userManager.asp - This ASP code generates a web page for ed…

/beta/admin/userManager.asp

http://github.com/khaneh/Orders · ASP · 695 lines · 611 code · 51 blank · 33 comment · 44 complexity · 7384ea46a277079a0e685aa23f0eb5cc MD5 · raw file

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><%
' Admin
PageTitle="������ �������"
SubmenuItem=1
%>
<!--#include file="top.asp" -->
<%
NumberOfCategories = 14
dim pagesPermissions(20,25)
dim pages(20,25)
'-------------------------------------
 pages ( 0 , 0 ) = "���� ���"         
	pages ( 0 , 1 ) = "������ ����"   
	pages ( 0 , 2 ) = "����� ����"    
	pages ( 0 , 3 ) = "���� ���� ����"     
	pages ( 0 , 4 ) = "������� �����" 
	pages ( 0 , 5 ) = "������� ����"  
	pages ( 0 , 6 ) = "������ ���� ����"     
	pages ( 0 , 7 ) = "����� ���� �� ���"     
	pages ( 0 , 8 ) = "��������"
	pages (0,9)		= "������ ������"
'-------------------------------------
 pages ( 1 , 0 ) = "����� �����"
	pages ( 1 , 1 ) = "����� �������"
	pages ( 1 , 2 ) = "����"
	pages ( 1 , 3 ) = "�����"
	pages ( 1 , 4 ) = "����� ����� � ��� ������"
	pages ( 1 , 5 ) = "����� ����� ����"
	pages (1, 6)	= "����ԝ��"
	pages (1, 7)	= "����� ����� ����"
	pages (1, 8)	= "������ �������"
	pages (1, 9)	= "������ ����"
	pages (1, 10)	= "����� ���� �� ����"
'-------------------------------------
 pages ( 2 , 0 ) = "�������"
	pages ( 2 , 1 ) = "����� �� �����"
	pages ( 2 , 2 ) = "����� �����"
	pages ( 2 , 3 ) = "����� �����"
	pages ( 2 , 4 ) = "����� ���� ����� � ��������"
	pages ( 2 , 5 ) = "������  �������"
	pages ( 2 , 6 ) = "����� ���"
	pages ( 2 , 7 ) = "����� ������"
	pages ( 2 , 8 ) = "����� ������ - ������ ����� �����"
	pages ( 2 , 9 ) = "�������"
	pages ( 2 , 10 ) = "�����"						'A
	pages ( 2 , 11 ) = "�ǁ"						'B
	pages ( 2 , 12 ) = "���� �����"					'C
	pages ( 2 , 13 ) = "����� ��� �� �����"			'D
	pages ( 2 , 14 ) = "�ǁ ����� �����"				'E
	pages ( 2 , 15 ) = "����� �� ���"				'F
	pages ( 2 , 16 ) = "����� ���� �������"			'G
	pages ( 2 , 17 ) = "����� ������ ����� �����"			'H
'-------------------------------------
 pages ( 3 , 0 ) = "�����"
	pages ( 3 , 1 ) = "���� ����� �����"
	pages ( 3 , 2 ) = "������ ���� �����"
	pages ( 3 , 3 ) = "����� �����"
	pages ( 3 , 4 ) = "������  �������"
	pages ( 3 , 5 ) = "����� ������� ���� �� ����� ���� ������ �� ������ �� ���� ���� ��� ���"
	pages ( 3 , 6 ) = "���� �����"
	pages (3,7)		= "������"
	pages (3,9)		= "������ ������"
	pages (3,10)	= "����� ������"					'A
	pages (3,8)		= "������ ����"
	pages (3,11)	= "����� ���� ����"				'B
'-------------------------------------
 pages ( 4 , 0 ) = "����"
	pages ( 4 , 1 ) = "������� ���� ����� �����"
	pages ( 4 , 2 ) = "������� ���� �������� �� � �����"
	pages ( 4 , 3 ) = "����� ����"
	pages ( 4 , 4 ) = "����� ����"
	pages ( 4 , 5 ) = "�����"
	pages ( 4 , 6 ) = "����� ����� ������"
	pages (4,7)		= "����� ���� ����� ��� �� ����� ����"
	pages (4,8)		= "����� �������"
'-------------------------------------
 pages ( 5 , 0 ) = "�����"
	pages ( 5 , 1 ) = "���� ����� ����� ��� ����� �� ����� �� � �������"
	pages ( 5 , 2 ) = "���� ����"
	pages ( 5 , 3 ) = "���� ����"
	pages ( 5 , 4 ) = "����� ����� ����"
	pages ( 5 , 5 ) = "�����"
	pages ( 5 , 6 ) = "����� ����"
	pages ( 5 , 7 ) = "����� ���� �� ������ "
	pages ( 5 , 8 ) = "����� ������"
	pages ( 5 , 9 ) = "���� ����� ����� ����� �� ����� ��"
	pages ( 5 , 10 ) = "��� ������� ����"					'A
	pages ( 5 , 11 ) = "������ ������"					'B
	pages ( 5 , 12 ) = "��� ����/���� �� ����� ������"			'C
	pages ( 5 , 13 ) = "��� ���� ���� �� �� ���� �����"			'D
	pages (5,14) = "��� ���� ����� ������ �����"				'E
	pages (5,15) = "��� ���� �� �����"						'F
	pages (5,16) = "��� ����� ������"						'G
	pages (5,17) = "���� �� ���� ����ѝ��"						'H
	pages (5,18) = "���� �� ������" 						'I
	pages (5,19) = "���� ����� �����" 						'J
	pages (5,20) = "������� ���� �� ���� �����" 				'K
'-------------------------------------
 pages ( 6 , 0 ) = "�������� ����"
	pages ( 6 , 1 ) = "���� ������ "
	pages ( 6 , 2 ) = "������� ������/��������"
	pages ( 6 , 3 ) = "����� ������"
	pages ( 6 , 4 ) = "���� ������ �ѐ��"
	pages ( 6 , 5 ) = "����� ������ �ѐ��"
	pages ( 6 , 6 ) = "����� ����"
	pages ( 6 , 7 ) = "�����"
	pages ( 6 , 8 ) = "����� ���� ����"
	pages ( 6 , 9 ) = "����� ���� ���"
	pages ( 6 , 10 ) = "������� ���� ������ ��� �� ����"			'A
	pages ( 6 , 11 ) = "unused"						'B
	pages ( 6 , 12 ) = "����� ������"						'C
	pages ( 6 , 13 ) = "���� ������"						'D
	pages ( 6 , 14 ) = "�ǁ ������� ������"					'E
	pages ( 6 , 15 ) = "���� ������ �� ����"				'F
	pages ( 6 , 16 ) = "���� ������ �� �����"				'G
	pages ( 6 , 17 ) = "����� ������� ����"					'H
	pages ( 6 , 18 ) = "���� ������ �� ����� ������"			'I
	pages ( 6 , 19 ) = "�ǁ ����� ����"					'J
	pages ( 6 , 20 ) = "���� (������ / �ѐ�� ) ���� �����"		'K
	pages ( 6 , 21 ) = "߁� ��� ����"					'L
	pages ( 6 , 22 ) = "������� ���/� ��� �� ����"			'M
	pages (6, 23)	 = "������� ���/� ��� �� ����"			'N
	pages (6,24)	 = "�ǁ ������"						'O

'-------------------------------------
 pages ( 7 , 0 ) = "�������� ����"
	pages ( 7 , 1 ) = "���� ������ ����"
	pages ( 7 , 2 ) = "����� ������ ����"
	pages ( 7 , 3 ) = "�����"
	pages ( 7 , 4 ) = "������� ������/��������"
	pages ( 7 , 5 ) = "����� ����"
	pages ( 7 , 6 ) = "�����"
	pages ( 7 , 7 ) = "����� ����"
	pages ( 7 , 8 ) = "����� ������� ����"
	pages ( 7 , 9 ) = "����� ������ ����"
	pages ( 7 , 10 ) = "�ǁ ����� ����"						'A
	pages ( 7 , 11 ) = "������ ����"							'B
'-------------------------------------
 pages ( 8 , 0 ) = "�������� "
	pages ( 8 , 1 ) = "����  ���"
	pages ( 8 , 2 ) = "���� ��� ��� ��� ���"
	pages ( 8 , 3 ) = "[����] ����� �����"
	pages ( 8 , 4 ) = "���� ��"
	pages ( 8 , 5 ) = "���� ��� ��� ���� ���"
	pages ( 8 , 6 ) = "���� ��� ��� ����� ��� � ����� ����� ����"
	pages ( 8 , 7 ) = "���� ��� ��� ��� ����"
	pages ( 8 , 8 ) = "����� �� ����� ����� ��� ��� ��� ����"
	pages ( 8 , 9 ) = "���� ��� ������� ��"
	pages ( 8 , 10 ) = "����� ����"							'A
	pages ( 8 , 11 ) = "����� ������"						'B
	pages ( 8 , 12 ) = "������ ��� �����"					'C
	pages ( 8 , 13 ) = "����� ���� �� ��� ��� �����"		'D
	pages ( 8 , 14 ) = "���� ���� ����� ��"					'E
	pages ( 8 , 15 ) = "��� ���� (���� � ������) "			'F
	pages ( 8 , 16 ) = "����� ������ ���������"			'G
	pages ( 8 , 17 ) = "���� ������� ����� �� ������ ����� ���"	'H
'-------------------------------------
 pages ( 9 , 0 ) = "�����"
	pages ( 9 , 1 ) = "������"
	pages ( 9 , 2 ) = "������ ���"
	pages ( 9 , 3 ) = "����� �����"
	pages ( 9 , 4 ) = "����"
	pages ( 9 , 5 ) = "�����"
	pages ( 9 , 6 ) = "����� �с��� �����"
	pages ( 9 , 9 ) = "����� �с��� ����� (���)"
	pages ( 9 , 7 ) = "����� �� ��� � ��� ������/������"
	pages ( 9 , 8 ) = "�ǁ ��� ������"
'-------------------------------------
 pages ( 10 , 0 ) = "����"									'A
	pages ( 10 , 1 ) = "���� ��"
	pages ( 10 , 2 ) = "����� �� �������"
	pages ( 10 , 3 ) = "����� �� �������"
	pages ( 10 , 4 ) = "��� �����"
	pages ( 10 , 5 ) = "������ ������"
	pages ( 10 , 6 ) = "������ �� ����"
	pages ( 10 , 7 ) = "���� �� ����"
	pages ( 10 , 8 ) = "���� ��"
	pages ( 10 , 9 ) = "������"
'-------------------------------------
 pages ( 11 , 0 ) = "�������� ����"							'B
	pages ( 11 , 1 ) = "����� ����"
	pages ( 11 , 2 ) = "���� ������� ��"
	pages ( 11 , 3 ) = "������"
	pages ( 11 , 4 ) = "�����"
	pages ( 11 , 5 ) = "����� ����"
	pages ( 11 , 6 ) = "����� ������� ����"
	pages ( 11 , 7 ) = "�ǁ ����� ����"						
	pages ( 11 , 8 ) = "����"						

'-------------------------------------
 pages ( 12 , 0 ) = "���� ����� ��� ��� �������� ����"		'C
	pages ( 12 , 1 ) = "����� ���� ������"
	pages ( 12 , 2 ) = "����� ���� ������ �� ����� ������"
	pages ( 12 , 3 ) = "����� ���� ��� ���� "
	pages ( 12 , 4 ) = "����� ������ ��� ���"
	pages ( 12 , 5 ) = "����� ���� ��� ���"
	pages ( 12 , 6 ) = "����� ���� ��� ���� ����� �������"
	pages ( 12 , 7 ) = "����� ���� ���� ���"
	pages ( 12 , 8 ) = "����� ���� ���� �����"
	pages ( 12 , 9 ) = "����� �������� �� ������ ���� ��� ����"
	pages (12,10) = "����� �ѐ�� �� ����"			'A
	pages ( 12 , 11 ) = "����� ���� ��� ���� �����"	'B
'-------------------------------------
 pages ( 13 , 0 ) = "��� ���"								'D
	pages ( 13 , 1 ) = "����� ��� ���"
	pages ( 13 , 2 ) = "������ ��� ����� ����"
	pages ( 13 , 3 ) = "������ ��� ����� ��� (���� ����)"
	pages ( 13 , 4 ) = "������ ��� ���� ��� (����� ����)"
	pages ( 13 , 5 ) = "���� ��� ����� ���"
	pages ( 13 , 6 ) = "�� ��� �ѐ���"
	pages ( 13 , 7 ) = "����� ��� ����� ����"

'-------------------------------------
 pages ( 14 , 0 ) = "������"								'E
	pages ( 14 , 1 ) = "Reserved - ���� �� ���� admin"
	pages ( 14 , 2 ) = "Reserved - ����� ���� �������"
	pages ( 14 , 3 ) = "Reserved"
	pages ( 14 , 4 ) = "Reserved"
	pages ( 14 , 5 ) = "���� ��� ��� ���� �������"
	pages ( 14 , 6 ) = "���� ����ԝ��� �����"


function Auth(menuID, subMenuID, permission)
	pr = permission

	st = inStr(pr,"#"&menuID)
	
	if subMenuID >= "A" then 
		subMenuID_int = cint(asc(subMenuID)-55)
	else
		subMenuID_int = cint(subMenuID)
	end if

	Auth = false
	if st > 0 then
		en = inStr(st+1, pr, "#")
		sm = inStr(st+2, pr, subMenuID)
		if subMenuID_int = 0 or ((sm <> 0) and (en > sm or en = 0 )) then
			Auth = true
		end if		
	end if
end function


%>
<style>
	.TABLE1 {font-family: tahoma; font-size: 8pt; Background-Color:navy; border:2 solid navy; cursor:pointer;}
	.TD_Rowspan {Background-Color:navy;}
	.textbox1 {border:none; width:100px; font-family: tahoma; font-size: 8pt; Background-Color:transparent; cursor:pointer;} 
	.TABLE1 TR {Background-Color:white; height:20px; }
	.TD10 {Background-Color:#CCCCCC;height:10px;}
	.TD00 {Background-Color:#BBBBFF;height:10px;}
	.TD11 {Background-Color:#FFFFFF;height:10px;}
	.TD01 {Background-Color:#DDDDFF;height:10px;}
</style>
<SCRIPT LANGUAGE="JavaScript">
<!--
function showUser(user){
	window.location="?act=edit&userID="+user;
}
//-->
</SCRIPT>
<%

'-----------------------------------------------------------------------------------------------------
'------------------------------------------------------------------------------------------ Users List
'-----------------------------------------------------------------------------------------------------
if request("act")="" then
	set RSc=Conn.Execute ("SELECT count(*) as c FROM Users WHERE ID<>0")
%>
	<BR>

	<TABLE class="table1" border=0 cellspacing=1 cellpadding=1 align=right>
	<TR>
		<TD rowspan="3" height=100>�����</TD>
	</tr>
	<TR>
		<%
		for i=0 to NumberOfCategories
			j=0
			if not pagesPermissions(i,j)="ok" then 
				disableChecks="disabled"
				rowBGColor="#F0F0F0"
				groupChecked=""
			else
				disableChecks=""
				rowBGColor="#33AACC"
				groupChecked="checked"
			end if

			Do While pages(i,j+1)<>"" 
				j=j+1
			Loop

			%>
			<td colspan=<%=j%> align=center ><%=pages(i,0)%></td>
 			<td rowspan=<%=RSc("c")+3%> class="TD_Rowspan" ></td>
<%
		next
%>
	</tr>
	<TR>
<%
		for i=0 to NumberOfCategories
			j=0
			while pages(i,j+1)<>"" 
				j=j+1

				if j <10 then
					jj = j
				else
					jj = chr(55+j)
				end if
				
				%>
				<td title="<%=pages(i,j)%>"><%response.write jj'pages(i,j)%></td>
				<%
			wend
		next

%>
	</TR>
<% 
	set RSV=Conn.Execute ("SELECT * FROM Users WHERE ID<>0 ORDER BY RealName") 
	tmpRowCounter=0
	Do while not RSV.eof
		Permission = RSV("Permission")
		RealName = RSV("RealName")
		tmpRowCounter = tmpRowCounter + 1

%>
		<TR height='10px' onclick="showUser(<%=RSV("ID")%>);">
			<TD height='10px' class="TD<%=tmpRowCounter Mod 2%>1"><INPUT TYPE="text" class="textbox1" Value="<%=RealName%>"><br></TD>
<%
			tmpColCounter=0
			for i=0 to NumberOfCategories
				j=0
				while pages(i,j+1)<>"" 
					tmpColCounter = tmpColCounter + 1
					j=j+1

					if i <10 then
						ii = i
					else
						ii = chr(55+i)
					end if

					if j <10 then
						jj = j
					else
						jj = chr(55+j)
					end if
					
					%>
					<td height='10px' class="TD<%=tmpRowCounter Mod 2%><%=tmpColCounter Mod 2%>" title="<%=RealName & ": " & vbCrLf & pages(i,j) %>"><%if Auth (ii,jj,Permission) then %><B>x</B><%else%>&nbsp;<%end if%></td>
					<%
				wend
			next

%>

		</TR>
<%
		RSV.moveNext

	Loop
	RSV.close
%>
		<TR height='10px' onclick="showUser('');">
			<TD height='10px' class="TD<%=(tmpRowCounter+1) Mod 2%>1"><INPUT TYPE="text" class="textbox1" Value="*����*"><br></TD>
			
			
			
		</TR>
<%
'-----------------------------------------------------------------------------------------------------
'------------------------------------------------------------------------------------ Show Permissions
'-----------------------------------------------------------------------------------------------------
elseif request("act")="edit" then
%>
	<BR><BR>
<%
	userID = request("userID")
	if userID="" then 
		Password	= ""
%>
		<center>
		<H3>����� ����</H3>
		</center>
<%
	else
		userID = cint(request("userID"))
		set RSM = conn.Execute ("SELECT * from Users where ID="& userID & "")

		UserName	= RSM("UserName")
		Password	= "$aMe@sB4" 'Same as Before  instead of : RSM("Password") 
		if left(RSM("Password"),1)="'" then
			DisabledChecked="checked"
		else
			DisabledChecked=""
		end if 
		RealName	= RSM("RealName") 
		Account		= RSM("Account") 
		Permission	= RSM("Permission")
		Display		= RSM("Display")
		'costCenterString= RSM("costCenter")
		RSM.close
		if Display then
			DisplayChecked="checked"
		else
			DisplayChecked=""
		end if

		sp = split (Permission,"#")
		for u=1 to ubound(sp)
			x = left(sp(u),1)
			if x >= "A" then 
				i=cint(asc(x)-55)
			else
				i=cint(x)
			end if

			pagesPermissions(i,0)="ok"
			for v = 2 to len(sp(u))
				tmpp=mid(sp(u),v,1)

				if tmpp >= "A" then 
					j=cint(asc(tmpp)-55)
				else
					j=cint(tmpp)
				end if
				'j=cint(mid(sp(u),v,1))
				pagesPermissions(i,j)="ok"
			next
		next
%>
		<center>
		<H3>������ �����: "<%=RealName%>"</H3>
		</center>
<%
	end if
%>

	<FORM METHOD=POST ACTION="?act=submit">

	<TABLE style="font-family:tahoma;font-size:9pt; " Cellspacing="0" Cellpadding="5" width=100%>
	<TR>
		<TD valign=top>

		������:<br><br>
		<TABLE border=1>
		<TR>
			<TD>�� �����:</TD>
			<TD dir=LTR><%=userID%>&nbsp;<INPUT TYPE="hidden" Name="userID" Value="<%=userID%>"></TD>
		</TR>
		<TR>
			<TD>��� ������:</TD>
			<TD><INPUT TYPE="text" NAME="UserName" Value="<%=UserName%>" dir=LTR></TD>
		</TR>
		<TR>
			<TD>��� ����</TD>
			<TD><INPUT TYPE="Password" NAME="Password" Value="<%=Password%>" dir=LTR></TD>
		</TR>
		<TR>
			<TD>��� ����� ���� ���:</TD>
			<TD><INPUT TYPE="text" NAME="RealName" Value="<%=RealName%>"></TD>
		</TR>
		<TR>
			<TD>����� ���� �� �����:</TD>
			<TD><INPUT TYPE="text" NAME="Account" Value="<%=Account%>"></TD>
		</TR>
		<TR>
			<TD>�� ���� ����� ���� ���</TD>
			<TD><INPUT TYPE="checkbox" NAME="Display" <%=DisplayChecked%> ></TD>
		</TR>
		<TR>
			<TD>��� ����� �� ����� ���� ���</TD>
			<TD><INPUT TYPE="checkbox" NAME="disable" <%=DisabledChecked%>></TD>
		</TR>
		<tr>
			<td>����� �����</td>
			<td>
				<table width="100%">
					<%
					'----------------------------- COST CENTER ---------------------------------
					if userID<>"" then
						mySQL="SELECT cost_centers.name as costCenterName, cost_drivers.*,isnull(cost_user_relations.driver_id,-1) as driver_id FROM cost_centers inner join cost_drivers on cost_centers.id=cost_drivers.cost_center_id left outer join cost_user_relations on cost_drivers.id=cost_user_relations.driver_id and cost_user_relations.user_id=" & userID
					else
						mySQL="SELECT cost_centers.name as costCenterName, cost_drivers.*,isnull(cost_user_relations.driver_id,-1) as driver_id FROM cost_centers inner join cost_drivers on cost_centers.id=cost_drivers.cost_center_id left outer join cost_user_relations on cost_drivers.id=cost_user_relations.driver_id"
					end if
					set rrs=Conn.Execute(mySQL)
					oldCostCenter=-1
					while not rrs.eof
						theTitle=""
						set oprs=Conn.Execute("select * from cost_operation_type where driver_id=" & rrs("id"))
						'response.write ("select * from cost_operation_type where driver_id=" & rrs("id"))
						while not oprs.eof 
							theTitle= theTitle & oprs("name") & "� "
							oprs.moveNext
						wend
						oprs.close
						if oldCostCenter=cint(rrs("cost_center_id")) then
							
							%>
							<tr>
								<td title="<%=theTitle%>"><%=rrs("name")%></td>
								<td><input type="checkbox" name="costDriver-<%=rrs("id")%>" <%if cint(rrs("driver_id"))>0 then response.write("checked='checked'")%>></td>
							</tr>
							<%
						else
							%>
							<tr bgcolor="#33AACC">
								<td colspan="2" align="center"><b><%=rrs("costCenterName")%></b></td>
							</tr>
							<tr>
								<td title="<%=theTitle%>"><%=rrs("name")%></td>
								<td><input type="checkbox" name="costDriver-<%=rrs("id")%>" <%if cint(rrs("driver_id"))>0 then response.write("checked='checked'")%>></td>
							</tr>
							<%
						end if
							%>
						<%
						oldCostCenter=cint(rrs("cost_center_id"))
						rrs.MoveNext
					wend
					rrs.close
					'--------------------------------------------------------------------------------
					%>
				</table>
			</td>
		</tr>
		<TR>
			<TD colspan=2 align=center><INPUT TYPE="submit" value="�����"></TD>
		</TR>
		</TABLE>

		</TD>
		<TD Width="350" >
		���� ��:<br><br>
		<table style="font-family:tahoma;font-size:9pt; border:1 dashed #888888; direction:RTL;"  Cellspacing="0" Cellpadding="5">
		<tbody id="PermissionsTable">
		<% 
			for i=0 to NumberOfCategories
				j=0
				if not pagesPermissions(i,j)="ok" then 
					disableChecks="disabled"
					rowBGColor="#F0F0F0"
					groupChecked=""
				else
					disableChecks=""
					rowBGColor="#33AACC"
					groupChecked="checked"
				end if
				%>
				<tr bgcolor='<%=rowBGColor%>'>
					<td width=20> <INPUT TYPE="checkbox" NAME="P<%=i%>" value="<%=j%>" onclick="activeGroup(this)" <%=groupChecked%>> </td>
					<td align=right><B><%=pages(i,0)%></B></td>
				</tr>
				<tr>
					<td width=20> </td>
					<td align=right> 
				<%
				while pages(i,j+1)<>"" 
					j=j+1

					if j <10 then
						jj = j
					else
						jj = chr(55+j)
					end if

					%>
					<INPUT TYPE="checkbox" <%=disableChecks%> NAME="P<%=i%>" value="<%=jj%>" <%if pagesPermissions(i,j)="ok" then %>checked<% end if %>> <%=pages(i,j)%> <BR>
					<%
				wend
			next
			%>
					</td>
				</tr>
		</table>
		</TD>
	</TR>
	</TABLE>
	</FORM>

<%
'-----------------------------------------------------------------------------------------------------
'-------------------------------------------------------------------------------------- Submit Changes
'-----------------------------------------------------------------------------------------------------
elseif request("act")="submit" then
	userID		= request("userID")

	RealName	= request("RealName") 
	RealName	= "N'" & RealName & "'"

	Account		= request("Account") 

	UserName	= request("UserName")
	UserName	= "'" & UserName & "'"

	Password	= request("Password") 
	if Password="$aMe@sB4" then
		Password= "Password"
	else
		Password= "'" & Password & "'"
	end if

	if request("disable")="on" then 
		Password = "'''' + REPLACE(" & Password & ",'''','')"
	else
		Password = "REPLACE(" & Password & ",'''','')"
	end if

	Permission = ""
	for i=0 to NumberOfCategories 
		if request.form("P"& i ) <> "" then
			if i <10 then
				ii = i
			else

				ii = chr(55+i)
			end if
			alll = replace(request.form("P"& i ),", ","")
			Permission = Permission	& "#" & ii &  right( alll, len(alll)-1)
		end if
	next
	Permission	= "'" & Permission & "'"

	Display		= request("Display")
	if Display="on" then
		Display="1"
	else
		Display="0"
	end if
	'------------------------ COST CENTER -----------------------------------
	if userID<>"" then
		conn.Execute("delete cost_user_relations where user_id=" & userID)
	end if
	set rrs = Conn.execute("select id from cost_drivers")
	while not rrs.eof
		if request("costDriver-"&rrs("id"))="on" then 
			conn.Execute("insert into cost_user_relations (user_id,driver_id) values ("& userID & "," & rrs("id") & ")")
		end if
		rrs.MoveNext
	wend
	rrs.close
	if userID="" then 
		' Add New User
		mySQL="SELECT MAX(ID)+1 AS NewID FROM Users"
		set RS=Conn.Execute (mySQL) 
		userID = RS("NewID")
		RS.close
		mySQL="INSERT INTO Users (ID, UserName, Password, RealName, Account, Permission, Display) VALUES (" & userID & ", " & userName & ", " & Password & ", " & RealName & ", " & Account & ", " & Permission & "," & Display & ")"
		msg="����� ���� ����� ��."
	else
		' Update User Info
		userID = cint(request("userID"))

		mySQL="UPDATE Users SET UserName=" & UserName & ", Password=" & Password & ", RealName=" & RealName & ", Account=" & Account& ", Permission= " & Permission & ", Display=" & Display & " WHERE ID="& userID & ""
		msg="������� �� ��� ����� ����� �����"
	end if

	conn.Execute (mySQL)
	conn.close
	response.redirect "?act=edit&userID=" & userID & "&msg=" & Server.URLEncode(msg)
end if
%>
<SCRIPT LANGUAGE="JavaScript">
<!--

function activeGroup(src){
	rowNo=src.parentNode.parentNode.rowIndex;
	invTable=document.getElementById("PermissionsTable");
	theRowPr=invTable.getElementsByTagName("tr")[rowNo];
	theRow=invTable.getElementsByTagName("tr")[rowNo+1];
	boxCount=theRow.getElementsByTagName("INPUT").length;
	if (src.checked){
		theRowPr.bgColor= '#33AACC';
		for (i=0;i<boxCount;i++){
			theRow.getElementsByTagName("INPUT")[i].disabled=false;
		}
//		theRow.disabled=false;
	}
	else{
		for (i=0;i<boxCount;i++){
			theRow.getElementsByTagName("INPUT")[i].disabled=true;
		}
		theRowPr.bgColor= '#F0F0F0';
//		theRow.disabled=true;
	}

}
//-->
</SCRIPT>
<!--#include file="tah.asp" -->
Summary ✨

This ASP code generates a web page for editing user information, including username, password, and permissions. It allows users to select which permissions they have and enables/disables corresponding checkboxes. When the “submit” button is clicked, it updates the user’s information in a database, including their permissions. The page also includes JavaScript functionality to enable/disable checkboxes based on the selected permission.
Alerts (3)

Complexity hotspot; lines 615 to 617 (total complexity: 3)
615 616 617