<%@ CodePage = 65001 LCID = 1040 %>
<%
Response.expires = 0
Response.expiresabsolute = Now() - 1
Response.addHeader "pragma", "no-cache"
Response.addHeader "cache-control", "private"
Response.addHeader "cache-control", "no-cache"
Response.addHeader "cache-control", "no-store"
Response.CacheControl = "no-cache"
%>
<%
ewCurSec = 0 ' Initialise
' User levels
Const ewAllowAdd = 1
Const ewAllowDelete = 2
Const ewAllowEdit = 4
Const ewAllowView = 8
Const ewAllowList = 8
Const ewAllowReport = 8
Const ewAllowSearch = 8
Const ewAllowAdmin = 16
%>
<%
If Session("lapinsitter_status") <> "login" Then
Response.Redirect "login.asp"
Else
' Restore Security Table - created in Login
arrSecurity = Session("ewSecurity")
' Get Current Table Security
sTmp1 = -1
For sTmp = 1 to UBound(arrSecurity, 2)
If arrSecurity(0, sTmp) = "utenti" Then
sTmp1 = sTmp
Exit For
End If
Next
ewCurLvl = Session("lapinsitter_status_UserLevel")
If IsNumeric(ewCurLvl) And sTmp1 <> -1 Then
If ewCurLvl = -1 Then ' System Administrator
ewCurSec = 31
ElseIf ewCurLvl > 0 and ewCurLvl <= 1 Then
ewCurSec = arrSecurity(ewCurLvl, sTmp1)
End If
End If
If (ewCurSec And ewAllowedit) <> ewAllowedit Then Response.Redirect "utentilist.asp"
If Session("lapinsitter_status_UserID") = "" And Session("lapinsitter_status_UserID") <> -1 Then Response.Redirect "login.asp"
End If
%>
<%
' Initialize common variables
x_IDutente = Null: ox_IDutente = Null
x_Nome = Null: ox_Nome = Null
x_Cognome = Null: ox_Cognome = Null
x_password = Null: ox_password = Null
x_login = Null: ox_login = Null
x_livello = Null: ox_livello = Null
x_email = Null: ox_email = Null
%>
<%
Response.Buffer = True
' Load key from QueryString
x_IDutente = Request.QueryString("IDutente")
' Get action
sAction = Request.Form("a_edit")
If sAction = "" Or IsNull(sAction) Then
sAction = "I" ' Display with input box
Else
' Get fields from form
x_IDutente = Request.Form("x_IDutente")
x_Nome = Request.Form("x_Nome")
x_Cognome = Request.Form("x_Cognome")
x_password = Request.Form("x_password")
x_login = Request.Form("x_login")
x_livello = Request.Form("x_livello")
x_email = Request.Form("x_email")
End If
' Check if valid key
If x_IDutente = "" Or IsNull(x_IDutente) Then Response.Redirect "utentilist.asp"
' Open connection to the database
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open xDb_Conn_Str
Select Case sAction
Case "I": ' Get a record to display
If Not LoadData() Then ' Load Record based on key
Session("ewmsg") = "Nessun Record trovato"
conn.Close ' Close Connection
Set conn = Nothing
Response.Clear
Response.Redirect "utentilist.asp"
End If
Case "U": ' Update
If EditData() Then ' Update Record based on key
Session("ewmsg") = "Aggiornamento Record Effettuato"
conn.Close ' Close Connection
Set conn = Nothing
Response.Clear
Response.Redirect "utentilist.asp"
End If
End Select
%>
<%
conn.Close ' Close Connection
Set conn = Nothing
%>
<%
'-------------------------------------------------------------------------------
' Function LoadData
' - Load Data based on Key Value
' - Variables setup: field variables
Function LoadData()
Dim sSql, rs, sWhere, sGroupBy, sHaving, sOrderBy
sSql = "SELECT * FROM [utenti]"
sWhere = ""
sGroupBy = ""
sHaving = ""
sOrderBy = ""
If sWhere <> "" Then sWhere = sWhere & " AND "
sWhere = sWhere & "([IDutente] = " & AdjustSql(x_IDutente) & ")"
sSql = sSql & " WHERE " & sWhere
If Session("lapinsitter_status_UserID") <> -1 And Session("lapinsitter_status_UserID") <> "" Then ' Non system admin
sSql = sSql & " AND ([IDutente] = " & Session("lapinsitter_status_UserID") & ")"
End If
If sGroupBy <> "" Then
sSql = sSql & " GROUP BY " & sGroupBy
End If
If sHaving <> "" Then
sSql = sSql & " HAVING " & sHaving
End If
If sOrderBy <> "" Then
sSql = sSql & " ORDER BY " & sOrderBy
End If
Set rs = Server.CreateObject("ADODB.Recordset")
rs.Open sSql, conn
If rs.Eof Then
LoadData = False
Else
LoadData = True
rs.MoveFirst
' Get the field contents
x_IDutente = rs("IDutente")
x_Nome = rs("Nome")
x_Cognome = rs("Cognome")
x_password = rs("password")
x_login = rs("login")
x_livello = rs("livello")
x_email = rs("email")
End If
rs.Close
Set rs = Nothing
End Function
%>
<%
'-------------------------------------------------------------------------------
' Function EditData
' - Edit Data based on Key Value
' - Variables used: field variables
Function EditData()
Dim sSql, rs, sWhere, sGroupBy, sHaving, sOrderBy
sSql = "SELECT * FROM [utenti]"
sWhere = ""
sGroupBy = ""
sHaving = ""
sOrderBy = ""
If sWhere <> "" Then sWhere = sWhere & " AND "
sWhere = sWhere & "([IDutente] = " & AdjustSql(x_IDutente) & ")"
sSql = sSql & " WHERE " & sWhere
If Session("lapinsitter_status_UserID") <> -1 And Session("lapinsitter_status_UserID") <> "" Then ' Non system admin
sSql = sSql & " AND ([IDutente] = " & Session("lapinsitter_status_UserID") & ")"
End If
If sGroupBy <> "" Then
sSql = sSql & " GROUP BY " & sGroupBy
End If
If sHaving <> "" Then
sSql = sSql & " HAVING " & sHaving
End If
If sOrderBy <> "" Then
sSql = sSql & " ORDER BY " & sOrderBy
End If
Set rs = Server.CreateObject("ADODB.Recordset")
rs.CursorLocation = 3
rs.Open sSql, conn, 1, 2
If rs.Eof Then
EditData = False ' Update Failed
Else
' Field IDutente
' Field Nome
sTmp = Trim(x_Nome)
If Trim(sTmp) = "" Then sTmp = Null
rs("Nome") = sTmp
' Field Cognome
sTmp = Trim(x_Cognome)
If Trim(sTmp) = "" Then sTmp = Null
rs("Cognome") = sTmp
' Field password
sTmp = Trim(x_password)
If Trim(sTmp) = "" Then sTmp = Null
rs("password") = sTmp
' Field login
sTmp = Trim(x_login)
If Trim(sTmp) = "" Then sTmp = Null
rs("login") = sTmp
' Field livello
If (ewCurSec And ewAllowAdmin) = ewAllowAdmin Then ' System admin
sTmp = x_livello
If Not IsNumeric(sTmp) Then
sTmp = Null
Else
sTmp = CLng(sTmp)
End If
rs("livello") = sTmp
End If
' Field email
sTmp = Trim(x_email)
If Trim(sTmp) = "" Then sTmp = Null
rs("email") = sTmp
rs.Update
EditData = True ' Update Successful
End If
rs.Close
Set rs = Nothing
End Function
%>