<%@ Language=VBScript %> <% '************************************************************************* ' DO NOT MODIFY THIS SCRIPT IF YOU WANT UPDATES TO WORK! ' Function : Create/Modify Accounts ' Product : CandyPress Store Frontend ' Version : 2.5 ' Modified : February 2004 ' Copyright: Copyright (C) 2004 CandyPress.Com ' See "license.txt" for this product for details regarding ' licensing, usage, disclaimers, distribution and general ' copyright requirements. If you don't have a copy of this ' file, you may request one at webmaster@candypress.com '************************************************************************* Option explicit Response.Buffer = true %> <% 'Work fields dim f dim arrayErrors dim action dim formID 'Customer dim status dim Name dim LastName dim CustomerCompany dim Phone dim Email dim Password dim Address dim City dim Zip dim locState dim locState2 dim locCountry dim paymentType dim shippingName dim shippingLastName dim shippingPhone dim shippingAddress dim ShippingCity dim shippingZip dim shippingLocState dim shippingLocState2 dim shippingLocCountry dim futureMail dim taxExempt dim affiliate 'Locations dim locName 'Database dim mySQL dim conntemp dim rstemp dim rstemp2 'Session dim idOrder dim idCust '************************************************************************* 'Open Database Connection call openDb() 'Store Configuration if loadConfig() = false then call errorDB(langErrConfig,"") end if 'Get/Set Cart/Order Session idOrder = sessionCart() 'Get/Set Customer Session idCust = sessionCust() 'Check action indicator action = lCase(Request("action")) if action <> "newacc" _ and action <> "newaff" _ and action <> "modify" _ and action <> "save" _ and action <> "checkout" then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrAction) end if 'If Checkout or Save, do some validations. if action = "checkout" or action = "save" then 'Check if the session is still active if isNull(idOrder) then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrCartEmpty) end if 'Check if cart has any items if cartQty(idOrder) = 0 then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrCartEmpty) end if 'Check if minimum order amount has been met (checkout only) if action = "checkout" then if cartTotal(idOrder,0) < pMinCartAmount then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrMinPrice & pCurrencySign & moneyS(pMinCartAmount)) end if end if end if 'If Modify, do some validations. if action = "modify" then 'Check that Customer is logged on if isNull(idCust) then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrNotLoggedIn) end if end if 'Get Form ID formID = trim(Request.Form("formID")) 'Get State and Country arrays call getStateArray() call getCountryArray() 'Check Country array if not isArray(countryArr) then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrCountry) end if 'Before we display the form, see if we can pre-populate some fields if formID = "" then 'Default Country Code locCountry = defaultCountryCode 'Check if user is already logged on if not isNull(idCust) then 'Retrieve field values from DB mySQL = "SELECT Name,LastName,CustomerCompany,Phone,Email," _ & " Password,Address,City,Zip,locCountry,locState," _ & " locState2,paymentType,shippingName,shippingLastName," _ & " shippingPhone,shippingAddress,ShippingCity," _ & " shippingZip,shippingLocCountry,shippingLocState," _ & " shippingLocState2,futureMail " _ & "FROM customer " _ & "WHERE idCust = " & validSQL(idCust,"I") set rsTemp = openRSexecute(mySQL) if not rsTemp.EOF then Name = trim(rstemp("name")&"") LastName = trim(rstemp("LastName")&"") CustomerCompany = trim(rstemp("CustomerCompany")&"") Phone = trim(rstemp("Phone")&"") Email = trim(rstemp("Email")&"") Password = trim(EnDeCrypt(Hex2Ascii(rstemp("Password")),rc4Key)&"") Address = trim(rstemp("Address")&"") City = trim(rstemp("City")&"") Zip = trim(rstemp("Zip")&"") locState = trim(rstemp("locState")&"") locState2 = trim(rstemp("locState2")&"") locCountry = trim(rstemp("locCountry")&"") paymentType = trim(rstemp("paymentType")&"") shippingName = trim(rstemp("shippingName")&"") shippingLastName = trim(rstemp("shippingLastName")&"") shippingPhone = trim(rstemp("shippingPhone")&"") shippingAddress = trim(rstemp("shippingAddress")&"") ShippingCity = trim(rstemp("ShippingCity")&"") shippingZip = trim(rstemp("shippingZip")&"") shippingLocState = trim(rstemp("shippingLocState")&"") shippingLocState2 = trim(rstemp("shippingLocState2")&"") shippingLocCountry = trim(rstemp("shippingLocCountry")&"") futureMail = trim(rstemp("futureMail")&"") else 'No Customer Record on DB (which is highly unlikely because 'Customer record has already been tested in sessionCust() 'at the beginning of this script). response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrInvCustAcc) end if call closeRS(rsTemp) end if end if 'Check if the Customer clicked the "Next" button if formID = "01" then Name = validHTML(request.form("name")) LastName = validHTML(request.form("LastName")) CustomerCompany = validHTML(request.form("CustomerCompany")) Phone = validHTML(request.form("Phone")) Email = validHTML(request.form("Email")) Password = validHTML(request.form("Password")) Address = validHTML(request.form("Address")) City = validHTML(request.form("City")) Zip = validHTML(request.form("Zip")) locState = validHTML(request.form("locState")) locState2 = validHTML(request.form("locState2")) locCountry = validHTML(request.form("locCountry")) paymentType = validHTML(request.form("paymentType")) shippingName = validHTML(request.form("shippingName")) shippingLastName = validHTML(request.form("shippingLastName")) shippingPhone = validHTML(request.form("shippingPhone")) shippingAddress = validHTML(request.form("shippingAddress")) ShippingCity = validHTML(request.form("ShippingCity")) shippingZip = validHTML(request.form("shippingZip")) shippingLocState = validHTML(request.form("shippingLocState")) shippingLocState2 = validHTML(request.form("shippingLocState2")) shippingLocCountry = validHTML(request.form("shippingLocCountry")) futureMail = validHTML(request.form("futureMail")) 'Name if len(name) = 0 then arrayErrors = arrayErrors & "|name" end if 'LastName if len(lastname) = 0 then arrayErrors = arrayErrors & "|lastname" end if 'Phone if len(phone) = 0 then arrayErrors = arrayErrors & "|phone" else if invalidChar(phone,2,"- +().") then arrayErrors = arrayErrors & "|phone" end if end if 'Email if len(email) = 0 then arrayErrors = arrayErrors & "|email" else if inStr(email,"@") = 0 or inStr(email,".") = 0 then arrayErrors = arrayErrors & "|email" end if if invalidChar(Email,1,"@.-_") then arrayErrors = arrayErrors & "|email" end if end if 'Password if len(password) = 0 then arrayErrors = arrayErrors & "|password" else if invalidChar(Password,1,"") then arrayErrors = arrayErrors & "|password" end if end if 'PaymentType if action = "checkout" then if len(paymentType) = 0 then arrayErrors = arrayErrors & "|paymenttype" end if end if 'Future Mail Indicator if futureMail <> "Y" then futureMail = "N" end if 'Address if len(address) = 0 then arrayErrors = arrayErrors & "|address" end if 'City if len(city) = 0 then arrayErrors = arrayErrors & "|city" end if 'Zip if len(zip) = 0 then arrayErrors = arrayErrors & "|zip" end if 'State/Prov/Country if len(locCountry) = 0 then arrayErrors = arrayErrors & "|locState" arrayErrors = arrayErrors & "|locCountry" else if not validLoc(locState,locCountry) then arrayErrors = arrayErrors & "|locState" arrayErrors = arrayErrors & "|locCountry" end if end if 'State/Province 2 if len(locState) > 0 and len(locState2) > 0 then arrayErrors = arrayErrors & "|locState2" end if 'Shipping if len(shippingName & shippingLastName & shippingPhone & shippingAddress & shippingCity & shippingZip & shippingLocCountry) > 0 then 'Ship Name if len(shippingName) = 0 then arrayErrors = arrayErrors & "|shippingName" end if 'Ship Last Name if len(shippingLastName) = 0 then arrayErrors = arrayErrors & "|shippingLastName" end if 'shippingPhone if len(shippingPhone) = 0 then arrayErrors = arrayErrors & "|shippingPhone" else if invalidChar(shippingPhone,2,"- +().") then arrayErrors = arrayErrors & "|shippingPhone" end if end if 'Ship Address if len(shippingAddress) = 0 then arrayErrors = arrayErrors & "|shippingAddress" end if 'Ship City if len(shippingCity) = 0 then arrayErrors = arrayErrors & "|shippingCity" end if 'Ship Zip if len(shippingZip) = 0 then arrayErrors = arrayErrors & "|shippingZip" end if 'Ship State/Prov/Country if len(shippingLocCountry) = 0 then arrayErrors = arrayErrors & "|shippingLocState" arrayErrors = arrayErrors & "|shippingLocCountry" else if not validLoc(shippingLocState,shippingLocCountry) then arrayErrors = arrayErrors & "|shippingLocState" arrayErrors = arrayErrors & "|shippingLocCountry" end if end if 'Ship State/Province 2 if len(shippingLocState) > 0 and len(shippingLocState2) > 0 then arrayErrors = arrayErrors & "|shippingLocState2" end if end if 'There were no errors if len(trim(arrayErrors)) = 0 then 'Check for duplicate email address mySQL = "SELECT idCust " _ & "FROM customer " _ & "WHERE email = '" & validSQL(email,"A") & "' " if not isNull(idCust) then mySQL = mySQL & "AND idCust <> " & validSQL(idCust,"I") end if set rsTemp = openRSexecute(mySQL) if not rsTemp.EOF then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrEmailUsed) end if call closeRS(rsTemp) 'Create empty Customer Record if isNull(idCust) then set rsTemp = openRSopen("customer",adUseServer,adOpenKeySet,adLockOptimistic,adCmdTable,0) rsTemp.AddNew rsTemp("status") = "A" 'Default to Active rsTemp("dateCreated") = currDateTime("DT",timeOffSet) rsTemp("dateCreatedInt")= dateInt(currDateTime("DT",timeOffSet)) rsTemp("taxExempt") = "N" 'Default to No if action = "newaff" then rsTemp("affiliate") = "A" 'Affiliate Application else rsTemp("affiliate") = "N" 'Default to No end if rsTemp.update session(storeID & "idCust") = rsTemp("idCust") idCust = rsTemp("idCust") call closeRS(rsTemp) end if 'Update the customer record mySQL = "UPDATE customer SET " _ & "[name] = '" & validSQL(name,"A") & "', " _ & "LastName = '" & validSQL(LastName,"A") & "', " _ & "CustomerCompany = '" & validSQL(CustomerCompany,"A") & "', " _ & "Phone = '" & validSQL(Phone,"A") & "', " _ & "Email = '" & validSQL(Email,"A") & "', " _ & "[Password] = '" & validSQL(Ascii2Hex(EnDeCrypt(lCase(Password),rc4Key)),"A") & "', " _ & "Address = '" & validSQL(Address,"A") & "', " _ & "City = '" & validSQL(City,"A") & "', " _ & "Zip = '" & validSQL(Zip,"A") & "', " _ & "locState = '" & validSQL(locState,"A") & "', " _ & "locState2 = '" & validSQL(locState2,"A") & "', " _ & "locCountry = '" & validSQL(locCountry,"A") & "', " _ & "paymentType = '" & validSQL(paymentType,"A") & "', " _ & "shippingName = '" & validSQL(shippingName,"A") & "', " _ & "shippingLastName = '" & validSQL(shippingLastName,"A") & "', " _ & "shippingPhone = '" & validSQL(shippingPhone,"A") & "', " _ & "ShippingAddress = '" & validSQL(ShippingAddress,"A") & "', " _ & "ShippingCity = '" & validSQL(ShippingCity,"A") & "', " _ & "shippingZip = '" & validSQL(shippingZip,"A") & "', " _ & "shippingLocState = '" & validSQL(shippingLocState,"A") & "', " _ & "shippingLocState2 = '" & validSQL(shippingLocState2,"A") & "', " _ & "shippingLocCountry = '" & validSQL(shippingLocCountry,"A") & "', " _ & "futureMail = '" & validSQL(futureMail,"A") & "' " _ & "WHERE idCust = " & validSQL(idCust,"I") set rsTemp = openRSexecute(mySQL) call closeRS(rsTemp) 'Update cartHead with some info (if possible) if not(isNull(idOrder)) then mySQL = "UPDATE cartHead SET " _ & "idCust = " & validSQL(idCust,"I") & ", " _ & "[Name] = '" & validSQL(Name,"A") & "'," _ & "LastName = '" & validSQL(LastName,"A") & "'," _ & "Address = '" & validSQL(Address,"A") & "' " _ & "WHERE idOrder = " & validSQL(idOrder,"I") & " " set rsTemp = openRSexecute(mySQL) call closeRS(rsTemp) end if 'Forward to next page select case action case "newacc", "newaff" Response.Redirect "custListOrders.asp" case "modify" Response.Redirect "custListOrders.asp" case "save" call saveCart(idOrder,idCust) Response.Redirect "custListOrders.asp" case "checkout" Response.Redirect "30_Ship_CC.asp" end select end if end if 'Determine default Payment Type if len(paymentType) = 0 then paymentType = payDefault end if %> <% 'Close Database Connection call closedb() '********************************************************************** 'Main Shopping Cart Display Area '********************************************************************** sub cartMain() 'If there were errors, show message if len(trim(arrayErrors)) > 0 then arrayErrors = split(LCase(arrayErrors),"|") Response.Write "" & langErrInvForm & "

" else arrayErrors = array("") end if %>

<% 'Show list of Payment Types if action = "checkout" then %> <% end if %> <% 'Check if there are any states listed in the database. if isArray(stateArr) then %> <% else %> <% end if %> <% 'Check if we must show shipping address fields if allowShipAddr = -1 then %> <% 'Check if there are any states listed in the database. if isArray(stateArr) then %> <% else %> <% end if %> <% 'If shipping address must NOT be shown, substitute visible form 'variables with hidden form variables. else %> <% end if %> <%=langGenCustInfo%> <% 'Display an appropriate heading select case action case "newacc", "newaff", "save" Response.Write "" & langGenNewAcc & "" case "modify" Response.Write "" & langGenModAcc & "" case else Response.Write "" & langGenStep1 & "" end select %> <%=langGenName & " " & checkFieldError("name",arrayErrors)%> <%=langGenLastName & " " & checkFieldError("lastName",arrayErrors)%> <%=langGenCompany & " " & checkFieldError("customerCompany",arrayErrors)%> <%=langGenPhone & " " & checkFieldError("phone",arrayErrors)%> <%=langGenEmail & " " & checkFieldError("email",arrayErrors)%> <%=langGenPassword & " " & checkFieldError("password",arrayErrors)%> <%=langGenPayment & " " & checkFieldError("paymentType",arrayErrors)%> ------- Select ------- <% if pMailIn = -1 then Response.Write "" & paymentMsg("mailin",1,"") call showPayFee(feeMailIn) end if if payCallIn = -1 then Response.Write "" & paymentMsg("callin",1,"") call showPayFee(feeCallIn) end if if payFaxIn = -1 then Response.Write "" & paymentMsg("faxin",1,"") call showPayFee(feeFaxIn) end if if payCOD = -1 then Response.Write "" & paymentMsg("cod",1,"") call showPayFee(feeCOD) end if if pCreditCard = -1 then Response.Write "" & paymentMsg("creditcard",1,"") call showPayFee(feeOffCC) end if if pPayPal = -1 then Response.Write "" & paymentMsg("paypal",1,"") call showPayFee(feePayPal) end if if TwoCheckOut = -1 then Response.Write "" & paymentMsg("2checkout",1,"") call showPayFee(fee2CO) end if if pAuthNetFrontEnd = -1 then Response.Write "" & paymentMsg("authorizenet",1,"") call showPayFee(feeAuthNet) end if if payCustom = -1 then Response.Write "" & paymentMsg("custom",1,"") call showPayFee(feeCustom) end if %>  <%=langGenLearnMore%> > <%=langGenNotifyMsg%>   <%=langGenBillAddr%> <%=langGenAddress & " " & checkFieldError("address",arrayErrors)%> <%=langGenCity & " " & checkFieldError("city",arrayErrors)%> <%=langGenState & " " & checkFieldError("locState",arrayErrors)%> <%listStates "locState",locState,locCountry%>   <%=langGenStateAlt%> <%=checkFieldError("locState2",arrayErrors)%>   <%=langGenState & " " & checkFieldError("locState2",arrayErrors)%> <%=langGenZip & " " & checkFieldError("zip",arrayErrors)%> <%=langGenCountry & " " & checkFieldError("locCountry",arrayErrors)%> <%listCountries "locCountry",locCountry%>   <%=langGenShipAddr%> * * <%=langGenShipAddrOpt%> <%=langGenName & " " & checkFieldError("shippingName",arrayErrors)%> <%=langGenLastName & " " & checkFieldError("shippingLastName",arrayErrors)%> <%=langGenPhone & " " & checkFieldError("shippingPhone",arrayErrors)%> <%=langGenAddress & " " & checkFieldError("shippingAddress",arrayErrors)%> <%=langGenCity & " " & checkFieldError("shippingCity",arrayErrors)%> <%=langGenState & " " & checkFieldError("shippinglocState",arrayErrors)%> <%listStates "shippinglocState",shippinglocState,shippingLocCountry%>   <%=langGenStateAlt%> <%=checkFieldError("shippinglocState2",arrayErrors)%>   <%=langGenState & " " & checkFieldError("shippinglocState2",arrayErrors)%> <%=langGenZip & " " & checkFieldError("shippingZip",arrayErrors)%> <%=langGenCountry & " " & checkFieldError("shippinglocCountry",arrayErrors)%> <%listCountries "shippinglocCountry",shippinglocCountry%>

<% end sub '************************************************************************* 'Show Payment fee for a particular Payment Method '************************************************************************* sub showPayFee(payFee) if payFee > 0 then response.Write "  (" & langGenAdd & " " & pCurrencySign & moneyS(payFee) & ")" end if end sub %>