<% ' Fruibile - L'elemento CMS Open Source che mancava ' Copyright (C) 2002-2006 Roberto Scano ' ' Licensed under the terms of the GNU Lesser General Public License: ' http://www.opensource.org/licenses/lgpl-license.php ' ' For further information visit: ' http://www.fruibile.it/ ' ' File Author: ' Roberto Scano (mail@robertoscano.info) %> <% 'controllo sicurezza -------------- if Session("WEBGODLogin") <> "W3C_VALIDATOR" then If session("aree")<> 1 Then response.Redirect "/backoffice/noentry.asp" end if end if '---------------------------------- 'Prevent your website from cross website attacks --------- refererUrl = Cstr(Request.ServerVariables("HTTP_REFERER")) serverName = Cstr(Request.ServerVariables("SERVER_NAME")) refererName = mid(refererUrl,8,len(serverName)) if refererName <> serverName then response.Redirect "/backoffice/noentry.asp" response.end end if '--------------------------------------------------------- %> <% percorso = " " & DICLanguage(3) & "" percorso = percorso & " / " & DICLanguage(9) lastpage = Request.ServerVariables("HTTP_REFERER") %> <% CatId = replace(Request("catid"),"'","''") strfunction = replace(Request("function"),"'","''") If Request.Form("Add") <> "" Then strfunction = "Add" %>

<%=DICLanguage(3)%>

<% if Session("supervisor") = true then aggiunta_sql = "" aggiunta_where_sql = "" else aggiunta_sql = " and office_id=" & Session("Office_ID") aggiunta_where_sql = " where office_id=" & Session("Office_ID") end if 'NUMERO MASSIMO DI RECORD PER PAGINA maxitems = cint(Application("maxitems")) ' Inizio Paging If Request.QueryString ("MOVE")="NEXT" Then CurrentPage = Request.QueryString("CurrentPage")+1 End If If Request.QueryString ("MOVE")="PREV" Then CurrentPage = Request.QueryString("CurrentPage")-1 End If If Request.QueryString ("MOVE")="" Then CurrentPage = 1 End If If Request.QueryString ("MOVE")<>"" Then CurrentPage = Request.QueryString ("MOVE") End If ' fine Paging Set rs = Server.CreateObject("ADODB.Recordset") If Request.Querystring("key") = "" Then if CMS_DB = "MYSQL" Then strSQL = "SELECT Count(*) AS records FROM " & application("prefix") & "documenti" & where_aggiunta_sql & " where argomento=2 order by title_" & Session("Language") Set objRS3 = Conn.execute(strSQL) intrecords = cint(objRS3("records")) objRS3.close set objrs3 = nothing intPageSize = int(maxitems) intStart = currentPage*intPageSize intStart = intStart-intPageSize intPages = int(intRecords/intPageSize) +1 SQL = "SELECT * FROM " & application("prefix") & "documenti" & where_aggiunta_sql & " where argomento=2 order by title_" & Session("Language") & " LIMIT " & intStart & ", " & intPageSize else sql= "SELECT * FROM " & application("prefix") & "documenti" & where_aggiunta_sql & " where argomento=2 ORDER BY title_" & Session("Language") end if Else if CMS_DB = "MYSQL" Then strSQL = "SELECT Count(*) AS records FROM " & application("prefix") & "documenti WHERE (title_" & Session("Language") & " LIKE '%" & Request.Querystring("key") & "%' or descrizione_" & Session("Language") & " like '%" & Request.Querystring("key") & "%' or content_" & Session("Language") & " like '%" & Request.Querystring("key") & "%'" & aggiunta_sql & ") and argomento=2 ORDER BY title_" & Session("Language") Set objRS3 = Conn.execute(strSQL) intrecords = cint(objRS3("records")) objRS3.close set objrs3 = nothing intPageSize = int(maxitems) intStart = currentPage*intPageSize intStart = intStart-intPageSize intPages = int(intRecords/intPageSize) +1 SQL = "SELECT * FROM " & application("prefix") & "documenti WHERE (title_" & Session("Language") & " LIKE '%" & Request.Querystring("key") & "%' or descrizione_" & Session("Language") & " like '%" & Request.Querystring("key") & "%' or content_" & Session("Language") & " like '%" & Request.Querystring("key") & "%'" & aggiunta_sql & ") and argomento=2 ORDER BY title_" & Session("Language") & " LIMIT " & intStart & ", " & intPageSize else sql= "SELECT * FROM " & application("prefix") & "documenti WHERE (title_" & Session("Language") & " LIKE '%" & Request.Querystring("key") & "%' or descrizione_" & Session("Language") & " like '%" & Request.Querystring("key") & "%' or content_" & Session("Language") & " like '%" & Request.Querystring("key") & "%'" & aggiunta_sql & ") and argomento=2 ORDER BY title_" & Session("Language") end if End If If Request.Querystring("usr") <> "" Then if Session("supervisor") = true then utente = replace(request("usr"),"'","''") else utente = Session("ID_UTENTE") end if if CMS_DB = "MYSQL" Then strSQL = "SELECT Count(*) AS records FROM " & application("prefix") & "documenti where proprietario=" & utente & " and argomento=2" Set objRS3 = Conn.execute(strSQL) intrecords = cint(objRS3("records")) objRS3.close set objrs3 = nothing intPageSize = int(maxitems) intStart = currentPage*intPageSize intStart = intStart-intPageSize intPages = int(intRecords/intPageSize) +1 SQL = "SELECT * FROM " & application("prefix") & "documenti where proprietario=" & utente & " and argomento=2 order by title_" & Session("Language") & " LIMIT " & intStart & ", " & intPageSize else sql= "SELECT * FROM " & application("prefix") & "documenti where proprietario=" & utente & " and argomento=2 ORDER BY title_" & Session("Language") end if End if If CMS_DB = "SQL" or CMS_DB = "MYSQL" Then rs.CursorLocation = adUseClient End If rs.open sql, conn, adOpenStatic, adLockOptimistic if rs.EOF AND rs.BOF Then %>

<%=DICLanguage(150)%><%=DICLanguage(0)%>

" onclick="history.back()" onkeypress="history.back()"><%=DICLanguage(2)%><%=DICLanguage(0)%>

<% Else if CMS_DB = "ACCESS" or CMS_DB = "SQL" then rs.Pagesize= MaxItems rs.AbsolutePage = CurrentPage intPages = rs.PageCount intrecords = rs.recordcount end if if CMS_DB = "MYSQL" then intpages = intpages -1 end if if intpages = 0 then intpages = 1 %>

<%=IIf(intrecords > 1, replace(replace(replace(DICLanguage(155),"[N]",intrecords),"[PAG]",Currentpage),"[PAGG]", intPages), replace(replace(replace(DICLanguage(151),"[N]",intrecords),"[PAG]",Currentpage),"[PAGG]", intPages))%><%=DICLanguage(0)%>

<% setabbr = 0 while not rs.eof AND NumRows < maxitems if setabbr = 0 then setabbrtitle = " title=""" & DicLanguage(157) & """" else setabbrtitle = null end if%> <% setabbr = 1 rs.movenext NumRows = NumRows + 1 Wend %>

<%=DICLanguage(45)%>	<%=DICLanguage(82)%>	<%=DICLanguage(120)%>
<%=FixString(rs("title_" & Session("Language")),"d")%>	<%if rs("modificato") <> 0 then%>"><%=formatdatetime(rs("modificato"),2) %> - <%=formatdatetime(RS("Modificato"),3)%><%else%>><%=DICLanguage(158)%><%end if%>	&function=showmanu&mnu=<%=request("mnu")%>&submnu=<%=request("submnu")%>" title="<%=DICLanguage(159)%>"><%= rs("ID") %>

<%if intrecords > maxitems then%>

<% for ia=1 to intPages if cint(ia)=cint(currentPage) then%> <%=ia%> | <%else if ia < currentPage then %> &usr=<%=request("usr")%>&mnu=<%=request("mnu")%>&submnu=<%=request("submnu")%>" title="<%=replace(replace(DICLanguage(114),"[N]", ia),"[TOT]",intpages)%>"><%=ia%> <% else%> &usr=<%=request("usr")%>&mnu=<%=request("mnu")%>&submnu=<%=request("submnu")%>" title="<%=replace(replace(DICLanguage(115),"[N]", ia),"[TOT]",intpages)%>"><%=ia%> <%end if%><%if ia <> intpages then%> | <%end if%> <%end if next%>

<%end if%> <% rs.Close set rs=nothing End If 'Recordcount=0 %>