<%= storename %> Administration

<%@ LANGUAGE = "VBScript" %> <% verify productid=valid_sql(request.querystring("productid")) stage=request.querystring("stage") editcomplete=false if not(productid=null and productid="" and not(isnumeric(productid))) then 'get the relevant products details set rsprod=db.execute("SELECT * FROM products INNER JOIN categories ON products.catcode = categories.catcode WHERE productid = " & productid) if rsprod.eof then response.redirect("error.asp?msg=" & Server.URLEncode("We have no record of the product you are looking for.")) end if name=rsprod("name") description=rsprod("description") price=rsprod("price") saleprice=rsprod("saleprice") image=rsprod("image") catcode=rsprod("catcode") notes=rsprod("notes") featured=rsprod("featured") productid=rsprod("productid") notes=rsprod("notes") 'get names and codes of all products in that category set rscatlist=db.execute("select name,productid from products where catcode=" & rsprod("catcode") & "and productid<>" & valid_sql(productid) & " order by name") end if if stage="delete" and productid<>"" then db.execute("delete * from products where productid=" & productid) editMSG="Product deleted successfully" editcomplete=true elseif stage="delete" and pruductid="" then editMSG="Unable to delete product.
No product specified" editcomplete=true end if if stage="save" then productid=request.querystring("productid") name=request.form("name") description=request.form("description") price=request.form("price") saleprice=request.form("saleprice") image=request.form("image") catcode=request.form("catcode") notes=request.form("notes") featured=request.form("featured") 'Error check the information passed ' If complete then either add a new record or update depending on value of pruductid if name="" or name=null or len(name)>255 then msg=msg & "
You need to enter a valid name." end if if description="" or description=null then msg=msg & "
You need to enter a description." end if if price=null or not(isnumeric(price)) then msg=msg & "
You need to enter the products price." end if if not(isnumeric(saleprice)) and saleprice<>"" then msg=msg & "
You need to enter a valid sale price." end if if len(image)>255 then msg=msg & "
The image tag is too long." end if if not(isnumeric(catcode)) then msg=msg & "
Invalid category entered." end if if saleprice="" or saleprice=null then saleprice=0 end if if msg="" then 'Check wether this is an update or insert if productid=null or productid="" then 'insert sql="insert into products (name, description, price, saleprice, catcode, featured" if valid_sql(image)<>"" then sql=sql & ",image" SQLimage=",'" & valid_sql(image) & "'" end if if valid_sql(notes)<>"" then sql=sql & ",notes" SQLnotes=",'" & valid_sql(notes) & "'" end if sql=sql & ") values ('" & valid_sql(name) & "','" & valid_sql(description) & "'," & valid_sql(price) & "," & valid_sql(saleprice) & "," & valid_sql(catcode) & "," & valid_sql(featured) & SQLimage & SQLnotes & ")" db.execute(sql) else if valid_sql(image)<>"" then SQLimage=", image='" & valid_sql(image) & "'" end if if valid_sql(notes)<>"" then SQLnotes=", notes='" & valid_sql(notes) & "'" end if sql="update products set name='" & valid_sql(name) & "', description='" & valid_sql(description) & "', price=" & valid_sql(price) & ", saleprice=" & valid_sql(saleprice) & ", catcode=" & valid_sql(catcode) & ", featured=" & valid_sql(featured) & SQLnotes & SQLimage & " where productid=" & valid_sql(productid) db.execute(sql) end if editMSG="Product details saved." editcomplete=true end if end if 'stage %> <%= storename %> Administration <% header adminmenu "prod" %> <% if not(productid=null and productid="" and not(isnumeric(productid))) then %>

<%= rsprod("catname") %>
<% 'Display list of other products in category if not rscatlist.eof then rscatlist.movefirst while not rscatlist.eof %> "><%=rscatlist("name")%>
<% rscatlist.movenext wend end if else %>

<% end if %>

<% if editcomplete then %> <%= editmsg %> <% else %>

	<% if productid=null or productid="" then %> add new product · To add a new product enter the details below and click "save" <% else %> edit product details · To change this products details, just edit the form and click "Save". · To delete this product just click "Delete". · To add a new product select "Add Product" on the menu above. <% end if %> <%= msg %>
product name:	" maxlength=100>
description:	<%= Server.HTMLEncode(description & "") %>
price:
sale price:
image tag:	" maxlength=100>
category:
featured product:	<% 'which one to check? if not(featured) then featNO="CHECKED" else featYES="CHECKED" end if %> > Yes > No
notes:	<%= notes %>

<% if productid<>"" then %>

<% end if %> <% end if %>

<% footer %> <% db.close set db=nothing %>