<% Dim db, DSNtemp Dim uname, pword, upage, pwd Dim refer,authenticated authenticated = Session("PrivateAreaAuthenticated") If authenticated <> True Then Response.Redirect("http://www.goaction.com") ElseIf Session("PrivateAreaAdmin") <> True Then Response.Redirect(Session("PrivateAreaUserpage")) End if Set db = Server.CreateObject("ADODB.Connection") DSNtemp="DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("/data/private.mdb") db.Open DSNtemp If Not IsNull(Request.ServerVariables("HTTP_REFERER")) Then refer = Request.ServerVariables("HTTP_REFERER") Else refer = "abc" End If uname = Request.Form("uname") pword = Request.Form("pword") %> Action Systems: Private Download Area: Admin Page: Password Change
Private Download Area
Admin Page
Added New User
<% If InStr(refer,"http://www.goaction.com/private/adduser.asp") = 0 Then Response.Write "Improper navigation. Aborting update." ElseIf IsNull(uname) or uname = "" Then Response.Write "Blank username provided. Aborting update." Else upage = "lobby.asp?User=" & uname pwd = sha256(uname & pword & upage) db.Execute "INSERT INTO tblUser (UserName,UserPage,UserPassword) VALUES('" & uname & "','" & upage & "','" & pwd & "')" Response.Write "Added new user " & uname & "." End If db.Close Set db = Nothing %>

Close this window