<%@LANGUAGE="VBSCRIPT"%> <% ' UltraDev Shopping Cart II ' Copyright (c) 2001 Joseph Scavitto All Rights Reserved ' www.thechocolatestore.com/ultradev Dim UCII_CartColNames,UCII_ComputedCols,UCII__i UCII_CartColNames = Array("PartialStock","OutOfStock","Weight","TotalWeight","ProductID","DiscountRate","DiscountThreshold","DiscountValue","DiscountType","Quantity","Name","SpecialPrice","Price","Total") UCII_ComputedCols = Array("","","","Weight","","","","","","","","","","Price") Set UCII = VBConstuctCart("MyCart",28,UCII_CartColNames,UCII_ComputedCols) UCII__i = 0 %> <% ' UltraCart II Get Unique OrderID Version 1.00 If CStr(UCII.OrderID) = "" Then Dim UCII_tableName,UCII_fieldName UCII_tableName = "dbo.tblSHOP_NextOrderID" UCII_fieldName = "NextOrderID" Set UCII_rsId = Server.CreateObject("ADODB.Recordset") UCII_rsId.ActiveConnection = MM_ADOSQL_STRING UCII_rsId.Source = "SELECT " & UCII_fieldName & " FROM " & UCII_tableName UCII_rsId.CursorType = 0 UCII_rsId.CursorLocation = 2 UCII_rsId.LockType = 2 UCII_rsId.Open UCII.OrderID = UCII_rsId.Fields(UCII_fieldName).value UCII_rsId.Fields(UCII_fieldName).value = UCII_rsId.Fields(UCII_fieldName).value + 1 UCII_rsId.Update UCII_rsId.Close Set UCII_rsId = Nothing UCII.persist() End If %> <% Dim actionParam : actionParam = Trim(Request("action")) Dim usrEmail: usrEmail = Request("memberemail") Dim usrPwd: usrPwd = Request("memberpassword") Dim exists Dim msg: msg = "" Dim URLQuery: URLQuery = Request.Form Dim lastName: lastName = Replace(Trim(Request("LastName")),"'","''") Dim firstName: firstName = Replace(Trim(Request("FirstName")),"'","''") Dim company: company = Replace(Trim(Request("CompanyName")),"'","''") Dim email: email = Replace(Trim(Request("Email")),"'","''") Dim password: password = Replace(Trim(Request("password")),"'","''") Dim phone: phone = Replace(Trim(Request("BillingPhone")),"'","''") Dim city: city = Replace(Trim(Request("BillingCity")),"'","''") Dim address: address = Replace(Trim(Request("BillingAddress")),"'","''") Dim state: state = Replace(Trim(Request("BillingState")),"'","''") Dim zip: zip = Replace(Trim(Request("BillingZip")),"'","''") Dim country: country = Replace(Trim(Request("BillingCountry")),"'","''") ' Dim cctype: cctype = Replace(Trim(Request("CreditCardTypeID")),"'","''") ' Dim ccnumber: ccnumber = Replace(Trim(Request("CreditCardNumber")),"'","''") ' Dim ccexpmonth: ccexpmonth = Replace(Trim(Request("CrediCardExpMonth")),"'","''") ' Dim ccexpyear: ccexpyear = Replace(Trim(Request("CreditCardExpYear")),"'","''") Response.Cookies("whatspopping")("lastName") = lastName Response.Cookies("whatspopping")("firstName") = firstName Response.Cookies("whatspopping")("company") = company Response.Cookies("whatspopping")("email") = email Response.Cookies("whatspopping")("phone") = phone Response.Cookies("whatspopping")("city") = city Response.Cookies("whatspopping")("address") = address Response.Cookies("whatspopping")("billingstate") = state Response.Cookies("whatspopping")("zip") = zip ' Response.Cookies("whatspopping")("cctype") = cctype ' Response.Cookies("whatspopping")("ccnumber") = ccnumber ' Response.Cookies("whatspopping")("ccexpmonth") = ccexpmonth ' Response.Cookies("whatspopping")("ccexpyear") = ccexpyear Response.Cookies("whatspopping").Expires = Date + 364 If usrEmail="" Then usrEmail = email if usrPwd="" Then usrPwd = password If NOT Request("finalize") = "yes" Then If actionParam = "existingCustomer" Then set cmd = Server.CreateObject("ADODB.Command") cmd.ActiveConnection = Application("ADOConnection") cmd.CommandText = "dbo.spVerifyCustomerLogin" cmd.CommandType = 4 cmd.CommandTimeout = 0 cmd.Prepared = true cmd.Parameters.Append cmd.CreateParameter("@custemail", 129, 1,100,usrEmail) cmd.Parameters.Append cmd.CreateParameter("@custpwd", 129, 1,50,usrPwd) cmd.Parameters.Append cmd.CreateParameter("@TheCount", 3, 2) cmd.Execute() If cmd.Parameters("@TheCount").Value > 0 Then ' good login exists = true msg = "Login verified." Session("custemail")=usrEmail Session("custpwd")=usrPwd Else 'bad login exists = false msg = "Wrong login." End If ElseIf actionParam = "newCustomer" Then exists = false msg = "New customer." ' If NOT validCCNumber(ccnumber) Then ' Response.Write "

Your credit card number seems to be incorect.


" & vbnewline ' Response.Write "Please go back and verify your credit card number.

" & vbnewline ' Response.Write "Thank you.
" & vbnewline ' End If Else Response.Write ("An Error Occured. Error: Wrong action parameter.") Response.End End If End If FUNCTION validCCNumber( ccnumber ) ccnumber = CleanCCNum( ccnumber ) IF ccnumber = "" THEN validCCNumber = FALSE ELSE isEven = False digits = "" for i = Len( ccnumber ) To 1 Step -1 if isEven Then digits = digits & CINT( MID( ccnumber, i, 1) ) * 2 Else digits = digits & CINT( MID( ccnumber, i, 1) ) End If isEven = (Not isEven) Next checkSum = 0 For i = 1 To Len( digits) Step 1 checkSum = checkSum + CINT( MID( digits, i, 1 ) ) Next validCCNumber = ( ( checkSum Mod 10) = 0 ) END IF End Function FUNCTION CleanCCNum( ccnumber ) FOR i = 1 TO LEN( ccnumber ) IF isNumeric( MID( ccnumber, i, 1 ) ) THEN CleanCCNum = CleanCCNum & MID( ccnumber, i, 1 ) END IF NEXT END FUNCTION %> <% Dim rs__custemail rs__custemail = "oliver@babyrummage.com" if (usrEmail <> "") then rs__custemail = usrEmail %> <% Dim rs__custpwd rs__custpwd = "oliver" if (usrPwd <> "") then rs__custpwd = usrPwd %> <% set rs = Server.CreateObject("ADODB.Recordset") set cmd = Server.CreateObject("ADODB.Command") cmd.ActiveConnection = Application("ADOConnection") cmd.CommandText = "dbo.spSelectCustomerDetails" cmd.CommandType = 4 cmd.CommandTimeout = 0 cmd.Prepared = true cmd.Parameters.Append cmd.CreateParameter("@custemail", 129, 1,100,rs__custemail) cmd.Parameters.Append cmd.CreateParameter("@custpwd", 129, 1,50,rs__custpwd) Set rs = cmd.Execute() If rs.EOF Then Response.Redirect ("/shop/_includes/ReviewOrder.asp?errmsg=" & Server.URLEncode("Your email or password did not match our records. Please register below or try again.")) End If Session("custemail")=rs__custemail Session("custpwd")=rs__custpwd 'rs.ActiveConnection = MM_ADOSQL_STRING 'rs.Source = "{call dbo.spSelectCustomerDetails('" + Replace(rs__custemail, "'", "''") + "','" + Replace(rs__custpwd, "'", "''") + "')}" 'rs.CursorType = 0 'rs.CursorLocation = 2 'rs.LockType = 3 'rs.Open() rs_numRows = 0 %> <% set rsPref = Server.CreateObject("ADODB.Recordset") rsPref.ActiveConnection = MM_ADOSQL_STRING rsPref.Source = "SELECT * FROM dbo.tblSHOP_Preferences" rsPref.CursorType = 0 rsPref.CursorLocation = 2 rsPref.LockType = 3 rsPref.Open() rsPref_numRows = 0 %> <% session("ReplyEmail") = rs.Fields.Item("CustomerEmail").Value session("OrderSendEmail1") = rsPref.Fields.Item("OrderSendEmail1").Value session("OrderSendEmail2") = rsPref.Fields.Item("OrderSendEmail2").Value session("OrderSendPagerEmail") = rsPref.Fields.Item("OrderSendPagerEmail").Value ' UltraCart II Save Cart Non Transaction Version 1.01 'If CStr(Request.Form("UCII_SaveToTable")) <> "" Then If 1=1 Then ' UltraCart II Email Order Version 2.00 on error resume next Set MailObj = Server.CreateObject("CDONTS.NewMail") If IsObject(MailObj) Then MailObj.From = rs.Fields.Item("CustomerEmail").Value MailObj.To = "eliasj@yahoo.com" 'rsPref.Fields.Item("OrderSendEmail1").Value MailObj.Cc = rsPref.Fields.Item("OrderSendEmail2").Value MailObj.Bcc = rsPref.Fields.Item("OrderSendPagerEmail").Value MailObj.Subject = "You have an order from Whatspopping.com !!" MailObj.Importance = 2 emailHeader = "Congrats! You just made some business." emailFooter= "The items below have been orderd from your web site. Please send requested products to customer immediately" wantedCartColArray = Array(0,0,1,1,1,0,0,1,1,1,1,1,1,1) wantedCartColNamesArray = Array("PartialStock","OutOfStock","Weight","TotalWeight","ProductID","DiscountRate","DiscountThreshold","DiscountValue","DiscountType","Quantity","Name","SpecialPrice","Price","Total") wantedCartColFormatArray = Array(false,false,false,false,false,false,false,false,false,false,false,false,true,true) currencyTypeArray = Array("$",0,-1,-2,-2,-2) ' Build E-mail Body MailObj.Body = UCII.BuildEmailBody(true,emailHeader,emailFooter,_ wantedCartColArray,_ wantedCartColNamesArray,_ wantedCartColFormatArray,_ "Order ID",true,_ "Order Date",true,_ "Sub Total",true,_ "Tax",true,_ "Discount",true,_ "Shipping",true,_ "Shipping Method",true,_ "Grand Total",true,currencyTypeArray) MailObj.Send else URLQuery = URLQuery + "&sendmail=0" end If Set connOrders = Server.CreateObject("ADODB.Connection") connOrders.Open(MM_ADOSQL_STRING) Set connOrderDetails = Server.CreateObject("ADODB.Connection") connOrderDetails.Open(MM_ADOSQL_STRING) ordersTableBindingNames = Array("OrderID","CustomerID","OrderDate","ShipMethod","ShippingCost","DiscountOrderLevel","SalesTax","ShipLastName","ShipFirstName","ShipCompanyName","ShipAddress","ShipCity","ShipState","ShipZip","ShipCountry","ShipPhone","Fullfilled","Canceled") ordersTableBindingMap = Array(1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,1,1) ordersTableBindingTypes = Array("NONE","LITERAL","LITERAL","NONE","LITERAL","NONE","NONE","LITERAL","LITERAL","LITERAL","LITERAL","LITERAL","LITERAL","LITERAL","LITERAL","LITERAL","NONE","NONE") ordersTableBindingValues = Array("",rs.Fields.Item("CustomerID").Value,orderDate,"",shippingCost,"","",rs.Fields.Item("LastName").Value,rs.Fields.Item("FirstName").Value,rs.Fields.Item("CompanyName").Value,rs.Fields.Item("BillingAddress").Value,rs.Fields.Item("BillingCity").Value,rs.Fields.Item("BillingState").Value,rs.Fields.Item("BillingZip").Value,rs.Fields.Item("BillingCountry").Value,rs.Fields.Item("BillingPhone").Value,"","") destColName = Array("","","","","ProductID","","","Discount","","Quantity","","","UnitPrice","") destColType = Array("num","str","str","str","num","str","str","num","str","num","str","str","num","str") retVal = "" retVal = UCII.SaveCart(false,true,connOrders,connOrderDetails,_ "dbo.tblSHOP_Orders","dbo.tblSHOP_OrderDetails","OrderID",UCII.OrderID,destColName,destColType,_ ordersTableBindingNames,ordersTableBindingMap,ordersTableBindingTypes,ordersTableBindingValues) If retVal <> "" Then assert false, retVal Response.End End If ' UCII_redirectToPage = "confirmed.asp" ' If UCII_redirectToPage <> "" Then ' Response.Redirect(UCII_redirectToPage) ' End If End If %> Checkout <%=msg %> <% If exists Then 'existing customer /shop/checkout.asp%>
"> "> "> "> "> "> "> ">
<%=msg%>
Welcome back <%=(rs.Fields.Item("FirstName").Value)%> <%=(rs.Fields.Item("LastName").Value)%>. (Memeber since: <%=(rs.Fields.Item("DateAdded").Value)%>)
Please verify your personal information below. Should your address have changed, please update your customer profile first before finalizing this order.
   
Name: <%=(rs.Fields.Item("FirstName").Value)%> <%=(rs.Fields.Item("LastName").Value)%>
Comapny: <%=(rs.Fields.Item("CompanyName").Value)%>
   
Address: <%=(rs.Fields.Item("BillingAddress").Value)%>
City: <%=(rs.Fields.Item("BillingCity").Value)%>    State: <%=(rs.Fields.Item("BillingState").Value)%>    Zip: <%=(rs.Fields.Item("BillingZip").Value)%>
Country: <%=(rs.Fields.Item("BillingCountry").Value)%>
   
Phone: <%=(rs.Fields.Item("BillingPhone").Value)%>
E-mail: <%=(rs.Fields.Item("CustomerEmail").Value)%>
   
 
<% 'UltraCart II Repeat Region Dim Qty Qty = 0 For UCII__i=0 To UCII.GetItemCount()-1 Qty = Qty + (UCII.GetColumnValue("Quantity",UCII__i)) %> <% 'UltraCart II Repeat Region End Next Dim ShipCost ShipCost = 3.25 ShipCost = ((Qty) * .75) + ShipCost %>
Product Name Quantity Unit Price
<%=(UCII.GetColumnValue("Name",UCII__i))%> <%'=(UCII.GetColumnValue("Weight",UCII__i))lbs.%> <%=(UCII.GetColumnValue("Quantity",UCII__i))%> <%= FormatCurrency((UCII.GetColumnValue("Price",UCII__i)), -1, -2, -2, -2) %>
       
 
Shipping Costs: <%=FormatCurrency(ShipCost)%>
TOTAL: <%= FormatCurrency(ShipCost + (UCII.GetGrandTotal()), -1, -2, -2, -2) %>
<% Else 'new customer ' insert new customer data If len(firstName) > 0 AND len(lastName) > 0 AND len(email) > 0 Then If Request("UserMode")="UPDATE" Then Set obj = Server.CreateObject("ADODB.Command") obj.ActiveConnection = MM_ADOSQL_STRING SQL = "Update tblSHOP_Customers Set LastName='" & lastName & "', FirstName='" & firstName & "',CompanyName='" & company & "',BillingAddress='" & address & "',BillingCity='" & city & "',BillingState='" & state & "',BillingZip='" & zip & "',BillingCountry='" & country & "',BillingPhone='" & phone & "' Where customeremail='" & Session("custemail") & "' AND password='" & password & "'" obj.CommandText = SQL 'Response.Write sql obj.Execute Else Set obj = Server.CreateObject("ADODB.Command") obj.ActiveConnection = MM_ADOSQL_STRING SQL = "INSERT INTO tblSHOP_Customers (LastName,FirstName,CompanyName,CustomerEmail,Password,BillingAddress,BillingCity,BillingState,BillingZip,BillingCountry,BillingPhone,DateAdded) VALUES ('" & lastName & "','" & firstName & "','" & company & "','" & email & "','" & password & "','" & address & "','" & city & "','" & state & "','" & zip & "','" & country & "','" & phone & "','" & Now & "')" obj.CommandText = SQL obj.Execute End If obj.ActiveConnection.Close Set obj = Nothing Dim URLSTRING URLSTRING = "checkout.asp?" & Replace(URLQuery,"newCustomer", "existingCustomer") Response.redirect URLSTRING Else Response.Write "

Your login credentials do not mach any of our previous customers.


" & vbnewline Response.Write "Please go back and sign up as a new customer.

" & vbnewline Response.Write "Thank you.
" & vbnewline End If End If %> <% rs.Close() %> <% rsPref.Close() %>