<%option explicit%> <% ShopCheckAdmin "" '******************************* ' Version 6.50 Updates Mycompany table ' Display fields in one record of one table ' setting field to keyword "NULL" sets field to empty ' March 8, 2004 '******************************* dim Addaction,Updateaction, Deleteaction dim rstemp dim which dim idfield dim dbtable, conn dim setupid,companyname,address,city,state,postalcode,country dim phonenumber,faxnumber,defaultpaymentterms,defaultinvoicedescription dim salestaxrate,myemail,other1,other2,other3,other4 Addaction=Request.form("add") Updateaction=Request.form("update") sError="" Deleteaction=request("delete") GetInputValues If DeleteAction<>"" then DeleteRecord end if if dbtable = "" then shoperror getlang("langeditselectfail") end if EditOpenDatabase conn, database,dbtable If Addaction = "" and Updateaction = "" Then AdminPageHeader SetDefaultvalues GenerateForm AdminPageTrailer Else AdminPageHeader UpdateRecord GenerateForm AdminPageTrailer end if Shopclosedatabase conn '************************ Sub GetInputValues ' ID, allows editing a record which=request.querystring("which") 'VP-ASP 6.09 - Precautionary Security Fix if which > "" then If not isnumeric(which) then shoperror "ID must be numeric" end if end if idfield=request.querystring("idfield") dbtable= request.querystring("table") database=request.querystring("database") If dbtable="" then dbtable="mycompany" If idfield="" then idfield="setupid" ValidateTable End Sub ' Sub ValidateTable '******************************************** 'See if user has access to this table Dim UserTables, i dim tablecount if getconfig("XRestrictAdminTables")<>"Yes" then exit sub UserTables=GetSess("UserTables") If Isnull(UserTables) then exit sub end if if UserTables="" then exit Sub else UserTables=split(GetSess("UserTables"),",",-1,1) end if tablecount=ubound(UserTables) for i = 0 to tablecount if ucase(dbtable)=ucase(Usertables(i)) then exit sub end if next dbtable="" end sub '******************************************************************************* ' Get the specific record and then generate form based on this record '******************************************************************************* Sub GenerateForm dim sqltemp if which <> "" then sqltemp="select * from " & dbtable sqltemp=sqltemp & " where " & idfield & "=" & which set rstemp=conn.execute(sqltemp) end if DisplayForm if which <> "" then rstemp.close set rstemp=nothing end if end Sub '**************************** Sub DisplayForm() if which <> "" then setupid=rstemp("setupid") companyname=rstemp("companyname") address=rstemp("address") city=rstemp("city") state=rstemp("state") postalcode=rstemp("postalcode") country=rstemp("country") phonenumber=rstemp("phonenumber") faxnumber=rstemp("faxnumber") myemail=rstemp("myemail") other1=rstemp("other1") other2=rstemp("other2") other3=rstemp("other3") other4=rstemp("other4") end if %>

<%shopwriteheader "Company Details"%>

<% if which<>"" then response.write "" end if response.write "" if which <> "" then response.write "" end if response.write "" %>


" & getlang("langadminadvanced") & " " & getlang("LangCommonEdit") & "	Back To Config

<%shopwriteerror sError%>

<% response.write "

" GenerateDisplayHeader "Company Information" GenerateDisplayBodyHeader If which<>"" then Response.Write("") Response.Write(" ") Response.write "" else Response.Write("
") end if response.write "

" ' formateditrow "id","setupid",setupid FormatEditRow getlang("LangCustCompany"),"companyname",companyname FormatEditRow getlang("LangCustaddress"),"address",address FormatEditRow getlang("LangCustCity"),"city",city FormatEditRow getlang("LangCustState"),"state",state FormatEditRow getlang("LangCustPostcode"),"postalcode",postalcode FormatEditRow getlang("Langcustcountry"),"country",country FormatEditRow getlang("LangCustphone"),"phonenumber",phonenumber FormatEditRow getlang("LangCustfax"),"faxnumber",faxnumber FormatEditRow getlang("LangCustemail"),"myemail",myemail FormatEditRow getlang("LangOtherfields") & " 1" ,"other1",other1 FormatEditRow getlang("LangOtherfields") & " 2" ,"other2",other2 FormatEditRow getlang("LangOtherfields") & " 3" ,"other3",other3 FormatEditRow getlang("LangOtherfields") & " 4" ,"other4",other4 Response.Write(TableDefEnd & "

") If which<>"" then Response.Write("") Response.Write(" ") Response.write "" else Response.Write("
") end if Response.Write("") GenerateDisplayBodyFooter end sub '************ ' Sub UpdateRecord dim sqltemp 'VP-ASP 6.50 - broadened defintion of IF statement to cover cases where xmysql hasn't been set if ucase(xdatabasetype) = "MYSQL" OR ucase(xdatabasetype) = "MYSQL351" OR getconfig("xMYSQL")="Yes" then MYSQLProcessrecord updateaction, conn, dbtable, idfield, which exit sub end if If updateaction<>"" then sqltemp="select * from " & dbtable sqltemp= sqltemp & " where " & idfield & "=" & which Set rstemp = Server.CreateObject("ADODB.Recordset") rstemp.open sqltemp, conn, 1, 3 rstemp.Update else Set rstemp = Server.CreateObject("ADODB.Recordset") rstemp.open dbtable, conn, adOpenKeyset, adLockOptimistic rstemp.AddNew end if GenerateUpdateSQL which = rstemp(idfield) rstemp.close set rstemp=nothing sError= sError & "
" & getlang("LangEdit03") & "" end sub ' ******** general Sql Sub GenerateUpdateSQL() Dim howmanyfields dim fieldname, fieldvalue, fieldtype dim i howmanyfields=rstemp.fields.count -1 rstemp.update for i=1 to howmanyfields fieldname = rstemp(i).name fieldtype=rstemp(i).type fieldvalue = request.form(fieldname) EUpdatefield fieldname,fieldvalue next rstemp.update end sub Sub EUpdateField (fieldname, fieldvalue) on error resume next 'Debugwrite fieldname & "value=" & fieldvalue if fieldvalue="" then rstemp(Fieldname)=NULL exit sub end if if ucase(fieldvalue)="NULL" then rstemp(Fieldname)=NULL else rstemp(Fieldname)=fieldvalue end if end sub '********************************************************************** ' Find the first record so rest of code works '********************************************************************** Sub Setdefaultvalues dim sql, rs If which<>"" then exit sub sql="select * from mycompany" Set rs=conn.execute(sql) which=rs(0) closerecordset rs end sub Sub DeleteRecord dim myconn EditOpenDatabase myconn, database,dbtable dim sql, url sql="delete from " & dbtable & " where " & idfield & "=" & which myconn.execute(sql) shopclosedatabase myconn url="shopa_editdisplay.asp?table=" & dbtable responseredirect url end sub %>