Hey All,
i'm having real trouble with this. ok, i have a login page where the user logs in. they put items in the cart and then go to addorder from to place order in database. only problem is i can't get it to work. i think the problem is that its not reading login and getting required userid from customers table, but i can't fix it. i don't know what to do with it. i'll paste in pages. any help would be greatly appreciated.
LOGIN.ASP
<%
'Green colorset
'BackgroundColor="#C9DDB3"
'BorderColor="#006600"
'Blue colorset
BackgroundColor="#AFD1F8"
BorderColor="#000080"
'Purple colorset
'BackgroundColor="#FDC8F2"
'BorderColor="#800080"
Content = "" 'Clear the Content string
QStr = Request.QueryString("login") 'Save the login querystring to QStr
if ucase(left(QStr,6))="CREATE" then
Title = "Register"
else
Title = "Login"
end if
'The code below saves the contents the table must have in the variable Content
'The content depends on what's in the QueryString
if QStr="passfailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Wrong password</P><A href=Javascript:history.go(-1)>Back</A></td></tr>"
elseif QStr="createpassfailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Wrong password</P><A href=Javascript:history.go(-1)>Back</A><BR><BR><A HREF=login.asp>Cancel registration</A></td></tr>"
elseif QStr="namefailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Invalid username</P><A HREF=login.asp?login=createnew>Click here to create an acount</A><BR><BR><A HREF=Javascript:history.go(-1)>Back</A></td></tr>"
elseif QStr="createnamefailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Invalid username</P><A HREF=Javascript:history.go(-1)>Back</A><BR><BR><A HREF=login.asp>Cancel registration</A></td></tr>"
elseif QStr="creatednew" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Your account has been created</P><A HREF=login.asp>Login</A></td></tr>"
elseif QStr="createnew" then
Content = Content & "<form name=frmCreate method=POST action=create.asp>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Username: <input type=text name=Username></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Name: <input type=text name=FirstName></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Name: <input type=text name=Surname></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Address: <input type=text name=Address></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center>Phone: <input type=number name=Phonenumber></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center>Email: <input type=text name=Email></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center>Password: <input type=text name=Password></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><input type=submit name=cmdSubmit value=Register></td></tr>"
Content = Content & "</form>"
else
Content = Content & "<form name=frmMain method=POST action=verify.asp>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Username: <input type=text name=Username></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center>Password: <input type=password name=Password></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><input type=submit name=cmdSubmit value=Login></td></tr>"
Content = Content & "</form>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><A HREF=login.asp?login=createnew>Click here to create an acount</A></td></tr>"
end if
%>
<!-- Build the page with the table -->
<p>
<br>
<div align="center">
<table border="2" cellspacing="5" bgcolor="<% Response.Write(BackgroundColor) %>" bordercolor="<% Response.Write(BorderColor) %>" width="250px">
<%
Response.Write("<tr><td valign=top align=center><b>" & Title & "</b></td></tr>")
Response.Write(Content) ' Paste the contents in the table
%>
</table>
</div>
</body>
And the Order form
ADDORDER.ASP
<%
'Option Explicit
'==================================================================
' name: AddOrder.asp
'Procedures:
' AddOrderToOrderTable()
' AddItemsToOrderDetails()
' ConvertEmptyToNull()
' DrawPage()
'=============================================================
%>
<!--#include file="CartInclude.asp"-->
<%
'-------------------------------------------------------------
' name: AddOrderToOrderTable()
' description: Creates new record in Orders table,
' adds the customer's first name and surname and email to it,
' and gets the value the autonumber field called OrderID
' generated automatically for the new record.
' That OrderID value will be used to add ordered items
' to the OrderDetails table.
'--------------------------------------------------------------
Function AddOrderToOrderTable()
dim newOrderID
dim Todaysdate, username, conn, rs, sql
'------------------------------------------------------
'need to read in the users id name from the login screen and send it to every page
'use the variable "username" to store it
UserID = Session("UserID")
TodaysDate = Date()
set conn=Server.CreateObject("ADODB.Connection")
conn.Provider="Microsoft.Jet.OLEDB.4.0"
conn.Open(Server.Mappath("projectdatabase.mdb"))
set rs=Server.CreateObject("ADODB.recordset")
sql="SELECT * FROM Orders"
rs.Open sql, conn, adOpenDynamic
rs.Movelast
CurrentOrderID = rs("OrderID")
NewOrderID = CurrentOrderID + 1
RS.CLOSE
strConnect = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("projectdatabase.mdb") & ";DefaultDir=" & Server.MapPath("projectdatabase.mdb") & ";DriverId=4;FILE=MS Access;MaxBufferSize=512;PageTimeout=5"
strAddNewOrderID = "INSERT INTO Orders (UserID, Cost, Date) VALUES (" & UserID & ", '" & Cost & "', '" & todaysdate &"')"
Set dbConn = Server.CreateObject ("ADODB.Connection")
Set rstAddNewOrderID = Server.CreateObject ("ADODB.Recordset")
dbConn.Open strConnect
rstAddNewOrderID.Open strAddNewOrderID, dbConn
'rs.("UserID") = ("Username")
'rs.("Date") = Date()
'rs.update
'Return new OrderID
AddOrderToOrderTable = newOrderID
End Function
'------------------------------------------
' name: AddItemsToOrderDetails()
'------------------------------------------
Sub AddItemsToOrderDetails(theNewOrderID)
'create the varibles needed
Dim ID
Dim Cost
Dim ProductQuantity
Dim ItemsInCart
Dim ItemNumber
Dim NewQuantity
Dim CurrentQuantity
Dim Name
'Get the number of ordered items in the session variable
itemsInCart = Session("ItemCount")
'Loop through all the items in the shopping cart, and add a new record into
'OrderDetails table for each of the items in the shopping cart.
for itemNumber = 0 to itemsInCart
if ShoppingCart(0, itemNumber) <> "" then
'Get values from shopping cart
ID = ShoppingCart(PRODUCT_ID, itemNumber)
Cost = ShoppingCart(PRODUCT_COST, itemNumber)
OrderQuantity = ShoppingCart(PRODUCT_QUANTITY, itemNumber)
Name = ShoppingCart(PRODUCT_NAME, itemNumber)
'Insert into the table
strConnect = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("projectdatabase.mdb") & ";DefaultDir=" & Server.MapPath("projectdatabase.mdb") & ";DriverId=4;FILE=MS Access;MaxBufferSize=512;PageTimeout=5"
strAddOrder = "INSERT INTO OrderDetails (ItemID, Date, Cost, Quantity) VALUES (" & ID & ", '" & Date & "', '" & Cost & "', '" & OrderQuantity & "')"
Set dbConn = Server.CreateObject ("ADODB.Connection")
Set rstAddOrder = Server.CreateObject ("ADODB.Recordset")
dbConn.Open strConnect
rstAddOrder.Open strAddOrder, dbConn
dbConn.close
set conn=Server.CreateObject("ADODB.Connection")
conn.Provider="Microsoft.Jet.OLEDB.4.0"
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath ("projectdatabase.mdb")
set rs=Server.CreateObject("ADODB.Recordset")
rs.open "SELECT * FROM Albums where AlbumName = '" & AlbumName & "'",conn
'Subtract ordered quantity from current quantity in albums table
CurrentQuantity = rs.fields("Quantity")
NewQuantity = CurrentQuantity - OrderQuantity
conn.close
Set Conn = Server.CreateObject("ADODB.Connection")
Conn.provider="Microsoft.Jet.OLEDB.4.0"
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath ("projectdatabase.mdb")
NewQuantity = CurrentQuantity - OrderQuantity
ID = ShoppingCart(PRODUCT_ID, itemNumber)
sql="update Albums set Quantity = " & NewQuantity & " where AlbumName = '" & Name & "'"
set RS = Conn.Execute(sql)
conn.Close
Set RS = Nothing
Set Conn = Nothing
End IF
Next
End Sub
'-------------------------------------------------------
' name: InputIsValid
' description: Checks for invalid data from the user
' entry form.
' Returns True if valid, false if not
'-------------------------------------------------------
Function InputIsValid
dim message, result
'Initialize result to True
result = True
'If any of the incoming values are empty,
'set the message variable indicating problem field, and
'result to False
If FirstName = "" Then
message = "You left First Name empty!"
result = False
ElseIf Surname = "" Then
message = "You left Surname empty!"
result = False
ElseIf EMail = "" Then
message = "You left Email empty!"
result = False
End If
'Set Session message variable
Session("Message") = message
'Return the result
InputIsValid = result
End Function
'---------------------
' name: DrawPage()
'---------------------
Sub DrawPage()
%>
<p align="right">logged in as <% Response.Write(session("username")) %> <a href=logout.asp>Logout</a></p>
<p>
<!-- Adds a new record to the Order table and gets the new OrderID value.
Determines price of the item based on the ItemID that was sent over from
Item select element. Uses new OrderID to add new record to OrderDetails table.
Displays a page saying thank you to the user for their order, showing them information they entered as well as their OrderID.
-->
<area href="albumsearch.asp" shape="rect" coords="127, 33, 228, 58">
<h3>Thank you for your order, your album's will be sent to you within the next
5-12 days. <%= UserName %> <br>
</h3>
<h3>
Your Order Identification Number is <%= OrderID %>. </h3>
<%
End Sub
'------------------------------------------------
' END OF PROCEDURES AND START OF MAIN CODE
'------------------------------------------------
dim OrderID
dim Username
'Get values for new record
UserName = Request.Form("UserName")
'If Shopping Cart doesn't exist already, then create it
If IsEmpty(Session("ShoppingCart")) Then
Session("ShoppingCart") = ShoppingCart
Session("ItemCount") = 0
End If
'Set local array equal to session shopping cart
ShoppingCart = Session("ShoppingCart")
OrderID = AddOrderToOrderTable()
'Now add each item as a new record in the OrderDetails table
Call AddItemsToOrderDetails(OrderID)
'Draw page
Call DrawPage()
'Clear out shopping cart
Session.Abandon
%>
ok, any help big or small will be great! i'm off to try and figure it out myself. oh, the error is:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC Microsoft Access Driver] Syntax error in INSERT INTO statement. /AddOrder.asp, line 62