<%@LANGUAGE="VBSCRIPT"%> <% If Request.Form("logout") <> "" THEN Session("UserID") = "" Session("Loggedin") = "" Session("Username") = "" END IF %> <% Dim rsUsercheck__MM_recordId rsUsercheck__MM_recordId = "%" %> <% Dim rsUsercheck__MMColParam rsUsercheck__MMColParam = "%" If (Request.Form("UserIDdelete") <> "1") Then rsUsercheck__MMColParam = Request.Form("UserIDdelete") rsUsercheck__MM_recordId = Request.Form("MM_recordId") End If %> <% If Request.Form("UserIDdelete") <> "" THEN Dim rsUsercheck Dim rsUsercheck_numRows Set rsUsercheck = Server.CreateObject("ADODB.Recordset") rsUsercheck.ActiveConnection = MM_mygallery_STRING rsUsercheck.Source = "SELECT * FROM Pictures WHERE (UserID LIKE '" + Replace(rsUsercheck__MMColParam, "'", "''") + "' AND ID LIKE '" + Replace(rsUsercheck__MM_recordId, "'", "''") + "')" rsUsercheck.CursorType = 0 rsUsercheck.CursorLocation = 2 rsUsercheck.LockType = 1 rsUsercheck.Open() rsUsercheck_numRows = 0 IF rsUsercheck.EOF THEN response.write(" Sorry i won't let you do that :-)") rsUsercheck.Close() Set rsUsercheck = Nothing Response.End() END IF END IF %> <% Dim Login__MMColParam Login__MMColParam = "1" If (Request.Form("Username") <> "") Then Login__MMColParam = Request.Form("Username") End If %> <% Dim Login__MMPassword Login__MMPassword = "1" If (Request.Form("Password") <> "") Then Login__MMPassword = Request.Form("Password") End If %> <% Dim Login Dim Login_numRows Set Login = Server.CreateObject("ADODB.Recordset") Login.ActiveConnection = MM_mygallery_STRING IF Session("UserID") <> "" THEN Login.Source = "SELECT * FROM LoginQuery WHERE UserID = " & Session("UserID") & "" ELSE Login.Source = "SELECT * FROM LoginQuery WHERE Username = '" + Replace(Login__MMColParam, "'", "''") + "' AND Password ='" + Replace(Login__MMPassword, "'", "''") + "'" END IF Login.CursorType = 0 Login.CursorLocation = 2 Login.LockType = 1 Login.Open() Login_numRows = 0 If NOT Login.EOF THEN session("loggedin") = "Yes" session("UserID") = Login.Fields.Item("UserID").Value Session("Username") = Login.Fields.Item("Username").Value 'Session("UserID") = "1" END IF %> <% ' *** Edit Operations: declare variables MM_editAction = CStr(Request("URL")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Request.QueryString End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Delete Record: declare variables if (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_mygallery_STRING MM_editTable = "Pictures" MM_editColumn = "ID" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "" ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Update Record: set variables If (CStr(Request("MM_update")) = "form3" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_mygallery_STRING MM_editTable = "Users" MM_editColumn = "UserID" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "list.asp" MM_fieldsStr = "Email|value|Password|value|Username|value" MM_columnsStr = "Email|',none,''|Password|',none,''|Username|',none,''" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Insert Record: set variables If (CStr(Request("MM_insert")) = "signup") Then MM_editConnection = MM_mygallery_STRING MM_editTable = "Users" MM_editRedirectUrl = "list.asp?Newmem=yes" MM_fieldsStr = "Email|value|username|value|password|value" MM_columnsStr = "Email|',none,''|Username|',none,''|Password|',none,''" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Delete Record: construct a sql delete statement and execute it If (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then ' create the sql delete statement MM_editQuery = "delete from " & MM_editTable & " where " & MM_editColumn & " = " & MM_recordId If (Not MM_abortEdit) Then ' execute the delete Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection ' This is where we delete the file before we delete the record! Set File = CreateObject("Scripting.FileSystemObject") ImagePath = Server.MapPath("..\..\cgi-bin\mypics") ImagePath = ImagePath & "\" & Request.Form("Username") ImagePath = ImagePath & "\" & Request.Form("CatID") ImagePath = ImagePath & "\" & Request.Form("Image") 'response.write Imagepath If File.FileExists(Imagepath) Then File.DeleteFile(ImagePath) ImagePath = Replace(ImagePath,".jpg","_small.jpg") 'response.write Imagepath File.DeleteFile(ImagePath) END IF set File = Nothing MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% ' *** Update Record: construct a sql update statement and execute it If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then ' create the sql update statement MM_editQuery = "update " & MM_editTable & " set " For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_formVal = MM_fields(MM_i+1) MM_typeArray = Split(MM_columns(MM_i+1),",") MM_delim = MM_typeArray(0) If (MM_delim = "none") Then MM_delim = "" MM_altVal = MM_typeArray(1) If (MM_altVal = "none") Then MM_altVal = "" MM_emptyVal = MM_typeArray(2) If (MM_emptyVal = "none") Then MM_emptyVal = "" If (MM_formVal = "") Then MM_formVal = MM_emptyVal Else If (MM_altVal <> "") Then MM_formVal = MM_altVal ElseIf (MM_delim = "'") Then ' escape quotes MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'" Else MM_formVal = MM_delim + MM_formVal + MM_delim End If End If If (MM_i <> LBound(MM_fields)) Then MM_editQuery = MM_editQuery & "," End If MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal Next MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId If (Not MM_abortEdit) Then ' execute the update Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% ' *** Insert Record: construct a sql insert statement and execute it Dim MM_tableValues Dim MM_dbValues If (CStr(Request("MM_insert")) <> "") Then ' create the sql insert statement MM_tableValues = "" MM_dbValues = "" For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_formVal = MM_fields(MM_i+1) MM_typeArray = Split(MM_columns(MM_i+1),",") MM_delim = MM_typeArray(0) If (MM_delim = "none") Then MM_delim = "" MM_altVal = MM_typeArray(1) If (MM_altVal = "none") Then MM_altVal = "" MM_emptyVal = MM_typeArray(2) If (MM_emptyVal = "none") Then MM_emptyVal = "" If (MM_formVal = "") Then MM_formVal = MM_emptyVal Else If (MM_altVal <> "") Then MM_formVal = MM_altVal ElseIf (MM_delim = "'") Then ' escape quotes MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'" Else MM_formVal = MM_delim + MM_formVal + MM_delim End If End If If (MM_i <> LBound(MM_fields)) Then MM_tableValues = MM_tableValues & "," MM_dbValues = MM_dbValues & "," End If MM_tableValues = MM_tableValues & MM_columns(MM_i) MM_dbValues = MM_dbValues & MM_formVal Next MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ") values (" & MM_dbValues & ")" If (Not MM_abortEdit) Then ' execute the insert Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% Dim rsPictures__MM_category rsPictures__MM_category = "%" If (request("category") <> "") Then rsPictures__MM_category = request("category") End If %> <% Dim rsPictures__MMUserID IF Session("UserID") <> "1" THEN rsPictures__MMUserID = "1" If (session("UserID") <> "") Then rsPictures__MMUserID = session("UserID") End If ELSE rsPictures__MMUserID = "1" If (Request("user") <> "") Then rsPictures__MMUserID = Request("user") End If END IF %> <% set rsPictures = Server.CreateObject("ADODB.Recordset") rsPictures.ActiveConnection = MM_mygallery_STRING rsPictures.Source = "SELECT * FROM Category INNER JOIN PictureQuery ON Category.CatID = PictureQuery.CatID WHERE category.category LIKE '" + Replace(rsPictures__MM_category, "'", "''") + "' AND Category.UserID LIKE '" + Replace(rsPictures__MMUserID, "'", "''") + "' ORDER BY Pictures.CatID DESC, Pictures.ID DESC;" rsPictures.CursorType = 0 rsPictures.CursorLocation = 2 rsPictures.LockType = 3 rsPictures.Open() rsPictures_numRows = 0 %> <% Dim rsCats__MMUserID IF Session("UserID") <> "1" THEN rsCats__MMUserID = "1" If (session("UserID") <> "") Then rsCats__MMUserID = session("UserID") End If ELSE rsCats__MMUserID = "%" If (Request("user") <> "") Then rsCats__MMUserID = Request("user") END IF END IF %> <% IF Session("UserID") <> "" THEN Dim rsCats Dim rsCats_numRows Set rsCats = Server.CreateObject("ADODB.Recordset") rsCats.ActiveConnection = MM_mygallery_STRING rsCats.Source = "SELECT * FROM CategoryQuery WHERE UserID LIKE '" + Replace(rsCats__MMUserID, "'", "''") + "' ORDER BY CatID DESC" rsCats.CursorType = 0 rsCats.CursorLocation = 2 rsCats.LockType = 1 rsCats.Open() rsCats_numRows = 0 If rsCats.EOF Or rsCats.BOF Then rsPictures.Close() Set rsPictures = Nothing rsCats.Close() Set rsCats = Nothing Login.Close() Set Login = Nothing response.redirect ("newcat.asp") END IF END IF %> <% If Session("UserID") = "1" Then Dim rsUsers Dim rsUsers_numRows Set rsUsers = Server.CreateObject("ADODB.Recordset") rsUsers.ActiveConnection = MM_mygallery_STRING rsUsers.Source = "SELECT * FROM UsersQuery ORDER BY UserID ASC;" rsUsers.CursorType = 0 rsUsers.CursorLocation = 2 rsUsers.LockType = 1 rsUsers.Open() rsUsers_numRows = 0 END IF %> <% Dim Repeat1__numRows Repeat1__numRows = 30 Dim Repeat1__index Repeat1__index = 0 rsPictures_numRows = rsPictures_numRows + Repeat1__numRows %> <% ' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables ' set the record count rsPictures_total = rsPictures.RecordCount ' set the number of rows displayed on this page If (rsPictures_numRows < 0) Then rsPictures_numRows = rsPictures_total Elseif (rsPictures_numRows = 0) Then rsPictures_numRows = 1 End If ' set the first and last displayed record rsPictures_first = 1 rsPictures_last = rsPictures_first + rsPictures_numRows - 1 ' if we have the correct record count, check the other stats If (rsPictures_total <> -1) Then If (rsPictures_first > rsPictures_total) Then rsPictures_first = rsPictures_total If (rsPictures_last > rsPictures_total) Then rsPictures_last = rsPictures_total If (rsPictures_numRows > rsPictures_total) Then rsPictures_numRows = rsPictures_total End If %> <% ' *** Recordset Stats: if we don't know the record count, manually count them If (rsPictures_total = -1) Then ' count the total records by iterating through the recordset rsPictures_total=0 While (Not rsPictures.EOF) rsPictures_total = rsPictures_total + 1 rsPictures.MoveNext Wend ' reset the cursor to the beginning If (rsPictures.CursorType > 0) Then rsPictures.MoveFirst Else rsPictures.Requery End If ' set the number of rows displayed on this page If (rsPictures_numRows < 0 Or rsPictures_numRows > rsPictures_total) Then rsPictures_numRows = rsPictures_total End If ' set the first and last displayed record rsPictures_first = 1 rsPictures_last = rsPictures_first + rsPictures_numRows - 1 If (rsPictures_first > rsPictures_total) Then rsPictures_first = rsPictures_total If (rsPictures_last > rsPictures_total) Then rsPictures_last = rsPictures_total End If %> <% ' *** Move To Record and Go To Record: declare variables Set MM_rs = rsPictures MM_rsCount = rsPictures_total MM_size = rsPictures_numRows MM_uniqueCol = "" MM_paramName = "" MM_offset = 0 MM_atTotal = false MM_paramIsDefined = false If (MM_paramName <> "") Then MM_paramIsDefined = (Request.QueryString(MM_paramName) <> "") End If %> <% ' *** Move To Record: handle 'index' or 'offset' parameter if (Not MM_paramIsDefined And MM_rsCount <> 0) then ' use index parameter if defined, otherwise use offset parameter r = Request.QueryString("index") If r = "" Then r = Request.QueryString("offset") If r <> "" Then MM_offset = Int(r) ' if we have a record count, check if we are past the end of the recordset If (MM_rsCount <> -1) Then If (MM_offset >= MM_rsCount Or MM_offset = -1) Then ' past end or move last If ((MM_rsCount Mod MM_size) > 0) Then ' last page not a full repeat region MM_offset = MM_rsCount - (MM_rsCount Mod MM_size) Else MM_offset = MM_rsCount - MM_size End If End If End If ' move the cursor to the selected record i = 0 While ((Not MM_rs.EOF) And (i < MM_offset Or MM_offset = -1)) MM_rs.MoveNext i = i + 1 Wend If (MM_rs.EOF) Then MM_offset = i ' set MM_offset to the last possible record End If %> <% ' *** Move To Record: if we dont know the record count, check the display range If (MM_rsCount = -1) Then ' walk to the end of the display range for this page i = MM_offset While (Not MM_rs.EOF And (MM_size < 0 Or i < MM_offset + MM_size)) MM_rs.MoveNext i = i + 1 Wend ' if we walked off the end of the recordset, set MM_rsCount and MM_size If (MM_rs.EOF) Then MM_rsCount = i If (MM_size < 0 Or MM_size > MM_rsCount) Then MM_size = MM_rsCount End If ' if we walked off the end, set the offset based on page size If (MM_rs.EOF And Not MM_paramIsDefined) Then If (MM_offset > MM_rsCount - MM_size Or MM_offset = -1) Then If ((MM_rsCount Mod MM_size) > 0) Then MM_offset = MM_rsCount - (MM_rsCount Mod MM_size) Else MM_offset = MM_rsCount - MM_size End If End If End If ' reset the cursor to the beginning If (MM_rs.CursorType > 0) Then MM_rs.MoveFirst Else MM_rs.Requery End If ' move the cursor to the selected record i = 0 While (Not MM_rs.EOF And i < MM_offset) MM_rs.MoveNext i = i + 1 Wend End If %> <% ' *** Move To Record: update recordset stats ' set the first and last displayed record rsPictures_first = MM_offset + 1 rsPictures_last = MM_offset + MM_size If (MM_rsCount <> -1) Then If (rsPictures_first > MM_rsCount) Then rsPictures_first = MM_rsCount If (rsPictures_last > MM_rsCount) Then rsPictures_last = MM_rsCount End If ' set the boolean used by hide region to check if we are on the last record MM_atTotal = (MM_rsCount <> -1 And MM_offset + MM_size >= MM_rsCount) %> <% ' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters ' create the list of parameters which should not be maintained MM_removeList = "&index=" If (MM_paramName <> "") Then MM_removeList = MM_removeList & "&" & MM_paramName & "=" MM_keepURL="":MM_keepForm="":MM_keepBoth="":MM_keepNone="" ' add the URL parameters to the MM_keepURL string For Each Item In Request.QueryString NextItem = "&" & Item & "=" If (InStr(1,MM_removeList,NextItem,1) = 0) Then MM_keepURL = MM_keepURL & NextItem & Server.URLencode(Request.QueryString(Item)) End If Next ' add the Form variables to the MM_keepForm string For Each Item In Request.Form NextItem = "&" & Item & "=" If (InStr(1,MM_removeList,NextItem,1) = 0) Then MM_keepForm = MM_keepForm & NextItem & Server.URLencode(Request.Form(Item)) End If Next ' create the Form + URL string and remove the intial '&' from each of the strings MM_keepBoth = MM_keepURL & MM_keepForm if (MM_keepBoth <> "") Then MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1) if (MM_keepURL <> "") Then MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1) if (MM_keepForm <> "") Then MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1) ' a utility function used for adding additional parameters to these strings Function MM_joinChar(firstItem) If (firstItem <> "") Then MM_joinChar = "&" Else MM_joinChar = "" End If End Function %> <% ' *** Move To Record: set the strings for the first, last, next, and previous links MM_keepMove = MM_keepBoth MM_moveParam = "index" ' if the page has a repeated region, remove 'offset' from the maintained parameters If (MM_size > 0) Then MM_moveParam = "offset" If (MM_keepMove <> "") Then params = Split(MM_keepMove, "&") MM_keepMove = "" For i = 0 To UBound(params) nextItem = Left(params(i), InStr(params(i),"=") - 1) If (StrComp(nextItem,MM_moveParam,1) <> 0) Then MM_keepMove = MM_keepMove & "&" & params(i) End If Next If (MM_keepMove <> "") Then MM_keepMove = Right(MM_keepMove, Len(MM_keepMove) - 1) End If End If End If ' set the strings for the move to links If (MM_keepMove <> "") Then MM_keepMove = MM_keepMove & "&" urlStr = Request.ServerVariables("URL") & "?" & MM_keepMove & MM_moveParam & "=" MM_moveFirst = urlStr & "0" MM_moveLast = urlStr & "-1" MM_moveNext = urlStr & Cstr(MM_offset + MM_size) prev = MM_offset - MM_size If (prev < 0) Then prev = 0 MM_movePrev = urlStr & Cstr(prev) %> Administration
<% If Session("UserID") = "1" Then %> <% End If%>

<% IF Session("loggedin") = "" THEN %>

<% If Request.Querystring("Newmem") <> "" Then %> Your account has been created, you must now login bellow to access your gallery. <% End If %>

Welcome!

Please login order to manage the photobook.
Username:
Password:
 

<% ELSE %>

Viewing Records <%=(rsPictures_first)%> to <%=(rsPictures_last)%> of <%=(rsPictures_total)%> <%If Session("UserID") = "1" Then%> for user : <%IF Request.Form("User") <> "%" THEN %> "><%=(rsPictures.Fields.Item("Username").Value)%> <%ELSE%> ALL <% END IF%> <%END IF%>

<% If Session("UserID") = "1" THEN %> <% END IF %>
Filter by User:
 		Then >
Filter by Category:
Log Out:

<% If MM_offset <> 0 Then %> First <% End If ' end MM_offset <> 0 %> <% If MM_offset <> 0 Then %> Previous <% End If ' end MM_offset <> 0 %> <% If Not MM_atTotal Then %> Next <% End If ' end Not MM_atTotal %> <% If Not MM_atTotal Then %> Last <% End If ' end Not MM_atTotal %>
<% While ((Repeat1__numRows <> 0) AND (NOT rsPictures.EOF)) %> <% Repeat1__index=Repeat1__index+1 Repeat1__numRows=Repeat1__numRows-1 rsPictures.MoveNext() Wend %>
Category Image (Click to view) Description Manage
<%=(rsPictures.Fields.Item("Category").Value)%> /<%=(rsPictures.Fields.Item("Image").Value)%>','LargeView','scrollbars=yes,resizable=yes','800','600','false')"><%=(rsPictures.Fields.Item("Image").Value)%> <%=(rsPictures.Fields.Item("Description").Value)%>
"> "> "> "> "> ">

Your individual gallery URL is: index.asp?UserID=<%=(Login.Fields.Item("UserID").Value)%>"><%=(Login.Fields.Item("SiteURL").Value)%>index.asp?UserID=<%=(Login.Fields.Item("UserID").Value)%>

Update Account Details
Email:
 " size="20">
Username:
 " size="20">
Password:
 " size="20">
">

 

Add new image - Manage categories - View Gallery

<% END IF%>

 
 

v5.0

'My ASP Thumbnail Gallery' is a product of Kattouf Internet Services Email: johnny@kattouf.com

<% rsPictures.Close() Set rsPictures = Nothing %> <% IF Session("UserID") <> "" THEN rsCats.Close() Set rsCats = Nothing END IF %> <% Login.Close() Set Login = Nothing %> <% If Session("UserID") = "1" Then rsUsers.Close() Set rsUsers = Nothing END IF %> <% If Request.Form("UserIDdelete") <> "" THEN rsUsercheck.Close() Set rsUsercheck = Nothing END IF %>