<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%> <% curpath = "http://" & Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("URL") curpath = Left(curpath, InstrRev(curpath, "/")) %> <% ' *** Restrict Access To Page: Grant or deny access to this page MM_authorizedUsers="" MM_authFailedURL="admin_default.asp" MM_grantAccess=false If Session("MM_Username") <> "" Then If (true Or CStr(Session("MM_UserAuthorization"))="") Or _ (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then MM_grantAccess = true End If End If If Not MM_grantAccess Then MM_qsChar = "?" If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&" MM_referrer = Request.ServerVariables("URL") if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString() MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer) Response.Redirect(MM_authFailedURL) End If %> <% ' *** Edit Operations: declare variables Dim MM_editAction Dim MM_abortEdit Dim MM_editQuery Dim MM_editCmd Dim MM_editConnection Dim MM_editTable Dim MM_editRedirectUrl Dim MM_editColumn Dim MM_recordId Dim MM_fieldsStr Dim MM_columnsStr Dim MM_fields Dim MM_columns Dim MM_typeArray Dim MM_formVal Dim MM_delim Dim MM_altVal Dim MM_emptyVal Dim MM_i MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString) End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Update Record: set variables If (CStr(Request("MM_update")) = "form1" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_blog_STRING MM_editTable = "tblGallery" MM_editColumn = "fldGalleryID" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "gallery.asp" MM_fieldsStr = "fldGalleryTitle|value|fldGalleryDesc|value|fldGalleryPic|value" MM_columnsStr = "fldGalleryTitle|',none,''|fldGalleryDesc|',none,''|fldGalleryPic|',none,''" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Update Record: construct a sql update statement and execute it If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then ' create the sql update statement MM_editQuery = "update " & MM_editTable & " set " For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_formVal = MM_fields(MM_i+1) MM_typeArray = Split(MM_columns(MM_i+1),",") MM_delim = MM_typeArray(0) If (MM_delim = "none") Then MM_delim = "" MM_altVal = MM_typeArray(1) If (MM_altVal = "none") Then MM_altVal = "" MM_emptyVal = MM_typeArray(2) If (MM_emptyVal = "none") Then MM_emptyVal = "" If (MM_formVal = "") Then MM_formVal = MM_emptyVal Else If (MM_altVal <> "") Then MM_formVal = MM_altVal ElseIf (MM_delim = "'") Then ' escape quotes MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'" Else MM_formVal = MM_delim + MM_formVal + MM_delim End If End If If (MM_i <> LBound(MM_fields)) Then MM_editQuery = MM_editQuery & "," End If MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal Next MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId If (Not MM_abortEdit) Then ' execute the update Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% Dim rsConfig Dim rsConfig_numRows Set rsConfig = Server.CreateObject("ADODB.Recordset") rsConfig.ActiveConnection = MM_blog_STRING rsConfig.Source = "SELECT * FROM tblBlogRSS" rsConfig.CursorType = 0 rsConfig.CursorLocation = 2 rsConfig.LockType = 1 rsConfig.Open() rsConfig_numRows = 0 %> <% Dim rsGalleryConfig Dim rsGalleryConfig_numRows Set rsGalleryConfig = Server.CreateObject("ADODB.Recordset") rsGalleryConfig.ActiveConnection = MM_blog_STRING rsGalleryConfig.Source = "SELECT * FROM tblGalleryConfig" rsGalleryConfig.CursorType = 0 rsGalleryConfig.CursorLocation = 2 rsGalleryConfig.LockType = 1 rsGalleryConfig.Open() rsGalleryConfig_numRows = 0 %> <% Dim rsGalleryAdd Dim rsGalleryAdd_numRows Set rsGalleryAdd = Server.CreateObject("ADODB.Recordset") rsGalleryAdd.ActiveConnection = MM_blog_STRING rsGalleryAdd.Source = "SELECT * FROM tblGallery WHERE fldGalleryID = (Select max(fldGalleryID) from tblGallery)" rsGalleryAdd.CursorType = 0 rsGalleryAdd.CursorLocation = 2 rsGalleryAdd.LockType = 1 rsGalleryAdd.Open() rsGalleryAdd_numRows = 0 %> <% 'Variables to Set dim thisfilename thisfilename = "gallery_add.asp" dim filemanagerdir filemanagerdir = "\images\" 'Relative to where the root of the website is dim filemanagerdbdir filemanagerdbdir = (rsGalleryAdd.Fields.Item("fldGalleryID").Value) dim tableclass tableclass = "tabledisplay" dim filemanagerthumbnailsize filemanagerthumbnailsize = (rsGalleryConfig.Fields.Item("fldGalleryThumb").Value) 'No need for setting parameters below %> <% Function CheckFolderExists(sFolderName) Dim FileSystemObject Set FileSystemObject = Server.CreateObject("Scripting.FileSystemObject") If (FileSystemObject.FolderExists(sFolderName)) Then CheckFolderExists = True Else CheckFolderExists = False End If Set FileSystemObject = Nothing End Function %> <% Foldertocreate = Server.MapPath(thisfilename) if filemanagerdbdir = "" then Foldertocreate = Replace(Foldertocreate,thisfilename,(Right(filemanagerdir, Len(filemanagerdir)-1) & filemanagerdbdir)) else Foldertocreate = Replace(Foldertocreate,thisfilename,(Right(filemanagerdir, Len(filemanagerdir)-1) & filemanagerdbdir & "\")) end if If CheckFolderExists(Foldertocreate) Then 'Response.Write("!") Else Set fs = CreateObject("Scripting.FileSystemObject") Set a = fs.CreateFolder(Foldertocreate) Set fs=nothing End If if Request("filetodelete") <> "" then filetodelete2 = Request("filetodelete") filetodelete = Server.MapPath(thisfilename) if filemanagerdbdir = "" then filetodelete = Replace(filetodelete,thisfilename,(Right(filemanagerdir, Len(filemanagerdir)-1) & filemanagerdbdir) & filetodelete2) else filetodelete = Replace(filetodelete,thisfilename,(Right(filemanagerdir, Len(filemanagerdir)-1) & filemanagerdbdir & "\" & filetodelete2)) end if 'Response.Write(filetodelete) Dim objFSOdel Set objFSOdel = Server.CreateObject("Scripting.FileSystemObject") objFSOdel.DeleteFile filetodelete, True Set objFSOdel = Nothing End If %> <% galleryroot = Right(curpath, Len(curpath) - Instr(curpath, "//")-1) galleryroot = Right(galleryroot, Len(galleryroot) - Instr(galleryroot, "/")+1) & "images/" %> Gallery - Add
Title: " size="32" />
Desc:
Pic: <% ListFolderContents(Server.MapPath(galleryroot & (rsGalleryAdd.Fields.Item("fldGalleryID").Value) & "/")) %> <% sub ListFolderContents(path) dim fs, folder, file, item, url set fs = CreateObject("Scripting.FileSystemObject") set folder = fs.GetFolder(path) 'Display the target folder and info. 'Response.Write("
  • " & folder.Name & " - " _ '& folder.Files.Count & " files, ") if folder.SubFolders.Count > 0 then %><% end if 'Response.Write(Round(folder.Size / 1024) & " KB total." _ '& vbCrLf) 'Response.Write("
      " & vbCrLf) 'Display a list of sub folders. for each item in folder.SubFolders ListFolderContents(item.Path) next if folder.Files.Count <> "" then %> <% end if 'Display a list of files. %> <% 'Response.Write("
    " & vbCrLf) 'Response.Write("
    • " & vbCrLf) end sub function MapURL(path) dim rootPath, url 'Convert a physical file path to a URL for hypertext links. rootPath = Server.MapPath("/") url = Right(path, Len(path) - Len(rootPath)) MapURL = Replace(url, "\", "/") end function %>
    " />
    <% Path = galleryroot & rsGalleryAdd.Fields.Item("fldGalleryID").Value & "/" Session("path") = Path %> <% thumbsize = (rsGalleryConfig.Fields.Item("fldGalleryThumb").Value) Set fso = Server.CreateObject("Scripting.FileSystemObject") If Right(Path,1)="/" AND Path<>"/" Then Path=Left(Path,Len(Path)-1) 'response.write("" & Path & "
    ") Var =InstrRev(Path,"/") dirup=left(Path,Var) 'response.write ("[Directory up]") %> <% aktion=request.querystring("aktion") Set ts=fso.GetFolder(Server.MapPath(Path)) Select Case aktion Case "deletefile" fso.DeleteFile(Server.MapPath(request.querystring("file"))) redirecturl = "gallery_add.asp?fldGalleryID=" & Request("fldGalleryID") response.redirect(redirecturl) End select %> <% If Path<>"/" AND Right(Path,1)<>"/" then Path=Path & "/" Pos=instr(right(Path,Len(Path)-1),"/") If Path="/" then Pos=0 If int(Pos)=0 then '->If Path is Root-Directory FirstFolder="/" ShowFiles=false ShowFolders=true ShowUpload=false Else FirstFolder=right(Path,Len(Path)-1) If FirstFolder<>"" then FirstFolder=Left(FirstFolder,Pos-1) If Instr(Session("aspEdit_FolderAccess"),"," & FirstFolder & ",")>0 OR Session("aspEdit_Level")=3 then ShowFiles=true ShowFolders=true ShowUpload=true else ShowFiles=true ShowFolders=true ShowUpload=true end if End If If ShowFolders=true then For each SubF in ts.Subfolders If right(Path,1)="/" then WholeSubF=Path & SubF.Name else WholeSubF=Path & "/" & SubF.Name end if If (Path="/" AND Instr(Session("aspEdit_FolderAccess"),"," & SubF.Name & ",")>0) OR (ShowFolders=true AND Path<>"/") OR (Session("aspEdit_Level")=3) then ShowThisFolder=true else ShowThisFolder=true end if If ShowThisFolder=true then %> <% End If next End If %> <% If ShowFiles=true then For each File in ts.files If right(Path,1)="/" then WholeFile=Path & File.Name else WholeFile=Path & "/" & File.Name end if Var=InstrRev(File.Name,".") FileType=Right(File.Name,Len(File.Name)-Var) %> <% next End If %>
    Files
    <% if right(File.Name, 3) = "jpg" OR right(File.Name, 3) = "JPG" OR right(File.Name, 4) = "jpeg" OR right(File.Name, 3) = "JPEG" OR right(File.Name, 3) = "gif" OR right(File.Name, 3) = "GIF "then %> <%=File.Name%> <%else%> <%=File.Name%> <% end if %> <%=File.Type%> <% if File.Size <1024 Then Response.Write File.Size & " B" ElseIf File.Size < 1048576 Then Response.Write Round(File.Size / 1024.1) & " KB" Else Response.Write Round((File.Size/1024)/1024.1) & " MB" End if Var=InstrRev(File.Name,".") FileType=Right(File.Name,Len(File.Name)-Var) %> <%Response.Write File.DateLastModified%> &path=<%=path & "&aktion=deletefile&file=" & WholeFile%>">delete
    <% Set fso = Nothing Set ts = Nothing %>
    <% rsConfig.Close() Set rsConfig = Nothing %> <% rsGalleryConfig.Close() Set rsGalleryConfig = Nothing %> <% rsGalleryAdd.Close() Set rsGalleryAdd = Nothing %>