Admin

<%Response.Buffer=True Response.Expires=0 Session.Lcid = 1053 Response.Clear '##############ÄNDRA DETTA################## Losen1 = "admin" ' Adminnamn Losen2 = "admin" ' Adminlösenord Secure = "213wqeqa4" ' Ändra till valfritt. Säkrare så! '########################################## Function Fixa(str) Fixa = Replace(Trim(str),"'","''") End function Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("db/news.mdb")%> Admin

admin sider

<%With RecSet .MoveFirst .PageSize = perSida1 .AbsolutePage = sida End With Sidor = RecSet.PageCount Count = 0 Do While Not RecSet.EOF And Count < RecSet.PageSize%> <%Count = Count + 1 RecSet.MoveNext Loop If Sidor > 1 Then%> <%End If End If%> <%If Session("mess") <> "" Then%> <%End If%>

<%If Request.QueryString("do") = "" Then%> <%If Session("mess") <> "" Then%> <%End If%>

Bruger navn
Password

<%=Session("mess")%><%Session("mess") = ""%>

<%End If If Request.QueryString("do") = "check" Then If Request.Form("nyhetsadmin1") = Losen1 AND Request.Form("nyhetsadmin2") = Losen2 Then Session("nyheter") = Secure Session.TimeOut = 40 Response.Redirect "admin.asp?do=inne" Else Response.Redirect "admin.asp?do=login" End If End If If Request.QueryString("do") = "inne" Then%>

Log af

<%If Request.Querystring("action")= "" AND Session("nyheter") = Secure Then%> <%Set RecSet = Server.CreateObject("ADODB.Recordset") Const perSida1 = 15 Sidan = Request.QueryString("sida") If Sidan = "" then sida = 1 Else sida = Sidan End If With RecSet .CursorLocation = 3 .CacheSize = perSida1 End With SQL = "SELECT * FROM news ORDER BY datum DESC" RecSet.Open SQL, Conn If RecSet.EOF Then%>

Inge Sider

<%Else%>

Side

Dato skapt

<%If Len(RecSet("rubrik")) > 29 Then%><%=Left(RecSet("rubrik"),20)%>...<%Else%><%=RecSet("rubrik")%><%End If%>

<%=FormatDateTime(RecSet("Datum"),2)%>

" title="Ändra"> Rediger side?

<%If Sidor <> 1 Then For Sid = 1 To Sidor If (Int(Sid)) = (Int(sida)) Then%><%=Sid%><%Else%> <%=Sid%> <%End If%> <%Next%>

<% Response.Write Session("mess") Session("mess") = "" %>

<%RecSet.Close Set RecSet = Nothing End If End If If Request.Querystring("action") = "new" AND Session("nyheter") = Secure Then%> " name="frmUpload" onSubmit="return Nybild()">

Bilden:

<%End If If Request.Querystring("action")= "picin" AND Session("nyheter") = Secure Then byteCount = Request.TotalBytes RequestBin = Request.BinaryRead(byteCount) Set UploadRequest = CreateObject("Scripting.Dictionary") BuildUploadRequest RequestBin contentType = UploadRequest.Item("fil").Item("ContentType") filepathname = UploadRequest.Item("fil").Item("FileName") filename = Right(filepathname,Len(filepathname)-InstrRev(filepathname,"\")) value = UploadRequest.Item("fil").Item("Value") Bild = "newspic/" & filename ' hämtar filextension extension = right(Bild,len(Bild) - instr(Bild,".") +1) mappnamn = Right("000" & trim(Request.Querystring("id")), 3) Filen = Right("000000" & trim("news_" & Request.Querystring("id")), 6) ' bygger ihop det nya filnamnet newfilename = Filen & extension Set ScriptObject = Server.CreateObject("Scripting.FileSystemObject") pathEnd = Len(Server.mappath(Request.ServerVariables("PATH_INFO")))-14 Set MyFile = ScriptObject.CreateTextFile(Server.mappath("newspic/"& newfilename)) For i = 1 to LenB(value) MyFile.Write chr(AscB(MidB(value,i,1))) Next MyFile.Close Conn.execute("Update news Set bild='newspic/" & newfilename & "' Where id = "& Request.Querystring("id")) Response.Redirect "admin.asp?do=inne"%> <%End If If Request.Querystring("action") = "add" AND Session("nyheter") = Secure Then%>

Skribent:

Rubrik:

Inhold:

<%End If If Request.Querystring("action")= "change" AND Session("nyheter") = Secure Then Set RecSet = Conn.Execute("SELECT * FROM news WHERE id="& Request.Querystring("id"))%> " name="nyheter" onSubmit="return News();">

Skribent:
">

Rubrik:
">

Inhold:

<%RecSet.Close Set RecSet = Nothing End If If Request.Querystring("action")= "spara" AND Session("nyheter") = Secure Then Rubrik = Fixa(Request.Form("rubrik")) Nyhet = Fixa(Request.Form("nyhet")) Namn = Request.Form("namn") Conn.Execute("INSERT INTO news(Rubrik,Nyhet,namn) VALUES('" & Rubrik & "','" & Nyhet & "','" & Namn & "')") Response.Redirect "admin.asp?do=inne" End If If Request.Querystring("action") = "andrat" AND Session("nyheter") = Secure Then Rubrik = Fixa(Request.Form("rubrik")) Nyhet = Fixa(Request.Form("nyhet2")) Namn = Request.Form("namn") Conn.execute("Update news Set Rubrik='" & Rubrik & "', Nyhet='" & Nyhet & "', namn='" & Namn & "' Where id = "& Request.Querystring("id")) Response.Redirect "admin.asp?do=inne" End If If Request.Querystring("action") = "delbild" AND Session("nyheter") = Secure Then Set Mappkoll = Server.CreateObject("Scripting.FileSystemObject") Set Mapp = Mappkoll.GetFolder(Server.MapPath("bilder")) Bild = Request.QueryString("bild") Mappen = Mapp & "\" & Bild If Mappkoll.FileExists(Mappen) Then Mappkoll.DeleteFile(Mappen) End If Conn.execute("Update news Set bild='' Where id = "& Request.Querystring("id")) Response.Redirect "admin.asp?do=inne" End If If Request.Querystring("action") = "delete" And Session("nyheter") = Secure Then Set Mappkoll = Server.CreateObject("Scripting.FileSystemObject") Set Mapp = Mappkoll.GetFolder(Server.MapPath("bilder")) Bild = Request.QueryString("bild") Mappen = Mapp & "\" & Bild If Mappkoll.FileExists(Mappen) Then Mappkoll.DeleteFile(Mappen) End If Conn.Execute("Delete From news Where id="& Request.Querystring("id")) Response.Redirect "admin.asp?do=inne" End If If Request.Querystring("action") = "loggaut" Then Session.Abandon Response.Redirect "admin.asp" End If End If Conn.Close Set Conn = Nothing%>