Internet Pratica

home *** CD-ROM | disk | FTP | other *** search

/ Internet Pratica / IPRAT_01.iso / ASP / ASPapp Portal / admin_users.asp < prev next >

Wrap

Text File | 2002-03-12 | 20.5 KB | 647 lines

<% %> <% dim dtInserted dim dtModified dim user_id dim user_name dim f_name dim l_name dim email dim password dim addr1 dim addr2 dim city dim state dim postalcode dim country dim phone dim fax dim notes dim accesslevel dim mailing_list dim edit_users_sql dim edit_link dim view_users_sql sub request_edit_users ''' request expected input parameters for this form dtInserted = request("dtInserted") dtModified = request("dtModified") user_id = request("user_id") user_name = request("user_name") f_name = request("f_name") l_name = request("l_name") email = request("email") password = request("password") addr1 = request("addr1") addr2 = request("addr2") city = request("city") state = request("state") postalcode = request("postalcode") country = request("country") phone = request("phone") fax = request("fax") notes = request("notes") accesslevel = request("accesslevel") mailing_list = request("mailing_list") end sub sub request_view_users ''' request expected input parameters for this form edit_link = request("edit_link") user_id = request("user_id") user_name = request("user_name") f_name = request("f_name") l_name = request("l_name") email = request("email") city = request("city") state = request("state") postalcode = request("postalcode") country = request("country") dtInserted = request("dtInserted") accesslevel = request("accesslevel") mailing_list = request("mailing_list") end sub sub validate_edit_users ''' request and validate data entered from this form dtInserted = trim(request("dtInserted")) if dtInserted <> "" AND (not isdate(dtInserted)) then error_list.add "484712date"," must be a valid date (MM/DD/YY)." b_error = true end if dtModified = trim(request("dtModified")) if dtModified <> "" AND (not isdate(dtModified)) then error_list.add "484713date"," must be a valid date (MM/DD/YY)." b_error = true end if user_id = trim(request("user_id")) user_name = trim(request("user_name")) if user_name = "" then error_list.add "484698","username must be specified." b_error = true end if f_name = trim(request("f_name")) l_name = trim(request("l_name")) email = trim(request("email")) if email = "" then error_list.add "484701","email must be specified." b_error = true end if password = trim(request("password")) if password = "" then error_list.add "484702","password must be specified." b_error = true end if addr1 = trim(request("addr1")) addr2 = trim(request("addr2")) city = trim(request("city")) state = trim(request("state")) postalcode = trim(request("postalcode")) country = trim(request("country")) phone = trim(request("phone")) fax = trim(request("fax")) notes = trim(request("notes")) accesslevel = trim(request("accesslevel")) mailing_list = trim(request("mailing_list")) if mailing_list = "" then error_list.add "484715","mailing list must be specified." b_error = true end if end sub sub validate_view_users ''' request and validate data entered from this form edit_link = trim(request("edit_link")) user_id = trim(request("user_id")) user_name = trim(request("user_name")) f_name = trim(request("f_name")) l_name = trim(request("l_name")) email = trim(request("email")) city = trim(request("city")) state = trim(request("state")) postalcode = trim(request("postalcode")) country = trim(request("country")) dtInserted = trim(request("dtInserted")) if dtInserted <> "" AND (not isdate(dtInserted)) then error_list.add "484725date","added must be a valid date (MM/DD/YY)." b_error = true end if accesslevel = trim(request("accesslevel")) mailing_list = trim(request("mailing_list")) end sub sub get_defaults_edit_users ''' set default values for this form mailing_list = 1 end sub sub get_defaults_view_users ''' set default values for this form mailing_list = 1 end sub sub db_select_edit_Users sql = "SELECT " & _ "dtInserted, " & _ "dtModified, " & _ "user_id, " & _ "user_name, " & _ "f_name, " & _ "l_name, " & _ "email, " & _ "password, " & _ "addr1, " & _ "addr2, " & _ "city, " & _ "state, " & _ "postalcode, " & _ "country, " & _ "phone, " & _ "fax, " & _ "notes, " & _ "accesslevel, " & _ "mailing_list FROM Users" & _ " WHERE " & _ "Users.user_id = " & to_sql(user_id,"number") & "" on error resume next set rs = cn.Execute(sql) if err.number <> 0 then b_error = true error_list.add "select_data_edit_Users", "The data selection failed. " & err.description elseif rs.EOF then b_results = false msg_list.add "select_data_edit_Users", "The record was removed from the database." else dtInserted = rs("dtInserted") dtModified = rs("dtModified") user_id = rs("user_id") user_name = rs("user_name") f_name = rs("f_name") l_name = rs("l_name") email = rs("email") password = rs("password") addr1 = rs("addr1") addr2 = rs("addr2") city = rs("city") state = rs("state") postalcode = rs("postalcode") country = rs("country") phone = rs("phone") fax = rs("fax") notes = rs("notes") accesslevel = rs("accesslevel") mailing_list = rs("mailing_list") end if rs.Close on error goto 0 end sub sub db_insert_edit_Users sql = "INSERT INTO Users" & _ "(" & _ "user_type_id," & _ "user_name," & _ "f_name," & _ "l_name," & _ "email," & _ "[password]," & _ "addr1," & _ "addr2," & _ "city," & _ "state," & _ "postalcode," & _ "country," & _ "phone," & _ "fax," & _ "notes," & _ "selfemp," & _ "dtInserted," & _ "dtModified," & _ "accesslevel," & _ "mailing_list," & _ "util_val," & _ "util_flag" & _ ") VALUES (" & to_sql(user_type_id,"number") & "," & _ "" & to_sql(user_name,"text") & "," & _ "" & to_sql(f_name,"text") & "," & _ "" & to_sql(l_name,"text") & "," & _ "" & to_sql(email,"text") & "," & _ "" & to_sql(password,"text") & "," & _ "" & to_sql(addr1,"text") & "," & _ "" & to_sql(addr2,"text") & "," & _ "" & to_sql(city,"text") & "," & _ "" & to_sql(state,"text") & "," & _ "" & to_sql(postalcode,"text") & "," & _ "" & to_sql(country,"text") & "," & _ "" & to_sql(phone,"text") & "," & _ "" & to_sql(fax,"text") & "," & _ "" & to_sql(notes,"text") & "," & _ "" & to_sql(selfemp,"text") & "," & _ "" & to_sql(now,"date") & "," & _ "" & to_sql(now,"date") & "," & _ "" & to_sql(accesslevel,"number") & "," & _ "" & to_sql(mailing_list,"number") & "," & _ "" & to_sql(util_val,"number") & "," & _ "" & to_sql(util_flag,"number") & ")" & _ "" 'response.write sql on error resume next cn.Execute(sql) if err.Number <> 0 then b_error = true error_list.add "db_insert_edit_Users" & err.Number ,"The database insert failed. " & err.Description else set rs = cn.Execute("SELECT @@IDENTITY") user_id = rs(0) rs.Close msg_list.add "db_insert_edit_Users","The database insert was successful." end if on error goto 0 end sub sub db_update_edit_Users sql = "UPDATE Users SET " & _ "user_type_id = " & to_sql(user_type_id,"number") & ", " & _ "user_name = " & to_sql(user_name,"text") & ", " & _ "f_name = " & to_sql(f_name,"text") & ", " & _ "l_name = " & to_sql(l_name,"text") & ", " & _ "email = " & to_sql(email,"text") & ", " & _ "[password] = " & to_sql(password,"text") & ", " & _ "addr1 = " & to_sql(addr1,"text") & ", " & _ "addr2 = " & to_sql(addr2,"text") & ", " & _ "city = " & to_sql(city,"text") & ", " & _ "state = " & to_sql(state,"text") & ", " & _ "postalcode = " & to_sql(postalcode,"text") & ", " & _ "country = " & to_sql(country,"text") & ", " & _ "phone = " & to_sql(phone,"text") & ", " & _ "fax = " & to_sql(fax,"text") & ", " & _ "notes = " & to_sql(notes,"text") & ", " & _ "selfemp = " & to_sql(selfemp,"text") & ", " & _ "dtInserted = " & to_sql(dtInserted,"text") & ", " & _ "dtModified = " & to_sql(dtModified,"text") & ", " & _ "accesslevel = " & to_sql(accesslevel,"number") & ", " & _ "mailing_list = " & to_sql(mailing_list,"number") & ", " & _ "util_val = " & to_sql(util_val,"number") & ", " & _ "util_flag = " & to_sql(util_flag,"number") & " WHERE " & _ "user_id = " & user_id & "" 'response.write sql on error resume next cn.execute(sql) if err.number <> 0 then b_error = true error_list.add "db_update_edit_Users" & err.Number ,"The database update failed. " & err.Description else msg_list.add "db_update_edit_Users" & user_id,"The database update was successful." end if on error goto 0 end sub sub db_delete_edit_Users sql = "DELETE FROM Users" & _ " WHERE " & _ "user_id = " & to_sql(user_id,"number") & "" 'response.write sql on error resume next cn.Execute(sql) if err.number <> 0 then b_error = true error_list.add "db_delete_edit_Users" & err.Number ,"The database deletion failed. " & err.Description else msg_list.add "db_delete_edit_Users","The record was removed." end if on error goto 0 end sub sub db_select_view_Users view_Users_sql = "SELECT " & _ "user_id, " & _ "user_name, " & _ "f_name, " & _ "l_name, " & _ "email, " & _ "city, " & _ "state, " & _ "postalcode, " & _ "country, " & _ "dtInserted, " & _ "accesslevel, " & _ "mailing_list FROM Users" & _ "" if request("sortby") <> "" AND inStr(lcase(view_Users_sql),"order by") = 0 then view_Users_sql = view_Users_sql + " ORDER BY " & request("sortby") end sub sub db_delete_view_Users sql = "DELETE FROM " & _ "" 'response.write sql on error resume next cn.Execute(sql) if err.number <> 0 then b_error = true end if on error goto 0 end sub do_search = request("do_search") ''' request form keys user_id = request("user_id") ''' request action action = lcase(request("action")) ''' action case handler select case action case "select_edit_users" ' select the requested key record from database if user_id <> "" then db_select_edit_Users else b_error = true error_list.add "edit_edit_Users", "Specify record to select." end if case "insert_edit_users" ' request form data and insert a new record into database validate_edit_users if not b_error then db_insert_edit_users end if case "update_edit_users" ' request form data and update an existing database record validate_edit_users if not b_error then if user_id <> "" then db_update_edit_users else b_error = true error_list.add "update_edit_users", "Specify record to update." end if end if case "delete_edit_users" ' delete the requested key database record if user_id <> "" then db_delete_edit_users response.redirect request.servervariables("script_name") & "?msg=The+record+was+deleted." else b_error = true error_list.add "delete_edit_users", "Specify record to delete." end if end select ' no action was specified, so handle the default case(s) if user_id <> "" then db_select_edit_users else get_defaults_edit_users end if db_select_view_users %>    <% display_errs display_msg %> <table class='headerTable'> <tr> <td class='headerTD'> <a href='admin_users.asp'>User Manager</A> </td> </tr> </table> <table > <form name="edit_Users" action="admin_users.asp" method="post" > <input type=hidden name="dtInserted" value="<% =dtInserted %>"> <input type=hidden name="dtModified" value="<% =dtModified %>"> <input type=hidden name="user_id" value="<% =user_id %>"> <tr> <td class='labelTD'>username</td> <td class='dataTD' > <input type=text name="user_name" size="" maxlength="50" value="<% =user_name%>"> </td> </tr> <tr> <td class='labelTD'>first name</td> <td class='dataTD' > <input type=text name="f_name" size="" maxlength="50" value="<% =f_name%>"> </td> </tr> <tr> <td class='labelTD'>last name</td> <td class='dataTD' > <input type=text name="l_name" size="" maxlength="70" value="<% =l_name%>"> </td> </tr> <tr> <td class='labelTD'>email</td> <td class='dataTD' > <input type=text name="email" size="" maxlength="60" value="<% =email%>"> </td> </tr> <tr> <td class='labelTD'>password</td> <td class='dataTD' > <input type=text name="password" size="" maxlength="50" value="<% =password%>"> </td> </tr> <tr> <td class='labelTD'>address</td> <td class='dataTD' > <input type=text name="addr1" size="" maxlength="100" value="<% =addr1%>"> </td> </tr> <tr> <td class='labelTD'></td> <td class='dataTD' > <input type=text name="addr2" size="" maxlength="50" value="<% =addr2%>"> </td> </tr> <tr> <td class='labelTD'>city</td> <td class='dataTD' > <input type=text name="city" size="" maxlength="50" value="<% =city%>"> </td> </tr> <tr> <td class='labelTD'>state</td> <td class='dataTD' > <input type=text name="state" size="" maxlength="50" value="<% =state%>"> </td> </tr> <tr> <td class='labelTD'>postal code</td> <td class='dataTD' > <input type=text name="postalcode" size="" maxlength="50" value="<% =postalcode%>"> </td> </tr> <tr> <td class='labelTD'>country</td> <td class='dataTD' > <input type=text name="country" size="" maxlength="50" value="<% =country%>"> </td> </tr> <tr> <td class='labelTD'>phone</td> <td class='dataTD' > <input type=text name="phone" size="" maxlength="50" value="<% =phone%>"> </td> </tr> <tr> <td class='labelTD'>fax</td> <td class='dataTD' > <input type=text name="fax" size="" maxlength="50" value="<% =fax%>"> </td> </tr> <tr> <td class='labelTD'>notes</td> <td class='dataTD' > <textarea name="notes" rows='10' cols='70'><% =notes%></textarea> </td> </tr> <tr> <td class='labelTD'>access level</td> <td class='dataTD' > <% if not isnull(accesslevel) then if (accesslevel < 1) AND (not accesslevel) then accesslevel = 0 else accesslevel = 0 end if %> <select name="accesslevel" > <option <% if "1" = cStr(accesslevel) then %>selected<% end if %> value="1">1-member</option> <option <% if "2" = cStr(accesslevel) then %>selected<% end if %> value="2">2-author</option> <option <% if "3" = cStr(accesslevel) then %>selected<% end if %> value="3">3-admin</option> <option <% if "4" = cStr(accesslevel) then %>selected<% end if %> value="4">4-super admin</option> </select> </td> </tr> <tr> <td class='labelTD'>mailing list</td> <td class='dataTD' > <% if mailing_list = "" then mailing_list = false %> <input type=checkbox <% if mailing_list then %>checked<% end if %> name="mailing_list" value="1"> </td> </tr> <tr> <td class=labelTD align=right> <% if user_id <> "" then %><input type=button name=new_button value='NEW' onclick="window.location = '<% =request.servervariables("script_name") %>'"><% end if %> </td> <td class=dataTD> <% if user_id = "" then %><input type=submit name=insert_button value='INSERT'><% end if %> <% if user_id <> "" then %><input type=submit name=update_button value='UPDATE'><% end if %> <% if user_id <> "" then %><input type=submit name=delete_button value='DELETE' onclick="document.edit_Users.action.value = 'delete_edit_Users'"><% end if %> </td> <input type=hidden name="action" value="<% if user_id <> "" then %>update<% else %>insert<%end if %>_edit_Users"></tr> </form> </table> <% page_no = request("page_no") if page_no = "" then page_no = 1 if view_Users_sql <> "" then cmd.CommandText = view_Users_sql rs.Filter = "" rs.CursorLocation = 3 rs.CacheSize = 5 rs.Open cmd if not rs.EOF then rs.MoveFirst rs.PageSize = 30 max_count = cInt(rs.PageCount) num_recs = rs.RecordCount rs.AbsolutePage = page_no results = true else results = false rs.Close end if else results = false end if rec_count = 0 %> <table class='headerTable'> <tr> <td class='headerTD'> User List </td> </tr> </table> <% if results = true then %> <table > <form name="view_Users" action="" method="get" > <tr> <td class='fieldTD'></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=user_name" class=fieldFont title="">username</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=f_name" class=fieldFont title="">first</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=l_name" class=fieldFont title="">last</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=email" class=fieldFont title="">email</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=city" class=fieldFont title="">city</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=state" class=fieldFont title="">state</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=postalcode" class=fieldFont title="">zip</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=country" class=fieldFont title="">country</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=dtInserted" class=fieldFont title="">added</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=accesslevel" class=fieldFont title="">access</a></td> <td class='fieldTD'><a href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no %>&sortby=mailing_list" class=fieldFont title="">mailing list</a></td> </tr> <% do while not rs.EOF AND (rec_count < rs.Pagesize) ':: read db record on error resume next edit_link = rs("edit_link") user_id = rs("user_id") user_name = rs("user_name") f_name = rs("f_name") l_name = rs("l_name") email = rs("email") city = rs("city") state = rs("state") postalcode = rs("postalcode") country = rs("country") dtInserted = rs("dtInserted") accesslevel = rs("accesslevel") mailing_list = rs("mailing_list") on error goto 0 %> <tr> <td class='dataTD' > [ <a href='admin_users.asp?user_id=<% =user_id %>' class=dataFont>edit</a> ]<% =edit_link %> </td> <input type=hidden name="user_id" value="<% =user_id %>"> <td class='dataTD' > <% =user_name %> </td> <td class='dataTD' > <% =f_name %> </td> <td class='dataTD' > <% =l_name %> </td> <td class='dataTD' > <% =email %> </td> <td class='dataTD' > <% =city %> </td> <td class='dataTD' > <% =state %> </td> <td class='dataTD' > <% =postalcode %> </td> <td class='dataTD' > <% =country %> </td> <td class='dataTD' > <% =dtInserted %> </td> <td class='dataTD' > <% =accesslevel %> </td> <td class='dataTD' > <% =mailing_list %> </td> </tr> <% rs.MoveNext rec_count = rec_count + 1 loop rs.Close %> </form> </table> <% else %> no matches were found. <% end if %> <% if max_count > 1 then %>  <TABLE class=HeaderTable > <tr> <td width="20%" class=HeaderTD> <% if page_no > 1 then %> <a class=HeaderFont href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no-1 %>&sortby=<% =request("sortby") %>">PREV</a> <% else %> <% end if %> </td> <td align=center class=HeaderTD> Page <% for i = 1 to max_count %> <% if i = cint(page_no) then %> <b><%=i%></b> <% else %> <a class=HeaderFont href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =i %>&sortby=<% =request("sortby") %>"><%=i%></a> <% end if %> <%next %> </td> <td align=right width="20%" class=HeaderTD> <% if cInt(page_no) < cInt(max_count) then %> <a class=HeaderFont href="<% =request.servervariables("script_name") %>?<% =request_string %>page_no=<% =page_no+1 %>&sortby=<% =request("sortby") %>">NEXT</a> <% end if %> </td> </tr> </TABLE> <% end if %>  <% ':: assure that any db resources are freed on error resume next rs.Close set rs = NOTHING cn.Close set cn = NOTHING user_cn.Close set user_cn = NOTHING on error goto 0 %>