<%@ Language=JScript %> <% var name = prepSQL(Request.Form("name")); var countryid = prepSQL(Request.Form("country")); var birthday = prepSQL(Request.Form("birthday")); var birthmonth = prepSQL(Request.Form("birthmonth")); var birthyear = prepSQL(Request.Form("birthyear")); var timezoneid = prepSQL(Request.Form("timezone")); var icq = prepSQL(Request.Form("icq")); var description = prepSQL(Request.Form("description")); var gameinterest = Request.Form("gameinterest"); var username = prepSQL(Request.Form("username")); var pwd = prepSQL(Request.Form("newpassword")); var email = prepSQL(Request.Form("email")); var emailpublic = Request.Form("emailpublic"); if (emailpublic == "on") emailpublic = "1"; else emailpublic = "0"; if (gameinterest == "on") gameinterest = 1; else gameinterest = 0; var conn = Server.CreateObject("adodb.connection"); conn.Open(connStr); var sql = "UPDATE [user] SET "; if (name != "") sql += "name = '" + name + "', "; sql += " countryid = " + countryid; sql += ", birthday = '" + twoDigits(birthyear) + "-" + twoDigits(birthmonth) + "-" + twoDigits(birthday) + "'"; sql += ", timezoneid = " + timezoneid; if (description != "") sql += ", description = '" + description + "'"; if (icq != "") sql += ", icq = '" + icq + "'"; sql += ", [public] = 1"; sql += ", emailpublic = " + emailpublic; sql += ", gameinterest = " + gameinterest; sql += ", username = '" + username + "'"; sql += ", email = '" + email + "'"; if (pwd != "") sql += ", pwd = '" + pwd + "'"; sql += " WHERE id = " + Session("userid"); conn.Execute(sql); Session("username") = username; Response.Redirect("../default.asp"); %>