<%
'=============================================================================
' FILE: save_network_device.asp
' PURPOSE: Universal save endpoint for all network devices (IDF, Server, Switch, Camera, Access Point)
' SECURITY: Parameterized queries, HTML encoding, input validation
' UPDATED: 2025-10-27 - Migrated to secure patterns
'=============================================================================
%>
<%
' Universal save endpoint for all network devices (IDF, Server, Switch, Camera)
' Routes to appropriate table based on device type
' Get device type and ID
Dim deviceType, deviceId, isDelete
deviceType = Trim(Request.Form("type"))
deviceId = Trim(Request.Form("id"))
isDelete = Trim(Request.Form("delete"))
' Validate device type
If deviceType <> "idf" And deviceType <> "server" And deviceType <> "switch" And deviceType <> "camera" And deviceType <> "accesspoint" Then
Response.Write("Error: Invalid device type
")
Response.Write("Back to Network Devices")
objConn.Close
Response.End
End If
' Validate device ID
If deviceId = "" Then deviceId = "0"
If Not IsNumeric(deviceId) Then
Response.Write("Error: Invalid device ID
")
Response.Write("Back to Network Devices")
objConn.Close
Response.End
End If
' Map type to table and fields
Dim tableName, idField, nameField, redirectUrl
Select Case deviceType
Case "idf"
tableName = "idfs"
idField = "idfid"
nameField = "idfname"
redirectUrl = "network_devices.asp?filter=IDF"
Case "server"
tableName = "servers"
idField = "serverid"
nameField = "servername"
redirectUrl = "network_devices.asp?filter=Server"
Case "switch"
tableName = "switches"
idField = "switchid"
nameField = "switchname"
redirectUrl = "network_devices.asp?filter=Switch"
Case "camera"
tableName = "cameras"
idField = "cameraid"
nameField = "cameraname"
redirectUrl = "network_devices.asp?filter=Camera"
Case "accesspoint"
tableName = "accesspoints"
idField = "apid"
nameField = "apname"
redirectUrl = "network_devices.asp?filter=Access Point"
End Select
' Handle DELETE request
If isDelete = "1" Then
' Soft delete - set isactive = 0 using parameterized query
Dim strDelete, cmdDelete
strDelete = "UPDATE " & tableName & " SET isactive = 0 WHERE " & idField & " = ?"
Set cmdDelete = Server.CreateObject("ADODB.Command")
cmdDelete.ActiveConnection = objConn
cmdDelete.CommandText = strDelete
cmdDelete.CommandType = 1
cmdDelete.Parameters.Append cmdDelete.CreateParameter("@deviceid", 3, 1, , CLng(deviceId))
cmdDelete.Execute
Set cmdDelete = Nothing
objConn.Close
Response.Redirect(redirectUrl)
Response.End
End If
' Get form data
Dim deviceName, description, maptop, mapleft, isactiveForm
deviceName = Trim(Request.Form(nameField))
description = Trim(Request.Form("description"))
maptop = Trim(Request.Form("maptop"))
mapleft = Trim(Request.Form("mapleft"))
isactiveForm = Trim(Request.Form("isactive"))
' Handle isactive - checkbox: checked=1, unchecked=empty string
' Default to 0 (inactive) if not provided (unchecked)
If isactiveForm = "1" Then
isactiveForm = "1"
Else
isactiveForm = "0"
End If
' Validate name field (required for all)
If deviceName = "" Then
Response.Write("Error: " & UCase(Left(nameField, 1)) & Mid(nameField, 2) & " is required
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Validate field lengths
If Len(deviceName) > 100 Or Len(description) > 255 Then
Response.Write("Error: Field length exceeded
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Handle NULL values for optional numeric fields
Dim maptopValue, mapleftValue
If maptop = "" Or Not IsNumeric(maptop) Then
maptopValue = Null
Else
maptopValue = CLng(maptop)
End If
If mapleft = "" Or Not IsNumeric(mapleft) Then
mapleftValue = Null
Else
mapleftValue = CLng(mapleft)
End If
' Build SQL based on device type
Dim strSQL, cmdDevice
If deviceType = "idf" Then
' IDF - no model/vendor
If deviceId = "0" Then
' INSERT using parameterized query
strSQL = "INSERT INTO idfs (idfname, description, maptop, mapleft, isactive) VALUES (?, ?, ?, ?, ?)"
Set cmdDevice = Server.CreateObject("ADODB.Command")
cmdDevice.ActiveConnection = objConn
cmdDevice.CommandText = strSQL
cmdDevice.CommandType = 1
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@idfname", 200, 1, 100, deviceName)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@description", 200, 1, 255, description)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@maptop", 3, 1, , maptopValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@mapleft", 3, 1, , mapleftValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@isactive", 3, 1, , CInt(isactiveForm))
cmdDevice.Execute
Set cmdDevice = Nothing
Else
' UPDATE using parameterized query
strSQL = "UPDATE idfs SET idfname = ?, description = ?, maptop = ?, mapleft = ?, isactive = ? WHERE idfid = ?"
Set cmdDevice = Server.CreateObject("ADODB.Command")
cmdDevice.ActiveConnection = objConn
cmdDevice.CommandText = strSQL
cmdDevice.CommandType = 1
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@idfname", 200, 1, 100, deviceName)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@description", 200, 1, 255, description)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@maptop", 3, 1, , maptopValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@mapleft", 3, 1, , mapleftValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@isactive", 3, 1, , CInt(isactiveForm))
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@idfid", 3, 1, , CLng(deviceId))
cmdDevice.Execute
Set cmdDevice = Nothing
End If
objConn.Close
Response.Redirect(redirectUrl)
ElseIf deviceType = "server" Or deviceType = "switch" Or deviceType = "accesspoint" Then
' Server/Switch/Access Point - has modelid but NO idfid
Dim modelid, serialnumber, ipaddress
modelid = Trim(Request.Form("modelid"))
serialnumber = Trim(Request.Form("serialnumber"))
ipaddress = Trim(Request.Form("ipaddress"))
' Handle new model creation
If modelid = "new" Then
Dim newmodelnumber, newvendorid, newmodelnotes, newmodeldocpath, newvendorname
newmodelnumber = Trim(Request.Form("newmodelnumber"))
newvendorid = Trim(Request.Form("newvendorid"))
newmodelnotes = Trim(Request.Form("newmodelnotes"))
newmodeldocpath = Trim(Request.Form("newmodeldocpath"))
newvendorname = Trim(Request.Form("newvendorname"))
' Validate required fields for new model
If newmodelnumber = "" Then
Response.Write("Error: Model number is required
")
Response.Write("Go back")
objConn.Close
Response.End
End If
If newvendorid = "" Then
Response.Write("Error: Vendor is required for new model
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Handle new vendor creation (nested)
If newvendorid = "new" Then
If newvendorname = "" Then
Response.Write("Error: Vendor name is required
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Insert new vendor using parameterized query
Dim sqlNewVendor, cmdNewVendor
sqlNewVendor = "INSERT INTO vendors (vendor, isactive) VALUES (?, 1)"
Set cmdNewVendor = Server.CreateObject("ADODB.Command")
cmdNewVendor.ActiveConnection = objConn
cmdNewVendor.CommandText = sqlNewVendor
cmdNewVendor.CommandType = 1
cmdNewVendor.Parameters.Append cmdNewVendor.CreateParameter("@vendor", 200, 1, 50, newvendorname)
On Error Resume Next
cmdNewVendor.Execute
If Err.Number <> 0 Then
Response.Write("Error creating vendor: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdNewVendor = Nothing
objConn.Close
Response.End
End If
' Get newly created vendor ID
Dim rsNewVendor
Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
newvendorid = rsNewVendor("newid")
rsNewVendor.Close
Set rsNewVendor = Nothing
Set cmdNewVendor = Nothing
On Error Goto 0
End If
' Insert new model using parameterized query
Dim sqlNewModel, cmdNewModel
sqlNewModel = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) VALUES (?, ?, ?, ?, 1)"
Set cmdNewModel = Server.CreateObject("ADODB.Command")
cmdNewModel.ActiveConnection = objConn
cmdNewModel.CommandText = sqlNewModel
cmdNewModel.CommandType = 1
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@modelnumber", 200, 1, 50, newmodelnumber)
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@vendorid", 3, 1, , CLng(newvendorid))
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@notes", 200, 1, 500, newmodelnotes)
cmdNewModel.Parameters.Append cmdNewModel.CreateParameter("@documentationpath", 200, 1, 500, newmodeldocpath)
On Error Resume Next
cmdNewModel.Execute
If Err.Number <> 0 Then
Response.Write("Error creating model: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdNewModel = Nothing
objConn.Close
Response.End
End If
' Get newly created model ID
Dim rsNewModel
Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
modelid = rsNewModel("newid")
rsNewModel.Close
Set rsNewModel = Nothing
Set cmdNewModel = Nothing
On Error Goto 0
' Handle NULL/empty modelid
ElseIf modelid = "" Or Not IsNumeric(modelid) Then
modelid = "NULL"
Else
modelid = CLng(modelid)
End If
' Validate lengths
If Len(serialnumber) > 100 Or Len(ipaddress) > 45 Then
Response.Write("Error: Field length exceeded
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Handle NULL modelid
Dim modelidValue
If modelid = "NULL" Then
modelidValue = Null
Else
modelidValue = CLng(modelid)
End If
If deviceId = "0" Then
' INSERT using parameterized query
strSQL = "INSERT INTO " & tableName & " (" & nameField & ", modelid, serialnumber, ipaddress, description, maptop, mapleft, isactive) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
Set cmdDevice = Server.CreateObject("ADODB.Command")
cmdDevice.ActiveConnection = objConn
cmdDevice.CommandText = strSQL
cmdDevice.CommandType = 1
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@devicename", 200, 1, 100, deviceName)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@modelid", 3, 1, , modelidValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@serialnumber", 200, 1, 100, serialnumber)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@ipaddress", 200, 1, 45, ipaddress)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@description", 200, 1, 255, description)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@maptop", 3, 1, , maptopValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@mapleft", 3, 1, , mapleftValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@isactive", 3, 1, , CInt(isactiveForm))
cmdDevice.Execute
Set cmdDevice = Nothing
Else
' UPDATE using parameterized query
strSQL = "UPDATE " & tableName & " SET " & nameField & " = ?, modelid = ?, serialnumber = ?, ipaddress = ?, description = ?, maptop = ?, mapleft = ?, isactive = ? WHERE " & idField & " = ?"
Set cmdDevice = Server.CreateObject("ADODB.Command")
cmdDevice.ActiveConnection = objConn
cmdDevice.CommandText = strSQL
cmdDevice.CommandType = 1
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@devicename", 200, 1, 100, deviceName)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@modelid", 3, 1, , modelidValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@serialnumber", 200, 1, 100, serialnumber)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@ipaddress", 200, 1, 45, ipaddress)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@description", 200, 1, 255, description)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@maptop", 3, 1, , maptopValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@mapleft", 3, 1, , mapleftValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@isactive", 3, 1, , CInt(isactiveForm))
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@deviceid", 3, 1, , CLng(deviceId))
cmdDevice.Execute
Set cmdDevice = Nothing
End If
objConn.Close
Response.Redirect(redirectUrl)
ElseIf deviceType = "camera" Then
' Camera - has modelid, idfid, AND macaddress
Dim cameraModelid, cameraIdfid, cameraSerial, cameraMac, cameraIP
cameraModelid = Trim(Request.Form("modelid"))
cameraIdfid = Trim(Request.Form("idfid"))
cameraSerial = Trim(Request.Form("serialnumber"))
cameraMac = Trim(Request.Form("macaddress"))
cameraIP = Trim(Request.Form("ipaddress"))
' Handle new IDF creation for camera
If cameraIdfid = "new" Then
Dim cameraNewidfname, cameraNewidfdescription
cameraNewidfname = Trim(Request.Form("newidfname"))
cameraNewidfdescription = Trim(Request.Form("newidfdescription"))
' Validate required fields for new IDF
If cameraNewidfname = "" Then
Response.Write("Error: IDF name is required
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Insert new IDF using parameterized query
Dim cameraSqlNewIdf, cmdNewIdfCamera
cameraSqlNewIdf = "INSERT INTO idfs (idfname, description, isactive) VALUES (?, ?, 1)"
Set cmdNewIdfCamera = Server.CreateObject("ADODB.Command")
cmdNewIdfCamera.ActiveConnection = objConn
cmdNewIdfCamera.CommandText = cameraSqlNewIdf
cmdNewIdfCamera.CommandType = 1
cmdNewIdfCamera.Parameters.Append cmdNewIdfCamera.CreateParameter("@idfname", 200, 1, 100, cameraNewidfname)
cmdNewIdfCamera.Parameters.Append cmdNewIdfCamera.CreateParameter("@description", 200, 1, 255, cameraNewidfdescription)
On Error Resume Next
cmdNewIdfCamera.Execute
If Err.Number <> 0 Then
Response.Write("Error creating IDF: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdNewIdfCamera = Nothing
objConn.Close
Response.End
End If
' Get newly created IDF ID
Dim rsNewIdfCamera
Set rsNewIdfCamera = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
cameraIdfid = CLng(rsNewIdfCamera("newid"))
rsNewIdfCamera.Close
Set rsNewIdfCamera = Nothing
Set cmdNewIdfCamera = Nothing
On Error Goto 0
End If
' Validate required idfid for cameras
If cameraIdfid = "" Or Not IsNumeric(cameraIdfid) Or CLng(cameraIdfid) < 1 Then
Response.Write("Error: IDF location is required for cameras
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Handle new model creation for camera
If cameraModelid = "new" Then
Dim cameraNewmodelnumber, cameraNewvendorid, cameraNewmodelnotes, cameraNewmodeldocpath, cameraNewvendorname
cameraNewmodelnumber = Trim(Request.Form("newmodelnumber"))
cameraNewvendorid = Trim(Request.Form("newvendorid"))
cameraNewmodelnotes = Trim(Request.Form("newmodelnotes"))
cameraNewmodeldocpath = Trim(Request.Form("newmodeldocpath"))
cameraNewvendorname = Trim(Request.Form("newvendorname"))
' Validate required fields for new model
If cameraNewmodelnumber = "" Then
Response.Write("Error: Model number is required
")
Response.Write("Go back")
objConn.Close
Response.End
End If
If cameraNewvendorid = "" Then
Response.Write("Error: Vendor is required for new model
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Handle new vendor creation (nested)
If cameraNewvendorid = "new" Then
If cameraNewvendorname = "" Then
Response.Write("Error: Vendor name is required
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Insert new vendor using parameterized query
Dim cameraSqlNewVendor, cmdNewVendorCamera
cameraSqlNewVendor = "INSERT INTO vendors (vendor, isactive) VALUES (?, 1)"
Set cmdNewVendorCamera = Server.CreateObject("ADODB.Command")
cmdNewVendorCamera.ActiveConnection = objConn
cmdNewVendorCamera.CommandText = cameraSqlNewVendor
cmdNewVendorCamera.CommandType = 1
cmdNewVendorCamera.Parameters.Append cmdNewVendorCamera.CreateParameter("@vendor", 200, 1, 50, cameraNewvendorname)
On Error Resume Next
cmdNewVendorCamera.Execute
If Err.Number <> 0 Then
Response.Write("Error creating vendor: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdNewVendorCamera = Nothing
objConn.Close
Response.End
End If
' Get newly created vendor ID
Dim rsNewVendorCamera
Set rsNewVendorCamera = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
cameraNewvendorid = rsNewVendorCamera("newid")
rsNewVendorCamera.Close
Set rsNewVendorCamera = Nothing
Set cmdNewVendorCamera = Nothing
On Error Goto 0
End If
' Insert new model using parameterized query
Dim cameraSqlNewModel, cmdNewModelCamera
cameraSqlNewModel = "INSERT INTO models (modelnumber, vendorid, notes, documentationpath, isactive) VALUES (?, ?, ?, ?, 1)"
Set cmdNewModelCamera = Server.CreateObject("ADODB.Command")
cmdNewModelCamera.ActiveConnection = objConn
cmdNewModelCamera.CommandText = cameraSqlNewModel
cmdNewModelCamera.CommandType = 1
cmdNewModelCamera.Parameters.Append cmdNewModelCamera.CreateParameter("@modelnumber", 200, 1, 50, cameraNewmodelnumber)
cmdNewModelCamera.Parameters.Append cmdNewModelCamera.CreateParameter("@vendorid", 3, 1, , CLng(cameraNewvendorid))
cmdNewModelCamera.Parameters.Append cmdNewModelCamera.CreateParameter("@notes", 200, 1, 500, cameraNewmodelnotes)
cmdNewModelCamera.Parameters.Append cmdNewModelCamera.CreateParameter("@documentationpath", 200, 1, 500, cameraNewmodeldocpath)
On Error Resume Next
cmdNewModelCamera.Execute
If Err.Number <> 0 Then
Response.Write("Error creating model: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdNewModelCamera = Nothing
objConn.Close
Response.End
End If
' Get newly created model ID
Dim rsNewModelCamera
Set rsNewModelCamera = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
cameraModelid = rsNewModelCamera("newid")
rsNewModelCamera.Close
Set rsNewModelCamera = Nothing
Set cmdNewModelCamera = Nothing
On Error Goto 0
' Handle NULL modelid
ElseIf cameraModelid = "" Or Not IsNumeric(cameraModelid) Then
cameraModelid = "NULL"
Else
cameraModelid = CLng(cameraModelid)
End If
' Validate lengths
If Len(cameraSerial) > 100 Or Len(cameraMac) > 17 Or Len(cameraIP) > 45 Then
Response.Write("Error: Field length exceeded
")
Response.Write("Go back")
objConn.Close
Response.End
End If
' Handle NULL camera modelid
Dim cameraModelidValue
If cameraModelid = "NULL" Then
cameraModelidValue = Null
Else
cameraModelidValue = CLng(cameraModelid)
End If
If deviceId = "0" Then
' INSERT using parameterized query
strSQL = "INSERT INTO cameras (cameraname, modelid, idfid, serialnumber, macaddress, ipaddress, description, maptop, mapleft, isactive) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
Set cmdDevice = Server.CreateObject("ADODB.Command")
cmdDevice.ActiveConnection = objConn
cmdDevice.CommandText = strSQL
cmdDevice.CommandType = 1
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@cameraname", 200, 1, 100, deviceName)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@modelid", 3, 1, , cameraModelidValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@idfid", 3, 1, , CLng(cameraIdfid))
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@serialnumber", 200, 1, 100, cameraSerial)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@macaddress", 200, 1, 17, cameraMac)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@ipaddress", 200, 1, 45, cameraIP)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@description", 200, 1, 255, description)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@maptop", 3, 1, , maptopValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@mapleft", 3, 1, , mapleftValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@isactive", 3, 1, , CInt(isactiveForm))
On Error Resume Next
cmdDevice.Execute
If Err.Number <> 0 Then
Response.Write("Error saving camera: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdDevice = Nothing
objConn.Close
Response.End
End If
Set cmdDevice = Nothing
On Error Goto 0
Else
' UPDATE using parameterized query
strSQL = "UPDATE cameras SET cameraname = ?, modelid = ?, idfid = ?, serialnumber = ?, macaddress = ?, ipaddress = ?, description = ?, maptop = ?, mapleft = ?, isactive = ? WHERE cameraid = ?"
Set cmdDevice = Server.CreateObject("ADODB.Command")
cmdDevice.ActiveConnection = objConn
cmdDevice.CommandText = strSQL
cmdDevice.CommandType = 1
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@cameraname", 200, 1, 100, deviceName)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@modelid", 3, 1, , cameraModelidValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@idfid", 3, 1, , CLng(cameraIdfid))
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@serialnumber", 200, 1, 100, cameraSerial)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@macaddress", 200, 1, 17, cameraMac)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@ipaddress", 200, 1, 45, cameraIP)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@description", 200, 1, 255, description)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@maptop", 3, 1, , maptopValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@mapleft", 3, 1, , mapleftValue)
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@isactive", 3, 1, , CInt(isactiveForm))
cmdDevice.Parameters.Append cmdDevice.CreateParameter("@cameraid", 3, 1, , CLng(deviceId))
On Error Resume Next
cmdDevice.Execute
If Err.Number <> 0 Then
Response.Write("Error updating camera: " & Server.HTMLEncode(Err.Description) & "
")
Response.Write("Go back")
Set cmdDevice = Nothing
objConn.Close
Response.End
End If
Set cmdDevice = Nothing
On Error Goto 0
End If
End If
' Success - redirect to list
objConn.Close
Response.Redirect(redirectUrl)
%>