<%@ LANGUAGE = "VBScript" %>
<% Option Explicit %>
<% Response.Buffer = True %>
<% Response.Expires = -1 %>
<% Response.CacheControl = "Public" %>
<!--#include file="common.asp"-->
<!--#include file="forum/functions/functions_send_mail.asp" -->
<!--#include file="forum/functions/functions_format_post.asp"	-->
<!--#include file="forum/includes/emoticons_inc.asp" -->
<%
Dim strMode
Dim intAuthorID
Dim intEventID
Dim strEventTitle
Dim strEvent
Dim intEventCatID
Dim blnPublicEvent
Dim dtmEventStartDate
Dim dtmEventEndDate

strMode = Request.QueryString("Mode")

intEventID = Clng(Request.QueryString("EID"))
strEventTitle = Request.Form("title")
strEvent = Request.Form("message")
intEventCatID = Request.Form("category")
dtmEventStartDate = CDate(Request.Form("startdate"))
dtmEventEndDate = CDate(Request.Form("enddate"))
blnPublicEvent = CBool(Request.Form("private"))

If blnUserCanPostEvents = False Then blnPublicEvent = False

If RTEenabled() <> "false" Then strEvent = WYSIWYGFormatPost(strEvent) Else strEvent = FormatPost(strEvent)

strEvent = checkHTML(strEvent)

If strMode = "NE" Then

	strEventTitle = Replace(strEventTitle, "'", "''")
	strEvent = Replace(strEvent, "'", "''")

	strSQL = "INSERT INTO " & strDBTable & "Calendar (Cat_ID, Author_ID, Title, Message, Start_date, End_date, Private) VALUES (" & _
		intEventCatID & ", " & _
		lngLoggedInUserID & ", " & _
		"'" & strEventTitle & "', " & _
		"'" & strEvent & "', " & _
		"'" & dtmEventStartDate & "', " & _
		"'" & dtmEventEndDate & "', " & _
		CBoolConvert(blnPublicEvent) & ")"
	adoCon.Execute(strSQL)

ElseIf strMode = "EE" Then
	strSQL = "SELECT " & strDBTable & "Calendar.* FROM " & strDBTable & "Calendar WHERE Event_ID = " & intEventID & ";"

	rsCommon.Open strSQL, adoCon, 3, 3

	If NOT rsCommon.EOF Then
		intAuthorID = rsCommon("Author_ID")

		If intAuthorID <> lngLoggedInUserID AND blnAdmin = False Then
			adoCon.Close
			Set rsCommon = Nothing
			Set adoCon = Nothing

			Response.Redirect("forum/insufficient_permission.asp?Redirect=" & RedirectOmitPath("Redirect", True))
		Else
			With rsCommon
				.Fields("Cat_ID") = intEventCatID
				.Fields("Author_ID") = lngLoggedInUserID
				.Fields("Title") = strEventTitle
				.Fields("Message") = strEvent
				.Fields("Start_date") = dtmEventStartDate
				.Fields("End_date") = dtmEventEndDate
				.Fields("Private") = blnPublicEvent
				.Update
				.Requery
			End With
		End If
	End If

	rsCommon.Close
ElseIf strMode = "DE" Then
	strSQL = "SELECT " & strDBTable & "Calendar.* FROM " & strDBTable & "Calendar WHERE Event_ID = " & intEventID & ";"

	rsCommon.Open strSQL, adoCon

	If rsCommon.EOF Then
		rsCommon.Close
		adoCon.Close
		Set rsCommon = Nothing
		Set adoCon = Nothing

		Response.Redirect("forum/insufficient_permission.asp?Redirect=" & RedirectOmitPath("Redirect", True))
	Else
		dtmEventStartDate = rsCommon("Start_date")

		If blnAdmin = False AND Clng(rsCommon("Author_ID")) <> lngLoggedInUserID Then
			rsCommon.Close
			adoCon.Close
			Set rsCommon = Nothing
			Set adoCon = Nothing

			Response.Redirect("forum/insufficient_permission.asp?Redirect=" & RedirectOmitPath("Redirect", True))
		Else
			rsCommon.Close
			strSQL = "DELETE FROM " & strDBTable & "Calendar WHERE Event_ID = " & intEventID & ";"
			adoCon.Execute(strSQL)
		End If
	End If


End If

adoCon.Close
Set adoCon = Nothing
Set rsCommon = Nothing

Response.Redirect("event.asp?Date=" & dtmEventStartDate)
%>