<% ' Fruibile - L'elemento CMS Open Source che mancava ' Copyright (C) 2002-2006 Roberto Scano ' ' Licensed under the terms of the GNU Lesser General Public License: ' http://www.opensource.org/licenses/lgpl-license.php ' ' For further information visit: ' http://www.fruibile.it/ ' ' File Author: ' Roberto Scano (mail@robertoscano.info) %> <% If Session ("WEBGODLogin") = "" then response.redirect "default.asp" end if %> <% 'Prevent your website from cross website attacks --------- refererUrl = Cstr(Request.ServerVariables("HTTP_REFERER")) serverName = Cstr(Request.ServerVariables("SERVER_NAME")) refererName = mid(refererUrl,8,len(serverName)) if refererName <> serverName then response.Redirect "/backoffice/noentry.asp" response.end end if '--------------------------------------------------------- '------------------------------------------------------------------------- Function ExpSelect ( table, DescField, RetID, ActVal) '------------------------------------------------------------------------- Set qtmp = Server.CreateObject("ADODB.Recordset") sql = "SELECT " & RetID & " , " & DescField & " FROM " & table qtmp.Open sql, conn, adOpenStatic, adLockOptimistic Do While NOT qtmp.eof If ActVal = qtmp(RetID) Then %> <%= qtmp(DescField) %> <% else %> <%= qtmp(DescField) %> <% End If qtmp.movenext Loop qtmp.Close set qtmp = nothing End Function '------------------------------------------------------------------------- Function ExpSelectCond ( table, DescField, RetID, Cond, ActVal) '------------------------------------------------------------------------- Set qtmp = Server.CreateObject("ADODB.Recordset") sql = "SELECT " & RetID & " , " & DescField & " FROM " & table & " " & cond qtmp.Open sql, conn, adOpenStatic, adLockOptimistic Do While NOT qtmp.eof If ActVal = qtmp(RetID) Then %> <%= FixString(qtmp(DescField),"d") %> <% else %> <%= FixString(qtmp(DescField),"d") %> <% End If qtmp.movenext Loop qtmp.Close set qtmp = nothing End Function '------------------------------------------------------------------------- Function ExpMultiSelectCond ( table, DescField, RetID, Cond, ActVal) '------------------------------------------------------------------------- Set qtmp = Server.CreateObject("ADODB.Recordset") sql = "SELECT " & RetID & " , " & DescField & " FROM " & table & " " & cond qtmp.Open sql, conn, adOpenStatic, adLockOptimistic Do While NOT qtmp.eof if actVal <> "" then SelectedID = split(actVal, ",") selezionato = false for i = 0 to ubound(SelectedID) If selectedID(i) = qtmp(RetID) Then selezionato = true exit for end if next if selezionato = true then %> <%=FixString(qtmp(DescField),"d") %> <% else %> <%= FixString(qtmp(DescField),"d") %> <% end if else%> <%= FixString(qtmp(DescField),"d") %> <% end if qtmp.movenext Loop qtmp.Close set qtmp = nothing End Function '------------------------------------------------------------------------- Function ExpMultiSelectCondNum ( table, DescField, RetID, Cond, ActVal) '------------------------------------------------------------------------- Set qtmp = Server.CreateObject("ADODB.Recordset") sql = "SELECT " & RetID & " , " & DescField & " FROM " & table & " " & cond qtmp.Open sql, conn, adOpenStatic, adLockOptimistic Do While NOT qtmp.eof if actVal <> "" then SelectedID = split(actVal, ",") selezionato = false for i = 0 to ubound(SelectedID) If cint(selectedID(i)) = cint(qtmp(RetID)) Then selezionato = true exit for end if next if selezionato = true then %> <%=FixString(qtmp(DescField),"d") %> <% else %> <%= FixString(qtmp(DescField),"d") %> <% end if else%> <%= FixString(qtmp(DescField),"d") %> <% end if qtmp.movenext Loop qtmp.Close set qtmp = nothing End Function '------------------------------------------------------------------------- Function createCategoryOptions(selezionato) '------------------------------------------------------------------------- Dim strOptions strOptions = vbCrLf if structid="" then structid=0 end if if selezionato="" then selezionato=0 end if strSQL = "SELECT Count(*) AS intCount FROM " & application("prefix") & "documenti" ' where Structid = " & Structid Set objRS2 = Conn.execute(strSQL) intCount = objRS2("intCount") strSQL = "SELECT * FROM " & application("prefix") & "documenti ORDER BY parentid, catid" Set objRS = Conn.execute(strSQL) for i = 1 to intCount Set objTemp = new Category objTemp.id = objRS("catid") objTemp.parentid = objRS("parentid") objTemp.category = FixString(objRS("category"),"d") strCategory = constructCategory(objTemp) if selezionato = objRS("catid") then strOptions = strOptions & "" & strCategory & "" & vbCrLf else strOptions = strOptions & "" & strCategory & "" & vbCrLf end if objRS.movenext next strOptions = strOptions & vbCrLf createCategoryOptions = strOptions End Function '------------------------------------------------------------------------- Function createCategoryOptions2(selezionato) '------------------------------------------------------------------------- Dim strOptions strOptions = vbCrLf if structid="" then structid=0 end if if selezionato="" then selezionato=0 end if if Session("supervisor") = true then aggiunta_sql = "" aggiunta_where_sql = "" else aggiunta_sql = " and office_id=" & Session("Office_ID") aggiunta_where_sql = " where office_id=" & Session("Office_ID") end if strSQL = "SELECT * FROM " & application("prefix") & "documenti where argomento=1 " & aggiunta_sql & " ORDER BY parentid, posizione" 'parentid, catid" Set objRS = Conn.execute(strSQL) Do while NOT objrs.eof Set objTemp = new Category objTemp.id = objRS("catid") objTemp.parentid = objRS("parentid") strCategory = "\" & constructCategory(objTemp) & FixString(objRS("title_" & session("language")),"d") if int(selezionato) = int(objRS("id")) then strOptions = strOptions & " [" & objRS("id") & "] " & strCategory & "" & vbCrLf else strOptions = strOptions & " [" & objRS("id") & "] " & strCategory & "" & vbCrLf end if objRS.movenext loop strOptions = strOptions & vbCrLf createCategoryOptions2 = strOptions End Function '------------------------------------------------------------------------- Function estraicategorie(selezionato,areaid,area) '------------------------------------------------------------------------- if Session("supervisor") = true then aggiunta_sql = "" aggiunta_where_sql = "" else aggiunta_sql = " and office_id=" & Session("Office_ID") aggiunta_where_sql = " where office_id=" & Session("Office_ID") end if strOptions = vbCrLf if structid="" then if Session("supervisor") = true then structid= 0 else structid= Session("Office_ID") end if end if if selezionato=null then if Session("supervisor") = true then selezionato= 0 else selezionato= Session("Office_ID") end if end if strSQL = "SELECT * FROM " & application("prefix") & "documenti where argomento=1 and areaid=" & cstr(areaid) & aggiunta_sql & " ORDER BY parentid, posizione" 'parentid, catid" Set objRS = Conn.execute(strSQL) If objrs.EOF and objrs.BOF Then else stroptions = stroptions & "" & vbcrlf Do while NOT objrs.eof Set objTemp = new Category objTemp.id = objRS("catid") objTemp.parentid = objRS("parentid") strCategory = "\" & constructCategory(objTemp) & FixString(objRS("title_" &session("language")),"d") if int(selezionato) = int(objRS("id")) then strOptions = strOptions & " [" & objRS("id") & "] " & strCategory & "" & vbCrLf else strOptions = strOptions & " [" & objRS("id") & "] " & strCategory & "" & vbCrLf end if objRS.movenext loop strOptions = strOptions & "" & vbCrLf end if strOptions = strOptions & vbCrLf estraicategorie = strOptions End Function '------------------------------------------------------------------------- Function ModelliContenuti(selezionato,tipo) 'tipo: '0 = AREE '1 = ARGOMENTI '2 = CONTENUTI '3 = COMUNICATI '4 = TESTI '5 = UFFICI '------------------------------------------------------------------------- select case int(tipo) case 0 'AREE strSQL = "SELECT * FROM " & application("prefix") & "modelli_html where visibile_" & session("language") & "=1 and aree=1 and validato_" & session("language") & "=1 ORDER BY id" case 1 'ARGOMENTI strSQL = "SELECT * FROM " & application("prefix") & "modelli_html where visibile_" & session("language") & "=1 and argomenti=1 and validato_" & session("language") & "=1 ORDER BY id" case 2 'CONTENUTI strSQL = "SELECT * FROM " & application("prefix") & "modelli_html where visibile_" & session("language") & "=1 and contenuti=1 and validato_" & session("language") & "=1 ORDER BY id" case 3 'COMUNICATI strSQL = "SELECT * FROM " & application("prefix") & "modelli_html where visibile_" & session("language") & "=1 and comunicati=1 and validato_" & session("language") & "=1 ORDER BY id" case 4 'TESTI strSQL = "SELECT * FROM " & application("prefix") & "modelli_html where visibile_" & session("language") & "=1 and testi=1 and validato_" & session("language") & "=1 ORDER BY id" case 5 'UFFICI strSQL = "SELECT * FROM " & application("prefix") & "modelli_html where visibile_" & session("language") & "=1 and uffici=1 and validato_" & session("language") & "=1 ORDER BY id" end select Set objRS = Conn.execute(strSQL) Do while NOT objrs.eof if int(selezionato) = int(objRS("id")) then strOptions = strOptions & "[" & objRS("id") & "] " & FixString(objRS("title_" & Session("language")),"d") & "" & vbCrLf else strOptions = strOptions & "[" & objRS("id") & "] " & FixString(objRS("title_" & Session("language")),"d") & "" & vbCrLf end if objRS.movenext Loop strOptions = strOptions & vbCrLf ModelliContenuti = strOptions End Function Sub DisplayTree(oNode, lLevel, lValore) Dim objNode1 If oNode.nodeName = "root" Then For Each objNode1 In oNode.ChildNodes If objNode1.NodeType = 1 Then DisplayTree objNode1, lLevel, lValore End If Next ElseIf oNode.nodeName = "group" Then Response.Write "" For Each objNode1 In oNode.ChildNodes If objNode1.NodeType = 1 Then DisplayTree objNode1, lLevel, lValore End If Next Response.Write "" Else selezionato = null if int(oNode.Attributes.getNamedItem("id").text) = int(lValore) then selezionato= " selected=""selected"" " end if Response.Write "" & Replace(String(lLevel * 5, " "), " ", " ") & Server.HTMLEncode(oNode.Attributes.getNamedItem("title").text) & "" For Each objNode1 In oNode.ChildNodes If objNode1.NodeType = 1 Then DisplayTree objNode1, lLevel + 1, lValore End If Next End If Set objNode1 = Nothing End Sub %>