<% ' Comersus Shopping Cart ' Comersus Open Technologies ' United States ' Software License can be found at License.txt ' http://www.comersus.com ' Details: first step of checkout %> <% on error resume next dim rsTemp, connTemp, mySql, pEmail, pPassword ' get settings pStoreFrontDemoMode = getSettingKey("pStoreFrontDemoMode") pCurrencySign = getSettingKey("pCurrencySign") pDecimalSign = getSettingKey("pDecimalSign") pCompany = getSettingKey("pCompany") pCompanyLogo = getSettingKey("pCompanyLogo") pCustomerPrefix = getSettingKey("pCustomerPrefix") pUseShippingAddress = getSettingKey("pUseShippingAddress") pRandomPassword = getSettingKey("pRandomPassword") pUseVatNumber = getSettingKey("pUseVatNumber") pEncryptionPassword = getSettingKey("pEncryptionPassword") pEncryptionMethod = getSettingKey("pEncryptionMethod") pBonusPointsPerPrice = getSettingKey("pBonusPointsPerPrice") pDisableState = getSettingKey("pDisableState") pHeaderKeywords = getSettingKey("pHeaderKeywords") ' custom field names pCustomerFieldName1 = getSettingKey("customerFieldName1") pCustomerFieldName2 = getSettingKey("customerFieldName2") pCustomerFieldName3 = getSettingKey("customerFieldName3") pAuctions = getSettingKey("pAuctions") pListBestSellers = getSettingKey("pListBestSellers") pNewsLetter = getSettingKey("pNewsLetter") pPriceList = getSettingKey("pPriceList") pStoreNews = getSettingKey("pStoreNews") pUseShippingAddress = getSettingKey("pUseShippingAddress") pByPassShipping = getSettingKey("pByPassShipping") pIdDbSession = checkSessionData() pIdDbSessionCart = checkDbSessionCartOpen() pEmail = getUserInput(request.form("email"),50) pPassword = getUserInput(request.form("password"),50) pIdCustomer = getSessionVariable("idCustomer",0) pWishListIdCustomer = getSessionVariable("wishListIdCustomer",0) if pIdCustomer<>0 then ' customer already logged in mySQL="SELECT name, lastName, customerCompany, phone, email, address, zip, state, stateCode, city, countryCode, shippingAddress, shippingZip, shippingStateCode, shippingState, shippingCity, shippingCountryCode, user1, user2, user3, bonusPoints FROM customers WHERE idCustomer=" &pIdCustomer call getFromDatabase(mySQL, rstemp, "login") if rstemp.eof then response.redirect "comersus_message.asp?message="&Server.Urlencode(getMsg(402,"Cannot get customer details.")) end if else ' verify password for that email mySQL="SELECT idCustomer, name, lastName, customerCompany, phone, email, address, zip, state, stateCode, city, countryCode, shippingAddress, shippingZip, shippingStateCode, shippingState, shippingCity, shippingCountryCode, user1, user2, user3 FROM customers WHERE email='" &pEmail& "' AND password='" &EnCrypt(pPassword, pEncryptionPassword)& "' AND active=-1" call getFromDatabase(mySQL, rstemp, "login") if rstemp.eof then response.redirect "comersus_message.asp?message="&Server.Urlencode(getMsg(403,"Invalid login information.")) end if ' save logged customer in session session("idCustomer") = rstemp("idCustomer") end if pName = rstemp("name") pLastName = rstemp("lastName") pCustomerCompany = rstemp("customerCompany") pPhone = rstemp("phone") pEmail = rstemp("email") pAddress = rstemp("address") pZip = rstemp("zip") pStateCode = rstemp("stateCode") pState = rstemp("state") pCity = rstemp("city") pCountryCode = rstemp("countryCode") pShippingAddress = rstemp("shippingAddress") pShippingZip = rstemp("shippingZip") pShippingStateCode = rstemp("shippingStateCode") pShippingState = rstemp("shippingState") pShippingCity = rstemp("shippingCity") pShippingCountryCode = rstemp("shippingCountryCode") pUser1 = rstemp("user1") pUser2 = rstemp("user2") pUser3 = rstemp("user3") pBonusPoints = rstemp("bonusPoints") session("customerName") = pName pIdDbSession = checkSessionData() pIdDbSessionCart = checkDbSessionCartOpen() %>
<%=getMsg(404,"checkout")%>

<%if pCustomerFieldName1<>"" then%> <%end if%> <%if pCustomerFieldName2<>"" then%> <%end if%> <%if pCustomerFieldName3<>"" then%> <%end if%> <%if pDisableState<>"-1" then%> <%end if%> <%if pByPassShipping="0" and pUseShippingAddress="-1" then if pWishListIdCustomer<>0 then ' get address of the owner of the wish list mySQL="SELECT address, zip, state, stateCode, city, countryCode, shippingAddress, shippingZip, shippingStateCode, shippingState, shippingCity, shippingCountryCode FROM customers WHERE idCustomer="&pWishListIdCustomer call getFromDatabase(mySQL, rstemp, "checkOutCustomerForm") if not rstemp.eof then pAddress = rstemp("address") pZip = rstemp("zip") pStateCode = rstemp("stateCode") pState = rstemp("state") pCity = rstemp("city") pCountryCode = rstemp("countryCode") pShippingAddress = rstemp("shippingAddress") pShippingZip = rstemp("shippingZip") pShippingStateCode = rstemp("shippingStateCode") pShippingState = rstemp("shippingState") pShippingCity = rstemp("shippingCity") pShippingCountryCode = rstemp("shippingCountryCode") ' customer doesnt have shipping address, use billing if pShippingAddress="" then pShippingAddress = pAddress pShippingZip = pZip pShippingStateCode = pStateCode pShippingState = pShippingState pShippingCity = pShippingCity pShippingCountryCode = pShippingCountryCode end if end if end if %> <%if pDisableState<>"-1" then%> <%if pWishListIdCustomer=0 then%> <%end if%> <%end if%> <%end if%>

<%=getMsg(405,"cust infot")%>
<%=getMsg(406,"name")%>
<%=getMsg(407,"l name")%>
<%=getMsg(408,"company")%>
<%=getMsg(409,"company")%>
<%=getMsg(410,"email")%>	<%=pEmail%>
<%=pCustomerFieldName1%>
<%=pCustomerFieldName2%>
<%=pCustomerFieldName3%>
<%=getMsg(411,"billing info")%>
<%=getMsg(412,"addre")%>
<%=getMsg(413,"city")%>
<%=getMsg(414,"state")%>	<% ' get stateCodes mySQL="SELECT stateCode, stateName FROM stateCodes ORDER BY stateName" call getFromDatabase(mySQL, rstemp, "orderForm") %> <%=getMsg(415,"select")%> <%do while not rstemp.eof pStateCode2=rstemp("stateCode")%> ><%=rstemp("stateName")%> <%rstemp.movenext loop%>
<%=getMsg(416,"non listed")%>
<%=getMsg(417,"zip")%>
<%=getMsg(418,"ctry")%>	<% ' get Country mySQL="SELECT countryCode, countryName FROM countryCodes ORDER BY countryName" call getFromDatabase(mySQL, rstemp, "orderForm") %> <%=getMsg(419,"select")%> <%do while not rstemp.eof pCountryCode2=rstemp("countryCode")%> ><%=rstemp("countryName")%> <%rstemp.movenext loop%>
<%=getMsg(420,"ship info")%>
<%=getMsg(412,"addr")%>	<%if pWishListIdCustomer=0 then%> <%else%> <%=pShippingAddress%> <%end if%>
<%=getMsg(413,"city")%>	<%if pWishListIdCustomer=0 then%> <%else%> <%=pShippingCity%> <%end if%>
<%=getMsg(414,"state")%>	<%if pWishListIdCustomer=0 then%> <% ' get stateCodes mySQL="SELECT stateCode, stateName FROM stateCodes ORDER BY stateName" call getFromDatabase(mySQL, rstemp, "checkShippingAddress") %> <%=getMsg(415,"select")%> <%do while not rstemp.eof pStateCode2=rstemp("stateCode") %> ><%=rstemp("stateName")%> <%rstemp.movenext loop%> <%else%> <%=pShippingStateCode%><%=pShippingState%> <%end if%>
<%=getMsg(416,"non listed")%>
<%=getMsg(417,"zip")%>	<%if pWishListIdCustomer=0 then%> <%else%> <%=pShippingZip%> <%end if%>
<%=getMsg(418,"ctry")%>	<%if pWishListIdCustomer=0 then%> <% ' get country mySQL="SELECT countryCode, countryName FROM countryCodes ORDER BY countryName" call getFromDatabase(mySQL, rstemp, "checkShippingAddress") %> <%=getMsg(419,"select")%> <%do while not rstemp.eof pShippingCountryCode2=rstemp("countryCode")%> ><%=rstemp("countryName")%> <%rstemp.movenext loop%> <%else%> <%=pShippingCountryCode%> <%end if%>
">

<%call closeDb()%>