<%@ Language=VBScript %> <% '************************************************************************* ' DO NOT MODIFY THIS SCRIPT IF YOU WANT UPDATES TO WORK! ' Function : List Customer Orders ' Product : CandyPress Store Frontend ' Version : 2.5 ' Modified : February 2004 ' Copyright: Copyright (C) 2004 CandyPress.Com ' See "license.txt" for this product for details regarding ' licensing, usage, disclaimers, distribution and general ' copyright requirements. If you don't have a copy of this ' file, you may request one at webmaster@candypress.com '************************************************************************* Option explicit Response.Buffer = true %> <% 'cartHead dim orderStatus dim orderDate dim Total dim shipmentMethod dim paymentType 'Database dim mySQL dim conntemp dim rstemp dim rstemp2 'Session dim idOrder dim idCust 'Work Fields dim qIdOrder '************************************************************************* 'Open Database Connection call openDb() 'Store Configuration if loadConfig() = false then call errorDB(langErrConfig,"") end if 'Get/Set Cart/Order Session idOrder = sessionCart() 'Get/Set Customer Session idCust = sessionCust() 'Double-check that the Customer is now "logged in" if isNull(idCust) then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrNotLoggedIn) end if 'Check if the user is requesting to delete a "saved" cart if LCase(Trim(Request.QueryString("action"))) = "del" then 'Validate Order Number qIdOrder = trim(Request.QueryString("idOrder")) if len(qIdOrder) = 0 or not IsNumeric(qIdOrder) then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrInvOrder) end if 'Validate Order Number on DB mySQL = "SELECT idOrder " _ & "FROM cartHead " _ & "WHERE idOrder = " & validSQL(qIdOrder,"I") & " " _ & "AND idCust = " & validSQL(idCust,"I") & " " _ & "AND orderStatus = 'S' " set rsTemp = openRSexecute(mySQL) if rstemp.eof then response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrInvOrder) end if call closeRS(rsTemp) 'Set CursorLocation of the Connection Object to Client connTemp.CursorLocation = adUseClient 'BEGIN Transaction connTemp.BeginTrans 'Delete cartRowsOptions mySQL = "DELETE FROM cartRowsOptions WHERE idOrder = " & validSQL(qIdOrder,"I") set rsTemp = openRSexecute(mySQL) call closeRS(rsTemp) 'Delete cartRows mySQL = "DELETE FROM cartRows WHERE idOrder = " & validSQL(qIdOrder,"I") set rsTemp = openRSexecute(mySQL) call closeRS(rsTemp) 'Delete cartHead mySQL = "DELETE FROM cartHead WHERE idOrder = " & validSQL(qIdOrder,"I") set rsTemp = openRSexecute(mySQL) call closeRS(rsTemp) 'END Transaction connTemp.CommitTrans 'Set CursorLocation of the Connection Object back to Server connTemp.CursorLocation = adUseServer end if %> <% 'Close Database Connection call closedb() '********************************************************************** 'Main Shopping Cart Display Area '********************************************************************** sub cartMain() %>

<%=langGenYourAccount%> » <%=langGenModAcc%>   » <%=langGenLogoff%> <% 'Retrieve Customer's Orders mySQL = "SELECT idOrder,orderStatus,orderDate,randomKey,Total " _ & "FROM cartHead " _ & "WHERE idCust = " & validSQL(idCust,"I") & " " _ & "AND orderStatus <> 'U' " _ & "ORDER BY orderDate DESC " set rsTemp = openRSexecute(mySQL) if not rstemp.eof then do while not rsTemp.EOF %> <% if UCase(rsTemp("orderStatus")) = "S" then %> <% else %> <% end if %> <% rsTemp.MoveNext loop else %> <% end if call closeRS(rsTemp) %> <%=langGenYourOrders%> <%=langGenOrderNumber%> <%=langGenOrderDate%> <%=langGenTotal%> <%=langGenOrderStatus%> &randomKey=<%=rsTemp("randomKey")%>"><%=pOrderPrefix & "-" & rsTemp("idOrder")%> <%=formatTheDate(rsTemp("orderDate"))%> <%=langGenNotApplicable%> "><%=pOrderPrefix & "-" & rsTemp("idOrder")%> <%=formatTheDate(rsTemp("orderDate"))%> <%=pCurrencySign & moneyS(rsTemp("Total"))%> <% Response.Write orderStatusDesc(rsTemp("orderStatus")) if UCase(rsTemp("orderStatus")) = "S" then %> - &action=del"><%=langGenDeleteCart%> <% end if %> <%=langErrNoOrders%>

<% end sub %>