📄 checkout.aspx
字号:
<%@ Page Explicit="True" Language="VB" Debug="True" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.sqlclient" %>
<!--#include file="config.aspx" -->
<!--#include file="scrollerdata.aspx" -->
<!--#include file="man_menu.aspx" -->
<!--#include file="checklogin.aspx" -->
<Script Runat="Server">
Sub Page_Load( s As Object, e As EventArgs )
call logincheck
call checkstatus
call dbcon
call fillmanu
call scrollphone
call Getamount
if session("useriD")="" then
btnlogin.text="login"
end if
If Not isPostBack Then
call dbcon
if session("useriD")="" then
btnlogin.text="login"
end if
End If
lblip.text=request.servervariables("REMOTE_ADDR")
End Sub
sub logincheck
if session("userID")="" or session("cartison")="" or session.sessionID<>request.QueryString("transID") or session("seccode")<>request.QueryString("seccode") or session("cartison")="" then
session("checklog")= true
response.redirect("requesterror.aspx")
end if
end sub
sub Getamount
dbcon
mcmd=new sqlcommand("select sum(totalamount) as finaltotal from temp_cart where transiD='"& session.SessionID &"' and secCode='"& request("secCode") & "' and userID='"& session("userID") & "' ",bcon)
bcon.open
objreader=mcmd.executereader
objreader.read
totalamount=objreader("finaltotal")
lblfinalprice.text=totalamount & " LKR"
objreader.close
bcon.close
end sub
sub savedata(sender As Object, e As System.Web.UI.ImageClickEventArgs)
call ordernumgen
orderID="ORD" & cstr(ord) & session("userID")
session("orderID")=cstr(orderID)
dim xdate as string
xdate= txtmm.text & "/" & txtYYYY.text
If Not IsDate(xdate) then
lbldate.text="Invalid date"
lbldate.visible=true
else if (DateDiff(DateInterval.Day, CDate(Now), CDate(xdate)))< 7 then
lbldate.text="card is expired or expires within 7 days"
lbldate.visible=true
else if txtcardno.text.length< 15 then
lblcardVal.text="*card number should be atleast 15 digits"
lblcardval.visible=true
else
tcmd= new sqlcommand("insert into payments(orderID,userID,amount,card_type,card_holder,card_secno,card_no,exp_date,IP,Ord_date,TP,Deladdr,status)values(@orderID,@userID,@amount,@card_type,@card_holder,@card_secno,@card_no,@exp_date,@IP,@ord_date,@tp,@Deladdr,@status)",bcon)
TCmd.Parameters.Add(New sqlParameter("@orderID", sqlDbType.Varchar,50))
TCmd.Parameters.Add(New sqlParameter("@userID", sqlDbType.Varchar,50))
TCmd.Parameters.Add(New sqlParameter("@amount", sqlDbType.decimal))
TCmd.Parameters.Add(New sqlParameter("@card_type", sqlDbType.Varchar,50))
TCmd.Parameters.Add(New sqlParameter("@card_holder", sqlDbType.Varchar,100))
TCmd.Parameters.Add(New sqlParameter("@card_secno", sqlDbType.int))
TCmd.Parameters.Add(New sqlParameter("@card_no", sqlDbType.Varchar,100))
TCmd.Parameters.Add(New sqlParameter("@exp_date", sqlDbType.datetime))
TCmd.Parameters.Add(New sqlParameter("@IP", sqlDbType.char,200))
TCmd.Parameters.Add(New sqlParameter("@ord_date", sqlDbType.datetime))
TCmd.Parameters.Add(New sqlParameter("@TP", sqlDbType.varchar,50))
TCmd.Parameters.Add(New sqlParameter("@Deladdr", sqlDbType.Varchar,500))
TCmd.Parameters.Add(New sqlParameter("@Status", sqlDbType.Varchar,10))
TCmd.Parameters("@orderID").Value=orderID
TCmd.Parameters("@userID").Value=session("userID")
TCmd.Parameters("@amount").Value=totalamount
TCmd.Parameters("@card_type").Value=cboCardtyp.selecteditem.text
TCmd.Parameters("@card_holder").Value=txtCardhol.text
TCmd.Parameters("@card_secno").Value=cint(txtSeccode.text)
TCmd.Parameters("@card_no").Value=txtcardno.text
TCmd.Parameters("@exp_date").Value=cdate(xdate)
TCmd.Parameters("@IP").Value=request.ServerVariables("REMOTE_ADDR")
TCmd.Parameters("@ord_date").Value=cdate(now)
TCmd.Parameters("@TP").Value=txtPhnno.text
TCmd.Parameters("@Deladdr").Value=txtDeladd.text
TCmd.Parameters("@status").Value="No"
bcon.open
tcmd.executenonquery
bcon.close
bcon.open
mcmd=new sqlcommand("update ordGen set ordernumber=ordernumber+1",bcon)
mcmd.executenonquery
bcon.close
call dataTopermenent
call updateqty
call deltemp
call sendnotification
call checkreOrder
response.Redirect("paymentsuccess.aspx?transID=" &request.QueryString("transID") & "&secCode=" &cstr(session("secCode")))
end if
end sub
sub dataTopermenent
call dbcon
bcmd=new sqlcommand("select phoneId,qty,totalamount from temp_cart where transId='" & session.SessionID & "' and userID='" & session("userID") & "' and secCode='" & request.QueryString("secCode") & "' ",bcon)
bcon.open
objreader = BCmd.ExecuteReader
while objreader.read
cartcon.open()
Tcmd = New SqlCommand("insert into ordertable(OrderID,userID,phoneID,ord_quantity,subtotal)values('" & orderID & "','" & session("userID") &"','" & objreader("phoneID") & "','" & objreader("qty") & "','" & objreader("totalamount") & "')",cartCon)
Tcmd.ExecuteNonQuery()
cartCon.Close()
end while
bcon.close
end sub
sub deltemp
call dbcon
pcmd=new sqlcommand("delete from temP_cart where transID='" & session.SessionID & "' and secCode='" & session("secCode") & "' and userid='" & session("userId") & "'",bcon)
bcon.open
pcmd.executenonquery
bcon.close
session("cartisOn")=""
end sub
'generate ordernumber
sub ordernumgen
dbcon
mcmd=new sqlcommand("select ordernumber from ordgen",bcon)
bcon.open
dr=mcmd.executereader
dr.read
ord=dr("ordernumber")
dr.close
bcon.close
end sub
public orderID as string
public ord as integer
public totalamount as decimal
sub sendnotification'user
call dbcon
dim usermail as string
pcmd=new sqlcommand("select email from users where userID='" & session("userID") & "'",cartCon)
cartcon.open
dr=pcmd.executereader
dr.read
usermail=dr("email")
session("cusemail")=usermail
Dim EmailMessage As New System.Web.Mail.MailMessage
'Smtp object to send the message
Dim emailSMTP As System.Web.Mail.SmtpMail
'build the mailMessage
EmailMessage.From = "noreply@azmil.com"
EmailMessage.To = usermail
EmailMessage.Subject = "transaction details "
EmailMessage.BodyFormat = Mail.MailFormat.Html
EmailMessage.Body = "Dear <b> " & session("userId") & " </b>, <p>thank you for purchasing at GSMlanka your transaction details are as follows:<BR>OrderID:<b>" & orderID & " </B> <br>Status:success<br><br>thank you for visiting www.azmil.com.keep in touch<br>thank you<br>gsmlanka<br><br>please check your order stats at www.azmil.com/trackorder.aspx<br>p:s you are recieving this mail because you are a member of the website located at www.azmil.com "
emailSMTP.SmtpServer = "localhost"
emailSMTP.Send(EmailMessage)
end sub
sub updateqty
call dbcon
mcmd=new sqlcommand("select phoneID,qty from temp_cart where transId='" & session.SessionID & "' and userID='" & session("userID") & "' and secCode='" & request.QueryString("secCode") & "' ",bcon)
bcon.open
cdr=mcmd.executereader
while cdr.read
tcmd=new sqlcommand("update phone_details set quantity=quantity-'" & cdr("qty") & "' where phoneID='" & cdr("phoneID") & " '",cartcon)
cartcon.open
tcmd.executenonquery
cartcon.close
end while
bcon.close
end sub
sub checkreOrder
call dbcon
mcmd=new sqlcommand("select phoneID from phone_details where reorder_lvl>quantity",bcon)
bcon.open
tempdr=mcmd.executereader
if tempdr.hasrows=true then
maillevel ="phones reached re-order level"
while tempdr.read
maillevel= maillevel & "<br>" & tempdr("phoneID") & "<br>"
call emailreorder
end while
bcon.close
end if
end sub
sub emailreorder
Dim EmailLVL As New System.Web.Mail.MailMessage
'Smtp object to send the message
Dim emailSMTP As System.Web.Mail.SmtpMail
'build the mailMessage
EmailLVL.From = "noreply@azmil.com"
EmailLVL.To = "mfmaneef@gmail.com"
EmailLVL.Subject = "Phones in need"
EmailLVL.BodyFormat = Mail.MailFormat.Html
EmailLVL.Body = maillevel
emailSMTP.SmtpServer = "localhost"
emailSMTP.Send(EmailLVL)
end sub
public maillevel as string
</Script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>GSMLanka - your online mobile shop,discussion forum and support for mobile users</title>
<link href="stylesheet1.css" rel="stylesheet1" type="text/css" />
<SCRIPT language=JavaScript
src="javascript.js"></SCRIPT>
<style type="text/css">
<!--
.borderTable {padding: 0px 0px 0px 0px;
border: 1px solid #cccccc;
}
.borderTable {padding: 0px 0px 0px 0px;
border: 1px solid #CCCCCC;
}
-->
</style>
<link href="stylesheet1.css" rel="stylesheet1" type="text/css" />
<style type="text/css">
<!--
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -