<%@LANGUAGE="VBSCRIPT"%> <%session.lcid=2057%> <% ' *** Restrict Access To Page: Grant or deny access to this page MM_authorizedUsers="True" MM_authFailedURL="adminfail.asp" MM_grantAccess=false If Session("MM_Username") <> "" Then If (false Or CStr(Session("MM_UserAuthorization"))="") Or _ (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then MM_grantAccess = true End If End If If Not MM_grantAccess Then MM_qsChar = "?" If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&" MM_referrer = Request.ServerVariables("URL") if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString() MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer) Response.Redirect(MM_authFailedURL) End If %> <% ' *** Edit Operations: declare variables Dim MM_editAction Dim MM_abortEdit Dim MM_editQuery Dim MM_editCmd Dim MM_editConnection Dim MM_editTable Dim MM_editRedirectUrl Dim MM_editColumn Dim MM_recordId Dim MM_fieldsStr Dim MM_columnsStr Dim MM_fields Dim MM_columns Dim MM_typeArray Dim MM_formVal Dim MM_delim Dim MM_altVal Dim MM_emptyVal Dim MM_i MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString) End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Update Record: set variables If (CStr(Request("MM_update")) = "requestform" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_xtralitesecure_STRING MM_editTable = "uid" MM_editColumn = "XTid" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "admin_amenduser.asp" MM_fieldsStr = "XTfirstname|value|XTsurname|value|XTjobtitle|value|XTcompany|value|XTaddress1|value|XTaddress2|value|XTaddress3|value|XTtown|value|XTcounty|value|XTpostcode|value|XTcountry|value|XTtelephone|value|XTfax|value|XTemail|value|XTbusinessnature|value|XTusername|value|XTpassword|value|XTadmin|value|XTstatus|value|XTdataprotect|value|XTdate|value|XTnotes|value" MM_columnsStr = "XTfirstname|',none,''|XTlastname|',none,''|XTjobtitle|',none,''|XTcompany|',none,''|XTaddress1|',none,''|XTaddress2|',none,''|XTaddress3|',none,''|XTtown|',none,''|XTcounty|',none,''|XTpostcode|',none,''|XTcountry|',none,''|XTtelephone|',none,''|XTfax|',none,''|XTemail|',none,''|XTbusinessnature|',none,''|XTusername|',none,''|XTpassword|',none,''|XTadmin|',none,''|XTaccountstatus|',none,''|XTdataprotect|',none,''|XTregistereddate|',none,NULL|XTnotes|',none,''" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Update Record: construct a sql update statement and execute it If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then ' create the sql update statement MM_editQuery = "update " & MM_editTable & " set " For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_formVal = MM_fields(MM_i+1) MM_typeArray = Split(MM_columns(MM_i+1),",") MM_delim = MM_typeArray(0) If (MM_delim = "none") Then MM_delim = "" MM_altVal = MM_typeArray(1) If (MM_altVal = "none") Then MM_altVal = "" MM_emptyVal = MM_typeArray(2) If (MM_emptyVal = "none") Then MM_emptyVal = "" If (MM_formVal = "") Then MM_formVal = MM_emptyVal Else If (MM_altVal <> "") Then MM_formVal = MM_altVal ElseIf (MM_delim = "'") Then ' escape quotes MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'" Else MM_formVal = MM_delim + MM_formVal + MM_delim End If End If If (MM_i <> LBound(MM_fields)) Then MM_editQuery = MM_editQuery & "," End If MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal Next MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId If (Not MM_abortEdit) Then ' execute the update Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% Dim XTusertoamend__XTselect XTusertoamend__XTselect = "1" If (Request.QueryString("XTpasseduserID") <> "") Then XTusertoamend__XTselect = Request.QueryString("XTpasseduserID") End If %> <% Dim XTusertoamend Dim XTusertoamend_numRows Set XTusertoamend = Server.CreateObject("ADODB.Recordset") XTusertoamend.ActiveConnection = MM_xtralitesecure_STRING ' XTusertoamend.Source = "SELECT * FROM uid WHERE XTid = " + Replace(XTusertoamend__XTselect, "'", "''") + "" XTusertoamend.Source = "SELECT * FROM uid WHERE XTid = " + Replace(XTusertoamend__XTselect, "'", "''") + "" XTusertoamend.CursorType = 0 XTusertoamend.CursorLocation = 2 XTusertoamend.LockType = 1 XTusertoamend.Open() XTusertoamend_numRows = 0 %> <% Dim XTcurrentuser Dim XTcurrentuser_numRows Set XTcurrentuser = Server.CreateObject("ADODB.Recordset") XTcurrentuser.ActiveConnection = MM_xtralitesecure_STRING XTcurrentuser.Source = "SELECT XTusername, XTfirstname, XTlastname, XTcompany FROM uid WHERE XTusername = '"&Session("MM_UserName")&"'" XTcurrentuser.CursorType = 0 XTcurrentuser.CursorLocation = 2 XTcurrentuser.LockType = 1 XTcurrentuser.Open() XTcurrentuser_numRows = 0 %> Xtralite Rooflights -- Daylight by Design

Downloads secure area: Administration

 

You are currently logged in as <%=(XTcurrentuser.Fields.Item("XTfirstname").Value)%> <%=(XTcurrentuser.Fields.Item("XTlastname").Value)%> from <%=(XTcurrentuser.Fields.Item("XTcompany").Value)%>, if this is not you, or you should not have administration rights to this server then you must logout immediately.

 

AMEND USER

 

First Name " name="XTfirstname" type="text" id="XTfirstname" size="40" maxlength="100">
Surname " name="XTsurname" type="text" id="XTsurname" size="40" maxlength="100">
Job Title " name="XTjobtitle" type="text" id="XTjobtitle" size="40" maxlength="100">
Company " name="XTcompany" type="text" id="XTcompany" size="40" maxlength="100">
Address " size="40" maxlength="100">
  " size="40" maxlength="100">
  " size="40" maxlength="100">
Town " size="40" maxlength="100">
County/Region " size="40" maxlength="100">
Postal Code " size="40" maxlength="100">
Country
Telephone " size="40" maxlength="100">
Fax " size="40" maxlength="100">
Email " size="40" maxlength="100">
Nature of Business " size="40" maxlength="100">
Username " size="40" maxlength="100">
Password " size="40" maxlength="100">
Administrator
type="radio" name="XTadmin" value="True"> Yes
Account Status
name="XTstatus" type="radio" value="Enabled"> Enabled
Data Protection OK for Xtralite to store details on computer systems
type="radio" name="XTdataprotect" value="Yes"> Yes

Notes

 

    
">

 

 

<% XTusertoamend.Close() Set XTusertoamend = Nothing %> <% XTcurrentuser.Close() Set XTcurrentuser = Nothing %>