<%@ Language=VBScript %> <% '************************************************************************* ' DO NOT MODIFY THIS SCRIPT IF YOU WANT UPDATES TO WORK! ' Function : Product Review Maintenance ' Product : CandyPress Store Administration ' Version : 2.5 ' Modified : February 2004 ' Copyright: Copyright (C) 2004 CandyPress.Com ' See "license.txt" for this product for details regarding ' licensing, usage, disclaimers, distribution and general ' copyright requirements. If you don't have a copy of this ' file, you may request one at webmaster@candypress.com '************************************************************************* Option explicit Response.Buffer = true const adminLevel = 1 %> <% 'Database dim mySQL, cn, rs 'Reviews dim idReview dim idProduct dim revDate dim revDateInt dim revAuditInfo dim revStatus dim revRating dim revName dim revLocation dim revEmail dim revSubj dim revDetail 'Products dim description 'Work Fields dim I dim action '************************************************************************* 'Open Database Connection call openDB() 'Store Configuration if loadConfig() = false then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode("Could not load Store Configuration settings.") end if %>

Review Maintenance

<% 'Get action action = trim(Request.QueryString("action")) if len(action) = 0 then action = trim(Request.Form("action")) end if action = lCase(action) if action <> "edit" and action <> "del" then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode("Invalid Action Indicator.") end if 'Get idReview idReview = trim(Request.QueryString("recId")) if len(idReview) = 0 then idReview = trim(Request.Form("recId")) end if if idReview = "" or not isNumeric(idReview) then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode("Invalid Review ID.") end if 'Get Review details mySQL="SELECT idProduct,revDate,revAuditInfo,revStatus,revRating," _ & " revName,revLocation,revEmail,revSubj,revDetail " _ & "FROM reviews " _ & "WHERE idReview = " & idReview set rs = openRSexecute(mySQL) if rs.eof then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode("Invalid Review ID.") else revDetail = rs("revDetail") idProduct = rs("idProduct") revDate = rs("revDate") revAuditInfo= rs("revAuditInfo") revStatus = rs("revStatus") revRating = rs("revRating") revName = rs("revName") revLocation = rs("revLocation") revEmail = rs("revEmail") revSubj = rs("revSubj") end if call closeRS(rs) 'Get Product info mySQL="SELECT description " _ & "FROM products " _ & "WHERE idProduct = " & idProduct set rs = openRSexecute(mySQL) if rs.eof then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode("Invalid Product ID.") else description = rs("description") end if call closeRS(rs) 'Edit form if action = "edit" then if len(trim(Request.QueryString("msg"))) > 0 then %> <%=Request.QueryString("msg")%>

<% end if %> Edit Review  <%call maintNavLinks()%>

Date <%=formatTheDate(revDate)%>
IP Address <%=revAuditInfo%>
Product <%=description%>
Rating       Status  
Name ">
Location ">
Email ">
Subject ">
Review



<% end if 'Delete review if action = "del" then %> Delete Review  <%call maintNavLinks()%>

Date <%=formatTheDate(revDate)%>
Product <%=description%>
Name <%=server.HTMLEncode(revName & "")%>
Subject <%=server.HTMLEncode(revSubj & "")%>
Review <%=server.HTMLEncode(revDetail & "")%>
 


<% end if if action = "edit" then %>
Help and Instructions :
Note : All fields are mandatory.

Rating - 1 = Worst, 5 = Best

Status - "Active" reviews are viewable by your customers, and will therefore also be included when calculating the average rating for the product. "Pending" reviews are awaiting authorization, and are therefore not yet viewable. "Rejected" reviews have been deliberately made inactive, and will therefore not be viewable. Rejected reviews are included when the system checks for duplicate IP addresses.

Name - Reviewer's full name.

Location - City, State or Country of reviewer.

Email - Email address of reviewer.

Subject - Short and descriptive heading for the review.

Review - Full text of the review.

<% end if 'Close database call closedb() %> <% '********************************************************************* 'Create Navigation Links '********************************************************************* sub maintNavLinks() %> [ List Reviews | >Edit | >Delete ] <% end sub %>