<%@ LANGUAGE="VBSCRIPT" %> <% '=============================================== ' Personals System 2002 ' Š2002 vSpin.net. www.vspin.net '=============================================== ' All rights reserved. ' Use of this code is covered by the terms and ' conditions in the license agreement. No ' unauthorized duplication or distribution is ' permitted. vSpin.net copyright notices must ' remain in the ASP sections of the code. '=============================================== %> <% ' *** Restrict Access To Page: Grant or deny access to this page Dim MM_authorizedUsers, MM_authFailedURL, MM_grantAccess MM_authorizedUsers="user,admin" MM_authFailedURL="login.asp" MM_grantAccess=false If Session("MM_Username") <> "" Then If (false Or CStr(Session("MM_UserAuthorization"))="") Or _ (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then MM_grantAccess = true End If End If If Not MM_grantAccess Then MM_qsChar = "?" If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&" MM_referrer = Request.ServerVariables("URL") if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString() MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer) Response.Redirect(MM_authFailedURL) End If %> <% dim xxxxm, rsheadUpdatee, rsheadUpdatee_numRows Dim p_photoapprove2, p_photoapprove, ProdType, V_Delete, V_DeleteImage, p_id, p_age, p_city, p_sex, p_seek, p_user, p_headline, p_relationship, p_weight, p_height, p_marital, p_child, p_wantchild, p_smoke, p_drink, p_body, p_hair, p_desc, p_religion, p_ethnicity, p_employ, p_education, V_ImageLarge, strFileType, errortext, errorno, pos, theQuery, message, thepath, strFileUploadName, aryFileUploadName, fs, aryFileType, numFileLoopCounter, ImageName FUNCTION CheckNotBlank(errortext,errorno,itemname,fieldname) If fieldname="" then errorno = errorno + 1 errortext = errortext + "" + Cstr(errorno) + ". " + "The "&itemname&" is blank.
" End if CheckNotBlank=errortext END FUNCTION FUNCTION ErrorcheckLength(errortext,errorno,itemname,fieldname,allowablelength) If Len(fieldname)> allowablelength then errorno = errorno + 1 errortext = errortext + "" + Cstr(errorno) + ". " + "The "&itemname&" is currently "&len(fieldname)&" characters, but must be less than "&allowablelength&".
" End if ErrorcheckLength=errortext END FUNCTION Function sqlsafe(s) pos = InStr(s, "'") While pos > 0 s = Mid(s, 1, pos) & "'" & Mid(s, pos + 1) pos = InStr(pos + 2, s, "'") Wend sqlsafe=s End Function Dim Uploader, File Set Uploader = New FileUploader Uploader.Upload() ' Check if any files were uploaded If Uploader.Form("V_DeleteImage") ="y" Then p_photoapprove="0" p_photoapprove2="2" elseIf Uploader.Files.Count = 0 Then p_photoapprove2="1" p_photoapprove="0" ElseIf NOT Uploader.Files.Count = 0 Then p_photoapprove="1" p_photoapprove2="2" else end if '----------------------------------------------- 'COLLECT VALUES FROM FORM '----------------------------------------------- ProdType = Uploader.Form("ProdType") V_Delete = Uploader.Form("V_Delete") V_DeleteImage = Uploader.Form("V_DeleteImage") p_id = Uploader.Form("p_id") p_age = Uploader.Form("p_age") p_city = Uploader.Form("p_city") p_sex = Uploader.Form("p_sex") p_seek = Uploader.Form("p_seek") R1 = Uploader.Form("R1") p_user = rsSession("p_user") p_headline = Uploader.Form("p_headline") p_relationship = Uploader.Form("p_relationship") p_weight = Uploader.Form("p_weight") if p_weight = "" then p_weight=0 p_height = Uploader.Form("p_height") if p_height = "" then p_height=0 p_marital = Uploader.Form("p_marital") if p_marital = "" then p_marital=0 p_child = Uploader.Form("p_child") if p_child = "" then p_child=0 p_wantchild = Uploader.Form("p_wantchild") if p_wantchild = "" then p_wantchild=0 p_smoke = Uploader.Form("p_smoke") if p_smoke = "" then p_smoke=0 p_drink = Uploader.Form("p_drink") if p_drink = "" then p_drink=0 p_body = Uploader.Form("p_body") if p_body = "" then p_body=0 p_hair = Uploader.Form("p_hair") if p_hair = "" then p_hair=0 p_desc = Uploader.Form("p_desc") p_religion = Uploader.Form("p_religion") if p_religion = "" then p_religion=0 p_ethnicity = Uploader.Form("p_ethnicity") if p_ethnicity = "" then p_ethnicity=0 p_employ = Uploader.Form("p_employ") if p_employ = "" then p_employ= 0 p_education = Uploader.Form("p_education") if p_education = "" then p_education=0 V_ImageLarge = Uploader.Form("V_ImageLarge") '----------------------------------------------- 'ERROR CHECKING 'Using functions we have built to make routine 'checks easier. '----------------------------------------------- If V_delete ="no" then '------------------------------------------- 'CHECK FILE UPLOAD IS OK FILETYPE '------------------------------------------- For Each File In Uploader.Files.Items strFileUploadName = File.FileName If strFileUploadName <> "" then aryFileUploadName = split(strFileUploadName,".",-1) strFileType = lcase(aryFileUploadName(Ubound(aryFileUploadName))) End if Next If InStr("jpg,jpeg,gif,png",strFileType)<1 then errorno = errorno + 1 errortext = errortext + "" + Cstr(errorno) + ". " + "The upload file type is not supported. This site accepts the following types: " & replace("jpg,jpeg,gif,png",",",", ") & ".
" End if errortext = CheckNotBlank(errortext,errorno,"headline",p_headline) errortext = CheckNotBlank(errortext,errorno,"sex",p_sex) errortext = CheckNotBlank(errortext,errorno,"seek",p_seek) errortext = CheckNotBlank(errortext,errorno,"relationship",p_relationship) errortext = CheckNotBlank(errortext,errorno,"age",p_age) errortext = CheckNotBlank(errortext,errorno,"city",p_city) errortext = ErrorcheckLength(errortext,errorno,"version codenumber",p_headline,50) If Not IsNumeric(p_age) then errorno = errorno + 1 errortext = errortext + "" + Cstr(errorno) + ". " + "The Age field can only contain numbers above 17 - please don't enter non-numeric characters or negative values.
" End if If Not IsNumeric(p_weight) then errorno = errorno + 1 errortext = errortext + "" + Cstr(errorno) + ". " + "The Weight field can only contain numbers above zero - please don't enter non-numeric characters or negative values.
" End if End If '----------------------------------------------- 'IF NO ERRORS FOUND, MODIFY THE DATABASE '----------------------------------------------- If errortext ="" then '----------------------------------------------- 'NEW VERSION 'If p_id is zero then it is a new version, in 'this case we insert a new record into the DB '----------------------------------------------- if p_id=0 And p_photoapprove2=1 then p_photoapprove=0 Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open MM_conn_STRING sql1 = "INSERT INTO p_ads (p_headline, p_age, p_sex, p_photoapprove, p_user, p_body, p_city, p_marital, p_child, p_wantchild, p_smoke, p_drink, p_hair, p_ethnicity, p_employ, p_religion, p_desc, p_education, p_weight, p_seek, p_relationship, p_height) VALUES('" &_ sqlsafe(p_headline) & "','" &_ p_age & "','" &_ p_sex & "','" &_ p_photoapprove & "','" &_ sqlsafe(p_user) & "','" &_ p_body & "','" &_ p_city & "','" &_ p_marital & "','" &_ p_child & "','" &_ p_wantchild & "','" &_ p_smoke & "','" &_ p_drink & "','" &_ p_hair & "','" &_ p_ethnicity & "','" &_ p_employ & "','" &_ p_religion & "','" &_ sqlsafe(p_desc) & "','" &_ p_education & "','" &_ p_weight & "','" &_ p_seek & "','" &_ p_relationship & "','" &_ p_height & "')" conn.execute(sql1) message=1 elseif p_id=0 And p_photoapprove2=2 then p_photoapprove=1 Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open MM_conn_STRING sql1 = "insert into p_ads (p_headline, p_age, p_sex, p_photoapprove, p_user, p_body, p_city, p_marital, p_child, p_wantchild, p_smoke, p_drink, p_hair, p_ethnicity, p_employ, p_religion, p_desc, p_education, p_weight, p_seek, p_relationship, p_height) VALUES('" &_ sqlsafe(p_headline) & "','" &_ p_age & "','" &_ p_sex & "','" &_ p_photoapprove & "','" &_ sqlsafe(p_user) & "','" &_ p_body & "','" &_ p_city & "','" &_ p_marital & "','" &_ p_child & "','" &_ p_wantchild & "','" &_ p_smoke & "','" &_ p_drink & "','" &_ p_hair & "','" &_ p_ethnicity & "','" &_ p_employ & "','" &_ p_religion & "','" &_ sqlsafe(p_desc) & "','" &_ p_education & "','" &_ p_weight & "','" &_ p_seek & "','" &_ p_relationship & "','" &_ p_height & "')" conn.execute(sql1) '-------------------------------------------------- 'FIND ID OF NEW VERSION '-------------------------------------------------- SQL1 = "SELECT p_id, p_user FROM p_ads WHERE p_user = '" + Replace(p_user, "'", "''") + "'" Set rsMain = conn.execute(sql1) p_id = rsMain("p_id") message=1 '----------------------------------------------- 'UPDATE VERSION 'Otherwise, if the script is not being called to 'delete a version, update the version. '----------------------------------------------- elseif V_delete="no" And p_photoapprove2=2 then Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open MM_conn_STRING sql1 = "UPDATE p_ads SET p_headline='" & sqlsafe(p_headline) & "'," &_ "p_age=" & p_age & "," &_ "p_sex=" & p_sex & "," &_ "p_photoapprove='" & p_photoapprove & "'," &_ "p_user='" & p_user & "'," &_ "p_body=" & p_body & "," &_ "p_city=" & p_city & "," &_ "p_marital=" & p_marital & "," &_ "p_child=" & p_child & "," &_ "p_wantchild=" & p_wantchild & "," &_ "p_smoke=" & p_smoke & "," &_ "p_drink=" & p_drink & "," &_ "p_hair=" & p_hair & "," &_ "p_religion=" & p_religion & "," &_ "p_ethnicity=" & p_ethnicity & "," &_ "p_employ=" & p_employ & "," &_ "p_desc='" & sqlsafe(p_desc) & "'," &_ "p_weight=" & p_weight & "," &_ "p_seek=" & p_seek & "," &_ "p_relationship='" & p_relationship & "'," &_ "p_height=" & p_height & "," &_ "p_education=" & p_education & " WHERE p_id=" & p_id conn.execute(sql1) elseif V_delete="no" And p_photoapprove2=1 then Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open MM_conn_STRING sql1 = "UPDATE p_ads SET p_headline='" & sqlsafe(p_headline) & "'," &_ "p_age=" & p_age & "," &_ "p_sex=" & p_sex & "," &_ "p_user='" & p_user & "'," &_ "p_body=" & p_body & "," &_ "p_city=" & p_city & "," &_ "p_marital=" & p_marital & "," &_ "p_child=" & p_child & "," &_ "p_wantchild=" & p_wantchild & "," &_ "p_smoke=" & p_smoke & "," &_ "p_drink=" & p_drink & "," &_ "p_hair=" & p_hair & "," &_ "p_religion=" & p_religion & "," &_ "p_ethnicity=" & p_ethnicity & "," &_ "p_employ=" & p_employ & "," &_ "p_desc='" & sqlsafe(p_desc) & "'," &_ "p_weight=" & p_weight & "," &_ "p_seek=" & p_seek & "," &_ "p_relationship='" & p_relationship & "'," &_ "p_height=" & p_height & "," &_ "p_education=" & p_education & " WHERE p_id=" & p_id conn.execute(sql1) end if '----------------------------------------------- 'ADD IMAGE AND RENAME IT TO PRODUCT NUMBER 'This way, you can't accidentally overwrite an 'existing image by giving it the same name... '----------------------------------------------- thepath=Server.MapPath("ad_photos/") 'path to version pictures If Uploader.Files.Count > 0 and strFileType<>"" then For Each File In Uploader.Files.Items set fs=CreateObject("Scripting.FileSystemObject") aryFileType = split("jpg,jpeg,gif,png",",",-1) 'SPLITS LIST OF ACCEPTABLE FILE TYPES IN CONFIG.ASP INTO ARRAY numFileLoopCounter = Ubound(aryFileType) '----------------------------------------------- 'DELETE ANY EXISTING FILES WITH THIS NAME 'Should remove all files of any of the possible 'types as users may update their CV with one of 'another type. '----------------------------------------------- Do while numFileLoopCounter>-1 ImageName = p_id & "." & aryFileType(numFileLoopCounter) set fs=CreateObject("Scripting.FileSystemObject") If fs.FileExists(thepath & "\" & ImageName) then fs.DeleteFile(thepath & "\" & ImageName) End if numFileLoopCounter = numFileLoopCounter-1 Loop set fs=nothing Next For Each File In Uploader.Files.Items File.FileName = p_id & "." & strFileType File.SaveToDisk thepath Next Else If V_DeleteImage = "y" OR V_delete = "y" then set fs=CreateObject("Scripting.FileSystemObject") aryFileType = split("jpg,jpeg,gif,png",",",-1) 'SPLITS LIST OF ACCEPTABLE FILE TYPES IN CONFIG.ASP INTO ARRAY numFileLoopCounter = Ubound(aryFileType) '----------------------------------------------- 'DELETE ANY EXISTING FILES WITH THIS NAME 'Should remove all files of any of the possible 'types as user wants to delete the logo. '----------------------------------------------- Do while numFileLoopCounter>-1 ImageName = p_id & "." & aryFileType(numFileLoopCounter) set fs=CreateObject("Scripting.FileSystemObject") If fs.FileExists(thepath & "\" & ImageName) then fs.DeleteFile(thepath & "\" & ImageName) End if numFileLoopCounter = numFileLoopCounter-1 Loop set fs=nothing End if End if if R1 = "V1" then response.redirect("questions.asp?message=4") end if if message=1 then set rs_main = nothing MM_conn_STRING.close Set MM_conn_STRING = nothing response.redirect("default.asp?message=4") else set rs_main = nothing MM_conn_STRING.close Set MM_conn_STRING = nothing response.redirect("default.asp?message=5") end if else %>

Ad Error

Problems...

Please go back and rectify the following problems:

<% =errortext %>

go back

<% end if %>