<%
' Fruibile - L'elemento CMS Open Source che mancava
' Copyright (C) 2002-2006 Roberto Scano
'
' Licensed under the terms of the GNU Lesser General Public License:
' http://www.opensource.org/licenses/lgpl-license.php
'
' For further information visit:
' http://www.fruibile.it/
'
' File Author:
' Roberto Scano (mail@robertoscano.info)
%>
<%
'controllo sicurezza --------------
if Session("WEBGODLogin") <> "W3C_VALIDATOR" then
If session("strutture")<> 1 Then
response.Redirect "/backoffice/noentry.asp"
end if
end if
'----------------------------------
'Prevent your website from cross website attacks ---------
refererUrl = Cstr(Request.ServerVariables("HTTP_REFERER"))
serverName = Cstr(Request.ServerVariables("SERVER_NAME"))
refererName = mid(refererUrl,8,len(serverName))
if refererName <> serverName then
response.Redirect "/backoffice/noentry.asp"
response.end
end if
'---------------------------------------------------------
%>
<%
percorso = " " & DICLanguage(142) & ""
percorso = percorso & " / " & DICLanguage(9)
lastpage = Request.ServerVariables("HTTP_REFERER")
%>
<%
CatId = replace(Request("catid"),"'","''")
strfunction = replace(Request("function"),"'","''")
If Request.Form("Add") <> "" Then strfunction = "Add"
%>
<%=DICLanguage(142)%>
<%
if Session("supervisor") = true then
aggiunta_sql = ""
aggiunta_where_sql = ""
else
aggiunta_sql = " and office_id=" & Session("Office_ID")
aggiunta_where_sql = " where office_id=" & Session("Office_ID")
end if
'NUMERO MASSIMO DI RECORD PER PAGINA
maxitems = cint(Application("maxitems"))
' Inizio Paging
If Request.QueryString ("MOVE")="NEXT" Then
CurrentPage = Request.QueryString("CurrentPage")+1
End If
If Request.QueryString ("MOVE")="PREV" Then
CurrentPage = Request.QueryString("CurrentPage")-1
End If
If Request.QueryString ("MOVE")="" Then
CurrentPage = 1
End If
If Request.QueryString ("MOVE")<>"" Then
CurrentPage = Request.QueryString ("MOVE")
End If
' fine Paging
Set rs = Server.CreateObject("ADODB.Recordset")
If Request.Querystring("key") = "" Then
if CMS_DB = "MYSQL" Then
strSQL = "SELECT Count(*) AS records FROM " & application("prefix") & "strutture" & where_aggiunta_sql & " order by title_" & Session("Language")
Set objRS3 = Conn.execute(strSQL)
intrecords = cint(objRS3("records"))
objRS3.close
set objrs3 = nothing
intPageSize = int(maxitems)
intStart = currentPage*intPageSize
intStart = intStart-intPageSize
intPages = int(intRecords/intPageSize) +1
SQL = "SELECT * FROM " & application("prefix") & "strutture" & where_aggiunta_sql & " order by title_" & Session("Language") & " LIMIT " & intStart & ", " & intPageSize
else
sql= "SELECT * FROM " & application("prefix") & "strutture" & where_aggiunta_sql & " ORDER BY title_" & Session("Language")
end if
Else
if CMS_DB = "MYSQL" Then
strSQL = "SELECT Count(*) AS records FROM " & application("prefix") & "strutture WHERE title_" & Session("Language") & " LIKE '%" & Request.Querystring("key") & "%' or descrizione_" & Session("Language") & " like '%" & Request.Querystring("key") & "%' or content_" & Session("Language") & " like '%" & Request.Querystring("key") & "%'" & aggiunta_sql & " ORDER BY title_" & Session("Language")
Set objRS3 = Conn.execute(strSQL)
intrecords = cint(objRS3("records"))
objRS3.close
set objrs3 = nothing
intPageSize = int(maxitems)
intStart = currentPage*intPageSize
intStart = intStart-intPageSize
intPages = int(intRecords/intPageSize) +1
SQL = "SELECT * FROM " & application("prefix") & "strutture WHERE title_" & Session("Language") & " LIKE '%" & Request.Querystring("key") & "%' or descrizione_" & Session("Language") & " like '%" & Request.Querystring("key") & "%' or content_" & Session("Language") & " like '%" & Request.Querystring("key") & "%'" & aggiunta_sql & " ORDER BY title_" & Session("Language") & " LIMIT " & intStart & ", " & intPageSize
else
sql= "SELECT * FROM " & application("prefix") & "strutture WHERE title_" & Session("Language") & " LIKE '%" & Request.Querystring("key") & "%' or descrizione_" & Session("Language") & " like '%" & Request.Querystring("key") & "%' or content_" & Session("Language") & " like '%" & Request.Querystring("key") & "%'" & aggiunta_sql & " ORDER BY title_" & Session("Language")
end if
End If
If Request.Querystring("office") <> "" Then
if CMS_DB = "MYSQL" Then
strSQL = "SELECT Count(*) AS records FROM " & application("prefix") & "strutture where parentid=" & request("office") & aggiunta_sql
Set objRS3 = Conn.execute(strSQL)
intrecords = cint(objRS3("records"))
objRS3.close
set objrs3 = nothing
intPageSize = int(maxitems)
intStart = currentPage*intPageSize
intStart = intStart-intPageSize
intPages = int(intRecords/intPageSize) +1
SQL = "SELECT * FROM " & application("prefix") & "strutture where parentid=" & request("office") & aggiunta_sql & " order by title_" & Session("Language") & " LIMIT " & intStart & ", " & intPageSize
else
sql= "SELECT * FROM " & application("prefix") & "strutture where parentid=" & request("office") & aggiunta_sql & " ORDER BY title_" & Session("Language")
end if
End if
If CMS_DB = "SQL" or CMS_DB = "MYSQL" Then
rs.CursorLocation = adUseClient
End If
rs.open sql, conn, adOpenStatic, adLockOptimistic
if rs.EOF AND rs.BOF Then %>
<% Else
if CMS_DB = "ACCESS" or CMS_DB = "SQL" then
rs.Pagesize= MaxItems
rs.AbsolutePage = CurrentPage
intPages = rs.PageCount
intrecords = rs.recordcount
end if
if CMS_DB = "MYSQL" then
intpages = intpages -1
end if
if intpages = 0 then intpages = 1
%>
<%=IIf(intrecords > 1, replace(replace(replace(DICLanguage(170),"[N]",intrecords),"[PAG]",Currentpage),"[PAGG]", intPages), replace(replace(replace(DICLanguage(169),"[N]",intrecords),"[PAG]",Currentpage),"[PAGG]", intPages))%><%=DICLanguage(0)%>
<%if intrecords > maxitems then%>
<%end if%>
<%
rs.Close
set rs=nothing
End If 'Recordcount=0
%>