<% 'PageName="event_delete" 'DoHeader(PageName) 'This page has a small security risk in this form because a Event could potentially 'edit the URL they are hitting and change the Query String to another number 'causing a diferent record to be deleted 'if this becomes a problem, a check could be built in to verify that the Event is 'either an admin or it's their own record they are editing. Set objConn=GetConn strSQL="SELECT * FROM Event WHERE EventID='" & ID & "';" Set objRStmp = objConn.Execute(strSQL) strSQL1="SELECT * FROM EventGroupJoin WHERE EventID='" & ID & "';" Set objRS1 = objConn.Execute(strSQL1) strSQL2="SELECT * FROM EventScheduleJoin WHERE EventID='" & ID & "';" Set objRS2 = objConn.Execute(strSQL2) If objRStmp.eof And objRS1.eof And objRS2.eof Then DoHeader ("Error Deleting Record") Response.Write "
" Response.Write "" & vbcrlf Response.Write "" & vbcrlf Response.Write "" & vbcrlf Response.Write "" & vbcrlf Response.End Else strRedirect = "/promanweb/event/event_list.asp?iCognateFlag=" & iCognateFlag strSQL="DELETE * FROM Event WHERE EventID='" & ID & "';" objConn.Execute(strSQL) strSQL1="DELETE * FROM EventGroupJoin WHERE EventID='" & ID & "';" objConn.Execute(strSQL1) strSQL2="DELETE * FROM EventScheduleJoin WHERE EventID='" & ID & "';" objConn.Execute(strSQL2) End If objRStmp.Close Set objRStmp= nothing objRS1.Close Set objRS1= nothing objRS2.Close Set objRS2= nothing objConn.Close Set objConn = nothing Response.Redirect strRedirect %> Response.Redirect strRedirect %>
Error in processing your Delete request. Please report the problem to the webmaster.
Back to Form