mpwright
11-22-2004, 05:58 AM
Hi,
Im trying to fix an e-commerce website that someone had started when they left the job I have now taken over. Ive managed to fix most of the problems but I cant figure this one out. When the user adds more that 1 type of item into the shopping cart & tries to update the quantities of either item the shopping cart gets emptied. The code is pasted below - this is the code from "qtyupd.asp":
<%
Response.Cookies("modified") = "true"
Response.Expires=0
queries = 0
Set conn = Server.CreateObject("ADODB.Connection")
Conn.Open ("driver={Microsoft Access Driver (*.mdb)};DBQ=" & server.mappath("aspcart5.mdb"))
sql = "SELECT * FROM temporary ORDER BY item;"
set rs = Conn.Execute(sql)
do while not rs.eof
customerid= Request.Cookies("customerid")
If CLng(Request.Querystring(rs("item"))) <> rs("quantity") and rs("custID") = Request.Cookies("customerid") then
newquantity = CLng(Request.QueryString("item"))
Response.write(newquantity)
if newquantity = 0 then
sql = "DELETE DISTINCTROW custID FROM temporary WHERE (item='" & rs("item") & "')"
else
sql = "UPDATE DISTINCTROW temporary SET quantity ='" & newquantity & "' WHERE item='" + rs("item") + "' AND custID='" + customerid + "'"
end if
set rs = Conn.Execute(sql)
sql = "SELECT * FROM temporary ORDER BY item;"
set rs = Conn.Execute(sql)
end if
if not rs.eof then rs.movenext
loop
rs.close
set rs = nothing
Response.Redirect("refview.asp")
%>
I once managed to get in touch with the guy who started it and he told me this:
If you comment out your response.redirect from qtyupd.asp you will see that the querystring being passed by your get method is along the lines of:
http://bs38498.nitlc.com/asp/qtyupd.asp?item0=10&item1=100&UPDATE+QUANTITIES.x=68&UPDATE+QUANTITIES.y=18
However when you look at the code processing these values it contains the following within your loop:
newquantity = CLng(Request.QueryString("item"))
Response.write(newquantity)
if newquantity = 0 then
sql = "DELETE DISTINCTROW custID FROM temporary WHERE (item='" & rs("item") & "')"
The result of this is that as you have no item but only an item0, item1 etc - you will always have newquantity equal to zero and therefore delete every row of your recordset.
This is a foreign language to me as I only have a very basic HTML/ASP knowledge. Could somebody tell me what I need to do please?
Kind Regards
Mark
Im trying to fix an e-commerce website that someone had started when they left the job I have now taken over. Ive managed to fix most of the problems but I cant figure this one out. When the user adds more that 1 type of item into the shopping cart & tries to update the quantities of either item the shopping cart gets emptied. The code is pasted below - this is the code from "qtyupd.asp":
<%
Response.Cookies("modified") = "true"
Response.Expires=0
queries = 0
Set conn = Server.CreateObject("ADODB.Connection")
Conn.Open ("driver={Microsoft Access Driver (*.mdb)};DBQ=" & server.mappath("aspcart5.mdb"))
sql = "SELECT * FROM temporary ORDER BY item;"
set rs = Conn.Execute(sql)
do while not rs.eof
customerid= Request.Cookies("customerid")
If CLng(Request.Querystring(rs("item"))) <> rs("quantity") and rs("custID") = Request.Cookies("customerid") then
newquantity = CLng(Request.QueryString("item"))
Response.write(newquantity)
if newquantity = 0 then
sql = "DELETE DISTINCTROW custID FROM temporary WHERE (item='" & rs("item") & "')"
else
sql = "UPDATE DISTINCTROW temporary SET quantity ='" & newquantity & "' WHERE item='" + rs("item") + "' AND custID='" + customerid + "'"
end if
set rs = Conn.Execute(sql)
sql = "SELECT * FROM temporary ORDER BY item;"
set rs = Conn.Execute(sql)
end if
if not rs.eof then rs.movenext
loop
rs.close
set rs = nothing
Response.Redirect("refview.asp")
%>
I once managed to get in touch with the guy who started it and he told me this:
If you comment out your response.redirect from qtyupd.asp you will see that the querystring being passed by your get method is along the lines of:
http://bs38498.nitlc.com/asp/qtyupd.asp?item0=10&item1=100&UPDATE+QUANTITIES.x=68&UPDATE+QUANTITIES.y=18
However when you look at the code processing these values it contains the following within your loop:
newquantity = CLng(Request.QueryString("item"))
Response.write(newquantity)
if newquantity = 0 then
sql = "DELETE DISTINCTROW custID FROM temporary WHERE (item='" & rs("item") & "')"
The result of this is that as you have no item but only an item0, item1 etc - you will always have newquantity equal to zero and therefore delete every row of your recordset.
This is a foreign language to me as I only have a very basic HTML/ASP knowledge. Could somebody tell me what I need to do please?
Kind Regards
Mark