Problem with ASP - possibly Request.Querystring()

Discussion in 'ASP General' started by Max, Jan 21, 2004.

  1. Max

    Max Guest

    Hello. This is the first time I've posted to a newsgroup, and I do
    this because I'm in desperate need of help.
    I'm working a user management system, and when I activate a user that
    has registered to my system, the current admin user logged in gets
    logged out.
    I can't seem to work out how - I can't even trace back where some of
    the variables are coming from (for example, the "ref" part of the
    Request.QueryString method).

    Could someone please tell me (by email) where my problem is? Thank you
    kindly.

    This is the page that gets called when an admin user clicks on the
    "Activate User" link (and after this page, I've included the page
    which links to this page via the "Activate User" link):-

    <!--#include file="inc_common.asp" -->
    <!--#include file="inc_viewuser.asp" -->
    <!--#include file="inc_validatecode.asp" -->
    <% Server.Execute("a_header.asp") %>
    <%
    If Request.QueryString("ref") <> "logout" AND rs_viewuser("status") =
    "Pending" AND rs_viewuser("authority") = "user" Then
    Response.Redirect("logout.asp?userCode=" &
    Request.QueryString("userCode") & "&redir=activate")
    %><title>1</title>
    <%
    Else
    code = rs_viewuser("code")
    If isCodeValid = True AND Request.QueryString("auth") = "admin" Then
    Set RS = Server.CreateObject ("ADODB.RecordSet")
    Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    RS.Open Sql,adoCon,2,3
    RS("authority") = "admin"
    RS.Update
    RS.Close
    %><title>2</title>
    <%
    ElseIf isCodeValid = True AND (Request.QueryString("ref") = "logout"
    or str_users_authority = "admin") Then
    Set RS = Server.CreateObject ("ADODB.RecordSet")
    Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    RS.Open Sql,adoCon,2,3
    RS("status") = "Active"
    RS.Update
    RS.Close
    %><title><%=ref%></title>
    <%
    End If
    %>
    <title><%=pageTitle%> .:. Activate User</title>

    <% If isCodeValid = false Then %>
    <p align="center">The user code entered was not valid. Please try
    again.
    </p>
    <% ElseIf rs_viewuser("code") = "Active" Then %>
    <p align="center"><b><%=str_name%></b>Your account is already active!
    &nbsp;<a href="default.asp">Click
    here</a> to view your account info.
    </p>
    <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority <>
    "admin" Then %>
    <p align="center">Thank you, <%=str_name%>! &nbsp; Your account is now
    active. &nbsp; <a href="login.asp">Click
    here</a> to log in.
    </p>
    <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority =
    "admin" Then %>
    <p align="center">Thank you! &nbsp; <%=str_name%>'s account is now
    active. &nbsp; <a href="javascript:history.go(-1)">Click
    here</a> to go back.
    </p>
    <% Else %>
    <div align="center">
    <center>
    <table border="0" cellpadding="0" cellspacing="0"
    style="border-collapse: collapse" bordercolor="#111111" width="100%">
    <tr>
    <td colspan="2">
    <p align="center">Your account has been suspended.&nbsp; If you
    believe your account should
    be active, please <a href="mailto:<%=adminEmail%>">email the
    Webmaster</a>.</td>
    </tr>
    <tr>
    <td height="8" colspan="2"></td>
    </tr>
    <tr>
    <td colspan="2">
    <p align="center">Reason(s) for suspension:</td>
    </tr>
    <tr>
    <td height="8" colspan="2"></td>
    </tr>
    <tr>
    <td width="25%" height="1"></td>
    <td width="75%" height="1">
    <ul>
    <li><b><%=str_users_suspensionreason%></b></li>
    </ul>
    </td>
    </tr>
    </table>
    </center>
    </div>
    <% End If %>
    <% End If %>
    <% Server.Execute("a_footer.asp") %>




    *****This is the page that links to the above page:-*****

    <!--#include file="inc_common.asp" -->
    <!--#include file="inc_checklogin.asp" -->
    <!--#include file="inc_userlist.asp" -->
    <% Server.Execute("a_header.asp") %>
    <%
    If str_users_authority = "user" Then
    Response.Redirect("noentry.asp?entryType=noAdmin")
    ElseIf str_users_name = "" Then
    Response.Redirect("noentry.asp")
    Else
    %>

    <title><%=pageTitle%> .:. <%=str_users_name%> - Viewing User
    List</title>
    <table border="0" cellpadding="0" cellspacing="0"
    style="border-collapse: collapse" bordercolor="#111111" width="100%"
    height="14">
    <tr>
    <td width="100%" height="14">
    <img border="0" src="images/user-list.gif"></td>
    </tr>
    </table>
    <br>
    <div align="center">
    <center>
    <table border="0" cellpadding="0" cellspacing="0"
    style="border-collapse: collapse" bordercolor="#111111" width="100%">
    <tr>
    <td width="700">
    <!-- Begin inner set of tables -->
    <p><b>Active Users</b></p>
    <div align="left">
    <table border="1" cellpadding="0" cellspacing="1"
    style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    width="100%">
    <tr>
    <th width="35%" bgcolor="<%=tableColor%>"
    class="sortLink"><a href="userlist.asp?orderType=name&ascDescType=desc"><img
    src="images/arrow-down.gif" alt="Sort by Username Descending"
    width="10" height="10" border="0"></a>
    Username <a
    href="userlist.asp?orderType=name&ascDescType=asc"><img
    src="images/arrow-up.gif" alt="Sort by Username Ascending" width="10"
    height="10" border="0"></a></th>
    <th width="20%" bgcolor="<%=tableColor%>"
    class="sortLink"> <a
    href="userlist.asp?orderType=authority&ascDescType=desc"><img
    src="images/arrow-down.gif" alt="Sort by Authority Descending"
    width="10" height="10" border="0"></a>
    Authority <a
    href="userlist.asp?orderType=authority&ascDescType=asc"><img
    src="images/arrow-up.gif" alt="Sort by Authority Ascending"
    width="10" height="10" border="0"></a></th>
    <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    </tr>
    <%
    While not rs_userlist.EOF
    If rs_userlist("status") = "Active" Then
    %>
    <tr>
    <td width="35%"><a href="viewprofile.asp<% If
    rs_userlist("code") <> str_users_code Then
    %>?mode=viewUser&userCode=<%=rs_userlist("code")%><% End If
    %>"><%=rs_userlist("name")%></a>&nbsp;</td>
    <td width="20%"><% If rs_userlist("authority") = "admin"
    Then %>
    Administrator <% ElseIf rs_userlist("authority") =
    "mod" Then %>
    Moderator <% ElseIf rs_userlist("authority") = "user"
    Then %>
    User <% End If %></td>
    <td width="45%"> <p align="center"><a
    href="updateprofile.asp<% If rs_userlist("code") <> str_users_code
    Then %>?userCode=<%=rs_userlist("code")%><% End If %>">
    Edit Profile</a>
    <% If rs_userlist("code") <> str_users_code Then %>
    | <a
    href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    onclick="return confirm('Are you SURE you want to delete this
    user?')">Delete
    User</a>
    <% End If %>
    </td>
    </tr>
    <%
    End If
    rs_userlist.MoveNext()
    WEnd
    %>
    </table>
    </div>
    <p><b>Pending Users</b></p>
    <div align="left">
    <table border="1" cellpadding="0" cellspacing="1"
    style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    width="100%">
    <tr>
    <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    </tr>
    <%
    iCount = 0
    rs_userlist.MoveFirst()
    While not rs_userlist.EOF
    If rs_userlist("status") = "Pending" Then
    iCount = iCount + 1
    %>
    <tr>
    <td width="35%"><a
    href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs_userlist("name")%></a>&nbsp;</td>
    <td width="20%"><% If rs_userlist("authority") = "mod"
    Then %>
    Moderator <% ElseIf rs_userlist("authority") = "user"
    Then %>
    User <% End If %></td>
    <td width="45%"> <p align="center"><a
    href="activate.asp?userCode=<%=rs_userlist("code")%>">
    Activate User</a> | <a
    href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">Edit
    Profile</a> | <a
    href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    onclick="return confirm('Are you SURE you want to delete this
    user?')">
    Delete User</a></td>
    </tr>
    <%
    End If
    rs_userlist.MoveNext()
    WEnd
    %>
    <% If iCount = 0 Then %>
    <tr>
    <td width="35%">No pending users found</td>
    <td width="20%"></td>
    <td width="45%"></td>
    </tr>
    <% End If %>
    </table>
    </div>
    <p><b>Suspended Users</b></p>
    <div align="left">
    <table border="1" cellpadding="0" cellspacing="1"
    style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    width="100%">
    <tr>
    <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    </tr>
    <%
    iCount = 0
    rs_userlist.MoveFirst()
    While not rs_userlist.EOF
    If rs_userlist("status") = "Disabled" Then
    iCount = iCount + 1
    %>
    <tr>
    <td width="35%"><a
    href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs_userlist("name")%></a>&nbsp;</td>
    <td width="20%"><% If rs_userlist("authority") = "mod"
    Then %>
    Moderator <% ElseIf rs_userlist("authority") = "user"
    Then %>
    User <% End If %></td>
    <td width="45%"> <p align="center"><a
    href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">
    Edit Profile</a> | <a
    href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    onclick="return confirm('Are you SURE you want to delete this
    user?')">
    Delete User</a></td>
    </tr>
    <%
    End If
    rs_userlist.MoveNext()
    WEnd
    %>
    <% If iCount = 0 Then %>
    <tr>
    <td width="35%">No suspended users found</td>
    <td width="20%"></td>
    <td width="45%"></td>
    </tr>
    <% End If %>
    </table>
    </div>
    <%
    'Close adoCon and rs_userlist
    rs_userlist.Close
    set rs_userlist = Nothing
    %>
    <td>&nbsp;
    </table>
    </div>
    <!-- End inner set of tables -->
    </td>
    </tr>
    </table>
    </center>
    </div>
    <% Server.Execute("a_footer.asp") %>
    <% End If %>
     
    Max, Jan 21, 2004
    #1
    1. Advertising

  2. What is in the includes? What is in the global.asa?

    --
    Mike -- FrontPage MVP '97-'02
    http://www.websunlimited.com
    FrontPage Add-ins Since '97 2003 / 2002 / 2000 Compatible
    ----------------------------------------------------------------------------
    --------------------
    If you think I'm doing a good job, let MS know at

    "Max" <> wrote in message
    news:...
    > Hello. This is the first time I've posted to a newsgroup, and I do
    > this because I'm in desperate need of help.
    > I'm working a user management system, and when I activate a user that
    > has registered to my system, the current admin user logged in gets
    > logged out.
    > I can't seem to work out how - I can't even trace back where some of
    > the variables are coming from (for example, the "ref" part of the
    > Request.QueryString method).
    >
    > Could someone please tell me (by email) where my problem is? Thank you
    > kindly.
    >
    > This is the page that gets called when an admin user clicks on the
    > "Activate User" link (and after this page, I've included the page
    > which links to this page via the "Activate User" link):-
    >
    > <!--#include file="inc_common.asp" -->
    > <!--#include file="inc_viewuser.asp" -->
    > <!--#include file="inc_validatecode.asp" -->
    > <% Server.Execute("a_header.asp") %>
    > <%
    > If Request.QueryString("ref") <> "logout" AND rs_viewuser("status") =
    > "Pending" AND rs_viewuser("authority") = "user" Then
    > Response.Redirect("logout.asp?userCode=" &
    > Request.QueryString("userCode") & "&redir=activate")
    > %><title>1</title>
    > <%
    > Else
    > code = rs_viewuser("code")
    > If isCodeValid = True AND Request.QueryString("auth") = "admin" Then
    > Set RS = Server.CreateObject ("ADODB.RecordSet")
    > Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    > RS.Open Sql,adoCon,2,3
    > RS("authority") = "admin"
    > RS.Update
    > RS.Close
    > %><title>2</title>
    > <%
    > ElseIf isCodeValid = True AND (Request.QueryString("ref") = "logout"
    > or str_users_authority = "admin") Then
    > Set RS = Server.CreateObject ("ADODB.RecordSet")
    > Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    > RS.Open Sql,adoCon,2,3
    > RS("status") = "Active"
    > RS.Update
    > RS.Close
    > %><title><%=ref%></title>
    > <%
    > End If
    > %>
    > <title><%=pageTitle%> .:. Activate User</title>
    >
    > <% If isCodeValid = false Then %>
    > <p align="center">The user code entered was not valid. Please try
    > again.
    > </p>
    > <% ElseIf rs_viewuser("code") = "Active" Then %>
    > <p align="center"><b><%=str_name%></b>Your account is already active!
    > &nbsp;<a href="default.asp">Click
    > here</a> to view your account info.
    > </p>
    > <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority <>
    > "admin" Then %>
    > <p align="center">Thank you, <%=str_name%>! &nbsp; Your account is now
    > active. &nbsp; <a href="login.asp">Click
    > here</a> to log in.
    > </p>
    > <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority =
    > "admin" Then %>
    > <p align="center">Thank you! &nbsp; <%=str_name%>'s account is now
    > active. &nbsp; <a href="javascript:history.go(-1)">Click
    > here</a> to go back.
    > </p>
    > <% Else %>
    > <div align="center">
    > <center>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%">
    > <tr>
    > <td colspan="2">
    > <p align="center">Your account has been suspended.&nbsp; If you
    > believe your account should
    > be active, please <a href="mailto:<%=adminEmail%>">email the
    > Webmaster</a>.</td>
    > </tr>
    > <tr>
    > <td height="8" colspan="2"></td>
    > </tr>
    > <tr>
    > <td colspan="2">
    > <p align="center">Reason(s) for suspension:</td>
    > </tr>
    > <tr>
    > <td height="8" colspan="2"></td>
    > </tr>
    > <tr>
    > <td width="25%" height="1"></td>
    > <td width="75%" height="1">
    > <ul>
    > <li><b><%=str_users_suspensionreason%></b></li>
    > </ul>
    > </td>
    > </tr>
    > </table>
    > </center>
    > </div>
    > <% End If %>
    > <% End If %>
    > <% Server.Execute("a_footer.asp") %>
    >
    >
    >
    >
    > *****This is the page that links to the above page:-*****
    >
    > <!--#include file="inc_common.asp" -->
    > <!--#include file="inc_checklogin.asp" -->
    > <!--#include file="inc_userlist.asp" -->
    > <% Server.Execute("a_header.asp") %>
    > <%
    > If str_users_authority = "user" Then
    > Response.Redirect("noentry.asp?entryType=noAdmin")
    > ElseIf str_users_name = "" Then
    > Response.Redirect("noentry.asp")
    > Else
    > %>
    >
    > <title><%=pageTitle%> .:. <%=str_users_name%> - Viewing User
    > List</title>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%"
    > height="14">
    > <tr>
    > <td width="100%" height="14">
    > <img border="0" src="images/user-list.gif"></td>
    > </tr>
    > </table>
    > <br>
    > <div align="center">
    > <center>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%">
    > <tr>
    > <td width="700">
    > <!-- Begin inner set of tables -->
    > <p><b>Active Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>"
    > class="sortLink"><a

    href="userlist.asp?orderType=name&ascDescType=desc"><img
    > src="images/arrow-down.gif" alt="Sort by Username Descending"
    > width="10" height="10" border="0"></a>
    > Username <a
    > href="userlist.asp?orderType=name&ascDescType=asc"><img
    > src="images/arrow-up.gif" alt="Sort by Username Ascending" width="10"
    > height="10" border="0"></a></th>
    > <th width="20%" bgcolor="<%=tableColor%>"
    > class="sortLink"> <a
    > href="userlist.asp?orderType=authority&ascDescType=desc"><img
    > src="images/arrow-down.gif" alt="Sort by Authority Descending"
    > width="10" height="10" border="0"></a>
    > Authority <a
    > href="userlist.asp?orderType=authority&ascDescType=asc"><img
    > src="images/arrow-up.gif" alt="Sort by Authority Ascending"
    > width="10" height="10" border="0"></a></th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Active" Then
    > %>
    > <tr>
    > <td width="35%"><a href="viewprofile.asp<% If
    > rs_userlist("code") <> str_users_code Then
    > %>?mode=viewUser&userCode=<%=rs_userlist("code")%><% End If
    > %>"><%=rs_userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "admin"
    > Then %>
    > Administrator <% ElseIf rs_userlist("authority") =
    > "mod" Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="updateprofile.asp<% If rs_userlist("code") <> str_users_code
    > Then %>?userCode=<%=rs_userlist("code")%><% End If %>">
    > Edit Profile</a>
    > <% If rs_userlist("code") <> str_users_code Then %>
    > | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">Delete
    > User</a>
    > <% End If %>
    > </td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > </table>
    > </div>
    > <p><b>Pending Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    > <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > iCount = 0
    > rs_userlist.MoveFirst()
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Pending" Then
    > iCount = iCount + 1
    > %>
    > <tr>
    > <td width="35%"><a
    >

    href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs
    _userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "mod"
    > Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="activate.asp?userCode=<%=rs_userlist("code")%>">
    > Activate User</a> | <a
    > href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">Edit
    > Profile</a> | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">
    > Delete User</a></td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > <% If iCount = 0 Then %>
    > <tr>
    > <td width="35%">No pending users found</td>
    > <td width="20%"></td>
    > <td width="45%"></td>
    > </tr>
    > <% End If %>
    > </table>
    > </div>
    > <p><b>Suspended Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    > <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > iCount = 0
    > rs_userlist.MoveFirst()
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Disabled" Then
    > iCount = iCount + 1
    > %>
    > <tr>
    > <td width="35%"><a
    >

    href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs
    _userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "mod"
    > Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">
    > Edit Profile</a> | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">
    > Delete User</a></td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > <% If iCount = 0 Then %>
    > <tr>
    > <td width="35%">No suspended users found</td>
    > <td width="20%"></td>
    > <td width="45%"></td>
    > </tr>
    > <% End If %>
    > </table>
    > </div>
    > <%
    > 'Close adoCon and rs_userlist
    > rs_userlist.Close
    > set rs_userlist = Nothing
    > %>
    > <td>&nbsp;
    > </table>
    > </div>
    > <!-- End inner set of tables -->
    > </td>
    > </tr>
    > </table>
    > </center>
    > </div>
    > <% Server.Execute("a_footer.asp") %>
    > <% End If %>
     
    MD WebsUnlimited.com, Jan 21, 2004
    #2
    1. Advertising

  3. Your best bet would be to ask the person who wrote the code.

    --
    HTH,
    Kevin Spencer
    ..Net Developer
    Microsoft MVP
    Big things are made up
    of lots of little things.

    "Max" <> wrote in message
    news:...
    > Hello. This is the first time I've posted to a newsgroup, and I do
    > this because I'm in desperate need of help.
    > I'm working a user management system, and when I activate a user that
    > has registered to my system, the current admin user logged in gets
    > logged out.
    > I can't seem to work out how - I can't even trace back where some of
    > the variables are coming from (for example, the "ref" part of the
    > Request.QueryString method).
    >
    > Could someone please tell me (by email) where my problem is? Thank you
    > kindly.
    >
    > This is the page that gets called when an admin user clicks on the
    > "Activate User" link (and after this page, I've included the page
    > which links to this page via the "Activate User" link):-
    >
    > <!--#include file="inc_common.asp" -->
    > <!--#include file="inc_viewuser.asp" -->
    > <!--#include file="inc_validatecode.asp" -->
    > <% Server.Execute("a_header.asp") %>
    > <%
    > If Request.QueryString("ref") <> "logout" AND rs_viewuser("status") =
    > "Pending" AND rs_viewuser("authority") = "user" Then
    > Response.Redirect("logout.asp?userCode=" &
    > Request.QueryString("userCode") & "&redir=activate")
    > %><title>1</title>
    > <%
    > Else
    > code = rs_viewuser("code")
    > If isCodeValid = True AND Request.QueryString("auth") = "admin" Then
    > Set RS = Server.CreateObject ("ADODB.RecordSet")
    > Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    > RS.Open Sql,adoCon,2,3
    > RS("authority") = "admin"
    > RS.Update
    > RS.Close
    > %><title>2</title>
    > <%
    > ElseIf isCodeValid = True AND (Request.QueryString("ref") = "logout"
    > or str_users_authority = "admin") Then
    > Set RS = Server.CreateObject ("ADODB.RecordSet")
    > Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    > RS.Open Sql,adoCon,2,3
    > RS("status") = "Active"
    > RS.Update
    > RS.Close
    > %><title><%=ref%></title>
    > <%
    > End If
    > %>
    > <title><%=pageTitle%> .:. Activate User</title>
    >
    > <% If isCodeValid = false Then %>
    > <p align="center">The user code entered was not valid. Please try
    > again.
    > </p>
    > <% ElseIf rs_viewuser("code") = "Active" Then %>
    > <p align="center"><b><%=str_name%></b>Your account is already active!
    > &nbsp;<a href="default.asp">Click
    > here</a> to view your account info.
    > </p>
    > <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority <>
    > "admin" Then %>
    > <p align="center">Thank you, <%=str_name%>! &nbsp; Your account is now
    > active. &nbsp; <a href="login.asp">Click
    > here</a> to log in.
    > </p>
    > <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority =
    > "admin" Then %>
    > <p align="center">Thank you! &nbsp; <%=str_name%>'s account is now
    > active. &nbsp; <a href="javascript:history.go(-1)">Click
    > here</a> to go back.
    > </p>
    > <% Else %>
    > <div align="center">
    > <center>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%">
    > <tr>
    > <td colspan="2">
    > <p align="center">Your account has been suspended.&nbsp; If you
    > believe your account should
    > be active, please <a href="mailto:<%=adminEmail%>">email the
    > Webmaster</a>.</td>
    > </tr>
    > <tr>
    > <td height="8" colspan="2"></td>
    > </tr>
    > <tr>
    > <td colspan="2">
    > <p align="center">Reason(s) for suspension:</td>
    > </tr>
    > <tr>
    > <td height="8" colspan="2"></td>
    > </tr>
    > <tr>
    > <td width="25%" height="1"></td>
    > <td width="75%" height="1">
    > <ul>
    > <li><b><%=str_users_suspensionreason%></b></li>
    > </ul>
    > </td>
    > </tr>
    > </table>
    > </center>
    > </div>
    > <% End If %>
    > <% End If %>
    > <% Server.Execute("a_footer.asp") %>
    >
    >
    >
    >
    > *****This is the page that links to the above page:-*****
    >
    > <!--#include file="inc_common.asp" -->
    > <!--#include file="inc_checklogin.asp" -->
    > <!--#include file="inc_userlist.asp" -->
    > <% Server.Execute("a_header.asp") %>
    > <%
    > If str_users_authority = "user" Then
    > Response.Redirect("noentry.asp?entryType=noAdmin")
    > ElseIf str_users_name = "" Then
    > Response.Redirect("noentry.asp")
    > Else
    > %>
    >
    > <title><%=pageTitle%> .:. <%=str_users_name%> - Viewing User
    > List</title>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%"
    > height="14">
    > <tr>
    > <td width="100%" height="14">
    > <img border="0" src="images/user-list.gif"></td>
    > </tr>
    > </table>
    > <br>
    > <div align="center">
    > <center>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%">
    > <tr>
    > <td width="700">
    > <!-- Begin inner set of tables -->
    > <p><b>Active Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>"
    > class="sortLink"><a

    href="userlist.asp?orderType=name&ascDescType=desc"><img
    > src="images/arrow-down.gif" alt="Sort by Username Descending"
    > width="10" height="10" border="0"></a>
    > Username <a
    > href="userlist.asp?orderType=name&ascDescType=asc"><img
    > src="images/arrow-up.gif" alt="Sort by Username Ascending" width="10"
    > height="10" border="0"></a></th>
    > <th width="20%" bgcolor="<%=tableColor%>"
    > class="sortLink"> <a
    > href="userlist.asp?orderType=authority&ascDescType=desc"><img
    > src="images/arrow-down.gif" alt="Sort by Authority Descending"
    > width="10" height="10" border="0"></a>
    > Authority <a
    > href="userlist.asp?orderType=authority&ascDescType=asc"><img
    > src="images/arrow-up.gif" alt="Sort by Authority Ascending"
    > width="10" height="10" border="0"></a></th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Active" Then
    > %>
    > <tr>
    > <td width="35%"><a href="viewprofile.asp<% If
    > rs_userlist("code") <> str_users_code Then
    > %>?mode=viewUser&userCode=<%=rs_userlist("code")%><% End If
    > %>"><%=rs_userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "admin"
    > Then %>
    > Administrator <% ElseIf rs_userlist("authority") =
    > "mod" Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="updateprofile.asp<% If rs_userlist("code") <> str_users_code
    > Then %>?userCode=<%=rs_userlist("code")%><% End If %>">
    > Edit Profile</a>
    > <% If rs_userlist("code") <> str_users_code Then %>
    > | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">Delete
    > User</a>
    > <% End If %>
    > </td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > </table>
    > </div>
    > <p><b>Pending Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    > <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > iCount = 0
    > rs_userlist.MoveFirst()
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Pending" Then
    > iCount = iCount + 1
    > %>
    > <tr>
    > <td width="35%"><a
    >

    href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs
    _userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "mod"
    > Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="activate.asp?userCode=<%=rs_userlist("code")%>">
    > Activate User</a> | <a
    > href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">Edit
    > Profile</a> | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">
    > Delete User</a></td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > <% If iCount = 0 Then %>
    > <tr>
    > <td width="35%">No pending users found</td>
    > <td width="20%"></td>
    > <td width="45%"></td>
    > </tr>
    > <% End If %>
    > </table>
    > </div>
    > <p><b>Suspended Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    > <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > iCount = 0
    > rs_userlist.MoveFirst()
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Disabled" Then
    > iCount = iCount + 1
    > %>
    > <tr>
    > <td width="35%"><a
    >

    href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs
    _userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "mod"
    > Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">
    > Edit Profile</a> | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">
    > Delete User</a></td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > <% If iCount = 0 Then %>
    > <tr>
    > <td width="35%">No suspended users found</td>
    > <td width="20%"></td>
    > <td width="45%"></td>
    > </tr>
    > <% End If %>
    > </table>
    > </div>
    > <%
    > 'Close adoCon and rs_userlist
    > rs_userlist.Close
    > set rs_userlist = Nothing
    > %>
    > <td>&nbsp;
    > </table>
    > </div>
    > <!-- End inner set of tables -->
    > </td>
    > </tr>
    > </table>
    > </center>
    > </div>
    > <% Server.Execute("a_footer.asp") %>
    > <% End If %>
     
    Kevin Spencer, Jan 21, 2004
    #3
  4. Max

    Max A Guest

    Hi Mike, below are the includes used in the 2 asp files that I posted.
    My web app doesn't have a global.asa.

    Thanks for your help.

    ***inc_common.asp***
    <%
    If isCommonCreated <> True Then
    'Set the script timeout in seconds
    Server.ScriptTimeout = 90

    'Set Dimension Variables
    Dim strDataBasePath 'Holds the path to the database
    Dim cString 'Holds the connection string
    Dim adoCon 'Holds the ado connection
    Dim strSQL 'Holds SQL string

    'Set the variable to hold an ADO connection
    Set adoCon = Server.CreateObject("ADODB.Connection")

    '----------------------------------------------------------------------
    --------------
    'Change this value to the path of the database
    strDataBasePath = "users.mdb"
    '----------------------------------------------------------------------
    --------------

    'Connection string for the database
    'If the following line does not work comment it out with a ' at the
    start of the line and uncomment another string
    cString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
    Server.MapPath(strDataBasePath)

    'Uncomment this connection string if you are using Access Database 2000
    or 2002
    'cString = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" &
    Server.MapPath(strDataBasePath)

    'Uncomment this connection string if you are using a DSN (note: DSN is
    slower than the above connection strings)
    'cString = "DSN=NAME_OF_DSN"
    'Replace the NAME_OF_DSN with the DSN

    adoCon.Open cString

    'Request the users details

    'Set the variable to the value in the users cookie
    str_userscode = Request.Cookies("Login")("userCode")

    'If the users code is not empty then
    IF str_userscode <> "" THEN
    'Create a new record set
    Set rsUserLog = Server.CreateObject("ADODB.RecordSet")

    'Set the new sql string
    StrSql="SELECT * FROM tbl_authors WHERE code='" & str_userscode & "';"

    'Open the recordset and execute the sql
    rsUserLog.open StrSql,cString

    'If there is no record matching the users cookie details then set the
    vairbales to empty
    If rsUserLog.EOF Then
    Response.cookies("Login")("userCode") = ""
    'If there is a record to match then
    Else
    'Set the database values to variables
    str_users_name = rsUserLog("name")
    str_users_password = rsUserLog("pass")
    str_users_fullname = rsUserLog("fullname")
    str_users_email = rsUserLog("email")
    str_users_phone = rsUserLog("phone")
    str_users_department = rsUserLog("department")
    str_users_authority = rsUserLog("authority")
    str_users_date = rsUserLog("signupdate")
    str_users_code = rsUserLog("code")
    str_users_status = rsUserLog("status")
    str_users_suspensionreason = rsUserLog("suspensionreason")
    End If

    'Close and clean up
    rsUserLog.Close
    set rsUserLog = Nothing

    'If users code is empty then user is a Guest
    Else
    Response.cookies("Login")("userCode") = ""
    End If

    '-----------------------------------------------------------------------
    ---------------------
    'This section finds all information about the style of the webpage so it
    can be displayed.

    'Create a new record set
    set rsPageAttributes = Server.CreateObject("ADODB.RecordSet")

    'Set the new sql string
    pageSql = "SELECT * FROM tbl_admin"

    'Open the recordset and execute the sql
    rsPageAttributes.open pageSql,cString

    adminEmail = rsPageAttributes("adminEmail")
    bgColor = rsPageAttributes("bgColor")
    tableColor = rsPageAttributes("tableColor")
    menuColor = rsPageAttributes("menuColor")
    fontColor = rsPageAttributes("fontColor")
    fontFace = rsPageAttributes("fontFace")
    fontSize = rsPageAttributes("fontSize")
    fontWeight = rsPageAttributes("fontWeight")
    aLinkColor = rsPageAttributes("aLinkColor")
    aLinkUnderline = rsPageAttributes("aLinkUnderline")
    aLinkWeight = rsPageAttributes("aLinkWeight")
    aHoverColor = rsPageAttributes("aHoverColor")
    aHoverUnderline = rsPageAttributes("aHoverUnderline")
    aHoverWeight = rsPageAttributes("aHoverWeight")
    menuLinkColor = rsPageAttributes("menuLinkColor")
    menuLinkHoverColor = rsPageAttributes("menuLinkHoverColor")
    pageTitle = rsPageAttributes("siteTitle")
    homePage = rsPageAttributes("homePage")
    mailServer = rsPageAttributes("mailHost")
    mailType = rsPageAttributes("mailType")
    sendConfEmail = rsPageAttributes("sendConfEmail")
    errorColor = rsPageAttributes("errorColor")

    'Close and clean up
    rsPageAttributes.Close
    set rsPageAttributes = Nothing

    '-----------------------------------------------------------------------
    ---------------------
    Else
    Dim isCommonCreated
    isCommonCreated = True
    End If
    '-----------------------------------------------------------------------
    ---------------------
    'Function to print header logo
    Function printLogo
    'Create a new record set
    set rsPrintLogo = server.createobject("ADODB.RecordSet")

    'Set the new sql string
    logoSql = "SELECT * FROM tbl_admin"

    'Open the recordset and execute the sql
    rsPrintLogo.open logoSql,cString

    binaryLogo = rsPrintLogo("headerLogo")

    'Close and clean up
    rsPrintLogo.Close
    Set rsPrintLogo = Nothing
    printLogo = rsPrintLogo
    End Function
    '-----------------------------------------------------------------------
    ---------------------

    '-----------------------------------------------------------------------
    ---------------------
    'Function to return the state of adoCon in a string value
    Function GetState(intState)
    Select Case intState
    Case 0
    GetState = "adStateClosed"
    Case 1
    GetState = "adStateOpen"
    End Select
    'Syntax: GetState(adoCon.state)
    End Function
    '-----------------------------------------------------------------------
    ---------------------
    %>


    ***inc_viewuser.asp***
    <%
    Function rs_viewuser(desField)
    'Create new SQL string
    If Request.QueryString("userCode") <> "" Then
    viewuserSQL = "SELECT * FROM tbl_Authors WHERE code='" &
    Request.QueryString("userCode") & "'"
    Else
    viewuserSQL = "SELECT * FROM tbl_Authors WHERE code='" &
    str_users_code & "'"
    End If

    'Create a new recordsheet
    Set RS = Server.CreateObject ("ADODB.RecordSet")

    'Open the record sheet and execute SQL
    RS.Open viewuserSQL,cString
    retField = RS(desField)
    RS.Close
    Set RS = Nothing

    rs_viewuser = retField
    End Function

    Function getUserCode(username, email)

    'Create new SQL string
    viewuserSQL = "SELECT * FROM tbl_authors WHERE name='" & username & "'
    AND email='" & email & "'"

    'Create a new recordsheet
    Set RS = Server.CreateObject ("ADODB.RecordSet")

    'Open the record sheet and execute SQL
    RS.Open viewuserSQL,cString
    If RS.EOF Then
    retCode = ""
    Else
    retCode = RS("code")
    End If
    RS.Close
    Set RS = Nothing

    getUserCode = retCode
    End Function
    %>


    ***inc_validatecode.asp***
    <%
    Dim str_code
    str_code = Request.QueryString("userCode")
    Dim isCodeValid
    Dim str_status, str_name

    'Create new SQL string
    validateSQL = "SELECT * FROM tbl_Authors WHERE code = '" & str_code &
    "'"

    'Create a new recordsheet
    Set rs_validate = Server.CreateObject ("ADODB.RecordSet")

    'Open the record sheet and execute SQL
    rs_validate.open validateSQL,adoCon

    'If the code is not a valid on then set isCodeValid to false
    If rs_validate.EOF _
    Or rs_validate.BOF Then
    isCodeValid = false
    Else
    isCodeValid = true
    str_status = rs_validate("status")
    str_name = rs_validate("name")
    str_authority = rs_validate("authority")
    End If

    'Close adoCon and rs_validate
    set rs_validate = Nothing
    %>


    ***inc_checklogin.asp***
    <%
    Dim str_code
    str_code = Request.cookies("Login")("userCode")

    'Create new SQL string
    strSQL = "SELECT code " & _
    "FROM tbl_Authors WHERE name='" & str_users_name & "' AND
    code='" & str_code & "' AND pass='" & str_users_password & "'"

    'Create a new recordsheet
    Set rs_check = Server.CreateObject ("ADODB.RecordSet")

    'Open the record sheet and execute SQL
    rs_check.open strSQL,adoCon

    If rs_check.EOF OR rs_check.BOF Then
    Response.Redirect "noentry.asp"
    End If
    %>


    ***inc_userlist.asp***
    <%
    orderType = Request.QueryString("orderType")
    ascDescType = Request.QueryString("ascDescType")
    If orderType <> "name" AND orderType <> "authority" Then
    orderType = "signupdate"
    End If
    If ascDescType <> "DESC" Then
    ascType = "ASC"
    End If

    'Create new SQL string
    validateSQL = "SELECT * FROM tbl_Authors ORDER BY " & orderType & " " &
    ascDescType

    'Create a new recordsheet
    Set rs_userlist = Server.CreateObject ("ADODB.RecordSet")

    'Open the record sheet and execute SQL
    rs_userlist.open validateSQL,adoCon
    %>

    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
     
    Max A, Jan 21, 2004
    #4
  5. First, you need only post to one newsgroup.
    Second, EVERYTIME you SET an object variable you need to SET it to
    NOTHING (SET rs = NOTHING) before the script ends.
    Third, in glancing through the code, I didn't see anything that would
    UPDATE the admin user's account. Please post back and explain the
    process by which a user is logged out AND what you mean by the ADMIN
    user is logged out. Need some clarity.

    David H
    (Also, its not neccessary to post all of your code.)


    Max wrote:
    > Hello. This is the first time I've posted to a newsgroup, and I do
    > this because I'm in desperate need of help.
    > I'm working a user management system, and when I activate a user that
    > has registered to my system, the current admin user logged in gets
    > logged out.
    > I can't seem to work out how - I can't even trace back where some of
    > the variables are coming from (for example, the "ref" part of the
    > Request.QueryString method).
    >
    > Could someone please tell me (by email) where my problem is? Thank you
    > kindly.
    >
    > This is the page that gets called when an admin user clicks on the
    > "Activate User" link (and after this page, I've included the page
    > which links to this page via the "Activate User" link):-
    >
    > <!--#include file="inc_common.asp" -->
    > <!--#include file="inc_viewuser.asp" -->
    > <!--#include file="inc_validatecode.asp" -->
    > <% Server.Execute("a_header.asp") %>
    > <%
    > If Request.QueryString("ref") <> "logout" AND rs_viewuser("status") =
    > "Pending" AND rs_viewuser("authority") = "user" Then
    > Response.Redirect("logout.asp?userCode=" &
    > Request.QueryString("userCode") & "&redir=activate")
    > %><title>1</title>
    > <%
    > Else
    > code = rs_viewuser("code")
    > If isCodeValid = True AND Request.QueryString("auth") = "admin" Then
    > Set RS = Server.CreateObject ("ADODB.RecordSet")
    > Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    > RS.Open Sql,adoCon,2,3
    > RS("authority") = "admin"
    > RS.Update
    > RS.Close
    > %><title>2</title>
    > <%
    > ElseIf isCodeValid = True AND (Request.QueryString("ref") = "logout"
    > or str_users_authority = "admin") Then
    > Set RS = Server.CreateObject ("ADODB.RecordSet")
    > Sql = "SELECT * FROM tbl_authors WHERE code='" & code & "'"
    > RS.Open Sql,adoCon,2,3
    > RS("status") = "Active"
    > RS.Update
    > RS.Close
    > %><title><%=ref%></title>
    > <%
    > End If
    > %>
    > <title><%=pageTitle%> .:. Activate User</title>
    >
    > <% If isCodeValid = false Then %>
    > <p align="center">The user code entered was not valid. Please try
    > again.
    > </p>
    > <% ElseIf rs_viewuser("code") = "Active" Then %>
    > <p align="center"><b><%=str_name%></b>Your account is already active!
    > &nbsp;<a href="default.asp">Click
    > here</a> to view your account info.
    > </p>
    > <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority <>
    > "admin" Then %>
    > <p align="center">Thank you, <%=str_name%>! &nbsp; Your account is now
    > active. &nbsp; <a href="login.asp">Click
    > here</a> to log in.
    > </p>
    > <% ElseIf rs_viewuser("code") <> "Disabled" AND str_users_authority =
    > "admin" Then %>
    > <p align="center">Thank you! &nbsp; <%=str_name%>'s account is now
    > active. &nbsp; <a href="javascript:history.go(-1)">Click
    > here</a> to go back.
    > </p>
    > <% Else %>
    > <div align="center">
    > <center>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%">
    > <tr>
    > <td colspan="2">
    > <p align="center">Your account has been suspended.&nbsp; If you
    > believe your account should
    > be active, please <a href="mailto:<%=adminEmail%>">email the
    > Webmaster</a>.</td>
    > </tr>
    > <tr>
    > <td height="8" colspan="2"></td>
    > </tr>
    > <tr>
    > <td colspan="2">
    > <p align="center">Reason(s) for suspension:</td>
    > </tr>
    > <tr>
    > <td height="8" colspan="2"></td>
    > </tr>
    > <tr>
    > <td width="25%" height="1"></td>
    > <td width="75%" height="1">
    > <ul>
    > <li><b><%=str_users_suspensionreason%></b></li>
    > </ul>
    > </td>
    > </tr>
    > </table>
    > </center>
    > </div>
    > <% End If %>
    > <% End If %>
    > <% Server.Execute("a_footer.asp") %>
    >
    >
    >
    >
    > *****This is the page that links to the above page:-*****
    >
    > <!--#include file="inc_common.asp" -->
    > <!--#include file="inc_checklogin.asp" -->
    > <!--#include file="inc_userlist.asp" -->
    > <% Server.Execute("a_header.asp") %>
    > <%
    > If str_users_authority = "user" Then
    > Response.Redirect("noentry.asp?entryType=noAdmin")
    > ElseIf str_users_name = "" Then
    > Response.Redirect("noentry.asp")
    > Else
    > %>
    >
    > <title><%=pageTitle%> .:. <%=str_users_name%> - Viewing User
    > List</title>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%"
    > height="14">
    > <tr>
    > <td width="100%" height="14">
    > <img border="0" src="images/user-list.gif"></td>
    > </tr>
    > </table>
    > <br>
    > <div align="center">
    > <center>
    > <table border="0" cellpadding="0" cellspacing="0"
    > style="border-collapse: collapse" bordercolor="#111111" width="100%">
    > <tr>
    > <td width="700">
    > <!-- Begin inner set of tables -->
    > <p><b>Active Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>"
    > class="sortLink"><a href="userlist.asp?orderType=name&ascDescType=desc"><img
    > src="images/arrow-down.gif" alt="Sort by Username Descending"
    > width="10" height="10" border="0"></a>
    > Username <a
    > href="userlist.asp?orderType=name&ascDescType=asc"><img
    > src="images/arrow-up.gif" alt="Sort by Username Ascending" width="10"
    > height="10" border="0"></a></th>
    > <th width="20%" bgcolor="<%=tableColor%>"
    > class="sortLink"> <a
    > href="userlist.asp?orderType=authority&ascDescType=desc"><img
    > src="images/arrow-down.gif" alt="Sort by Authority Descending"
    > width="10" height="10" border="0"></a>
    > Authority <a
    > href="userlist.asp?orderType=authority&ascDescType=asc"><img
    > src="images/arrow-up.gif" alt="Sort by Authority Ascending"
    > width="10" height="10" border="0"></a></th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Active" Then
    > %>
    > <tr>
    > <td width="35%"><a href="viewprofile.asp<% If
    > rs_userlist("code") <> str_users_code Then
    > %>?mode=viewUser&userCode=<%=rs_userlist("code")%><% End If
    > %>"><%=rs_userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "admin"
    > Then %>
    > Administrator <% ElseIf rs_userlist("authority") =
    > "mod" Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="updateprofile.asp<% If rs_userlist("code") <> str_users_code
    > Then %>?userCode=<%=rs_userlist("code")%><% End If %>">
    > Edit Profile</a>
    > <% If rs_userlist("code") <> str_users_code Then %>
    > | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">Delete
    > User</a>
    > <% End If %>
    > </td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > </table>
    > </div>
    > <p><b>Pending Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    > <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > iCount = 0
    > rs_userlist.MoveFirst()
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Pending" Then
    > iCount = iCount + 1
    > %>
    > <tr>
    > <td width="35%"><a
    > href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs_userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "mod"
    > Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="activate.asp?userCode=<%=rs_userlist("code")%>">
    > Activate User</a> | <a
    > href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">Edit
    > Profile</a> | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">
    > Delete User</a></td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > <% If iCount = 0 Then %>
    > <tr>
    > <td width="35%">No pending users found</td>
    > <td width="20%"></td>
    > <td width="45%"></td>
    > </tr>
    > <% End If %>
    > </table>
    > </div>
    > <p><b>Suspended Users</b></p>
    > <div align="left">
    > <table border="1" cellpadding="0" cellspacing="1"
    > style="border-collapse: collapse" bordercolor="<%=tableColor%>"
    > width="100%">
    > <tr>
    > <th width="35%" bgcolor="<%=tableColor%>">Username</th>
    > <th width="20%" bgcolor="<%=tableColor%>">Authority</th>
    > <th width="45%" bgcolor="<%=tableColor%>">Options</th>
    > </tr>
    > <%
    > iCount = 0
    > rs_userlist.MoveFirst()
    > While not rs_userlist.EOF
    > If rs_userlist("status") = "Disabled" Then
    > iCount = iCount + 1
    > %>
    > <tr>
    > <td width="35%"><a
    > href="viewprofile.asp?mode=viewUser&userCode=<%=rs_userlist("code")%>"><%=rs_userlist("name")%></a>&nbsp;</td>
    > <td width="20%"><% If rs_userlist("authority") = "mod"
    > Then %>
    > Moderator <% ElseIf rs_userlist("authority") = "user"
    > Then %>
    > User <% End If %></td>
    > <td width="45%"> <p align="center"><a
    > href="updateprofile.asp?userCode=<%=rs_userlist("code")%>">
    > Edit Profile</a> | <a
    > href="deleteuser.asp?userCode=<%=rs_userlist("code")%>"
    > onclick="return confirm('Are you SURE you want to delete this
    > user?')">
    > Delete User</a></td>
    > </tr>
    > <%
    > End If
    > rs_userlist.MoveNext()
    > WEnd
    > %>
    > <% If iCount = 0 Then %>
    > <tr>
    > <td width="35%">No suspended users found</td>
    > <td width="20%"></td>
    > <td width="45%"></td>
    > </tr>
    > <% End If %>
    > </table>
    > </div>
    > <%
    > 'Close adoCon and rs_userlist
    > rs_userlist.Close
    > set rs_userlist = Nothing
    > %>
    > <td>&nbsp;
    > </table>
    > </div>
    > <!-- End inner set of tables -->
    > </td>
    > </tr>
    > </table>
    > </center>
    > </div>
    > <% Server.Execute("a_footer.asp") %>
    > <% End If %>
     
    David C. Holley, Jan 25, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Daniel Bass
    Replies:
    2
    Views:
    3,774
    dave wanta
    Jul 4, 2003
  2. George
    Replies:
    5
    Views:
    6,677
    George
    Apr 2, 2004
  3. michaaal
    Replies:
    6
    Views:
    437
    Michael D. Kersey
    Jul 15, 2003
  4. John Davis
    Replies:
    2
    Views:
    426
    Dave Anderson
    Aug 18, 2003
  5. Ivan
    Replies:
    5
    Views:
    170
Loading...

Share This Page