Creating sessions

geneane · #1 (**permalink**) 10-05-03, 09:44 PM

I need to create a session in my store where when a user logs in, if they are a wholesale customer

wholesale = "W"

then create a wholesale session and show wholesale prices

price = wholesalePrice

Any help?

Mud · #2 (**permalink**) 10-05-03, 09:52 PM

I am not a asp person but maybe you can have a if and else statement
Where if requires them to be W and else is normal

geneane · #3 (**permalink**) 10-05-03, 10:07 PM

Yes,
I tried that, but I think my session code is messed up...I am nit good with that. The price did not change...

Shane · #4 (**permalink**) 10-06-03, 08:18 AM

Quote:

Originally Posted by geneane

I need to create a session in my store where when a user logs in, if they are a wholesale customer

wholesale = "W"

then create a wholesale session and show wholesale prices

price = wholesalePrice

Any help?

Code:

<%
if WholeSale Then
Session("CustomerType") = "W"
Else
Session("CustomerType") = "na"
End If

If Session("CustomerType") = "W" Then
Response.Write(wholesalePrice)
Else
Response.Write(normalPrice)
End If

%>

That should give you a basic idea of sessions.

geneane · #5 (**permalink**) 10-06-03, 10:30 AM

I tried:

mySQL = "SELECT wholesale,idCust " _
& "FROM customer "
'& "WHERE idCust = " & validSQL(idCust,"I") & " " _

if wholeSale = "W" Then
session("wholesale") = "W"
End If

but nothing happens...I am testing it by using this:

<% if session("wholesale") = "W" then
Response.Write("<b><font color=red>WHOLESALE</font> prices</b>")
else
Response.Write("<b>RETAIL prices shown</b>")
end if
%>

RETAIL prices shown keeps showing.

Shane · #6 (**permalink**) 10-06-03, 11:47 AM

Quote:

Originally Posted by geneane

I tried:

mySQL = "SELECT wholesale,idCust " _
& "FROM customer "
'& "WHERE idCust = " & validSQL(idCust,"I") & " " _

if wholeSale = "W" Then
session("wholesale") = "W"
End If

but nothing happens...I am testing it by using this:

<% if session("wholesale") = "W" then
Response.Write("<b><font color=red>WHOLESALE</font> prices</b>")
else
Response.Write("<b>RETAIL prices shown</b>")
end if
%>

RETAIL prices shown keeps showing.

What's the variable "wholeSale" set to? From this point of view, it doesn't look like it's set at all.

geneane · #7 (**permalink**) 10-06-03, 01:45 PM

Wholesale is a field in the table.

Shane · #8 (**permalink**) 10-06-03, 02:09 PM

Quote:

Originally Posted by geneane

Wholesale is a field in the table.

Yeah, but the field in the table doesn't automatically convert itself to an ASP variable.

Post your entire code section so I can see how you are implementing this.

geneane · #9 (**permalink**) 10-06-03, 02:20 PM

Here is the logon.asp page:

<%@ Language=VBScript %>
<%
Option explicit
Response.Buffer = true
%>





<%
'Work fields
dim strReferer
dim arrayErrors
dim action
dim randomKey
dim formID
dim hdrNewCust
dim hdrOldCust
dim butNewCust
dim msgOldCust
dim msgNewCust
dim actNewCust

'Customer
dim status
dim Name
dim LastName
dim Email
dim Password
dim wholesale

'Database
dim mySQL
dim conntemp
dim rstemp
dim rstemp2

'Session
dim idOrder
dim idCust
dim isGiftRegistry

'************************************************* ************************

'Open Database Connection
call openDb()

'Store Configuration
if loadConfig() = false then
call errorDB(langErrConfig,"")
end if

'If a cart existed under HTTP session, recreate cart under HTTPS session
idOrder = trim(Request.QueryString("idOrder"))
randomKey = trim(Request.QueryString("randomKey"))
if len(idOrder) > 0 and len(randomKey) > 0 then
call httpsSession(idOrder,randomKey)
end if

'Get/Set Cart/Order Session
idOrder = sessionCart()

'Get/Set Customer Session
idCust = sessionCust()

'Check Action Indicator
action = lCase(trim(Request("action")))
if action <> "logon" _
and action <> "logonaff" _
and action <> "logoff" _
and action <> "save" _
and action <> "gift" _
and action <> "checkout" then
Response.Redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrAction)
end if

'If Logoff, clear session and redirect to logoff message
if action = "logoff" then
session(storeID & "idCust") = null
Response.Redirect "sysMsg.asp?msg=" & server.URLEncode(langGenLogoffMsg)
end if

'If Checkout, Gift, or Save, do some validations on the cart
if action = "checkout" or action = "save" or action = "gift" then

'Check if the session is still active
if isNull(idOrder) then
response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrCartEmpty)
end if

'Check if cart has any items
if cartQty(idOrder) = 0 then
response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrCartEmpty)
end if

'Check if minimum order amount has been met (checkout only)
if action = "checkout" then
if cartTotal(idOrder,0) < pMinCartAmount then
response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrMinPrice & pCurrencySign & moneyS(pMinCartAmount))
end if
end if

end if

'Before we display the form for the first time, check if we can simply
'forward to the next page without showing the form.
if trim(Request.Form("formID")) = "" then

'If user already logged on ...
if not isNull(idCust) then
select case action
case "logon", "logonaff"
Response.Redirect "custListOrders.asp"
case "save"
call saveCart(idOrder,idCust)
Response.Redirect "custListOrders.asp"

case "gift"
call giftCart(idOrder,idCust)
Response.Redirect "gr_custListOrders.asp"

case "checkout"
Response.Redirect "20_Customer.asp?action=" & action
end select
end if

'Check if the Customer clicked the "Logon" button
else

'Get values from the form
Email = request.form("Email")
Password = request.form("Password")

'Check Customer Logon form
if len(email) = 0 or len(password) = 0 then
'Email OR Password is empty
if len(email) = 0 then
arrayErrors = arrayErrors & "|email"
end if
if len(password) = 0 then
arrayErrors = arrayErrors & "|password"
end if
else
'Check for Invalid Characters
if invalidChar(Email,1,"@.-_") then
arrayErrors = arrayErrors & "|email"
end if
if invalidChar(Password,1,"") then
arrayErrors = arrayErrors & "|password"
end if
end if

'If there weren't any obvious errors so far, check the Customer's
'DB record and if it's valid log him on.
if len(trim(arrayErrors)) = 0 then

'Check Email/Password, and if Customer is still Active
mySQL = "SELECT idCust " _
& "FROM customer " _
& "WHERE email='" & validSQL(email,"A") & "' " _
& "AND password='" & validSQL(Ascii2Hex(EnDeCrypt(lCase(password),rc4Ke y)),"A") & "' " _
& "AND status='A'"
set rsTemp = openRSexecute(mySQL)
if not rstemp.eof then

'Log the Customer on
idCust = rsTemp("idCust")
session(storeID & "idCust") = idCust

'Forward to next page
select case action
case "logon", "logonaff"
Response.Redirect "custListOrders.asp"
case "save"
call saveCart(idOrder,idCust)
Response.Redirect "custListOrders.asp"

case "gift"
call giftCart(idOrder,idCust)
Response.Redirect "gr_custListOrders.asp"

case "checkout"
Response.Redirect "20_Customer.asp?action=" & action
end select

else

'Invalid email/password combo entered
arrayErrors = arrayErrors & "|email"
arrayErrors = arrayErrors & "|password"

end if
call closeRS(rsTemp)

end if

end if

mySQL = "SELECT wholesale,idCust " _
& "FROM customer "
'& "WHERE idCust = " & validSQL(idCust,"I") & " " _
'set rsTemp = openRSexecute(mySQL)

if wholeSale = "W" Then
session("wholesale") = "W"
'Else
'Session("wholesale") = "na"
End If

'Adjust display elements according to what type of logon we're showing
if action = "logonaff" then
hdrOldCust = langGenExistAff
hdrNewCust = langGenNewAff
butNewCust = langGenNewAff
msgOldCust = langGenExistAffDesc
msgNewCust = langGenNewAffDesc
else
hdrOldCust = langGenExistCust
hdrNewCust = langGenNewCust
butNewCust = langGenNewCust
msgOldCust = langGenExistCustDesc
msgNewCust = langGenNewCustDesc
end if

'Determine action indicator for a New customer
if action = "logonaff" then
actNewCust = "newaff"
elseif action = "logon" then
actNewCust = "newacc"
else
actNewCust = action
end if

%>

<%

'Close Database Connection
call closedb()

'************************************************* *********************
'Main Shopping Cart Display Area.
'************************************************* *********************
sub cartMain()
%>

<table border="0" cellpadding="0" cellspacing="0" width=350><tr><td>


<table border="0" cellspacing="0" cellpadding="2" width="100%">
<tr>
<td valign=middle class="CPpageHead" width="49%">
<b><%=hdrOldCust%></b>
</td>
<td width="2%"> </td>
<td valign=middle class="CPpageHead" width="49%">
<b><%=hdrNewCust%></b>
</td>
</tr>
<tr>
<form METHOD="POST" name="LogonForm" action="10_Logon.asp">
<td valign=top>
<br><%=msgOldCust%><br>
<br><%=langGenEmail%><br>
<input type=text name=email size=20 maxlength=50 value="<%=email%>"><br>
<%=langGenPassword%><br>
<input type=password name=password size=10 maxlength=10 value="<%=password%>"><br><br>
<% if len(trim(arrayErrors)) > 0 then %>
<font color=red><i><%=langErrLogon%></i></font><br><br>
<% end if %>
<input type="hidden" name="action" value="<%=action%>">
<input type="hidden" name="formID" value="00">
<input type="submit" name="Submit" value="<%=langGenLogon%>"><br><br>
<a href="<%=urlNonSSL%>custPass.asp"><i><%=langGenFor getPass%></i></a>
</td>
</form>

<td valign=top> </td>

<form METHOD="POST" name="NewAccForm" action="20_Customer.asp">
<td valign=top>
<br><%=msgNewCust%><br><br>
<input type="hidden" name="action" value="<%=actNewCust%>">
<input type="submit" name="Submit" value="<%=butNewCust%>">
</td>
</form>
</tr>
</table>


</td></tr></table>
<br>
<%
end sub

'************************************************* *********************
'Create Cart session under HTTPS (if required)
'************************************************* *********************
sub httpsSession(idOrder,randomKey)

'Because sessions are not shared between HTTP and HTTPS, we have
'to recreate the HTTP session under HTTPS from the database. To
'make sure that the Order Number was not altered by the user, we
'compare the Random Key in the database against the Random Key
'passed via the querystring. A valid idOrder & randomKey combination
'means the session can be recreated.

'Validate Order Number passed via QueryString
if not isNumeric(idOrder) then
response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrInvOrder)
end if

'Validate Random Key passed via QueryString
if not isNumeric(randomKey) then
response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrInvRandKey)
end if

'Validate Order/Random Key combination on DB
mySQL = "SELECT idOrder " _
& "FROM cartHead " _
& "WHERE idOrder = " & validSQL(idOrder,"I") & " " _
& "AND randomKey = '" & validSQL(randomKey,"A") & "' "
set rsTemp = openRSexecute(mySQL)
if rstemp.eof then
response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(langErrInvOrder)
end if
call closeRS(rsTemp)

'Create session
session(storeID & "idOrder") = idOrder

end sub
%>

Thanks for helping...

Shane · #10 (**permalink**) 10-06-03, 02:44 PM

Change your MySQL code to this:

Code:

mySQL = "SELECT wholesale,idCust " _
& "FROM customer " 
'& "WHERE idCust = " & validSQL(idCust,"I")


set rsTemp = openRSexecute(mySQL)

If NOT rsTemp.EOF Then
if rsTemp("wholesale") = "W" Then
session("wholesale") = "W" 
Else
Session("wholesale") = "na"
End If

End If

closeRS(rsTemp)

Remember, you have to initiate a recordset which brings back the values. You can then get the values from the recordset.