<%
REM Get session variables
ARYshoppingcart = Session("MyShoppingCart")
CustomerID = Session("CustomerID")
iCount = Session("ItemCount")
if CustomerID =0 then ' new customer
Response.Redirect "/AdvWorks/Equipment/GetCustomer.asp"
End If
msg=""
DateErrorMsg = "An valid Expiration Date (MM/YY greater than today's date) is required "
Action = Left(UCase(Request("Action")),5)
If Action = "ORDER" Then
REM First do some validation on the entries
If Len(Request("CreditCardNumber")) < 8 Then
msg="Credit Card number must have at least 8 digits "
elseif NOT IsDate(Request("ExpDate")) then
msg = DateErrorMsg
elseif CDate(Request("ExpDate")) < now then
msg = DateErrorMsg
End If
If Request("ShipName") = "" OR _
Request("ShipContactFirstName") = "" OR _
Request("ShipContactLastName") = "" OR _
Request("ShipAddress") = "" OR _
Request("ShipCity") = "" OR _
Request("ShipState") = "" OR _
Request("ShipPostalCode") = "" OR _
Request("ShipCountry") = "" OR _
Request("ShipPhoneNumber") = "" Then
msg=msg & "All fields must have a valid non-empty response. "
End If
If msg = "" Then 'No errors -- insert into database
' Here is an example of generating the SQL statement for the Order directly
' It performs much better, but is a pain because of having to know when to
' surround values with quotes.
sql = "INSERT INTO Orders(CustomerID, EmployeeID, OrderDate, ShipName, "
sql = sql & "ShipContactFirstName, ShipContactLastName, ShipAddress, ShipCity, "
sql = sql & "ShipStateOrProvince, ShipPostalCode, ShipCountry, ShipPhoneNumber, "
sql = sql & "ShipDate, ShippingMethodID, FreightCharge, SalesTaxRate) "
sql = sql & "VALUES( "
' to run the stored procedure version, use the following line and comment OUT the
' indented lines setting the current date
' sql = "InsertOrder "
sql = sql & Request("CustomerID")
sql = sql & ", 6, "
sql = sql & "{fn now()},"
sql = sql & CheckString(Request("ShipName"),",")
sql = sql & CheckString(Request("ShipContactFirstName"),",")
sql = sql & CheckString(Request("ShipContactLastName"),",")
sql = sql & CheckString(Request("ShipAddress"), ",")
sql = sql & CheckString(Request("ShipCity"), ",")
sql = sql & CheckString(Request("ShipState"), ",")
sql = sql & CheckString(Request("ShipPostalCode"), ",")
sql = sql & CheckString(Request("ShipCountry"), ",")
sql = sql & CheckString(Request("ShipPhoneNumber"), ",")
sql = sql & "{fn now()}, "
sql = sql & Request("ShippingMethod") & ", "
sql = sql & Request("FreightCharge") & ", "
sql = sql & Request("SalesTaxRate") & ")"
' UNDONE for sproc version, need to add output parameter here and remove the following
' lines of code doing the select.
Conn.Execute(sql)
sql1= "select @@identity"
sql2 = "select max(OrderID) from Orders"
set rs = Conn.Execute(sql2)
' ="id = " & rs(0)
OrderID = rs(0)
rs.Close
REM Generate Order Detail record for each item in shopping cart
'-----------------------------
For i = 1 to iCount
sql = "INSERT INTO Order_Details(OrderID, ProductID, Quantity, UnitPrice, Discount) "
sql = sql & "VALUES( "
sql = sql & OrderID & ","
sql = sql & ARYshoppingcart(9,i) & ","
sql = sql & ARYshoppingcart(7,i) & ","
sql = sql & ARYshoppingcart(8,i) & ","
sql = sql & "0)"
Conn.Execute(sql)
Next
REM Generate Payment record
sql = "INSERT INTO Payments(OrderID, PaymentAmount, PaymentDate, CreditCardNumber, CreditCardExpDate, PaymentMethodID) "
sql = sql & "VALUES( "
sql = sql & OrderID & ","
sql = sql & Request("PaymentAmount") & ","
sql = sql & "{fn now()},"
sql = sql & "'" & Request("CreditCardNumber") & "',"
sql = sql & "'" & CDate(Request("ExpDate")) & "',"
sql = sql & "2)"
Conn.Execute(sql)
Session("ItemCount") = 0
Response.Redirect "/AdvWorks/equipment/congratulations.asp"
End If 'msg = ""
ElseIf Left(UCase(Request("Action")),5) = "CANCE" Then
Session("ItemCount") = 0
Response.Redirect "/AdvWorks/default.asp"
Else
' Response.Write "Failed else"
End If
%>
Shipping and Payment
<% REM Column Span Value %>
<% HTML_CS = 5 %>
<% HTML_INDENT = FALSE %>
