<!--#include file="config.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="format.asp"-->
<!--#include file="error.asp"-->
<!--#include file="body/incjs.asp"-->
<!--#include file="body/adminmenu.asp"-->
<!--#include file="body/UBBshow.asp"-->
<!--#include file="body/UBB_summary.asp"-->
<!--#include file="body/adminsummary2_body.asp"-->
<!--#include file="body/foot.asp"-->
<%
dim founderr,errmsg
founderr=false
errmsg=""

if session("adminlogin")<>sessionvar then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你尚未登錄，或者超時了！請<a href='admin.asp'>重新登錄</a>！"
  call diserror()
  response.end
else

if request.form("MM_insert") then
if request.Form("action")="newsummary" then

sql="select * from summary"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs.addnew
dim title,summaryfrom,keyword,content
summaryfrom=trim(replace(request.form("summary_from"),"'",""))
title=trim(replace(request.form("summary_title"),"'",""))
keyword=trim(replace(request.form("summary_keyword"),"'",""))
content=trim(replace(request.form("summary_content"),"'",""))

if summaryfrom="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的來源！"
else
  rs("summary_from")=summaryfrom
end if
if title="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的標題！"
else
  rs("summary_title")=title
end if
if keyword="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的關鍵字！"
else
  rs("summary_keyword")=keyword
end if
if content="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的內容！"
else
  rs("summary_content")=content
end if

if founderr then
  call diserror()
  response.end
else
  rs.update
  rs.close
  set rs=nothing
  
  sql="update allcount set summarycount = summarycount + 1"
  conn.execute(sql)
  closedatabase
  response.redirect "admin_summary1.asp"
end if
end if
if request.Form("action")="editsummary" then
if request.Form("id")="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須指定操作的對象！"
else
  if not isInteger(request.form("id")) then
    founderr=true
    errmsg=errmsg+"<br>"+"<li>非法的學校概況id參數(shù)。"
  end if
end if
if founderr then
  call diserror()
  response.End
end if

sql="select * from summary where summary_id="&cint(request.Form("id"))
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
summaryfrom=trim(replace(request.form("summary_from"),"'",""))
title=trim(replace(request.form("summary_title"),"'",""))
keyword=trim(replace(request.form("summary_keyword"),"'",""))
content=trim(replace(request.form("summary_content"),"'",""))

if summaryfrom="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的來源！"
else
  rs("summary_from")=summaryfrom
end if
if title="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的標題！"
else
  rs("summary_title")=title
end if
if keyword="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的關鍵字！"
else
  rs("summary_keyword")=keyword
end if
if content="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須填寫學校概況的內容！"
else
  rs("summary_content")=content
end if

if founderr then
  call diserror()
  response.end
else
  rs.update
  rs.close
  set rs=nothing
  response.redirect "admin_summary1.asp"
end if
end if
if request.Form("action")="delsummary" then
if request.Form("id")="" then
  founderr=true
  errmsg=errmsg+"<br>"+"<li>你必須指定操作的對象！"
else
  if not isInteger(request.form("id")) then
    founderr=true
    errmsg=errmsg+"<br>"+"<li>非法的學校概況id參數(shù)。"
  end if
end if
if founderr then
  call diserror()
  response.End
end if

sql="select * from summary where summary_id="&cint(request.Form("id"))
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
  rs.delete
  rs.close
  set rs=nothing
  
  sql="update allcount set summarycount = summarycount - 1"
  conn.execute(sql)
  closedatabase
  response.redirect "admin_summary1.asp"
end if
end if

call adminsummary2_body()
call endpage()
end if
%>