<%@ Language=VBScript %> <% Option explicit Dim sLogin 'Login ID Dim sPassword 'Password Dim bln,bEmpty 'Booleans Dim Con 'Connection Object Dim RS 'Recordset Object Dim RSBook 'Recordset Object for books Dim SQL 'Sql string Variable Dim sConnect 'Connectionstring to BooksOnBiz Dim sConnectISI 'Connection String for ISI database Dim aBooks 'Book Array Dim i,t 'For loop variables Dim iCategory 'Category Integer Dim iRank 'Rank Integer Dim iNewRank 'New Rank Integer Dim sIsbn 'ISBN string Dim sOldIsbn 'Old Isbn string Dim Valid 'Boolean for validity Dim sMessage 'Error Message string Dim sCategoryName 'Category Name string Dim iComma 'Location of comman Integer Dim sBookID 'BookID string Set Con = Server.CreateObject("Adodb.Connection") Set RS = Server.CreateObject("Adodb.Recordset") Set RSBook = Server.CreateObject("Adodb.Recordset") 'Destroy booklist in application array Application("Books") = "" 'Database Connection Information if LEN(Application("strConnect") & "") = 0 or LEN(Application("strConnectISI") & "") = 0 then Application("strConnectISI") = "SERVER=127.0.0.1;DRIVER={SQL Server};INITIAL CATALOG=ISI; UID=ISI; pwd=sarah1" Application("strConnect") = "SERVER=127.0.0.1;DRIVER={SQL Server};INITIAL CATALOG=BooksOnBiz; UID=BooksOnBiz; pwd=sarah1" sConnect = Application("strConnect") sConnectISI = Application("strConnectISI") else sConnect = Application("strConnect") sConnectISI = Application("strConnectISI") end if if Request("Submit") = "Login" then slogin = Request("Login") spassword = Request("Password") SQL = "Select * From tblUsers Where UserName='" & sLogin & "' AND Password='" & sPassword & "'" Con.Open sConnectISI RS.Open SQL,Con if not RS.EOF then Session("Login") = true else Session("Login") = false sMessage= "UserName or Password Incorrect!

" end if RS.Close Con.Close end if if Session("login") then bln = true else bln = false end if 'Collect Post for Updating the home page IF Len(Request("HomePage")) <> 0 then sISBN = TRIM(Request("HomePage")) SQL = "Update tblHomePage Set ISBN='" & sIsbn & "'" Con.Open sConnectISI Con.Execute SQL Con.Close Application("Title") = "" Application("ISBN") = "" Application("Description") = "" end if 'Collect Form Changes in Post for Rank or isbn change IF LEN(Request("BookID") & "") <> 0 then sBookID = Request("BookID") iComma = instr(sBookID,",") iCategory = Left(sBookID,iComma-1) iRank = Right(sBookID,Len(sBookID) - iComma) iNewRank = Request("Rank" & iRank) sISBN = Request("ISBN" & iRank) sOldISBN = Request("OLDISBN" & iRank) 'Validation if not iRank = iNewRank then 'Rank changed if UCASE(TRIM(sIsbn)) = UCASE(TRIM(sOldISBN)) then valid = true else valid = false sMessage = "Please Change Only the Rank Of A Book Or The Book. Not Both At The Same Time
" end if else valid = true end if if isNumeric(iCategory) and isNumeric(iRank) and isNumeric(iNewRank) then iCategory = Cint(iCategory) iRank = Cint(iRank) iNewRank = Cint(iNewRank) valid = true else valid = false sMessage = sMessage & "Make Sure The New Rank Is A Number
" end if if valid then Con.Open sConnectISI if REQUEST("SUBMIT") = "Delete" then SQL = "EXECUTE DELETE_BOOK " & CHR(34) & sISBN & CHR(34) & "," & iCategory & "," & iNewRank else SQL = "EXECUTE UPDATE_BOOK " & CHR(34) & sISBN & CHR(34) & "," & iCategory & "," & iNewRank end if Con.Execute SQL Con.Close end if end if 'Collect Form if book is being added to the database if len(Request("CATID")) <> 0 then iCategory = Request("CatID") sISBN = TRIM(Request("ISBN")) Con.Open sConnectISI SQL = "EXECUTE INSERT_BOOK " & CHR(34) & sISBN & CHR(34) & "," & iCategory Con.Execute SQL Con.Close end if 'Collect form if Category is being Added if Request("Submit") = "Add Category" then sCategoryName = Trim(Request("CategoryName")) IF LEN(sCategoryName) <> 0 then sCategoryName = Replace(Left(sCategoryName,300),"'","''") Con.Open sConnectISI SQL = "EXECUTE ADD_CATEGORY " & chr(34) & sCategoryName & chr(34) Con.Execute SQL Con.Close end if end if 'Collect Form if Category's rank is being changed or deleted if Len(Request("CatRank")) <> 0 then iCategory = Request("CategoryID") iRank = Request("CatRank") IF isNumeric(iRank ) AND isNumeric(iCategory) then if Request("Submit") = "Delete" then SQL = "EXECUTE DELETE_CATEGORY " & iCategory else SQL = "EXECUTE UPDATE_CATEGORY " & iCategory & "," & iRank end if Con.Open sConnectISI Con.Execute SQL Con.Close else sMessage = sMessage & "Make Sure The New Rank Is A Number
" end if end if 'Destroy Application Array so it Can be refreshed Application("Books") = "" 'Create Array For all the Books From BooksonBiz that are ISI's IF not isArray(Application("Books")) then Con.Open sConnect SQL = "Select * from tblBooks where PublisherID=1 AND Deleted='N' ORDER BY TITLE" RS.Open SQL,Con,3,3 aBooks = RS.GetRows() Application("Books") = aBooks RS.close Con.close else aBooks = Application("Books") end if %>
<% if Len(sMessage) <> 0 then %><%=sMessage%> <% End if if not bln then 'User is not logged in so show the login screen %> Login Centre
Login Name  
Password  

 
<% else Con.Open sConnectISI SQL = "SELECT ISBN FROM TBLHOMEPAGE" Rs.Open SQL,Con %>

Change Featured Book


Book List Management

<% RS.Close 'Show Categories and Books SQL = "SELECT * FROM tblCategory Order By CategoryRank" RS.Open SQL,Con Do while not RS.EOF SQL = "SELECT * FROM tblBookCategories where CategoryID=" & RS(0) & " Order BY Rank" RSbook.Open SQL,Con if RSBook.EOF then bEmpty = true else bEmpty = False end if %>
Add Category    


" name="CatRank" size="2">  <%=RS(1)%>   " NAME="CATEGORYID">   
<% Do while not RSBook.EOF %>
"> " name="Rank<%=RSBook("Rank")%>"> " NAME="OLDISBN<%=RSBook("Rank")%>"> <% RSBook.MoveNext Loop if not bEmpty then%>

   <%end if%>
">

" NAME="CATID">
<% RSBook.Close RS.MoveNext loop Set rs = nothing Set Con = nothing %>
<%end if%>