%
DbPath = SERVER.MapPath("../database/topboy-2002.mdb")
Set conn = Server.CreateObject("ADODB.Connection")
conn.open "driver={Microsoft Access Driver (*.mdb)};dbq=" & DbPath
%>
<%
set rs=server.createobject("adodb.recordset")
pname = trim(Request("pname"))
sql="select * from topboy_product where productname = '" & pname & "'"
'response.write sql
'response.end
rs.open sql,conn,adOpenkeyset,adlockoptimistic,adcmdtext
if rs.eof and rs.bof then
response.write"
"
Response.write "出现错误,可能的原因是该商品不存在或者在商品名称中使用了“&”符号!"
Response.write "*请按此返回..."
Response.write " 或 "
Response.write "*请按此关闭..."
Response.end
end if
If request("imageadd.x") <> "" Then
if isnumeric(request("quantity")) = false then
response.write"
"
Response.write " 您好,数量请您填写数字!"
Response.write "请按此返回..."
Response.end
end if
session("username") = "guest"
session("orderid")=session("username")&year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)
sql="insert into topboy_orderproduct (orderid,ordername,productname,price,quantity,freight) values('"& session("orderid") &"','"& session("username") &"','"& rs("productname") &"','"& rs("price") &"','"& request("quantity") &"','"& rs("freight") &"')"
'response.write sql
'response.end
conn.execute sql
response.redirect "front-submit.asp"
response.end
end if
%>
 |
|
 |