<% ' Fruibile - L'elemento CMS Open Source che mancava ' Copyright (C) 2002-2006 Roberto Scano ' ' Licensed under the terms of the GNU Lesser General Public License: ' http://www.opensource.org/licenses/lgpl-license.php ' ' For further information visit: ' http://www.fruibile.it/ ' ' File Author: ' Roberto Scano (mail@robertoscano.info) %> <% 'controllo sicurezza -------------- if Session("WEBGODLogin") <> "W3C_VALIDATOR" then If session("manutenzione")<> 1 Then response.Redirect "/backoffice/noentry.asp" end if end if '---------------------------------- 'Prevent your website from cross website attacks --------- refererUrl = Cstr(Request.ServerVariables("HTTP_REFERER")) serverName = Cstr(Request.ServerVariables("SERVER_NAME")) refererName = mid(refererUrl,8,len(serverName)) if refererName <> serverName then response.Redirect "/backoffice/noentry.asp" response.end end if '--------------------------------------------------------- %> <% percorso = " " & DICLanguage(181) lastpage = Request.ServerVariables("HTTP_REFERER") %>

<%=DICLanguage(181)%>

<% if Request("Back") <> "" then response.redirect request("lastpage") end if lingua = split(Session("editlanguage"),",") Set xhtml = Server.CreateObject("ADODB.Recordset") upddescrizioni = "" for j=LBound(lingua) to UBound(lingua) upddescrizioni = upddescrizioni & " validato_" & lingua(j) & "=0 or" next upddescrizioni = left(upddescrizioni,len(upddescrizioni)-3) sql = "select * from " & application("prefix") & "modelli_html where " & upddescrizioni & " order by title_" & Session("language") xhtml.Open sql, conn, 0, 1 If xhtml.EOF and xhtml.BOF Then%>

<%=DICLanguage(338)%><%=DICLanguage(0)%>

" onclick="history.back()" onkeypress="history.back()"><%=DICLanguage(2)%><%=DICLanguage(0)%>

<%else %> <% if Session("supervisor") = true then aggiunta_sql = "" aggiunta_where_sql = "" else aggiunta_sql = " and office_id=" & Session("Office_ID") aggiunta_where_sql = " where office_id=" & Session("Office_ID") end if '=========================================== ' PASSO 1 '=========================================== If Trim(Request("Step")) = "" Then 'PASSO 1 'Visualizza le informazioni correnti ed il primo form per modificare/visualizzare i dettagli %>
<%=DICLanguage(208)%>:

" /> " />

<%=DICLanguage(20)%>

" class="bottone" />

<% '=========================================== ' PASSO 2 '=========================================== ElseIf Request("Step") = "2" Then %>

<%=DICLanguage(210)%>.

<%=DICLanguage(211)%>

<% conta = 0 for j=LBound(lingua) to UBound(lingua) conta = conta + 1 SQL = "SELECT * FROM " & application("prefix") & "configurazione_lingue where codice='" & lingua(j) & "'" SET lng = conn.execute(sql) CODLINGUA = trim(lng("codice")) if lcase(codlingua) = Session("backofficelanguage") then NOMELINGUA = fixstring(lng("lingua"),"d") else NOMELINGUA = "" & fixstring(lng("lingua_int"),"d") & "" end if set lng = nothing %>

<%=nomelingua%>

<% stringavalidazione = "http://validator.w3.org/check?uri=" & Server.URLEncode (Application("WEB_PATH") & "/backoffice/testxhtml.asp?id=" & request("modello") & "&lang=" & lingua(j) & ";outline=1") set xml = Server.CreateObject("Microsoft.XMLHTTP") xml.open "GET", stringavalidazione, false xml.send "" strStatus = xml.Status strRetval = xml.responseText set xml = nothing Set RS = Server.CreateObject("ADODB.Recordset") sql = "select title_" & lingua(j) & " from " & application("prefix") & "modelli_html WHERE Id = " & request("modello") SET RS = conn.execute(sql) if len(rs("title_" & lingua(j))) > 0 then if ucase(lingua(j)) <> ucase(Session("Language")) then titolomodello = "'" & fixstring(rs("title_" & lingua(j)),"d") & "'" else titolomodello = "'" & fixstring(rs("title_" & lingua(j)),"d") & "'" end if else titolomodello = "" end if SET RS = nothing If trim(strRetval) = "" Then response.write "

" & DICLanguage(212) & DICLanguage(0) & "

" Else if instr(strRetval, "This Page Is Valid") then if instr(strRetval, "Missing!") then response.write "
" & vbcrlf response.write "

" & replace(DICLanguage(405),"[MODELLO]",titolomodello) & DICLanguage(0) & "

" & vbcrlf response.write "" & vbcrlf response.write "
" else response.write "

" & replace(DICLanguage(213),"[MODELLO]", titolomodello) & DICLanguage(0) & "

" Set RS = Server.CreateObject("ADODB.Recordset") sql = "update " & application("prefix") & "modelli_html set validato_" & lingua(j) & "=1 WHERE Id = " & request("modello") SET RS = conn.execute(sql) SET RS = nothing end if elseif instr(strRetval, "500 Internal Server Error") then response.write "
" & vbcrlf response.write "

" & replace(DICLanguage(214),"[MODELLO]",titolomodello) & DICLanguage(0) & "

" & vbcrlf response.write "
" else response.write "
" & vbcrlf response.write "

" & replace(DICLanguage(215),"[MODELLO]", titolomodello) & DICLanguage(0) &"
" & DICLanguage(216) & DICLanguage(0) & "

" & vbcrlf response.write "" & vbcrlf response.write "
" end if End if next End If%>

&submnu=<%=request("submnu")%>" onclick="history.back()" onkeypress="history.back()"><%=DICLanguage(2)%><%=DICLanguage(0)%>

<%end if xhtml.close set xhtml = nothing %>