<%option explicit%> <% shopcheckadmin "shopa_displayorders.asp" '************************************************************************** ' Version 6.50 ' Nov 12, 2005 Fix order amount ' Dec 31, 2005 add textbox for oitemnames ' xdisplayordersproductlist '************************************************************************** 'VP-ASP 6.50 - send pin numbers when order processed dim ordernumber dim mailtype,my_subject,my_to,my_toaddress,my_from,my_fromaddress,body,htmlformat,attachmentarray dim Selectioncritereontext dim mysql Dim Fieldcount Dim Headnames(6) Dim Fieldnames(6) Dim ProcType Dim SortType Dim Sortfield Dim SortUpDown Dim Sortupdownnames(2) Dim Sortupdownvalues(2) dim sortupdowncount Dim Procnames(3) dim Procvalues(3) Dim Pendnames(20) dim Pendvalues(20) dim pendingcount Dim Idfield Dim SearchFieldvalue, searchfieldname Dim i dim orderfieldcount, orderfields dim oitemsnamescount, oitemsnames, oitemsvalues Dim item dim dbtable Dim scriptresponder Dim editresponder Dim dbc dim fieldname dim pending, pendtype dim PendingFieldnames(20),pendingfieldcount, pendingnamescount dim PaidFieldnames(20),paidfieldcount, paidnamescount, paidnames(20),paidvalues(20) dim paid, paidtype, ocardtype dim stockconn, items dim specialsearchcount dim prevandor specialsearchcount=4 setsess "currenturl","shopa_displayorders.asp" if request.form("advanced") > "" then if request.form("advanced") <> getsess("advanced") then setsess "advanced", request.form("advanced") responseredirect "shopa_displayorders.asp" end if end if ShopcheckLicense Shopproductcheck AdminPageHeader ' Admin page headers are different SetFieldNames ' field names for table OpenOrderDB dbc ' open database GetInput ' get all form fields 'VP-ASP 6.50 - enhanced advanced search If Request("SortA")<>"" Then mysql=request("Selectioncritereontext") setsess "sqlquery", request("Selectioncritereontext") end if If Request("Delete")<>"" Then For each item in Request("DeleteUser") DeleteRecord Item Next End if If Request("Process")<>"" Then For each item in Request("Processed") MarkProcessed Item Next End if 'VP-ASP 6.50 - button to mark orders failed If Request("Fail")<>"" Then For each item in Request("Failed") MarkFailed Item Next End if If Request("MarkPending")<>"" Then For each item in Request("Pending") MarkPending Item Next End if GenerateSearchHeader ' Generate sort button etc scriptresponder="shopa_formatorder.asp" editresponder="shopa_editrecord.asp" 'debugwrite "sql=" & mysql 'VP-ASP 6.08 - remember page number SetSess "pagenumberaddproduct",mypage ShopopenRecordSet mysql, rsorder, mypagesize, mypage Selectioncritereontext = mysql GenerateTable ' write the tabe 'Call PageNavBar (Mysql) ' put bottom navigation bar rsOrder.close ' close database set rsOrder=nothing shopCloseDatabase dbc If getconfig("xlistallorders")="Yes" then response.write "

" end if gethelp AdminPageTrailer ' Write admin trailer ' Sub GetInput Idfield="Orderid" mypage = Request.querystring("page") 'VP-ASP 6.09 - Precautionary Security Fix if mypage > "" then If not isnumeric(mypage) then shoperror "Page size must be numeric" end if end if 'first time we need everything, othertimes sql is set up sortfield=request("Sortfield") ' See how we are sorting If Sortfield="" then sortfield="orderid" end if 'response.write "sortfield="& sortfield ' see which types processed or unprocessed Proctype=request("Proctype") If Proctype="" then Proctype="0" end if 'response.write "Proctype=" & proctype Pendtype=request("Pendtype") If Pendtype="" then Pendtype="" end if SortUpdown=request("SortUpdown") Paidtype=request("Paidtype") If Paidtype="" then Paidtype="*" end if If SortUpdown="" then sortupdown="DESC" end if if mypage="" then mypage=1 GenerateSQL else Mysql=GetSess("sqlquery") Proctype=GetSess("Proctype") sortfield=GetSess("sortfield") sortupdown=GetSess("sortupdown") pendtype=getsess("pendtype") end if if request.form("showhowmany") > "" then if request.form("showhowmany") <> getlang("langcommonselect") then setsess "showhowmany", request.form("showhowmany") else setsess "showhowmany", getconfig("xeditdisplaymaxrecords") end if else if getsess("showhowmany") > "" then else setsess "showhowmany", getconfig("xeditdisplaymaxrecords") end if end if maxrecs=getsess("showhowmany") mypagesize=maxrecs end sub ' ' SQL is generate by using fields on form Sub GenerateSQL dim sqlproc dim dbtable, whereok dim bracketopen,i, sqladd 'if Request("Selectioncritereontext")<>"" then ' if trim(ucase(request("Selectioncritereontext"))) <> trim(ucase(session("sqlquery"))) then ' mysql=request("Selectioncritereontext") ' setsess "sqlquery", request("Selectioncritereontext") ' exit sub ' end if 'end if sqladd=" Where" bracketopen=false dbtable="orders" 'VP-ASP 6.50 - Added DISTINCT to line below to stop orders showing twice if customer has ordered more than one of the same product MySql = "SELECT DISTINCT orders.* from " & dbtable 'whereok=" WHERE " oitemsnames=request("oitemsnames") If oitemsnames<>"" and isnumeric(oitemsnames) then 'If (oitemsnames<>"") AND (oitemsnames<>getlang("Langcommonselect")) then mysql = mysql & " INNER JOIN oitems ON oitems.orderid = orders.orderid WHERE oitems.catalogid = " & oitemsnames & " " sqladd= "AND" dim addAND addAND = false for i =1 to specialsearchcount if (Request("criterionvalue" & i )) > "" then addAND = true end if next if addAND = true then mysql = mysql & " AND " end if for i = 1 to specialsearchcount specialsearchterm MYSQL,sqladd,Request("criterion" & i),Request("criterionvalue" & i ),Request("Selection" & i),bracketopen if sqladd = "AND" then whereok = " AND " else whereok =" WHERE " end if Next if bracketopen then MYSQl=MYSQL & ")" 'VP-ASP 6.50 - enhanced advanced search 'if getsess("advanced") <> "yes" then if Proctype="" then sqlproc = whereok & " oprocessed=0" whereok= " AND " else if Proctype="*" then sqlproc="" AddPendingSql sqlproc, whereok else If Proctype="0" then sqlproc = whereok & " oprocessed=" & Proctype whereok=" AND " AddPendingSql sqlproc, whereok else sqlproc = whereok & " oprocessed<>0" whereok=" AND " end if end if 'VP-ASP 6.50 - enhanced advanced search ' end if end if Mysql = mysql & sqlproc Searchfieldvalue=request("searchfieldvalue") Searchfieldname=request("Searchfieldname") If searchfieldvalue<>"" and searchfieldname<> getlang("Langcommonselect") then if searchfieldname = "orderid" then searchfieldname = "orders.orderid" 'searchfieldvalue=Replace(searchfieldvalue,"'","''") 'VP-ASP 6.08 - stop from searching amount on a non-numeric value if searchfieldname = "orderamount" then if not isnumeric(left(searchfieldvalue,1)) then shoperror "Order Amount must be a numeric value" else mysql = mysql & whereOK & searchfieldname & " = " & Replace(searchfieldvalue,"'","''") end if else mysql = mysql & whereOK & searchfieldname & " LIKE '%" & Replace(searchfieldvalue,"'","''") & "%'" end if whereok= " and " end if AddPaidSql mysql, whereok If sortfield<>"" then mysql=mysql & " order by orders." & sortfield & " " & sortupdown end if SetSess "sqlquery",MySQL setSess "Proctype",Proctype SetSess "sortfield",sortfield SetSess "sortupdown",sortupdown setsess "paidtype",paidtype SetSess "pendtype",pendtype SetSess "oitemsname",oitemsnames 'debugwrite mysql End sub ' Sub GenerateTable dim howmanyfields dim howmanyrecs dim my_link dim processed dim pending, orderid, pendingfieldname, fieldname dim paidyesno howmanyfields=fieldcount GenerateDisplayHeaderFlat GenerateDisplayBodyHeader %>

<%if maxpages <> 0 then response.write getlang("langCommonPage") & mypage & getlang("langCommonOf") & maxpages%>

<%if maxpages <> 0 then Call PageNavBar (Mysql)%>

<%'Put Headings On The Table of Field Names for i=0 to howmanyfields %><% next %><% If getconfig("xorderpending")="Yes" then %><% end if '============================ 'Printer Friendly Link '============================ %><% If getconfig("xtracking")="Yes" then %><% end if %><% %><% %><% %><% ' Now lets grab all the records howmanyrecs=0 DO UNTIL rsorder.eof OR howmanyrecs=maxrecs orderid=rsorder(idfield) processed=rsorder("oprocessed") pending=rsorder("opending") ocardtype=rsorder("ocardtype") validateorder ocardtype,PaidYesno If isnull(pending) then pending="No" 'VP-ASP 6.50 - broadened defintion of IF statement to cover cases where xmysql hasn't been set if ucase(xdatabasetype) = "MYSQL" OR ucase(xdatabasetype) = "MYSQL351" OR getconfig("xMYSQL")="Yes" then if processed then processed=1 else processed=0 end if end if If paidYesno="Yes" then if processed<>0 then response.write ReportDetailRowX else response.write ReportDetailRow end if else response.write ReportDetailRowUnpaid end if for i = 0 to howmanyfields fieldname=fieldnames(i) Select case ucase(fieldname) Case "OCUSTOMERID" %><% case "ORDERAMOUNT" response.write "" case "ORDERID" %><% Case else %><% end select next if cint(processed)<>0 then %><% 'VP-ASP 6.50 - button to mark orders failed if lcase(ocardtype) = "fail" then %><% else %><% end if else %><% 'VP-ASP 6.50 - add failed checkbox %><% end if if getconfig("xorderpending")="Yes" then %><% end if '============================ 'Printer Friendly Link '============================ Response.write "" If getconfig("xtracking")="Yes" then if trackingtoday(rsorder(idfield)) = true then%> <% end if %><% my_link=editresponder & "?which=" & rsorder(idfield) & "&idfield=" & idfield & "&table=orders" %><% howmanyrecs=howmanyrecs+1 if howmanyrecs < maxrecs then rsorder.movenext end if loop response.write("

<% SortHeader Headnames(i), fieldnames(i) %>

Processed

Failed

Pending

Print

Track

<%=getlang("langcommonview")%>

<%=getlang("LangMenuEdit")%>

Re-Mail

<% if request("specialfunction") = "Mail" then response.write getlang("langcustemail") elseif request("specialfunction") = "Export" then response.write getlang("langspecialexport") else response.write getlang("langmenudelete") end if%>

<%=rsorder(fieldname)%>

" response.write shopformatcurrency (rsorder(fieldname),getconfig("xdecimalpoint")) response.write "

<%=rsorder(fieldname)%>

<%=getlang("LangCommonYes")%>

<%=getlang("LangCommonNo")%>

<% Pendingfieldname="Pending_" & orderid GenerateSelectNV PendingFieldnames,pending,Pendingfieldname, Pendingfieldcount,getlang("LangCommonSelect") fieldname="pending" %> value=<%=Chr(34) & orderid & Chr(34)%>>

" AddPrintLink() Response.write "

<%else%>

<%end if%>

") %>
"> "> <% if getconfig("xorderpending")="Yes" then %> "> <% end if response.write("") %>

<%if maxpages <> 0 then response.write getlang("langCommonPage") & mypage & getlang("langCommonOf") & maxpages%>

<%if maxpages <> 0 then Call PageNavBar (Mysql)%>

<% GenerateDisplayBodyFooter end sub Sub SetFieldNames Fieldcount=6 fieldnames(0)="orderid" fieldnames(1)="ocustomerid" fieldnames(2)="odate" fieldnames(3)="orderamount" fieldnames(4)="olastname" fieldnames(5)="ocountry" fieldnames(6)="ocardtype" headnames(0)="orderid" headnames(1)="customerid" Headnames(2)=getlang("langDisplayDate") Headnames(3)=getlang("langDisplayAmount") Headnames(4)=getlang("langCustLastName") HeadNames(5)=getlang("langCustCountry") HeadNames(6)=getlang("LangCheckoutPaymentType") Sortupdownnames(0)=getlang("langAscending") Sortupdownnames(1)=getlang("langDescending") Sortupdownvalues(0)="ASC" Sortupdownvalues(1)="DESC" Procnames(0)=getlang("langAllOrders") Procnames(1)=getlang("langProcessed") Procnames(2)=getlang("langUnprocessed") ProcValues(0)="*" ProcValues(1)="1" ProcValues(2)="0" ' Pendingcount=0 if getconfig("xorderpending")="Yes" then SetupPending end if setuppaid end sub ' Sub DeleteRecord(Item) dim Rowsaffected dbc.execute "delete from oitems where orderid = " & item dbc.execute "delete from orders where orderid = " & item, rowsaffected, 1 end sub Sub MarkProcessed (Item) 'Response.write "item=" & item sql= "update orders set oprocessed = 1, ocardno = 0000 where orderid =" & item 'VP-ASP 6.50 - send pin numbers when order processed ordernumber = item dbc.Execute sql updatestock item If getconfig("xmailprocessed")="Yes" then MailProcessedOrder dbc, item end if 'VP-ASP 6.50 - only send pin number when order is processed if getconfig("Xpinnumber") = "Yes" and getconfig("Xpinnumberwhenprocessed") = "Yes" then ShopPinNumbers dbc, item, "yes" end if End sub 'VP-ASP 6.50 - button to mark orders failed Sub MarkFailed (Item) sql= "update orders set oaffid='0', coupon = NULL, commission = '0', opoints='0', ocardtype = 'Fail', ocardno = null, oprocessed='1' where orderid =" & item dbc.Execute sql End sub Sub GenerateSearchHeader %>

<%shopwriteheader "Orders" %>

<%shopwriteerror sError%>

Search Orders

<% AddHowMany %>

<% if getconfig("xorderpending")="Yes" then %> <% end if %>

Only show Orders that are:

<%GenerateSelect Procnames,ProcValues,Proctype,"Proctype",2%>

<%GenerateSelect Pendnames,PendValues,Pendtype,"Pendtype",Pendingnamescount-1%>

<%GenerateSelect Paidnames,PaidValues,PaidType,"Paidtype",Paidnamescount-1%>

<% GenerateOitemsFilter %>

<% GenerateSearch %>
">

<%WriteSelectTable specialsearchcount%>

	Query Statement	<%=Selectioncritereontext%>
">

" type="hidden" id="advanced">

<%end sub '============================================== ' SPECIAL SEARCH CUSTOMISATION ' Write all the fields for that table '============================================== Sub Writetableallfields (num,selecttype) dim sql,rs,fieldnamestable,fieldcount,strselect,fldName,selected fieldcount=0 if selecttype="multiple" then strselect=" type=multiple size=5 " else strselect=" size=1" end if SQL = "SELECT * FROM orders" Set rs = dbc.Execute(SQL) %> <% closerecordset rs End Sub Sub AddHowMany %>

Results Per Page

<%GenerateSelectV split("10,20,50,100",","),split("10,20,50,100",","),getsess("showhowmany"),"showhowmany", 4,getlang("langCommonSelect")%>

<% end sub Sub GenerateDisplayHeader_OLD %> <% %>

<%=getlang("langOrderSort")%> <% GenerateSelect Headnames,fieldnames,sortfield,"sortfield",fieldcount response.write "

" GenerateSelect Sortupdownnames,Sortupdownvalues,sortupdown,"sortupdown",1 response.write "

" GenerateSelect Procnames,ProcValues,Proctype,"Proctype",2 if getconfig("xorderpending")="Yes" then response.write "

" GenerateSelect Pendnames,PendValues,Pendtype,"Pendtype",Pendingnamescount-1 end if response.write "

" GenerateSelect Paidnames,PaidValues,Paidtype,"Paidtype",Paidnamescount-1 %>

<% GenerateSearch GenerateOitemsFilter end sub ' Sub GenerateRadio (Fieldname,fieldvalue,radiotype, currentvalue) if currentvalue=Fieldvalue then %> <%=fieldname%>
<% else %> <%=fieldname%>
<% end if end sub Sub GenerateSelect (iFieldnames,ifieldvalues,currentvalue,selectname, count) %> <% end sub Sub GenerateSearch GetFieldnames %>

<%=getlang("langCommonSearch")%>

<% if instr(searchfieldname, ".") > 0 then GenerateSelectNV OrderFields, right(searchfieldname, len(searchfieldname) - instr(searchfieldname, ".")), "searchfieldname", orderfieldcount,getlang("langCommonSelect") else GenerateSelectNV OrderFields, searchfieldname, "searchfieldname", orderfieldcount,getlang("langCommonSelect") end if %>

<% end sub '******************************************************************************* ' get list of all products or display catalogid text box '****************************************************************************** Sub GenerateOitemsFilter If getconfig("xdisplayordersproductlist")="Yes" then response.write "" GetOitemsnames response.write "" response.write "

Filter Orders on Items Ordered

" GenerateSelectV Oitemsnames, oitemsvalues, cstr(getsess("oitemsname")), "Oitemsnames", Oitemsnamescount,getlang("langCommonSelect") response.write "

" exit sub end if response.write "" response.write "" response.write "" response.write "

Filter Orders on catalogid

" 'VP-ASP 6.50 - enhanced advanced search response.write "" response.write "

" end sub Sub GetFieldNames dim sqltemp, rstemp If GetSess("orderfieldcount")<>"" then Orderfields=GetSessA("OrderFields") OrderfieldCount=GetSess("OrderFieldCount") exit sub end if redim orderfields(200) sqltemp="select * from orders " set rstemp=dbc.execute(sqltemp) orderfieldcount=rstemp.fields.count -1 for i=0 to orderfieldcount OrderFields(i)= rstemp(i).name next SetSessA "OrderFields",Orderfields SetSess "OrderFieldCount",Orderfieldcount rstemp.close set rstemp=nothing end sub Sub GetOitemsNames dim oitemsdbc ShopOpendatabaseP oitemsdbc dim oitemssql, oitemsrs, k k = 0 'if GetSess("oitemsnamescount")<>"" then ' oitemsnames=GetSessA("oitemsnames") ' oitemsvalues=GetSessA("oitemsvalues") ' oitemsnamescount=GetSess("oitemsnamescount") ' exit sub 'end if redim oitemsnames(200) redim oitemsvalues(200) oitemssql="SELECT count(catalogid) as catcount FROM products" Set oitemsrs=Server.CreateObject("ADODB.Recordset") oitemsrs.open oitemssql, oitemsdbc, 3, 3 if not oitemsrs.eof then oitemsnamescount=oitemsrs("catcount") redim oitemsnames(oitemsnamescount) redim oitemsvalues(oitemsnamescount) end if oitemssql="SELECT catalogid, cname FROM products ORDER BY catalogid" Set oitemsrs=Server.CreateObject("ADODB.Recordset") oitemsrs.open oitemssql, oitemsdbc, 3, 3 while not oitemsrs.eof oitemsnames(k)= oitemsrs("catalogid") & " - " & oitemsrs("cname") oitemsvalues(k)= cstr(oitemsrs("catalogid")) k = k + 1 oitemsrs.movenext wend SetSessA "oitemsnames",oitemsnames SetSessA "oitemsvalues",oitemsvalues SetSess "oitemsnamescount",oitemsnamescount oitemsrs.close set oitemsrs=nothing ShopClosedatabase oitemsdbc end sub Sub MarkPending (Item) 'Response.write "item=" & item dim pendingfieldname, pendingfieldvalue pendingfieldname="pending_" & item pendingfieldvalue=request(pendingfieldname) pendingfieldvalue=replace(pendingfieldvalue,"'","''") If pendingfieldvalue=getlang("langcommonselect") then sql= "update orders set opending=NULL where orderid =" & item else sql= "update orders set opending='" & pendingfieldvalue & "'" & " where orderid =" & item end if 'debugwrite sql dbc.Execute sql End sub Sub addpendingsql (sqlproc, whereok) if Pendtype="" then exit sub end if if Pendtype="*" then exit sub else pendtype=replace(pendtype,"'","''") If Pendtype="No" then sqlproc = sqlproc & whereok & " (opending='" & Pendtype & "'" & " or opending is null )" else sqlproc = sqlproc & whereok & " (opending='" & Pendtype & "'" & ")" end if whereok=" AND " end if end sub ' Sub SetupPending dim words(20), wordcount dim status, nostatus status=getconfig("xorderpendingvalues") If status="" then exit sub parserecord status, words, wordcount,"," for i = 0 to wordcount-1 Pendnames(i)=words(i) pendvalues(i)=words(i) pendingfieldnames(i)=words(i) next Pendingfieldcount=i nostatus=getlang("langAllOrders") Pendnames(i)=nostatus Pendvalues(i)="*" i=I+1 Pendingnamescount=i end sub ' Sub SetupPaid dim words(20), wordcount, values(10),valuecount dim status, nostatus, value dim yes, no yes=trim(getlang("langcommonyes")) no=trim(getlang("langcommonno")) status=Getlang("LangAdminPayments") & " " & yes & "," & Getlang("LangAdminPayments") & " " & no value="Yes,No" parserecord status, words, wordcount,"," parserecord value, values, valuecount,"," for i = 0 to wordcount-1 Paidnames(i)=words(i) paidvalues(i)=values(i) paidfieldnames(i)=words(i) next Paidfieldcount=i nostatus=getlang("langAllOrders") Paidnames(i)=nostatus Paidvalues(i)="*" i=I+1 Paidnamescount=i end sub Sub AddPaidSql (sql, whereok) dim tpaidtype If paidtype="" or paidtype="*" then exit sub tpaidtype=lcase(paidtype) sql=sql & whereok whereok=" and " if tpaidtype="yes" then sql=sql & " ocardtype is not null" else sql=sql & " (ocardtype is null)" end if end sub Sub Validateorder (ocardtype, paidyesno) if isnull(ocardtype) then Paidyesno="No" else Paidyesno="Yes" end if end sub '************************************************************** ' Update stock on processed '************************************************************** Sub UpdateStock (orderid) If getconfig("xupdatestockonprocessed")<>"Yes" then exit sub dim oid,strsql oid=orderid ShopOpendatabaseP stockconn strSQL = "select * FROM oitems where orderid = " & Oid Set Items = dbc.Execute(strSQL) UpdateStockDetails Shopclosedatabase stockconn end sub Sub UpdateStockDetails dim catalogid dim quantity Do While Not Items.EOF quantity=Items("numitems") catalogid=items("catalogid") UpdateStockLevels catalogid, quantity Items.MoveNext Loop closerecordset items end sub ' Sub UpdateStockLevels (catalogid, quantity) dim rsproduct dim myconn dim stock 'VP-ASP 6.50 - broadened defintion of IF statement to cover cases where xmysql hasn't been set if ucase(xdatabasetype) = "MYSQL" OR ucase(xdatabasetype) = "MYSQL351" OR getconfig("xMYSQL")="Yes" then mysqlupdatestocklevels catalogid, quantity, stockconn exit sub end if Set rsproduct = Server.CreateObject ("adodb.recordset") sql ="select cstock from products where catalogid=" & catalogid rsproduct.Open SQL, stockconn, adOpenKeyset, adLockOptimistic , adcmdText If not rsproduct.eof then stock=rsproduct("cstock") stock=stock-quantity rsproduct("cstock")=stock rsproduct.update end if closerecordset rsproduct end sub '============================================== ' SPECIAL SEARCH CUSTOMISATION ' Writes the Table '============================================== Sub WriteSelectTable (num) dim i Selectioncritereontext=MYSQL %> <% For i = 1 to num %> <% Next %> <% For i = 1 to num %> <% Next %> <% For i = 1 to num %> <% Next %> <% For i = 1 to num %> <% Next %>

Select <%=i%>

<%Writetableallfields i,""%>

" name=criterionvalue<%=i%> size="15">

<%RadioButtons i%>

<% End Sub Sub RadioButtons (num) if num=specialsearchcount then exit sub dim value,i,selected dim valuearray(3) valuearray(0)="And" valuearray(1)="Or" valuearray(2)="Not" value=Request("Selection"&num) %> <% if value="" then value="Or" For i = 0 to 2 if value=valuearray(i) then selected=" CHECKED" else selected="" end if %> <% Next %>

<%=valuearray(i)%>

<%=Selected%>>

<% End Sub Sub specialsearchterm (SQL,sqladd,criterion,criterionvalue,andor,bracketopen) dim openbracket,closebracket openbracket="" closebracket="" if criterionvalue="" then exit sub if criterion = "orderid" then criterion = "orders.orderid" if lcase(Sqladd)=" where" then sql=sql & sqladd sqladd="AND" end if if lcase(andor) = "not" then andor=" and " sql = sql & prevandor 'VP-ASP 6.50 - replace any quotes in search term with '' sql = sql & " " & criterion & " Not like '%" & replace(criterionvalue, "'", "''") & "%'" prevandor=andor else select case (lcase(andor)) case "or" if bracketopen=false then openbracket="(" bracketopen=true end if case "and" if bracketopen then closebracket=")" bracketopen=false end if end select sql = sql & " " & prevandor & " " & openbracket & criterion & " like '%" & replace(criterionvalue,"'","''") & "%'" & closebracket & " " prevandor=andor end if sqladd="AND" End Sub Sub AddPrintLink() dim ordernumberprint SetSess "ordernumberprint",getsess("oid") %>

<% End Sub Function trackingtoday(orderid) dim unopenedsql dim unopenedconn, unopenedrs 'VP-ASP 6.09 - was opening wrong database for tracking table 'shopopendatabase unopenedconn openorderdb unopenedconn 'get number of unviewed tracking messages for this order unopenedsql = "select count(trackid) as unread from ordertracking where orderid = " & orderid & " AND trackdate = " & datedelimit(now()) set unopenedrs = unopenedconn.execute(unopenedsql) if not unopenedrs.eof then if unopenedrs("unread") <> "0" then trackingtoday = true else trackingtoday = false end if else trackingtoday = false end if closerecordset unopenedrs shopclosedatabase unopenedconn End Function 'VP-ASP 6.50 - send pin numbers when order processed Sub MailPerson (toname, toaddress, fromname, fromaddress, subject, tobody,attachmentYesNo) dim acount SetSess "mailerror","" my_system=getconfig("xemailsystem") ' mail.mysystem.com mailtype=getconfig("xemailtype") ' aspmail, jmail, cdonts my_subject=subject my_to=toname my_toAddress=toaddress my_from=fromname my_fromAddress=fromaddress if my_toAddress= "" then exit sub end if if my_from = "" then my_from="Unknown" end if if my_fromAddress="" then my_fromAddress="unknown@unknown.com" end if body=tobody if getconfig("xDebug")="Yes" then debugwrite "mailing to " & toname & " " & toaddress end if htmlformat=Getsess("EmailFormat") If attachmentYesNo="Yes" then acount=attachmentcount else acount=0 end if ExecuteMail mailtype,My_from,my_fromaddress,my_to,my_toaddress,my_subject,body,htmlformat,attachmentarray,acount end sub %>