<%@ LANGUAGE = JavaScript %>
<%
//
// if Customer is not recognised, then re-direct to customer details form.
//
CustomerID = Request.Cookies("CustomerID");
if (CustomerID==0) {
Response.Redirect("./Customer/customer.asp");
}
msg = "";
// Open Products table to read in products
ICSConnection = Server.CreateObject("ADODB.Connection");
ICSConnection.Open(Session("ConnectionString"));
RefConnection = Server.CreateObject("ADODB.Connection");
RefConnection.Open(Session("RefConnection"));
// Initialise SQL queries for Market Areas, and their products
areaQuery = "SELECT [AreaCode] AS Code, Area FROM [Market_Area]";
RSAreaList = RefConnection.Execute(areaQuery);
// Check the form is being submitted
var temp = new String(Request("Action"));
var Action = (temp.toUpperCase()).substring(0,5);
// Do some form validation
if (Action=="SUBMI") {
var checkProduct = false;
while (!RSAreaList.EOF) {
validQuery = "SELECT ProductID, [MarketArea] AS Area, [ShortName] AS Name FROM WebProducts WHERE [MarketArea]='" + RSAreaList("Code") + "'";
RSProdList = RefConnection.Execute(validQuery);
while (!RSProdList.EOF) {
if (Request(RSProdList("Name"))=="ON") {
checkProduct = true;
}
RSProdList.MoveNext();
}
RSAreaList.MoveNext();
}
// ensure the user has selected a product
if (!checkProduct) { // the user has not selected a product
msg += "At least one product must be selected to make an enquiry.";
}
else {
msg += "The user has selected a product";
// check for existence of comments
var partQuery1 = "";
var partQuery2 = "";
if (Request("General_Comments")!="") {
partQuery1 = ", [Comments]";
partQuery2 = "'" + Request("General_Comments") + "', ";
}
// make an entry in the Requests table
sql = "INSERT INTO Requests ([CustomerID]" + partQuery1 + ", [Contact]) VALUES (";
// convert form fields into strings
var strContact = new String(Request("Contact"));
// complete sql insert statement and execute
sql = sql + CustomerID + ", " + partQuery2 + "'" + strContact + "')";
ICSConnection.Execute(sql);
// For SQL Server, it is much more efficient to use the identity built in variable @@identity.
sql = "SELECT @@identity";
// For MS Access and other databases, use the max value just inserted (Comment out for SQL server)
sql = "SELECT MAX([RequestID]) FROM Requests";
rs = ICSConnection.Execute(sql)
RequestID = parseInt(rs(0));
rs.close();
// Make entries in the Request Products table
var strTemp = new String("");
RSAreaList.MoveFirst();
while (!RSAreaList.EOF) {
validQuery = "SELECT ProductID, [MarketArea] AS Area, [ShortName] AS Name FROM WebProducts WHERE [MarketArea]='" + RSAreaList("Code") + "'";
RSProdList = RefConnection.Execute(validQuery);
while (!RSProdList.EOF) {
if (Request(RSProdList("Name")) == "ON") { // product is checked
// insert into Request Products table
sql = "INSERT INTO Request_Products ([RequestID], [ProductID]) VALUES (";
strTemp = RSProdList("Name");
sql = sql + RequestID + ", '" + strTemp + "')";
ICSConnection.Execute(sql);
}
RSProdList.MoveNext();
}
RSAreaList.MoveNext();
}
Response.Redirect("eprodreq.asp?RequestID=" + RequestID) ;
}
}
RSAreaList.MoveFirst();
%>
Product Enquiry Form
<% var across = 1
while (!RSAreaList.EOF) {
across +=1
currentQuery = "SELECT ProductID, [MarketArea] AS Area, [ShortName] AS Name FROM WebProducts WHERE [MarketArea]='" + RSAreaList("Code") + "'"
RSProductList = RefConnection.Execute(currentQuery) %>
checked <% } %><% if (Request("Contact") == "Phone_Urgently") { %> checked <% } %> name="Contact">Please
phone me urgently
<% } %>value="EMail_Information" value="1">E-Mail me further information
<% } %>value="EMail_Distributor" value="2">E-Mail me distributor information for my country
Chemring Group PLC