<%@ Language=VBScript %>
<%Option Explicit%>
<!--#include file="includes/include.inc"-->
<%

dim oConn, oRs, SQL, i,updateme,access,compexist,temp,deleteme, prevusercateg, prevusaccess
set oConn = Server.CreateObject("ADODB.Connection")
oConn.open Application("ConStr")
set oRs = Server.CreateObject("ADODB.RecordSet")

prevusaccess= request.form("prevusaccess")
prevusercateg= request.form("prevusercateg")
deleteme	= request.querystring("deleteme")
updateme	= Request.QueryString("updateme")  'se poies plirofories egine to update
compexist	= Request.QueryString("compexist")  'an prokeitai gia eisagogi i update stoixeion gia company


'===============DELETE ==================================================
'================= Delete Address Info ======================
if deleteme = "3" then
	SQL = "Update UserAddresses SET Show = 0 where AddrressID = " & Request("AddressID")
	oConn.execute SQL
	Response.Redirect "login.asp?Info=3"
end if
'================= Delete Address Info ======================

'================= Delete Company Info ======================
if deleteme = "2" then
	SQL = "Update UserCompanies SET Show = 0 where CompID = " & Request("CompID")
	oConn.execute SQL
	Response.Redirect "login.asp?Info=2"
end if
'================= Delete Address Info ======================


'========================================= UPDATE ==============================================

'===============DELETE ==================================================


'================= Update  Personal Info ====================
if updateme = "1" AND session("UserID") & "" <> ""  then

    if Request("UserCateg") = "7" AND prevusercateg<>"7" then access=0 
	if Request("UserCateg") = "7" AND prevusercateg="7" AND prevusaccess = 1 then access=1
	if Request("UserCateg") = "7" AND prevusercateg="7" AND prevusaccess=0 then access=0 
	if access & "" = "" then access = 0

	'---- Check if mail exists ----------
	
	SQL = "Select UEmail from [User]  where UEmail='" & Replace(Request("pEmail"),"'","''") & "' AND UID <> " &session("UserID")
	oRs.open SQL, oConn, 3,1,1
	
	if oRs.EOF = true then
		SQL = "Update [User] set Uname = '" & Replace(Request("pName"),"'","''") & "', USurname = '" & Replace(Request("pSurname"),"'","''")& "',"&_
			  " UEmail = '" & Replace(Request("pEmail"),"'","''") & "', USex = '"& Request("sex") &"', UPassword = '" & Replace(Request("pPasswd"),"'","''") & "',"&_
			  " UMailingList = '" & Request("UMailingList")& "' ,JobID = '"& Request("JobID")& "',UCategID='"& Request("UserCateg") &"',UAccess='"&access&"' where UID="& session("UserID")

				oConn.execute SQL
	else
		oRs.close : set oRs = nothing
		oConn.close : set oConn = nothing
		Response.Redirect "login.asp?Info=1&errmsg=mail"
		Reso
	end if
	if session("UserSurname") <> Replace(Request("pSurname"),"'","''") then
		session("UserSurname") 	= Replace(Request("pSurname"),"'","''")
		response.Cookies("degustibus")("UserSurname") 	= session("UserSurname")
	end if 
	
	if session("UserSex") <> Request("sex") then
		session("UserSex")		=  Request("sex")
		response.Cookies("degustibus")("UserSex") 		= session("UserSex")	
	end if%>

	<!--#include file="includes/FixSurname.asp"--><%
	call FixSurname(session("UserSurname"), session("UserSex"))
	

	Response.Redirect "login.asp?Info=1"
end if
'================= Update  Personal Info ====================

'================= Update  Address Info =====================
if updateme = "3" then
	temp = Request("AddressesCount")
	if temp & "" <> ""  then 
		for i=0 to temp-1
			SQL = "Update UserAddresses set Name = '" & Replace(Request("pName"&i+1),"'","''")& "', Surname = '" & Replace(Request("pSurname"&i+1),"'","''")& "',Address = '" & Replace(Request("pAddress"&i+1),"'","''")& "', Town = '" & Replace(Request("pTown"&i+1),"'","''")& "', Country = '" & Replace(Request("pCountry"&i+1),"'","''") & "', CountryID='"& Replace(Request("UCountryID"&i+1),"'","''")&"', TK = '" & Replace(Request("pTK"&i+1),"'","''")& "', Tel = '" & Replace(Request("pPhone"&i+1),"'","''") & "' where AddrressID = " & Request("Address"&i+1&"ID")
			oConn.execute SQL
		next

		if Request("pAddress"&i+1) & "" <>"" then 
			SQL = "Insert INTO UserAddresses (UID,Address,Town,TK, Tel, Name, Surname, CountryID,Country, UserDefault) values (" & session("UserID")& ",'" & Replace(Request("pAddress"&i+1),"'","''")&"','"&Replace(Request("pTown"&i+1),"'","''")&"','" & Replace(Request("pTK"&i+1),"'","''")& "',  '" & Replace(Request("pPhone"&i+1),"'","''") & "', '" & Replace(Request("pName"&i+1),"'","''")& "','" & Replace(Request("pSurname"&i+1),"'","''")& "','"&Request("UCountryID"&i+1)&"','"&Request("PCountry"&i+1)&"','1')"
			oConn.execute SQL
		end if
	else
		if Request("pAddress1") & "" <>"" then 
			SQL = "Insert INTO UserAddresses (UID,Address,TownTK, Tel, Name, Surname,CountryID,Country UserDefault) values (" & session("UserID")& ",'" & Replace(Request("pAddress1"),"'","''")&"','"&Replace(Request("pTown1"),"'","''")&"','" & Replace(Request("pTK1"),"'","''")& "','" & Replace(Request("pPhone1"),"'","''") & "', '" & Replace(Request("pName1"),"'","''")& "','" & Replace(Request("pSurname1"),"'","''")&"','"&Request("UCountryID1")&"','"&request("PCountry1")&"','1')"
			oConn.execute SQL
		end if
	end if
		Response.Redirect "login.asp?Info=3"
end if
'================= Update  Address Info =====================
'================= Update  Company Info =====================
if updateme = "2" then
	temp = Request("CompanyCount")
	if temp & "" <> "" then 
		for i=0 to temp-1
			SQL = "Update UserCompanies set CompName = '" & Replace(Request("CompanyName"&i+1),"'","''") & "', CompActivity = '" & Replace(Request("CompanyActivity"&i+1),"'","''")& "',"&_
				  " CompVAT = '" & Replace(Request("VAT"&i+1),"'","''") & "', CompDOY = '"& Replace(Request("DOY"&i+1),"'","''") &"', CompAddress = '" & Replace(Request("CompanyAddress"&i+1),"'","''") & "',"&_
				  " CompTown = '" & Replace(Request("CompanyTown"&i+1),"'","''")& "' , CompTK = '"& Replace(Request("CompanyTK"&i+1),"'","''") & "', CompCountry = '" & Request("CompanyCountry"&i+1)& "', CountryID = '" & Request("UCountryID"&i+1)& "', CompTel = '" & Replace(Request("CompanyTel"&i+1),"'","''") & "', CompFax = '" & Replace(Request("CompanyFax"&i+1),"'","''")& "' where CompID="& Request("Comp"&i+1&"ID")
			oConn.execute SQL
		next
	end if
	if temp & "" = "" then i=0
	if Request("CompanyName"&i+1) & "" <> "" then
		SQL = "Insert Into UserCompanies (UID, CompName, CompActivity, CompVAT, CompDOY, CompAddress, CompTown, CompTK,CompTel, CompFax,CompCountry,CountryID, UserDefault) values (" & session("UserID") & ", '" & Replace(Request("CompanyName"&i+1),"'","''") & "',  '" & Replace(Request("CompanyActivity"&i+1),"'","''")& "','" & Replace(Request("VAT"&i+1),"'","''") & "', '"& Request("DOY"&i+1) &"', '" & Replace(Request("CompanyAddress"&i+1),"'","''") & "', '" & Request("CompanyTown"&i+1)& "' , '"& Replace(Request("CompanyTK"&i+1),"'","''") & "','" & Replace(Request("CompanyTel"&i+1),"'","''") & "', '" & Replace(Request("CompanyFax"&i+1),"'","''")& "','"&Request("CompanyCountry"&i+1)&"','"&request("UCountryID"&i+1)&"','1')"
		oConn.execute SQL
	end if
		Response.Redirect "login.asp?Info=2"
end if
'================= Update  Company Info =====================

'========================================= UPDATE ==============================================

%>