Hi - I'm having a problem with a shopping cart, I have it working to the point where the checkout script takes the credit card details and then it is supposed to call up the process.asp script and redirect to a thanks page. The process.asp is updating into the database but it doesn't seem to be redirecting to the thanks page.
Any ideas of what I should try to solve this would be very much appreciated.
Thanks in advance
---------Checkout.asp------------------------------------
<!-- #include file="db.asp" -->
<%
If Session("customerid") = "" Then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("We did not find your information, please fill the needed information again.")
End If
scartItem = Session("cartItem")
arrCart = Session("MyCart")
msg = Request.QueryString ("msg")
if scartItem = 0 then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Your cart is empty: cannot check out.")
end if
sqlCustomer = "SELECT * FROM customers WHERE custID = " & CInt(Session("customerid"))
call openConn()
Set rs = Server.CreateObject ("adodb.Recordset")
rs.Open sqlCustomer, dbc, adOpenForwardOnly, adLockReadOnly, adCmdText
If rs.EOF then
Response.Redirect "customer.asp?msg=" & Server.URLEncode("Please fill in your information again.")
End If
'procedure builds Cart contents table - isubTotal is the return value for the total
sub showCartOut(isubTotal)
'double quote character
q = chr(34)
strHTML = strHTML & "<table border=0 cellPadding=3 cellSpacing=2 width="&q&"100%"&q&">"
strHTML = strHTML & "<tr bgColor=darkblue>"
strHTML = strHTML & "<td><FONT color=white>Product code</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Product name</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Quantity</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Unit Price</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Total</FONT></td></tr>"
isubtotal = 0
For i = 1 to scartItem
strHTML = strHTML & "<tr bgColor=navajowhite>"
strHTML = strHTML & "<td><input name=selected"& Cstr(i)&" type=checkbox value="&q&"yes"&q&" checked>" & arrCart(cProductCode,i) &"</td>"
strHTML = strHTML & "<td>" & arrCart(cProductname,i) & "</td>"
strHTML = strHTML & "<td><input type="&q&"text"&q&" name="&q & "quantity" & CStr(i) & q &" value="&q & arrCart(cQuantity,i) &q&"></td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i),2) & "</td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i) * arrCart(cQuantity,i),2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + (arrCart(cUnitPrice,i) * arrCart(cQuantity,i))
Next
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Sub-total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
inttax = isubtotal * Application("taxP")
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Taxes</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(inttax,2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + inttax
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
strHTML = strHTML & "</table>"
response.write strHTML
end sub
%>
<HTML>
<HEAD>
<TITLE>Checkout - Final step in your ordering process</TITLE>
<SCRIPT LANGUAGE=javascript>
<!--
// Client script validates form field entries for credit card
function validate(theForm){
if (theForm.cardname.value == "" || theForm.cardname.value.length < 2){
alert("Please fill in the name found on your credit card.");
theForm.cardname.focus();
return false;
}
if (theForm.cardno.value == "" || theForm.cardno.value.length < 15 || theForm.cardno.value == "0000-0000-0000-0000"){
alert("Please fill in the card number in this format: 0000-0000-0000-0000.");
theForm.cardno.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="stylesheet" type="text/css" href="eposter.css">
</HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="eplogo.gif (2683 bytes)" width="187" height="36">
<% If msg <> "" Then %>
<br><font face="Arial">Error. <%= msg %></font></h3>
<% else %>
<br><font face="Arial">Completing your order</font></h3>
<% end if %>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<P><FORM action="process.asp" method=post name="cform" onSubmit="return validate(cform)">
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD bgColor=darkblue><FONT color=white
face="" style="BACKGROUND-COLOR: #00008b"><STRONG>Customer
information</STRONG></FONT> </TD>
</TR>
<TD><STRONG>Customer ID:</STRONG> <%= rs("custid")%><br>
<STRONG>Name:</STRONG> <%= rs("cfirstname")& " " & rs("clastname") %><br>
<STRONG>Address:</STRONG> <%= rs("caddress") %>
<% If Not IsEmpty(rs("caddress2")) Then
Response.Write (rs("caddress2"))
End If
%>
<br>
<STRONG></STRONG> <%= rs("ctown") %><br>
<STRONG>State:</STRONG> <%= rs("cstate") %><br>
<STRONG>Zip:</STRONG> <%= rs("czip") %><br>
<STRONG>Country:</STRONG> <%= rs("ccountry") %>
</TD>
</TR>
</table>
<p><hr>
<%
rs.close
set rs = nothing
call closeConn()
%>
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD colspan=2 bgColor=darkblue><FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Shipping information (if different from customer information)</STRONG></FONT> </TD>
</TR>
<TR>
<TD>Name:</TD>
<TD>
<INPUT type="text" name=shipname></TD></TR>
<TR>
<TD>Address:</TD>
<TD>
<INPUT type="text" name=shipaddress style="HEIGHT: 22px; WIDTH: 265px"></TD></TR>
<TR>
<TD>Town:</TD>
<TD>
<INPUT type="text" name="shiptown"></TD></TR>
<TR>
<TD>Zip code:</TD>
<TD>
<INPUT type="text" name="shipzip">
</TD></TR>
<TR>
<TD>State:</TD>
<TD>
<INPUT type="text" name=shipstate></TD></TR>
<TR>
<TD>Country:</TD>
<TD>
<INPUT name="shipcountry" style="HEIGHT: 22px; WIDTH: 135px"></TD></TR>
<TR>
<TD colspan=2 bgColor=darkblue>
<FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Payment information</STRONG></FONT>
</TD>
</TR>
<TR>
<TD>Payment:</TD>
<TD><SELECT id=select1 name=paymentm>
<OPTION selected value=Visa>Visa
<OPTION value="American Express">American Express
<OPTION value=Mastercard>Mastercard
<OPTION value=dinersclub>Diner's Club</SELECT></TD></TR>
<TR>
<TD>Card name:</TD>
<TD>
<INPUT type=text name="cardname" value="<%= Session("cardname")%>"></TD></TR>
<TR>
<TD>Card no.:</TD>
<TD>
<INPUT type=text maxLength=16 name="cardno" value="<%= Session("cardno")%>"></TD></TR>
<TR>
<TD>Expiration date:</TD>
<TD>
<select name="expMonth">
<%
sMonth = session("expMonth")
if sMonth <> "" then
response.write "<option value="&sMonth &">"&sMonth &"</option>"
end if
%>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>
<select name="expYear">
<%
sYear = session("expYear")
if sYear <> "" then
response.write "<option value="& sYear &">"& sYear &"</option>"
end if
%>
<option value="2000">2000</option>
<option value="2001">2001</option>
<option value="2002">2002</option>
<option value="2003">2003</option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
</select>
</TD></TR>
<TR>
<TD>Card address (if different from your address):</TD>
<TD>
<INPUT type="text" name=cardaddress value="<%= Session("cardaddress")%>"></TD>
</TR>
</TABLE>
<hr>
</P>
<%
call showCartOut(intTotal)
%>
<INPUT type="hidden" name="ordertotal" value="<%= intTotal%>">
<P><INPUT name="action" type=submit value="Order now!">
<INPUT type="button" onClick="window.location='default.asp?end=1'" value="Cancel order" name="cancel">
</FORM>
</td>
</tr>
</table>
</BODY>
</HTML>
---------------------------------Process.asp---------------------------------
<!-- #include file="db.asp" -->
<!-- #include file="functions.asp" -->
<%
Response.Buffer = true
For Each key in Request.Form
strname = key
strvalue = Request.Form(key)
Session(strname) = strvalue
Next
Dim arrCart, scartItem
arrCart = Session("MyCart")
scartItem = Session("cartItem")
if scartItem = 0 then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Or your session has expired, or you tried to re-submit the form.")
end if
If Request.Form("cardno") = "" OR len(Request.Form("cardno")) <=12 Then
Response.Redirect "checkout.asp?msg=" & Server.URLEncode ("Please fill in a correct credit card number.")
Elseif Request.Form("cardname") = "" OR len(Request.Form("cardname")) <=6 Then
Response.Redirect "checkout.asp?msg=" & Server.URLEncode ("Please fill in a correct credit card name.")
Else
strTotal = Cstr(Request.Form("ordertotal"))
intTotal = Replace(strTotal,",",".")
imonth = Request.Form("expMonth")
iyear = Request.Form("expYear")
'use one of the following date formats: mm/dd/yyyy OR dd/mm/yyyy
'if your server's settings are dd/mm/yyyy, please put a single quote in front of next line
expDate = imonth & "/" & "28" & "/" & iyear
'and remove single quote on next line:
'expDate = "28" & "/" & imonth & "/" & iyear
'On error resume next
sqlAdd = "INSERT INTO orders(ocustomerid,odate,orderamount,ocardtype,ocardno,"
sqlAdd = sqlAdd & "ocardname,ocardexpires,ocardaddress"
If Not Request.Form("shipaddress")="" then
sqlAdd = sqlAdd & ",oshipaddress,oshiptown,oshipzip,oshipstate,oshipcountry"
End If
sqlAdd = sqlAdd & ") VALUES("
sqlAdd = sqlAdd & Session("customerid") & ",#" & Date & "#," & intTotal
sqlAdd = sqlAdd & ",'" & Request.Form("paymentm") & "','" & Request.Form("cardno") & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("cardname")) & "',#" & expDate & "#"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("cardaddress")) & " '"
If Not Request.Form("shipaddress")="" then
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("shipaddress")) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("shiptown")) & " '"
sqlAdd = sqlAdd & ",'" & Request.Form("shipzip") & " '"
sqlAdd = sqlAdd & ",'" & Request.Form("shipstate") & " '"
sqlAdd = sqlAdd & ",'" & Request.Form("shipcountry") & " '"
End If
sqlAdd = sqlAdd & ")"
call openConn()
dbc.execute sqlAdd, intAffected
if dbc.Errors.count > 0 then
call closeConn()
Response.Redirect "error.asp?msg=" & server.URLEncode("Error occurred sending info to Database. Please contact us.")
elseif intAffected = 1 then
Dim oid, sqlo
sqlo = "SELECT max(orderID) FROM orders"
Set rso = dbc.Execute(sqlo)
oid = Cint(rso(0))
rso.Close
If oid < 1 Then
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Error: No order id.")
Else
'insert order items into oitems table
For i = 1 To scartItem
sqlOItem = "INSERT INTO oitems(orderid,catalogid,numitems) VALUES("
sqlOItem = sqlOItem & oid
sqlOItem = sqlOItem & "," & arrCart(cProductid,i)
sqlOItem = sqlOItem & "," & arrCart(cQuantity,i)
sqlOItem = sqlOItem & ")"
dbc.execute sqlOItem
Next
If dbc.Errors.Count > 0 then
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Not succeeded. Error: ") & dbc.Error.Description
else
'send mail to merchant, use function mailMerchant
blnMail = mailMerchant("youremail@yourserver",oid,nosmtp)
if blnMail = false then
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Could not send mail to merchant.")
end if
end if
End if
else
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Order information could not be sent to database. Please try again later.")
end if
If dbc.Errors.Count > 0 then
dbc.Close
set dbc = nothing
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Not succeeded. Error: ") & dbc.Error.Description
Else
dbc.close
set dbc = nothing
Response.Redirect "thanks.asp"
End If
End If
function mailMerchant(merchantmail,orderid,smtpServer)
'get client info from DB
set cmd = server.CreateObject("ADODB.Command")
cmd.ActiveConnection = dbc
cmd.CommandText = "qryOrderInfo"
cmd.CommandType = adCmdStoredProc
set param = cmd.CreateParameter("oid",adInteger,adParamInput,4)
cmd.Parameters.Append param
cmd("oid") = orderid
'build message body strBody
set rs = server.CreateObject("ADODB.recordset")
set rs = cmd.Execute
if not rs.eof then
strBody = "Online order by a.shopKart on " & rs("odate") & vbCrLf & vbCrLf
strBody = strBody & "Customer info:" & vbCrLf
strBody = strBody & rs("cfirstname") & vbCrLf
strBody = strBody & rs("clastname") & vbCrLf
strBody = strBody & rs("cemail") & vbCrLf
strBody = strBody & rs("caddress") & " - " & rs("caddress2") & vbCrLf
strBody = strBody & rs("ctown") & vbCrLf
strBody = strBody & rs("czip") & vbCrLf
strBody = strBody & rs("cstate") & vbCrLf
strBody = strBody & rs("ccountry") & vbCrLf
strBody = strBody & rs("cphone") & vbCrLf & vbCrLf
strBody = strBody & "Credit card info:" & vbCrLf
strBody = strBody & rs("ocardtype") & vbCrLf
strBody = strBody & left(rs("ocardno"),4) & "..." & vbCrLf
strBody = strBody & rs("ocardname") & vbCrLf
strBody = strBody & rs("ocardexpires") & vbCrLf & vbCrLf
strBody = strBody & "Ordered items:" & vbCrLf
strBody = strBody & "Code" & vbTab & "Item" & vbTab & "No." & vbTab & "Price" & vbCrLf
strBody = strBody & "-------------------------------------------------------" & vbCrLf
dblOrderTotal = 0
while not rs.EOF
strBody = strBody & rs("ccode") & vbTab & rs("cname") & vbTab
lineTotal = rs("cprice")*rs("numitems")
strBody = strBody & rs("numitems") & vbTab & lineTotal & vbCrLf
dblOrderTotal = dblOrderTotal + lineTotal
rs.MoveNext
wend
strBody = strBody & "-------------------------------------------------------" & vbCrLf
strBody = strBody & "Total: " & dblOrderTotal & vbCrLf
strBody = strBody & vbCrLf & vbCrLf
rs.Close
set rs = nothing
set cmd = nothing
'use CDONTS to send mail
set Mailer = Server.CreateObject("CDONTS.NewMail")
mailer.From = merchantmail
Mailer.To = merchantmail
Mailer.Subject = "Online order (a.shopKart)"
Mailer.Body = strBody
Mailer.Send
if Err.number > 0 then
mailMerchant = false
else
mailMerchant = true
end if
'OR use ASPMail - choose your own
'Set Mailer = Server.CreateObject ("SMTPsvg.Mailer")
'Mailer.FromName = "a.shopKart"
'Mailer.FromAddress = merchantmail
'Mailer.Subject = "a.shopKart Order"
'Mailer.BodyText = strBody
'Mailer.RemoteHost = smtpServer
'Mailer.AddRecipient "", merchantmail
'if Mailer.SendMail then
' Message sent sucessfully
' mailMerchant = true
'else
' Message send failure
' mailMerchant = false
'end if
else
rs.Close
set rs = nothing
set cmd = nothing
mailMerchant = false
end if
end function
%>
------------------------------------db.asp---------------------------------
<!-- #include file="adovbs.inc" -->
<%
'maximum number of items in cart
Const maxCartItems = 10
Const cartAttributes = 5
'--- Shopping cart attributes ----
Const cProductid = 1
Const cProductCode = 2
Const cProductname = 3
Const cQuantity = 4
Const cUnitPrice = 5
Dim dbc
Dim strConn
Dim strpath
'this procedure is called wherever a connection is needed. Returns 'dbc' as active connection
sub openConn()
'use appropriate connection string
strConn = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath("admin/scart.mdb")
Set dbc = Server.CreateObject("ADODB.Connection")
dbc.open strConn
end sub
sub closeConn()
if isobject(dbc) then
if dbc.State = adStateOpen then
dbc.Close
end if
set dbc = nothing
end if
end sub
%>
---------------------------------thanks.asp-------------------------------
<%
Session.Abandon
%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft FrontPage 4.0">
<link rel="stylesheet" type="text/css" href="eposter.css">
<title>Thank you for your order</title></HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="eplogo.gif (2683 bytes)" width="187" height="36">
<br><font face="Arial">Order confirmation</font></h3>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<P align=center>Thank you for your order.</P>
<P align=center><A href="Default.asp">Return to the homepage</A></P>
</td>
</tr>
</table>
</BODY>
</HTML>
Any ideas of what I should try to solve this would be very much appreciated.
Thanks in advance
---------Checkout.asp------------------------------------
<!-- #include file="db.asp" -->
<%
If Session("customerid") = "" Then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("We did not find your information, please fill the needed information again.")
End If
scartItem = Session("cartItem")
arrCart = Session("MyCart")
msg = Request.QueryString ("msg")
if scartItem = 0 then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Your cart is empty: cannot check out.")
end if
sqlCustomer = "SELECT * FROM customers WHERE custID = " & CInt(Session("customerid"))
call openConn()
Set rs = Server.CreateObject ("adodb.Recordset")
rs.Open sqlCustomer, dbc, adOpenForwardOnly, adLockReadOnly, adCmdText
If rs.EOF then
Response.Redirect "customer.asp?msg=" & Server.URLEncode("Please fill in your information again.")
End If
'procedure builds Cart contents table - isubTotal is the return value for the total
sub showCartOut(isubTotal)
'double quote character
q = chr(34)
strHTML = strHTML & "<table border=0 cellPadding=3 cellSpacing=2 width="&q&"100%"&q&">"
strHTML = strHTML & "<tr bgColor=darkblue>"
strHTML = strHTML & "<td><FONT color=white>Product code</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Product name</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Quantity</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Unit Price</FONT></td>"
strHTML = strHTML & "<td><FONT color=white>Total</FONT></td></tr>"
isubtotal = 0
For i = 1 to scartItem
strHTML = strHTML & "<tr bgColor=navajowhite>"
strHTML = strHTML & "<td><input name=selected"& Cstr(i)&" type=checkbox value="&q&"yes"&q&" checked>" & arrCart(cProductCode,i) &"</td>"
strHTML = strHTML & "<td>" & arrCart(cProductname,i) & "</td>"
strHTML = strHTML & "<td><input type="&q&"text"&q&" name="&q & "quantity" & CStr(i) & q &" value="&q & arrCart(cQuantity,i) &q&"></td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i),2) & "</td>"
strHTML = strHTML & "<td>" & FormatCurrency(arrCart(cUnitPrice,i) * arrCart(cQuantity,i),2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + (arrCart(cUnitPrice,i) * arrCart(cQuantity,i))
Next
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Sub-total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
inttax = isubtotal * Application("taxP")
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Taxes</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(inttax,2) & "</td>"
strHTML = strHTML & "</tr>"
isubtotal = isubtotal + inttax
strHTML = strHTML & "<tr>"
strHTML = strHTML & "<td></td><td></td><td></td>"
strHTML = strHTML & "<td bgColor=darkblue><font color=white>Total</font></td>"
strHTML = strHTML & "<td bgColor=lightgoldenrodyellow>" & FormatCurrency(isubtotal,2) & "</td>"
strHTML = strHTML & "</tr>"
strHTML = strHTML & "</table>"
response.write strHTML
end sub
%>
<HTML>
<HEAD>
<TITLE>Checkout - Final step in your ordering process</TITLE>
<SCRIPT LANGUAGE=javascript>
<!--
// Client script validates form field entries for credit card
function validate(theForm){
if (theForm.cardname.value == "" || theForm.cardname.value.length < 2){
alert("Please fill in the name found on your credit card.");
theForm.cardname.focus();
return false;
}
if (theForm.cardno.value == "" || theForm.cardno.value.length < 15 || theForm.cardno.value == "0000-0000-0000-0000"){
alert("Please fill in the card number in this format: 0000-0000-0000-0000.");
theForm.cardno.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="stylesheet" type="text/css" href="eposter.css">
</HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="eplogo.gif (2683 bytes)" width="187" height="36">
<% If msg <> "" Then %>
<br><font face="Arial">Error. <%= msg %></font></h3>
<% else %>
<br><font face="Arial">Completing your order</font></h3>
<% end if %>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<P><FORM action="process.asp" method=post name="cform" onSubmit="return validate(cform)">
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD bgColor=darkblue><FONT color=white
face="" style="BACKGROUND-COLOR: #00008b"><STRONG>Customer
information</STRONG></FONT> </TD>
</TR>
<TD><STRONG>Customer ID:</STRONG> <%= rs("custid")%><br>
<STRONG>Name:</STRONG> <%= rs("cfirstname")& " " & rs("clastname") %><br>
<STRONG>Address:</STRONG> <%= rs("caddress") %>
<% If Not IsEmpty(rs("caddress2")) Then
Response.Write (rs("caddress2"))
End If
%>
<br>
<STRONG></STRONG> <%= rs("ctown") %><br>
<STRONG>State:</STRONG> <%= rs("cstate") %><br>
<STRONG>Zip:</STRONG> <%= rs("czip") %><br>
<STRONG>Country:</STRONG> <%= rs("ccountry") %>
</TD>
</TR>
</table>
<p><hr>
<%
rs.close
set rs = nothing
call closeConn()
%>
<TABLE border=1 cellPadding=4 cellSpacing=2 width=100%>
<TR>
<TD colspan=2 bgColor=darkblue><FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Shipping information (if different from customer information)</STRONG></FONT> </TD>
</TR>
<TR>
<TD>Name:</TD>
<TD>
<INPUT type="text" name=shipname></TD></TR>
<TR>
<TD>Address:</TD>
<TD>
<INPUT type="text" name=shipaddress style="HEIGHT: 22px; WIDTH: 265px"></TD></TR>
<TR>
<TD>Town:</TD>
<TD>
<INPUT type="text" name="shiptown"></TD></TR>
<TR>
<TD>Zip code:</TD>
<TD>
<INPUT type="text" name="shipzip">
</TD></TR>
<TR>
<TD>State:</TD>
<TD>
<INPUT type="text" name=shipstate></TD></TR>
<TR>
<TD>Country:</TD>
<TD>
<INPUT name="shipcountry" style="HEIGHT: 22px; WIDTH: 135px"></TD></TR>
<TR>
<TD colspan=2 bgColor=darkblue>
<FONT color=white face="" style="BACKGROUND-COLOR: #00008b">
<STRONG>Payment information</STRONG></FONT>
</TD>
</TR>
<TR>
<TD>Payment:</TD>
<TD><SELECT id=select1 name=paymentm>
<OPTION selected value=Visa>Visa
<OPTION value="American Express">American Express
<OPTION value=Mastercard>Mastercard
<OPTION value=dinersclub>Diner's Club</SELECT></TD></TR>
<TR>
<TD>Card name:</TD>
<TD>
<INPUT type=text name="cardname" value="<%= Session("cardname")%>"></TD></TR>
<TR>
<TD>Card no.:</TD>
<TD>
<INPUT type=text maxLength=16 name="cardno" value="<%= Session("cardno")%>"></TD></TR>
<TR>
<TD>Expiration date:</TD>
<TD>
<select name="expMonth">
<%
sMonth = session("expMonth")
if sMonth <> "" then
response.write "<option value="&sMonth &">"&sMonth &"</option>"
end if
%>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>
<select name="expYear">
<%
sYear = session("expYear")
if sYear <> "" then
response.write "<option value="& sYear &">"& sYear &"</option>"
end if
%>
<option value="2000">2000</option>
<option value="2001">2001</option>
<option value="2002">2002</option>
<option value="2003">2003</option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
</select>
</TD></TR>
<TR>
<TD>Card address (if different from your address):</TD>
<TD>
<INPUT type="text" name=cardaddress value="<%= Session("cardaddress")%>"></TD>
</TR>
</TABLE>
<hr>
</P>
<%
call showCartOut(intTotal)
%>
<INPUT type="hidden" name="ordertotal" value="<%= intTotal%>">
<P><INPUT name="action" type=submit value="Order now!">
<INPUT type="button" onClick="window.location='default.asp?end=1'" value="Cancel order" name="cancel">
</FORM>
</td>
</tr>
</table>
</BODY>
</HTML>
---------------------------------Process.asp---------------------------------
<!-- #include file="db.asp" -->
<!-- #include file="functions.asp" -->
<%
Response.Buffer = true
For Each key in Request.Form
strname = key
strvalue = Request.Form(key)
Session(strname) = strvalue
Next
Dim arrCart, scartItem
arrCart = Session("MyCart")
scartItem = Session("cartItem")
if scartItem = 0 then
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Or your session has expired, or you tried to re-submit the form.")
end if
If Request.Form("cardno") = "" OR len(Request.Form("cardno")) <=12 Then
Response.Redirect "checkout.asp?msg=" & Server.URLEncode ("Please fill in a correct credit card number.")
Elseif Request.Form("cardname") = "" OR len(Request.Form("cardname")) <=6 Then
Response.Redirect "checkout.asp?msg=" & Server.URLEncode ("Please fill in a correct credit card name.")
Else
strTotal = Cstr(Request.Form("ordertotal"))
intTotal = Replace(strTotal,",",".")
imonth = Request.Form("expMonth")
iyear = Request.Form("expYear")
'use one of the following date formats: mm/dd/yyyy OR dd/mm/yyyy
'if your server's settings are dd/mm/yyyy, please put a single quote in front of next line
expDate = imonth & "/" & "28" & "/" & iyear
'and remove single quote on next line:
'expDate = "28" & "/" & imonth & "/" & iyear
'On error resume next
sqlAdd = "INSERT INTO orders(ocustomerid,odate,orderamount,ocardtype,ocardno,"
sqlAdd = sqlAdd & "ocardname,ocardexpires,ocardaddress"
If Not Request.Form("shipaddress")="" then
sqlAdd = sqlAdd & ",oshipaddress,oshiptown,oshipzip,oshipstate,oshipcountry"
End If
sqlAdd = sqlAdd & ") VALUES("
sqlAdd = sqlAdd & Session("customerid") & ",#" & Date & "#," & intTotal
sqlAdd = sqlAdd & ",'" & Request.Form("paymentm") & "','" & Request.Form("cardno") & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("cardname")) & "',#" & expDate & "#"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("cardaddress")) & " '"
If Not Request.Form("shipaddress")="" then
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("shipaddress")) & "'"
sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("shiptown")) & " '"
sqlAdd = sqlAdd & ",'" & Request.Form("shipzip") & " '"
sqlAdd = sqlAdd & ",'" & Request.Form("shipstate") & " '"
sqlAdd = sqlAdd & ",'" & Request.Form("shipcountry") & " '"
End If
sqlAdd = sqlAdd & ")"
call openConn()
dbc.execute sqlAdd, intAffected
if dbc.Errors.count > 0 then
call closeConn()
Response.Redirect "error.asp?msg=" & server.URLEncode("Error occurred sending info to Database. Please contact us.")
elseif intAffected = 1 then
Dim oid, sqlo
sqlo = "SELECT max(orderID) FROM orders"
Set rso = dbc.Execute(sqlo)
oid = Cint(rso(0))
rso.Close
If oid < 1 Then
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Error: No order id.")
Else
'insert order items into oitems table
For i = 1 To scartItem
sqlOItem = "INSERT INTO oitems(orderid,catalogid,numitems) VALUES("
sqlOItem = sqlOItem & oid
sqlOItem = sqlOItem & "," & arrCart(cProductid,i)
sqlOItem = sqlOItem & "," & arrCart(cQuantity,i)
sqlOItem = sqlOItem & ")"
dbc.execute sqlOItem
Next
If dbc.Errors.Count > 0 then
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Not succeeded. Error: ") & dbc.Error.Description
else
'send mail to merchant, use function mailMerchant
blnMail = mailMerchant("youremail@yourserver",oid,nosmtp)
if blnMail = false then
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Could not send mail to merchant.")
end if
end if
End if
else
call closeConn()
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Order information could not be sent to database. Please try again later.")
end if
If dbc.Errors.Count > 0 then
dbc.Close
set dbc = nothing
Response.Redirect "error.asp?msg=" & Server.URLEncode ("Not succeeded. Error: ") & dbc.Error.Description
Else
dbc.close
set dbc = nothing
Response.Redirect "thanks.asp"
End If
End If
function mailMerchant(merchantmail,orderid,smtpServer)
'get client info from DB
set cmd = server.CreateObject("ADODB.Command")
cmd.ActiveConnection = dbc
cmd.CommandText = "qryOrderInfo"
cmd.CommandType = adCmdStoredProc
set param = cmd.CreateParameter("oid",adInteger,adParamInput,4)
cmd.Parameters.Append param
cmd("oid") = orderid
'build message body strBody
set rs = server.CreateObject("ADODB.recordset")
set rs = cmd.Execute
if not rs.eof then
strBody = "Online order by a.shopKart on " & rs("odate") & vbCrLf & vbCrLf
strBody = strBody & "Customer info:" & vbCrLf
strBody = strBody & rs("cfirstname") & vbCrLf
strBody = strBody & rs("clastname") & vbCrLf
strBody = strBody & rs("cemail") & vbCrLf
strBody = strBody & rs("caddress") & " - " & rs("caddress2") & vbCrLf
strBody = strBody & rs("ctown") & vbCrLf
strBody = strBody & rs("czip") & vbCrLf
strBody = strBody & rs("cstate") & vbCrLf
strBody = strBody & rs("ccountry") & vbCrLf
strBody = strBody & rs("cphone") & vbCrLf & vbCrLf
strBody = strBody & "Credit card info:" & vbCrLf
strBody = strBody & rs("ocardtype") & vbCrLf
strBody = strBody & left(rs("ocardno"),4) & "..." & vbCrLf
strBody = strBody & rs("ocardname") & vbCrLf
strBody = strBody & rs("ocardexpires") & vbCrLf & vbCrLf
strBody = strBody & "Ordered items:" & vbCrLf
strBody = strBody & "Code" & vbTab & "Item" & vbTab & "No." & vbTab & "Price" & vbCrLf
strBody = strBody & "-------------------------------------------------------" & vbCrLf
dblOrderTotal = 0
while not rs.EOF
strBody = strBody & rs("ccode") & vbTab & rs("cname") & vbTab
lineTotal = rs("cprice")*rs("numitems")
strBody = strBody & rs("numitems") & vbTab & lineTotal & vbCrLf
dblOrderTotal = dblOrderTotal + lineTotal
rs.MoveNext
wend
strBody = strBody & "-------------------------------------------------------" & vbCrLf
strBody = strBody & "Total: " & dblOrderTotal & vbCrLf
strBody = strBody & vbCrLf & vbCrLf
rs.Close
set rs = nothing
set cmd = nothing
'use CDONTS to send mail
set Mailer = Server.CreateObject("CDONTS.NewMail")
mailer.From = merchantmail
Mailer.To = merchantmail
Mailer.Subject = "Online order (a.shopKart)"
Mailer.Body = strBody
Mailer.Send
if Err.number > 0 then
mailMerchant = false
else
mailMerchant = true
end if
'OR use ASPMail - choose your own
'Set Mailer = Server.CreateObject ("SMTPsvg.Mailer")
'Mailer.FromName = "a.shopKart"
'Mailer.FromAddress = merchantmail
'Mailer.Subject = "a.shopKart Order"
'Mailer.BodyText = strBody
'Mailer.RemoteHost = smtpServer
'Mailer.AddRecipient "", merchantmail
'if Mailer.SendMail then
' Message sent sucessfully
' mailMerchant = true
'else
' Message send failure
' mailMerchant = false
'end if
else
rs.Close
set rs = nothing
set cmd = nothing
mailMerchant = false
end if
end function
%>
------------------------------------db.asp---------------------------------
<!-- #include file="adovbs.inc" -->
<%
'maximum number of items in cart
Const maxCartItems = 10
Const cartAttributes = 5
'--- Shopping cart attributes ----
Const cProductid = 1
Const cProductCode = 2
Const cProductname = 3
Const cQuantity = 4
Const cUnitPrice = 5
Dim dbc
Dim strConn
Dim strpath
'this procedure is called wherever a connection is needed. Returns 'dbc' as active connection
sub openConn()
'use appropriate connection string
strConn = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath("admin/scart.mdb")
Set dbc = Server.CreateObject("ADODB.Connection")
dbc.open strConn
end sub
sub closeConn()
if isobject(dbc) then
if dbc.State = adStateOpen then
dbc.Close
end if
set dbc = nothing
end if
end sub
%>
---------------------------------thanks.asp-------------------------------
<%
Session.Abandon
%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft FrontPage 4.0">
<link rel="stylesheet" type="text/css" href="eposter.css">
<title>Thank you for your order</title></HEAD>
<BODY>
<table border="0" width="600" cellpadding="4">
<tr>
<td width="100%" colspan="2" valign="top">
<h3><img src="images/eplogo2.gif" alt="eplogo.gif (2683 bytes)" width="187" height="36">
<br><font face="Arial">Order confirmation</font></h3>
</td>
</tr>
<tr>
<td width="120" bgcolor="#004080" valign="top">
<!--#include file="navleft.htm" --></td>
<td width="480">
<P align=center>Thank you for your order.</P>
<P align=center><A href="Default.asp">Return to the homepage</A></P>
</td>
</tr>
</table>
</BODY>
</HTML>