home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Pratica
/
IPRAT_01.iso
/
ASP
/
ASPapp Portal
/
upd_user.asp
< prev
next >
Wrap
Text File
|
2002-03-12
|
12KB
|
381 lines
<!-- #include file="i_utils.asp" -->
<%
check_security(1)
%>
<%
dim user_id
dim user_name
dim f_name
dim l_name
dim email
dim password
dim addr1
dim addr2
dim city
dim state
dim postalcode
dim country
dim phone
dim fax
dim notes
dim dtInserted
dim dtModified
dim mailing_list
dim edit_users_sql
sub request_edit_users
''' request expected input parameters for this form
user_id = request("user_id")
user_name = request("user_name")
f_name = request("f_name")
l_name = request("l_name")
email = request("email")
password = request("password")
addr1 = request("addr1")
addr2 = request("addr2")
city = request("city")
state = request("state")
postalcode = request("postalcode")
country = request("country")
phone = request("phone")
fax = request("fax")
notes = request("notes")
dtInserted = request("dtInserted")
dtModified = request("dtModified")
mailing_list = request("mailing_list")
end sub
sub validate_edit_users
''' request and validate data entered from this form
user_id = trim(request("user_id"))
user_name = trim(request("user_name"))
f_name = trim(request("f_name"))
l_name = trim(request("l_name"))
email = trim(request("email"))
password = trim(request("password"))
addr1 = trim(request("addr1"))
addr2 = trim(request("addr2"))
city = trim(request("city"))
state = trim(request("state"))
postalcode = trim(request("postalcode"))
country = trim(request("country"))
phone = trim(request("phone"))
fax = trim(request("fax"))
notes = trim(request("notes"))
dtInserted = trim(request("dtInserted"))
if dtInserted <> "" AND (not isdate(dtInserted)) then
error_list.add "485139date","joined must be a valid date (MM/DD/YY)."
b_error = true
end if
dtModified = trim(request("dtModified"))
if dtModified <> "" AND (not isdate(dtModified)) then
error_list.add "485140date","last update must be a valid date (MM/DD/YY)."
b_error = true
end if
mailing_list = trim(request("mailing_list"))
if mailing_list = "" then
error_list.add "485141","mailing list? must be specified."
b_error = true
end if
end sub
sub get_defaults_edit_users
''' set default values for this form
mailing_list = 1
end sub
sub db_select_edit_Users
sql = "SELECT " & _ "user_id, " & _ "user_name, " & _ "f_name, " & _ "l_name, " & _ "email, " & _ "password, " & _ "addr1, " & _ "addr2, " & _ "city, " & _ "state, " & _ "postalcode, " & _ "country, " & _ "phone, " & _ "fax, " & _ "notes, " & _ "dtInserted, " & _ "dtModified, " & _ "mailing_list FROM Users" & _ " WHERE " & _ "Users.user_id = " & to_sql(user_id,"number") & ""
on error resume next
set rs = cn.Execute(sql)
if err.number <> 0 then
b_error = true
error_list.add "select_data_edit_Users", "The data selection failed. " & err.description
elseif rs.EOF then
b_results = false
msg_list.add "select_data_edit_Users", "The record was removed from the database."
else
user_id = rs("user_id")
user_name = rs("user_name")
f_name = rs("f_name")
l_name = rs("l_name")
email = rs("email")
password = rs("password")
addr1 = rs("addr1")
addr2 = rs("addr2")
city = rs("city")
state = rs("state")
postalcode = rs("postalcode")
country = rs("country")
phone = rs("phone")
fax = rs("fax")
notes = rs("notes")
dtInserted = rs("dtInserted")
dtModified = rs("dtModified")
mailing_list = rs("mailing_list")
end if
rs.Close
on error goto 0
end sub
sub db_insert_edit_Users
sql = "INSERT INTO Users" & _ "(" & _ "user_name," & _ "f_name," & _ "l_name," & _ "email," & _ "password," & _ "addr1," & _ "addr2," & _ "city," & _ "state," & _ "postalcode," & _ "country," & _ "phone," & _ "fax," & _ "notes," & _ "dtInserted," & _ "dtModified," & _ "mailing_list" & _ ") VALUES (" & to_sql(user_name,"text") & "," & _ "" & to_sql(f_name,"text") & "," & _ "" & to_sql(l_name,"text") & "," & _ "" & to_sql(email,"text") & "," & _ "" & to_sql(password,"text") & "," & _ "" & to_sql(addr1,"text") & "," & _ "" & to_sql(addr2,"text") & "," & _ "" & to_sql(city,"text") & "," & _ "" & to_sql(state,"text") & "," & _ "" & to_sql(postalcode,"text") & "," & _ "" & to_sql(country,"text") & "," & _ "" & to_sql(phone,"text") & "," & _ "" & to_sql(fax,"text") & "," & _ "" & to_sql(notes,"text") & "," & _ "" & to_sql(dtInserted,"text") & "," & _ "" & to_sql(dtModified,"text") & "," & _ "" & to_sql(mailing_list,"number") & ")" & _ ""
'response.write sql
on error resume next
cn.Execute(sql)
if err.Number <> 0 then
b_error = true
error_list.add "db_insert_edit_Users" & err.Number ,"The database insert failed. " & err.Description
else
set rs = cn.Execute("SELECT @@IDENTITY")
user_id = rs(0)
rs.Close
msg_list.add "db_insert_edit_Users","The database insert was successful." end if
on error goto 0
end sub
sub db_update_edit_Users
sql = "UPDATE Users SET " & _ "user_name = " & to_sql(user_name,"text") & ", " & _ "f_name = " & to_sql(f_name,"text") & ", " & _ "l_name = " & to_sql(l_name,"text") & ", " & _ "email = " & to_sql(email,"text") & ", " & _ "password = " & to_sql(password,"text") & ", " & _ "addr1 = " & to_sql(addr1,"text") & ", " & _ "addr2 = " & to_sql(addr2,"text") & ", " & _ "city = " & to_sql(city,"text") & ", " & _ "state = " & to_sql(state,"text") & ", " & _ "postalcode = " & to_sql(postalcode,"text") & ", " & _ "country = " & to_sql(country,"text") & ", " & _ "phone = " & to_sql(phone,"text") & ", " & _ "fax = " & to_sql(fax,"text") & ", " & _ "notes = " & to_sql(notes,"text") & ", " & _ "dtInserted = " & to_sql(dtInserted,"text") & ", " & _ "dtModified = " & to_sql(dtModified,"text") & ", " & _ "mailing_list = " & to_sql(mailing_list,"number") & " WHERE " & _ "user_id = " & to_sql(user_id,"number") & ""
'response.write sql
on error resume next
cn.execute(sql)
if err.number <> 0 then
b_error = true
error_list.add "db_update_edit_Users" & err.Number ,"The database update failed. " & err.Description
else
msg_list.add "db_update_edit_Users" & user_id,"The database update was successful."
end if
on error goto 0
end sub
sub db_delete_edit_Users
sql = "DELETE FROM Users" & _ " WHERE " & _ "user_id = " & to_sql(user_id,"number") & ""
'response.write sql
on error resume next
cn.Execute(sql)
if err.number <> 0 then
b_error = true
error_list.add "db_delete_edit_Users" & err.Number ,"The database deletion failed. " & err.Description
else
msg_list.add "db_delete_edit_Users","The record was removed."
end if
on error goto 0
end sub
do_search = request("do_search")
''' request form keys
user_id = request("user_id")
''' request action
action = lcase(request("action"))
''' action case handler
select case action
case "select_edit_users"
' select the requested key record from database
if user_id <> "" then
db_select_edit_Users
else
b_error = true
error_list.add "edit_edit_Users", "Specify record to select."
end if
case "insert_edit_users"
' request form data and insert a new record into database
validate_edit_users
if not b_error then
db_insert_edit_users
end if
case "update_edit_users"
' request form data and update an existing database record
validate_edit_users
if not b_error then
if user_id <> "" then
db_update_edit_users
else
b_error = true
error_list.add "update_edit_users", "Specify record to update."
end if
end if
case "delete_edit_users"
' delete the requested key database record
if user_id <> "" then
db_delete_edit_users
response.redirect request.servervariables("script_name") & "?msg=The+record+was+deleted."
else
b_error = true
error_list.add "delete_edit_users", "Specify record to delete."
end if
end select
' no action was specified, so handle the default case(s)
user_id = session("user_id")
if user_id <> "" then
db_select_edit_users
else
get_defaults_edit_users
end if
%>
<!-- #include file='i_header.asp' -->
<!-- #include file='i_menu.asp' -->
<%
display_errs
display_msg
%>
<table class='headerTable'>
<tr>
<td class='headerTD'>
<A href='user_profile.asp'>MyPortal</A> › Modify Profile
</td>
</tr>
</table>
<table >
<form name="edit_Users" action="upd_user.asp" method="post" >
<input type=hidden name="user_id" value="<% =user_id %>">
<tr>
<td class='labelTD'>username</td>
<td class='dataTD' >
<% =user_name %>
</td>
</tr>
<tr>
<td class='labelTD'>first name</td>
<td class='dataTD' >
<input type=text name="f_name" size="" maxlength="50" value="<% =f_name%>">
</td>
</tr>
<tr>
<td class='labelTD'>last name</td>
<td class='dataTD' >
<input type=text name="l_name" size="" maxlength="70" value="<% =l_name%>">
</td>
</tr>
<tr>
<td class='labelTD'>email</td>
<td class='dataTD' >
<input type=text name="email" size="" maxlength="60" value="<% =email%>">
</td>
</tr>
<tr>
<td class='labelTD'>password</td>
<td class='dataTD' >
<input type=password name="password" size="" maxlength="50" value="<% =password %>">
</td>
</tr>
<tr>
<td class='labelTD'>address</td>
<td class='dataTD' >
<input type=text name="addr1" size="" maxlength="100" value="<% =addr1%>">
</td>
</tr>
<tr>
<td class='labelTD'></td>
<td class='dataTD' >
<input type=text name="addr2" size="" maxlength="50" value="<% =addr2%>">
</td>
</tr>
<tr>
<td class='labelTD'>city</td>
<td class='dataTD' >
<input type=text name="city" size="" maxlength="50" value="<% =city%>">
</td>
</tr>
<tr>
<td class='labelTD'>state</td>
<td class='dataTD' >
<input type=text name="state" size="" maxlength="50" value="<% =state%>">
</td>
</tr>
<tr>
<td class='labelTD'>postal code</td>
<td class='dataTD' >
<input type=text name="postalcode" size="" maxlength="50" value="<% =postalcode%>">
</td>
</tr>
<tr>
<td class='labelTD'>country</td>
<td class='dataTD' >
<input type=text name="country" size="" maxlength="50" value="<% =country%>">
</td>
</tr>
<tr>
<td class='labelTD'>phone</td>
<td class='dataTD' >
<input type=text name="phone" size="" maxlength="50" value="<% =phone%>">
</td>
</tr>
<tr>
<td class='labelTD'>fax</td>
<td class='dataTD' >
<input type=text name="fax" size="" maxlength="50" value="<% =fax%>">
</td>
</tr>
<tr>
<td class='labelTD'>notes</td>
<td class='dataTD' >
<textarea name="notes" rows='10' cols='70'><% =notes%></textarea>
</td>
</tr>
<tr>
<td class='labelTD'>joined</td>
<td class='dataTD' >
<% =dtInserted %>
</td>
</tr>
<tr>
<td class='labelTD'>last update</td>
<td class='dataTD' >
<% =dtModified %>
</td>
</tr>
<tr>
<td class='labelTD'>mailing list?</td>
<td class='dataTD' >
<% if mailing_list = "" then mailing_list = false %>
<input type=checkbox <% if mailing_list then %>checked<% end if %> name="mailing_list" value="1">
</td>
</tr>
<tr>
<td class=labelTD align=right>
</td>
<td class=dataTD>
<input type=submit name=update_button value='UPDATE'>
<% if user_id <> "" then %><input type=submit name=delete_button value='DELETE' onclick="document.edit_Users.action.value = 'delete_edit_Users'"><% end if %>
</td>
<input type=hidden name="action" value="update_edit_Users"></tr>
</form>
</table>
<!-- #include file=i_footer.asp -->
<%
':: assure that any db resources are freed
on error resume next
rs.Close
set rs = NOTHING
cn.Close
set cn = NOTHING
user_cn.Close
set user_cn = NOTHING
on error goto 0
%>