<% Option Explicit If not Session("isLoggedIn") Then response.redirect("/ecommerce/default.asp?returnUrl=" & Server.URLEncode(Request.ServerVariables("SCRIPT_NAME"))) End If %> <% Dim intUserID, intUserTypeID, strUsername, strPassword1, strPassword2, strFirstname, strLastname, strEmail, blnHTMLEmail Dim strAction, strSortCat, strSortOrder Dim rsUser, arrDBData, strSQL Dim iRecFirst, iRecLast, iFieldFirst, iFieldLast Dim I, J ' if passed a user id we want to grab their details and populate form ' if passed no user id we want to present empty form ' if submitted to self with an id we want to update the passed details in the db and redirect to select ' if submitted to self with no id we want to insert the passed details into the db and redirect to select ' initialise data, grab any data passed from the form strSortCat = "" strSortOrder = "" If Request("sortCat") <> "" Then strSortCat = CStr(Request("sortCat")) If Request("sortOrder") <> "" Then strSortOrder = CStr(Request("sortOrder")) intUserID = 0 If Request("userID") <> "" Then intUserID = CInt(Request("userID")) intUserTypeID = 0 If Request("userTypeID") <> "" Then intUserTypeID = CInt(Request("userTypeID")) strUsername = "" If Request("username") <> "" Then strUsername = CStr(Request("username")) strPassword1 = "" If Request("password1") <> "" Then strPassword1 = CStr(Request("password1")) strPassword2 = "" If Request("password2") <> "" Then strPassword2 = CStr(Request("password2")) strFirstname = "" If Request("firstname") <> "" Then strFirstname = CStr(Request("firstname")) strLastname = "" If Request("lastname") <> "" Then strLastname = CStr(Request("lastname")) strEmail = "" If Request("email") <> "" Then strEmail = CStr(Request("email")) blnHTMLEmail = true If Request("HTMLEmail") <> "" Then blnHTMLEmail = CStr(Request("HTMLEmail")) ' first take care of type of call made If intUserID <> 0 Then strAction = "Edit" Else strAction = "Create" End If If Request("isSubmitted") = "1" Then ' we were passed data - ensure it's valid If strUserName = "" Then strErrMsg = strErrMsg & "
  • you must supply a username
  • " & vbcrlf isErr = true End If If InStr(strUserName, " ") Then strErrMsg = strErrMsg & "
  • User name cannot contain spaces
  • " & vbcrlf isErr = true End If If intUserTypeID = 0 Then strErrMsg = strErrMsg & "
  • you must select a user type
  • " & vbcrlf isErr = true End If If strFirstname = "" Then strErrMsg = strErrMsg & "
  • firstname cannot be empty
  • " & vbcrlf isErr = true End If If strLastname = "" Then strErrMsg = strErrMsg & "
  • lastname cannot be empty
  • " & vbcrlf isErr = true End If If strEmail = "" Then strErrMsg = strErrMsg & "
  • email address cannot be empty
  • " & vbcrlf isErr = true Else If not isEmail(strEmail) Then strErrMsg = strErrMsg & "
  • email address is not a valid email address
  • " & vbcrlf isErr = true End If End If If strPassword1 = "" or strPassword2 = "" Then strErrMsg = strErrMsg & "
  • password cannot be empty
  • " & vbcrlf isErr = true End If If strPassword1 <> strPassword2 Then strErrMsg = strErrMsg & "
  • passwords don't match
  • " & vbcrlf isErr = true End If If not isErr Then ' we got ok data, proceed with update, insert If intUserID <> 0 Then ' if submitted to self with an id we want to update the passed details in the db and redirect to select strSQL = "EXEC stpUserUpdate " & intUserID & _ ", " & toSQLStr(strUsername) & _ ", " & toSQLStr(strPassword1) & _ ", " & toSQLStr(strfirstname) & _ ", " & toSQLStr(strlastname) & _ ", " & toSQLStr(strEmail) & _ ", " & intUserTypeID & _ ", " & blnHTMLEmail dbconn.Execute(strSQL) 'dump(strSQL) Else ' if submitted to self with no id we want to insert the passed details into the db and redirect to select strSQL = "EXEC stpUserInsert " & toSQLStr(strUsername) & _ ", " & toSQLStr(strPassword1) & _ ", " & toSQLStr(strFirstname) & _ ", " & toSQLStr(strLastname) & _ ", " & toSQLStr(strEmail) & _ ", " & intUserTypeID & _ ", " & blnHTMLEmail Set rsUser = dbconn.Execute(strSQL) If not rsUser.EOF Then intUserID = CInt(rsUser("userID")) If intUserID = 0 Then isErr = true strErrMsg = "
  • that user name and email already exists
  • " End If End If If not rsUser.State = 0 Then rsUser.Close() Set rsUser = Nothing 'dump(strSQL) End If ' intUserID <> 0 End If ' not isErr End If ' isSubmitted If intUserID <> 0 Then ' if passed an id we want to grab the details and populate form strSQL = "EXEC stpUserSelect " & intUserID Set rsUser = dbconn.Execute(strSQL) If rsUser.EOF Then strErrMsg = strErrMsg & "
  • cannot find user with ID " & intUserID & "
  • " & vbcrlf isErr = true Else arrDBData = rsUser.GetRows() iRecFirst = LBound(arrDBData, 2) iRecLast = UBound(arrDBData, 2) iFieldFirst = LBound(arrDBData, 1) iFieldLast = UBound(arrDBData, 1) intUserID = arrDBData(0, iRecFirst) intUserTypeID = arrDBData(7, iRecFirst) strUsername = arrDBData(1, iRecFirst) strFirstname = arrDBData(2, iRecFirst) strLastname = arrDBData(3, iRecFirst) strEmail = arrDBData(4, iRecFirst) strPassword1 = arrDBData(8, iRecFirst) strPassword2 = arrDBData(8, iRecFirst) blnHTMLEmail = arrDBData(9, iRecFirst) End If ' not EOF rsUser.Close Set rsUser = Nothing End If ' intUserID <> 0 %> Galuku Cocopeat

    <%= strAction %> User

    <% If isErr Then %> <% End If %> <% If Request("isSubmitted") = "1" And not isErr Then %> <% End If %>
    The following errors occurred:
      <%= strErrMsg %>
    user ID: <%= intUserID %>
    username:
    password:
    confirm password:
    usertype: <%= writeSelectSTP("userTypeID", "userTypeID", "userTypeDesc", "stpUserTypeSelectAll", "", "Please Select", intUserTypeID)%>
    firstname:
    lastname:
    email:
    email format:
    <%= " checked" %><% End If %>>html email <%= " checked" %><% End If %>>text email
    <%= Request.Form("action") %> successful
     
    Return to User List    |    <%= strAction %> User<% If intUserTypeID > 3 Then %>   |    Customise Prices<% End If %>

     

    ^ back to top