<%
'This code is copyright (c) Internet Business Solutions SL, all rights reserved.
'The contents of this file are protect under law as the intellectual property
'of Internet Business Solutions SL. Any use, reproduction, disclosure or copying
'of any kind without the express and written permission of Internet Business
'Solutions SL is forbidden.
'Author: Vince Reid, vince@virtualred.net
if storesessionvalue="" then storesessionvalue="virtualstore"
if Session("loggedon") <> storesessionvalue OR disallowlogin=TRUE then response.end
Dim sSQL,rs,alldata,success,cnn,rowcounter,errmsg,index
success=true
Set rs = Server.CreateObject("ADODB.RecordSet")
Set cnn=Server.CreateObject("ADODB.Connection")
cnn.open sDSN
sSQL = ""
alldata=""
if maxloginlevels="" then maxloginlevels=5
if request.form("posted")="1" then
if request.form("act")="delete" then
sSQL = "DELETE FROM clientlogin WHERE clientUser='" & request.form("id") & "'"
cnn.Execute(sSQL)
response.write ""
elseif request.form("act")="domodify" then
sSQL = "UPDATE clientlogin SET clientUser='" & replace(request.form("clientUser"), "'", "''") & "'"
sSQL = sSQL & "," & "clientPW='" & replace(request.form("clientPW"), "'", "''") & "'"
sSQL = sSQL & "," & "clientLoginLevel=" & request.form("clientLoginLevel")
cpd = trim(request.form("clientPercentDiscount"))
sSQL = sSQL & "," & "clientPercentDiscount=" & IIfVr(IsNumeric(cpd) AND cpd<>"", cpd, 0)
clientActions=0
for each objItem in request.form("clientActions")
clientActions = clientActions + Int(objItem)
next
sSQL = sSQL & "," & "clientActions=" & clientActions
sSQL = sSQL & " WHERE clientUser='" & request.form("id") & "'"
cnn.Execute(sSQL)
response.write ""
elseif request.form("act")="doaddnew" then
sSQL = "SELECT clientUser FROM clientlogin WHERE clientUser='" & replace(request.form("clientUser"), "'", "''") & "'"
rs.Open sSQL,cnn,0,1
if NOT rs.EOF then
success=false
errmsg="The login "" & request.form("clientUser") & "" is already in use. Please choose another."
end if
rs.Close
if success then
sSQL = "INSERT INTO clientlogin (clientUser,clientPW,clientLoginLevel,clientPercentDiscount,clientActions) VALUES ("
sSQL = sSQL & "'" & replace(request.form("clientUser"), "'", "''") & "'"
sSQL = sSQL & ",'" & replace(request.form("clientPW"), "'", "''") & "'"
sSQL = sSQL & "," & request.form("clientLoginLevel")
cpd = trim(request.form("clientPercentDiscount"))
sSQL = sSQL & "," & IIfVr(IsNumeric(cpd) AND cpd<>"", cpd, 0)
clientActions=0
for each objItem in request.form("clientActions")
clientActions = clientActions + Int(objItem)
next
sSQL = sSQL & "," & clientActions & ")"
cnn.Execute(sSQL)
response.write ""
end if
end if
end if
%>
<% if request.form("posted")="1" AND request.form("act")="modify" then
sSQL = "SELECT clientUser,clientPW,clientLoginLevel,clientActions,clientPercentDiscount FROM clientlogin WHERE clientUser='"&Request.Form("id")&"'"
rs.Open sSQL,cnn,0,1
%>
<% rs.Close
elseif request.form("posted")="1" AND request.form("act")="addnew" then %>
<% elseif request.form("posted")="1" AND success then %>
<% else
sSQL = "SELECT clientUser,clientPW,clientLoginLevel,clientActions FROM clientlogin ORDER BY clientUser"
rs.Open sSQL,cnn,0,1
if NOT rs.EOF then alldata=rs.getrows
rs.Close
%>
<% end if
cnn.Close
set rs = nothing
set cnn = nothing
%>
