<%@ LANGUAGE="VBScript" %> <% ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' System : StoreFront 2000 Version 4.04.0 ' Date : 1.6.2000 ' Author : LaGarde, Incorporated ' Description : StoreFront Add Product Routines ' Notes : There are no configurable elements in this file. ' ' COPYRIGHT NOTICE ' ' The contents of this file is protected under the United States ' copyright laws as an unpublished work, and is confidential and ' proprietary to LaGarde, Incorporated. Its use or disclosure in ' whole or in part without the expressed written permission of ' LaGarde, Incorporated is expressely prohibited. ' ' (c) Copyright 1998 by LaGarde, Incorporated. All rights reserved. ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' %> <% If Request.ServerVariables("HTTP_COOKIE") = "" Then Response.Redirect "error.htm" End If DSN_Name = Session("DSN_Name") Set Connection = Server.CreateObject("ADODB.Connection") Connection.Open DSN_Name session.LCID = Session("LCID") If Request("ORDER_FLAG") = "1" Then SQL = "SELECT GRAND_TOTAL from customer WHERE " _ & " CUSTOMER_ID = " & Session("ORDER_ID") & "" Set RSOrderCheck = Connection.Execute(SQL) If FormatCurrency(RSOrderCheck("GRAND_TOTAL")) > FormatCurrency("0") Then Set RSOrderCheck = nothing Connection.Close Set Connection = nothing Response.Redirect "order_complete.asp" End If If Request("Quantity") = "" OR Request("Quantity") is nothing Then Quantity = Server.URLEncode("
There was no quantity specified for your order
Please enter a quantity for the desired item.
") Description = Server.URLEncode(" ") Message = Server.URLEncode(" ") Alert = 1 ElseIf InStr(Request("Quantity"),"-") > 0 OR InStr(Request("Quantity"),".") > 0 Then Quantity = Server.URLEncode("
Please enter only whole, ") Quantity = Quantity & Server.URLEncode("positive numbers for the
") Quantity = Quantity & Server.URLEncode("order quantity
") Description = Server.URLEncode(" ") Message = Server.URLEncode(" ") Alert = 1 ElseIf Not IsNumeric(Request("QUANTITY")) Then Quantity = Server.URLEncode("
Please enter only whole, ") Quantity = Quantity & Server.URLEncode("positive numbers for the
") Quantity = Quantity & Server.URLEncode("order quantity
") Description = Server.URLEncode(" ") Message = Server.URLEncode(" ") Alert = 1 Else For Each element In Request.Form If InStr(element,"PRODUCT_ID") Then PROD_NAME = element End If Next PRODUCT_ID = Request(""&PROD_NAME&"") SQL = " SELECT PRICE, WEIGHT, SHIP, DESCRIPTION, MESSAGE FROM PRODUCT WHERE " _ & " PRODUCT_ID = '" & PRODUCT_ID & "' " Set RSOrder = Connection.Execute(SQL) IF RSOrder.BOF OR RSOrder.EOF Then SQL = "SELECT PRIMARY_EMAIL from admin" Set RSAdmin = Connection.Execute(SQL) MailTo = "mailto:"&RSAdmin("PRIMARY_EMAIL") Set RSAdmin = nothing Set RSOrder = nothing Quantity = Server.URLEncode("
This item was not currently available from ") Quantity = Quantity & Server.URLEncode("inventory.
Please contact the ") Quantity = Quantity & Server.URLEncode("
merchant
for ") Quantity = Quantity & Server.URLEncode("further information.
") Description = Server.URLEncode(" ") Message = Server.URLEncode(" ") Alert = 1 Else MESSAGE = RSOrder("MESSAGE") DESCRIPTION = RSOrder("DESCRIPTION") WEIGHT = RSOrder("WEIGHT") SHIP = CCur(RSOrder("SHIP")) ProdPrice = FormatCurrency(RSOrder("Price")) Set RSOrder = nothing ExtPrice =((FormatCurrency(ProdPrice)*Request("Quantity"))) ExtWeight = ((WEIGHT)*Request("Quantity")) ExtShip = (FormatCurrency(SHIP)*Request("QUANTITY")) AttA = Trim(Replace(Request("AttributeA"),"'","''")) AttB = Trim(Replace(Request("AttributeB"),"'","''")) AttC = Trim(Replace(Request("AttributeC"),"'","''")) If AttA <> "" Then ATTResponse = AttA End If If AttB <> "" Then ATTResponse = AttResponse&", "&AttB End If If AttC <> "" Then ATTResponse = AttResponse&", "&AttC End If ATTResponse = Server.URLEncode(ATTResponse&" ") '***********************************************************8 SQL = "SELECT * FROM orders WHERE (PRODUCT_ID = '" & PRODUCT_ID & "' AND"_ &" ORDER_ID = " & Session("ORDER_ID") & ""_ &" AND ATTRIBUTEA = '"& AttA & "' AND ATTRIBUTEB = '"& AttB &"' AND" _ &" ATTRIBUTEC = '"& AttC &"')" Set RSOrdChk = Connection.Execute(SQL) If (RSOrdChk.BOF AND RSOrdChk.EOF) Then SQL = "INSERT INTO ORDERS(ORDER_ID, PRODUCT_ID," _ & " DESCRIPTION, ATTRIBUTEA, ATTRIBUTEB, ATTRIBUTEC, QUANTITY, WEIGHT, SHIP, PRICE, TOTAL) " _ & " VALUES(" & Session("ORDER_ID") & "," _ & " '" & PRODUCT_ID & "', '" & Replace(DESCRIPTION,"'","''") & "'," _ & " '" & AttA & "', '" & AttB & "', '" & AttC & "', "_ & " " & Request("Quantity") & "," _ & " '" & ExtWeight & "', '" & FormatCurrency(ExtShip) & "', " _ & " '" & ProdPrice & "'," _ & " '" & FormatCurrency(ExtPrice) & "')" Set RSAddProd = Connection.Execute(SQL) ElseIf ((Trim(RSOrdChk("ATTRIBUTEA")) <> AttA) OR (Trim(RSOrdChk("ATTRIBUTEB")) <> AttB) OR (Trim(RSOrdChk("ATTRIBUTEC")) <> AttC)) Then SQL = "INSERT INTO ORDERS(ORDER_ID, PRODUCT_ID," _ & " DESCRIPTION, ATTRIBUTEA, ATTRIBUTEB, ATTRIBUTEC, QUANTITY, WEIGHT, SHIP, PRICE, TOTAL) " _ & " VALUES(" & Session("ORDER_ID") & "," _ & " '" & PRODUCT_ID & "', '" & Replace(DESCRIPTION,"'","''") & "'," _ & " '" & AttA & "', '" & AttB & "', '" & AttC & "', "_ & " " & Request("Quantity") & "," _ & " '" & ValAmt(ExtWeight) & "', '" & ValAmt(ExtShip) & "', " _ & " '" & ProdPrice & "'," _ & " '" & ValAmt(ExtPrice) & "')" Set RSAddProd = Connection.Execute(SQL) ElseIf ((Trim(RSOrdChk("ATTRIBUTEA")) = AttA and Trim(RSOrdChk("ATTRIBUTEB")) = AttB and Trim(RSOrdChk("ATTRIBUTEC")) = AttC) AND RSOrdChk("PRODUCT_ID") = PRODUCT_ID) Then SQL = "SELECT Sum(QUANTITY) AS OrdQuan, Sum(TOTAL) AS OrdTotal, Sum(WEIGHT) AS OrdWt, Sum(SHIP) As OrdShip FROM orders " _ & "WHERE (PRODUCT_ID = '" & PRODUCT_ID & "' AND ORDER_ID = " & Session("ORDER_ID") & " "_ &" AND ATTRIBUTEA = '"& AttA & "' AND ATTRIBUTEB = '"& AttB &"' AND ATTRIBUTEC = '"& AttC &"')" Set RSOrdUpdt = Connection.Execute(SQL) UpdtQnty = ((RSOrdUpdt("OrdQuan"))+(Request("Quantity"))) UpdtExtPrice = ((RSOrdUpdt("OrdTotal"))+(ExtPrice)) UpdExtWeight = RSOrdUpdt("OrdWt")+ExtWeight UpdExtShip = RSOrdUpdt("OrdShip")+ExtShip SQL = "UPDATE orders SET QUANTITY = '" & UpdtQnty & "', PRICE = '" & ProdPrice & "', TOTAL = '" & UpdtExtPrice & "',"_ & " WEIGHT = '" & UpdExtWeight & "', SHIP = '" & ValAmt(UpdExtShip) & "' WHERE (PRODUCT_ID = '" & PRODUCT_ID & "' AND ORDER_ID = " & Session("ORDER_ID") & " "_ &" AND ATTRIBUTEA = '"& AttA & "' AND ATTRIBUTEB = '"& AttB &"' AND ATTRIBUTEC = '"& AttC &"')" Set RSUpdtProd = Connection.Execute(SQL) Set RSOrdChk = nothing Set RSOrdUpdt = nothing End If '***********************************************************8 Quantity = Request("Quantity") Alert = 0 If IsNull(DESCRIPTION) Then Description = "" Else Description = Server.URLEncode(DESCRIPTION) End If If IsNull(MESSAGE) Then Message = "" Else Message = Server.URLEncode(MESSAGE) End If End If Order_Flag = 1 End If SndPage = Request.ServerVariables("HTTP_REFERER") If InStr(SndPage, "?")>0 Then SndPage = Left(SndPage, InStr(SndPage, "?") - 1) End If ChkPath = "http://"&Request.ServerVariables("SERVER_NAME")&"/" If SndPage = ChkPath Then SndPage = "http://"&Request.ServerVariables("SERVER_NAME")&"/default.asp" End If SRCH_DESCRIPTION = Server.URLEncode(Request("SRCH_DESCRIPTION")) SRCH_MANUFACTURER = Server.URLEncode(Request("SRCH_MANUFACTURER")) SRCH_ID = Server.URLEncode(Request("SRCH_ID")) SRCH_CATEGORY = Server.URLEncode(Request("SRCH_CATEGORY")) RowCount = Server.URLEncode(Request("RowCount")) Order_Flag = 1 PageNo = Request("PageNo") ReturnPg = SndPage&"?Order_Flag="&Order_Flag&"&Quantity="&Quantity&"&Description="&ATTResponse&Description&"&Message="&Message&"&Alert="&Alert&"&SRCH_DESCRIPTION="&SRCH_DESCRIPTION&"&SRCH_MANUFACTURER="&SRCH_MANUFACTURER&"&SRCH_ID="&SRCH_ID&"&SRCH_CATEGORY="&SRCH_CATEGORY&"&PageNo="&PageNo&"&RowCount="&RowCount Connection.Close Set Connection = Nothing Response.Redirect ReturnPg End If %>
Click Here->
Foot Patch order form 800.639.8796
