% Response.Buffer = True %>
<% On Error Resume Next %>
<%
connect_string = "Driver={Mysql}; Server=localhost;Database=crrude_giftlists; UID=crrude_dbweb; PWD=Dbw3b"
set dbConn = server.createObject("ADODB.connection")
dbConn.open connect_string
%>
<% if request("action")="create" then %>
<%
strFName = request("firstname")
strLName = request("lastname")
response.write strFName & "
"
response.write strLName & "
"
mySQL1="INSERT INTO people(fname, lname) VALUES('" & request("firstname") & "', '" & request("lastname") & "')"
'mySQL="insert into tblLineups(RaceNumber, TeamNumber, Tier, CarNumber, Division) Values(" & request("Race") & ", " & session("team") & ", '" & tr & "', '" & car & "', " & Div & ")"
response.write mySQL1
set rs1=dbConn.execute(mySQL1)
%>
<% response.redirect "giftlist.asp" %>
<% else %>
<% if request("action")="getlist" then %>
<%
session("getlist")=request("pid")
%>
<%
mySQL1="SELECT * FROM people WHERE pid=" & request("pid")
set rs1=dbConn.execute(mySQL1)
%>
<% response.write rs1("fname") & " " & rs1("lname") %>'s Gift List
|
Back to Lists
|
<%
mySQL1="SELECT * FROM tblLists WHERE pid=" & request("pid") & " AND itempurch=0 AND iteminactive=0"
set rs1=dbConn.execute(mySQL1)
DO WHILE NOT rs1.eof
%>
|
<% response.write rs1("itemdesc") %>
|
|
<%
rs1.movenext
loop
%>
|
|
|
<%
else
if request("action")="edit" then
%>
<%
mySQL1="SELECT * FROM tblLists WHERE lid=" & request("lid")
'response.write mySQL1
set rs1=dbConn.execute(mySQL1)
strIName = rs1("itemname")
strIDesc = rs1("itemdesc")
strILink = rs1("itemlink")
%>
<% response.write strIName %>
|
">Back to Lists
|
|
|
<%
else
if request("action")="delete" then
%>
<%
mySQL1="SELECT * FROM tblLists WHERE lid=" & request("lid")
'response.write mySQL1
set rs1=dbConn.execute(mySQL1)
strIName = rs1("itemname")
strIDesc = rs1("itemdesc")
strILink = rs1("itemlink")
%>
<% response.write strIName %>
|
">Back to Lists
|
Item Name:
<% response.write rs1("itemname") %>
|
Item Description:
<% response.write rs1("itemdesc") %>
|
Link to Item Online:
<% response.write rs1("itemlink") %>
|
|
|
|
|
|
<%
else
if request("action")="yesdelete" then
mySQL1="UPDATE tblLists SET iteminactive=1 WHERE lid=" & request("lid")
set rs1=dbConn.execute(mySQL1)
response.redirect "giftlist.asp?action=getlist&pid=" & request("pid")
%>
Deleting - Back to list.
<%
else
if request("action")="update" then
%>
<%
strLid=request("lid")
strIName=request("iname")
strIDesc=request("txtIDesc")
strILink=request("txtILink")
'response.write strLid & "
"
'response.write strIName & "
"
'response.write strIDesc & "
"
'response.write strILink & "
"
strTest="This is ' a Test"
if INSTR(strIName, "'") then
strIName=replace(strIName,"'","")
end if
if INSTR(strIDesc, "'") then
strIDesc=replace(strIDesc,"'","")
end if
if INSTR(strILink, "'") then
strILink=replace(strILink,"'","")
end if
if INSTR(strILink, "http://") then
response.write "it's there"
else
response.write "it's Not There"
strILink="http://" & strILink
end if
mySQL1="UPDATE tblLists SET ItemName='" & strIName & "', ItemDesc='" & strIDesc & "', ItemLink='" & strILink & "' WHERE lid=" & strLid
'mySQL="insert into tblLineups(RaceNumber, TeamNumber, Tier, CarNumber, Division) Values(" & request("Race") & ", " & session("team") & ", '" & tr & "', '" & car & "', " & Div & ")"
'response.write mySQL1
set rs1=dbConn.execute(mySQL1)
response.redirect "giftlist.asp?action=getlist&pid=" & session("getlist")
%>
<%
else
if request("action")="add" then
%>
<%
strIName = request("iname")
strIDesc = request("idesc")
strILink = request("ilink")
response.write strIName & "
"
response.write strIDesc & "
"
response.write strILink & "
"
if INSTR(strIName, "'") then
strIName=replace(strIName,"'","")
end if
if INSTR(strIDesc, "'") then
strIDesc=replace(strIDesc,"'","")
end if
if INSTR(strILink, "'") then
strILink=replace(strILink,"'","")
end if
if INSTR(strILink, "http://") then
response.write "it's there"
else
strILink="http://" & strILink
end if
if strILink="http://" then
strILink="#"
end if
mySQL1="INSERT INTO tblLists(pid, itemname, itemdesc, itemlink) VALUES(" & request("pid") & ", '" & strIName & "', '" & strIDesc & "', '" & strILink & "')"
'mySQL="insert into tblLineups(RaceNumber, TeamNumber, Tier, CarNumber, Division) Values(" & request("Race") & ", " & session("team") & ", '" & tr & "', '" & car & "', " & Div & ")"
response.write mySQL1
set rs1=dbConn.execute(mySQL1)
%>
<% response.redirect "giftlist.asp?action=getlist&pid=" & request("pid") %>
<% else %>
<% end if %>
<% end if %>
<% end if %>
<% end if %>
<% end if %>
<% end if %>
<% end if %>