Internet Pratica

home *** CD-ROM | disk | FTP | other *** search

/ Internet Pratica / IPRAT_01.iso / ASP / ASPapp Portal / user_public.asp < prev

Wrap

Text File | 2002-03-12 | 6.1 KB | 262 lines

<% check_security(1) %> <% page_title = "MY AVID CONTROL PANEL" %> <% dim user_id dim user_name dim email dim f_name dim l_name dim country dim dtInserted dim accesslevel dim view_users_sql sub request_view_users ''' request expected input parameters for this form user_id = request("user_id") user_name = request("user_name") email = request("email") f_name = request("f_name") l_name = request("l_name") country = request("country") dtInserted = request("dtInserted") accesslevel = request("accesslevel") end sub sub validate_view_users ''' request and validate data entered from this form user_id = trim(request("user_id")) user_name = trim(request("user_name")) email = trim(request("email")) f_name = trim(request("f_name")) l_name = trim(request("l_name")) country = trim(request("country")) dtInserted = trim(request("dtInserted")) if dtInserted <> "" AND (not isdate(dtInserted)) then error_list.add "485144date","joined must be a valid date (MM/DD/YY)." b_error = true end if accesslevel = trim(request("accesslevel")) end sub sub db_select_view_Users sql = "SELECT " & _ "user_id, " & _ "user_name, " & _ "email, " & _ "f_name, " & _ "l_name, " & _ "country, " & _ "dtInserted, " & _ "accesslevel FROM Users" & _ " WHERE " & _ "Users.user_id = " & to_sql(user_id,"number") & "" on error resume next set rs = cn.Execute(sql) if err.number <> 0 then b_error = true elseif rs.EOF then b_results = false else user_id = rs("user_id") user_name = rs("user_name") email = rs("email") f_name = rs("f_name") l_name = rs("l_name") country = rs("country") dtInserted = rs("dtInserted") accesslevel = rs("accesslevel") end if rs.Close on error goto 0 end sub sub db_insert_view_Users sql = "INSERT INTO Users" & _ "(" & _ "user_name," & _ "email," & _ "f_name," & _ "l_name," & _ "country," & _ "dtInserted," & _ "accesslevel" & _ ") VALUES (" & to_sql(user_name,"text") & "," & _ "" & to_sql(email,"text") & "," & _ "" & to_sql(f_name,"text") & "," & _ "" & to_sql(l_name,"text") & "," & _ "" & to_sql(country,"text") & "," & _ "" & to_sql(dtInserted,"text") & "," & _ "" & to_sql(accesslevel,"number") & ")" & _ "" 'response.write sql on error resume next cn.Execute(sql) if err.Number <> 0 then b_error = true else set rs = cn.Execute("SELECT @@IDENTITY") user_id = rs(0) rs.Close end if on error goto 0 end sub sub db_update_view_Users sql = "UPDATE Users SET " & _ "user_name = " & to_sql(user_name,"text") & ", " & _ "email = " & to_sql(email,"text") & ", " & _ "f_name = " & to_sql(f_name,"text") & ", " & _ "l_name = " & to_sql(l_name,"text") & ", " & _ "country = " & to_sql(country,"text") & ", " & _ "dtInserted = " & to_sql(dtInserted,"text") & ", " & _ "accesslevel = " & to_sql(accesslevel,"number") & " WHERE " & _ "user_id = " & to_sql(user_id,"number") & "" 'response.write sql on error resume next cn.execute(sql) if err.number <> 0 then b_error = true end if on error goto 0 end sub sub db_delete_view_Users sql = "DELETE FROM Users" & _ " WHERE " & _ "user_id = " & to_sql(user_id,"number") & "" 'response.write sql on error resume next cn.Execute(sql) if err.number <> 0 then b_error = true end if on error goto 0 end sub do_search = request("do_search") ''' request form keys user_id = request("user_id") ''' request action action = lcase(request("action")) ''' action case handler select case action case "select_view_users" ' select the requested key record from database if user_id <> "" then db_select_view_Users else b_error = true error_list.add "edit_view_Users", "Specify record to select." end if case "insert_view_users" ' request form data and insert a new record into database validate_view_users if not b_error then db_insert_view_users end if case "update_view_users" ' request form data and update an existing database record validate_view_users if not b_error then if user_id <> "" then db_update_view_users else b_error = true error_list.add "update_view_users", "Specify record to update." end if end if case "delete_view_users" ' delete the requested key database record if user_id <> "" then db_delete_view_users response.redirect request.servervariables("script_name") & "?msg=The+record+was+deleted." else b_error = true error_list.add "delete_view_users", "Specify record to delete." end if end select ' no action was specified, so handle the default case(s) if user_id <> "" then db_select_view_Users end if %>   <% display_errs display_msg %> <br><br> <table class='headerTable'> <tr> <td class='headerTD'> <A href='user_public.asp'>Member Profile</A> </td> </tr> </table> <table > <form name="view_Users" action="" method="get" > <input type=hidden name="user_id" value="<% =user_id %>"> <tr> <td class='labelTD'>username</td> <td class='dataTD' width='75%'> <% =user_name %> </td> </tr> <tr> <td class='labelTD'>email</td> <td class='dataTD' > <% =email %> </td> </tr> <tr> <td class='labelTD'>first name</td> <td class='dataTD' > <% =f_name %> </td> </tr> <tr> <td class='labelTD'>last name</td> <td class='dataTD' > <% =l_name %> </td> </tr> <tr> <td class='labelTD'>country</td> <td class='dataTD' > <% =country %> </td> </tr> <tr> <td class='labelTD'>joined</td> <td class='dataTD' > <% =dtInserted %> </td> </tr> <tr> <td class='labelTD'>member type</td> <td class='dataTD' > <% select case accesslevel case 1 accesslevel = "member" case 2 accesslevel = "VIP" case 3 accesslevel = "editor" case 4 accesslevel = "admin" end select %><% =accesslevel %> </td> </tr> </form> </table> <br><br>  <% ':: assure that any db resources are freed on error resume next rs.Close set rs = NOTHING cn.Close set cn = NOTHING user_cn.Close set user_cn = NOTHING on error goto 0 %>