<% ' Get the title title = "Search" strKeyword = blockSQLInjection (Request.QueryString ("keyword")) %>

" method="get">

Search for term: Searches include title, author's name, keywords and content of the article.

Select
Topic: <% printSelect ("topic") %> Category: <% printSelect ("category") %> Region: <% printSelect ("region") %>

Dates
<% If Request.QueryString ("date_start") <> "" Then strDateStart = blockSQLInjection (Request.QueryString ("date_start")) Else strDateStart = CStr (FormatDateTime (DateAdd ("m", -2, Now), 2)) End If If Request.QueryString ("date_end") <> "" Then strDateEnd = blockSQLInjection (Request.QueryString ("date_end")) Else strDateEnd = CStr (FormatDateTime (Now, 2)) End If %> Beginning Date: Ending Date:
Dates have to be in format mm/dd/yyyy

Order
Order by posting date: <% If Request.QueryString ("orderType") = "ASC" Then strAsc = "selected=""selected""" strDesc = "" Else strDesc = "selected=""selected""" strAsc = "" End If %>

<% ' Display results if Not ((strDateStart = "") And (strDateEnd = "")) Then If Request.QueryString ("topic") <> "" Then strQuery = "(topic = '" & blockSQLInjection (Request.QueryString ("topic")) & "')" End If If Request.QueryString ("category") <> "" Then strQuery = "(category = '" & blockSQLInjection (Request.QueryString ("category")) & "')" End If If Request.QueryString ("region") <> "" Then strQuery = "(region = '" & blockSQLInjection (Request.QueryString ("region")) & "')" End If %>

Results for "<%= strKeyword %>"

<% theSQL="select news_id, title, post_date, author_source from news where (post_date BETWEEN '$beg_date' and '$end_date') and (status=1)" theSQL=theSQL & " and ((author LIKE '%$keyword%') or (content LIKE '%$keyword%') or (author LIKE '%$keyword%') or (title LIKE '%$keyword%'))" ' This is in case additional category, topic, etc is specified If strQuery <> "" Then theSQL = theSQL & " and " & strQuery End If If strKeyword = "" Then Response.End End If ascOrDesc = blockSQLInjection (Request.QueryString ("orderType")) If (StrComp (ascOrDesc, "") = 0) Then ascOrDesc = "DESC" End If theSQL = theSQL & " order by post_date " & ascOrDesc theSQL = Replace (theSQL, "$keyword", strKeyword) theSQL = Replace (theSQL, "$beg_date", FormatDateTime(CDate(strDateStart),vbGeneralDate)) theSQL = Replace (theSQL, "$end_date", FormatDateTime(CDate(strDateEnd)+1,vbGeneralDate)) ' Finish up this SQL statement coverRecs=getRecs(theSQL) if Not isempty(coverRecs) then for k=0 to ubound(coverRecs,2) theDate = coverRecs (2,k) v_id = coverRecs (0,k) strTitle = coverRecs (1,k) strSource = coverRecs (3, k) link=ccVirtualFolderName& datePath(theDate) & ""&v_id&".html" %> <%= v_id %>. <%= strTitle %> <% ' If InStr (strSource, "Epoch") > 0 Then %> <% ' ElseIf InStr (strSource, "Mother Earth") > 0 Then %> <% ' End If %>
<%= FormatDateTime (theDate, 1) & " " & FormatDateTime (theDate, 3) %>
<% next end if end if %> <% Function printSelect (strType) Response.Write "" End Function %>