<%@ Language=VBScript %>
<%
'*************************************************************************
' DO NOT MODIFY THIS SCRIPT IF YOU WANT UPDATES TO WORK!
' Function : Email a Product To a Friend
' Product : CandyPress Store Frontend
' Version : 2.5
' Modified : February 2004
' Copyright: Copyright (C) 2004 CandyPress.Com
' See "license.txt" for this product for details regarding
' licensing, usage, disclaimers, distribution and general
' copyright requirements. If you don't have a copy of this
' file, you may request one at webmaster@candypress.com
'*************************************************************************
Option explicit
Response.Buffer = true
%>
<%
'Product
dim idProduct
dim description
dim price
'Email
dim emailName
dim emailTo
dim emailBody
'Work Fields
dim arrayErrors
dim formID
'Database
dim mySQL
dim conntemp
dim rstemp
dim rstemp2
'Session
dim idOrder
dim idCust
'*************************************************************************
'Open Database Connection
call openDb()
'Store Configuration
if loadConfig() = false then
call errorDB(langErrConfig,"")
end if
'Get/Set Cart/Order Session
idOrder = sessionCart()
'Get/Set Customer Session
idCust = sessionCust()
'Are we calling this page from the products page?
if Request.Form("formID") = "" then
'Get Product Details
idProduct = validHTML(Request.QueryString("idProduct"))
mySQL = "SELECT description,price " _
& "FROM products " _
& "WHERE idProduct = " & validSQL(idProduct,"I") & " "
set rsTemp = openRSexecute(mySQL)
if not rstemp.eof then
description = trim(rsTemp("description"))
price = trim(rsTemp("price"))
end if
call closeRS(rsTemp)
'Build Email Body
emailBody = ""
mySQL = "SELECT configValLong " _
& "FROM storeAdmin " _
& "WHERE configVar = 'emailToFriend' " _
& "AND adminType = 'T'"
set rsTemp = openRSexecute(mySQL)
if not rstemp.eof then
emailBody = trim(rsTemp("configValLong"))
end if
call closeRS(rsTemp)
'Check for tags and replace
emailBody = replace(emailBody,"#PROD#",description)
emailBody = replace(emailBody,"#LINK#",urlNonSSL & "prodView.asp?idProduct=" & idProduct)
emailBody = replace(emailBody,"#PRICE#",pCurrencySign & moneyS(price))
emailBody = replace(emailBody,"#STORE#",pCompany)
'This page has called itself
else
'Get Form Fields
idProduct = validHTML(request.Form("idProduct"))
emailName = validHTML(request.Form("emailName"))
emailTo = validHTML(request.Form("emailTo"))
emailBody = validHTML(request.Form("emailBody"))
'Do some checks
if len(emailName) = 0 then
arrayErrors = arrayErrors & "|emailName"
end if
if len(emailTo) = 0 or invalidChar(emailTo,1,"@.-_") then
arrayErrors = arrayErrors & "|emailTo"
end if
if len(emailBody) = 0 then
arrayErrors = arrayErrors & "|emailBody"
end if
'If there was no errors, send the email.
if len(trim(arrayErrors)) = 0 then
'Send Email
call sendmail (emailName, pEmailSales, emailTo, pCompany, emailBody, 0)
'Say Thank You
response.redirect "sysMsg.asp?msg=" & server.URLEncode(langGenEmailFriendMsg)
end if
end if
%>
<%
'Close Database Connection
call closedb()
'**********************************************************************
'Main Shopping Cart Display Area
'**********************************************************************
sub cartMain()
%>