlems_ID:" & strMedlems_ID & " Kategori:" & rs.Fields.Item("Kategori").Value & " Bilmärke:" & rs.Fields.Item("Bilmarke").Value & " Modell:" & rs.Fields.Item("Modell").Value & " Årsmodell:" & rs.Fields.Item("Arsmodell").Value & " Notering:" & rs.Fields.Item("Notering").Value
Set Cmd = Server.CreateObject ("ADODB.Command")
Cmd.ActiveConnection = connfunct
Cmd.CommandText = "Insert Into SVFKLogg(Ip, username, Medlems_ID, systemmessage) VALUES (?, ?, ?, ?)"
Cmd.Prepared = true
Cmd.Parameters.Append Cmd.CreateParameter("param1", 202, 1, 50, ip) ' adVarWChar
Cmd.Parameters.Append Cmd.CreateParameter("param2", 202, 1, 50, loggusername) ' adVarWChar
Cmd.Parameters.Append Cmd.CreateParameter("param3", 202, 1, 50, loggmedlemsid) ' adVarWChar
Cmd.Parameters.Append Cmd.CreateParameter("param4", 201, 1, 65535, systemmessage) ' adVarWChar
Cmd.Execute
Cmd.ActiveConnection.Close
Set rs_cmd = Server.CreateObject ("ADODB.Command")
rs_cmd.ActiveConnection = MM_rsconn_STRING
rs_cmd.CommandText = "DELETE FROM SVFKFordon WHERE Fordons_ID = " & request.QueryString("Fordons_ID") & " AND Medlems_ID = " & strMedlems_ID
rs_cmd.Prepared = true
Set rs = rs_cmd.Execute
rs_numRows = 0
Response.Redirect("default.asp")
end if
end if
%>