📄 processorder.asp
字号:
<%@ TRANSACTION=Requires_New Language="JScript" %>
<%
Response.Buffer = true;
// Database connection string
var sdbConnString = "Provider=SQLOLEDB.1;Password=madforit;Persist Security Info=True;User ID=MMCustomer;Initial Catalog=MusicMad;Data Source=.";
var iErrorNo = 0;
var sErrorDescription;
// Index of first Item element in form
var iItemElementStart = 12;
// ADO constants - makes code more readable
var adCmdStoredProc = 4;
var adParamReturnValue = 4;
var adParamInput = 1;
var adParamOutput = 2;
var adVarChar = 200;
var adInteger = 3;
function OnTransactionAbort()
{
// If error is not insufficent stock
if (iErrorNo != 547)
Response.Redirect("transerror.asp?" + escape(sErrorDescription));
}
function OnTransactionCommit()
{
// Everything went ok - re-direct to confirmation page
Response.Cookies("Basket")= "";
Response.Redirect("acceptorder.asp?" + iOrderId);
}
// Process order form
try
{
var loConn = Server.CreateObject("ADODB.Connection");
var loCommand = Server.CreateObject("ADODB.Command");
var loParam;
var iCustId = -1;
var iOrderId = -1;
loConn.Open(sdbConnString);
// Create ADO command object which will execute our stored procedure
loCommand.CommandText = "NewOrder";
loCommand.CommandType = adCmdStoredProc;
loCommand.Name = "NewOrder";
// @Title, @FirstName varchar(50), @LastName varchar(50), @Email varchar(75), @Street varchar(75)
loParam = loCommand.CreateParameter("RV", adInteger, adParamReturnValue);
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("Title", adVarChar, adParamInput, 4, Request.Form("txtTitle"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("FirstName", adVarChar, adParamInput, 50, Request.Form("txtFirstName"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("LastName", adVarChar, adParamInput, 50, Request.Form("txtLastName"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("Email", adVarChar, adParamInput, 75, Request.Form("txtEmail"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("Street", adVarChar, adParamInput, 75, Request.Form("txtStreet"));
loCommand.Parameters.Append(loParam);
// @City varchar(50), @Locality varchar(50), @Country varchar(50)
loParam = loCommand.CreateParameter("City", adVarChar, adParamInput, 50, Request.Form("txtCity"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("Locality", adVarChar, adParamInput, 50, Request.Form("txtLocality"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("PostCode", adVarChar, adParamInput, 15, Request.Form("txtPostCode"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("Country", adVarChar, adParamInput, 50, Request.Form("txtCountry"));
loCommand.Parameters.Append(loParam);
// @CCHolderName varchar(50), @CCType varchar(25), @CCNo varchar(20), @CCExpire varchar(7)
loParam = loCommand.CreateParameter("CCHolderName", adVarChar, adParamInput, 50, Request.Form("txtCCHolderName"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("CCType", adVarChar, adParamInput, 25, Request.Form("txtCCType"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("CCNo", adVarChar, adParamInput, 20, Request.Form("txtCCNo"));
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("CCExpire", adVarChar, adParamInput, 7, Request.Form("txtCCExpire"));
loCommand.Parameters.Append(loParam);
// @CustId int, @OrderId int
loParam = loCommand.CreateParameter("CustId", adInteger, adParamOutput);
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("OrderId", adInteger, adParamOutput);
loCommand.Parameters.Append(loParam);
loCommand.ActiveConnection = loConn;
loCommand.Execute();
// check if stored procedure executed ok
// abort transaction if failed
if (loCommand.Parameters("RV") != 0)
{
// get Stored Procs return value
iErrorNo = loCommand.Parameters("RV");
ObjectContext.SetAbort;
}
else
{
// Retrieve CustId and OrderId from
// stored procs output variables
iCustId = loCommand.Parameters("CustId");
iOrderId = loCommand.Parameters("OrderId");
// Create new command object
// to add each order item detail to database
loCommand = null;
loCommand = Server.CreateObject("ADODB.Command");
loCommand.CommandText = "AddOrderItem";
loCommand.CommandType = adCmdStoredProc;
loCommand.Name = "AddOrderItem";
//Append Parameters @OrderId int, @ItemId int, @Qty int
loParam = loCommand.CreateParameter("RV", adInteger, adParamReturnValue);
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("OrderId", adInteger, adParamInput,0,iOrderId);
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("ItemId", adInteger, adParamInput);
loCommand.Parameters.Append(loParam);
loParam = loCommand.CreateParameter("Qty", adInteger, adParamInput);
loCommand.Parameters.Append(loParam);
loCommand.ActiveConnection = loConn;
var sElementKey;
var iItemId;
var iQty;
// Loop through the item form elements
for (var iElementCounter = iItemElementStart;iElementCounter <= Request.Form.Count; iElementCounter++)
{
sElementKey = new String(Request.Form.Key(iElementCounter));
// if element name starts with ID its an item form element
if (sElementKey.substr(3,2) == "ID")
{
// Get ItemId from form value passed
iItemId = parseInt(sElementKey.substring(5,sElementKey.length));
// move to next element which is quantity value for that item
iElementCounter++;
// get quantity
iQty = parseInt(Request.Form(iElementCounter));
// set command's parameters
loCommand.Parameters("ItemId") = iItemId;
loCommand.Parameters("Qty") = iQty;
// execute stored procedure
loCommand.Execute();
// Any errors?
if (loCommand.Parameters("RV") != 0)
{
// set iErrorNo, abort transaction and break out
// of loop
iErrorNo = loCommand.Parameters("RV");
ObjectContext.SetAbort;
break;
}
}
}
}
// only set complete if transaction complete with no errors
if (iErrorNo == 0)
ObjectContext.SetComplete;
}
catch(e)
{
sErrorDescription = e;
ObjectContext.SetAbort;
}
%>
<html>
<%
// If error is Out Of Stock then create HTML
if (iErrorNo == 547)
{
%>
<h2>Sorry we are unable to fully satisfy your order</h2>
<P>
<form action="ProcessOrder.asp" method="POST">
We do not currently have sufficent stock for some items in your order, details listed below<BR>
<!-- Name/Address Details -->
<INPUT TYPE="HIDDEN" NAME="txtTitle" VALUE="<%=Request.Form("txtTitle")%>">
<INPUT TYPE="HIDDEN" NAME="txtFirstName" VALUE="<%=Request.Form("txtFirstName")%>">
<INPUT TYPE="HIDDEN" NAME="txtLastName" VALUE="<%=Request.Form("txtLastName")%>">
<INPUT TYPE="HIDDEN" NAME="txtEmail" VALUE="<%=Request.Form("txtEmail")%>">
<INPUT TYPE="HIDDEN" NAME="txtStreet" VALUE="<%=Request.Form("txtStreet")%>">
<INPUT TYPE="HIDDEN" NAME="txtCity" VALUE="<%=Request.Form("txtCity")%>">
<INPUT TYPE="HIDDEN" NAME="txtLocality" VALUE="<%=Request.Form("txtLocality")%>">
<INPUT TYPE="HIDDEN" NAME="txtPostCode" VALUE="<%=Request.Form("txtPostCode")%>">
<INPUT TYPE="HIDDEN" NAME="txtCountry" VALUE="<%=Request.Form("txtCountry")%>">
<INPUT TYPE="HIDDEN" NAME="txtCCHolderName" VALUE="<%= Request.Form("txtCCHolderName") %>">
<INPUT TYPE="HIDDEN" NAME="txtCCNo" VALUE="<%= Request.Form("txtCCNo") %>">
<INPUT TYPE="HIDDEN" NAME="txtCCType" VALUE="<%= Request.Form("txtCCType") %>">
<INPUT TYPE="HIDDEN"
NAME="txtCCExpire"
VALUE="<%= Request.Form("txtCCExpire") %>">
<% var loRS;
// Create new command object
loCommand = null;
loCommand = Server.CreateObject("ADODB.Command");
loCommand.CommandText = "ItemAvailability";
loCommand.CommandType = adCmdStoredProc;
loCommand.Name = "ItemAvailability";
//@ItemId int
loParam = loCommand.CreateParameter("ItemId", adInteger, adParamInput);
loCommand.Parameters.Append(loParam);
loCommand.ActiveConnection = loConn;
var sElementKey;
var iItemId;
var iQty;
var iQtyInStock;
for (var iElementCounter = iItemElementStart;iElementCounter <= Request.Form.Count; iElementCounter++)
{
sElementKey = new String(Request.Form.Key(iElementCounter));
// If this is an item element
if (sElementKey.substr(3,2) == "ID")
{
// get ItemId
iItemId = parseInt(sElementKey.substring(5,sElementKey.length));
iElementCounter++;
// Get desired quantity
iQty = parseInt(Request.Form(iElementCounter));
// access database to see how many are actually available
loCommand.Parameters("ItemId") = iItemId;
loRS = loCommand.Execute();
iQtyInStock = loRS("QtyInStock");
// If insufficent stock
if (iQtyInStock < iQty)
{
// no stock at all - so no able to provide any of this item
if (iQtyInStock == 0)
{%>
<P><strong><%= loRS("Title") %> by <%= loRS("ArtistName") %> is currently unavailable, we hope to have new stock in shortly</strong></P>
<%
}
else
// some stock available but not in quanities requested by customer
{%>
<P><strong>You requested <%= iQty %> copies of <%= loRS("Title") %> by <%= loRS("ArtistName") %>, unfortunately we only have <%= iQtyInStock %> in stock</strong>
<input type="Hidden" name="<%= "txtID" + iItemId %>" value="<%= "ID" + iItemId %>">
<input type="Hidden" name="<%= "txtQtyID" + iItemId %>" value="<%= iQtyInStock %>">
</P>
<%
}
}
else
// sufficent stock - add hidden elements to form
{ %>
<input type="Hidden" name="<%= "txtID" + iItemId %>" value="<%= "ID" + iItemId %>">
<input type="Hidden" name="<%= "txtQtyID" + iItemId %>" value="<%= iQtyInStock %>">
<%}
}
} %>
<P>
Click <input type="Submit" name="cmdSubmit" value="Process Order">
to submit your order with the maximum amount amounts available.
</P>
<P>
Click <input type="button" name="cmdCancel" value="Cancel Order" onClick="window.location.replace('ordercancel.htm');"> to end this transaction, no monies have been debited from your credit card.
</P>
</FORM>
<% }
// close database connection
loConn.Close();
loConn = null;
%>
<body>
</body>
</html>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -