<% 'This code is copyright (c) Internet Business Solutions SL, all rights reserved. 'The contents of this file are protect under law as the intellectual property 'of Internet Business Solutions SL. Any use, reproduction, disclosure or copying 'of any kind without the express and written permission of Internet Business 'Solutions SL is forbidden. 'Author: Vince Reid, vince@virtualred.net Dim sSQL,rs,alldata,success,cnn,errmsg,rowcounter,startfont,endfont,sd,ed,smonth,allorders,addcomma,delStr,delOptions,ordAddInfo,ordCNum if storesessionvalue="" then storesessionvalue="virtualstore" netnav = false if htmlemails=true then emlNl = "
" else emlNl=vbCrLf if instr(Request.ServerVariables("HTTP_USER_AGENT"), "Gecko") > 0 then netnav = true lisuccess=0 if dateadjust="" then dateadjust=0 thedate = DateAdd("h",dateadjust,Now()) thedate = DateSerial(year(thedate),month(thedate),day(thedate)) if request.querystring("doedit")="true" then doedit=TRUE else doedit=FALSE function editfunc(data,col,size) if doedit then editfunc = "" else editfunc = data end function function editnumeric(data,col,size) if doedit then editnumeric = "" else editnumeric = FormatEuroCurrency(data) end function function URLDecode(byVal encodedstring) Dim strIn, strOut, intPos, strLeft Dim strRight, intLoop strIn = encodedstring : strOut = "" : intPos = Instr(strIn, "+") Do While intPos strLeft = "" : strRight = "" If intPos > 1 then strLeft = Left(strIn, intPos - 1) If intPos < len(strIn) then strRight = Mid(strIn, intPos + 1) strIn = strLeft & " " & strRight intPos = InStr(strIn, "+") intLoop = intLoop + 1 Loop intPos = InStr(strIn, "%") Do while intPos AND Len(strIn) > 2 If intPos > 1 then strOut = strOut & Left(strIn, intPos - 1) strOut = strOut & Chr(CInt("&H" & mid(strIn, intPos + 1, 2))) If intPos > (len(strIn) - 3) then strIn = "" Else strIn = Mid(strIn, intPos + 3) End If intPos = InStr(strIn, "%") Loop URLDecode = strOut & strIn end function function getNumericField(fldname) fldval = Trim(Request.Form(fldname)) if NOT IsNumeric(fldval) then getNumericField=0.0 else getNumericField=cDbl(fldval) end function Set rs = Server.CreateObject("ADODB.RecordSet") Set rs2 = Server.CreateObject("ADODB.RecordSet") Set rsl = Server.CreateObject("ADODB.RecordSet") Set cnn=Server.CreateObject("ADODB.Connection") cnn.open sDSN if Session("loggedon") <> storesessionvalue AND Trim(request.cookies("WRITECKL"))<>"" then sSQL="SELECT adminID FROM admin WHERE adminUser='" & Replace(request.cookies("WRITECKL"),"'","''") & "' AND adminPassword='" & Replace(request.cookies("WRITECKP"),"'","''") & "' AND adminID=1" rs.Open sSQL,cnn,0,1 if NOT (rs.EOF OR rs.BOF) then Session("loggedon") = storesessionvalue else lisuccess=2 end if rs.Close end if if (Session("loggedon") <> storesessionvalue AND lisuccess<>2) OR disallowlogin=TRUE then response.end Sub release_stock(smOrdId) if stockManage <> 0 then sSQL="SELECT cartID,cartProdID,cartQuantity,pSell FROM cart INNER JOIN products ON cart.cartProdID=products.pID WHERE cartCompleted=1 AND cartOrderID=" & smOrdId rsl.Open sSQL,cnn,0,1 do while NOT rsl.EOF if ((rsl("pSell") AND 2) = 2) then sSQL = "SELECT coOptID FROM cartoptions INNER JOIN (options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID) ON cartoptions.coOptID=options.optID WHERE (optType=2 OR optType=-2) AND coCartID=" & rsl("cartID") rs.Open sSQL,cnn,0,1 do while NOT rs.EOF sSQL = "UPDATE options SET optStock=optStock+"&rsl("cartQuantity")&" WHERE optID="&rs("coOptID") cnn.Execute(sSQL) rs.MoveNext loop rs.Close else sSQL = "UPDATE products SET pInStock=pInStock+"&rsl("cartQuantity")&" WHERE pID='"&rsl("cartProdID")&"'" cnn.Execute(sSQL) end if rsl.MoveNext loop rsl.Close end if End Sub if lisuccess=2 then %>

<%=yyOpFai%>

<%=yyCorCoo%> <%=yyCorLI%> <%=yyClkHer%>.

<% else success=true alreadygotadmin = getadminsettings() saveLCID = session.LCID if Request.Form("updatestatus")="1" then cnn.Execute("UPDATE orders SET ordStatusInfo='"&Replace(request.form("ordStatusInfo"),"'","''")&"' WHERE ordID="&Request.Form("orderid")) elseif Request.QueryString("id")<>"" then if Request.Form("delccdets")<>"" then sSQL = "UPDATE orders SET ordCNum='' WHERE ordID="&Request.QueryString("id") cnn.Execute(sSQL) end if sSQL = "SELECT cartProdId,cartProdName,cartProdPrice,cartQuantity,cartID FROM cart WHERE cartOrderID="&Request.QueryString("id") rs.Open sSQL,cnn,0,1 allorders = "" if NOT rs.EOF then allorders=rs.getrows rs.Close else ' Delete old uncompleted orders. if delccafter<>0 then tdt = thedate-delccafter sSQL = "UPDATE orders SET ordCNum='' WHERE ordDate<"&datedelim & VSUSDate(tdt) & datedelim cnn.Execute(sSQL) end if if delAfter<>0 then tdt = thedate-delAfter sSQL = "SELECT cartOrderID,cartID FROM cart WHERE cartCompleted=0 AND cartDateAdded<"&datedelim & VSUSDate(tdt) & datedelim rs.Open sSQL,cnn,0,1 if NOT rs.EOF then delStr="" delOptions="" do while NOT rs.EOF delStr = delStr & addcomma & rs("cartOrderID") delOptions = delOptions & addcomma & rs("cartID") addcomma = "," rs.MoveNext loop cnn.Execute("DELETE FROM orders WHERE ordID IN ("&delStr&")") cnn.Execute("DELETE FROM cartoptions WHERE coCartID IN ("&delOptions&")") cnn.Execute("DELETE FROM cart WHERE cartID IN ("&delOptions&")") end if rs.Close else tdt = thedate - 3 sSQL = "SELECT cartOrderID,cartID FROM cart WHERE cartCompleted=0 AND cartOrderID=0 AND cartDateAdded<"&datedelim & VSUSDate(tdt) & datedelim rs.Open sSQL,cnn,0,1 if NOT rs.EOF then delStr="" delOptions="" do while NOT rs.EOF delStr = delStr & addcomma & rs("cartOrderID") delOptions = delOptions & addcomma & rs("cartID") addcomma = "," rs.MoveNext loop cnn.Execute("DELETE FROM cartoptions WHERE coCartID IN ("&delOptions&")") cnn.Execute("DELETE FROM cart WHERE cartID IN ("&delOptions&")") end if rs.Close end if sSQL = "SELECT statID,statPrivate FROM orderstatus WHERE statPrivate<>'' ORDER BY statID" rs.Open sSQL,cnn,0,1 allstatus=rs.GetRows rs.Close end if if Request.Form("updatestatus")="1" then %>

<%=yyUpdSuc%>

<%=yyNowFrd%>

<%=yyNoAuto%> <%=yyClkHer%>.

<% elseif Request.Form("doedit")="true" then OWSP = "" if mysqlserver then rs.CursorLocation = 3 rs.Open "SELECT * FROM orders WHERE ordID="&request.form("orderid"),cnn,1,3,&H0001 thesessionid = rs.Fields("ordSessionID") rs.Fields("ordName") = trim(request.form("name")) rs.Fields("ordAddress") = trim(request.form("address")) if useaddressline2=TRUE then rs.Fields("ordAddress2") = trim(request.form("address2")) rs.Fields("ordCity") = trim(request.form("city")) rs.Fields("ordState") = trim(request.form("state")) rs.Fields("ordZip") = trim(request.form("zip")) rs.Fields("ordCountry") = trim(request.form("country")) rs.Fields("ordEmail") = trim(request.form("email")) rs.Fields("ordPhone") = trim(request.form("phone")) rs.Fields("ordShipName") = trim(request.form("sname")) rs.Fields("ordShipAddress") = trim(request.form("saddress")) if useaddressline2=TRUE then rs.Fields("ordShipAddress2") = trim(request.form("saddress2")) rs.Fields("ordShipCity") = trim(request.form("scity")) rs.Fields("ordShipState") = trim(request.form("sstate")) rs.Fields("ordShipZip") = trim(request.form("szip")) rs.Fields("ordShipCountry") = trim(request.form("scountry")) rs.Fields("ordShipType") = trim(request.form("shipmethod")) rs.Fields("ordIP") = trim(request.form("ipaddress")) ordComLoc=0 if Trim(request.form("commercialloc"))="Y" then ordComLoc = 1 if Trim(request.form("wantinsurance"))="Y" then ordComLoc = ordComLoc + 2 rs.Fields("ordComLoc") = ordComLoc rs.Fields("ordAffiliate") = Trim(Request.Form("PARTNER")) rs.Fields("ordAddInfo") = trim(Request.Form("ordAddInfo")) rs.Fields("ordStatusInfo") = trim(Request.Form("ordStatusInfo")) rs.Fields("ordDiscountText")= Trim(Request.Form("discounttext")) rs.Fields("ordExtra1") = Trim(Request.Form("ordextra1")) rs.Fields("ordExtra2") = Trim(Request.Form("ordextra2")) rs.Fields("ordShipping") = getNumericField("ordShipping") if canadataxsystem=true then rs.Fields("ordHSTTax") = getNumericField("ordHSTTax") rs.Fields("ordStateTax") = getNumericField("ordStateTax") rs.Fields("ordCountryTax") = getNumericField("ordCountryTax") rs.Fields("ordDiscount") = getNumericField("ordDiscount") rs.Fields("ordHandling") = getNumericField("ordHandling") rs.Fields("ordAuthNumber") = Trim(Request.Form("ordAuthNumber")) rs.Fields("ordTransID") = Trim(Request.Form("ordTransID")) rs.Fields("ordTotal") = getNumericField("ordtotal") rs.Update rs.Close for jj = 1 to Request.Form.Count for each objElem in Request.Form if Request.Form(objElem) is Request.Form(jj) then objForm = objElem next ' response.write objForm & " : " & Request.Form(objForm) & "
" if Left(objForm,6)="prodid" then idno = trim(right(objForm, Len(objForm)-6)) cartid = trim(request.form("cartid"&idno)) prodid = trim(request.form("prodid"&idno)) quant = trim(request.form("quant"&idno)) theprice = trim(request.form("price"&idno)) prodname = trim(request.form("prodname"&idno)) delitem = trim(request.form("del_"&idno)) if delitem="yes" then cnn.Execute("DELETE FROM cart WHERE cartID=" & cartid) cnn.Execute("DELETE FROM cartoptions WHERE coCartID=" & cartid) cartid = "" elseif cartid<>"" then Session.LCID = 1033 sSQL = "UPDATE cart SET cartProdID='"&replace(prodid,"'","''")&"',cartProdPrice="&theprice&",cartProdName='"&replace(prodname,"'","''")&"',cartQuantity="&quant&" WHERE cartID="&cartid cnn.Execute(sSQL) Session.LCID = saveLCID cnn.Execute("DELETE FROM cartoptions WHERE coCartID=" & cartid) else rs.Open "cart",cnn,1,3,&H0002 rs.AddNew rs.Fields("cartSessionID") = thesessionid rs.Fields("cartProdID") = prodid rs.Fields("cartQuantity") = quant rs.Fields("cartCompleted") = 1 rs.Fields("cartProdName") = prodname rs.Fields("cartProdPrice") = theprice rs.Fields("cartDateAdded") = DateAdd("h",dateadjust,Now()) rs.Fields("cartOrderID") = request.form("orderid") rs.Update if mysqlserver=true then rs.Close rs.Open "SELECT LAST_INSERT_ID() AS lstIns",cnn,0,1 cartid = rs("lstIns") else cartid = rs.Fields("cartID") end if rs.Close end if if cartid<>"" then optprefix = "optn"&idno&"_" prefixlen = len(optprefix) for kk = 1 to Request.Form.Count for each objElem in Request.Form if Request.Form(objElem) is Request.Form(kk) then objForm = objElem next if Left(objForm,prefixlen)=optprefix then optidarr = split(Request.Form(objForm),"|") if UBOUND(optidarr) >= 0 then optid = optidarr(0) if Trim(Request.Form("v"&objForm))="" then sSQL="SELECT optID,"&getlangid("optGrpName",16)&","&getlangid("optName",32)&","&OWSP&"optPriceDiff,optWeightDiff,optType,optFlags FROM options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optID="&Replace(optid,"'","") rs.Open sSQL,cnn,0,1 if abs(rs("optType"))<> 3 then sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES ("&cartID&","&rs("optID")&",'"&Replace(rs(getlangid("optGrpName",16))&"","'","''")&"','"&Replace(rs(getlangid("optName",32))&"","'","''")&"'," sSQL = sSQL & optidarr(1) & ",0)" else sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES ("&cartID&","&rs("optID")&",'"&Replace(rs(getlangid("optGrpName",16))&"","'","''")&"','',0,0)" end if rs.Close cnn.Execute(sSQL) else sSQL="SELECT optID,"&getlangid("optGrpName",16)&","&getlangid("optName",32)&" FROM options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optID="&replace(optid,"'","") rs.Open sSQL,cnn,0,1 sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES ("&cartID&","&rs("optID")&",'"&Replace(rs(getlangid("optGrpName",16))&"","'","''")&"','"&replace(trim(Request.Form("v"&objForm)),"'","''")&"',0,0)" cnn.Execute(sSQL) rs.Close end if end if end if next end if end if next %>

<%=yyUpdSuc%>

<%=yyNowFrd%>

<%=yyNoAuto%> <%=yyClkHer%>.

<% elseif Request.QueryString("id")<>"" then statetaxrate=0 countrytaxrate=0 hsttaxrate=0 countryorder=0 sSQL = "SELECT ordID,ordName,ordAddress,ordAddress2,ordCity,ordState,ordZip,ordCountry,ordEmail,ordPhone,ordShipName,ordShipAddress,ordShipAddress2,ordShipCity,ordShipState,ordShipZip,ordShipCountry,ordPayProvider,ordAuthNumber,ordTransID,ordTotal,ordDate,ordStateTax,ordCountryTax,ordShipping,ordShipType,ordIP,ordAffiliate,ordDiscount,ordDiscountText,ordHandling,ordComLoc,ordExtra1,ordExtra2,ordHSTTax,ordAddInfo FROM orders INNER JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider WHERE ordID="&Request.QueryString("id") rs.Open sSQL,cnn,0,1 if doedit then Session.LCID = 1033 response.write "

" overridecurrency=TRUE orcsymbol="" orcdecplaces=2 orcpreamount=true end if %> <% if isprinter AND invoicefooter<>"" then %> <% elseif doedit then %> <% end if %>

<% if isprinter AND invoiceheader<>"" then %> <% end if %> <% if isprinter AND invoiceaddress<>"" then %> <% end if %> <% if Trim(extraorderfield1)<>"" then %> <% end if %> <% if useaddressline2=TRUE then %> <% end if %> <% if Trim(extraorderfield2)<>"" then %> <% end if %> <% if NOT isprinter then %> <% end if if Trim(rs("ordDiscountText"))<>"" then %> <% end if if trim(rs("ordShipName")&"")<>"" OR trim(rs("ordShipAddress")&"")<>"" OR trim(rs("ordShipCity")&"")<>"" OR doedit then %> <% if useaddressline2=TRUE then %> <% end if %> <% end if if rs("ordShipType")<>"" OR rs("ordComLoc")>0 OR doedit then %> <% if doedit then %> <% end if end if ordAuthNumber = trim(rs("ordAuthNumber")&"") ordTransID = trim(rs("ordTransID")&"") if NOT isprinter AND (ordAuthNumber<>"" OR ordTransID<>"" OR doedit) then %> <% end if ordAddInfo = Trim(rs("ordAddInfo")) if ordAddInfo <> "" OR doedit then %> <% end if if NOT isprinter then sSQL = "SELECT ordStatusInfo FROM orders WHERE ordID="&Request.QueryString("id") rs2.Open sSQL,cnn,0,1 ordStatusInfo = rs2("ordStatusInfo") rs2.Close if NOT doedit then response.write "" %> <% if (rs("ordPayProvider")=3 OR rs("ordPayProvider")=13) AND rs("ordAuthNumber")<>"" AND NOT doedit then %> <% end if if NOT doedit then response.write "" end if %> <% if NOT isprinter then if Int(rs("ordPayProvider"))=10 then %> <% if request.servervariables("HTTPS")<>"on" AND (Request.ServerVariables("SERVER_PORT_SECURE") <> "1") AND nochecksslserver<>true then %> <% else sSQL = "SELECT ordCNum FROM orders WHERE ordID="&Request.QueryString("id") rs2.Open sSQL,cnn,0,1 ordCNum = rs2("ordCNum") rs2.Close if encryptmethod="aspencrypt" OR encryptmethod="" then %>

<% end if if ordCNum<>"" then if encryptmethod="none" then cnumarr = Split(ordCNum, "&") elseif encryptmethod="aspencrypt" OR encryptmethod="" then %> <% end if end if %> <% end if if ordCNum<>"" AND NOT doedit then %> "> " /> <% end if end if end if ' isprinter %>

<%=invoiceheader%>
<%=xxOrdNum & " " & rs("ordID") & " " & FormatDateTime(rs("ordDate"), 1) & " " & FormatDateTime(rs("ordDate"), 4) %>
<%=invoiceaddress%>
<%=extraorderfield1 %>:	<%=editfunc(rs("ordExtra1"),"ordExtra1",25)%>
<%=xxName%>:	<%=editfunc(rs("ordName"),"name",25)%>	<% if NOT isprinter AND (rs("ordAuthNumber")&"") <> "" AND NOT doedit then response.write ""%> <%=xxEmail%>:	<% if isprinter OR doedit then response.write editfunc(rs("ordEmail"),"email",25) else response.write ""&rs("ordEmail")&"" %>
<%=xxAddress%>:	><%=editfunc(rs("ordAddress"),"address",25)%>
<%=xxAddress2%>:	<%=editfunc(rs("ordAddress2"),"address2",25)%>	<%=xxCity%>:	<%=editfunc(rs("ordCity"),"city",25)%>
<%=xxAllSta%>:	<%=editfunc(rs("ordState"),"state",25)%>	<%=xxCountry%>:	<% if doedit then foundmatch=FALSE response.write "" if countryorder=2 then sSQL = "SELECT stateTax FROM states WHERE stateName='"&replace(rs("ordState"),"'","''")&"'" rs2.Open sSQL,cnn,0,1 if NOT rs2.EOF then statetaxrate = rs2("stateTax") rs2.Close end if else response.write rs("ordCountry") end if %>
<%=xxZip%>:	<%=editfunc(rs("ordZip"),"zip",15)%>	<%=xxPhone%>:	<%=editfunc(rs("ordPhone"),"phone",25)%>
<% response.write extraorderfield2 %>:	<%=editfunc(rs("ordExtra2"),"ordextra2",25)%>
IP Address:	<%=editfunc(rs("ordIP"),"ipaddress",15)%>	Affiliate:	<%=editfunc(rs("ordAffiliate"),"PARTNER",15)%>
<%=xxAppDs%>:	<%=editfunc(rs("ordDiscountText"),"discounttext",25)%>
<%=xxShpDet%>.
<%=xxName%>:	<%=editfunc(rs("ordShipName"),"sname",25)%>
<%=xxAddress%>:	><%=editfunc(rs("ordShipAddress"),"saddress",25)%>
<%=xxAddress2%>:	<%=editfunc(rs("ordShipAddress2"),"saddress2",25)%>	<%=xxCity%>:	<%=editfunc(rs("ordShipCity"),"scity",25)%>
<%=xxAllSta%>:	<%=editfunc(rs("ordShipState"),"sstate",25)%>	<%=xxCountry%>:	<% if doedit then if trim(rs("ordShipName")&"")<>"" OR trim(rs("ordShipAddress")&"")<>"" then usingshipcountry=TRUE else usingshipcountry=FALSE foundmatch=FALSE response.write "" if countryorder=2 AND usingshipcountry then sSQL = "SELECT stateTax FROM states WHERE stateName='"&replace(rs("ordShipState"),"'","''")&"'" rs2.Open sSQL,cnn,0,1 if NOT rs2.EOF then statetaxrate = rs2("stateTax") rs2.Close end if else response.write rs("ordShipCountry") end if %>
<%=xxZip%>:	<%=editfunc(rs("ordShipZip"),"szip",15)%>
<%=xxShpMet%>:	<% response.write editfunc(rs("ordShipType"),"shipmethod",25) if NOT doedit AND (rs("ordComLoc") AND 2)=2 then response.write xxWtIns %>	<%=xxCLoc%>:	<% if doedit then response.write "" else if (rs("ordComLoc") AND 1)=1 then response.write yyYes else response.write yyNo end if %>
<%=xxShpIns%>:	<% response.write "" %>
<%=yyAutCod%>:	<%=editfunc(ordAuthNumber,"ordAuthNumber",15) %>	<%=yyTranID%>:	<%=editfunc(ordTransID,"ordTransID",15) %>
<%=xxAddInf%>:	<% if doedit then response.write "" & ordAddInfo & "" else response.write replace(ordAddInfo,vbNewLine," ") end if %>
<%=yyStaInf%>:	<%=ordStatusInfo%> <% if NOT doedit then response.write ""%>
')" />

You do not appear to be viewing this page on a secure (https) connection. Credit card information cannot be shown.
<%=xxCCName%>:		<% if encryptmethod="none" then if IsArray(cnumarr) then if UBOUND(cnumarr)>=4 then response.write URLDecode(cnumarr(4)) end if elseif encryptmethod="aspencrypt" OR encryptmethod="" then %><% end if %>
<%=yyCarNum%>:		<% if ordCNum<>"" then if encryptmethod="none" then if IsArray(cnumarr) then response.write cnumarr(0) elseif encryptmethod="aspencrypt" OR encryptmethod="" then %><% end if else response.write "(no data)" end if %>
<%=yyExpDat%>:		<% if encryptmethod="none" then if IsArray(cnumarr) then if UBOUND(cnumarr)>=1 then response.write cnumarr(1) end if elseif encryptmethod="aspencrypt" OR encryptmethod="" then %><% end if %>
CVV Code:		<% if encryptmethod="none" then if IsArray(cnumarr) then if UBOUND(cnumarr)>=2 then response.write cnumarr(2) end if elseif encryptmethod="aspencrypt" OR encryptmethod="" then %><% end if %>
Issue Number:		<% if encryptmethod="none" then if IsArray(cnumarr) then if UBOUND(cnumarr)>=3 then response.write cnumarr(3) end if elseif encryptmethod="aspencrypt" OR encryptmethod="" then %><% end if %>

<% if doedit then response.write "" %> <% if IsArray(allorders) then totoptpricediff = 0 for rowcounter=0 to UBOUND(allorders,2) optpricediff = 0 %> <% if doedit then response.write "" %> <% next end if %> <% if doedit then %> <% end if %> <% if doedit then response.write "" %> <% if rs("ordShipping") > 0 OR doedit then %> <% if doedit then response.write "" %> <% end if if cDbl(rs("ordHandling"))<>0.0 OR doedit then %> <% if doedit then response.write "" %> <% end if if cDbl(rs("ordDiscount"))<>0.0 OR doedit then %> <% if doedit then response.write "" %> <% end if if rs("ordStateTax") > 0 OR doedit then %> <% if doedit then response.write "" %> <% end if if rs("ordCountryTax") > 0 OR doedit then %> <% if doedit then response.write "" %> <% end if if rs("ordHSTTax") > 0 OR (doedit AND canadataxsystem) then %> <% if doedit then response.write "" %> <% end if %> <% if doedit then response.write "" %>

<%=xxPrId%>

<%=xxPrNm%>

<%=xxPrOpts%>

<%=xxQuant%>

<% if doedit then response.write xxUnitPr else response.write xxPrice%>

DEL

<% if doedit then response.write " "%><%=editfunc(allorders(0,rowcounter),"prodid"&rowcounter,18)%>

<%=editfunc(allorders(1,rowcounter),"prodname"&rowcounter,24)%>

<% if doedit then response.write "" sSQL = "SELECT coOptGroup,coCartOption,coPriceDiff,coOptID,optGroup FROM cartoptions INNER JOIN options ON cartoptions.coOptID=options.optID WHERE coCartID="&allorders(4,rowcounter) & " ORDER BY coID" rs2.Open sSQL,cnn,0,1 if NOT rs2.EOF then if doedit then response.write "" do while NOT rs2.EOF if doedit then response.write "" else response.write "" & rs2("coOptGroup") & ": " & rs2("coCartOption") & "
" end if if doedit then optpricediff = optpricediff + rs2("coPriceDiff") else allorders(2,rowcounter) = allorders(2,rowcounter) + rs2("coPriceDiff") end if rs2.MoveNext loop if doedit then response.write "

" & rs2("coOptGroup") & ":

" sSQL="SELECT optID,"&getlangid("optName",32)&",optPriceDiff,optType,optFlags,optStock,optPriceDiff AS optDims FROM options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optGroup=" & rs2("optGroup") rsl.Open sSQL,cnn,0,1 if NOT rsl.EOF then if abs(rsl("optType"))=2 then response.write "" else response.write "" end if end if rsl.Close response.write "

" else response.write " - " end if rs2.Close if doedit then response.write "" %>

<%=editfunc(allorders(3,rowcounter),"quant"&rowcounter&""" onchange=""dorecalc(true)",5)%>

<%if doedit then response.write editnumeric(allorders(2,rowcounter),"price"&rowcounter&""" onchange=""dorecalc(true)",7) else response.write FormatEuroCurrency(allorders(2,rowcounter)*allorders(3,rowcounter))%> <% if doedit then response.write "" totoptpricediff = totoptpricediff + (optpricediff*allorders(3,rowcounter)) end if %>

<% if doedit then response.write " "&yyMoProd&" "%>

Options Total:

<%=FormatNumber(totoptpricediff, 2)%>

<%=xxOrdTot%>:

<%=editnumeric(rs("ordTotal"),"ordtotal",7)%>

<%=xxShippg%>:

<%=editnumeric(rs("ordShipping"),"ordShipping",7)%>

<%=xxHndlg%>:

<%=editnumeric(rs("ordHandling"),"ordHandling",7)%>

<%=xxDscnts%>:

<%=editnumeric(rs("ordDiscount"),"ordDiscount",7)%>

<%=xxStaTax%>:

<%=editnumeric(rs("ordStateTax"),"ordStateTax",7)%>

<%=xxCntTax%>:

<%=editnumeric(rs("ordCountryTax"),"ordCountryTax",7)%>

<%=xxHST%>:

<%=editnumeric(rs("ordHSTTax"),"ordHSTTax",7)%>

<%=xxGndTot%>:

<%=FormatEuroCurrency((rs("ordTotal")+rs("ordStateTax")+rs("ordCountryTax")+rs("ordShipping")+rs("ordHSTTax")+rs("ordHandling"))-rs("ordDiscount"))%>

<%=invoicefooter%>

<% if doedit then response.write "" rs.Close else sSQL = "SELECT ordID FROM orders WHERE ordStatus=1" if request.form("act")<>"purge" then sSQL = sSQL & " AND ordStatusDate<"&datedelim & VSUSDate(thedate - 3) & datedelim rs.Open sSQL,cnn,0,1 do while NOT rs.EOF theid = rs("ordID") addcomma = "" delOptions = "" sSQL = "SELECT cartID FROM cart WHERE cartOrderID="&theid rsl.Open sSQL,cnn,0,1 do while NOT rsl.EOF delOptions = delOptions & addcomma & rsl("cartID") addcomma = "," rsl.MoveNext loop rsl.Close if delOptions<>"" then cnn.Execute("DELETE FROM cartoptions WHERE coCartID IN ("&delOptions&")") cnn.Execute("DELETE FROM cart WHERE cartOrderID="&theid) cnn.Execute("DELETE FROM orders WHERE ordID="&theid) rs.MoveNext loop rs.Close if request.form("act")="authorize" then do_stock_management(trim(request.form("id"))) if Trim(request.form("authcode"))<>"" then sSQL = "UPDATE orders set ordAuthNumber='"&replace(Trim(request.form("authcode")),"'","''")&"',ordStatus=3 WHERE ordID="&request.form("id") else sSQL = "UPDATE orders set ordAuthNumber='"&replace(yyManAut,"'","''")&"',ordStatus=3 WHERE ordID="&request.form("id") end if cnn.Execute(sSQL) cnn.Execute("UPDATE cart SET cartCompleted=1 WHERE cartOrderID="&request.form("id")) elseif request.form("act")="status" then maxitems=Int(request.form("maxitems")) for index=0 to maxitems-1 iordid = Trim(request.form("ordid" & index)) ordstatus = Trim(request.form("ordstatus" & index)) ordauthno = "" oldordstatus=999 rs.Open "SELECT ordStatus,ordAuthNumber,ordEmail,ordDate,"&getlangid("statPublic",64)&",ordStatusInfo,ordName FROM orders INNER JOIN orderstatus ON orders.ordStatus=orderstatus.statID WHERE ordID="&iordid,cnn,0,1 if NOT rs.EOF then oldordstatus=rs("ordStatus") ordauthno=rs("ordAuthNumber") ordemail=rs("ordEmail") orddate=rs("ordDate") oldstattext=rs(getlangid("statPublic",64))&"" ordstatinfo=rs("ordStatusInfo")&"" ordername=rs("ordName") end if rs.Close if NOT oldordstatus=999 AND (oldordstatus < 3 AND ordstatus >=3) then ' This is to force stock management cnn.Execute("UPDATE cart SET cartCompleted=0 WHERE cartOrderID="&iordid) do_stock_management(iordid) cnn.Execute("UPDATE cart SET cartCompleted=1 WHERE cartOrderID="&iordid) if ordauthno="" then cnn.Execute("UPDATE orders SET ordAuthNumber='"&replace(yyManAut,"'","''")&"' WHERE ordID=" & iordid) end if if NOT oldordstatus=999 AND (oldordstatus >=3 AND ordstatus < 3) then release_stock(iordid) if iordid<>"" AND ordstatus<>"" then if oldordstatus<>Int(ordstatus) AND request.form("emailstat")="1" then rs.Open "SELECT "&getlangid("statPublic",64)&" FROM orderstatus WHERE statID=" & ordstatus,cnn,0,1 if NOT rs.EOF then newstattext = rs(getlangid("statPublic",64))&"" rs.Close emailsubject = "Order status updated" if orderstatussubject<>"" then emailsubject=orderstatussubject ose = orderstatusemail ose = replace(ose, "%orderid%", iordid) ose = replace(ose, "%orderdate%", FormatDateTime(orddate, 1) & " " & FormatDateTime(orddate, 4)) ose = replace(ose, "%oldstatus%", oldstattext) ose = replace(ose, "%newstatus%", newstattext) ose = replace(ose, "%date%", FormatDateTime(DateAdd("h",dateadjust,Now()), 1) & " " & FormatDateTime(DateAdd("h",dateadjust,Now()), 4)) ose = replace(ose, "%statusinfo%", ordstatinfo) ose = replace(ose, "%ordername%", ordername) ose = replace(ose, "%nl%", emlNl) Call DoSendEmailEO(ordemail,emailAddr,"",emailsubject,ose,emailObject,themailhost,theuser,thepass) end if if oldordstatus<>Int(ordstatus) then cnn.Execute("UPDATE orders SET ordStatus=" & ordstatus & ",ordStatusDate=" & datedelim & VSUSDateTime(DateAdd("h",dateadjust,Now())) & datedelim & " WHERE ordID=" & iordid) end if next end if if Request("sd") = "" then sd=thedate else sd=Request("sd") if Request("ed") = "" then ed=thedate else ed=Request("ed") on error resume next sd = DateValue(sd) ed = DateValue(ed) if err.number <> 0 then sd = thedate ed = thedate success=false errmsg=yyDatInv end if on error goto 0 if ed < sd then ed = sd if request.form("powersearch")="1" then sSQL = "SELECT ordID,ordName,payProvName,ordAuthNumber,ordDate,ordStatus,(ordTotal-ordDiscount) FROM orders INNER JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider WHERE ordStatus>=0 " fromdate = Trim(request.form("fromdate")) todate = Trim(request.form("todate")) ordid = Trim(Replace(Replace(request.form("ordid"),"'",""),"""","")) origsearchtext = Trim(Replace(request.form("searchtext"),"""",""")) searchtext = Trim(Replace(request.form("searchtext"),"'","''")) ordstatus = Trim(request.form("ordstatus")) if ordid<>"" then if IsNumeric(ordid) then sSQL = sSQL & " AND ordID=" & ordid else success=false errmsg="The order id you specified seems to be invalid - " & ordid sSQL = sSQL & " AND ordID=0" end if else if fromdate<>"" then if IsNumeric(fromdate) then thefromdate = (thedate-fromdate) else err.number=0 on error resume next thefromdate = DateValue(fromdate) if err.number <> 0 then thefromdate = thedate success=false errmsg=yyDatInv & " - " & fromdate end if on error goto 0 end if if todate="" then thetodate = thefromdate elseif IsNumeric(todate) then thetodate = (thedate-todate) else err.number=0 on error resume next thetodate = DateValue(todate) if err.number <> 0 then thetodate = thedate success=false errmsg=yyDatInv & " - " & todate end if on error goto 0 end if if thefromdate > thetodate then tmpdate = thetodate thetodate = thefromdate thefromdate = tmpdate end if sd = thefromdate ed = thetodate sSQL = sSQL & " AND ordDate BETWEEN " & datedelim & VSUSDate(thefromdate) & datedelim & " AND " & datedelim & VSUSDate(thetodate+1) & datedelim end if if ordstatus<>"" AND NOT InStr(ordstatus,"9999")>0 then sSQL = sSQL & " AND ordStatus IN (" & ordstatus & ")" if searchtext<>"" then sSQL = sSQL & " AND (ordTransID LIKE '%"&searchtext&"%' OR ordAuthNumber LIKE '%"&searchtext&"%' OR ordName LIKE '%"&searchtext&"%' OR ordEmail LIKE '%"&searchtext&"%' OR ordAddress LIKE '%"&searchtext&"%' OR ordCity LIKE '%"&searchtext&"%' OR ordState LIKE '%"&searchtext&"%' OR ordZip LIKE '%"&searchtext&"%' OR ordPhone LIKE '%"&searchtext&"%')" end if sSQL = sSQL & " ORDER BY ordID" else sSQL = "SELECT ordID,ordName,payProvName,ordAuthNumber,ordDate,ordStatus,(ordTotal-ordDiscount) FROM orders INNER JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider WHERE ordStatus<>1 AND ordDate BETWEEN "&datedelim & VSUSDate(DateValue(sd)) & datedelim&" AND "&datedelim & VSUSDate(DateValue(ed)+1) & datedelim&" ORDER BY ordID" end if rs.Open sSQL,cnn,0,1 alldata = "" if NOT rs.EOF then alldata=rs.getrows rs.Close hasdeleted=false sSQL = "SELECT COUNT(*) AS NumDeleted FROM orders WHERE ordStatus=1" rs.Open sSQL,cnn,0,1 if rs("NumDeleted") > 0 then hasdeleted=true rs.Close %>

<% themask = cStr(DateSerial(2003,12,11)) themask = replace(themask,"2003","yyyy") themask = replace(themask,"12","mm") themask = replace(themask,"11","dd") if NOT success then response.write "

"&errmsg&"

" %> >

<%=yyPowSea%>
<%=yyOrdFro%>:		<%=yyOrdTil%>:
<%=yyOrdId%>:		<%=yySeaTxt%>:
<%=yyOrdSta%>:		/> <%=yyStaPow%>

	<%=yyShoFrm%>: <%=yyTo%>:

<% if request.form("powersearch")="1" then %> " /> " /> " /> " /> " /> " /> " /> <% end if %> <% ordTot=0 if IsArray(alldata) then for rowcounter=0 to UBOUND(alldata,2) if alldata(5,rowcounter)>=3 then ordTot=ordTot+alldata(6,rowcounter) if alldata(3,rowcounter)="" OR IsNull(alldata(3,rowcounter)) then startfont="" endfont="" else startfont="" endfont="" end if if bgcolor="#E7EAEF" then bgcolor="#EAECEB" else bgcolor="#E7EAEF" %> <% if rowcounter>=250 then response.write "" exit for end if next %> <% if request.form("powersearch")="1" then %> " /> " /> " /> " /> " /> " /> " /> <% end if %> <% else %> <% if hasdeleted then %> <% end if %> <% end if %>

<%=yyOrdId%>	<%=yyName%>	<%=yyMethod%>	<%=yyAutCod%>	<%=yyDate%>	<%=yyStatus%>
<%=""&startfont&alldata(0,rowcounter)&endfont&""%>	<%=startfont&alldata(1,rowcounter)&endfont%>	<%=startfont&alldata(2,rowcounter)&endfont%>	<% if alldata(3,rowcounter)="" OR IsNull(alldata(3,rowcounter)) then isauthorized=false response.write "" else isauthorized=true response.write "" & startfont & alldata(3,rowcounter) & endfont & "" end if %>	<%=startfont&Replace(alldata(4,rowcounter)&""," "," ",1,1)&endfont%>
Limit of "&rowcounter&" orders reached. Please refine your search.
<%=FormatEuroCurrency(ordTot)%>	<% if hasdeleted then %><% end if %>	<%if orderstatusemail<>"" then %> /> <%=yyEStat%><% end if %>

<% if request.form("powersearch")="1" then response.write yyNoMat1 elseif sd=ed then response.write yyNoMat2&" "&sd&"." else response.write yyNoMat3&" "&sd&" and "&ed&"." end if %>

&ed=<%=DateAdd("m",-1,ed)%>">- <%=yyMonth%> \| - <%=yyWeek%> \| - <%=yyDay%> \| <%=yyToday%> \| <%=yyDay%> + \| <%=yyWeek%> + \| &ed=<%=DateAdd("m",1,ed)%>"><%=yyMonth%> +

<% end if end if cnn.Close set rs = nothing set cnn = nothing %>