% if (not Request.Form("submit") = "") or (not Request.Form("key") = "") then dim sUsername dim sSchool_ID sUsername = Request.Form("username") 'Submit of username and password if Request.Form("submit") = "Create" then if not Request.Form("password") = Request.Form("re-password") then sUsername = "" sError = "Passwords do not match." elseif Request.Form("email") = "" or (not inStr(Request.Form("email"), "@") > 0) then sUsername = "" sError = "Please enter a valid email address." else SET DbObj = Server.CreateObject("ADODB.CONNECTION") DbObj.Open "DSN=CommunityRebates;"+application("SQLQuery") SQL = "SELECT rec_id FROM finders where user_name='"+replace(sUsername, "'", "''")+"'" SET oRs = DbObj.Execute(SQL) if not oRs.EOF then sUsername = "" sError = "Username is already in use. Please select another." end if end if end if sState = Request.Form("state") 'Submit a new school for approval if Request.Form("submit") = "Submit School" then SET DbObj = Server.CreateObject("ADODB.CONNECTION") DbObj.Open "DSN=CommunityRebates;"+application("SQLQuery") SQL = "insert into newSchool (created_by, modified_by, name, phone, address, city, state, zip_code) values ('"+Request.Cookies("SUI")+"', '"+Request.Cookies("SUI")+"', '"+Request.Form("name")+"', '"+Request.Form("phone")+"', '"+Request.Form("address")+"', '"+Request.Form("city")+"', '"+Request.Form("state")+"', '"+Request.Form("zip_code")+"');" SET oRs = DbObj.Execute(SQL) SQL = "SELECT rec_id FROM newSchool WHERE name = '"+Replace(Request.Form("name"), "'", "''")+"' and phone = '"+Replace(Request.Form("phone"), "'", "''")+"' and address = '"+Replace(Request.Form("address"), "'", "''")+"' and city = '"+Replace(Request.Form("city"), "'", "''")+"' and state = '"+Replace(Request.Form("state"), "'", "''")+"' and zip_code = '"+Replace(Request.Form("zip_code"), "'", "''")+"'" SET oRs = DbObj.Execute(SQL) if not oRs.EOF then sNEWSCHOOL = cStr(oRs.Fields("rec_id")) end if sRebate = "sf00000" sRebate_Type = "school" end if 'Submit agreement of terms create account and set cookies if Request.Form("submit") = "I Agree" then SET DbObj = Server.CreateObject("ADODB.CONNECTION") DbObj.Open "DSN=CommunityRebates;"+application("SQLQuery") SQL = "insert into finders (user_name, user_pwd, first_name, last_name, email, rebate_type, rebate, active) values ('"+Replace(sUsername, "'", "''")+"', '"+Request.Form("password")+"', '" if len(Request.Form("first_name")) > 1 then SQL = SQL + Ucase(mid(Request.Form("first_name"),1,1)) + Replace(mid(Request.Form("first_name"), 2), "'", "''") else SQL = SQL + Request.Form("first_name") end if SQL = SQL + "', '" if len(Request.Form("last_name")) > 1 then SQL = SQL + Ucase(mid(Request.Form("last_name"),1,1)) + Replace(mid(Request.Form("last_name"), 2), "'", "''") else SQL = SQL + Request.Form("last_name") end if SQL = SQL + "', '"+Replace(Request.Form("email"), "'", "''")+"', '"+Request.Form("rebate_type")+"', '"+Request.Form("rebate")+"', '1');" SET oRs = DbObj.Execute(SQL) SQL = "SELECT rec_id FROM finders where user_name='"+Replace(sUsername, "'", "''")+"' and user_pwd = '"+Request.Form("password")+"';" SET oRs = DbObj.Execute(SQL) Response.Cookies("UN") = sUsername Response.Cookies("UN").expires = DateAdd("m", 3, date()) Response.Cookies("FN") = Request.Form("first_name") + " " + Request.Form("last_name") Response.Cookies("FN").expires = DateAdd("m", 3, date()) if not oRs.EOF then Response.Cookies("UI") = oRs.Fields("rec_id") Response.Cookies("UI").expires = DateAdd("m", 3, date()) end if Response.Cookies("UT") = 1 Response.Cookies("UT").expires = DateAdd("m", 3, date()) set oRs = Nothing DbObj.Close set DbObj = Nothing Response.Redirect("index.asp") end if 'Doesn't agree to terms if Request.Form("submit") = "I Don't Agree" then Response.Redirect("index.asp") end if 'Submit rebate if Request.Form("submit") = "Submit Recipient" or Request.Form("submit") = "Select" then sRebate_Type = Request.Form("rebate_type") Select case sRebate_Type case "organization" if Request.Form("name") = "" then MAJORERROR = TRUE else SET DbObj = Server.CreateObject("ADODB.CONNECTION") DbObj.Open "DSN=CommunityRebates;"+application("SQLQuery") SQL = "insert into newSchool (name, phone, address, city, state, zip_code, ID, type) values ('"+Replace(Request.Form("name"), "'", "''")+"', '"+Request.Form("phone")+"', '"+Request.Form("address")+"', '"+Request.Form("city")+"', '"+Request.Form("state")+"', '"+Request.Form("zip_code")+"', '"+Request.Form("ID")+"', '0');" SET oRs = DbObj.Execute(SQL) SQL = "SELECT rec_id FROM newSchool WHERE name = '"+Replace(Request.Form("name"), "'", "''")+"' and phone = '"+Replace(Request.Form("phone"), "'", "''")+"' and address = '"+Replace(Request.Form("address"), "'", "''")+"' and city = '"+Replace(Request.Form("city"), "'", "''")+"' and state = '"+Replace(Request.Form("state"), "'", "''")+"' and zip_code = '"+Replace(Request.Form("zip_code"), "'", "''")+"'" SET oRs = DbObj.Execute(SQL) if not oRs.EOF then sRebate = cStr(oRs.Fields("rec_id")) end if end if case "school" sRebate = Request.Form("select_school") case "unitedway" if Request.Form("zipcode") = "" then sRebate = "National" else sRebate = "Local:"+Request.Form("zipcode") end if case "tuition" end select end if end if if sState = "" then sState = "SC" end if %>
|
|