postitem.asp

实验教学系统 很好用 有学生 老师 管理等模块 便于学校使用

<!-- #include file="auctionlib.asp" -->
<%
sUserName    = Request.Form("UserName")

sPassword    = Request.Form("Password")

sTitle       = Request.Form("Title")
iCat         = Request.Form("Category")
iDays        = Request.Form("Days")
sImageURL    = Request.Form("ImageURL")
sDescription = Request.Form("Description")
iStartingBid = Request.Form("StartBid")
iIncrement   = Request.Form("Increment")
dCloseDate   = DateAdd("d", iDays, NOW) 

Call OpenDBConn
Call DoPageHeader

regSQL = ""
regSQL = regSQL & "SELECT COUNT(*) as Total FROM Registration WHERE username = " & SQLStr(sUserName) & " AND password = " & SQLStr(sPassword) & " "
	Set regRS = GobjConnect.Execute(regSQL)
		If regRS.Fields("Total") = 1 then
			
			ValSQL = ""
			ValSQL =ValSQL & "SELECT * FROM Registration WHERE username = " & SQLStr(sUserName) & " AND password = " & SQLStr(sPassword) & " "
			set valRS = GobjConnect.Execute(ValSQL)
			If valRS.Fields("Validated") = true Then
				'Response.Write("Validated<BR>")
				Call InsertAd
			Else
				'Response.Write("Not Validated<BR>")
				Call PostDenied
			End If
			
		Else
			Call PostDenied
		End If


Sub InsertAd
	userSQL = ""
	userSQL = userSQL & "SELECT * FROM registration WHERE "
	userSQL = userSQL & "username = " & SQLStr(sUserName) & " AND password = " & SQLStr(sPassword)
	Set UserRS = GobjConnect.Execute(userSQL)	
	
	sUserEmail = UserRS.Fields("Email")
			
			sSQL = ""
			sSQL = sSQL & "INSERT INTO Auctions (ItemOwner, ItemTitle, CategoryID, ImageURL, Ended, EmailsSent, "
			sSQL = sSQL & " AvailDate, CloseDate, StartingBid, MinimumIncrement, CurrentBid, "
			sSQL = sSQL & " CurrentBidder, Description ) "
			sSQL = sSQL & " VALUES ( "
			sSQL = sSQL & SQLVal(valRS.Fields("ID")) & ", "
			sSQL = sSQL & SQLStr(sTitle) & ", "
			sSQL = sSQL & SQLVal(iCat) & ", "
			sSQL = sSQL & SQLStr(sImageURL) & ", "
			sSQL = sSQL & " false , "
			sSQL = sSQL & " false , "
			sSQL = sSQL & SQLDate(NOW) & ", "
			sSQL = sSQL & SQLDate(dCloseDate) & ", "
			sSQL = sSQL & SQLVal(iStartingBid) & ", "
			sSQL = sSQL & SQLVal(iIncrement) & ", "
			sSQL = sSQL & SQLVal(iStartingBid) & ", "
			sSQL = sSQL & SQLVal(valRS.Fields("ID")) & ", "
			sSQL = sSQL & SQLStr(sDescription) & ") "
		
			'Response.Write "<P>" & sSQL & "<BR>"
			GobjConnect.Execute(sSQL)
			
			
		Response.Write("<FONT FACE =" & chr(34) & sFont & chr(34) & "><CENTER>")
		Response.Write("您提供的拍卖物已经成功的加入拍卖<P>")
		Response.Write("<A HREF=""default.asp"">拍卖网首页</A></CENTER>")
	
	UserRS.Close
	Set UserRS = Nothing

End Sub


Sub PostDenied
	Response.Write("<FONT FACE =" & chr(34) & sFont & chr(34) & "><CENTER>")
	Response.Write("对不起!  您的使用者名称和密码有错误<BR>")
	Response.Write("请在浏览程式按 ""<B>上一页</B>"" 按钮再试一次<BR>")
	Response.Write("如果您尚未注册， <A HREF=""register.asp"">按这里</A> 注册成为会员<BR>")
	Response.Write("如果您不是会员就没有权限提供拍卖物<BR>")
	Response.Write("<BR>")


End Sub

Call DoPageFooter
Call CloseDBConn

%>