Modificare il file: \iwgallery\users\inc_profile.asp

<% If Request.Cookies("IWGalleryUserName") = "" Then Response.Redirect("../home/") %> <SCRIPT RUNAT=SERVER LANGUAGE=VBSCRIPT> function DoDateTime(str, nNamedFormat, nLCID) dim strRet dim nOldLCID strRet = str If (nLCID > -1) Then oldLCID = Session.LCID End If On Error Resume Next If (nLCID > -1) Then Session.LCID = nLCID End If If ((nLCID < 0) Or (Session.LCID = nLCID)) Then strRet = FormatDateTime(str, nNamedFormat) End If If (nLCID > -1) Then Session.LCID = oldLCID End If DoDateTime = strRet End Function </SCRIPT> <!--#include virtual="/iwgallery/Connections/connIWGallery.asp" --> <% ' *** Edit Operations: declare variables Dim MM_editAction Dim MM_abortEdit Dim MM_editQuery Dim MM_editCmd Dim MM_editConnection Dim MM_editTable Dim MM_editRedirectUrl Dim MM_editColumn Dim MM_recordId Dim MM_fieldsStr Dim MM_columnsStr Dim MM_fields Dim MM_columns Dim MM_typeArray Dim MM_formVal Dim MM_delim Dim MM_altVal Dim MM_emptyVal Dim MM_i MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME")) If (Request.QueryString <> "") Then MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString) End If ' boolean to abort record edit MM_abortEdit = false ' query string to execute MM_editQuery = "" %> <% ' *** Update Record: set variables If (CStr(Request("MM_update")) = "form1" And CStr(Request("MM_recordId")) <> "") Then MM_editConnection = MM_connIWGallery_STRING MM_editTable = "USERS" MM_editColumn = "USE_ID" MM_recordId = "" + Request.Form("MM_recordId") + "" MM_editRedirectUrl = "profile_ok.asp" MM_fieldsStr = "PASSWORD|value|EMAIL|value|PUBLIC|value|FIRST|value|LAST|value" MM_columnsStr = "USE_PASSWORD|',none,''|USE_EMAIL|',none,''|USE_PUBLIC|none,1,0|USE_FIRST|',none,''|USE_LAST|',none,''" ' create the MM_fields and MM_columns arrays MM_fields = Split(MM_fieldsStr, "|") MM_columns = Split(MM_columnsStr, "|") ' set the form values For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i))) Next ' append the query string to the redirect URL If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString Else MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString End If End If End If %> <% ' *** Update Record: construct a sql update statement and execute it If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then ' create the sql update statement MM_editQuery = "update " & MM_editTable & " set " For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2 MM_formVal = MM_fields(MM_i+1) MM_typeArray = Split(MM_columns(MM_i+1),",") MM_delim = MM_typeArray(0) If (MM_delim = "none") Then MM_delim = "" MM_altVal = MM_typeArray(1) If (MM_altVal = "none") Then MM_altVal = "" MM_emptyVal = MM_typeArray(2) If (MM_emptyVal = "none") Then MM_emptyVal = "" If (MM_formVal = "") Then MM_formVal = MM_emptyVal Else If (MM_altVal <> "") Then MM_formVal = MM_altVal ElseIf (MM_delim = "'") Then ' escape quotes MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'" Else MM_formVal = MM_delim + MM_formVal + MM_delim End If End If If (MM_i <> LBound(MM_fields)) Then MM_editQuery = MM_editQuery & "," End If MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal Next MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId If (Not MM_abortEdit) Then ' execute the update Set MM_editCmd = Server.CreateObject("ADODB.Command") MM_editCmd.ActiveConnection = MM_editConnection MM_editCmd.CommandText = MM_editQuery MM_editCmd.Execute MM_editCmd.ActiveConnection.Close If (MM_editRedirectUrl <> "") Then Response.Redirect(MM_editRedirectUrl) End If End If End If %> <% Dim rsProfile__iUser rsProfile__iUser = "0" If (Request.Cookies("IWGalleryUserID") <> "") Then rsProfile__iUser = Request.Cookies("IWGalleryUserID") End If %> <% Dim rsProfile__nUser rsProfile__nUser = "0" If (Request.Cookies("IWGalleryUserName") <> "") Then rsProfile__nUser = Request.Cookies("IWGalleryUserName") End If %> <% Dim rsProfile Dim rsProfile_numRows Set rsProfile = Server.CreateObject("ADODB.Recordset") rsProfile.ActiveConnection = MM_connIWGallery_STRING rsProfile.Source = "SELECT * FROM USERS WHERE USE_ID = " + Replace(rsProfile__iUser, "'", "''") + " AND USE_NAME = '" + Replace(rsProfile__nUser, "'", "''") + "' AND USE_APPROVED = 1 AND USE_ACTIVE = 1" rsProfile.CursorType = 0 rsProfile.CursorLocation = 2 rsProfile.LockType = 1 rsProfile.Open() rsProfile_numRows = 0 %> <script language="JavaScript" type="text/JavaScript"> <!-- function WAAddError(formElement,errorMsg,focusIt,stopIt) { if (document.WAFV_Error) { document.WAFV_Error += "\n" + errorMsg; } else { document.WAFV_Error = errorMsg; } if (!document.WAFV_InvalidArray) { document.WAFV_InvalidArray = new Array(); } document.WAFV_InvalidArray[document.WAFV_InvalidArray.length] = formElement; if (focusIt && !document.WAFV_Focus) { document.WAFV_Focus = focusIt; } if (stopIt == 1) { document.WAFV_Stop = true; } else if (stopIt == 2) { formElement.WAFV_Continue = true; } else if (stopIt == 3) { formElement.WAFV_Stop = true; formElement.WAFV_Continue = false; } } function WAValidateAN(formElement,value,errorMsg,allowUpper,allowLower,allowNumbers,allowSpace,extraChars,focusIt,stopIt,required) { var isValid = true; extraChars = extraChars.replace(/&quot;/g,'"'); if ((!document.WAFV_Stop && !formElement.WAFV_Stop) || formElement.WAFV_Continue) { for (var x=0; x<value.length; x++) { var charGood = false; var nextChar = value.charAt(x); var charCode = value.charCodeAt(x); if (allowLower) { if (charCode >= 97 && charCode <= 122) { charGood = true; } } if (allowUpper) { if (charCode >= 65 && charCode <= 90) { charGood = true; } } if (allowNumbers) { if (charCode >= 48 && charCode <= 57) { charGood = true; } } if (allowSpace) { if (nextChar == " ") { charGood = true; } } if (extraChars) { if (unescape(extraChars).indexOf(nextChar) >= 0) { charGood = true; } } if (!charGood) { isValid = false; x = value.length; } } if (required && value=="") isValid = false; } if (!isValid) { WAAddError(formElement,errorMsg,focusIt,stopIt); } } function WAValidateLE(formElement,value1,value2,errorMsg,focusIt,stopIt,required) { var isValid = true; if (!document.WAFV_Stop && !formElement.WAFV_Stop) { if (value1=="" && required) isValid = false; if (value1 != value2 || (required && value1=="")) isValid = false; } if (!isValid) { if (focusIt) focusIt.value = ""; WAAddError(formElement,errorMsg,focusIt,stopIt); } } function WAValidateEM(formElement,value,errorMsg,focusIt,stopIt,required) { var isValid = true; if ((!document.WAFV_Stop && !formElement.WAFV_Stop) && !(!required && value=="")) { var knownDomsPat = /^(com|net|org|edu|int|mil|gov|arpa|biz|aero|name|coop|info|pro|museum)$/; var emailPat = /^(.+)@(.+)$/; var accepted = "\[^\\s\\(\\)><@,;:\\\\\\\"\\.\\[\\]\]+"; var quotedUser = "(\"[^\"]*\")"; var ipDomainPat = /^\[(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\]$/; var section = "(" + accepted + "|" + quotedUser + ")"; var userPat = new RegExp("^" + section + "(\\." + section + ")*$"); var domainPat = new RegExp("^" + accepted + "(\\." + accepted +")*$"); var theMatch = value.match(emailPat); var acceptedPat = new RegExp("^" + accepted + "$"); var userName = ""; var domainName = ""; if (theMatch==null) { isValid = false; } else { userName = theMatch[1]; domainName = theMatch[2]; var domArr = domainName.split("."); var IPArray = domainName.match(ipDomainPat); for (x=0; x < userName.length; x++) { if (userName.charCodeAt(x) > 127) { isValid = false; } } for (x=0; x < domainName.length; x++) { if (domainName.charCodeAt(x) > 127) { isValid = false; } } if (userName.match(userPat) == null) { isValid = false; } if (IPArray != null) { for (var x=1; x<=4; x++) { if (IPArray[x] > 255) { isValid = false; } } } for (x=0; x < domArr.length; x++) { if (domArr[x].search(acceptedPat) == -1 || domArr[x].length < 2) { isValid = false; } } if (domArr[domArr.length-1].length !=2 && domArr[domArr.length-1].search(knownDomsPat) == -1) { isValid = false; } if (domArr.length < 2) { isValid = false; } } } if (!isValid) { WAAddError(formElement,errorMsg,focusIt,stopIt); } } function WAAlertErrors(errorHead,errorFoot,setFocus,submitForm) { if (!document.WAFV_StopAlert) { document.WAFV_StopAlert = true; if (document.WAFV_InvalidArray) { document.WAFV_Stop = true; var errorMsg = document.WAFV_Error; if (errorHead!="") errorMsg = errorHead + "\n" + errorMsg; if (errorFoot!="") errorMsg += "\n" + errorFoot; document.MM_returnValue = false; if (document.WAFV_Error!="") alert(errorMsg.replace(/&quot;/g,'"')); else if (submitForm) submitForm.submit(); if (setFocus && document.WAFV_Focus) { document.tempFocus = document.WAFV_Focus; setTimeout("document.tempFocus.focus();setTimeout('document.WAFV_Stop = false;document.WAFV_StopAlert = false;',1)",1); } else { document.WAFV_Stop = false; document.WAFV_StopAlert = false; } for (var x=0; x<document.WAFV_InvalidArray.length; x++) { document.WAFV_InvalidArray[x].WAFV_Stop = false; } } else { document.WAFV_Stop = false; document.WAFV_StopAlert = false; if (submitForm) { submitForm.submit(); } document.MM_returnValue = true; } document.WAFV_Focus = false; document.WAFV_Error = false; document.WAFV_InvalidArray = false; } } //--> </script> <script language="JavaScript" type="text/JavaScript"> <!-- function WAtrimIt(theString,leaveLeft,leaveRight) { if (!leaveLeft) { while (theString.charAt(0) == " ") theString = theString.substring(1); } if (!leaveRight) { while (theString.charAt(theString.length-1) == " ") theString = theString.substring(0,theString.length-1); } return theString; } function WAValidateEL(formElement,value,errorMsg,minLength,maxLength,reformat,focusIt,stopIt,required) { var isValid = true; if ((!document.WAFV_Stop && !formElement.WAFV_Stop) && !(!required && value=="")) { if (reformat) { if (reformat == "left") { value = WAtrimIt(value,false,true); } if (reformat == "right") { value = WAtrimIt(value,true); } if (reformat == "both") { value = WAtrimIt(value); } } if ((value.length < minLength) || (value.length > maxLength && maxLength > 0)) { isValid = false; } } if (!isValid) { WAAddError(formElement,errorMsg,focusIt,stopIt); } else if (reformat) { formElement.value = value; } } //--> </script> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="box"> <tr> <td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="1" align="left" class="box-header"><img src="../themes/<%= strTheme %>/box-header-left.jpg"></td> <td width="100%" class="box-header">Profilo</td> <td width="1" align="right" class="box-header"><img src="../themes/<%= strTheme %>/box-header-right.jpg"></td> </tr> </table></td> </tr> <tr> <td align="left" valign="top" class="box-main"> <form action="<%=MM_editAction%>" method="POST" name="form1" onSubmit="WAValidateAN(document.form1.PASSWORD,document.form1.PASSWORD.value,'* Il campo Password &egrave; obbligatorio e deve contenere solo caratteri alfanumerici, senza spazi',true,true,true,false,'.',document.form1.PASSWORD,0,true);WAValidateEL(document.form1.PASSWORD,document.form1.PASSWORD.value,'* Il campo Password deve contenere almeno 6 caratteri',6,0,'both',document.form1.PASSWORD,0,true);WAValidateLE(document.form1.PASSWORD,document.form1.CONFIRM.value,document.form1.PASSWORD.value,'* Il campo Conferma Password non coincide con il campo Password',document.form1.PASSWORD,0,true);WAValidateEM(document.form1.EMAIL,document.form1.EMAIL.value,'* Il campo E-mail &egrave; obbligatorio e deve contenere un indirizzo valido',document.form1.EMAIL,0,true);WAAlertErrors('','',true,false);return document.MM_returnValue"> <table border="0" align="center" cellpadding="0" cellspacing="1" class="content"> <tr valign="baseline"> <td nowrap align="right">&nbsp;</td> <td>&nbsp;</td> </tr> <tr valign="baseline"> <td nowrap align="right">Login:</td> <td><strong><%=(rsProfile.Fields.Item("USE_NAME").Value)%></strong></td> </tr> <tr valign="baseline"> <td nowrap align="right">*Password:</td> <td><input name="PASSWORD" type="password" id="PASSWORD" value="<%=(rsProfile.Fields.Item("USE_PASSWORD").Value)%>" size="32"> min. 6 chars </td> </tr> <tr valign="baseline"> <td nowrap align="right">*Conferma Password: </td> <td><input name="CONFIRM" type="password" id="CONFIRM" value="<%=(rsProfile.Fields.Item("USE_PASSWORD").Value)%>" size="32"></td> </tr> <tr valign="baseline"> <td nowrap align="right">*E-mail:</td> <td><input name="EMAIL" type="text" id="EMAIL" value="<%=(rsProfile.Fields.Item("USE_EMAIL").Value)%>" size="32"> </td> </tr> <tr valign="baseline"> <td nowrap align="right"><input <%If (CStr((rsProfile.Fields.Item("USE_PUBLIC").Value)) = CStr("1")) Then Response.Write("checked") : Response.Write("")%> name="PUBLIC" type="checkbox" id="PUBLIC" value="1"></td> <td>E-mail visibile agli altri Utenti? </td> </tr> <tr valign="baseline"> <td nowrap align="right">Nome:</td> <td><input name="FIRST" type="text" id="FIRST" value="<%=(rsProfile.Fields.Item("USE_FIRST").Value)%>" size="32"> </td> </tr> <tr valign="baseline"> <td nowrap align="right">Cognome:</td> <td><input name="LAST" type="text" id="LAST" value="<%=(rsProfile.Fields.Item("USE_LAST").Value)%>" size="32"> </td> </tr> <tr valign="baseline"> <td nowrap align="right">Data di Iscrizione:</td> <td><strong><%= DoDateTime((rsProfile.Fields.Item("USE_DATED").Value), 2, 2057) %> </strong></td> </tr> <tr valign="baseline"> <td nowrap align="right">Accessi:</td> <td><strong><%=(rsProfile.Fields.Item("USE_HITS").Value)%></strong></td> </tr> <tr valign="baseline"> <td nowrap align="right">&nbsp;</td> <td><input name="Submit" type="submit" class="button" id="Submit" value="Salva modifiche"> </td> </tr> </table> <input type="hidden" name="MM_update" value="form1"> <input type="hidden" name="MM_recordId" value="<%= rsProfile.Fields.Item("USE_ID").Value %>"> </form> </td> </tr> <tr> <td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="1" align="left" class="box-bottom"><img src="../themes/<%= strTheme %>/box-bottom-left.jpg"></td> <td width="100%" class="box-bottom"><img src="../images/shim.gif" width="1" height="1"></td> <td width="1" align="right" class="box-bottom"><img src="../themes/<%= strTheme %>/box-bottom-right.jpg"></td> </tr> </table></td> </tr> </table> <% rsProfile.Close() Set rsProfile = Nothing %>

[Íàçàä]