Tilføje ny funktion i script.

Følgende script er til når man skal skrive i min gæstebog. Der er ikke problemer med selv scriptet. Men jeg vil gerne have tilføjet en detalje...
Jeg bliver ret kraftigt bombarderet med SPAM er vil gerne have sat et filter ind med "fy-ord"
Helst så disse "fy-ord" bliver tjekket fra en database så jeg nemt kan tilføje disse ord selv.
Er der nogen der har et forslag til hvordan jeg gør det??
------------------------------------
<html>
<head>
<title>MON's gæstebog (Sign)</title>
<meta name="Generator" content="Stone's WebWriter 4">
<link rel="stylesheet" type="text/css" href="../STYLE/style_bulletin.css">
</head>
<body>
<center>
<%
Flag = request.form("Flag")
If IsEmpty(Flag) or Flag = "" then
%>
    <font face="arial" size=2>
    <b><i>Bemærk:</i> * betyder at feltet <u>SKAL</u> udfyldes</b>
    </font>

</font>
<p>&nbsp;
<table width=500 border=0>
  <tr>
    <td width=100>
    <font face="arial" size=2>
    <b>*Navn:</b>
    </font>
    </td>

    <td width=400>
    <form action="sign.asp" method="post">
    <input type="text" name="fldName" size=30>
    </td>
  </tr>
 
  <tr>
    <td width=100>
    <font face="arial" size=2>
    <b>*By:</b>
    </font>
    </td>
   
    <td width=400><input type="text" name="City" size=30></td>
  </tr>

  <tr>
    <td width=100>
    <font face="arial" size=2>
    <b>Email:</b>
    </font>
    </td>
   
    <td width=400><input type="text" name="Email" size=30></td>
  </tr>

  <tr>
    <td width=100>
    <font face="arial" size=2>
    <b>Hjemmeside:</b>
    </font>
    </td>
   
    <td width=400><input type="text" name="URL" size=30 value="http://"></td>
  </tr>

  <tr>
    <td width=100>
    <font face="arial" size=2>
    <b>Titel:</b>
    </font>
    </td>
   
    <td width=400><input type="text" size=30 name="Titel"></td>
  </tr>

  <tr>
    <td valign="top" width=100>
    <font face="arial" size=2>
    <b>*Kommentar:</b>
    </font>
    </td>
   
    <td width=400>
    <textarea name="Comments" cols=30 rows=5 wrap="virtual">
    </textarea>
    </td>
  </tr>

  <tr>
    <td width=100>&nbsp;</td>
    <td width=400><br>
    <input type="submit" value="Send">
    <input type="hidden" name="Flag" value=1>
    &nbsp;<input type="reset" value="Nulstil"></form>
    </td>
  </tr>

</table>
<%
End If
If Flag = 1 then
    If IsEmpty(request.form("fldName")) or request.form("fldName")="" then
        response.write "<center><font face='arial' size=4>"
        response.write "<p><br><b>Du skal skrive dit navn.</b></font>"
        response.write "<form>"
        response.write "<input type='button' value='Tilbage' onclick=history.back()>"
        response.write "</form>"
        response.end
    Else
        fldName = request.form("fldName")
    End If

    If IsEmpty(request.form("City")) or request.form("City")="" then
        response.write "<center><font face='arial' size=4>"
        response.write "<p><br><b>Du skal skrive hvilken by du kommer fra.</b></font>"
        response.write "<form>"
        response.write "<input type='button' value='Tilbage' onclick=history.back()>"
        response.write "</form>"
        response.end
    Else
        City = request.form("City")
    End If

    Email = request.form("Email")

        If request.form("URL")="http://" then
          URL = ""
        Else
          URL = request.form("URL")
        End If

        Titel = request.form("Titel")



    If IsEmpty(request.form("Comments")) or request.form("Comments")="" or request.form("Comments")="    " then
        response.write "<center><font face='arial' size=4>"
        response.write "<p><br><b>Husk at skriv din kommentar!</b>"
        response.write "</font><form>"
        response.write "<input type='button' value='Tilbage' onclick=history.go(-1)>"
        response.write "</form></center>"
        response.end
    Else
        Comments = request.form("Comments")
        Comments = Replace(Comments, Chr(34), "''")
        Comments = Replace(Comments, vbCrLf, "<br>")
    End If

    Flag = request.form("Flag")

%>
<table width=400 border=0>
  <tr>
    <td width=400>
    <font face="arial" size=2>
    <br>Her er de informationer du er ved at sende. Hvis du vil nå og ændre noget skal du trykke på "Tilbage" knappen.
    <br>
    <br><b>Navn:</b> <%= fldName %>
    <br><b>By: </b> <%= City %>
    <br><b>Email: </b> <%= Email %>
    <br><b>Hjemmeside: </b> <%= URL %>
    <p><b>Titel: </b> <%= Titel %>
    <br><b>Comments: </b> <%= Comments %>
    <form action="sign.asp" method="post">
    <input type="hidden" name="fldName" value="<%= fldName %>">
    <input type="hidden" name="City" value="<%= City %>">
    <input type="hidden" name="Email" value="<%= Email %>">
    <input type="hidden" name="URL" value="<%= URL %>">
    <input type="hidden" name="Titel" value="<%= Titel %>">
    <input type="hidden" name="Comments" value="<%= Comments %>">
    <input type="hidden" name="Flag" value=2>
    <input type="submit" value="Yep, det er korrekt!">&nbsp;
    <input type="button" value="Tilbage" onClick="history.go(-1)">
    </form></font>
    </td>
  </tr>
</table>
<%
End If
If Flag = 2 then
URL2 = Request.ServerVariables("HTTP_REFERER")&""
IP = request.ServerVariables("REMOTE_ADDR")
PostDate = Now()
        fldName = request.form("fldName")
        fldName = Replace(fldName, "'", "''")
        fldName = Replace(fldName, Chr(34), "''")
        City = request.form("City")
        City = Replace(City, "'", "''")
    Email = request.form("Email")
    URL = request.form("URL")
        Titel = request.form("Titel")
        Titel = Replace(Titel, "'", "''")
    Comments = request.form("Comments")
    Comments = Replace(Comments, "'", "''")
    ' ok now we've got our data so let's ship it off to the database

if URL2 = "http://www.xxxxxx.dk/GB/sign.asp" OR URL2 = "http://xxxxxx.dk/GB/sign.asp" THEN

    set conn = server.createobject("adodb.connection")
    ' **** change DSN name if you're using a DSN and you've named it differently
    'conn.open "gb"
    ' **** DSN-less connection: comment out above line and uncomment the
    ' **** Code between "Begin" and "End"
    ' **** BEGIN DSN-LESS CONNECTION CODE
    DSN="DRIVER={Microsoft Access Driver (*.mdb)}; "
    DSN=DSN & "DBQ=" & server.mappath("../DATABASER/gb.mdb")
    conn.Open DSN
    ' **** END OF DSN-LESS CONNECTION CODE
    ' **** Note: If using a DSN-less connection, make sure to change server.mappath above to
    ' **** reflect the actual location of the guestbook database file.
    ' **** The above will work if the database file is at the webserver root.
    ' **** See readme.txt for further information
    ' **** the following line would be used ONLY if you use a system DSN!
    ' conn.Open "gb"
   
    SQLstmt = "INSERT INTO GB (IP,PostDate,fldName,City,Email,URL,Titel,Comments)"
    SQLstmt = SQLstmt & " VALUES ("
    SQLstmt = SQLstmt & "'" & IP & "',"
    SQLstmt = SQLstmt & "'" & PostDate & "',"
    SQLstmt = SQLstmt & "'" & fldName & "',"
    SQLstmt = SQLstmt & "'" & City & "',"
    SQLstmt = SQLstmt & "'" & Email & "',"
    SQLstmt = SQLstmt & "'" & URL & "',"
    SQLstmt = SQLstmt & "'" & Titel & "',"
    SQLstmt = SQLstmt & "'" & Comments & "'"
    SQLstmt = SQLstmt & ")"

    Set RS = conn.execute(SQLstmt)

    response.redirect "gb_main.asp"
else
          Response.Redirect "../ADMIN/MEDDELLELSER/spam.htm"
end if


      Conn.Close
    Set conn = nothing
end if
%>
</center>
</body>
</html>