<% if request.querystring("action") = "" then ACTION = request.form("action") else ACTION = request.querystring("action") end if function CleanString(sqlValue) CleanString = replace(sqlValue, "'", "''") end function function cleanHTMLString(sqlValue) cleanHTMLString = replace(sqlValue, "'", "'") end function call openConn("nothingtoit_7051") 'BELOW is the navigation structure 'SELECT CASE UCASE(ACTION) 'CASE "ADDBLANKFORM" 'Present a blank form for user to add a class 'CASE "ADDINSERT" 'Present a confirmation from the SQL Insert 'CASE "MODIFYCHOOSE" 'Present all classes as choices 'CASE "MODIFYPRELOADED" 'Present preloaded form for modification 'CASE "MODIFYUPDATE" 'Present confirmation of SQL MODIFY command 'CASE "DELETECHOOSE" 'Present all classes as choices 'CASE "DELETEDELETE" 'Present confirmation of SQL delete statement 'END SELECT SELECT CASE UCASE(ACTION) CASE "ADDBLANKFORM" 'Present a blank form for user to add a class SQL = "SELECT * FROM instructor_tbl;" SQL2 = "SELECT * FROM class_series_tbl;" %>
Class Name
$
Price
Series
Description
Prerequisite
Photo
Note
Demo?
New?

<% CASE "ADDINSERT" 'Present a confirmation from the SQL Insert if request.form("chkDemo") = "1" then demoVar = "1" else demoVar = "0" end if if request.form("chkNew") = "1" then newVar = "1" else newVar = "0" end if SQL = "Insert into class_tbl (class_name , class_price, class_series_id, class_description, class_prerequisite, class_photo, class_note, class_demo, class_new)" SQL = SQL & " Values ('" & cleanstring(request.form("classname")) &"','" & request.form("classprice") & "','" & request.form("classseries") & "','" & cleanstring(request.form("description")) & "','" & request.form("prerequisite") & "','" & request.form("photo") & "','" & cleanstring(request.form("note")) & "','" & demoVar & "','" & newVar & "');" SET COMM=server.createobject("ADODB.command") comm.activeconnection = CONN comm.commandtext = SQL comm.commandtype = adCmdText comm.execute SET comm = nothing response.write "

You've successfully added the class.


" CASE "MODIFYCHOOSE" 'Present all classes as choices SQL = "SELECT * FROM CLASS_TBL ORDER BY CLASS_NAME;" Call openRS(SQL) response.write "
" response.write "" response.write "   
" call closeRS CASE "MODIFYPRELOADED" 'Present preloaded form for modification CLASSID = request.form("classid") SQL = "SELECT * FROM CLASS_TBL WHERE CLASS_ID = " &CLASSID& ";" call OpenRS(SQL) 'put the loaded form here...%>
Class Name
$
Price
Series
Description
Prerequisite
Photo
Note
>
Demo?
>
New?

<% call closeRS CASE "MODIFYUPDATE" 'Present confirmation of SQL MODIFY command" if request.form("chkDemo") = "1" then demoVar = "1" else demoVar = "0" end if if request.form("chkNew") = "1" then newVar = "1" else newVar = "0" end if SQL = "UPDATE CLASS_TBL SET class_name = '"& cleanstring(request.form("classname")) &"', " SQL = SQL & "class_price = '"& request.form("classprice") &"', " SQL = SQL & "class_series_id = '"& request.form("classseries") &"', " SQL = SQL & "class_description = '"& cleanstring(request.form("description")) &"', " SQL = SQL & "class_prerequisite = '"& cleanstring(request.form("prerequisite")) &"', " SQL = SQL & "class_photo = '"&cleanstring(request.form("photo"))&"', " SQL = SQL & "class_note = '"&cleanstring(request.form("note"))&"', " SQL = SQL & "class_demo = '"&demoVar&"', " SQL = SQL & "class_new = '"&newVar&"' " SQL = SQL & "where class_id ="& request.form("classid") &";" call openCMD(SQL) call closeCMD response.write "

The class has been updated.

" CASE "DELETECHOOSE" SQL = "SELECT * from class_tbl ORDER by class_name;" SET RS=server.CreateObject("ADODB.recordset") RS.open SQL, CONN, 2 'now write all of the classes giving a named-pair value connected with the class id 'there are lots in this list, so alternating row backgrounds is a must altrow = 0 response.write "" while NOT RS.EOF if altRow < 1 then bgVar = "666666" altRow = 1 else bgVar = "" altrow = 0 end if response.write "" rs.movenext WEND response.write "
"&rs("class_name")&"Delete
" CASE "DELETEDELETE" 'Present confirmation of SQL delete statement classid = request.querystring("classid") SQLa = "DELETE * FROM class_datetime_tbl WHERE class_id="&classid&";" SQLb = "DELETE * FROM class_tbl WHERE class_id="&classid&";" Call openCMD(SQLa) Call closeCMD Call openCMD(SQLb) response.write "

You've successfully deleted the class

" END SELECT call cleanup %>