codice:<% if request("action")="cancellanews" then %> <% Userz1=Cstr(Request.QueryString("user")) Userz2=replace(replace(trim(Userz1),"'",""),"""","") Passz1=Cstr(Request.QueryString("pwd")) Passz2=replace(replace(trim(Passz1),"'",""),"""","") idcancella1=Cstr(Request.QueryString("id")) idcancella2=replace(replace(trim(idcancella1),"'",""),"""","") sidform1=Cstr(Request.QueryString("sid")) sidform2=replace(replace(trim(sidform1),"'",""),"""","") Set rscontrol = Conn.Execute("select * from gestori where user='" & Userz2 & "' and pwd='" & Passz2 & "'") if rscontrol.eof then response.write "<div align=""center""><font face=""Verdana"" size=""2"" color=""#6699CC"">Log Scaduto o non valido</font></div> <input onclick=""window.opener.location='login.asp';window.close();"" type=""button"" value=""Chiudi"" name=""button1"">" rscontrol.close conn.close set rscontrol=nothing set conn=nothing response.end else loguser=rscontrol("user") logpass=rscontrol("pwd") rscontrol.close set rscontrol=nothing end if Conn.Execute "delete from news where id='" & idcancella2 & "'" %> <div align="center"><font face=Verdana size=2 color=#6699CC>News Cancellata</font> <input onclick="window.opener.location='news_paginazione.asp?user=<%=loguser%>&pwd=<%=logpass%>&sid=<%=sidform2%>&action=viewall';window.close();" type="button" value="Chiudi" name="button1"> </div> <% 'ho tolto tutto :fagiano: conn.close set conn=nothing response.end end if %>
Rispondi quotando