<%@ Language=VBScript %> <% '************************************************************************* ' DO NOT MODIFY THIS SCRIPT IF YOU WANT UPDATES TO WORK! ' Function : Displays a list of products that match a given criteria... ' : - Matches search criteria ' : - Matches a category ' : - Matches "specials" on flagged products ' : If a category is supplied which has sub categories, the ' : script will display a summary of categories instead of the ' : product list. ' Product : CandyPress Store Frontend ' Version : 6.2 ' Modified : May 2007 ' Copyright: Copyright (C) 2010 Cavallo Communications, LLC. ' See "license.txt" for this product for details regarding ' licensing, usage, disclaimers, distribution and general ' copyright requirements. If you don't have a copy of this ' file, you may request one at http://www.candypress.com '************************************************************************* ' Date Description ' 10/23/05 Added user exit ' 10/28/05 Modified expandCategory to use different languages ' 10/28/05 Add script delimiters for prodList user exit ' 01/02/06 Category heading text was not reading from langCategory ' 02/20/06 Fixed problem with Supplier filters not working correctly. ' 04/18/06 Added branding support ' 05/31/06 Corrected brand searching functionality ' 11/05/06 categoryHTMLLong will display in all cases when it is defined. ' 02/17/06 Changed branding support for database ' 05/22/07 Added manufacturer support ' 06/09/09 Added code to return to last displayed category page and sortorder ' 03/31/09 Added UOM display to listings ' 04/07/09 By adding the above the search required that idUOM be added to the select statement ' 05/18/10 Corrected formatting issue (TID=11988&title=prodlist-formatting-issue-61) '************************************************************************* ' 02/07/10 : Removed tables, replaced with div - candythemes.com '************************************************************************* Option explicit Response.Buffer = true %> <% 'Work Fields dim I dim totalRecs dim totalPages dim count dim curPage dim catPos dim catLst dim listHeading dim special dim strSearch, strSearchType, strSearchMax, strSearchMin, strSearchCat, strSearchBrand, strSearchManufacturer dim sortField dim queryStr dim subCount, maxCol, cellWidth dim searchArr dim tmpSQL1, tmpSQL2, tmpSQL3, tmpSQL4 dim wishlist dim favorites dim idSF dim cookiekey dim idbrand dim idmanufacturer dim errMsg dim userroles 'Categories dim IDCategory dim categoryDesc dim IDParentCategory dim categoryHTML dim categoryHTMLLong dim sortOrder dim breadcrumb 'Product dim IDProduct dim SKU dim Description dim DescriptionLong dim Price dim Details dim listPrice dim smallImageURL dim smallImageURL2 dim imageURL dim Stock dim fileName dim noShipCharge dim handlingFee dim wholesaleprice dim msrp dim map dim freight dim estimatedship dim brand dim refurbished dim manufacturer dim minorder dim idUOM 'Database dim mySQL dim conntemp dim rstemp dim rstemp2 dim recordArr 'Session dim idOrder dim idCust '************************************************************************* 'Open Database Connection call openDb() 'Store Configuration if loadConfig() = false then call errorDB(LangText("ErrConfig",""),"") end if 'Get/Set Cart/Order Session idOrder = sessionCart() 'Get/Set Customer Session idCust = sessionCust() 'Get/Set Affilate ID call getIdAffiliate(validHTML(Request.QueryString("idAff"))) '--------------------------------- ' PARMS - Search '--------------------------------- strSearch = Request("strSearch") strSearchType = Request("strSearchType") strSearchMin = Request("strSearchMin") strSearchMax = Request("strSearchMax") strSearchCat = Request("strSearchCat") strSearchBrand = Request("strSearchBrand") strSearchManufacturer = Request("strSearchManufacturer") if len(strSearch & strSearchMin & strSearchMax & strSearchCat & strSearchBrand & strSearchManufacturer) > 0 then 'Get rid of malicious HTML strSearch = validHTML(strSearch) strSearchType = validHTML(strSearchType) strSearchMin = validHTML(strSearchMin) strSearchMax = validHTML(strSearchMax) strSearchCat = validHTML(strSearchCat) strSearchBrand = validHTML(strSearchBrand) strSearchManufacturer = validHTML(strSearchManufacturer) 'Get rid of multiple spaces in keywords do until instr(strSearch," ") = 0 strSearch = replace(strSearch," "," ") loop 'After all this string manipulation, check the search is still valid if len(strSearch & strSearchMin & strSearchMax & strSearchCat & strSearchBrand & strSearchManufacturer) = 0 then Response.Clear errMsg = LangText("ErrInvSearch","") call closeDB() Response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(errMsg) end if 'Assign default values if strSearchType <> "AND" _ and strSearchType <> "OR" _ and strSearchType <> "PHR" then strSearchType = "OR" end if if not(isNumeric(strSearchMin)) then strSearchMin = 0 else strSearchMin = CDbl(strSearchMin) end if if not(isNumeric(strSearchMax)) then strSearchMax = 0 else strSearchMax = CDbl(strSearchMax) end if if not(isNumeric(strSearchCat)) then strSearchCat = 0 else strSearchCat = CInt(strSearchCat) end if if len(strSearchBrand) = 0 then strSearchBrand = "" brand = "" else mySQL = "SELECT name FROM " & tablePrefix & "brand WHERE idBrand = " & strSearchBrand set rsTemp = openRSexecute(mySQL) if not rsTemp.eof then brand = rsTemp("name") else brand = "" end if end if if len(strSearchManufacturer) = 0 then strSearchManufacturer = "" manufacturer = "" else mySQL = "SELECT name FROM " & tablePrefix & "manufacturer WHERE idManufacturer = " & strSearchManufacturer set rsTemp = openRSexecute(mySQL) if not rsTemp.eof then manufacturer = rsTemp("name") else manufacturer = "" end if end if ' ' Log the search ' if strSearchCat <> 0 then mySQL = "SELECT breadcrumb, categoryDesc FROM " & tablePrefix & "categories WHERE idCategory = " & strSearchCat set rsTemp = openRSexecute(mySQL) if not rsTemp.eof then breadcrumb = rsTemp("breadcrumb") & ">" & rsTemp("categoryDesc") end if else breadcrumb = "" end if mySQL = "INSERT INTO " & tablePrefix & "searchLog " _ & "(Category, MinPrice, MaxPrice, Keywords, Brand, Manufacturer, Created) " _ & "VALUES " _ & "('" & validSQL(breadcrumb,"A") & "'," & validSQL(strSearchMin,"D") & "," & validSQL(strSearchMax,"D") & ",'" & validSQL(strSearch,"A") & "','" & validSQL(brand,"A") & "','" & validSQL(manufacturer,"A") & "'," if dbType = 0 then mySQL = mySQL & "#" & Date() & "#)" else mySQL = mySQL & "'" & Date() & "')" end if set rsTemp = openRSexecute(mySQL) end if '--------------------------------- ' PARMS - Specials '--------------------------------- special = validHTML(Request.QueryString("special")) if len(special) > 0 and special <> "Y" then special = "N" end if wishlist = validHTML(Request.QueryString("wishlist")) if len(wishlist) > 0 and wishlist <> "Y" then wishlist = "N" end if favorites = validHTML(Request.QueryString("favorites")) if len(favorites) > 0 and favorites <> "Y" then favorites = "N" end if idbrand = validSQL(Request.QueryString("brand"),"I") idmanufacturer = validSQL(Request.QueryString("manufacturer"),"I") '--------------------------------- ' PARMS - Categories '--------------------------------- idCategory = Request.QueryString("idCategory") if len(idCategory) > 0 then 'Validate that Category is numeric if not IsNumeric(idCategory) then errMsg = LangText("ErrInvCategory","") call closeDB() Response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(errMsg) end if 'Validate that Category exists in DB mySQL = "SELECT idCategory, categoryDesc, categoryHTMLLong " _ & "FROM " & tablePrefix & "categories " _ & "WHERE idCategory = " & validSQL(idCategory,"I") set rsTemp = openRSexecute(mySQL) if rsTemp.eof then 'Give error errMsg = LangText("ErrInvCategory","") call closeDB() Response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(errMsg) else 'Get Category HTML (Long) categoryHTMLLong = trim(rsTemp("categoryHTMLLong")) categoryDesc = trim(rsTemp("categoryDesc")) end if call closeRS(rsTemp) end if '--------------------------------- ' PARMS - Validate '--------------------------------- if len(strSearch & strSearchMin & strSearchMax & strSearchCat & strSearchBrand & strSearchManufacturer) = 0 _ and len(special) = 0 _ and len(idCategory) = 0 _ and len(wishlist) = 0 _ and len(favorites) = 0 _ and len(idbrand) = 0 _ and len(idmanufacturer) = 0 then 'If no valid parms were passed, or the script was called without 'parms, then display the entire category tree. mySQL = "SELECT idCategory, categoryDesc " _ & "FROM " & tablePrefix & "categories " _ & "WHERE IdParentCategory = 0" set rsTemp = openRSexecute(mySQL) if rsTemp.eof then errMsg = LangText("ErrInvCategory","") & " / " & LangText("ErrInvSearch","") call closeDB() Response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(errMsg) else IDCategory = rsTemp("idCategory") categoryDesc = rsTemp("categoryDesc") end if call closeRS(rsTemp) end if if len(Request.QueryString("curPage")) > 0 and not isNumeric(Request.QueryString("curPage")) then errMsg = LangText("ErrInvParameter","Invalid Parameter") call closeDB() Response.redirect "sysMsg.asp?errMsg=" & server.URLEncode(errMsg) end if %> <% 'Close Database Connection call closeDB() '************************************************************************* 'Main Shopping Cart Display Area '************************************************************************* sub cartMain() %>

Shop Grid Left Sidebar

<% end sub %>