codice:
<%
if request("sid")<>session.sessionid or request("id")="" or request("action")="" then
response.write "<div align=""center""><font face=""Verdana"" size=""2"" color=""#6699CC"">Log Scaduto o non valido</font>
<input onclick=""window.opener.location='login.asp';window.close();"" type=""button"" value=""Chiudi"" name=""button1""></div>"
response.end
end if
%>
<%
if request("action")="cancellanews" then
%>
<%
Userz1=Cstr(Request.QueryString("user"))
Userz2=replace(replace(trim(Userz1),"'",""),"""","")
Passz1=Cstr(Request.QueryString("pwd"))
Passz2=replace(replace(trim(Passz1),"'",""),"""","")
idcancella1=Cstr(Request.QueryString("id"))
idcancella2=replace(replace(trim(idcancella1),"'",""),"""","")
sidform1=Cstr(Request.QueryString("sid"))
sidform2=replace(replace(trim(sidform1),"'",""),"""","")
Set rscontrol = Conn.Execute("select * from gestori where user='" & Userz2 & "' and pwd='" & Passz2 & "'")
if rscontrol.eof then
response.write "<div align=""center""><font face=""Verdana"" size=""2"" color=""#6699CC"">Log Scaduto o non valido</font>
<input onclick=""window.opener.location='login.asp';window.close();"" type=""button"" value=""Chiudi"" name=""button1""></div>"
rscontrol.close
conn.close
set rscontrol=nothing
set conn=nothing
response.end
else
loguser=rscontrol("user")
logpass=rscontrol("pwd")
rscontrol.close
set rscontrol=nothing
end if
Conn.Execute("delete from news where id='" & idcancella2 & "'")
%>
<div align="center"><font face=Verdana size=2 color=#6699CC>News Cancellata</font>
<input onclick="window.opener.location='news_paginazione.asp?user=<%=loguser%>&pwd=<%=logpass%>&sid=<%=sidform2%>&action=viewall';window.close();" type="button" value="Chiudi" name="button1">
</div>
<%
conn.close
set conn=nothing
response.end
end if
%>
<%
if request("action")="modify" then
if request("titolo")="" or request("corpo")="" then
response.write "<div align=""center""><font face=""Verdana"" size=""2"" color=""#6699CC"">Inserire tutti i dati!
<a href=javascript:history.back()>Torna indietro</a></font></div>"
response.end
end if
%>
<%
Userz1=Cstr(Request.QueryString("user"))
Userz2=replace(replace(trim(Userz1),"'",""),"""","")
Passz1=Cstr(Request.QueryString("pwd"))
Passz2=replace(replace(trim(Passz1),"'",""),"""","")
idupdate1=Cstr(Request.QueryString("id"))
idupdate2=replace(replace(trim(idupdate2),"'",""),"""","")
sidform1=Cstr(Request.QueryString("sid"))
sidform2=replace(replace(trim(sidform1),"'",""),"""","")
Set rscontrol = Conn.Execute("select * from gestori where user='" & Userz2 & "' and pwd='" & Passz2 & "'")
if rscontrol.eof then
response.write "<div align=""center""><font face=""Verdana"" size=""2"" color=""#6699CC"">Log Scaduto o non valido</font>
<input onclick=""window.opener.location='login.asp';window.close();"" type=""button"" value=""Chiudi"" name=""button1""></div>"
rscontrol.close
conn.close
set rscontrol=nothing
set conn=nothing
response.end
else
loguser=rscontrol("user")
logpass=rscontrol("pwd")
rscontrol.close
set rscontrol=nothing
end if
Conn.Execute("UPDATE news SET titolo='"& Request.Form("titolo") &"', corpo='"& Request.Form("corpo") &"', data=now(), link1='"& Request.Form("link1") &"', link2='"& Request.Form("link2") &"', link3='"& Request.Form("link3") &"', esterno1='"& Request.Form("esterno1") &"', esterno2='"& Request.Form("esterno2") &"', esterno3='"& Request.Form("esterno3") &"' WHERE id = '" & idupdate2 & "'")
conn.close
set conn=nothing
%>
<span class="viewutente">News modificata!!</span>
<input onclick="window.opener.location='news_paginazione.asp?user=<%=loguser%>&pwd=<%=logpass%>&sid=<%=sidform2%>&action=viewall';window.close();" type="button" value="Chiudi" name="button1">
</div>
<%
response.end
end if
%>
<html>
<head>
<title>Opzioni per news</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style>
.viewutente {font-family: arial; font-size: 9pt; color: #6699CC ; text-decoration:none}
.viewutente:hover {font-family: arial; font-size: 9pt; color: #6699CC; text-decoration:none}
input {font-family: arial; font-size: 9pt}
textarea {font-family: arial; font-size: 9pt}
</style></head>
<body bgcolor="#FFFFFF" text="#000000">
<table width="500" border="0" cellspacing="0" cellpadding="0" align="center">
<%
if request.QueryString("action")="viewnews" then
%>
<%
Userz1=Cstr(Request.QueryString("user"))
Userz2=replace(replace(trim(Userz1),"'",""),"""","")
Passz1=Cstr(Request.QueryString("pwd"))
Passz2=replace(replace(trim(Passz1),"'",""),"""","")
Set rscontol2 = Conn.Execute("select * from gestori where user='" & Userz2 & "' and pwd='" & Passz2 & "'")
if rscontol2.eof then
response.write "<div align=""center""><font face=""Verdana"" size=""2"" color=""#6699CC"">Log Scaduto o non valido</font></div>"
rscontol2.close
conn.close
set rscontol2=nothing
set conn=nothing
response.end
else
rscontol2.close
set rscontol2=nothing
end if
Set rs2 = Conn.Execute("select * from news where id='" & request("id") & "'")
%>
<tr>
<td>
<form name="form1" method="post" action="optionfornews.asp">
<table width="501" border="0" cellspacing="2" cellpadding="0" align="left">
<tr>
<td bgcolor="#999999" width="125"><font size="2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">
Titolo:</font></td>
<td width="370"> <input type="text" name="titolo" value="<%=rs2("titolo")%>" size="40">
</td>
</tr>
<tr>
<td bgcolor="#999999" width="125" valign="top"><font size="2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">
Corpo:</font></td>
<td width="370" valign="top"> <textarea name="corpo" cols="65" rows="18"><%=rs2("corpo")%></textarea>
</td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td colspan="3" height="2" bgcolor="#FF6600"></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td width="125" bgcolor="#999999"><font face="Arial, Helvetica, sans-serif" size="2" color="#FFFFFF">
Data Inserimento:</font></td>
<td width="370" bgcolor="#CCCCCC"> <font size="2" face="Arial, Helvetica, sans-serif"><font color="#333333" size="1" face="Verdana, Arial, Helvetica, sans-serif"><%=rs2("data")%></font></font></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td colspan="3" height="2" bgcolor="#FF6600"></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td bgcolor="#999999" width="125"><font size="2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">
Link 1: </font></td>
<td width="370"> <font size="1">
<input type="text" name="link1" value="<%=rs2("link1")%>" size="50">
<input name="esterno1" <% if rs2("esterno1") = "b" then response.write "checked" %> type="checkbox" id="esterno1" value="b">
<font face="Verdana, Arial, Helvetica, sans-serif"> esterno
</font></font></td>
</tr>
<tr>
<td bgcolor="#999999" width="125"><font size="2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">
Link 2: </font></td>
<td width="370"> <font size="1">
<input type="text" name="link2" value="<%=rs2("link2")%>" size="50">
<input name="esterno2" <% if rs2("esterno2") = "b" then response.write "checked" %> type="checkbox" id="esterno2" value="b">
<font face="Verdana, Arial, Helvetica, sans-serif">esterno
</font></font></td>
</tr>
<tr>
<td width="125" bgcolor="#999999"><font size="2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">
Link 3: </font></td>
<td width="370"> <font size="1">
<input type="text" name="link3" value="<%=rs2("link3")%>" size="50">
<input name="esterno3" <% if rs2("esterno3") = "b" then response.write "checked" %> type="checkbox" id="esterno3" value="b">
<font face="Verdana, Arial, Helvetica, sans-serif">esterno
</font></font></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td colspan="3" height="2" bgcolor="#FF6600"></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr bgcolor="#CCCCCC">
<td colspan="2">
<div align="center"><font size="2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">
<%
Userzup1=Cstr(Request.QueryString("user"))
Userzup2=replace(replace(trim(Userzup1),"'",""),"""","")
Passup1=Cstr(Request.QueryString("pwd"))
Passup2=replace(replace(trim(Passup1),"'",""),"""","")
sidup1=Cstr(Request.QueryString("sid"))
sidup2=replace(replace(trim(sidup1),"'",""),"""","")
%>
<input type="hidden" name="action" value="modify">
<input type="hidden" name="sid" value="<%=sidup2%>">
<input type="hidden" name="id" value="<%=rs2("id")%>">
<input type="hidden" name="user" value="<%=Userzup2%>">
<input type="hidden" name="pwd" value="<%=Passup2%>">
<input type="submit" name="Submit" value="Modifica">
</font></div></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td colspan="3" height="2" bgcolor="#FF6600"></td>
</tr>
<tr>
<td colspan="3" height="2"></td>
</tr>
<tr>
<td colspan="2"> <div align="center"><font size="2" face="Arial, Helvetica, sans-serif">chiudi</font></div></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<%
rs2.close
conn.close
set rs2=nothing
set conn=nothing
response.end
end if
%>
</body>
</html>
Rispondi quotando
