home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Pratica
/
IPRAT_01.iso
/
ASP
/
ASPapp Portal
/
user_public.asp
< prev
Wrap
Text File
|
2002-03-12
|
6KB
|
262 lines
<!-- #include file="i_utils.asp" -->
<%
check_security(1)
%>
<% page_title = "MY AVID CONTROL PANEL" %>
<%
dim user_id
dim user_name
dim email
dim f_name
dim l_name
dim country
dim dtInserted
dim accesslevel
dim view_users_sql
sub request_view_users
''' request expected input parameters for this form
user_id = request("user_id")
user_name = request("user_name")
email = request("email")
f_name = request("f_name")
l_name = request("l_name")
country = request("country")
dtInserted = request("dtInserted")
accesslevel = request("accesslevel")
end sub
sub validate_view_users
''' request and validate data entered from this form
user_id = trim(request("user_id"))
user_name = trim(request("user_name"))
email = trim(request("email"))
f_name = trim(request("f_name"))
l_name = trim(request("l_name"))
country = trim(request("country"))
dtInserted = trim(request("dtInserted"))
if dtInserted <> "" AND (not isdate(dtInserted)) then
error_list.add "485144date","joined must be a valid date (MM/DD/YY)."
b_error = true
end if
accesslevel = trim(request("accesslevel"))
end sub
sub db_select_view_Users
sql = "SELECT " & _ "user_id, " & _ "user_name, " & _ "email, " & _ "f_name, " & _ "l_name, " & _ "country, " & _ "dtInserted, " & _ "accesslevel FROM Users" & _ " WHERE " & _ "Users.user_id = " & to_sql(user_id,"number") & ""
on error resume next
set rs = cn.Execute(sql)
if err.number <> 0 then
b_error = true
elseif rs.EOF then
b_results = false
else
user_id = rs("user_id")
user_name = rs("user_name")
email = rs("email")
f_name = rs("f_name")
l_name = rs("l_name")
country = rs("country")
dtInserted = rs("dtInserted")
accesslevel = rs("accesslevel")
end if
rs.Close
on error goto 0
end sub
sub db_insert_view_Users
sql = "INSERT INTO Users" & _ "(" & _ "user_name," & _ "email," & _ "f_name," & _ "l_name," & _ "country," & _ "dtInserted," & _ "accesslevel" & _ ") VALUES (" & to_sql(user_name,"text") & "," & _ "" & to_sql(email,"text") & "," & _ "" & to_sql(f_name,"text") & "," & _ "" & to_sql(l_name,"text") & "," & _ "" & to_sql(country,"text") & "," & _ "" & to_sql(dtInserted,"text") & "," & _ "" & to_sql(accesslevel,"number") & ")" & _ ""
'response.write sql
on error resume next
cn.Execute(sql)
if err.Number <> 0 then
b_error = true
else
set rs = cn.Execute("SELECT @@IDENTITY")
user_id = rs(0)
rs.Close
end if
on error goto 0
end sub
sub db_update_view_Users
sql = "UPDATE Users SET " & _ "user_name = " & to_sql(user_name,"text") & ", " & _ "email = " & to_sql(email,"text") & ", " & _ "f_name = " & to_sql(f_name,"text") & ", " & _ "l_name = " & to_sql(l_name,"text") & ", " & _ "country = " & to_sql(country,"text") & ", " & _ "dtInserted = " & to_sql(dtInserted,"text") & ", " & _ "accesslevel = " & to_sql(accesslevel,"number") & " WHERE " & _ "user_id = " & to_sql(user_id,"number") & ""
'response.write sql
on error resume next
cn.execute(sql)
if err.number <> 0 then
b_error = true
end if
on error goto 0
end sub
sub db_delete_view_Users
sql = "DELETE FROM Users" & _ " WHERE " & _ "user_id = " & to_sql(user_id,"number") & ""
'response.write sql
on error resume next
cn.Execute(sql)
if err.number <> 0 then
b_error = true
end if
on error goto 0
end sub
do_search = request("do_search")
''' request form keys
user_id = request("user_id")
''' request action
action = lcase(request("action"))
''' action case handler
select case action
case "select_view_users"
' select the requested key record from database
if user_id <> "" then
db_select_view_Users
else
b_error = true
error_list.add "edit_view_Users", "Specify record to select."
end if
case "insert_view_users"
' request form data and insert a new record into database
validate_view_users
if not b_error then
db_insert_view_users
end if
case "update_view_users"
' request form data and update an existing database record
validate_view_users
if not b_error then
if user_id <> "" then
db_update_view_users
else
b_error = true
error_list.add "update_view_users", "Specify record to update."
end if
end if
case "delete_view_users"
' delete the requested key database record
if user_id <> "" then
db_delete_view_users
response.redirect request.servervariables("script_name") & "?msg=The+record+was+deleted."
else
b_error = true
error_list.add "delete_view_users", "Specify record to delete."
end if
end select
' no action was specified, so handle the default case(s)
if user_id <> "" then
db_select_view_Users
end if
%>
<!-- #include file='i_header.asp' -->
<!-- #include file='i_menu.asp' -->
<%
display_errs
display_msg
%>
<br><br>
<table class='headerTable'>
<tr>
<td class='headerTD'>
<A href='user_public.asp'>Member Profile</A>
</td>
</tr>
</table>
<table >
<form name="view_Users" action="" method="get" >
<input type=hidden name="user_id" value="<% =user_id %>">
<tr>
<td class='labelTD'>username</td>
<td class='dataTD' width='75%'>
<% =user_name %>
</td>
</tr>
<tr>
<td class='labelTD'>email</td>
<td class='dataTD' >
<% =email %>
</td>
</tr>
<tr>
<td class='labelTD'>first name</td>
<td class='dataTD' >
<% =f_name %>
</td>
</tr>
<tr>
<td class='labelTD'>last name</td>
<td class='dataTD' >
<% =l_name %>
</td>
</tr>
<tr>
<td class='labelTD'>country</td>
<td class='dataTD' >
<% =country %>
</td>
</tr>
<tr>
<td class='labelTD'>joined</td>
<td class='dataTD' >
<% =dtInserted %>
</td>
</tr>
<tr>
<td class='labelTD'>member type</td>
<td class='dataTD' >
<%
select case accesslevel
case 1
accesslevel = "member"
case 2
accesslevel = "VIP"
case 3
accesslevel = "editor"
case 4
accesslevel = "admin"
end select
%><% =accesslevel %>
</td>
</tr>
</form>
</table>
<br><br>
<!-- #include file=i_footer.asp -->
<%
':: assure that any db resources are freed
on error resume next
rs.Close
set rs = NOTHING
cn.Close
set cn = NOTHING
user_cn.Close
set user_cn = NOTHING
on error goto 0
%>
