<%@ LANGUAGE="VBSCRIPT" %> <% PageStrings = "359, 401, 402, 518, 531, 532, 533, 574, 585" strThisBackPage = "products" %> <% '=============================================== ' CactuShop ASP Shopping Cart ' ©1999-2004 Cactusoft Ltd. www.cactusoft.com '=============================================== ' All rights reserved. ' Use of this code is covered by the terms and ' conditions in the license agreement. No ' unauthorized duplication or distribution is ' permitted. Cactusoft's copyright notices must ' remain in the ASP sections of the code. '=============================================== '----------------------------------------------- 'IMPORTANT NOTE: This page handles forms 'differently. The form is multipart encoded to 'allow file upload. Therefore we need to use the 'Upload Object. This requires VBScript5 support 'on server (get from Microsoft or Install IE5 on 'the server). '----------------------------------------------- '----------------------------------------------- 'UPDATE PRODUCTS 'This page updates a product with the details 'specified in the modify_products.asp form. '----------------------------------------------- Dim Uploader, File Set Uploader = New FileUploader ' This starts the upload process Uploader.Upload() '----------------------------------------------- 'COLLECT VALUES FROM FORM '----------------------------------------------- P_ID = Uploader.Form("P_ID") PT_ID = Uploader.Form("PT_ID") strCallMode = Uploader.Form("strCallMode") P_DeleteImage = Uploader.Form("P_DeleteImage") P_DeleteImage_Large = Uploader.Form("P_DeleteImage_Large") Dim P_Name(), P_StrapLine(), P_Desc(), P_SpecTable(), P_Hyperlink() Redim P_Name(numTotalLanguages) Redim P_Desc(numTotalLanguages) Redim P_StrapLine(numTotalLanguages) Redim P_SpecTable(numTotalLanguages) Redim P_Hyperlink(numTotalLanguages) For numCounter = 1 to numTotalLanguages P_Name(numCounter) = Uploader.Form("P_Name" & CStr(numCounter)) P_Desc(numCounter) = Uploader.Form("P_Desc" & CStr(numCounter)) P_StrapLine(numCounter) = Uploader.Form("P_StrapLine" & CStr(numCounter)) P_SpecTable(numCounter) = Uploader.Form("P_SpecTable" & CStr(numCounter)) P_Hyperlink(numCounter) = Uploader.Form("P_Hyperlink" & CStr(numCounter)) next P_ProdType = Uploader.Form("P_ProdType") P_Featured = Uploader.Form("P_Featured") P_Live = Uploader.Form("P_Live") P_Categories = Uploader.Form("P_Categories") P_VersionDisplayType = Uploader.Form("P_VersionDisplayType") If P_Live = "" Then P_Live = "n" P_OrderByValue = Uploader.Form("P_OrderByValue") If Not IsNumeric(P_OrderByValue) then P_OrderByValue = 0 P_OrderVersionsBy = Uploader.Form("P_OrderVersionsBy") If strCallMode = "Delete" Then 'User wants to delete this Version Set objFileSystem = Server.CreateObject("Scripting.FileSystemObject") DeleteProduct P_ID, objFileSystem, objRecordSet Set objFileSystem = Nothing strErrorText = "" Else '------------------------------------------- 'CHECK FILE UPLOAD IS OK FILETYPE '------------------------------------------- If Uploader.Files.Exists("P_Image") Then strFileUploadName = Uploader.Files("P_Image").FileName If Not strFileUploadName = "" Then aryFileUploadName = Split(strFileUploadName, ".") strFileType = LCase(aryFileUploadName(Ubound(aryFileUploadName))) End If If InStr("," & Application(LICENSENUMBER & "allowedimages") & ",", "," & strFileType & ",") < 1 Then numErrorNo = numErrorNo + 1 strErrorText = strErrorText + "" + CStr(numErrorNo) + ". " + GetString("ContentText_ErrorChkUploadFileType") & replace(Application(LICENSENUMBER & "allowedimages"),",",", ") & ".
" End If End If If Uploader.Files.Exists("P_Image_Large") Then strFileUploadName = Uploader.Files("P_Image_Large").FileName If Not strFileUploadName = "" Then aryFileUploadName = Split(strFileUploadName, ".") strFileType_Large = LCase(aryFileUploadName(Ubound(aryFileUploadName))) End If If InStr("," & Application(LICENSENUMBER & "allowedimages") & ",", "," & strFileType_Large & ",") < 1 Then numErrorNo = numErrorNo + 1 strErrorText = strErrorText + "" + CStr(numErrorNo) + ". " + GetString("ContentText_ErrorChkUploadFileType") & replace(Application(LICENSENUMBER & "allowedimages"),",",", ") & ".
" End If End If '------------------------------------------- 'PERFORM REST OF ERROR CHECKING '------------------------------------------- strAllNamesBlank = true strAllDescsBlank = true For numCounter = 1 to numTotalLanguages 'If it's live on the front, then it needs to be checked for blanks If aryLangLiveFront(numCounter) = "y" then strAllNamesBlank = strAllNamesBlank and P_Name(numCounter) = "" strAllDescsBlank = strAllDescsBlank and P_Desc(numCounter) = "" end if 'check them all for length strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_Title") & " " & cstr(numCounter), P_Name(numCounter), Application(LICENSENUMBER & "P_Name_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_StrapLine") & " " & cstr(numCounter), P_StrapLine(numCounter), Application(LICENSENUMBER & "P_StrapLine_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_Description") & " " & cstr(numCounter), P_Desc(numCounter), Application(LICENSENUMBER & "P_Desc_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_Specifications") & " " & cstr(numCounter), P_SpecTable(numCounter), Application(LICENSENUMBER & "P_SpecTable_AL")) next 'if all names or all descriptions are blank, then add on the error If strAllNamesBlank then strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_Title"), "") If strAllDescsBlank then strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_Description"), "") If P_Categories = "" Then numErrorNo = numErrorNo + 1 strErrorText = strErrorText + "" + Cstr(numErrorNo) + ". " + GetString("ContentText_ErrorChkProductLink") & "
" End If 'Error Checking Complete If strErrorText = "" Then 'No problem with doing the database stuff '----------------------------------------------- 'NEW PRODUCT 'If P_ID is zero then it is a new product, in 'this case we insert a new record into the DB '----------------------------------------------- If P_ID = 0 Then strQuery="INSERT INTO tblCactuShopProducts (" For numCounter = 1 to numTotalLanguages If aryLangLiveBack(numCounter) = "y" then strQuery = strQuery & "P_Name" & CStr(numCounter) & ", P_Desc" & CStr(numCounter) & ", P_StrapLine" & CStr(numCounter) & ", P_SpecTable" & CStr(numCounter) & ", P_Hyperlink" & CStr(numCounter) & "," next strQuery=strQuery & "P_Featured,P_OrderByValue,P_OrderVersionsBy,P_Live,P_VersionDisplayType) VALUES(" For numCounter = 1 to numTotalLanguages If aryLangLiveBack(numCounter) = "y" then strQuery = strQuery & "'" & sqlsafe(P_Name(numCounter)) & "', '" & sqlsafe(P_Desc(numCounter)) & "', '" & sqlsafe(P_StrapLine(numCounter)) & "', '" & sqlsafe(P_SpecTable(numCounter)) & "', '" & P_Hyperlink(numCounter) & "'," next strQuery = strQuery &_ P_Featured & "," &_ P_OrderByValue & ",'" &_ sqlsafe(P_OrderVersionsBy) & "','" &_ P_Live & "','" &_ P_VersionDisplayType & "')" Call ExecuteSQL(strQuery, numCursorType, objRecordSet) '-------------------------------------------------- 'FIND ID OF NEW PRODUCT '-------------------------------------------------- strQuery = "SELECT P_ID, P_Name" & CStr(numLanguageID) & " FROM tblCactuShopProducts WHERE P_Name" & CStr(numLanguageID) & "='" & sqlsafe(P_Name(numLanguageID)) & "' ORDER BY P_ID DESC" Call ExecuteSQL(strQuery, numCursorType, objRecordSet) P_ID = objRecordSet("P_ID") objRecordSet.close '----------------------------------------------- 'UPDATE PRODUCT 'Otherwise, update the product. '----------------------------------------------- Else strQuery="UPDATE tblCactuShopProducts SET " for numCounter = 1 to numTotalLanguages If arylangliveback(numCounter) = "y" then strQuery = strQuery & "P_Name" & CStr(numCounter) & "='" & sqlsafe(P_Name(numCounter)) & "',P_Desc" & CStr(numCounter) & "='" & sqlsafe(P_Desc(numCounter)) & "',P_StrapLine" & CStr(numCounter) & "='" & sqlsafe(P_StrapLine(numCounter)) & "',P_SpecTable" & CStr(numCounter) & "='" & sqlsafe(P_SpecTable(numCounter)) & "',P_Hyperlink" & CStr(numCounter) & "='" & sqlsafe(P_Hyperlink(numCounter)) & "'," next strQuery = strQuery &_ "P_Featured=" & P_Featured & "," &_ "P_OrderByValue=" & P_OrderByValue & "," &_ "P_OrderVersionsBy='" & sqlsafe(P_OrderVersionsBy) & "'," &_ "P_Live='" & P_Live & "'," &_ "P_VersionDisplayType='" & P_VersionDisplayType & "' WHERE P_ID=" & P_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet) End If 'Do the image management, if needed 'Use Product ID + File Extension for name to avoid overwriting pre-existing images. Set objFileSystem = Server.CreateObject("Scripting.FileSystemObject") If P_DeleteImage = "y" Or Uploader.Files.Exists("P_Image") Then DeleteFile Server.MapPath(Application(LICENSENUMBER & "uploadsfolder") & "images_products/" & P_ID), Split(Application(LICENSENUMBER & "allowedimages"), ","), objFileSystem If P_DeleteImage_Large = "y" Or Uploader.Files.Exists("P_Image_Large") Then DeleteFile Server.MapPath(Application(LICENSENUMBER & "uploadsfolder") & "images_products_large/" & P_ID), Split(Application(LICENSENUMBER & "allowedimages"), ","), objFileSystem Set objFileSystem = Nothing If Uploader.Files.Exists("P_Image") Then Uploader.Files("P_Image").FileName = P_ID & "." & strFileType Uploader.Files("P_Image").SaveToDisk Server.MapPath(Application(LICENSENUMBER & "uploadsfolder") & "images_products/") End If If Uploader.Files.Exists("P_Image_Large") Then Uploader.Files("P_Image_Large").FileName = P_ID & "." & strFileType_Large Uploader.Files("P_Image_Large").SaveToDisk Server.MapPath(Application(LICENSENUMBER & "uploadsfolder") & "images_products_large/") End If 'Update Product Category listings... ProductCategories P_ID, Split(P_Categories, ", ") End If End If If strErrorText = "" Then If Not PT_ID = "" Then Response.Redirect("_prodtype_back.asp?PT_ID=" & PT_ID) Else Response.Redirect("default.asp") Else 'Errors Occured. Tell the user. %>

	<% WriteString("PageTitle_Problems") %> <% WriteString("ContentText_PleaseGoBackAndCorrect") %> <% =strErrorText %> << <% WriteString("ContentText_BackLink") %>

<% End If %>