<%@ Language=VBScript %>
<%Option Explicit%>
<!--#include file="includes/include.inc"-->		
<!--#include file="includes/FixSurname.asp"-->			
<%
dim UMail, UPasswd
dim oRs, oConn, SQL


UMail		=	Request.Form("UMail")
UPasswd		=	Request.Form("UPasswd")


set oConn 	= 	Server.CreateObject("ADODB.Connection")	
oConn.open application("ConStr")						
set oRs		=	Server.CreateObject("ADODB.Recordset")	
SQL = "SELECT UID, USurname, Usex from [User] where UEmail = '" & UMail & "' AND UPassword='" & UPasswd &"'"
oRs.open SQL, oConn, 3,1,1
if oRs.EOF = false then
	session("UserID")		=	oRs("UID")		
	session("UserSurname")	=	oRs("USurname")	
	session("UserSex")		=	oRs("USex")		
	call FixSurname(oRs("USurname")	, oRs("USex"))

	if session("RandomID") & "" = "" then
		dim ttemp1, ttemp2, ttemp3
		Randomize
		ttemp1 = Int((9999 * Rnd) + 1)
		ttemp2 = Int((9999 * Rnd) + 1)
		ttemp3 = Int((9999 * Rnd) + 1)
		session("RandomID") = ttemp1 & ttemp2 & ttemp3	
	end if
	%>
	<!--#include file="includes/Cookies.asp"-->	
	<%
	oRs.close
	
	' ===== Insert Products from TempOrder to Order table. I know the user know. ===============
	SQL = "Select TempItemID, TempItemQuantity, TempDate from OrderTemp where TempUserSession = " & session("RandomID")
	oRs.open SQL, oConn, 3,1,1
	if oRs.EOF = false then
		dim GetTempItems, i
		GetTempItems = oRs.getRows()
		oConn.execute("Delete from OrderTemp where TempUserSession = " & session("RandomID"))
		for i = 0 to ubound(GetTempItems,2)
			oConn.execute("Insert into [Order] (UserID, ItemID, ItemQuantity, InsDate) values (" & session("UserID") & ", " & GetTempItems(0,i) &", " & GetTempItems(1,i) &", convert(SmallDatetime,'" & FormatDateTime(GetTempItems(2,i),2) &"',103))")
		next
	end if
	oRs.close	:	set oRs = nothing
	oConn.close	:	set oConn = nothing

else
	oRs.close	:	set oRs = nothing
	oConn.close	:	set oConn = nothing
	Response.Redirect "account.asp?errmsg=1"
end if
Response.Redirect "login.asp"
%>