<% =GetString("Config_headtitle") %>

<%@ LANGUAGE="VBSCRIPT" %> <% PageStrings = "359, 392, 393, 394, 395, 396, 397, 399, 401, 402, 472, 478, 562, 563, 564, 565, 566, 681, 1203" strThisBackPage = "orders" %> <% '=============================================== ' CactuShop ASP Shopping Cart ' Š1999-2004 Cactusoft Ltd. www.cactusoft.com '=============================================== ' All rights reserved. ' Use of this code is covered by the terms and ' conditions in the license agreement. No ' unauthorized duplication or distribution is ' permitted. Cactusoft's copyright notices must ' remain in the ASP sections of the code. '=============================================== '----------------------------------------------- 'COLLECT VALUES FROM FORM '----------------------------------------------- CD_ID = Request.Form("CD_ID") strCallmode = Request.Form("strCallmode") If strCallmode = "Delete" then '----------------------------------------------- 'DELETE INVOICE ROWS, ORDERS AND CUSTOMER '----------------------------------------------- strQuery = "SELECT ON_ID FROM tblCactuShopOrderNumbers WHERE ON_CardholderID=" & CD_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet) Do while NOT objRecordSet.EOF ON_ID = objRecordSet("ON_ID") strQuery = strDeleteStatementSyntax & " tblCactuShopInvoiceRows WHERE IR_OrderNumber = " & ON_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet2) strQuery = strDeleteStatementSyntax & " tblCactuShopOrderNumbers WHERE ON_ID = " & ON_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet2) objRecordSet.MoveNext loop objRecordSet.Close strQuery = strDeleteStatementSyntax & " tblCactuShopCardholderDetails WHERE CD_ID = " & CD_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet) response.redirect("_customers_list.asp") ElseIf strCallmode = "RemoveCC" then '----------------------------------------------- 'DELETE CREDIT CARD DETAILS 'Removes credit card details from the cardholder 'details table (easy) and from every orderdetails 'field from the ordernumbers table (tricky) '----------------------------------------------- 'Blank the cc details in the cardholderdetails table strQuery = "UPDATE tblCactuShopCardHolderDetails SET CD_Card_Number = '', CD_Card_Type = '', CD_Card_StartDate = '', CD_Card_Expiry = '', CD_Card_IssueNumber = '', CD_Card_SecurityNumber = '' WHERE CD_ID = " & CD_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet) 'Now go through all of this customers orders and remove the text 'between the special CC tags (if they exists) 'Note that the query ignores any orders made in the last 5 mins 'so you don't remove card details you might need. strQuery = "SELECT ON_ID, ON_Details FROM tblCactuShopOrderNumbers WHERE ON_Details LIKE '%%' AND ON_Details LIKE '%%' AND ON_Date < " & strDateDelimiter & DateAdd("n", -5, now) & strDateDelimiter & " AND ON_CardHolderID = " & CD_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet) Do While Not objRecordSet.EOF 'Get records we need ON_ID = objRecordSet("ON_ID") ON_Details = objRecordSet("ON_Details") 'Remove stuff between the tags intStartTag = instr(ON_Details, "") intEndTag = instr(ON_Details, "") ON_Details = left(ON_Details, intStartTag-1) & mid(ON_Details, intEndTag + 14) 'Update the record with the new ON_Details strQuery = "UPDATE tblCactuShopOrderNumbers SET ON_Details = '" & SqlSafe(ON_Details) & "' WHERE ON_ID = " & ON_ID Call ExecuteSQL(strQuery, numCursorType, objRecordSet2) objRecordSet.MoveNext Loop response.redirect("_modify_customerstatus.asp?CD_ID=" & CD_ID) objRecordSet.Close Else CD_CustomerDiscount = request.form("CD_CustomerDiscount") CD_CardholderName = request.form("CD_CardholderName") CD_CardholderCompany = request.form("CD_CardholderCompany") CD_CardholderEUVATNum = request.form("CD_CardholderEUVATNum") CD_CardholderStreetAddress = request.form("CD_CardholderStreetAddress") CD_CardholderTownCity = request.form("CD_CardholderTownCity") CD_CardholderCounty = request.form("CD_CardholderCounty") CD_CardholderPostCode = request.form("CD_CardholderPostCode") CD_CardholderCountry = request.form("CD_CardholderCountry") CD_ShippingName = request.form("CD_ShippingName") CD_ShippingStreetAddress = request.form("CD_ShippingStreetAddress") CD_ShippingTownCity = request.form("CD_ShippingTownCity") CD_ShippingCounty = request.form("CD_ShippingCounty") CD_ShippingPostCode = request.form("CD_ShippingPostCode") CD_ShippingCountry = request.form("CD_ShippingCountry") CD_Telephone = request.form("CD_Telephone") CD_EmailAddress = request.form("CD_EmailAddress") CD_Password = request.form("CD_Password") CD_Approved = request.form("CD_Approved") If CD_Approved = "" then CD_Approved="n" '----------------------------------------------- 'ERROR CHECKING '----------------------------------------------- If Not IsNumeric(CD_CustomerDiscount) Then numErrorNo = numErrorNo + 1 strErrorText = strErrorText & "" & Cstr(numErrorNo) & ". " & GetString("ContentText_ErrorChkCustomerDiscount") & "
" Else If CD_CustomerDiscount > 100 then CD_CustomerDiscount = 100 End If strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_CustomerName"), CD_CardholderName) strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_StreetAddress"), CD_CardholderStreetAddress) strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_TownCity"), CD_CardholderTownCity) strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_Country"), CD_CardholderCountry) strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_Postcode"), CD_CardholderPostCode) strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_CustomerCode"), CD_Password) strErrorText = CheckNotBlank(strErrorText, numErrorNo, GetString("FormLabel_Email"), CD_EmailAddress) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_CustomerName"), CD_CardholderName, Application(LICENSENUMBER & "CD_CardholderName_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_CardHolderCompany"), CD_CardholderCompany, Application(LICENSENUMBER & "CD_CardholderCompany_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_StreetAddress"), CD_CardholderStreetAddress, Application(LICENSENUMBER & "CD_CardholderStreetAddress_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_TownCity"), CD_CardholderTownCity, Application(LICENSENUMBER & "CD_CardholderTownCity_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_County"), CD_CardholderCounty, Application(LICENSENUMBER & "CD_CardholderCounty_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_Postcode"), CD_CardholderPostCode, Application(LICENSENUMBER & "CD_CardholderPostCode_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_ShippingName"), CD_ShippingName, Application(LICENSENUMBER & "CD_ShippingName_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_ShippingAddress"), CD_ShippingStreetAddress, Application(LICENSENUMBER & "CD_ShippingStreetAddress_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_ShippingTownCity"), CD_ShippingTownCity, Application(LICENSENUMBER & "CD_ShippingTownCity_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_ShippingCounty"), CD_ShippingCounty, Application(LICENSENUMBER & "CD_ShippingCounty_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_ShippingPostcode"), CD_ShippingPostCode, Application(LICENSENUMBER & "CD_ShippingPostCode_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_Email"), CD_EmailAddress, Application(LICENSENUMBER & "CD_EmailAddress_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_Telephone"), CD_Telephone, Application(LICENSENUMBER & "CD_Telephone_AL")) strErrorText = ErrorcheckLength(strErrorText, numErrorNo, GetString("FormLabel_CustomerCode"), CD_Password, Application(LICENSENUMBER & "CD_Password_AL")) If Not CD_CardholderEUVATNum = "" And Application(LICENSENUMBER & "euvatnumbercheck") = "y" And Not Application(LICENSENUMBER & "euvatcountry") = "" Then 'Check if the selected country is EU - the country to use is dependant on the config setting If Application(LICENSENUMBER & "taxshippingbilling") = "s" Then strQuery = "SELECT D_ISOCode FROM tblCactuShopDestination WHERE D_Tax = 1 AND D_ID = " & CD_ShippingCountry Else strQuery = "SELECT D_ISOCode FROM tblCactuShopDestination WHERE D_Tax = 1 AND D_ID = " & CD_CardholderCountry End If Call ExecuteSQL(strQuery, numCursorType, objRecordSet) If objRecordSet.BOF And objRecordSet.EOF Then strErrorText = ErrorCheckVatNumber(strErrorText, numErrorNo, "--", CD_CardholderEUVatNum) Else strErrorText = ErrorCheckVatNumber(strErrorText, numErrorNo, objRecordSet("D_ISOCode"), CD_CardholderEUVatNum) End If objRecordSet.Close End If '----------------------------------------------- 'UPDATE DATABASE RECORDS '----------------------------------------------- If strErrorText = "" Then If CD_ID = 0 Then strQuery="INSERT INTO tblCactuShopCardholderDetails (CD_CardholderName, CD_CardholderCompany, CD_CardholderEUVatNum, CD_CustomerDiscount, CD_CardholderStreetAddress, CD_CardholderTownCity, CD_CardholderCounty, CD_CardholderPostCode, CD_CardholderCountry, CD_ShippingName, CD_ShippingStreetAddress, CD_ShippingTownCity, CD_ShippingCounty, CD_ShippingPostCode, CD_ShippingCountry, CD_Telephone, CD_EmailAddress, CD_Approved, CD_Password) VALUES('" &_ sqlsafe(CD_CardholderName) & "','" &_ sqlsafe(CD_CardholderCompany) & "','" &_ sqlsafe(CD_CardholderEUVatNum) & "'," &_ CD_CustomerDiscount & ",'" &_ sqlsafe(CD_CardholderStreetAddress) & "','" &_ sqlsafe(CD_CardholderTownCity) & "','" &_ sqlsafe(CD_CardholderCounty) & "','" &_ sqlsafe(CD_CardholderPostCode) & "'," &_ sqlsafe(CD_CardholderCountry) & ",'" &_ sqlsafe(CD_ShippingName) & "','" &_ sqlsafe(CD_ShippingStreetAddress) & "','" &_ sqlsafe(CD_ShippingTownCity) & "','" &_ sqlsafe(CD_ShippingCounty) & "','" &_ sqlsafe(CD_ShippingPostCode) & "'," &_ sqlsafe(CD_ShippingCountry) & ",'" &_ sqlsafe(CD_Telephone) & "','" &_ sqlsafe(CD_EmailAddress) & "','" &_ sqlsafe(CD_Approved) & "','" &_ sqlsafe(CD_Password) & "')" Else strQuery="UPDATE tblCactuShopCardholderDetails SET CD_CardholderName='" & sqlsafe(CD_CardholderName) & "'," &_ "CD_CustomerDiscount=" & CD_CustomerDiscount & "," &_ "CD_CardholderCompany='" & sqlsafe(CD_CardholderCompany) & "'," &_ "CD_CardholderEUVatNum='" & sqlsafe(CD_CardholderEUVatNum) & "'," &_ "CD_CardholderStreetAddress='" & sqlsafe(CD_CardholderStreetAddress) & "'," &_ "CD_CardholderTownCity='" & sqlsafe(CD_CardholderTownCity) & "'," &_ "CD_CardholderCounty='" & sqlsafe(CD_CardholderCounty) & "'," &_ "CD_CardholderPostCode='" & sqlsafe(CD_CardholderPostCode) & "'," &_ "CD_CardholderCountry=" & sqlsafe(CD_CardholderCountry) & "," &_ "CD_ShippingName='" & sqlsafe(CD_ShippingName) & "'," &_ "CD_ShippingStreetAddress='" & sqlsafe(CD_ShippingStreetAddress) & "'," &_ "CD_ShippingTownCity='" & sqlsafe(CD_ShippingTownCity) & "'," &_ "CD_ShippingCounty='" & sqlsafe(CD_ShippingCounty) & "'," &_ "CD_ShippingPostCode='" & sqlsafe(CD_ShippingPostCode) & "'," &_ "CD_ShippingCountry=" & sqlsafe(CD_ShippingCountry) & "," &_ "CD_Telephone='" & sqlsafe(CD_Telephone) & "'," &_ "CD_EmailAddress='" & sqlsafe(CD_EmailAddress) & "'," &_ "CD_Approved='" & CD_Approved & "'," &_ "CD_Password='" & sqlsafe(CD_Password) & "' WHERE CD_ID=" & CD_ID End If Call ExecuteSQL(strQuery, numCursorType, objRecordSet) response.redirect("_customers_list.asp") Else %> <% =GetString("Config_headtitle") %>

<% end if End if %>