<% if request.form("add") = "yes" then if request.form("freebtn") = "Submit for FREE" then SQLUpdate = "UPDATE Forces_Properties SET Paid = 'yes' WHERE PropertyID = '"&killchars(request.form("propertyid"))&"' " MyConn.execute(SQLUpdate) response.redirect "property-preview.asp?st=done&idst="&request.form("propertyid") else GETInfo = "SELECT * FROM Forces_Registrants WHERE AccountID = '"&session("AccountID")&"' " SET RSInfo = MyConn.execute(GETInfo) '** retrieve the information posted from the previous form. ThisVendorTxCode= request.form("propertyid") ThisAmount= FormatNumber(request.form("finalprice"),2) ThisCurrency= "GBP" ThisDescription= "Forcesnoticeboards" ThisShoppingBasket="OFF" ThisCustomeremail= RSInfo("Email") ThisCustomerName= RSInfo("FirstName")&" "&RSInfo("LastName") ThisVendoremail= "customerservices@forcesnoticeboards.com" ThisBillingAddress= RSInfo("Location") ThisDeliveryAddress = "" 'ThisBillingAddress ThisBillingPostCode= RSInfo("Location") ThisDeliveryPostCode = "" 'ThisBillingPostCode '** new 2.22 fields ThisContactNumber = RSInfo("TelNo") ThisContactFax = "" ThisAllowGiftAid = "0" ThisApplyAVSCV2 = "" ThisApply3DSecure = "" ' ** Build the crypt string plaintext ** stuff = "VendorTxCode=" & ThisVendorTxCode & "&" stuff = stuff & "Amount=" & ThisAmount & "&" stuff = stuff & "Currency=" & ThisCurrency & "&" stuff = stuff & "Description=" & ThisDescription & "&" stuff = stuff & "SuccessURL=" & MyServer & "completed.asp&" stuff = stuff & "FailureURL=" & MyServer & "notcompleted.asp&" if ThisCustomerEMail<>"" then stuff = stuff & "CustomerEMail=" & ThisCustomerEmail & "&" end if if ThisVendorEMail<>"" then stuff = stuff & "VendorEMail=" & ThisVendorEmail & "&" end if if ThisCustomerName<>"" then stuff = stuff & "CustomerName=" & ThisCustomerName & "&" end if if ThisDeliveryAddress<>"" then stuff = stuff & "DeliveryAddress=" & ThisDeliveryAddress & "&" stuff = stuff & "DeliveryPostCode=" & ThisDeliveryPostCode & "&" end if if ThisBillingAddress<>"" then stuff = stuff & "BillingAddress=" & ThisBillingAddress & "&" stuff = stuff & "BillingPostCode=" & ThisBillingPostCode & "&" end if ' ** new 2.22 fields if ThisContactNumber <> "" then stuff = stuff & "ContactNumber=" & ThisContactNumber & "&" end if if ThisAllowGiftAid <> "" then stuff = stuff & "AllowGiftAid=" & ThisAllowGiftAid & "&" end if if ThisApplyAVSCV2 <> "" then stuff = stuff & "ApplyAVSCV2=" & ThisApplyAVSCV2 & "&" end if if ThisApply3DSecure <> "" then stuff = stuff & "Apply3DSecure=" & ThisApply3DSecure & "&" end if stuff = stuff & "EMailMessage=" ' ** Encrypt the plaintext string for inclusion in the hidden field ** crypt = base64Encode(SimpleXor(stuff,EncryptionPassword)) '4929000000006 %>
>
<%end if end if%>

UPLOAD YOUR PROPERTY

<%if request("st")="done" then%>

Thank you for advertising your property on our noticeboard.

">Click here to view your listing.

<%else Set MyCmd1 = Server.CreateObject("ADODB.Command") MyCmd1.ActiveConnection = MyConn MyCmd1.CommandText = "SELECT * FROM Forces_Properties WHERE PropertyID = ?" MyCmd1.Parameters.Append MyCmd1.CreateParameter("", 3, 1, , request("id")) Set RSInfo = Server.CreateObject("ADODB.RecordSet") RSInfo.Open MyCmd1 Do While Not RSInfo.EOF%>
Upload your property

"> <%if RSInfo("PropertyType") = "tolet" then saytype = "To Let" costp = 15 else saytype = "For Sale" costp = 20 end if%> <%if RSInfo("thumb1") <> "" then%> <%end if%> <%if RSInfo("thumb2") <> "" then%> <%end if%> <%if RSInfo("thumb3") <> "" then%> <%end if%> <%'if RSFee("Price") = "0" then%> <%'else%> <%'end if%> <%'if RSFee("Price") <> "0" then%> <%'end if%>
 
Property Title: <%=RSInfo("Title")%>
 
Price : <%=RSInfo("Price")%> in <%=RSInfo("currency")%>
 
Description: <%=Replace(RSInfo("Description"),vbCrLf,"
")%>
 
Property: <%=saytype%>
 
Location: <%=RSInfo("Location")%>
 
Telephone No: <%=RSInfo("telno")%>
 
Email: <%=RSInfo("email")%>
 
 
Image 1:" width="80" alt="" border="0">
 
Image 2:" width="80" alt="" border="0">
 
Image 3:" width="80" alt="" border="0">
 

Cost of Advert: £<%=costp%>

 
<%RSInfo.Movenext Loop end if %>