exclude code to stop a spammer

Hi,
We have a guestbook on our website (catcam.com) and for the past few months
some jerk has been filling it up with links to his advertising sites. He
does it every week and I'm getting tired of deleting the records so I'd like
to include some code to exclude any attempted entries that include a domain
common to all his postings on our site. Every time I've excluded the IP
range that the posts were made from but now it changes every week so that
won't work.

Does anyone know what to insert (and where) in the below code so that exits
or abends if "MSCAR" is entered in the "URL field"?

Thanks in advance
Curt

<% EMAIL = CStr(Replace(Request.Form("EMAIL"),"'","")) %>
<% EMAIL = CStr(Replace(EMAIL,"<","")) %>
<% EMAIL = CStr(Replace(EMAIL,">","")) %>

<% URL = CStr(Replace(Request.Form("URL"),"'","")) %>
<% URL = CStr(Replace(URL,"<","")) %>
<% URL = CStr(Replace(URL,">","")) %>

<% NAME = CStr(Replace(Request.Form("NAME"),"'","")) %>
<% NAME = CStr(Replace(NAME,"<","")) %>
<% NAME = CStr(Replace(NAME,">","")) %>

<% MESSAGE = CStr(Replace(Request.Form("MESSAGE"),"'","")) %>
<% MESSAGE = CStr(Replace(MESSAGE,"<","")) %>
<% MESSAGE = CStr(Replace(MESSAGE,">","")) %>
<% MESSAGE = CStr(Replace(MESSAGE,str,"<br>")) %>
<% MESSAGE = CStr(Replace(MESSAGE,vbCr,"<br>")) %>


<!--METADATA TYPE="DesignerControl" startspan
<OBJECT ID="CmdDeleteBlankEntries" WIDTH=151 HEIGHT=24
CLASSID="CLSID:7FAEED80-9D58-11CF-8F68-00AA006D27C2">
<PARAM NAME="_Version" VALUE="65536">
<PARAM NAME="_Version" VALUE="65536">
<PARAM NAME="_ExtentX" VALUE="3986">
<PARAM NAME="_ExtentY" VALUE="635">
<PARAM NAME="_StockProps" VALUE="0">
<PARAM NAME="DataConnection" VALUE="ConnGuestBook">
<PARAM NAME="CommandText" VALUE="DELETE FROM BOOK1 WHERE (NAME IS
NULL) AND (EMAIL IS NULL) AND (MESSAGE IS NULL)">
</OBJECT>
-->
<%
Set ConnGuestBook = Server.CreateObject("ADODB.Connection")
ConnGuestBook.ConnectionTimeout = Session("ConnGuestBook_ConnectionTimeout")
ConnGuestBook.CommandTimeout = Session("ConnGuestBook_CommandTimeout")
ConnGuestBook.Open Session("ConnGuestBook_ConnectionString"),
Session("ConnGuestBook_RuntimeUserName"),
Session("ConnGuestBook_RuntimePassword")
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdDeleteBlankEntries = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "DELETE FROM BOOK1 WHERE (NAME IS NULL) AND (EMAIL IS
NULL) AND (MESSAGE IS NULL)"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnGuestBook
CmdDeleteBlankEntries.Open cmdTemp, , 0, 1
%>
<!--METADATA TYPE="DesignerControl" endspan-->



<!--METADATA TYPE="DesignerControl" startspan
<OBJECT ID="CmdCheckForDuplicate" WIDTH=151 HEIGHT=24
CLASSID="CLSID:7FAEED80-9D58-11CF-8F68-00AA006D27C2">
<PARAM NAME="_Version" VALUE="65536">
<PARAM NAME="_Version" VALUE="65536">
<PARAM NAME="_ExtentX" VALUE="3969">
<PARAM NAME="_ExtentY" VALUE="635">
<PARAM NAME="_StockProps" VALUE="0">
<PARAM NAME="DataConnection" VALUE="ConnGuestBook">
<PARAM NAME="CommandText" VALUE="SELECT COUNT(ID) AS MESSAGECOUNT
FROM BOOK1 WHERE (NAME = '[NAME]') AND (EMAIL = '[email]') AND (MESSAGE =
'[MESSAGE]') AND (URL = '[url]')">
</OBJECT>
-->
<%
Set ConnGuestBook = Server.CreateObject("ADODB.Connection")
ConnGuestBook.ConnectionTimeout = Session("ConnGuestBook_ConnectionTimeout")
ConnGuestBook.CommandTimeout = Session("ConnGuestBook_CommandTimeout")
ConnGuestBook.Open Session("ConnGuestBook_ConnectionString"),
Session("ConnGuestBook_RuntimeUserName"),
Session("ConnGuestBook_RuntimePassword")
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdCheckForDuplicate = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT COUNT(ID) AS MESSAGECOUNT FROM BOOK1 WHERE
(NAME = '" & NAME & "') AND (EMAIL = '" & EMAIL & "') AND (MESSAGE = '" &
MESSAGE & "') AND (URL = '" & URL & "')"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnGuestBook
CmdCheckForDuplicate.Open cmdTemp, , 0, 1
%>
<!--METADATA TYPE="DesignerControl" endspan-->

<% If CmdCheckForDuplicate("MESSAGECOUNT") = 0 Then %>

<!--METADATA TYPE="DesignerControl" startspan
<OBJECT ID="CmdAddMessage" WIDTH=151 HEIGHT=24
CLASSID="CLSID:7FAEED80-9D58-11CF-8F68-00AA006D27C2">
<PARAM NAME="_Version" VALUE="65536">
<PARAM NAME="_Version" VALUE="65536">
<PARAM NAME="_ExtentX" VALUE="3986">
<PARAM NAME="_ExtentY" VALUE="635">
<PARAM NAME="_StockProps" VALUE="0">
<PARAM NAME="DataConnection" VALUE="ConnGuestBook">
<PARAM NAME="CommandText" VALUE="SELECT BOOK1.* FROM BOOK1 WHERE (ID
IS NULL)">
<PARAM NAME="CursorType" VALUE="1">
<PARAM NAME="LockType" VALUE="3">
</OBJECT>
-->
<%
Set ConnGuestBook = Server.CreateObject("ADODB.Connection")
ConnGuestBook.ConnectionTimeout = Session("ConnGuestBook_ConnectionTimeout")
ConnGuestBook.CommandTimeout = Session("ConnGuestBook_CommandTimeout")
ConnGuestBook.Open Session("ConnGuestBook_ConnectionString"),
Session("ConnGuestBook_RuntimeUserName"),
Session("ConnGuestBook_RuntimePassword")
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdAddMessage = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT BOOK1.* FROM BOOK1 WHERE (ID IS NULL)"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnGuestBook
CmdAddMessage.Open cmdTemp, , 1, 3
%>
<!--METADATA TYPE="DesignerControl" endspan-->

<%
CmdAddMessage.AddNew
%>


<%
CmdAddMessage.Fields("DATE_ENTERED") = NOW
%>

<!----------------------------------------------------->

<%
if EMAIL="" THEN
CmdAddMessage.Fields("EMAIL") = NULL
Else
CmdAddMessage.Fields("EMAIL") = EMAIL
END IF
%>
<!----------------------------------------------------->

<%
if URL="" THEN
CmdAddMessage.Fields("URL") = NULL
Else
CmdAddMessage.Fields("URL") = URL
END IF
%>
<!----------------------------------------------------->

<%
if MESSAGE="" THEN
CmdAddMessage.Fields("MESSAGE") = NULL
Else
CmdAddMessage.Fields("MESSAGE") = MESSAGE
END IF
%>
<!----------------------------------------------------->

<%
if NAME="" THEN
CmdAddMessage.Fields("NAME") = NULL
Else
CmdAddMessage.Fields("NAME") = NAME
END IF
%>
<!----------------------------------------------------->

<%
IP_ADDRESS = Request.ServerVariables("REMOTE_ADDR")
CmdAddMessage.Fields("IP_ADDRESS") = IP_ADDRESS
%>
<!----------------------------------------------------->


<%
CmdAddMessage.Update
CmdAddMessage.Close
%>

<% End If %>

<%
Sub TLdelaySec(DelaySeconds)
SecCount = 0
Sec2 = 0
While SecCount < DelaySeconds + 1
Sec1 = Second(Time())
If Sec1 <> Sec2 Then
Sec2 = Second(Time())
SecCount = SecCount + 1
End If
Wend
End Sub
%>


<% TLdelaySec(4) %>

"bb" <b@a.com> wrote

Quote:

Hi,
We have a guestbook on our website (catcam.com) and for the past few
months
some jerk has been filling it up with links to his advertising sites. He
does it every week and I'm getting tired of deleting the records so I'd
like
to include some code to exclude any attempted entries that include a
domain
common to all his postings on our site. Every time I've excluded the IP
range that the posts were made from but now it changes every week so that
won't work.

Does anyone know what to insert (and where) in the below code so that
exits
or abends if "MSCAR" is entered in the "URL field"?

The code you sent seems to me more like ASP, and the group is
a.c.l.javascript. Maybe this message was supposed to go to an asp group
instead? (Is there an asp group?)

--
"En ole paha ihminen, mutta omenat ovat elinkeinoni." -Perttu Sirviö
antaatulla.sikanautaa (AT) gmail (DOT) com.NOSPAM.invalid