protected void Page_Load(object sender, System.EventArgs e)
{
StringBuilder writer = new StringBuilder();
Response.CacheControl = "private";
Response.Expires = 0;
Response.AddHeader("pragma", "no-cache");
int ONX = CommonLogic.QueryStringUSInt("OrderNumber");
Customer ThisCustomer = Context.GetCustomer();
int OrderCustomerID = 0;
String OriginalTransactionID = String.Empty;
String PM = String.Empty;
using (var dbconn = new SqlConnection(DB.GetDBConn()))
{
dbconn.Open();
using (var rs = DB.GetRS(String.Format("select CustomerID,AuthorizationPNREF,PaymentMethod from Orders with (NOLOCK) where OrderNumber={0}", ONX.ToString()), dbconn))
{
if (rs.Read())
{
OrderCustomerID = DB.RSFieldInt(rs, "CustomerID");
OriginalTransactionID = DB.RSField(rs, "AuthorizationPNREF");
PM = AppLogic.CleanPaymentMethod(DB.RSField(rs, "PaymentMethod"));
}
}
}
Customer OrderCustomer = new Customer(OrderCustomerID, true);
String GW = AppLogic.ActivePaymentGatewayCleaned();
if (PM == AppLogic.ro_PMPayPalExpress)
{
GW = Gateway.ro_GWPAYPAL;
}
bool GatewayRequiresCC = GatewayLoader.GetProcessor(GW).RequiresCCForFurtherProcessing();
writer.Append("<div class=\"white-ui-box\">");
if (!ThisCustomer.IsAdminUser)
{
writer.Append("<b><font color=red>" + AppLogic.GetString("admin.common.PermissionDeniedUC", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</b></font>");
}
else
{
if (ONX == 0 || OrderCustomerID == 0)
{
writer.Append("<div class=\"alert alert-danger\">" + AppLogic.GetString("adhoccharge.aspx.1", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
writer.Append("<p><a href=\"javascript:self.close();\">" + AppLogic.GetString("admin.common.Close", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</a></p>");
}
else
{
Address BillingAddress = new Address();
BillingAddress.LoadFromDB(OrderCustomer.PrimaryBillingAddressID);
if (CommonLogic.FormBool("IsSubmit") && CommonLogic.FormCanBeDangerousContent("OrderTotal").Trim().Length != 0)
{
Decimal OrderTotal = CommonLogic.FormNativeDecimal("OrderTotal");
String OrderDescription = CommonLogic.FormCanBeDangerousContent("Description");
AppLogic.TransactionTypeEnum OrderType = (AppLogic.TransactionTypeEnum)Enum.Parse(typeof(AppLogic.TransactionTypeEnum), CommonLogic.FormCanBeDangerousContent("OrderType"), true);
int NewOrderNumber = 0;
if (OrderType == AppLogic.TransactionTypeEnum.CHARGE)
{
if (CommonLogic.FormCanBeDangerousContent("CardNumber").Length < 4)
{
Security.LogEvent(AppLogic.GetString("admin.common.ViewedCreditCard.Success", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), String.Format(AppLogic.GetString("admin.adhoccharge.ViewedCardNumber", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Substring(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length).PadLeft(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length, '*'), ONX.ToString()), OrderCustomer.CustomerID, ThisCustomer.CustomerID, Convert.ToInt32(ThisCustomer.CurrentSessionID));
}
else
{
Security.LogEvent(AppLogic.GetString("admin.common.ViewedCreditCard.Success", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), String.Format(AppLogic.GetString("admin.adhoccharge.ViewedCardNumber", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Substring(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length - 4).PadLeft(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length, '*'), ONX.ToString()), OrderCustomer.CustomerID, ThisCustomer.CustomerID, Convert.ToInt32(ThisCustomer.CurrentSessionID));
}
}
// use the billing info in the form, as the store admin may have overridden what was in the db
// NOTE: we are NOT going to save this new updated billing info however, it is really up to the customer
// to change their billing info, or the store admin should edit their billing address in the customers account page area
BillingAddress.CardName = CommonLogic.FormCanBeDangerousContent("CardName");
// NOTE, this could be last4 at this point!! not a full CC #! that is ok, as this address will never be stored to the db anyway!
BillingAddress.CardNumber = CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "");
BillingAddress.CardType = CommonLogic.FormCanBeDangerousContent("CardType");
BillingAddress.CardExpirationMonth = CommonLogic.FormCanBeDangerousContent("CardExpirationMonth");
BillingAddress.CardExpirationYear = CommonLogic.FormCanBeDangerousContent("CardExpirationYear");
BillingAddress.CardStartDate = CommonLogic.FormCanBeDangerousContent("CardStartDate").Trim().Replace(" ", "").Replace("/", "").Replace("\\", "");
BillingAddress.CardIssueNumber = CommonLogic.FormCanBeDangerousContent("CardIssueNumber");
String CardExtraCode = CommonLogic.FormCanBeDangerousContent("CardExtraCode");
String Status = Gateway.MakeAdHocOrder(AppLogic.ActivePaymentGatewayCleaned(), ONX, OriginalTransactionID, OrderCustomer, BillingAddress, CardExtraCode, OrderTotal, OrderType, OrderDescription, out NewOrderNumber);
//PABP Required cleanup of in-memory objects
CardExtraCode = "11111";
CardExtraCode = "00000";
CardExtraCode = "11111";
CardExtraCode = String.Empty;
if (Status == AppLogic.ro_OK)
{
Response.Redirect(AppLogic.AdminLinkUrl("adhocchargecomplete.aspx") + "?ordernumber=" + NewOrderNumber.ToString());
}
else
{
Response.Write("<div class=\"alert alert-danger\">" + AppLogic.GetString("adhoccharge.aspx.3", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "<br/>" + Status + "</div>");
}
Response.Write("<p><a href=\"javascript:self.close();\">" + AppLogic.GetString("admin.common.Close", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</a></p>");
}
else
{
writer.Append("<script type=\"text/javascript\">\n");
writer.Append("var GatewayRequiresCC=" + CommonLogic.IIF(GatewayRequiresCC, "1", "0") + ";\n");
writer.Append("function getSelectedRadio(buttonGroup) {\n");
writer.Append(" // returns the array number of the selected radio button or -1 if no button is selected\n");
writer.Append(" if (buttonGroup[0]) { // if the button group is an array (one button is not an array)\n");
writer.Append(" for (var i=0; i<buttonGroup.length; i++) {\n");
writer.Append(" if (buttonGroup[i].checked) {\n");
writer.Append(" return i\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" } else {\n");
writer.Append(" if (buttonGroup.checked) { return 0; } // if the one button is checked, return zero\n");
writer.Append(" }\n");
writer.Append(" // if we get to this point, no radio button is selected\n");
writer.Append(" return -1;\n");
writer.Append("}");
writer.Append("\n");
writer.Append("function getSelectedRadioValue(buttonGroup) {\n");
writer.Append(" // returns the value of the selected radio button or '' if no button is selected\n");
writer.Append(" var i = getSelectedRadio(buttonGroup);\n");
writer.Append(" if (i == -1) {\n");
writer.Append(" return '';\n");
writer.Append(" } else {\n");
writer.Append(" if (buttonGroup[i]) { // Make sure the button group is an array (not just one button)\n");
writer.Append(" return buttonGroup[i].value;\n");
writer.Append(" } else { // The button group is just the one button, and it is checked\n");
writer.Append(" return buttonGroup.value;\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append("}");
writer.Append("\n");
writer.Append("function AdHocOrderTypeChanged()\n");
writer.Append("{\n");
writer.Append(" if(GatewayRequiresCC == 1 || getSelectedRadioValue(theForm.OrderType) == '" + AppLogic.TransactionTypeEnum.CHARGE.ToString() + "')\n");
writer.Append(" {\n");
writer.Append(" CCDiv.style.display = 'block';\n");
writer.Append(" }\n");
writer.Append(" else\n");
writer.Append(" {\n");
writer.Append(" CCDiv.style.display = 'none';\n");
writer.Append(" }\n");
writer.Append("}\n");
writer.Append("function AdHocChargeOrRefundForm_Validator(theForm)\n");
writer.Append("{\n");
writer.Append(" submitonce(theForm);\n");
writer.Append(" if(theForm.Description.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ AppLogic.GetString("adhoccharge.aspx.4", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "');\n");
writer.Append(" theForm.Description.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if((getSelectedRadioValue(theForm.OrderType) == '" + AppLogic.TransactionTypeEnum.CHARGE.ToString() + "') || (GatewayRequiresCC == 1 && getSelectedRadioValue(theForm.OrderType) == '" + AppLogic.TransactionTypeEnum.CREDIT.ToString() + "'))\n");
writer.Append(" {\n");
writer.Append(" if(theForm.CardName.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Name On Card") + "');\n");
writer.Append(" theForm.CardName.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardNumber.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Number") + "');\n");
writer.Append(" theForm.CardNumber.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(isNaN(theForm.CardNumber.value))\n");
writer.Append(" {\n");
writer.Append(" alert('"+ AppLogic.GetString("adhoccharge.aspx.28", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "');\n");
writer.Append(" theForm.CardNumber.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardExpirationMonth.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Expiration Month") + "');\n");
writer.Append(" theForm.CardExpirationMonth.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardExpirationYear.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Expiration Year") + "');\n");
writer.Append(" theForm.CardExpirationYear.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardType.selectedIndex < 1)\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Type") + "');\n");
writer.Append(" theForm.CardType.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (true);\n");
writer.Append("}\n");
writer.Append("</script>\n");
writer.Append(String.Format(AppLogic.GetString("adhoccharge.aspx.5", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), ONX.ToString()));
writer.Append("<p>" + AppLogic.GetString("adhoccharge.aspx.6", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</p>");
String CNM = BillingAddress.CardName;
String CN = BillingAddress.CardNumber;
String Last4 = String.Empty;
String CExpMonth = BillingAddress.CardExpirationMonth;
String CExpYear = BillingAddress.CardExpirationYear;
String CardType = BillingAddress.CardType;
if (CN.Length == 0)
{
// try to pull it from order record:
using (var dbconn = new SqlConnection(DB.GetDBConn()))
{
dbconn.Open();
using (var rs2 = DB.GetRS(String.Format("SELECT CardNumber, CardName, Last4, CardExpirationMonth, CardExpirationYear, CardNumber, CardType, {0} FROM Orders WHERE OrderNumber = {1}", AppLogic.AppConfig("OrdersCCSaltField"), ONX), dbconn))
{
if (rs2.Read())
{
CN = DB.RSField(rs2, "CardNumber");
CNM = DB.RSField(rs2, "CardName");
Last4 = DB.RSField(rs2, "Last4");
CExpMonth = DB.RSField(rs2, "CardExpirationMonth");
CExpYear = DB.RSField(rs2, "CardExpirationYear");
CN = DB.RSField(rs2, "CardNumber");
CN = Security.UnmungeString(CN, DB.RSField(rs2, AppLogic.AppConfig("OrdersCCSaltField")));
if (CN.StartsWith(Security.ro_DecryptFailedPrefix, StringComparison.InvariantCultureIgnoreCase))
{
CN = DB.RSField(rs2, "CardNumber");
}
CardType = DB.RSField(rs2, "CardType");
}
}
}
}
if (AppLogic.AppConfigBool("StoreCCInDB") && OrderCustomer.StoreCCInDB && CN.Length > 0)
{
Security.LogEvent(AppLogic.GetString("admin.common.ViewedCreditCard.Success", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), String.Format(AppLogic.GetString("admin.adhoccharge.ViewedCardNumber", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), CN.Replace("*", "").Substring(CN.Replace("*", "").Length - 4).PadLeft(CN.Replace("*", "").Length, '*'), ONX.ToString()), OrderCustomer.CustomerID, ThisCustomer.CustomerID, Convert.ToInt32(ThisCustomer.CurrentSessionID));
}
if (GatewayRequiresCC)
{
writer.Append("<div class=\"alert alert-info\">" + AppLogic.GetString("adhoccharge.aspx.11", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
}
else
{
writer.Append("<div class=\"alert alert-info\">" + AppLogic.GetString("adhoccharge.aspx.12", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
}
if (!OrderCustomer.StoreCCInDB)
{
writer.Append("<div class=\"alert alert-danger\">" + AppLogic.GetString("adhoccharge.aspx.13", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
}
if (CN.Length == 0 || CN == AppLogic.ro_CCNotStoredString)
{
writer.Append("<div class=\"alert alert-danger\">" + AppLogic.GetString("adhoccharge.aspx.14", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
}
if (OrderCustomer.PrimaryBillingAddressID == 0)
{
writer.Append("<div class=\"alert alert-danger\">" + AppLogic.GetString("adhoccharge.aspx.7", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
}
else if (CN.Length == 0 && Last4.Length == 0 && GW != Gateway.ro_GWPAYPAL)
{
writer.Append("<div class=\"alert alert-danger\">" + AppLogic.GetString("adhoccharge.aspx.8", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</div>");
}
else
{
if (CommonLogic.FormBool("IsSubmit") && CommonLogic.FormCanBeDangerousContent("OrderTotal").Trim().Length == 0)
{
writer.Append("<div class=\"alert alert-danger\">Please enter a valid charge amount</div>\n");
}
writer.Append("<form id=\"AdHocChargeOrRefundForm\" name=\"AdHocChargeOrRefundForm\" method=\"POST\" action=\"" + AppLogic.AdminLinkUrl("adhoccharge.aspx") + "?OrderNumber=" + ONX.ToString() + "\" >");
writer.Append(" <div class=\"item-action-bar\">");
writer.Append(" <input type=\"button\" value=\"" + AppLogic.GetString("admin.common.Close", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "\" name=\"B2\" onClick=\"javascript:self.close()\" class=\"btn btn-default\">");
writer.Append(" <input type=\"submit\" value=\"" + AppLogic.GetString("adhoccharge.aspx.21", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "\" name=\"B1\" class=\"btn btn-primary\">");
writer.Append(" </div>");
writer.Append("<input type=\"hidden\" name=\"IsSubmit\" value=\"true\">\n");
writer.Append("<table class=\"table\">");
writer.Append("<tr><td>" + AppLogic.GetString("adhoccharge.aspx.9", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + OriginalTransactionID.ToString() + "</td></tr>");
writer.Append("<tr><td>" + AppLogic.GetString("admin.label.CustomerID", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + OrderCustomer.CustomerID.ToString() + "</td></tr>");
writer.Append("<tr><td>" + AppLogic.GetString("admin.label.CustomerName", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + OrderCustomer.FullName() + "</td></tr>");
writer.Append("<tr><td>" + AppLogic.GetString("adhoccharge.aspx.27", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + BillingAddress.Phone + "</td></tr>");
writer.Append("<tr><td>" + AppLogic.GetString("adhoccharge.aspx.16", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>");
writer.Append("<input onClick=\"AdHocOrderTypeChanged()\" type=\"radio\" value=\"" + AppLogic.TransactionTypeEnum.CHARGE.ToString() + "\" id=\"ChargeOrderType\" name=\"OrderType\">" + AppLogic.GetString("adhoccharge.aspx.17", ThisCustomer.SkinID, ThisCustomer.LocaleSetting));
writer.Append(" ");
writer.Append("<input onClick=\"AdHocOrderTypeChanged()\" type=\"radio\" value=\"" + AppLogic.TransactionTypeEnum.CREDIT.ToString() + "\" id=\"RefundOrderType\" name=\"OrderType\" checked>" + AppLogic.GetString("adhoccharge.aspx.18", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td></tr>");
writer.Append("<tr><td>" + AppLogic.GetString("adhoccharge.aspx.19", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input type=\"text\" name=\"OrderTotal\" size=\"7\"><input type=\"hidden\" name=\"OrderTotal_vldt\" value=\"[req][number][blankalert=" + AppLogic.GetString("adhoccharge.aspx.26", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "][invalidalert=" + AppLogic.GetString("admin.common.ValidDollarAmountPrompt", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "]\"> (xx.xx format)</td></tr>");
writer.Append("<tr><td colspan=\"2\">");
writer.Append("<div id=\"CCDiv\" name=\"CCDiv\" style=\"display:" + CommonLogic.IIF(GatewayRequiresCC, "block", "none") + ";\">");
writer.Append("<table class=\"table\">");
writer.Append("<tr>");
writer.Append("<td align=\"right\">" + AppLogic.GetString("address.cs.31", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td>");
writer.Append("<td>\n");
writer.Append("<select size=\"1\" name=\"CardType\" id=\"CardType\">");
writer.Append("<option value=\"\">" + AppLogic.GetString("address.cs.32", ThisCustomer.SkinID, ThisCustomer.LocaleSetting));
using (var dbconn = new SqlConnection(DB.GetDBConn()))
{
dbconn.Open();
using (var rsCard = DB.GetRS("select * from creditcardtype with (NOLOCK) where Accepted=1 order by CardType", dbconn))
{
while (rsCard.Read())
{
writer.Append("<option value=\"" + DB.RSField(rsCard, "CardType") + "\" " + CommonLogic.IIF(CardType == DB.RSField(rsCard, "CardType"), " selected ", "") + ">" + DB.RSField(rsCard, "CardType") + "</option>\n");
}
}
}
writer.Append("</select>\n");
writer.Append("</td>");
writer.Append("</tr>");
writer.Append("<tr><td align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.10", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input size=\"20\" maxlength=\"100\" type=\"text\" name=\"CardName\" id=\"CardName\" value=\"" + CNM + "\"></td></tr>");
writer.Append("<tr><td align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.24", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input size=\"20\" maxlength=\"19\" type=\"text\" autocomplete=\"off\" name=\"CardNumber\" id=\"CardNumber\" value=\"" + CN + "\"> " + String.Format(AppLogic.GetString("admin.adhoccharge.OriginalOrderLastFour", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), Last4) + ")</td></tr>");
writer.Append("<tr><td align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.15", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input size=\"4\" maxlength=\"4\" type=\"text\" autocomplete=\"off\" name=\"CardExtraCode\" id=\"CardExtraCode\">");
writer.Append("<tr><td align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.25", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input type=\"text\" size=\"2\" maxlength=\"2\" name=\"CardExpirationMonth\" id=\"CardExpirationMonth\" value=\"" + CExpMonth + "\"> / <input size=\"4\" maxlength=\"4\" type=\"text\" name=\"CardExpirationYear\" id=\"CardExpirationYear\" value=\"" + CExpYear + "\"> (MM/YYYY)</td></tr>");
if (AppLogic.AppConfigBool("ShowCardStartDateFields"))
{
writer.Append("<tr><td align=\"right\">" + AppLogic.GetString("address.cs.59", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td><td><input type=\"text\" autocomplete=\"off\" name=\"CardStartDate\" id=\"CardStartDate\" size=\"5\" maxlength=\"20\"> " + AppLogic.GetString("address.cs.64", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td></tr>");
writer.Append("<tr><td align=\"right\">" + AppLogic.GetString("address.cs.61", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td><td><input type=\"text\" autocomplete=\"off\" name=\"CardIssueNumber\" id=\"CardIssueNumber\" size=\"25\" maxlength=\"25\"> " + AppLogic.GetString("address.cs.63", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td></tr>");
}
writer.Append("</table>");
writer.Append("</div>");
writer.Append("</td></tr>");
writer.Append("</table>");
writer.Append(" <p>" + AppLogic.GetString("adhoccharge.aspx.20", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </p>");
writer.Append(" <p><textarea class=\"text-multiline\" id=\"Description\" name=\"Description\" style=\"width: 90%\"></textarea></p>");
writer.Append(" <div class=\"item-action-bar\">");
writer.Append(" <input type=\"button\" value=\"" + AppLogic.GetString("admin.common.Close", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "\" name=\"B2\" onClick=\"javascript:self.close()\" class=\"btn btn-default\">");
writer.Append(" <input type=\"submit\" value=\"" + AppLogic.GetString("adhoccharge.aspx.21", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "\" name=\"B1\" onClick=\"return AdHocChargeOrRefundForm_Validator(this.form);\" class=\"btn btn-primary\">");
writer.Append(" </div>");
writer.Append("</form>");
}
}
}
}
writer.Append("</div>");
ltContent.Text = writer.ToString();
}
protected void Page_Load(object sender, System.EventArgs e)
{
StringBuilder writer = new StringBuilder();
Response.CacheControl = "private";
Response.Expires = 0;
Response.AddHeader("pragma", "no-cache");
/****************************************************************************/
// * WARNING TO DEVELOPERS
// * The redirect below is a SAFETY feature. Removing the redirect will not
// * enable ML-only features on a lower version of AspDotNetStorefront.
// * Attempting to do so can very easily result in a partially implemented
// * feature, invalid or incomplete data in your DB, and other serious
// * conditions that will cause your store to be non-functional.
// *
// * If you break your store attempting to enable ML-only features in PRO or
// * Standard, our staff cannot help you fix it, and it will also invalidate
// * your AspDotNetStorefront License.
/***************************************************************************/
if (!AppLogic.m_ProductIsML() && !AppLogic.ProductIsMLExpress())
{
Response.Redirect(AppLogic.AdminLinkUrl("restrictedfeature.aspx"));
}
int ONX = CommonLogic.QueryStringUSInt("OrderNumber");
Customer ThisCustomer = ((AspDotNetStorefrontPrincipal)Context.User).ThisCustomer;
int OrderCustomerID = 0;
String OriginalTransactionID = String.Empty;
String PM = String.Empty;
using (SqlConnection dbconn = new SqlConnection(DB.GetDBConn()))
{
dbconn.Open();
using (IDataReader rs = DB.GetRS(String.Format("select CustomerID,AuthorizationPNREF,PaymentMethod from Orders with (NOLOCK) where OrderNumber={0}", ONX.ToString()), dbconn))
{
if (rs.Read())
{
OrderCustomerID = DB.RSFieldInt(rs, "CustomerID");
OriginalTransactionID = DB.RSField(rs, "AuthorizationPNREF");
PM = AppLogic.CleanPaymentMethod(DB.RSField(rs, "PaymentMethod"));
}
}
}
Customer OrderCustomer = new Customer(OrderCustomerID, true);
String GW = AppLogic.ActivePaymentGatewayCleaned();
if (PM == AppLogic.ro_PMPayPal || PM == AppLogic.ro_PMPayPalExpress)
{
GW = Gateway.ro_GWPAYPAL;
}
bool GatewayRequiresCC = GatewayLoader.GetProcessor(GW).RequiresCCForFurtherProcessing();
writer.Append("<div style=\"margin-left: 10px;\" align=\"left\">");
if (!ThisCustomer.IsAdminUser)
{
writer.Append("<b><font color=red>" + AppLogic.GetString("admin.common.PermissionDeniedUC", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</b></font>");
}
else
{
if (ONX == 0 || OrderCustomerID == 0)
{
writer.Append("<p><b><font color=red>" + AppLogic.GetString("adhoccharge.aspx.1", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
writer.Append("<p><a href=\"javascript:self.close();\">" + AppLogic.GetString("admin.common.Close", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</a></p>");
}
else
{
Address BillingAddress = new Address();
BillingAddress.LoadFromDB(OrderCustomer.PrimaryBillingAddressID);
if (CommonLogic.FormBool("IsSubmit"))
{
if (CommonLogic.FormCanBeDangerousContent("OrderTotal").Trim().Length != 0)
{
Decimal OrderTotal = CommonLogic.FormNativeDecimal("OrderTotal");
String OrderDescription = CommonLogic.FormCanBeDangerousContent("Description");
AppLogic.TransactionTypeEnum OrderType = (AppLogic.TransactionTypeEnum)Enum.Parse(typeof(AppLogic.TransactionTypeEnum), CommonLogic.FormCanBeDangerousContent("OrderType"), true);
int NewOrderNumber = 0;
if (OrderType == AppLogic.TransactionTypeEnum.CHARGE)
{
if (CommonLogic.FormCanBeDangerousContent("CardNumber").Length < 4)
{
Security.LogEvent(AppLogic.GetString("admin.common.ViewedCreditCard", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), String.Format(AppLogic.GetString("admin.adhoccharge.ViewedCardNumber", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Substring(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length).PadLeft(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length, '*'), ONX.ToString()), OrderCustomer.CustomerID, ThisCustomer.CustomerID, Convert.ToInt32(ThisCustomer.CurrentSessionID));
}
else
{
Security.LogEvent(AppLogic.GetString("admin.common.ViewedCreditCard", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), String.Format(AppLogic.GetString("admin.adhoccharge.ViewedCardNumber", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Substring(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length - 4).PadLeft(CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "").Length, '*'), ONX.ToString()), OrderCustomer.CustomerID, ThisCustomer.CustomerID, Convert.ToInt32(ThisCustomer.CurrentSessionID));
}
}
// use the billing info in the form, as the store admin may have overridden what was in the db
// NOTE: we are NOT going to save this new updated billing info however, it is really up to the customer
// to change their billing info, or the store admin should edit their billing address in the customers account page area
BillingAddress.CardName = CommonLogic.FormCanBeDangerousContent("CardName");
// NOTE, this could be last4 at this point!! not a full CC #! that is ok, as this address will never be stored to the db anyway!
BillingAddress.CardNumber = CommonLogic.FormCanBeDangerousContent("CardNumber").Replace("*", "");
BillingAddress.CardType = CommonLogic.FormCanBeDangerousContent("CardType");
BillingAddress.CardExpirationMonth = CommonLogic.FormCanBeDangerousContent("CardExpirationMonth");
BillingAddress.CardExpirationYear = CommonLogic.FormCanBeDangerousContent("CardExpirationYear");
BillingAddress.CardStartDate = CommonLogic.FormCanBeDangerousContent("CardStartDate").Trim().Replace(" ", "").Replace("/", "").Replace("\\", "");
BillingAddress.CardIssueNumber = CommonLogic.FormCanBeDangerousContent("CardIssueNumber");
String CardExtraCode = CommonLogic.FormCanBeDangerousContent("CardExtraCode");
String Status = Gateway.MakeAdHocOrder(AppLogic.ActivePaymentGatewayCleaned(), ONX, OriginalTransactionID, OrderCustomer, BillingAddress, CardExtraCode, OrderTotal, OrderType, OrderDescription, out NewOrderNumber);
//PABP Required cleanup of in-memory objects
CardExtraCode = "11111";
CardExtraCode = "00000";
CardExtraCode = "11111";
CardExtraCode = String.Empty;
if (Status == AppLogic.ro_OK)
{
DB.ExecuteSQL("update orders set IsNew=0 where ParentOrderNumber IS NOT NULL"); // any "ad hoc" orders should not be new. so this is a safety check to force that.
Response.Redirect(AppLogic.AdminLinkUrl("adhocchargecomplete.aspx") + "?ordernumber=" + NewOrderNumber.ToString());
}
else
{
Response.Write("<p><b><font color=red>" + AppLogic.GetString("adhoccharge.aspx.3", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "<br/>" + Status + "</font></b></p>");
}
Response.Write("<p><a href=\"javascript:self.close();\">" + AppLogic.GetString("admin.common.Close", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</a></p>");
}
}
else
{
writer.Append("<script type=\"text/javascript\">\n");
writer.Append("var GatewayRequiresCC=" + CommonLogic.IIF(GatewayRequiresCC, "1", "0") + ";\n");
writer.Append("function getSelectedRadio(buttonGroup) {\n");
writer.Append(" // returns the array number of the selected radio button or -1 if no button is selected\n");
writer.Append(" if (buttonGroup[0]) { // if the button group is an array (one button is not an array)\n");
writer.Append(" for (var i=0; i<buttonGroup.length; i++) {\n");
writer.Append(" if (buttonGroup[i].checked) {\n");
writer.Append(" return i\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" } else {\n");
writer.Append(" if (buttonGroup.checked) { return 0; } // if the one button is checked, return zero\n");
writer.Append(" }\n");
writer.Append(" // if we get to this point, no radio button is selected\n");
writer.Append(" return -1;\n");
writer.Append("}");
writer.Append("\n");
writer.Append("function getSelectedRadioValue(buttonGroup) {\n");
writer.Append(" // returns the value of the selected radio button or '' if no button is selected\n");
writer.Append(" var i = getSelectedRadio(buttonGroup);\n");
writer.Append(" if (i == -1) {\n");
writer.Append(" return '';\n");
writer.Append(" } else {\n");
writer.Append(" if (buttonGroup[i]) { // Make sure the button group is an array (not just one button)\n");
writer.Append(" return buttonGroup[i].value;\n");
writer.Append(" } else { // The button group is just the one button, and it is checked\n");
writer.Append(" return buttonGroup.value;\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append("}");
writer.Append("\n");
writer.Append("function getSelectedCheckbox(buttonGroup) {\n");
writer.Append(" // Go through all the check boxes. return an array of all the ones\n");
writer.Append(" // that are selected (their position numbers). if no boxes were checked,\n");
writer.Append(" // returned array will be empty (length will be zero)\n");
writer.Append(" var retArr = new Array();\n");
writer.Append(" var lastElement = 0;\n");
writer.Append(" if (buttonGroup[0]) { // if the button group is an array (one check box is not an array)\n");
writer.Append(" for (var i=0; i<buttonGroup.length; i++) {\n");
writer.Append(" if (buttonGroup[i].checked) {\n");
writer.Append(" retArr.length = lastElement;\n");
writer.Append(" retArr[lastElement] = i;\n");
writer.Append(" lastElement++;\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" } else { // There is only one check box (it's not an array)\n");
writer.Append(" if (buttonGroup.checked) { // if the one check box is checked\n");
writer.Append(" retArr.length = lastElement;\n");
writer.Append(" retArr[lastElement] = 0; // return zero as the only array value\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" return retArr;\n");
writer.Append("}");
writer.Append("\n");
writer.Append("function getSelectedCheckboxValue(buttonGroup) {\n");
writer.Append(" // return an array of values selected in the check box group. if no boxes\n");
writer.Append(" // were checked, returned array will be empty (length will be zero)\n");
writer.Append(" var retArr = new Array(); // set up empty array for the return values\n");
writer.Append(" var selectedItems = getSelectedCheckbox(buttonGroup);\n");
writer.Append(" if (selectedItems.length != 0) { // if there was something selected\n");
writer.Append(" retArr.length = selectedItems.length;\n");
writer.Append(" for (var i=0; i<selectedItems.length; i++) {\n");
writer.Append(" if (buttonGroup[selectedItems[i]]) { // Make sure it's an array\n");
writer.Append(" retArr[i] = buttonGroup[selectedItems[i]].value;\n");
writer.Append(" } else { // It's not an array (there's just one check box and it's selected)\n");
writer.Append(" retArr[i] = buttonGroup.value;// return that value\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" return retArr;\n");
writer.Append("}");
writer.Append("function AdHocOrderTypeChanged(theForm)\n");
writer.Append("{\n");
writer.Append(" if(GatewayRequiresCC == 1 || getSelectedRadioValue(theForm.OrderType) == '" + AppLogic.TransactionTypeEnum.CHARGE.ToString() + "')\n");
writer.Append(" {\n");
writer.Append(" CCDiv.style.display = 'block';\n");
writer.Append(" }\n");
writer.Append(" else\n");
writer.Append(" {\n");
writer.Append(" CCDiv.style.display = 'none';\n");
writer.Append(" }\n");
writer.Append("}\n");
writer.Append("function AdHocChargeOrRefundForm_Validator(theForm)\n");
writer.Append("{\n");
writer.Append(" submitonce(theForm);\n");
writer.Append(" if(theForm.Description.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ AppLogic.GetString("adhoccharge.aspx.4", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "');\n");
writer.Append(" theForm.Description.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if((getSelectedRadioValue(theForm.OrderType) == '" + AppLogic.TransactionTypeEnum.CHARGE.ToString() + "') || (GatewayRequiresCC == 1 && getSelectedRadioValue(theForm.OrderType) == '" + AppLogic.TransactionTypeEnum.CREDIT.ToString() + "'))\n");
writer.Append(" {\n");
writer.Append(" if(theForm.CardName.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Name On Card") + "');\n");
writer.Append(" theForm.CardName.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardNumber.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Number") + "');\n");
writer.Append(" theForm.CardNumber.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(isNaN(theForm.CardNumber.value))\n");
writer.Append(" {\n");
writer.Append(" alert('"+ AppLogic.GetString("adhoccharge.aspx.28", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "');\n");
writer.Append(" theForm.CardNumber.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(document.getElementById(\"CardNumber\").value.length <15)\n");
writer.Append(" {\n");
writer.Append(" alert('"+ AppLogic.GetString("adhoccharge.aspx.29", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "');\n");
writer.Append(" theForm.CardNumber.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardExpirationMonth.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Expiration Month") + "');\n");
writer.Append(" theForm.CardExpirationMonth.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardExpirationYear.value == '')\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Expiration Year") + "');\n");
writer.Append(" theForm.CardExpirationYear.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" if(theForm.CardType.selectedIndex < 1)\n");
writer.Append(" {\n");
writer.Append(" alert('"+ String.Format(AppLogic.GetString("adhoccharge.aspx.22", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), "Card Type") + "');\n");
writer.Append(" theForm.CardType.focus();\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (false);\n");
writer.Append(" }\n");
writer.Append(" }\n");
writer.Append(" submitenabled(theForm);\n");
writer.Append(" return (true);\n");
writer.Append("}\n");
writer.Append("</script>\n");
writer.Append(String.Format(AppLogic.GetString("adhoccharge.aspx.5", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), ONX.ToString()));
writer.Append("<p>" + AppLogic.GetString("adhoccharge.aspx.6", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</p>");
String CNM = BillingAddress.CardName;
String CN = BillingAddress.CardNumber;
String Last4 = String.Empty;
String CExpMonth = BillingAddress.CardExpirationMonth;
String CExpYear = BillingAddress.CardExpirationYear;
String CardType = BillingAddress.CardType;
if (CN.Length == 0)
{
// try to pull it from order record:
using (SqlConnection dbconn = new SqlConnection(DB.GetDBConn()))
{
dbconn.Open();
using (IDataReader rs2 = DB.GetRS("select * from Orders with (NOLOCK) where OrderNumber=" + ONX.ToString(), dbconn))
{
if (rs2.Read())
{
CN = DB.RSField(rs2, "CardNumber");
CNM = DB.RSField(rs2, "CardName");
Last4 = DB.RSField(rs2, "Last4");
CExpMonth = DB.RSField(rs2, "CardExpirationMonth");
CExpYear = DB.RSField(rs2, "CardExpirationYear");
CN = DB.RSField(rs2, "CardNumber");
CN = Security.UnmungeString(CN, DB.RSField(rs2, AppLogic.AppConfig("OrdersCCSaltField")));
if (CN.StartsWith(Security.ro_DecryptFailedPrefix, StringComparison.InvariantCultureIgnoreCase))
{
CN = DB.RSField(rs2, "CardNumber");
}
CardType = DB.RSField(rs2, "CardType");
}
}
}
}
if (AppLogic.ProductIsMLExpress() == false)
{
if (AppLogic.AppConfigBool("StoreCCInDB") && OrderCustomer.StoreCCInDB && CN.Length > 0)
{
Security.LogEvent(AppLogic.GetString("admin.common.ViewedCreditCard", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), String.Format(AppLogic.GetString("admin.adhoccharge.ViewedCardNumber", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), CN.Replace("*", "").Substring(CN.Replace("*", "").Length - 4).PadLeft(CN.Replace("*", "").Length, '*'), ONX.ToString()), OrderCustomer.CustomerID, ThisCustomer.CustomerID, Convert.ToInt32(ThisCustomer.CurrentSessionID));
}
}
if (GatewayRequiresCC)
{
writer.Append("<p><b><font color=blue>" + AppLogic.GetString("adhoccharge.aspx.11", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
}
else
{
writer.Append("<p><b><font color=blue>" + AppLogic.GetString("adhoccharge.aspx.12", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
}
if (!OrderCustomer.StoreCCInDB)
{
writer.Append("<p><b><font color=red>" + AppLogic.GetString("adhoccharge.aspx.13", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
}
if (CN.Length == 0 || CN == AppLogic.ro_CCNotStoredString)
{
writer.Append("<p><b><font color=red>" + AppLogic.GetString("adhoccharge.aspx.14", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
}
if (OrderCustomer.PrimaryBillingAddressID == 0)
{
writer.Append("<p><b><font color=red>" + AppLogic.GetString("adhoccharge.aspx.7", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
}
else if (CN.Length == 0 && Last4.Length == 0 && GW != Gateway.ro_GWPAYPAL)
{
writer.Append("<p><b><font color=red>" + AppLogic.GetString("adhoccharge.aspx.8", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</font></b></p>");
}
else
{
writer.Append("<form id=\"AdHocChargeOrRefundForm\" name=\"AdHocChargeOrRefundForm\" method=\"POST\" action=\"" + AppLogic.AdminLinkUrl("adhoccharge.aspx") + "?OrderNumber=" + ONX.ToString() + "\" onsubmit=\"return (validateForm(this) && AdHocChargeOrRefundForm_Validator(this))\" >");
writer.Append("<input type=\"hidden\" name=\"IsSubmit\" value=\"true\">\n");
writer.Append("<table cellpadding=\"2\" cellspacing=\"0\" border=\"0\" width=\"100%\">");
writer.Append("<tr><td width=\"40%\" valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.9", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + OriginalTransactionID.ToString() + "</td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("admin.label.CustomerID", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + OrderCustomer.CustomerID.ToString() + "</td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("admin.label.CustomerName", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + OrderCustomer.FullName() + "</td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.27", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>" + BillingAddress.Phone + "</td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.16", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td>");
writer.Append("<input onClick=\"AdHocOrderTypeChanged(AdHocChargeOrRefundForm)\" type=\"radio\" value=\"" + AppLogic.TransactionTypeEnum.CHARGE.ToString() + "\" id=\"ChargeOrderType\" name=\"OrderType\">" + AppLogic.GetString("adhoccharge.aspx.17", ThisCustomer.SkinID, ThisCustomer.LocaleSetting));
writer.Append(" ");
writer.Append("<input onClick=\"AdHocOrderTypeChanged(AdHocChargeOrRefundForm)\" type=\"radio\" value=\"" + AppLogic.TransactionTypeEnum.CREDIT.ToString() + "\" id=\"RefundOrderType\" name=\"OrderType\" checked>" + AppLogic.GetString("adhoccharge.aspx.18", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.19", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input type=\"text\" name=\"OrderTotal\" size=\"7\"><input type=\"hidden\" name=\"OrderTotal_vldt\" value=\"[req][number][blankalert=" + AppLogic.GetString("adhoccharge.aspx.26", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "][invalidalert=" + AppLogic.GetString("admin.common.ValidDollarAmountPrompt", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "]\"> (xx.xx format)</td></tr>");
writer.Append("<tr><td colspan=\"2\">");
writer.Append("<div id=\"CCDiv\" name=\"CCDiv\" style=\"display:" + CommonLogic.IIF(GatewayRequiresCC, "block", "none") + ";\">");
writer.Append("<table cellpadding=\"2\" cellspacing=\"0\" border=\"0\" width=\"100%\">");
writer.Append("<tr>");
writer.Append("<td width=\"40%\" align=\"right\" valign=\"middle\">" + AppLogic.GetString("address.cs.31", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td>");
writer.Append("<td align=\"left\" valign=\"middle\">\n");
writer.Append("<select size=\"1\" name=\"CardType\" id=\"CardType\">");
writer.Append("<option value=\"\">" + AppLogic.GetString("address.cs.32", ThisCustomer.SkinID, ThisCustomer.LocaleSetting));
using (SqlConnection dbconn = new SqlConnection(DB.GetDBConn()))
{
dbconn.Open();
using (IDataReader rsCard = DB.GetRS("select * from creditcardtype with (NOLOCK) where Accepted=1 order by CardType", dbconn))
{
while (rsCard.Read())
{
writer.Append("<option value=\"" + DB.RSField(rsCard, "CardType") + "\" " + CommonLogic.IIF(CardType == DB.RSField(rsCard, "CardType"), " selected ", "") + ">" + DB.RSField(rsCard, "CardType") + "</option>\n");
}
}
}
writer.Append("</select>\n");
writer.Append("</td>");
writer.Append("</tr>");
writer.Append("<tr><td width=\"40%\" valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.10", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input size=\"20\" maxlength=\"100\" type=\"text\" name=\"CardName\" id=\"CardName\" value=\"" + CNM + "\"></td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.24", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input size=\"20\" maxlength=\"16\" type=\"text\" autocomplete=\"off\" name=\"CardNumber\" id=\"CardNumber\" value=\"" + CN + "\"> " + String.Format(AppLogic.GetString("admin.adhoccharge.OriginalOrderLastFour", ThisCustomer.SkinID, ThisCustomer.LocaleSetting), Last4) + ")</td></tr>");
writer.Append("<tr><td valign =\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.15", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input size=\"4\" maxlength=\"4\" type=\"text\" autocomplete=\"off\" name=\"CardExtraCode\" id=\"CardExtraCode\">");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("adhoccharge.aspx.25", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </td><td><input type=\"text\" size=\"2\" maxlength=\"2\" name=\"CardExpirationMonth\" id=\"CardExpirationMonth\" value=\"" + CExpMonth + "\"> / <input size=\"4\" maxlength=\"4\" type=\"text\" name=\"CardExpirationYear\" id=\"CardExpirationYear\" value=\"" + CExpYear + "\"> (MM/YYYY)</td></tr>");
if (AppLogic.AppConfigBool("ShowCardStartDateFields"))
{
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("address.cs.59", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td><td><input type=\"text\" autocomplete=\"off\" name=\"CardStartDate\" id=\"CardStartDate\" size=\"5\" maxlength=\"20\"> " + AppLogic.GetString("address.cs.64", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td></tr>");
writer.Append("<tr><td valign=\"middle\" align=\"right\">" + AppLogic.GetString("address.cs.61", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td><td><input type=\"text\" autocomplete=\"off\" name=\"CardIssueNumber\" id=\"CardIssueNumber\" size=\"2\" maxlength=\"2\"> " + AppLogic.GetString("address.cs.63", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "</td></tr>");
}
writer.Append("</table>");
writer.Append("</div>");
writer.Append("</td></tr>");
writer.Append("</table>");
writer.Append(" <p>" + AppLogic.GetString("adhoccharge.aspx.20", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + " </p>");
writer.Append(" <p><textarea rows=\"8\" id=\"Description\" name=\"Description\" style=\"width: 90%\"></textarea></p>");
writer.Append(" <p align=\"center\"><input type=\"submit\" value=\"" + AppLogic.GetString("adhoccharge.aspx.21", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "\" name=\"B1\" class=\"normalButtons\"> <input type=\"button\" value=\"" + AppLogic.GetString("admin.common.Cancel", ThisCustomer.SkinID, ThisCustomer.LocaleSetting) + "\" name=\"B2\" onClick=\"javascript:self.close()\" class=\"normalButtons\"></p>");
writer.Append("</form>");
}
}
}
}
writer.Append("</div>");
ltContent.Text = writer.ToString();
}
/// <summary>
/// Creates the Where Clause based on the Qualification fields.
/// </summary>
public string WhereClause()
{
string result = "1=1";
string sQuery = " and ({0}={1})";
if (ddAffiliate.SelectedItem != null)
{
if (ddAffiliate.SelectedValue != "0" && ddAffiliate.SelectedItem.Text.Length != 0)
{
result += String.Format(sQuery, "AffiliateID", ddAffiliate.SelectedValue);
}
}
if (ddCouponCode.SelectedItem != null)
{
if (ddCouponCode.SelectedValue != "-" && ddCouponCode.SelectedItem.Text.Length != 0)
{
result += String.Format(sQuery, "CouponCode", DB.SQuote(ddCouponCode.SelectedValue));
}
}
if (ddPromotion.SelectedItem != null && ddPromotion.SelectedValue != "-" && ddPromotion.SelectedItem.Text.Length != 0)
{
int promotionID;
if (int.TryParse(ddPromotion.SelectedValue, out promotionID))
{
result += " and ordernumber in (select orderid from promotionusage where promotionid = " + promotionID + ") ";
}
}
if (ddShippingState.SelectedItem != null)
{
if (ddShippingState.SelectedValue != "-" && ddShippingState.SelectedItem.Text.Length != 0)
{
result += String.Format(sQuery, "ShippingState", DB.SQuote(ddShippingState.SelectedValue));
}
}
if (rbNewOrdersOnly.SelectedValue == "1")
{
result += String.Format(sQuery, "IsNew", 1);
}
if (txtEMail.Text.Trim().Length != 0)
{
result += String.Format(" and (EMail like {0})", DB.SQuote("%" + txtEMail.Text.Trim() + "%"));
}
if (txtCustomerID.Text.Trim().Length != 0)
{
result += String.Format(sQuery, "CustomerID", txtCustomerID.Text.Trim());
}
if (txtOrderNumber.Text.Trim().Length != 0)
{
result += String.Format(" and (OrderNumber like {0} or AuthorizationPNREF like {1} or RecurringSubscriptionID like {2})", DB.SQuote("%" + txtOrderNumber.Text.Trim() + "%"), DB.SQuote("%" + txtOrderNumber.Text.Trim() + "%"), DB.SQuote("%" + txtOrderNumber.Text.Trim() + "%"));
}
if (txtCreditCardNumber.Text.Trim().Length != 0)
{
result += String.Format(" and ((convert(nvarchar(4000),{0})={1})", "CardNumber", DB.SQuote(Security.MungeString(txtCreditCardNumber.Text.Trim(), Order.StaticGetSaltKey(0))));
if (txtCreditCardNumber.Text.Trim().Length == 4)
{
result += String.Format(" or (convert(nvarchar(4000),{0})={1})", "Last4", DB.SQuote(txtCreditCardNumber.Text.Trim()));
}
result += ")";
}
if (txtCustomerName.Text.Trim().Length != 0)
{
result += String.Format(" and ((FirstName + ' ' + LastName) like {0})", DB.SQuote(txtCustomerName.Text.Trim()));
result += String.Format("or ((FirstName) like {0})", DB.SQuote(txtCustomerName.Text.Trim()));
result += String.Format("or ((LastName) like {0})", DB.SQuote(txtCustomerName.Text.Trim()));
}
if (txtCompany.Text.Trim().Length != 0)
{
result += String.Format(" and (ShippingCompany like {0} or BillingCompany like {0})", DB.SQuote("%" + txtCompany.Text.Trim() + "%"));
}
if (TransactionState.SelectedValue != "-")
{
result += String.Format(" and TransactionState={0}", DB.SQuote(TransactionState.SelectedValue));
}
if (TransactionType.SelectedValue != "-")
{
AppLogic.TransactionTypeEnum tt = (AppLogic.TransactionTypeEnum)Enum.Parse(typeof(AppLogic.TransactionTypeEnum), TransactionType.SelectedValue, true);
result += String.Format(" and TransactionType={0}", (int)tt);
}
if (ProductMatchRow.Visible)
{
if (ProductMatch.SelectedValue != "-")
{
result +=
String.Format(
" and OrderNumber in (select ordernumber from orders_shoppingcart where productid={0})",
DB.SQuote(ProductMatch.SelectedValue));
}
}
if (!String.IsNullOrEmpty(txtProductSKU.Text))
{
result += string.Format(" and OrderNumber in (select distinct ordernumber from orders_shoppingcart where OrderedProductSKU = {0}) ", DB.SQuote(txtProductSKU.Text.Trim()));
}
if (!string.IsNullOrEmpty(txtPriceRangeHigh.Text) && !string.IsNullOrEmpty(txtPriceRangeLow.Text))
{
decimal highprice;
decimal lowprice;
if (Decimal.TryParse(txtPriceRangeHigh.Text.Replace("$", "").Trim(), out highprice) && Decimal.TryParse(txtPriceRangeLow.Text.Replace("$", "").Trim(), out lowprice))
{
if (lowprice > highprice)
{
decimal holder = highprice;
highprice = lowprice;
lowprice = holder;
}
result += string.Format(" and ordertotal >= {0} and ordertotal <= {1} ", lowprice, highprice);
}
}
if (ddPaymentMethod.SelectedValue != "-")
{
String PM = AppLogic.CleanPaymentMethod(ddPaymentMethod.SelectedValue);
if (PM == AppLogic.ro_PMCreditCard)
{
result += String.Format(" and (PaymentMethod={0} or (PaymentGateway is not null and upper(PaymentGateway)=" + DB.SQuote(AppLogic.ro_PMPayPal) + "))", DB.SQuote(ddPaymentMethod.SelectedValue));
}
if (PM == "GOOGLECHECKOUT") //not defined in AppLogic
{
result += String.Format(" and (PaymentGateway is not null and PaymentGateway LIKE 'Google%')");
}
if (PM == "CHECKOUTBYAMAZON") //not defined in AppLogic
{
result += String.Format(" and (PaymentMethod = {0})", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMPayPal)
{
result += String.Format(" and (PaymentMethod={0} or upper(PaymentGateway)={1})", DB.SQuote(ddPaymentMethod.SelectedValue), DB.SQuote(AppLogic.ro_PMPayPal));
}
else if (PM == AppLogic.ro_PMPayPalExpress)
{
result += String.Format(" and (PaymentMethod={0} or upper(PaymentGateway)={1})", DB.SQuote(ddPaymentMethod.SelectedValue), DB.SQuote(AppLogic.ro_PMPayPalExpress));
}
else if (PM == AppLogic.ro_PMPurchaseOrder)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMCODMoneyOrder)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMCODCompanyCheck)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMCODNet30)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMRequestQuote)
{
result += String.Format(" and (PaymentMethod={0} or QuotECheckout<>0)", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMCheckByMail)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMCOD)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMECheck)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMCardinalMyECheck)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
else if (PM == AppLogic.ro_PMMicropay)
{
result += String.Format(sQuery, "PaymentMethod", DB.SQuote(ddPaymentMethod.SelectedValue));
}
}
return(result);
}
