<% Option Explicit %>

<!-- #INCLUDE FILE="escape.inc" -->

<% 
Dim databaseType
Dim databaseName
Dim databaseUser
Dim databasePassword
Dim sortOrder
Dim sendMail
Dim mailFrom
Dim mailTo
Dim mailSubject

'*********************************************
'Database information and other options
databaseType = "Microsoft Access Driver (*.mdb)"
databaseName = "comments.mdb"
databaseUser = "Admin"
databasePassword = ""
' select the sort order in which to display comments
sortOrder = "descending" ' or "ascending"
' set to true if you want to receive an email for each new comment
sendMail = true ' or false
' enter the subject for the email here
mailSubject = "[aspcomments]: New comment from "
'*********************************************

'*********************************************
'* NOTE: CHANGE THE EMAIL ADDRESSES WITHIN   *
'*          THIS BLOCK BEFORE USE!           *
'*********************************************
' enter your email address here
mailFrom = "aspcomments@sneaker.org"
' enter your email adddress here 
mailTo = "aspcomments@sneaker.org" 
'*********************************************


'Get the full path to the db
Dim databasePath
databasePath = server.mappath(databaseName)
	
'Connect to DB Server
Dim dbConnectString
dbConnectString = "DRIVER={" & databaseType &_
				 "};DBQ=" & databasePath

'Set up the database connection

Dim dbConnection

Set dbConnection = Server.CreateObject("ADODB.Connection")

dbConnection.ConnectionTimeout = 60
dbConnection.CommandTimeout = 15

dbConnection.Open dbConnectString

Dim blogid

' Get the blogid
blogid = Request("blogid")

'If there is no blog id print missing message
If blogid = "" Then %>

	Missing blogid.

<% Else

	'Check if the blogid is numbers only
	Dim digitsOnly
	Set digitsOnly = New RegExp
	digitsOnly.pattern = "^\d+$"

	'If it is not only digits then print invalid message
	If NOT digitsOnly.Test(blogid) Then %>

		Invalid blogid.
		
	<% Else 

		Dim rsComments, sqlComments

		Set rsComments = Server.CreateObject("ADODB.RecordSet")

		Dim name, email, url, comment, entered
		
		'Check if this is a form submission
		If Request("add") <> "" And Request("name") <> "" And Request("comment") <> "" Then
			'Get a timestamp
			Dim timestamp
			timestamp = Now
			
			'Get the request parameters
			name = Request("name")
			email = Request("email")
			url = Request("url")
			comment = Request("comment")
			
			'Check if there is a "://" in the url
			Dim isURL
			Set isURL = New RegExp
			isURL.pattern = "://+"
			If NOT isURL.Test(url) Then 
				url = "http://" & url
			End If

			'Check if the user wants to set a cookie
			If Request("remember") <> "" Then 
				Response.Cookies("aspcomments")("name") = name
				Response.Cookies("aspcomments")("email") = email
				Response.Cookies("aspcomments")("url") = url
				Response.Cookies("aspcomments").Expires = DateAdd("m", 6, timestamp)
			Else 
				Response.Cookies("aspcomments") = ""
			End If

			sqlComments = "INSERT INTO comments (blogid, name, email, url, comment, entered) VALUES (" & blogid & ",'" & escape(name) & "','" & escape(email) & "','" & escape(url) & "','" & escape(comment) & "',#" & timestamp & "#)"
			dbConnection.Execute sqlComments 
			
			'Check if the the setting is to send email
			'and if so then use CDONTS to send the mail
		'	If sendMail Then
		'		Dim mail, mailBody
		'		Set mail = Server.CreateObject("CDONTS.NewMail")
		'		mailSubject = mailSubject & Request("name") & " (" &_
		'					  Request("email") & ")"
		'		mailBody = Request("name") & "(" & Request("email") & ")" &_
		'					CHR(13) & Request("url") & CHR(13) &_
		'					Request("comment") & CHR(13) &_
		'					timestamp & CHR(13)
		'		
		'		mail.From = mailFrom
		'		mail.To = mailTo
		'		mail.Subject = mailSubject
		'		mail.Body = mailBody
		'		mail.Importance = 1
		'		mail.Send
		'		
		'		Set mail  = Nothing
		'	End If
		End If

		If sortOrder = "descending" Then
			sqlComments = "SELECT * FROM comments WHERE blogid=" & blogid & " ORDER BY entered DESC"
		Else 
			sqlComments = "SELECT * FROM comments WHERE blogid=" & blogid
		End If

		rsComments.Open sqlComments, dbConnection, 3

		If Request("count") = "1" Then
			Dim count
			count = rsComments.RecordCount
			if count <= 0 Then 
				Response.write("document.write('');")
				'Response.write("document.write('0');")
			Else 
				Response.write("document.write('" & count & "');")
			End If
		Else %>
			<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
			
			<HTML>
			
			<!-- Begin document header -->
			
			<!--
				Project Title: aspcomments 
				Version: 1.1.2
				Author: Manu Kumar (sneaker@sneaker.org)
				Website: http://www.sneaker.org
				Project URL: http://www.sneaker.org/projects/aspcomments.shtml
				
				Copyright (c) Manu Kumar. All rights reserved.
				
				Permission to modify, copy and redistribute freely is hereby granted
				provided this copyright and permission statement and the link back to
				the author's site at the bottom of the page is not removed.
			-->
			
			<HEAD>
			<TITLE>H&aacute; Controv&eacute;rsias [Coment&aacute;rios]</TITLE>
			<META HTTP-EQUIV="APPLICATION" CONTENT="aspcomments V1.1.2">
			<META HTTP-EQUIV="AUTHOR" CONTENT="sneaker">
			<META HTTP-EQUIV="EMAIL" CONTENT="sneaker@sneaker.org">
			<META HTTP-EQUIV="URL" CONTENT="http://www.sneaker.org">
			<META HTTP-EQUIV="KEYWORDS" CONTENT="blog, comments, sneaker, blogger, aspcomments">
			<META HTTP-EQUIV="DESCRIPTION" CONTENT="A simple ASP application which allows bloggers to easily add the capability of allowing visitors to their sites to leave comments for each blog entry. Supports comments with name, email, url, comment and timestamp. Allows to check for the number of comments for a particular blogid and post new comments for a blog id. Uses cookies to keep track of repeat visitors">
			
<link href="../estilos.css" rel="stylesheet" type="text/css">
   <style>
BODY {
	SCROLLBAR-FACE-COLOR: #FFFFFF; 
	SCROLLBAR-HIGHLIGHT-COLOR: #FFFFFF; 
	SCROLLBAR-SHADOW-COLOR: #FFFFFF; 
	SCROLLBAR-3DLIGHT-COLOR: #FFFFFF; 
	SCROLLBAR-ARROW-COLOR: #CD2E3D; 
	SCROLLBAR-TRACK-COLOR: #FFFFFF; 
	SCROLLBAR-DARKSHADOW-COLOR: #ffffff;
}
</style>
</HEAD>
			<!-- End document header -->
			<!-- Begin document body -->
			<BODY LINK="#008000" VLINK="#808080" ALINK="#FFCE00">
			


			<% 
			do until rsComments.EOF 
			
			name = unescape(rsComments("name"), "plain")
			email = unescape(rsComments("email"), "plain")
			url = unescape(rsComments("url"), "plain")
			comment = unescape(rsComments("comment"), "plain")
			entered = rsComments("entered")
			%>
			
			<HR SIZE="1" WIDTH="100%" NOSHADE>
<!-- 
			id = <%=rsComments("id")%><BR>
			blogid = <%=rsComments("blogid")%><BR> 
			-->
<span class="autorcoment"><STRONG><%=name%></STRONG></span> <span class="textcoment1">(<A HREF="mailto:<%=email%>?subject=[aspcomments/email]: your comments" class="linkcoment"><%=email%></A>)</span><BR>
<A HREF="<%=url%>" TARGET="_blank" class="linkcoment"><%=url%></A><BR><br>
<span class="autorcoment"><%=comment%></span><BR>
<span class="textodata"><%=entered%></span><BR>
<span class="textodata">
<% 	rsComments.moveNext
			loop %>
</span> 
<HR SIZE="1" WIDTH="100%" NOSHADE>
			
			<!-- Begin comment submission form -->
			<FORM NAME="aspcomments" METHOD="post" ACTION="aspcomments.asp">
			<INPUT TYPE="hidden" NAME="blogid" VALUE="<%=Request("blogid")%>">
			
  <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="5" WIDTH="247">
    <TR>
					
      <TD WIDTH="36"><font color="CD2E3D" size="1" face="Verdana, Arial, Helvetica, sans-serif">nome:</font></TD>
					<TD width="196"><INPUT NAME="name" TYPE="text" class="form1" VALUE="<%=Request.Cookies("aspcomments")("name")%>" SIZE="38"></TD>
				</TR>
				<TR>
					
      <TD WIDTH="36"><font color="CD2E3D" size="1" face="Verdana, Arial, Helvetica, sans-serif">email:</font></TD>
					<TD><INPUT NAME="email" TYPE="text" class="form1" VALUE="<%=Request.Cookies("aspcomments")("email")%>" SIZE="38"></TD>
				</TR>
				<TR>
					
      <TD WIDTH="36"><font color="CD2E3D" size="1" face="Verdana, Arial, Helvetica, sans-serif">site:</font></TD>
					<TD><INPUT NAME="url" TYPE="text" class="form1" VALUE="<%=Request.Cookies("aspcomments")("url")%>" SIZE="38"></TD>
				</TR>
				<TR>
					
      <TD COLSPAN = "2"><font color="CD2E3D" size="1" face="Verdana, Arial, Helvetica, sans-serif">coment&aacute;rio:</font></TD>
				</TR>
				<TR>
					<TD COLSPAN = "2"><TEXTAREA NAME="comment" COLS="45" ROWS="8" WRAP="virtual" class="form1"></TEXTAREA></TD>
				</TR>
				<TR>
					
      <TD COLSPAN="2"><div align="right">&nbsp;&nbsp; 
          <INPUT NAME="add" TYPE="submit" class="botao" VALUE="enviar">
        </div></TD>
				</TR>
				
			</TABLE>
			</FORM>
			</BODY>
			<!-- End document body -->
			</HTML>
			<%	End If	
	End If
End If %>