Having a problem with trying to adapt a shopping cart that I want to use just for a project demonstration, I realise that this cart system would probably not be too secure in a commercial environment but it has nearly all the elements that I need for the demonstration purpose. Basically everything works okay without being a registered customer. If you browse through the catalogue of products, choose what you want to buy and then click the checkout button - this links to a customer registration form (customer.asp) which when filled out adds the new customer details (through addcustomer.asp) into the customers table in an Access database it then redirects to checkout.asp which automatically includes the customer details and provides a form to input credit cards. I have added a login username and password to the shopping cart which works in logging the user in. My problem is that when the user is logged in and goes to checkout after choosing some items they get the error message saying that their details can not be found. I have included the three main scripts mentioned above, I have also incuded a login.asp page similar to the one I used to getting the login to work for this project. If I were to include Session("customerid") in the login.asp page would that solve the problem ? I am a bit confused as to why the word "customerid" is used in the Sessions when custID is the name of the field in the Customer table in the database, I am also quite new to ASP as you will no doubt have gathered! A working demo of the shopping cart up to the point were I added the login can be viewed at
Thanks in advance of any replies
------------- Customer.asp--------------------------
<%
scartItem = Session("cartItem")
if scartItem = 0 then
response.redirect "error.asp?msg=" & server.urlencode("Please add items to your shopping cart before checking out.")
end if
Dim msg
msg = Request.QueryString("msg")
%>
<HTML>
<HEAD>
<title>Customer information</title>
<SCRIPT LANGUAGE=javascript>
function validate(theForm){
if (theForm.fname.value == "" || theForm.fname.value.length < 2){
alert("Please fill in your first name.");
theForm.fname.focus();
return false;
}
if (theForm.lname.value == "" || theForm.lname.value.length < 2){
alert("Please fill in your last name.");
theForm.lname.focus();
return false;
}
if (theForm.email.value == "" || theForm.email.value.indexOf('@',1)== -1 || theForm.email.value.indexOf('.',2)==-1){
alert("Please fill in your email address.");
theForm.email.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="stylesheet" type="text/css" href="eposter.css">
</HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="Eposter" width="187" height="36">
<% if msg = "" Then %>
<br><font face="Arial">Please fill in the following information:</font></h3>
<% else %>
<br><font face="Arial">Information supplied is not correct. <%= msg %></font></h3>
<%end if %>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<form method="POST" action="addcustomer.asp" onsubmit="return validate(this);" name="fcustomer">
<TABLE border=0 cellPadding=5 cellSpacing=2 width=100% height="510">
<TR>
<TD align="right" height="1"><font face="Arial" size="2"><b>First name:</b></font></TD>
<TD bgcolor="#FFCC99" height="1">
<font face="Arial" size="2">
<INPUT name=fname size="26" value="<%= Session("fname") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Last name:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=lname size="26" value="<%= Session("lname") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>E-mail:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=email style="HEIGHT: 22px; WIDTH: 238px" size="34" value="<%= Session("email") %>"></font></TD></TR>
<TR>
<TD vAlign=top align="right" height="48"><font face="Arial" size="2"><b>Address:</b></font></TD>
<TD bgcolor="#FFCC99" height="48">
<INPUT name=address value="<%= Session("address") %>" style="HEIGHT: 22px; WIDTH: 215px" size="37"><BR>
<INPUT name=address2 value="<%= Session("address2") %>" style="HEIGHT: 22px; WIDTH: 214px" size="37"></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Town:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=town size="20" value="<%= Session("town") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Zip code:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<INPUT name=zip size="20" value="<%= Session("zip") %>"></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>State:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=state size="20" value="<%= Session("state") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Country:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=country value="<%= Session("country") %>" style="HEIGHT: 22px; WIDTH: 218px" size="30"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Telephone:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=phone size="20" value="<%= Session("phone") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Fax:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=fax size="20" value="<%= Session("fax") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"></TD>
<TD bgcolor="#FFCC99" height="25">
<input type="submit" name="Submit" value="Continue"></TR>
</TABLE>
</form>
</td>
</tr>
</table>
</BODY>
</HTML>
-------------------------------addCustomer.asp ----------------------------
<%
Response.Buffer = true
%>
<!-- #include file="db.asp" -->
<!-- #include file="functions.asp" -->
<%
For Each key in Request.Form
strname = key
strvalue = Request.Form(key)
Session(strname) = strvalue
Next
fname = Request.Form("fname")
lname = Request.Form("lname")
email = Request.Form("email")
address = Request.Form("address")
town = Request.Form("town")
zip = Request.Form("zip")
country = Request.Form("country")
phone = Request.Form("phone")
If fname = "" OR len(fname) <2 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your first name.")
Elseif lname = "" OR len(lname) <2 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your last name.")
Elseif email = "" OR len(email) <8 OR (instr(1,email,"@")=-1) then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your e-mail address in this format: name@urlogy.com.")
Elseif address = "" OR len(address) <=7 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your address.")
Elseif town = "" OR len(town) <=2 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your town or city.")
Elseif zip = "" OR len(zip) <=3 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your zip (postal) code.")
Elseif country = "" OR len(country) <=3 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your country name.")
Elseif phone = "" OR len(phone) <=4 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your phone number.")
Else
'build SQL statement to insert new customer in DB
sqlAdd = "INSERT INTO customers(cfirstname,clastname,cemail,caddress"
If Request.Form("address2") <> "" Then
sqlAdd = sqlAdd & ",caddress2"
end if
sqlAdd = sqlAdd & ",ctown,czip"
If Request.Form("state") <> "" Then
sqlAdd = sqlAdd & ",cstate"
End if
sqlAdd = sqlAdd & ",ccountry,cphone"
If Request.Form("fax") <> "" Then
sqlAdd = sqlAdd & ",cfax"
End if
sqlAdd = sqlAdd & ") VALUES("
sqlAdd = sqlAdd & "'" & TwoSingleQ(fname) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(lname) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(email) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(address) & "'"
If Request.Form("address2") <> "" Then
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("address2")) & "'"
end if
sqlAdd = sqlAdd & ",'" & TwoSingleQ(town) & "'"
sqlAdd = sqlAdd & ",'" & zip & "'"
If Request.Form("state") <> "" Then
sqlAdd = sqlAdd & ",'" & Request.Form("state") & "'"
End if
sqlAdd = sqlAdd & ",'" & country & "'"
sqlAdd = sqlAdd & ",'" & phone & "'"
If Request.Form("fax") <> "" Then
sqlAdd = sqlAdd & ",'" & Request.Form("fax") & "'"
End If
sqlAdd = sqlAdd & ")"
'Response.Write sqlAdd
'Response.End
call openConn()
dbc.execute sqlAdd, intAffected
if intAffected = 1 then
sql = "SELECT max(custID) from customers"
set rs = dbc.Execute(sql)
CustomID = rs(0)
call closeConn()
Session("customerid") = CustomID
Response.Redirect "checkout.asp"
else
call closeConn()
Response.Redirect "error.asp?msg=" & server.URLEncode("Could not send customer information to database. Please try again later.")
end if
End If
%>
-----------------------------Checkout.asp-----------------------------
<!-- #include file="db.asp" -->
<%
If Session("customerid") = "" Then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("We did not find your information, please fill the needed information again.")
End If
scartItem = Session("cartItem")
arrCart = Session("MyCart")
msg = Request.QueryString ("msg")
if scartItem = 0 then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Your cart is empty: cannot check out.")
end if
sqlCustomer = "SELECT * FROM customers WHERE custID = " & CInt(Session("customerid"))
call openConn()
Set rs = Server.CreateObject ("adodb.Recordset")
rs.Open sqlCustomer, dbc, adOpenForwardOnly, adLockReadOnly, adCmdText
If rs.EOF then
Response.Redirect "customer.asp?msg=" & Server.URLEncode("Please fill in your information again.")
End If
'procedure builds Cart contents table - isubTotal is the return value for the total
sub showCartOut(isubTotal)
'double quote character
q = chr(34)
strHTML = strHTML & "<table border=0 cellPadding=3 cellSpacing=2 width="&q&"100%"&q&">"
strHTML = strHTML & "<tr bgColor=darkblue>"
strHTML = strHTML & "<td><FONT color=white>Product code</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Product name</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Quantity</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Unit Price</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Total</FONT></td></tr>"
isubtotal = 0
For i = 1 to scartItem
strHTML = strHTML & "<tr bgColor=navajowhite>"
strHTML = strHTML & "<td><input name=selected"& Cstr(i)&" type=checkbox value="&q&"yes"&q&" checked>" & arrCart(cProductCode,i) &"</td>"
strHTML = strHTML & "<td>" & arrCart(cProductname,i) & "</td>"
strHTML = strHTML & "<td><input type="&q&"text"&q&" name="&q & "quantity" & CStr(i) & q &" value="&q & arrCart(cQuantity,i) &q&"></td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i),2) & "</td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i) * arrCart(cQuantity,i),2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + (arrCart(cUnitPrice,i) * arrCart(cQuantity,i))
Next
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Sub-total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
inttax = isubtotal * Application("taxP")
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Taxes</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(inttax,2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + inttax
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
strHTML = strHTML & "</table>"
response.write strHTML
end sub
%>
<HTML>
<HEAD>
<TITLE>Checkout - Final step in your ordering process</TITLE>
<SCRIPT LANGUAGE=javascript>
<!--
// Client script validates form field entries for credit card
function validate(theForm){
if (theForm.cardname.value == "" || theForm.cardname.value.length < 2){
alert("Please fill in the name found on your credit card.");
theForm.cardname.focus();
return false;
}
if (theForm.cardno.value == "" || theForm.cardno.value.length < 15 || theForm.cardno.value == "0000-0000-0000-0000"){
alert("Please fill in the card number in this format: 0000-0000-0000-0000.");
theForm.cardno.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="stylesheet" type="text/css" href="eposter.css">
</HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="eplogo.gif (2683 bytes)" width="187" height="36">
<% If msg <> "" Then %>
<br><font face="Arial">Error. <%= msg %></font></h3>
<% else %>
<br><font face="Arial">Completing your order</font></h3>
<% end if %>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<P><FORM action="process.asp" method=post name="cform" onSubmit="return validate(cform)">
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD bgColor=darkblue><FONT color=white
face="" style="BACKGROUND-COLOR: #00008b"><STRONG>Customer
information</STRONG></FONT> </TD>
</TR>
<TD><STRONG>Customer ID:</STRONG> <%= rs("custid")%><br>
<STRONG>Name:</STRONG> <%= rs("cfirstname")& " " & rs("clastname") %><br>
<STRONG>Address:</STRONG> <%= rs("caddress") %>
<% If Not IsEmpty(rs("caddress2")) Then
Response.Write (rs("caddress2"))
End If
%>
<br>
<STRONG></STRONG> <%= rs("ctown") %><br>
<STRONG>State:</STRONG> <%= rs("cstate") %><br>
<STRONG>Zip:</STRONG> <%= rs("czip") %><br>
<STRONG>Country:</STRONG> <%= rs("ccountry") %>
</TD>
</TR>
</table>
<p><hr>
<%
rs.close
set rs = nothing
call closeConn()
%>
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD colspan=2 bgColor=darkblue><FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Shipping information (if different from customer information)</STRONG></FONT> </TD>
</TR>
<TR>
<TD>Name:</TD>
<TD>
<INPUT type="text" name=shipname></TD></TR>
<TR>
<TD>Address:</TD>
<TD>
<INPUT type="text" name=shipaddress style="HEIGHT: 22px; WIDTH: 265px"></TD></TR>
<TR>
<TD>Town:</TD>
<TD>
<INPUT type="text" name="shiptown"></TD></TR>
<TR>
<TD>Zip code:</TD>
<TD>
<INPUT type="text" name="shipzip">
</TD></TR>
<TR>
<TD>State:</TD>
<TD>
<INPUT type="text" name=shipstate></TD></TR>
<TR>
<TD>Country:</TD>
<TD>
<INPUT name="shipcountry" style="HEIGHT: 22px; WIDTH: 135px"></TD></TR>
<TR>
<TD colspan=2 bgColor=darkblue>
<FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Payment information</STRONG></FONT>
</TD>
</TR>
<TR>
<TD>Payment:</TD>
<TD><SELECT id=select1 name=paymentm>
<OPTION selected value=Visa>Visa
<OPTION value="American Express">American Express
<OPTION value=Mastercard>Mastercard
<OPTION value=dinersclub>Diner's Club</SELECT></TD></TR>
<TR>
<TD>Card name:</TD>
<TD>
<INPUT type=text name="cardname" value="<%= Session("cardname")%>"></TD></TR>
<TR>
<TD>Card no.:</TD>
<TD>
<INPUT type=text maxLength=16 name="cardno" value="<%= Session("cardno")%>"></TD></TR>
<TR>
<TD>Expiration date:</TD>
<TD>
<select name="expMonth">
<%
sMonth = session("expMonth")
if sMonth <> "" then
response.write "<option value="&sMonth &">"&sMonth &"</option>"
end if
%>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>
<select name="expYear">
<%
sYear = session("expYear")
if sYear <> "" then
response.write "<option value="& sYear &">"& sYear &"</option>"
end if
%>
<option value="2000">2000</option>
<option value="2001">2001</option>
<option value="2002">2002</option>
<option value="2003">2003</option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
</select>
</TD></TR>
<TR>
<TD>Card address (if different from your address):</TD>
<TD>
<INPUT type="text" name=cardaddress value="<%= Session("cardaddress")%>"></TD>
</TR>
</TABLE>
<hr>
</P>
<%
call showCartOut(intTotal)
%>
<INPUT type="hidden" name="ordertotal" value="<%= intTotal%>">
<P><INPUT name="action" type=submit value="Order now!">
<INPUT type="button" onClick="window.location='default.asp?end=1'" value="Cancel order" name="cancel">
</FORM>
</td>
</tr>
</table>
</BODY>
</HTML>
--------------------------------- Login.asp -----------------------------------
<%
dim conn, rs
Set conn = Server.CreateObject("ADODB.Connection")
Set rs = Server.CreateObject("ADODB.Recordset")
conn.open "Provider=Microsoft.JEt.OLEDB.4.0;Data Source=Z:\shopping\scart.mdb;Persist Security Info=False"
sql = "SELECT UserName, FName, Password FROM [tblMember]"
rs.Open sql, conn, 3, 3
Dim strFName, strPassword
strFName = Trim(Request.Form("txtName"))
strPassword = Trim(Request.Form("txtPassword"))
If LCase(strFName) = "guest" Then
session("logintime") = time
session("logindate") = date
Response.Redirect "main.asp"
Else
rs.Find = "UserName = '" & strFName & "'"
If rs.EOF then
Response.Redirect "Login.asp?Error=Username not found"
Else
If strPassword = rs("Password") Then
session("FName") = rs("FName")
session("logintime") = time
session("logindate") = date
Response.Redirect "main.asp"
Else
Response.Redirect "Login.asp?Error=Invalid Password"
End If
End If
End If
%>
Thanks in advance of any replies
------------- Customer.asp--------------------------
<%
scartItem = Session("cartItem")
if scartItem = 0 then
response.redirect "error.asp?msg=" & server.urlencode("Please add items to your shopping cart before checking out.")
end if
Dim msg
msg = Request.QueryString("msg")
%>
<HTML>
<HEAD>
<title>Customer information</title>
<SCRIPT LANGUAGE=javascript>
function validate(theForm){
if (theForm.fname.value == "" || theForm.fname.value.length < 2){
alert("Please fill in your first name.");
theForm.fname.focus();
return false;
}
if (theForm.lname.value == "" || theForm.lname.value.length < 2){
alert("Please fill in your last name.");
theForm.lname.focus();
return false;
}
if (theForm.email.value == "" || theForm.email.value.indexOf('@',1)== -1 || theForm.email.value.indexOf('.',2)==-1){
alert("Please fill in your email address.");
theForm.email.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="stylesheet" type="text/css" href="eposter.css">
</HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="Eposter" width="187" height="36">
<% if msg = "" Then %>
<br><font face="Arial">Please fill in the following information:</font></h3>
<% else %>
<br><font face="Arial">Information supplied is not correct. <%= msg %></font></h3>
<%end if %>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<form method="POST" action="addcustomer.asp" onsubmit="return validate(this);" name="fcustomer">
<TABLE border=0 cellPadding=5 cellSpacing=2 width=100% height="510">
<TR>
<TD align="right" height="1"><font face="Arial" size="2"><b>First name:</b></font></TD>
<TD bgcolor="#FFCC99" height="1">
<font face="Arial" size="2">
<INPUT name=fname size="26" value="<%= Session("fname") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Last name:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=lname size="26" value="<%= Session("lname") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>E-mail:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=email style="HEIGHT: 22px; WIDTH: 238px" size="34" value="<%= Session("email") %>"></font></TD></TR>
<TR>
<TD vAlign=top align="right" height="48"><font face="Arial" size="2"><b>Address:</b></font></TD>
<TD bgcolor="#FFCC99" height="48">
<INPUT name=address value="<%= Session("address") %>" style="HEIGHT: 22px; WIDTH: 215px" size="37"><BR>
<INPUT name=address2 value="<%= Session("address2") %>" style="HEIGHT: 22px; WIDTH: 214px" size="37"></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Town:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=town size="20" value="<%= Session("town") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Zip code:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<INPUT name=zip size="20" value="<%= Session("zip") %>"></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>State:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=state size="20" value="<%= Session("state") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Country:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=country value="<%= Session("country") %>" style="HEIGHT: 22px; WIDTH: 218px" size="30"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Telephone:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=phone size="20" value="<%= Session("phone") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"><font face="Arial" size="2"><b>Fax:</b></font></TD>
<TD bgcolor="#FFCC99" height="25">
<font face="Arial" size="2">
<INPUT name=fax size="20" value="<%= Session("fax") %>"></font></TD></TR>
<TR>
<TD align="right" height="25"></TD>
<TD bgcolor="#FFCC99" height="25">
<input type="submit" name="Submit" value="Continue"></TR>
</TABLE>
</form>
</td>
</tr>
</table>
</BODY>
</HTML>
-------------------------------addCustomer.asp ----------------------------
<%
Response.Buffer = true
%>
<!-- #include file="db.asp" -->
<!-- #include file="functions.asp" -->
<%
For Each key in Request.Form
strname = key
strvalue = Request.Form(key)
Session(strname) = strvalue
Next
fname = Request.Form("fname")
lname = Request.Form("lname")
email = Request.Form("email")
address = Request.Form("address")
town = Request.Form("town")
zip = Request.Form("zip")
country = Request.Form("country")
phone = Request.Form("phone")
If fname = "" OR len(fname) <2 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your first name.")
Elseif lname = "" OR len(lname) <2 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your last name.")
Elseif email = "" OR len(email) <8 OR (instr(1,email,"@")=-1) then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your e-mail address in this format: name@urlogy.com.")
Elseif address = "" OR len(address) <=7 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your address.")
Elseif town = "" OR len(town) <=2 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your town or city.")
Elseif zip = "" OR len(zip) <=3 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your zip (postal) code.")
Elseif country = "" OR len(country) <=3 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your country name.")
Elseif phone = "" OR len(phone) <=4 then
Response.Redirect "customer.asp?msg=" & Server.URLEncode ("Please fill in your phone number.")
Else
'build SQL statement to insert new customer in DB
sqlAdd = "INSERT INTO customers(cfirstname,clastname,cemail,caddress"
If Request.Form("address2") <> "" Then
sqlAdd = sqlAdd & ",caddress2"
end if
sqlAdd = sqlAdd & ",ctown,czip"
If Request.Form("state") <> "" Then
sqlAdd = sqlAdd & ",cstate"
End if
sqlAdd = sqlAdd & ",ccountry,cphone"
If Request.Form("fax") <> "" Then
sqlAdd = sqlAdd & ",cfax"
End if
sqlAdd = sqlAdd & ") VALUES("
sqlAdd = sqlAdd & "'" & TwoSingleQ(fname) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(lname) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(email) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(address) & "'"
If Request.Form("address2") <> "" Then
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("address2")) & "'"
end if
sqlAdd = sqlAdd & ",'" & TwoSingleQ(town) & "'"
sqlAdd = sqlAdd & ",'" & zip & "'"
If Request.Form("state") <> "" Then
sqlAdd = sqlAdd & ",'" & Request.Form("state") & "'"
End if
sqlAdd = sqlAdd & ",'" & country & "'"
sqlAdd = sqlAdd & ",'" & phone & "'"
If Request.Form("fax") <> "" Then
sqlAdd = sqlAdd & ",'" & Request.Form("fax") & "'"
End If
sqlAdd = sqlAdd & ")"
'Response.Write sqlAdd
'Response.End
call openConn()
dbc.execute sqlAdd, intAffected
if intAffected = 1 then
sql = "SELECT max(custID) from customers"
set rs = dbc.Execute(sql)
CustomID = rs(0)
call closeConn()
Session("customerid") = CustomID
Response.Redirect "checkout.asp"
else
call closeConn()
Response.Redirect "error.asp?msg=" & server.URLEncode("Could not send customer information to database. Please try again later.")
end if
End If
%>
-----------------------------Checkout.asp-----------------------------
<!-- #include file="db.asp" -->
<%
If Session("customerid") = "" Then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("We did not find your information, please fill the needed information again.")
End If
scartItem = Session("cartItem")
arrCart = Session("MyCart")
msg = Request.QueryString ("msg")
if scartItem = 0 then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Your cart is empty: cannot check out.")
end if
sqlCustomer = "SELECT * FROM customers WHERE custID = " & CInt(Session("customerid"))
call openConn()
Set rs = Server.CreateObject ("adodb.Recordset")
rs.Open sqlCustomer, dbc, adOpenForwardOnly, adLockReadOnly, adCmdText
If rs.EOF then
Response.Redirect "customer.asp?msg=" & Server.URLEncode("Please fill in your information again.")
End If
'procedure builds Cart contents table - isubTotal is the return value for the total
sub showCartOut(isubTotal)
'double quote character
q = chr(34)
strHTML = strHTML & "<table border=0 cellPadding=3 cellSpacing=2 width="&q&"100%"&q&">"
strHTML = strHTML & "<tr bgColor=darkblue>"
strHTML = strHTML & "<td><FONT color=white>Product code</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Product name</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Quantity</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Unit Price</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Total</FONT></td></tr>"
isubtotal = 0
For i = 1 to scartItem
strHTML = strHTML & "<tr bgColor=navajowhite>"
strHTML = strHTML & "<td><input name=selected"& Cstr(i)&" type=checkbox value="&q&"yes"&q&" checked>" & arrCart(cProductCode,i) &"</td>"
strHTML = strHTML & "<td>" & arrCart(cProductname,i) & "</td>"
strHTML = strHTML & "<td><input type="&q&"text"&q&" name="&q & "quantity" & CStr(i) & q &" value="&q & arrCart(cQuantity,i) &q&"></td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i),2) & "</td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i) * arrCart(cQuantity,i),2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + (arrCart(cUnitPrice,i) * arrCart(cQuantity,i))
Next
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Sub-total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
inttax = isubtotal * Application("taxP")
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Taxes</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(inttax,2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + inttax
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
strHTML = strHTML & "</table>"
response.write strHTML
end sub
%>
<HTML>
<HEAD>
<TITLE>Checkout - Final step in your ordering process</TITLE>
<SCRIPT LANGUAGE=javascript>
<!--
// Client script validates form field entries for credit card
function validate(theForm){
if (theForm.cardname.value == "" || theForm.cardname.value.length < 2){
alert("Please fill in the name found on your credit card.");
theForm.cardname.focus();
return false;
}
if (theForm.cardno.value == "" || theForm.cardno.value.length < 15 || theForm.cardno.value == "0000-0000-0000-0000"){
alert("Please fill in the card number in this format: 0000-0000-0000-0000.");
theForm.cardno.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="stylesheet" type="text/css" href="eposter.css">
</HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="eplogo.gif (2683 bytes)" width="187" height="36">
<% If msg <> "" Then %>
<br><font face="Arial">Error. <%= msg %></font></h3>
<% else %>
<br><font face="Arial">Completing your order</font></h3>
<% end if %>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<P><FORM action="process.asp" method=post name="cform" onSubmit="return validate(cform)">
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD bgColor=darkblue><FONT color=white
face="" style="BACKGROUND-COLOR: #00008b"><STRONG>Customer
information</STRONG></FONT> </TD>
</TR>
<TD><STRONG>Customer ID:</STRONG> <%= rs("custid")%><br>
<STRONG>Name:</STRONG> <%= rs("cfirstname")& " " & rs("clastname") %><br>
<STRONG>Address:</STRONG> <%= rs("caddress") %>
<% If Not IsEmpty(rs("caddress2")) Then
Response.Write (rs("caddress2"))
End If
%>
<br>
<STRONG></STRONG> <%= rs("ctown") %><br>
<STRONG>State:</STRONG> <%= rs("cstate") %><br>
<STRONG>Zip:</STRONG> <%= rs("czip") %><br>
<STRONG>Country:</STRONG> <%= rs("ccountry") %>
</TD>
</TR>
</table>
<p><hr>
<%
rs.close
set rs = nothing
call closeConn()
%>
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD colspan=2 bgColor=darkblue><FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Shipping information (if different from customer information)</STRONG></FONT> </TD>
</TR>
<TR>
<TD>Name:</TD>
<TD>
<INPUT type="text" name=shipname></TD></TR>
<TR>
<TD>Address:</TD>
<TD>
<INPUT type="text" name=shipaddress style="HEIGHT: 22px; WIDTH: 265px"></TD></TR>
<TR>
<TD>Town:</TD>
<TD>
<INPUT type="text" name="shiptown"></TD></TR>
<TR>
<TD>Zip code:</TD>
<TD>
<INPUT type="text" name="shipzip">
</TD></TR>
<TR>
<TD>State:</TD>
<TD>
<INPUT type="text" name=shipstate></TD></TR>
<TR>
<TD>Country:</TD>
<TD>
<INPUT name="shipcountry" style="HEIGHT: 22px; WIDTH: 135px"></TD></TR>
<TR>
<TD colspan=2 bgColor=darkblue>
<FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Payment information</STRONG></FONT>
</TD>
</TR>
<TR>
<TD>Payment:</TD>
<TD><SELECT id=select1 name=paymentm>
<OPTION selected value=Visa>Visa
<OPTION value="American Express">American Express
<OPTION value=Mastercard>Mastercard
<OPTION value=dinersclub>Diner's Club</SELECT></TD></TR>
<TR>
<TD>Card name:</TD>
<TD>
<INPUT type=text name="cardname" value="<%= Session("cardname")%>"></TD></TR>
<TR>
<TD>Card no.:</TD>
<TD>
<INPUT type=text maxLength=16 name="cardno" value="<%= Session("cardno")%>"></TD></TR>
<TR>
<TD>Expiration date:</TD>
<TD>
<select name="expMonth">
<%
sMonth = session("expMonth")
if sMonth <> "" then
response.write "<option value="&sMonth &">"&sMonth &"</option>"
end if
%>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>
<select name="expYear">
<%
sYear = session("expYear")
if sYear <> "" then
response.write "<option value="& sYear &">"& sYear &"</option>"
end if
%>
<option value="2000">2000</option>
<option value="2001">2001</option>
<option value="2002">2002</option>
<option value="2003">2003</option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
</select>
</TD></TR>
<TR>
<TD>Card address (if different from your address):</TD>
<TD>
<INPUT type="text" name=cardaddress value="<%= Session("cardaddress")%>"></TD>
</TR>
</TABLE>
<hr>
</P>
<%
call showCartOut(intTotal)
%>
<INPUT type="hidden" name="ordertotal" value="<%= intTotal%>">
<P><INPUT name="action" type=submit value="Order now!">
<INPUT type="button" onClick="window.location='default.asp?end=1'" value="Cancel order" name="cancel">
</FORM>
</td>
</tr>
</table>
</BODY>
</HTML>
--------------------------------- Login.asp -----------------------------------
<%
dim conn, rs
Set conn = Server.CreateObject("ADODB.Connection")
Set rs = Server.CreateObject("ADODB.Recordset")
conn.open "Provider=Microsoft.JEt.OLEDB.4.0;Data Source=Z:\shopping\scart.mdb;Persist Security Info=False"
sql = "SELECT UserName, FName, Password FROM [tblMember]"
rs.Open sql, conn, 3, 3
Dim strFName, strPassword
strFName = Trim(Request.Form("txtName"))
strPassword = Trim(Request.Form("txtPassword"))
If LCase(strFName) = "guest" Then
session("logintime") = time
session("logindate") = date
Response.Redirect "main.asp"
Else
rs.Find = "UserName = '" & strFName & "'"
If rs.EOF then
Response.Redirect "Login.asp?Error=Username not found"
Else
If strPassword = rs("Password") Then
session("FName") = rs("FName")
session("logintime") = time
session("logindate") = date
Response.Redirect "main.asp"
Else
Response.Redirect "Login.asp?Error=Invalid Password"
End If
End If
End If
%>