<% =storename %> Administration

<%@ LANGUAGE = "VBScript" %> <% verify if left(Session("privilages"),1)<>"1" then response.redirect("error.asp?msg=" & Server.URLEncode("You do not have privilages to access this page.")) end if stage=request.querystring("stage") username=request.form("username") fullname=request.form("fullname") password1=request.form("password1") password2=request.form("password2") privedit=request.form("privedit") msg="" if stage="update" or stage="new" then 'verify the info. passed if trim(username)="" then msg=msg & "
You need to enter a username." elseif len(username)>15 then msg=msg & "
Your username is too long." end if if trim(fullname)="" then msg=msg & "
You need to enter a full name." elseif len(fullname)>255 then msg=msg & "
Your full name is too long." end if if trim(password1)="" or trim(password2)="" then msg=msg & "
You need to enter the password twice." elseif trim(lcase(password1))<>trim(lcase(password2)) then msg=msg & "
The two passwords entered do not match." elseif len(password1)>10 or len(password2)>10 then msg=msg & "
The passwords are too long." end if if privedit="on" then privilages="1" else privilages="0" end if end if if stage="update" then if msg="" then sql="update users set fullname='" & valid_sql(fullname) & "',password='" & valid_sql(password1) & "',privilages='" & privilages & "' where username='" & valid_sql(username) & "'" db.execute(sql) end if elseif stage="delete" then db.execute("delete * from users where username='" & valid_sql(request.querystring("username")) & "'") elseif stage="new" then 'Firstly check username doesn't already exist set rscheck=db.execute("select * from users where username='" & valid_sql(username) & "'") if not rscheck.eof then msg="
The username you entered already exists." end if if msg="" then 'add the user sql="insert into users (username,fullname, password,privilages) values ('" & valid_sql(username) & "','" & valid_sql(fullname) & "','" & valid_sql(password1) & "','" & privilages & "')" db.execute(sql) end if end if 'a quick check to decide where the message should be displayed if stage="new" then newmsg=msg else updatemsg=msg end if %> <% =storename %> Administration <% header adminmenu "users" %>

add new user
· To add a new user, enter the details in the space provided and click save

<%= newmsg %>

Username	Full Name	Password	Password again	Edit Users

edit existing users
· To edit an existing user just enter the new details in the space provided and click save
· To delete a user, click the delete button beside their profile
<%= updatemsg %>
<% set rsusers=db.execute("select * from users") if not(rsusers.eof) then while not(rsusers.eof) %> <% rsusers.movenext wend end if %>

Username Full Name Password Password
again Edit
Users

<%= rsusers("username") %> " size=10>
" name="fullname" size=10> " name="password1" size=10> " name="password2" size=10> <% if rsusers("privilages")="1" then checked="checked" else checked="unchecked" end if %> > ">

<% footer %>