Discuss "logic problem" in the ASP Development forum.

todd2006 · #1 August 26th, 2008, 02:46 PM

Hi,

I have a page where user enters the details and enters credit card information and hits submits

whats its supposed to do is add the personal details in a table then get the id for the record and then do credit card processing and then update the table with the Id

here is my code

Code:

<%
 date1=FormatDateTime(Now(),vbGeneralDate)
 FName =Trim(Request.form("FName"))
 LName =Trim(Request.form("LName"))
 Institution =Trim(Request.form("Institution"))
 Position =Trim(Request.form("Position"))
 Address1 =Trim(Request.form("Add1"))
 Address2 =Trim(Request.form("Add2"))
 City =Trim(Request.form("City"))
 State =Trim(Request.form("State"))
 Zip =Trim(Request.form("Zip"))
 Country =Trim(Request.form("Country"))
 MemberPhone =Trim(Request.form("Phone"))
 FaxNumber =Trim(Request.form("FaxNumber"))
 Email =Trim(Request.form("Email"))
 EmergencyContact =Trim(Request.form("EmergencyContact"))
 EmergencyPhone =Trim(Request.form("EmergencyPhone"))
 CardType =Trim(Request.form("PaymentMethod"))
 CardNumber =Trim(Request.form("CreditCardNumber"))
 ExpirMonth =Trim(Request.form("ExpirMonth"))
 ExpirYear =Trim(Request.form("ExpirYear"))
 NameOnCard =Trim(Request.form("NameOnCard"))
 total= Request.form("totalcharge1")

 ExpirDate = ExpirMonth & ExpirYear
 CardNumberLength = Len(CardNumber)
 CardNumberShort= Mid(CardNumber,(CardNumberLength - 3), 4)

 strSQL ="select * from Registrations;"

 Set rsAdd = Server.CreateObject("ADODB.Recordset")
 With rsAdd
    .Source="Registrations"
    .CursorType = 2
    .LockType = 3
 End With
 rsAdd.Open strSQL, Conn
 rsAdd.AddNew
 rsAdd.Fields("First_Name") = Request.Form("FName")
 rsAdd.Fields("Last_Name") = Request.Form("LName")
 rsAdd.Fields("Institution") = Request.Form("Institution")
 rsAdd.Fields("Position") = Request.Form("Position")
 rsAdd.Fields("Address_1") = Request.Form("Add1")
 rsAdd.Fields("Address_2") = Request.Form("Add2")
 rsAdd.Fields("City") = Request.Form("City")
 rsAdd.Fields("State") = Request.Form("State")
 rsAdd.Fields("ZipCode") = Request.Form("Zip")
 rsAdd.Fields("Country") = Request.Form("Country")
 rsAdd.Fields("Phone") = Request.Form("Phone")
 rsAdd.Fields("Fax") = Request.Form("FaxNumber")
 rsAdd.Fields("Email") = Request.Form("Email")
 rsAdd.Fields("Payment_Method") = Request.Form("PaymentMethod")
 rsAdd.Fields("Credit_Card_Number") = CardNumberShort
 rsAdd.Fields("Expiration_Date") = ExpirDate
 rsAdd.Fields("Name_On_Card") = Request.Form("NameOnCard")
 rsAdd.Fields("Total_Charge") = total
 rsAdd.Fields("How_Recieved") = "Web"
 rsAdd.Fields("IP_Address") = userip
 rsAdd.Fields("Date_Recieved") = date1

 rsAdd.Update

 strid =  "SELECT Max(Id) as Newest from Registrations"
 Set RecSet = Conn.Execute(strid)
 ID = RecSet("Newest")
 RecSet.Close()

 Set RecSet = Nothing

	 If Err.Number <> 0 Then
		   FeedbackMessage = "<p>We're sorry, but there was a problem adding your information to the database.</p>"                        & vbNewLine _
		   & "<p>Error Number: " & Err.Number & "<br />" & vbNewLine _
		   & "Error Source: " & Err.Source & "<br />" &  vbNewLine _
           & "Error Description: " & Err.Description & "</p>"
           sDone = 0
     Else
    	   ParmList = "TRXTYPE=S&TENDER=C&zip=" + Zip + "&COMMENT1=on-line transaction"
           ParmList = ParmList + "&ACCT=" + CardNumber
           ParmList = ParmList + "&PWD=***********"
           ParmList = ParmList + "&USER=***********"
           ParmList = ParmList + "&VENDOR=**********"
           ParmList = ParmList + "&PARTNER=***"
           ParmList = ParmList + "&EXPDATE=" + ExpirDate
           ParmList = ParmList + "&AMT=" + cstr(total)

           set Client =Server.CreateObject("PFProCOMControl.PFProCOMControl.1")
           Context =Client.CreateContext("payflow.verisign.com", ***, **,"", 0, "", "")
           TransactionResult =Client.SubmitTransaction(Context, ParmList,Len(ParmList))
           Client.DestroyContext(Context)

           Do While Len(TransactionResult) <> 0
				If InStr(TransactionResult, "&") Then
					VarString = Left(TransactionResult,InStr(TransactionResult, "&" ) -1)
                Else
					VarString = TransactionResult
				End If


                Name = Left(VarString, InStr(VarString, "=")-1)
                Value = Right(VarString, Len(VarString) -(Len(Name)+1))

                If Name = "RESULT" Then
					 Result = Value
				Elseif Name = "PNREF" Then
					 PnRef = Value
				Elseif Name = "RESPMSG" Then
					 RespMsg = Value
                Elseif Name = "AUTHCODE" Then
					 AuthCode = Value
				End If

				If Len(TransactionResult) <> Len(VarString) Then
					TransactionResult = Right(TransactionResult,Len(TransactionResult) - (Len(VarString)+1))
				Else
					TransactionResult = ""
				End If
           Loop

          strinsert= "UPDATE Registrations SET PNREF = '" &  PnRef & "', Result = '" & Result & "', AuthCode = '" & AuthCode & "', RespMsg = '" & RespMsg & "' WHERE  (Id = " & ID & ")"


		  On Error Resume Next

			Conn.Execute(strinsert)

            Conn.Close
            Set Conn = Nothing

         If Err.Number <> 0 Then
                FeedbackMessage = "<p>We're sorry, but there was  a problem adding your information to the  database.</p>" & vbNewLine _
                & "<p>Error Number: " & Err.Number & "<br />" & vbNewLine _
                & "Error Source: " & Err.Source & "<br />" &  vbNewLine _
                & "Error Description: " & Err.Description & "</p>"
                Done = 0

         Else

               If (Result = 0) Then
           %>
SHow me
<%
Else
	Response.Redirect("decline.asp)

                    End If

           End If

		      Err.Clear
               On Error Goto 0

  End If
        
			      Err.Clear
               On Error Goto 0

 

%>

my biggest problem is if there are 2 people filling the form at same time

say John doe and jason smith

what happens is both records are added in the table but when the credit card is processed
jason smith verification number will be attached to john doe's number
and jason smith doesnt has a verification number can someone tell me how i can prevent is do i need to do add transaction code or is there a different way

thanks for all the help

todd

Wolffy · #2 August 26th, 2008, 03:23 PM

Your code will have problems in a multi-user environment. Always assume that a series of SQL statement can be interrupted and not execute in the order you expect. Problems like can usually be solved with a stored procedure -- what DB are you using?

todd2006 · #3 August 26th, 2008, 03:36 PM

sql server

Wolffy · #4 August 26th, 2008, 03:48 PM

Cool. Store Procedure to the rescue. The problem you face here is that Joe's record could be inserted, then Bob's record and the you do the Select MAX and get Bob's ID number. Not cool. So, put the INSERT into a Stored Procedure. Here's a small example that should be easy to build on:

Code:

CREATE PROCEDURE InsertEmployee
(@LastName NVARCHAR(20),
@FirstName NVARCHAR(10),
@EmployeeID INT OUTPUT)
AS
INSERT INTO Registrations(Fname,Lname)
VALUES(@FirstName,@LastName)
SET @EmployeeID = SCOPE_IDENTITY()

Note the use of the Output Parameter. For a complete look at this look here Page 4 - Using T-SQL Stored Procedures with ASP.NET 2.0
and also here http://support.microsoft.com/kb/164485 for into on doing this in Classic ASP

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Discuss "logic problem" in the ASP Development forum.

ASP Development - Learn coding practices and tips to get the best out of your Active Server Pages (ASP). The Classic ASP forum is for ASP/VBScript and ASP/JScript applications.