  The actual source for the files is shown below. If this is the first CYA source code you've seen you should read this overview first.
 Did you know you can download all the source code (and the database) of this site? Then get my newsletter to be emailed when I update the source code!
Please spread the word by recommending my site to your friends and colleagues! DBEditTable.asp<!--#include file = "/include/Startup.html"-->
<%
// ============================================
// NOTE: all source code downloaded from CoverYourASP was written by
// James Shaw (unless stated otherwise), and is copyright (c) 2000 by
// James Shaw. You may use this source code on your web sites, but
// please don't publish or distribute in any way.
//
// I would appreciate an HTML comment in any code you use, i.e.
// <!-- portions (c) [email protected]>
// (see Footer(), documented in SSI.asp for details on how to do this)
//
// <shameless plug>
// Please contact me to discuss any ASP contract work you may have.
// </shameless plug>
// ============================================
// get password from URL - see utils/Init.asp
LookForMagicWord ( );
// increment the parent articles counter
sIncArticlePage = '/DBAdmin.html';
// get table name
var sTableName = "" + Request.QueryString ( 'table' );
if ( sTableName == "undefined" )
sTableName = 'Articles';
// output relevant meta tags
Init( 'Database administration - editing table "' + sTableName + '"' );
// output common top of page
Header( '<a href="DBAdmin.asp?pad=1' + sMagicWord + '">Database administration</a> --> Editing table "' + sTableName + '"' );
// output page content
Content ( );
// output common bottom of page
Footer( );
// ============================================
// the content of this page - every page has a function 'Content' that
// is called above.
// ============================================
function Content ( )
{
Out ( '<td colspan=3 width="100%" valign="top">' );
ShowAd ( );
Out ( 'This page shows the records in the table "' + sTableName + '", one page of 10 records at a time. All the information on this page comes from the database - the names of the fields, the data itself and even the page-handling is done by the RecordSet object.' );
Out ( '<p>You can browse through the pages, add new records or edit/delete individual records. Go ahead! Don\'t worry about hurting anything - you won\'t be able to save any changes. To understand how this security works, <a href="/Security.html">read this page</a>.' );
// has the sort form been submitted?
var sSort = '';
var sSortField = '' + Request.QueryString ( 'sortfield' );
var sSortDirn = '' + Request.QueryString ( 'sortdirn' );
var sCurrSortURL = '';
if ( sSortField != 'undefined' )
{
sSort = ' ORDER BY ' + sSortField;
sCurrSortURL = '&sortfield=' + sSortField;
if ( sSortDirn != 'undefined' )
{
sSort += ' ' + sSortDirn;
sCurrSortURL += '&sortdirn=' + sSortDirn;
}
}
// open connection
DBInitConnection ( );
// get the fields from the table or simulate
// some data if it's a protected table
var bHideContents = false;
var sLowerCase = sTableName.toLowerCase ( );
// remove brackets
sLowerCase = sLowerCase.replace ( /\[|\]/g, '' );
switch ( sLowerCase )
{
case 'mailinglist':
case 'members':
case 'banners':
case 'bannerstats':
bHideContents = true;
break;
}
var sSQL = 'SELECT * FROM ' + sTableName;
if ( !bValidUser && bHideContents )
{
Out ( '<p><font color="blue">(<b>Note:</b> The "' + sTableName + '" table is an exception - you can\'t even view this one fully. Only a small subset of the table is visible to you without the <a href="/Security.html">password</a>)</font>' );
switch ( sLowerCase )
{
case 'mailinglist':
sSQL = 'SELECT * FROM MailingList WHERE Email LIKE \'%@shawthing.com\'';
break;
case 'members':
sSQL = 'SELECT * FROM Members WHERE Email LIKE \'%@coveryourasp.com\'';
break;
case 'banners':
sSQL = 'SELECT * FROM Banners WHERE MemberID=1';
break;
case 'bannerstats':
sSQL = 'SELECT BannerDate,BannerStats.BannerID,ImpressionCount,ClickCount FROM BannerStats INNER JOIN Banners ON BannerStats.BannerID = Banners.BannerID WHERE MemberID=1';
// quick and dirty fix to stop error when sorting by BannerID
if ( -1 != sSort.toLowerCase( ).indexOf ( 'bannerid' ) )
{
sSort = '';
Out ( '<h5><font color="blue">Sorry, you cannot sort by BannerID in this table</h5>' );
}
break;
}
}
// trap any error that occurs in case
// QueryString is modified ;-)
try
{
// open the recordset
oRecordSet.Open ( sSQL + sSort, oConnection, adOpenStatic, adLockReadOnly, adCmdText );
// get number of records
var nRecs = oRecordSet.RecordCount;
// get number of fields
var nFields = oRecordSet.Fields.Count;
// set page size
oRecordSet.PageSize = 10;
// which page am I displaying?
var nPage = Request.QueryString ( 'page' ) - 0;
if ( isNaN ( nPage ) )
nPage = 1;
// how many pages are there?
var nPageCount = oRecordSet.PageCount;
// set current page
oRecordSet.AbsolutePage = nPage;
// general table options and navigation
Out ( '<p><center><a href="DBAddRecord.asp?table=' + sTableName + sMagicWord + '">Add new record</a> Navigate: ' );
var sLink = '<a href="DBEditTable.asp?table=' + sTableName + sMagicWord + '&page=';
if ( nPage > 1 )
Out ( sLink + 1 + sCurrSortURL + '">|<</a> ' + sLink + (nPage-1) + sCurrSortURL + '"><<</a>' );
else
Out ( '|< <<' );
Out ( ' ' );
if ( nPage < nPageCount )
Out ( sLink + (nPage+1) + sCurrSortURL + '">>></a> ' + sLink + nPageCount + sCurrSortURL + '">>|</a> ' );
else
Out ( '>> >| ' );
Out ( ' Page ' + nPage + ' of ' + nPageCount + ' ' + nRecs + ' records</center>' );
Out ( '<p><table border=0 cellspacing=0 cellpadding=1>' );
// show all field names as headings
Out ( '<tr>' );
Out ( '<td><b>Action</b></td>' );
for ( var i=0; i<nFields; i++ )
{
var sField = '' + oRecordSet.Fields ( i ).Name;
var sSortURL = sLink + nPage + '&sortfield=' + sField;
if ( sSortDirn == 'desc' )
sSortURL += '&sortdirn=asc';
else
sSortURL += '&sortdirn=desc';
Out ( '<td><b>|' + sSortURL + '">' + sField + '</a></b></td>' );
}
Out ( '</tr>' );
// ======================================
// store the name of the first field - NOTE that I assume
// when editing or deleting records that this field is unique!
// ======================================
var sUniqueField = "" + oRecordSet.Fields ( 0 ).Name;
// used to alternate row color
var bColor=1;
// loop through all records on this page
for ( var nPerPage=0; !oRecordSet.EOF && nPerPage<oRecordSet.PageSize; nPerPage++)
{
if ( bColor )
Out ( '<tr bgcolor="#ff9900">' );
else
Out ( '<tr>' );
// put links to edit/delete record pages
sLink = '?table=' + sTableName + '&' + sUniqueField + '=';
// wrap value in "" if its a string type
switch ( oRecordSet ( 0 ).Type )
{
case 7: // date
case 133: // date
case 134: // time
case 135: // date/time
sLink += Server.URLEncode ( '#' + FormatDateDMY ( oRecordSet ( 0 ) ) + '#' );
break;
case 8: // BSTR
case 129: // string
case 130: // unicode string
case 200: // string
case 201: // long string
case 202: // unicode string
case 203: // long string
sLink += '\'' + oRecordSet ( 0 ) + '\'';
break;
default:
sLink += oRecordSet ( 0 );
break;
}
sLink += sMagicWord;
Out ( '<td><a href="DBEditRecord.asp' + sLink + '">Edit</a><br><a href="DBDeleteRecord.asp' + sLink + '">Delete</a></td>' );
bColor = 1-bColor;
// loop through all fields in this record
for ( var i=0; i<nFields; i++)
{
var oField = oRecordSet ( i );
var sText;
// show prettier dates
if ( oField.Type == 7/*date*/ )
sText = FormatDateDMY ( oField );
else
sText = "" + Server.HTMLEncode ( '' + oField );
// for brevity show the first x characters only
if ( sText.length > 35 )
sText = sText.slice ( 0, 35 ) + '...';
Out ( '<td>' + sText + '</td>' );
}
Out ( '</tr>' );
oRecordSet.MoveNext ( );
}
Out ( '</table>' );
// release connection
DBReleaseConnection ( );
}
catch ( e )
{
// display warning that error occurred
DatabaseException ( e );
}
Out ( '<p><center><a href="/ShowSource_page_DBEditTable.html"><img src="/images/source.gif" border=0></a></center>' );
Out ( '</td>' );
}
%> |
Hopefully much of this is self-explanatory. If not, or if you see ways that I can improve the code, please drop me a line.
To see the source code for this page, click on the icon below. | 
This is the first year for my site and I need every single vote.Thank you for your support!   
My most referenced book on the shelf probably. Superb reference for client and server side JavaScript.Sponsors...
 
As seen on...
 
As seen on...
 
If you want to know the answer to your questions, read this book. No, it doesn't tell you about Response.Buffer, but it does tell you how to do something right!
Written by 4GuysFromRolla guru Scott Mitchell - very good for beginners to programming ASP.
|
