<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<% If Session("UserID") <> "1" THEN
Response.Write(" You don't have permission to access this page.")
Response.End()
END IF
%>
<%
' *** Edit Operations: declare variables
Dim MM_editAction
Dim MM_abortEdit
Dim MM_editQuery
Dim MM_editCmd
Dim MM_editConnection
Dim MM_editTable
Dim MM_editRedirectUrl
Dim MM_editColumn
Dim MM_recordId
Dim MM_fieldsStr
Dim MM_columnsStr
Dim MM_fields
Dim MM_columns
Dim MM_typeArray
Dim MM_formVal
Dim MM_delim
Dim MM_altVal
Dim MM_emptyVal
Dim MM_i
MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME"))
If (Request.QueryString <> "") Then
MM_editAction = MM_editAction & "?" & Request.QueryString
End If
' boolean to abort record edit
MM_abortEdit = false
' query string to execute
MM_editQuery = ""
%>
<%
' *** Update Record: set variables
If (CStr(Request("MM_update")) = "Updateform" And CStr(Request("MM_recordId")) <> "") Then
MM_editConnection = MM_mygallery_STRING
MM_editTable = "Users"
MM_editColumn = "UserID"
MM_recordId = "" + Request.Form("MM_recordId") + ""
MM_editRedirectUrl = "users.asp"
MM_fieldsStr = "Username|value|Password|value|email|value"
MM_columnsStr = "Username|',none,''|Password|',none,''|Email|',none,''"
' create the MM_fields and MM_columns arrays
MM_fields = Split(MM_fieldsStr, "|")
MM_columns = Split(MM_columnsStr, "|")
' set the form values
For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i)))
Next
' append the query string to the redirect URL
If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then
If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then
MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
Else
MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
End If
End If
End If
%>
<%
' *** Delete Record: declare variables
if (CStr(Request("MM_delete")) = "Deleteform" And CStr(Request("MM_recordId")) <> "") Then
MM_editConnection = MM_mygallery_STRING
MM_editTable = "Users"
MM_editColumn = "UserID"
MM_recordId = "" + Request.Form("MM_recordId") + ""
MM_editRedirectUrl = "users.asp"
' append the query string to the redirect URL
If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then
If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then
MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
Else
MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
End If
End If
End If
%>
<%
' *** Update Record: construct a sql update statement and execute it
If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then
' create the sql update statement
MM_editQuery = "update " & MM_editTable & " set "
For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
MM_formVal = MM_fields(MM_i+1)
MM_typeArray = Split(MM_columns(MM_i+1),",")
MM_delim = MM_typeArray(0)
If (MM_delim = "none") Then MM_delim = ""
MM_altVal = MM_typeArray(1)
If (MM_altVal = "none") Then MM_altVal = ""
MM_emptyVal = MM_typeArray(2)
If (MM_emptyVal = "none") Then MM_emptyVal = ""
If (MM_formVal = "") Then
MM_formVal = MM_emptyVal
Else
If (MM_altVal <> "") Then
MM_formVal = MM_altVal
ElseIf (MM_delim = "'") Then ' escape quotes
MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'"
Else
MM_formVal = MM_delim + MM_formVal + MM_delim
End If
End If
If (MM_i <> LBound(MM_fields)) Then
MM_editQuery = MM_editQuery & ","
End If
MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal
Next
MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId
If (Not MM_abortEdit) Then
' execute the update
Set MM_editCmd = Server.CreateObject("ADODB.Command")
MM_editCmd.ActiveConnection = MM_editConnection
MM_editCmd.CommandText = MM_editQuery
MM_editCmd.Execute
MM_editCmd.ActiveConnection.Close
If (MM_editRedirectUrl <> "") Then
Response.Redirect(MM_editRedirectUrl)
End If
End If
End If
%>
<%
' *** Delete Record: construct a sql delete statement and execute it
If (CStr(Request("MM_delete")) <> "" And CStr(Request("MM_recordId")) <> "") Then
' create the sql delete statement
MM_editQuery = "delete from " & MM_editTable & " where " & MM_editColumn & " = " & MM_recordId
If (Not MM_abortEdit) Then
' execute the delete
Set MM_editCmd = Server.CreateObject("ADODB.Command")
MM_editCmd.ActiveConnection = MM_editConnection
Set fso = CreateObject("Scripting.FileSystemObject")
folderPath = Server.MapPath("..\cgi-bin\mypics")
folderPath = folderPath & "\" & Request.Form("Username")
'response.write Imagepath
'File.DeleteFile(ImagePath)
If fso.FolderExists(folderpath) Then
Set folderObject = fso.GetFolder((folderpath) & "\")
folderObject.Delete
end if
Set folderObject = Nothing
Set fso = Nothing
MM_editCmd.CommandText = MM_editQuery
MM_editCmd.Execute
MM_editCmd.ActiveConnection.Close
If (MM_editRedirectUrl <> "") Then
Response.Redirect(MM_editRedirectUrl)
End If
End If
End If
%>
<%
Dim rsUsers__MMColParam
rsUsers__MMColParam = "1"
If (Request("MM_EmptyValue") <> "") Then
rsUsers__MMColParam = Request("MM_EmptyValue")
End If
%>
<%
Dim rsUsers
Dim rsUsers_numRows
Set rsUsers = Server.CreateObject("ADODB.Recordset")
rsUsers.ActiveConnection = MM_mygallery_STRING
rsUsers.Source = "SELECT * FROM Users WHERE UserID <> " + Replace(rsUsers__MMColParam, "'", "''") + " ORDER BY UserID DESC"
rsUsers.CursorType = 0
rsUsers.CursorLocation = 2
rsUsers.LockType = 1
rsUsers.Open()
rsUsers_numRows = 0
%>
<%
Dim RsTotalpics
Dim RsTotalpics_numRows
Set RsTotalpics = Server.CreateObject("ADODB.Recordset")
RsTotalpics.ActiveConnection = MM_mygallery_STRING
RsTotalpics.Source = "SELECT Sum(piccount) As Totalpics FROM PicCount"
RsTotalpics.CursorType = 0
RsTotalpics.CursorLocation = 2
RsTotalpics.LockType = 1
RsTotalpics.Open()
RsTotalpics_numRows = 0
%>
<%
Dim Repeat1__numRows
Dim Repeat1__index
Repeat1__numRows = 20
Repeat1__index = 0
rsUsers_numRows = rsUsers_numRows + Repeat1__numRows
%>
<%
' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables
Dim rsUsers_total
Dim rsUsers_first
Dim rsUsers_last
' set the record count
rsUsers_total = rsUsers.RecordCount
' set the number of rows displayed on this page
If (rsUsers_numRows < 0) Then
rsUsers_numRows = rsUsers_total
Elseif (rsUsers_numRows = 0) Then
rsUsers_numRows = 1
End If
' set the first and last displayed record
rsUsers_first = 1
rsUsers_last = rsUsers_first + rsUsers_numRows - 1
' if we have the correct record count, check the other stats
If (rsUsers_total <> -1) Then
If (rsUsers_first > rsUsers_total) Then
rsUsers_first = rsUsers_total
End If
If (rsUsers_last > rsUsers_total) Then
rsUsers_last = rsUsers_total
End If
If (rsUsers_numRows > rsUsers_total) Then
rsUsers_numRows = rsUsers_total
End If
End If
%>
<%
' *** Recordset Stats: if we don't know the record count, manually count them
If (rsUsers_total = -1) Then
' count the total records by iterating through the recordset
rsUsers_total=0
While (Not rsUsers.EOF)
rsUsers_total = rsUsers_total + 1
rsUsers.MoveNext
Wend
' reset the cursor to the beginning
If (rsUsers.CursorType > 0) Then
rsUsers.MoveFirst
Else
rsUsers.Requery
End If
' set the number of rows displayed on this page
If (rsUsers_numRows < 0 Or rsUsers_numRows > rsUsers_total) Then
rsUsers_numRows = rsUsers_total
End If
' set the first and last displayed record
rsUsers_first = 1
rsUsers_last = rsUsers_first + rsUsers_numRows - 1
If (rsUsers_first > rsUsers_total) Then
rsUsers_first = rsUsers_total
End If
If (rsUsers_last > rsUsers_total) Then
rsUsers_last = rsUsers_total
End If
End If
%>
<%
Dim MM_paramName
%>
<%
' *** Move To Record and Go To Record: declare variables
Dim MM_rs
Dim MM_rsCount
Dim MM_size
Dim MM_uniqueCol
Dim MM_offset
Dim MM_atTotal
Dim MM_paramIsDefined
Dim MM_param
Dim MM_index
Set MM_rs = rsUsers
MM_rsCount = rsUsers_total
MM_size = rsUsers_numRows
MM_uniqueCol = ""
MM_paramName = ""
MM_offset = 0
MM_atTotal = false
MM_paramIsDefined = false
If (MM_paramName <> "") Then
MM_paramIsDefined = (Request.QueryString(MM_paramName) <> "")
End If
%>
<%
' *** Move To Record: handle 'index' or 'offset' parameter
if (Not MM_paramIsDefined And MM_rsCount <> 0) then
' use index parameter if defined, otherwise use offset parameter
MM_param = Request.QueryString("index")
If (MM_param = "") Then
MM_param = Request.QueryString("offset")
End If
If (MM_param <> "") Then
MM_offset = Int(MM_param)
End If
' if we have a record count, check if we are past the end of the recordset
If (MM_rsCount <> -1) Then
If (MM_offset >= MM_rsCount Or MM_offset = -1) Then ' past end or move last
If ((MM_rsCount Mod MM_size) > 0) Then ' last page not a full repeat region
MM_offset = MM_rsCount - (MM_rsCount Mod MM_size)
Else
MM_offset = MM_rsCount - MM_size
End If
End If
End If
' move the cursor to the selected record
MM_index = 0
While ((Not MM_rs.EOF) And (MM_index < MM_offset Or MM_offset = -1))
MM_rs.MoveNext
MM_index = MM_index + 1
Wend
If (MM_rs.EOF) Then
MM_offset = MM_index ' set MM_offset to the last possible record
End If
End If
%>
<%
' *** Move To Record: if we dont know the record count, check the display range
If (MM_rsCount = -1) Then
' walk to the end of the display range for this page
MM_index = MM_offset
While (Not MM_rs.EOF And (MM_size < 0 Or MM_index < MM_offset + MM_size))
MM_rs.MoveNext
MM_index = MM_index + 1
Wend
' if we walked off the end of the recordset, set MM_rsCount and MM_size
If (MM_rs.EOF) Then
MM_rsCount = MM_index
If (MM_size < 0 Or MM_size > MM_rsCount) Then
MM_size = MM_rsCount
End If
End If
' if we walked off the end, set the offset based on page size
If (MM_rs.EOF And Not MM_paramIsDefined) Then
If (MM_offset > MM_rsCount - MM_size Or MM_offset = -1) Then
If ((MM_rsCount Mod MM_size) > 0) Then
MM_offset = MM_rsCount - (MM_rsCount Mod MM_size)
Else
MM_offset = MM_rsCount - MM_size
End If
End If
End If
' reset the cursor to the beginning
If (MM_rs.CursorType > 0) Then
MM_rs.MoveFirst
Else
MM_rs.Requery
End If
' move the cursor to the selected record
MM_index = 0
While (Not MM_rs.EOF And MM_index < MM_offset)
MM_rs.MoveNext
MM_index = MM_index + 1
Wend
End If
%>
<%
' *** Move To Record: update recordset stats
' set the first and last displayed record
rsUsers_first = MM_offset + 1
rsUsers_last = MM_offset + MM_size
If (MM_rsCount <> -1) Then
If (rsUsers_first > MM_rsCount) Then
rsUsers_first = MM_rsCount
End If
If (rsUsers_last > MM_rsCount) Then
rsUsers_last = MM_rsCount
End If
End If
' set the boolean used by hide region to check if we are on the last record
MM_atTotal = (MM_rsCount <> -1 And MM_offset + MM_size >= MM_rsCount)
%>
<%
' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
Dim MM_keepNone
Dim MM_keepURL
Dim MM_keepForm
Dim MM_keepBoth
Dim MM_removeList
Dim MM_item
Dim MM_nextItem
' create the list of parameters which should not be maintained
MM_removeList = "&index="
If (MM_paramName <> "") Then
MM_removeList = MM_removeList & "&" & MM_paramName & "="
End If
MM_keepURL=""
MM_keepForm=""
MM_keepBoth=""
MM_keepNone=""
' add the URL parameters to the MM_keepURL string
For Each MM_item In Request.QueryString
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item))
End If
Next
' add the Form variables to the MM_keepForm string
For Each MM_item In Request.Form
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepForm = MM_keepForm & MM_nextItem & Server.URLencode(Request.Form(MM_item))
End If
Next
' create the Form + URL string and remove the intial '&' from each of the strings
MM_keepBoth = MM_keepURL & MM_keepForm
If (MM_keepBoth <> "") Then
MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
End If
If (MM_keepURL <> "") Then
MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1)
End If
If (MM_keepForm <> "") Then
MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
End If
' a utility function used for adding additional parameters to these strings
Function MM_joinChar(firstItem)
If (firstItem <> "") Then
MM_joinChar = "&"
Else
MM_joinChar = ""
End If
End Function
%>
<%
' *** Move To Record: set the strings for the first, last, next, and previous links
Dim MM_keepMove
Dim MM_moveParam
Dim MM_moveFirst
Dim MM_moveLast
Dim MM_moveNext
Dim MM_movePrev
Dim MM_urlStr
Dim MM_paramList
Dim MM_paramIndex
Dim MM_nextParam
MM_keepMove = MM_keepBoth
MM_moveParam = "index"
' if the page has a repeated region, remove 'offset' from the maintained parameters
If (MM_size > 1) Then
MM_moveParam = "offset"
If (MM_keepMove <> "") Then
MM_paramList = Split(MM_keepMove, "&")
MM_keepMove = ""
For MM_paramIndex = 0 To UBound(MM_paramList)
MM_nextParam = Left(MM_paramList(MM_paramIndex), InStr(MM_paramList(MM_paramIndex),"=") - 1)
If (StrComp(MM_nextParam,MM_moveParam,1) <> 0) Then
MM_keepMove = MM_keepMove & "&" & MM_paramList(MM_paramIndex)
End If
Next
If (MM_keepMove <> "") Then
MM_keepMove = Right(MM_keepMove, Len(MM_keepMove) - 1)
End If
End If
End If
' set the strings for the move to links
If (MM_keepMove <> "") Then
MM_keepMove = MM_keepMove & "&"
End If
MM_urlStr = Request.ServerVariables("URL") & "?" & MM_keepMove & MM_moveParam & "="
MM_moveFirst = MM_urlStr & "0"
MM_moveLast = MM_urlStr & "-1"
MM_moveNext = MM_urlStr & CStr(MM_offset + MM_size)
If (MM_offset - MM_size < 0) Then
MM_movePrev = MM_urlStr & "0"
Else
MM_movePrev = MM_urlStr & CStr(MM_offset - MM_size)
End If
%>
Manage Users
<% If Session("UserID") = "1" Then %>
<% End If%>
Number of Users:<%=(rsUsers_total)%> - Total Pictures:<%=(RsTotalpics.Fields.Item("Totalpics").Value)%>
<% If MM_offset <> 0 Then %>
First
<% End If ' end MM_offset <> 0 %>
<% If MM_offset <> 0 Then %>
Previous
<% End If ' end MM_offset <> 0 %>
<% If Not MM_atTotal Then %>
Next
<% End If ' end Not MM_atTotal %>
<% If Not MM_atTotal Then %>
Last
<% End If ' end Not MM_atTotal %>
Username
Password
Email
Date
Modify
<%
While ((Repeat1__numRows <> 0) AND (NOT rsUsers.EOF))
%>
<% If Session("UserID") = "1" Then %>
<% End If%>
