Den siger det sammme:
opret.asp ser nu sådan ud:
<% Session.LCID = 1030 %>
<% Response.Buffer = True %>
<html>
<head>
<link rel="StyleSheet" href="CSS.css" type="text/css">
</head>
<body><br>
<% if Session("Brugeradgang") <> True then %>
<form method="POST" action="opret.asp?mode=login">
<div align="center">
<center>
<table border="0" width="172" cellspacing="0" cellpadding="2" height="1">
<tr>
<td width="166" bgcolor="#BECACD" style="border: 1 solid #000000" height="15"><font face="verdana" size="1"><b>Admin login</b> - </font></td>
</tr>
</center>
<tr>
<td width="166" bgcolor="#DCE2E4" style="border-left: 1 solid #000000; border-right: 1 solid #000000; border-bottom: 1 solid #000000" height="1">
<p align="left"><font face="verdana" size="1">
Brugernavn<br><input type="text" name="brugernavn" size="20"><br>
Adgangskode<br><input type="password" name="adgangskode" size="20"><br>
<input type="submit" value="Login" name="B1" style="background-color: #occoco">
</p>
</font>
</td>
</tr>
</table>
</div>
</form>
<% else %>
<%
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strMode = Request.Querystring("mode")
if strMode = "opret" then
if Session("Brugeradgang") = True then
%>
<form method="POST" action="opret.asp?mode=oprettet">
<div align="center">
<center>
<table border="0" width="500" cellspacing="0" cellpadding="2">
<tr>
<td width="100%" style="border: 1 solid #000000" bgcolor="#BECACD"><b>Opret nyhed</b></td>
</tr>
<tr>
<td width="100%" style="border-left: 1 solid #000000; border-right: 1 solid #000000; border-bottom: 1 solid #000000">
<table border="0" width="100%" cellspacing="0" cellpadding="3">
<tr>
<td width="16%"><b>Overskrift</b></td>
<td width="50%"><font face="verdana" size="1">
<input type="text" name="overskrift" size="62" style="font-size: 8pt; font-family: Verdana; border: 1 solid #000000">
</font>
</td>
</tr>
<tr>
<td width="16%"><font face="verdana" size="1"><b>Billede</b></font></td>
<td width="50%"><font face="verdana" size="1">
<%
mvirtual = "/asp/myndir/" 'her billeder
set fso = Server.CreateObject("Scripting.FileSystemObject")
set mappa = fso.GetFolder(Server.MapPath(mvirtual))
set filur = mappa.files
tmp = "<SELECT SIZE=4 NAME=""mynd"" CLASS=""field"">" & VbCrLf
tmp = tmp & "<OPTION SELECTED VALUE=""" & "Eingin mynd" & """"
tmp = tmp & ">-- Eingin mynd --</OPTION>" & VbCrLf
for each file in filur
tmp = tmp & "<OPTION VALUE=""" & file.name & """"
tmp = tmp & ">" & file.name & "</OPTION>" & VbCrLf
Next
tmp = tmp & "</SELECT>"
set filur = nothing
set mappa = nothing
set fso = nothing
Response.Write(tmp)
%>
</td>
</tr>
<tr>
<td width="16%"><b>Tekst</b></td>
<td width="50%"><textarea rows="16" name="tekst" cols="61"></textarea></td>
</tr>
<tr>
<td width="16%"></td>
<td width="50%"><font face="verdana" size="1">
<input type="submit" value="Opret nyhed" name="B1" style="background-color: #DCE2E4">
</font>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center>
</div>
</form>
<br><!-- fejl i linie 128 -->
<%
end if
elseif strMode = "oprettet" then
if Session("Brugeradgang") = True then
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strSQL = "Insert into news ([dato], overskrift, [tekst], mynd) values (#" & DatePart("D",Now()) & "-" & DatePart("M",Now()) & "-" & DatePart("YYYY",Now()) & "#,'" & Replace(Request.Form("overskrift"),"'","'') & "','" & Request.Form("tekst") & "', '" & Request.Form("mynd") & "')"
Conn.Execute(strSQL)
Conn.Close
Set Conn = Nothing
Response.Redirect "opret.asp"
end if
elseif strMode = "ret" then
if Session("Brugeradgang") = True then
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strQuery = "SELECT * FROM news WHERE id = " & Request.Querystring("news_id") & ""
Set rs = Conn.Execute(strQuery)
%>
<form method="POST" action="?mode=rettet&news_id=<% Response.Write Request.Querystring("news_id") %>">
<div align="center">
<center>
<table border="0" width="500" cellspacing="0" cellpadding="2">
<tr>
<td width="100%" style="border: 1 solid #000000" bgcolor="#BECACD"><font face="verdana" size="1"><b>Redigere:</b> <%=rs("overskrift").Value %></font></td>
</tr>
<tr>
<td width="100%" style="border-left: 1 solid #000000; border-right: 1 solid #000000; border-bottom: 1 solid #000000" bgcolor="#DCE2E4">
<table border="0" width="100%" cellpadding="0">
<tr>
<td width="16%"><font face="verdana" size="1"><b>Overskrift</b></font></td>
<td width="84%"><font face="verdana" size="1">
<input type="text" name="overskrift" size="62" style="font-size: 8pt; font-family: Verdana; border: 1 solid #000000" value="<%=rs("overskrift").Value %>">
</font>
</td>
</tr>
<tr>
<td width="16%"><font face="verdana" size="1"><b>Tekst</b></font></td>
<td width="84%"><textarea rows="16" name="tekst" cols="61" style="font-size: 8pt; font-family: Verdana; border: 1 solid #000000"><%=rs("tekst").Value %></textarea></td>
</tr>
<tr>
<td width="16%"><font face="verdana" size="1"> </font></td>
<td width="84%"><font face="verdana" size="1">
<input type="submit" value=" Ret " name="B1" style="background-color: #DCE2E4; font-size: 8pt; font-family: Verdana">
</font>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center>
</div>
</form>
<br>
<%
rs.Close
Conn.Close
Set Conn = Nothing
Set rs = Nothing
end if
elseif strMode = "rettet" then
if Session("Brugeradgang") = True then
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strSQL = "Update news set overskrift= '" & Request.Form("overskrift") & "' , tekst= '" & Request.Form("tekst") & "' Where id = " & Request.Querystring("news_id") & ""
Conn.Execute(strSQL)
Response.Redirect "?"
rs.Close
Conn.Close
Set Conn = Nothing
Set rs = Nothing
end if
elseif strMode = "slet" then
if Session("Brugeradgang") = True then
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strSQL = "Delete from news where id = " & Request.Querystring("news_id") & ""
Conn.Execute(strSQL)
Response.Redirect "?"
rs.Close
Conn.Close
Set Conn = Nothing
Set rs = Nothing
end if
else
if Session("Brugeradgang") = True then
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strQuery = "SELECT * FROM news Order By id Desc"
Set rs = Conn.Execute(strQuery)
%>
<div align="center">
<center>
<table border="0" width="500" cellspacing="0" cellpadding="4" style="border: 1 solid #000000">
<tr>
<td width="15%" bgcolor="#BECACD"><font face="verdana" size="1"><b>Dato</b></font></td>
<td width="45%" bgcolor="#BECACD"><font face="verdana" size="1"><b>Overskrift</b></font></td>
<td width="30%" bgcolor="#BECACD"><font face="verdana" size="1"><b>Skrevet af</b></font></td>
<td width="5%" bgcolor="#BECACD"><font face="verdana" size="1"> </font></td>
<td width="5%" bgcolor="#BECACD"><font face="verdana" size="1"> </font></td>
</tr>
<% Do While Not rs.EOF %>
<tr>
<td width="15%" style="border-top: 1 solid #000000" bgcolor="#DCE2E4"><font face="verdana" size="1"><%=rs("dato").Value %></font></td>
<td width="45%" style="border-top: 1 solid #000000" bgcolor="#DCE2E4"><font face="verdana" size="1"><%=rs("overskrift").Value %></font></td>
<td width="30%" style="border-top: 1 solid #000000" bgcolor="#DCE2E4"><font face="verdana" size="1"><%=rs("forfatter").Value %></font></td>
<td width="5%" style="border-top: 1 solid #000000" bgcolor="#DCE2E4"><font face="verdana" size="1"><b><a href="?mode=ret&news_id=<%=rs("id").Value %>">Ret</a></b></font></td>
<td width="5%" style="border-top: 1 solid #000000" bgcolor="#DCE2E4"><font face="verdana" size="1"><b><a href="?mode=slet&news_id=<%=rs("id").Value %>">Slet</a></b></font></td>
</tr>
<%
rs.MoveNext
Loop
%>
</table>
</center>
</div>
<% end if
rs.Close
Conn.Close
Set Conn = Nothing
Set rs = Nothing
end if
end if
%>
<%
strMode = Request.Querystring("mode")
if strMode = "login" then
Set Conn = Server.CreateObject("ADODB.Connection")
DSN = "DRIVER={Microsoft Access Driver (*.mdb)}; "
DSN = DSN & "DBQ=" & Server.MapPath("database.mdb")
Conn.Open DSN
strBrugernavn = Trim(Replace(request.form("brugernavn"),"'","''" ))
strAdgangskode = Trim(Replace(request.form("adgangskode"),"'","''" ))
SQL = "SELECT * FROM admin where brugernavn = '" & strBrugernavn & "' AND adgangskode = '" & strAdgangskode & "'"
Set rs = Conn.Execute(SQL)
If Not (rs.BOF Or rs.EOF) Then
Session("id") = rs("id").Value
Session("forfatter") = rs("forfatter").Value
Session("email") = rs("email").Value
Session("Brugeradgang") = True
Response.Redirect "?"
else
%>
<p align="center"><font face="verdana" size="1">Du er ikke logget på.<br>Har du indtastet brugernavn og adgangskode forkert? </font></p>
<%
end if
end if
%>
<%
strMode = Request.Querystring("mode")
if strMode = "logud" then
Session.Abandon
Response.Redirect "?"
end if
%>
<p align="center"><font face="verdana" size="1"><a href="opret.asp?mode=opret">Opret nyhed</a> - <a href="opret.asp?mode=logud">Log ud</a> - <a href="#" OnClick="java script:history.go(-1)">Back</a></font></p>
</body>
</html>
