<%
Option Explicit
Dim sql,rsLock,id,action,forumid,sqlOption,level,rsModLevel

id = Request.QueryString("id")
action = Request.QueryString("action")
forumid = Request.QueryString("forumid")
level = Request.QueryString("level")
%>

<!--#include file="conn.asp"-->

<%
if level = "moderator" then
  sql = "SELECT * FROM moderators where moderatorforum = " & forumid & " AND moderator = '" & Request.Cookies("pb_username") & "'"
  set rsModLevel = Server.CreateObject("ADODB.Recordset")
  rsModLevel.open sql, conn, 3, 3
  
  if rsModLevel.EOF then
	rsModLevel.close
	set rsModLevel = nothing
	conn.close
	set conn = nothing
	Response.Redirect("philboard.asp")
  else
	rsModLevel.close
	set rsModLevel = nothing
  end if
elseif Request.Cookies("philboard_admin") = "" then
  conn.close
  set conn = nothing
  Response.Redirect("philboard.asp")
end if

if action = "unlock" then
	sqlOption = "False"
else
	sqlOption = "True"
end if

sql = "UPDATE topics SET topics.locked = " & sqlOption & " WHERE topics.id = " & id
set rsLock = conn.Execute(sql)

conn.close
set conn = nothing

if level = "moderator" then
  Response.Redirect("philboard_forum.asp?forumid=" & forumid)
else
  Response.Redirect("philboard_admin-forum.asp?forumid=" & forumid)
end if
%>