<%response.expires=0%> <% strCurrentCatID = AntiHacker(MyRequest("CurrentCatID")) strCurrentCatTemp = AntiHacker(MyRequest("CurrentCat")) strArticleID = AntiHacker(MyRequest("ArticleID")) strArticleDisplayID = AntiHacker(MyRequest("ArticleDisplayID")) strScheduleGroupID = AntiHacker(MyRequest("ScheduleGroupID")) strCurrentDate = MyRequest("CurrentDate") AntiHackerValue = strCurrentDate AntiHackerValue = replace(AntiHackerValue, " ", "") AntiHackerValue = replace(AntiHackerValue, "'", "''") AntiHackerValue = replace(AntiHackerValue, "=", "") AntiHackerValue = replace(AntiHackerValue, ")", "") AntiHackerValue = replace(AntiHackerValue, "(", "") AntiHackerValue = replace(AntiHackerValue, ";", "") AntiHackerValue = replace(AntiHackerValue, "#", "") AntiHackerValue = replace(AntiHackerValue, "%", "") StrCurrentDate = AntiHackerValue strIsSchedule = AntiHacker(MyRequest("IsSchedule")) if strCurrentCatID = "" then if strCurrentCatTemp = "" then strCurrentCatID = "Home" else strCurrentCatID = strCurrentCatTemp end if end if strIsReadOnly = true 'for not displaying "edit paragraph" button in function.asp line around 386 %> <% 'go get Category Information 'To get Category info set ConCategory = Server.CreateObject("ADODB.Connection") ConCategory.open ConnectionString set RsCategory = Server.CreateObject("ADODB.RecordSet") sqlCategory = "SELECT * FROM Category WHERE CurrentCat ='" & strCurrentCat & "' and SetID='" & strCurrentSetID & "' order by num" 'response.write("sqlCategory=" & sqlCategory & "
") RsCategory.open sqlCategory, ConCategory,1,3 if RsCategory.recordcount > 0 then strCurrentCatName= rsCategory("currentCatName") strArticleDisplayTemplateID = rsCategory("ArticleDisplayTemplateID") end if rsCategory.close conCategory.close set ConGetArticleInfo = Server.CreateObject("ADODB.Connection") ConGetArticleInfo.open ConnectionString set RsGetArticleInfo = Server.CreateObject("ADODB.RecordSet") sqlGetArticleInfo = "SELECT * FROM items WHERE ArticleID ='" & strArticleID & "' and SetID='" & strCurrentSetID & "' " 'response.write("sqlGetArticleInfo=" & sqlGetArticleInfo & "
") RsGetArticleInfo.open sqlGetArticleInfo, ConGetArticleInfo,1,3 if RsGetArticleInfo.recordcount > 0 then strUseReview = rsGetArticleInfo("UseReview") strReviewTitle = rsGetArticleInfo("ReviewTitle") strCurrentArticleDisplayTemplateID = rsGetArticleInfo("CurrentArticleDisplayTemplateID") tempSessionReadArticle = session(strMemberValidateString & "_ReadArticle") if instr(tempSessionReadArticle, "~" & strArticleID & "~") <=0 then if isNumeric(rsGetArticleInfo("ReadCount")) then rsGetArticleInfo("ReadCount") = rsGetARticleInfo("ReadCount") + 1 else rsGetArticleInfo("ReadCount") = 1 end if tempSessionReadArticle = replace(tempSessionReadArticle, "~" & strArticleID & "~", "") tempSessionReadArticle = tempSessionReadArticle & "~" & strArticleID & "~" session(strMemberValidateString & "_ReadArticle") = tempSessionReadArticle end if rsGetArticleInfo.update end if rsGetArticleInfo.close conGetArticleInfo.close 'response.write("strUseReview=" & strUseReview & "
") if strArticleDisplayID <> "" and not isNull(strArticleDisplayID) then strArticleDisplayTemplateID = strARticleDisplayID elseif strCurrentArticleDisplayTemplateID <> "" and not isNull(strCurrentArticleDisplayTemplateID) then strArticleDisplayTemplateID = strCurrentArticleDisplayTemplateID end if displaySplitCache strArticleDisplayTemplateID, 1, "", "", strArticleDisplayTemplateID, "regular", "", false, false function AntiHacker(subText) AntiHackerValue = subText AntiHackerValue = replace(AntiHackerValue, " ", "") AntiHackerValue = replace(AntiHackerValue, "'", "''") AntiHackerValue = replace(AntiHackerValue, "=", "") AntiHackerValue = replace(AntiHackerValue, "-", "") AntiHackerValue = replace(AntiHackerValue, ")", "") AntiHackerValue = replace(AntiHackerValue, "(", "") AntiHackerValue = replace(AntiHackerValue, ";", "") AntiHackerValue = replace(AntiHackerValue, "#", "") AntiHackerValue = replace(AntiHackerValue, "%", "") AntiHacker= AntiHackerValue end function %>