RaysWebClass.Com: Lesson 23 ASP If Command

RaysWebClass.Com

Lesson 23: ASP If Command

ASP's If Command will allow you to do different things depending on the value of a variable.

Simple If Command:
<%
If X = 9 Then
Response.Write "Hello"
End If
%>

More complex If Command:
<%
If Hour(Date) < 12 Then
Response.Write "Good Morning! "
Else
Response.Write "Good Evening! "
End If
%>

Nested If Command:
<%
For X = 1 to 100
If X < 51 Then
Response.Write "Good Morning! "
Else
Response.Write "Good Night! "
End If
Next
%>

Good Morning! is written 50 times to the browser and then Good Night! 50 time. The first line sets up the "loop" that will run 100 times. The second line asks if the value of X is less than 51. The answer is either true or false. If the answer is true control proceeds to the next line and continues executing lines of code until it comes across Else (in this example there is only one line Response.Write "Good Morning!" but you can have many!), it will then stop and jump to the line below End If the line Next (the If Command is over.) If the answer is false, control will jump to the Else line and begin executing lines of code below it all the way down to the End If (again, the If Command is over.)

X's value the first time around is, of course, 1. 1 is less then 51, so the If Command is true. The browser will proceed to the next line: Response.Write "Good Morning!" which will write (for the first time) Good Morning! to the browser. Next will send control back up to the For X = 1 to 100 where X will be set to 2. 2 is also less the 51 so control pass to Response.Write "Good Morning!" again. This will continue until X is assigned 51, by this time Good Morning! has been written to the browser 50 times. 51 is not less then 51 (51 is equal to 51.) now the If Command is false so control will move to the code below Else. Good Night! will be written to the browser for the first time and continue until X reaches 100. Good Night! will also be written to the browser 50 times.

Web Page Design: Exercise 23

Copy and Attach The Database

Open the ASPClass folder
Click here to download the Data.zip
Click Save as
Save it in the ASPClass folder (Remember the folder is at: c:\inetpub\wwwroot\ASPClass)
Right click and choose Extract All...
Remove Data from the end of the URL and click Extract
You may now delete the Data.zip file
Open the data folder
Turn off Database.mdb Read only:

Right Click Databaes.mdb -> Choose Properties -> Click Security
Click the Edit Button
Choose Users... in the top window and Check Allow for Full Control
Choose IIS IUSERS... and Check Allow for Full Control
Click Apply and then OK

Now Double click database.mdb let's look at the tables
Add your own Login userID and Password to the tblLogin table
In tblSettings Change the CSName to your name, the CSeMail to your e-mail,
and the eMailServer to your Email Server`s Name (keep the server name the same if you`re taking
this class here on campus, but remember this server name will only work there on campus)
Save and Close the database
Create a new file in the data folder named setup.asp
Copy this code into the setup.asp file:
<%
' * * * * * * * * * * *
' * Path and FileName *
' * * * * * * * * * * *
Dim Path, A, FileName
Path = Request.ServerVariables("PATH_TRANSLATED")
A = Split(Path, "\")
FileName = A(UBound(A))
Path = left(Path,Len(Path)-Len(FileName))

' * * * * * * * * * * *
' * Open the Database *
' * * * * * * * * * * *
Dim CN
Set CN = Server.CreateObject("ADODB.Connection")
CN.connectionstring = "Provider=Microsoft.Jet.OLEDB.4.0;" & _
"Data Source=" & Path & "data\database.mdb" & ";" & _
"Persist Security Info=False;"
CN.Open

' * * * * * * * * * * * *
' * Open the Recordset *
' * * * * * * * * * * * *
Dim RS, R2, SQL
Set RS = Server.CreateObject("ADODB.Recordset")
Set RS.ActiveConnection = CN
RS.CursorType = adOpenStatic
RS.LockType = adLockOptimistic

Set R2 = Server.CreateObject("ADODB.Recordset")
Set R2.ActiveConnection = CN
R2.CursorType = adOpenStatic
R2.LockType = adLockOptimistic

Dim X, Y, Z
Dim Cookie, Item, QTY, Total, GTotal

SQL = "Select * From [tblSettings] "
RS.Open SQL

   ' * * * * * *
   ' * Colours *
   ' * * * * * *
   Dim Color1, Color2, Color3
   Color1 = RS("Color1")   ' Dark Zebra Color
   Color2 = RS("Color2")   ' Light Zebra Color
   Color3 = RS("Color3")   ' Header Background Color

   ' * * * * * * * * * * *
   ' * Email Server Info *
   ' * * * * * * * * * * *
   Dim CSName, CSeMail, eMailServer
   CSName = RS("CSName")          ' Customer Rep. Name
   CSeMail = RS("CSeMail")         ' Customer Rep. Email
   eMailServer = RS("eMailServer") ' Email Server name

   ' * * * * * * * * * *
   ' * Shipping & Tax *
   ' * * * * * * * * * *
   Dim Shipping, Tax
   Shipping = RS("Shipping") ' Shipping Cost
   Tax = (RS("Tax")/100)    ' State & Local Tax

RS.Close

%>
Save and Close the file
Add these four lines to the top (above DOCTYPE) of all the ASP pages in the ASPClass folder:
<%@Language=VBScript%>
<%Option Explicit%>

Create Search and Login Pages

Copy and paste this image to the images folder.
NOTE: You may need to rename the image file from Search[1].gif to Search.gif

Open the ASPClass folder
Right click template.asp choose Copy
Right click in the folder and choose Paste
Rename the file Search.asp
Right click again and choose Paste
Rename the file Login.asp
Now go to the includes folder
Open header.asp
Replace the content with this code:
<table border='0' cellspacing='0' cellpadding='0' width='95%'>
<tr>
<td>
     Global Company  
   <img src='images/Globe.gif' align='middle'>
</td>
<td align='Right' style='font: 10pt Verdana, Arial, sans-serif;'>
   <form method='post' action='Search.asp'>
   Search: <input type='text' name='SearchTxt'>
</td>
<td>
   <input type='image' src='images/search.gif' onClick='Submit'>
   </form>
</td>
</tr>
</table>

This code adds a Search box to the header on every page.
Open search.asp
Add Search to the title and paste this code into the Main Body below the div / title:
<%
searchTxt = Request("SearchTxt")
If len(searchTxt) = 0 Then
   Response.Redirect("default.asp")
End If

' * * * * * * * *
' * Login Link *
' * * * * * * * *
If LCase(searchTxt) = "login" Then
   Response.Redirect("Login.asp")
End If

' * * * * * * * * * * * * *
' * * * * * * * * * * * * *
' * * LOOKING FOR HACKS * *
' * * * * * * * * * * * * *
' * * * * * * * * * * * * *
Dim searchTxt
searchTxt = Request("searchTxt")
searchTxt = replace(searchTxt,"'","`")
searchTxt = replace(searchTxt,";",",")
searchTxt = replace(searchTxt,"--"," ")
searchTxt = replace(searchTxt,"/*","")
searchTxt = replace(searchTxt,"*/","")
searchTxt = replace(searchTxt,"xp_","")

' * * * * * * * * * * *
' * Find Search Text *
' * * * * * * * * * * *
SQL = "Select * From [tblSearch] "
SQL = SQL & "Where [Key] Like '%" & searchTxt & "%' "
RS.Open SQL
Response.Write "<i style='color:" & Color3 & "'>"
Response.Write Request("SearchTXT") & "</i> "
If RS.EOF Then
   Response.Write "was not found."
Else
   Response.Write "was found:<br>"
   Response.Write "<ul>"
   Do Until RS.EOF
      Response.Write " <li><a href='" & RS("URL") & "'>"
      Response.Write RS("Description") & "</a></li>"
      RS.MoveNext
   Loop
   Response.Write "</ul>"
End If
RS.Close
%>

If you type in Login this code will redirect you to Login.asp page.
Otherwise this routine will look through the table tblSearch to find a match and then list it.
And paste this code in the Login.asp file:
<%
' * * * * * *
' * Log Out *
' * * * * * *
If Request("Log") = "Out" Then
   Response.Cookies("LogIn") = ""
   Response.Cookies("LogID") = ""
   Response.Cookies("LogXS") = ""
   Response.Redirect("Login.asp")
End If
If Request("LogIn") = "zYes" Then
   Response.Write "<input type='button' value=' Logout ' "
   Response.Write "onClick='location.href=""Login.asp?Log=Out""'>"
   Response.End
End If

' * * * * * * * * * * *
' * Check Login ID/PW *
' * * * * * * * * * * *
If Len(Request("userID")) > 0 And Len(Request("userPW")) > 0 Then
   SQL = "Select * From [tblLogin] "
   SQL = SQL & "Where [userID] = '" & Request("userID") & "' "
   SQL = SQL & "And [userPW] = '" & Request("userPW") & "' "
   RS.Open SQL
   If RS.EOF Then
      Response.Write "Login failed."
      Response.Write "<br><br>"
      Response.Write "<input type='button' value=' Try Again ' "
      Response.Write " onClick='location.href=""Login.asp""'>"
   Else
      Response.Cookies("LogIn") = "zYes"
      Response.Cookies("LogID") = RS("userID")
      Response.Cookies("LogXS") = RS("userAccess")
      Response.Write "Welcome " & Request("userID") & ".<br>"
      Response.Write "You are Logged In."
      Response.Write "<br><br>"

      ' * * * * * * * * * * * * * * * *
      ' * Used by ViewOrder.asp Only *
      ' * * * * * * * * * * * * * * * *
      If Len(Request("OID")) > 0 Then
         Response.Redirect("ViewOrders.asp?OID=" & Request("OID"))
      End If

      Response.Write "<input type='button' value=' Logout ' "
      Response.Write "onClick='location.href=""Login.asp?Log=Out""'>"
   End If
   RS.Close
Else
%>

<form method='post' action='Login.asp'>
<input type='hidden' name='OID' value='<%=Request("OID")%>'>
<table border='1' cellspacing='0' cellpadding='5' bgcolor='<%=Color2%>'>
<tr>
<td align='right'> User ID </td>
<td> <input type='text' name='userID'> </td>
</tr>
<tr>
<td align='right'> User PW </td>
<td> <input type='password' name='userPW'> </td>
</tr>
<tr bgcolor='<%=Color1%>'>
<td align='right'> </td>
<td> <input type='submit' value='Login'> </td>
</tr>
</table>
</form>

<%
End If
%>

This code allows users to Login and Logout. It saves a Login, XS, and ID Cookie.