|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/compasssysweb/security/ |
Upload File : |
<%
Response.Expires = -1000 'Makes the browser not cache this page
Response.Buffer = True 'Buffers the content so our Response.Redirect will work
If Session("UserLoggedIn") <> "true" Then
Response.Redirect("login.asp")
End If
'Set session time before user needs to log in again.
Session.Timeout = 1
%>
<B>This page is password protected.<BR>
You are currently logged in.</B>
<P><a href="http://www.compass-sys.com/index.html"><font color="#000000">Compass Home</font></a>
<%
' Generic ASP Editor for Access Tables
' Version 1.01 - 9 November 1999
' � Roman Koch
' =====================================================================
' Your customisations go here
' =====================================================================
' Enter the name of the system DSN
'Session("myDSN") = "MP3"
Session("myDSN") = "JobReqDSN"
' Enter the name of the table you want to edit
' Note: For text fields, the "Allow Zero Length" attribute must be set to YES
'Session("myTable") = "Customer"
Session("myTable") = "Jobs"
' Enter the name of the Primary Key field
' Note: The Primary Key MUST be a "Autonumber"-type field
'Session("myKey") = "CustomerID"
Session("myKey") = "Job ID #"
' =====================================================================
' End of the customisation section
' =====================================================================
Dim objConn
If isObject(Session("dsnDefined")) Then
Set objConn = Session("dsnDefined")
Else
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Open Session("myDSN")
Set Session("dsnDefined") = objConn
End If
strMyOwnPath = Request.Servervariables("PATH_INFO")
intStart = InstrRev(strMyOwnPath,"/",-1,1)
strMyName = Mid(strMyOwnPath,intStart+1)
Session("myName") = strMyName
strAction = Request.Querystring("action")
lngRecord = Request.Querystring("num")
Select Case strAction
Case "list" 'list all records
Call editList()
Case "update" 'Get the current record and display in a form for editing
Call editUpdate(lngRecord)
Case "updateExec" 'Save the changes
Call editUpdateExec(lngRecord)
Case "insert" 'Display an empty form for entering a new record
Call editInsert()
Case "insertExec" 'Save the new record
Call editInsertExec()
Case "delete" 'Display the current record so deletion can be confirmed
Call editDelete(lngRecord)
Case "deleteExec" 'Delete the record
Call editDeleteExec(lngRecord)
Case Else 'same as list parameter
Call editList()
End Select
%>
<Script RUNAT="SERVER" LANGUAGE="VBSCRIPT">
'======================================================================
Function editUpdate(lngRecord)
'======================================================================
strMyTable = Session("myTable")
'strMyKey = Session("myKey")
strMyKey = "[" & Session("myKey") & "]"
strMyName = Session("myName")
sqlQuery = "SELECT * FROM " & strMyTable & " WHERE " & strMyKey & "=" & lngRecord
Set objRS = objConn.Execute(sqlQuery)
intFieldCount = objRS.Fields.Count - 1
Response.Write "<html><head><title>Job Req Database Editor</title>"
Response.Write "</head><body>"
Response.Write "<h1>Edit Job csp" & lngRecord & "</h1>"
Response.Write "<form name=editForm action=" & strMyName & "?action=updateExec&num=" & lngRecord & " method=POST>"
Response.Write "<table>"
For i = 0 To intFieldCount
strName = objRS(i).Name
strValue = objRS(i).Value
Response.Write "<tr><td>" & strName & "</td>"
If strName = strMyKey Then
Response.Write "<td><input type=text readonly name=" & strName & " value=""" & strValue & """ size=75></td></tr>"
Else
If strName = "Description of Work" Then
Response.Write "<td><textarea rows=4 name='Description of Work' cols=65>" & strValue & "</textarea></td></tr>"
Else
Response.Write "<td><input type=text name=" & strName & " value=""" & strValue & """ size=75></td></tr>"
End If
End If
Next
Response.Write "</table><p> </p><input type=SUBMIT value=Update></form>"
Response.Write "<p> </p></body></html>"
Set objRS = Nothing
End Function
'======================================================================
Function editUpdateExec(lngRecord)
'======================================================================
strMyTable = Session("myTable")
strMyKey = Session("myKey")
strMyName = Session("myName")
sqlQuery = "SELECT * FROM " & strMyTable & " WHERE [" & strMyKey & "]=" & lngRecord
Set objRS = objConn.Execute(sqlQuery)
intFieldCount = objRS.Fields.Count - 1
sqlQuery = "UPDATE " & strMyTable & " Set "
For i = 0 To intFieldCount
strName = objRS(i).Name
strValue = objRS(i).Value
If strName <> strMyKey Then
If (Vartype(strValue) >= 2) And (VarType(strValue) <= 6) Then 'number
sqlQuery = sqlQuery & "[" & strName & "]=" & Request.Form(strName)
ElseIf (Vartype(strValue) = 7) Then 'Date Field
sqlQuery = sqlQuery & "[" & strName & "]=#" & Request.Form(strName) & "#"
Else 'string or memo
sqlQuery = sqlQuery & "[" & strName & "]='" & Request.Form(strName) & "'"
End If
If i < intFieldCount Then
sqlQuery = sqlQuery & ", "
End If
End If
Next
'sqlQuery = sqlQuery & " WHERE [" & strMyKey & "]=" & request.form(strMyKey)
sqlQuery = sqlQuery & " WHERE [" & strMyKey & "]=" & lngRecord
objConn.Execute(sqlQuery)
Set objRS = Nothing
Response.Redirect strMyName
End Function
'======================================================================
Function editInsert()
'======================================================================
strMyTable = Session("myTable")
'strMyKey = Session("myKey")
strMyKey = "[" & Session("myKey") & "]"
strMyName = Session("myName")
Response.Write "<html><head><title>Job Req Database Editor</title>"
Response.Write "</head><body>"
Response.Write "<h1>Create A New Job</h1>"
Response.Write "<form name=insertForm action=" & strMyName & "?action=insertExec method=POST>"
Response.Write "<table>"
sqlQuery = "SELECT * FROM " & strMyTable 'we do this query just to learn the field names
Set objRS = objConn.Execute(sqlQuery)
intFieldCount = objRS.Fields.Count - 1
For i = 0 To intFieldCount
strName = objRS(i).Name
If strName <> strMyKey Then
Response.Write "<tr><td>" & strName & "</td>"
Response.Write "<td><input type=text name=" & strName & " size=75></td></tr>"
End If
Next
Response.Write "</table><p> </p><input type=SUBMIT value=Create></form>"
Response.Write "<p> </p></body></html>"
Set objRS = Nothing
End Function
'======================================================================
Function editInsertExec()
'======================================================================
strMyTable = Session("myTable")
'strMyKey = Session("myKey")
strMyKey = "[" & Session("myKey") & "]"
strMyName = Session("myName")
sqlQuery = "SELECT * FROM " & strMyTable 'we do this query just to learn the field names
Set objRS = objConn.Execute(sqlQuery)
intFieldCount = objRS.Fields.Count - 1
sqlQuery = "INSERT INTO " & strMyTable & " ("
For i = 0 To intFieldCount
strName = objRS(i).Name
strValue = objRS(i).Value
If strName <> strMyKey Then
'sqlQuery = sqlQuery & strName
sqlQuery = sqlQuery & "[" & strName & "]"
If i < intFieldCount Then sqlQuery = sqlQuery & ", "
End If
Next
sqlQuery = sqlQuery & ") VALUES ("
For i = 0 To intFieldCount
strName = objRS(i).Name
strValue = objRS(i).Value
If strName <> strMyKey Then
If (Vartype(strValue) >= 2) And (VarType(strValue) <= 6) Then
sqlQuery = sqlQuery & Request.Form(strName)
Else
sqlQuery = sqlQuery & "'" & Request.Form(strName) & "'"
End If
If i < intFieldCount Then sqlQuery = sqlQuery & ", "
End If
Next
sqlQuery = sqlQuery & ")"
objConn.Execute(sqlQuery)
Set objRS = Nothing
Response.Redirect strMyName
End Function
'======================================================================
Function editDelete(lngRecord)
'======================================================================
strMyTable = Session("myTable")
'strMyKey = Session("myKey")
strMyKey = "[" & Session("myKey") & "]"
strMyName = Session("myName")
sqlQuery = "SELECT * FROM " & strMyTable & " WHERE " & strMyKey & "=" & lngRecord
Set objRS = objConn.Execute(sqlQuery)
intFieldCount = objRS.Fields.Count -1
Response.Write "<html><head><title>Job Req Database Editor</title>"
Response.Write "</head><body>"
Response.Write "<h1>Delete Job csp" & lngRecord & "</h1>"
Response.Write "<form name=deleteForm action=" & strMyName & "?action=deleteExec&num=" & lngRecord & " method=POST>"
Response.Write "<table>"
For i = 0 To intFieldCount
strName = objRS(i).Name
strValue = objRS(i).Value
Response.Write "<tr><td>" & strName & "</td>"
Response.Write "<td><input type=text readonly name=" & strName & " value=""" & strValue & """ size=75></td></tr>"
Next
Response.Write "</table><p> </p><input type=SUBMIT value=Delete></form>"
Response.Write "<p> </p></body></html>"
Set objRS = Nothing
End Function
'======================================================================
Function editDeleteExec(lngRecord)
'======================================================================
strMyTable = Session("myTable")
'strMyKey = Session("myKey")
strMyKey = "[" & Session("myKey") & "]"
strMyName = Session("myName")
objConn.Execute("DELETE * FROM " & strMyTable & " WHERE " & strMyKey & "=" & lngRecord)
Response.Redirect strMyName
End Function
'======================================================================
Function editList()
'======================================================================
strMyTable = Session("myTable")
strMyKey = Session("myKey")
'strMyKey = "[" & Session("myKey") & "]"
strMyName = Session("myName")
dim objRS
Set objRS = objConn.Execute("SELECT * FROM " & strMyTable & " ORDER BY [Job ID #]")
intFieldCount = objRS.Fields.Count - 1
Response.Write "<html><head><title>Job Req Database Editor</title>"
Response.Write "<style type=""text/css""> td {font-size: 8pt; border: 0} </style>"
Response.Write "</head><body>"
Response.Write "<h1>" & strMyTable & "</h1><p>"
Response.Write "<table cellspacing=0 cellpadding=4 border=2>"
Response.Write "<tr>"
Response.Write "<td> </td>"
'For i=0 To intFieldCount
'Response.Write "<td>" & objRS(i).Name & "</td>"
'Next
For i=0 To 4
Response.Write "<td>" & objRS(i).Name & "</td>"
Next
Response.Write "</tr>"
Response.Write "<a href=" & strMyName & "?action=insert><img src='plus.gif' alt='Add Job' border=0> Add Job</a> "
Response.Write "<p><br>"
'----- List record -----
intCounter = 0
Do Until objRS.Eof
intCounter = intCounter + 1
If intCounter Mod 2 = 0 Then
Response.Write "<tr bgcolor=#FFFFFF>"
Else
Response.Write "<tr bgcolor=#DDDDDD>"
End If
Response.Write "<td><a href=" & strMyName & "?action=update&num=" & objRS(strMyKey) & "><img src='pencil.gif' alt='Edit Job' border=0></a>" & _
"<a href=" & strMyName & "?action=delete&num=" & objRS(strMyKey) & "><img src='scissors.gif' alt='Delete Job' border=0></a></td>"
'For i = 0 To intFieldCount
For i = 0 to 4
varFieldValue = objRS(i)
if varFieldValue = "" Then
Response.Write "<td> "
Else
If (Vartype(varFieldValue) >= 2) And (Vartype(varFieldValue) <= 6) Then
Response.Write "<td align = right>" & varFieldValue
Else
Response.Write "<td>" & varFieldValue
End If
End If
Response.Write "</td>"
Next
'Add Edit buttons to end of record as well as front
Response.Write "<td><a href=" & strMyName & "?action=update&num=" & objRS(strMyKey) & "><img src='pencil.gif' alt='Edit Job' border=0></a>" & _
"<a href=" & strMyName & "?action=delete&num=" & objRS(strMyKey) & "><img src='scissors.gif' alt='Delete Job' border=0></a></td>"
Response.Write "</tr>"
objRS.Movenext
Loop
Response.Write "</table>"
Response.Write "<p><br><a href=" & strMyName & "?action=insert><img src='plus.gif' alt='Add Job' border=0> Add Job</a> "
Response.Write "<p> </p></body></html>"
objRS.Close
Set objRS = Nothing
End Function
</Script>