I took over a website for a family friend. The business that created the site prior used ASP to run the Orderform on the site. I am not very familiar with ASP. I was wondering if I posted the html orderform and the ASP handler, if someone could explain to me what is happening. I've started looking at the code but the commands are foreign to me. Any help would be greatly appreciated as I'd like to know what is actually happening rather than just copy and pasting it.

The orderform is at link

The ASP handler code is:

<%
'**************************************************************
' VALUES THAT YOU NEED TO MODIFY
'**************************************************************
Const x_login			= "Enter your login ID here"	
Const x_tran_key		= "Enter Transaction Key here"	
'**************************************************************

'**************************************************************
' VARIABLES USED THROUGHOUT THIS SCRIPT
'**************************************************************
Dim x_version
Dim x_test_request
Dim x_delim_data
Dim x_delim_char
Dim x_relay_response
Dim x_first_name
Dim x_last_name
Dim x_company
Dim x_address
Dim x_city
Dim x_state
Dim x_zip
Dim x_country
Dim x_phone
Dim x_fax
Dim x_cust_id
Dim x_customer_ip
Dim x_customer_tax_id
Dim x_email
Dim x_email_customer
Dim x_merchant_email
Dim x_invoice_num
Dim x_description
Dim x_ship_to_first_name
Dim x_ship_to_last_name
Dim x_ship_to_company
Dim x_ship_to_address
Dim x_ship_to_city
Dim x_ship_to_state
Dim x_ship_to_zip
Dim x_ship_to_country
Dim x_amount
Dim x_currency_code
Dim x_method
Dim x_type
Dim x_recurring_billing
Dim x_bank_aba_code
Dim x_bank_acct_num
Dim x_bank_acct_type
Dim x_bank_name
Dim x_bank_acct_name
Dim x_echeck_type
Dim x_card_num
Dim x_exp_date
Dim x_card_code
Dim x_trans_id
Dim x_auth_code
Dim x_authentication_indicator
Dim x_cardholder_authentication_value
Dim x_customer_organization_type
Dim x_drivers_license_num
Dim x_drivers_license_state
Dim x_drivers_license_dob
'*************************************************************
' Level 2 Data
'*************************************************************
Dim x_po_num
Dim x_tax
Dim x_tax_exempt
Dim x_freight
Dim x_duty
'*************************************************************

x_version = "3.1"
x_test_request = "true"
x_delim_data = "true"
x_delim_char = "|"
x_relay_response = "false"
x_first_name = "Charles"
x_last_name = "DeGaulle"
x_company = "DeGaulle Inc."
x_address = "123 First Avenue"
x_city = "American Fork"
x_state = "UT"
x_zip = "84003"
x_country = "US"
x_phone = "(123)123-1234"
x_fax = "(123)555-1234"
x_cust_id = "2544"
x_customer_ip = request.servervariables("remote_addr")
x_customer_tax_id = "111111111"
x_email = "customersemailaddress@theirdomain.com"
x_email_customer = "true"
x_merchant_email = "youremailaddress@yourdomain.com"
x_invoice_num = "000120"
x_description = "Recycled Toner Cartridges"
x_ship_to_first_name = "Bob"
x_ship_to_last_name = "Smith"
x_ship_to_company = "DeGaulle Inc."
x_ship_to_address = "123 First Avenue"
x_ship_to_city = "American Fork"
x_ship_to_state = "UT"
x_ship_to_zip = "84003"
x_ship_to_country = "US"
x_amount = "8.75"
x_currency_code = "USD"
x_method = "CC"
x_type = "AUTH_CAPTURE"
x_recurring_billing = "no"
x_bank_aba_code = "122101191"
x_bank_acct_num = "00000000000000000"
x_bank_acct_type = "BUSINESS CHECKING"
x_bank_name = "My First Bank"
x_bank_acct_name = "Charles E. DeGaulle"
x_echeck_type = "WEB"
x_card_num = "4111111111111111"
x_exp_date = "05/09"
x_card_code = "212"
x_trans_id = ""
x_auth_code = ""
x_authentication_indicator = "2"
x_cardholder_authentication_value = "E0Mvq8AAABEiMwARIjNEVWZ3iJk"
x_customer_organization_type = "B"
x_drivers_license_num = "000000000"
x_drivers_license_state = "UT"
x_drivers_license_dob = "1960/10/26"
'*************************************************************
' Level 2 Data
'*************************************************************
x_po_num = "PO 2512"
x_tax = "5%"
x_tax_exempt = "false"
x_freight = "20.00"
x_duty = "5.00"
'*************************************************************

'**************************************************************
' Optional: You can also supply merchant-defined values.
'**************************************************************

Dim my_own_variable_name
Dim another_field_name

my_own_variable_name = "Inkjet Cartridge 22 DPI"
another_field_name = "Color: Black"

'**************************************************************
' REQUEST STRING THAT WILL BE SUBMITTED BY WAY OF
' THE HTTPS POST OPERATION
'**************************************************************
Dim vPostData
vPostData = "x_login=" & x_login & "&x_tran_key=" & x_tran_key & "&x_version=" & x_version & "&x_method=" & x_method & "&x_test_request=" & x_test_request &"&x_delim_data=" & x_delim_data & "&x_delim_char=" & x_delim_char & "&x_relay_response=" & x_relay_response & "&x_first_name=" & x_first_name & "&x_last_name=" & x_last_name &"&x_company=" & x_company &"&x_address=" & x_address &"&x_city=" & x_city &"&x_state=" & x_state &"&x_zip=" & x_zip & "&x_country=" & x_country &"&x_phone=" & x_phone &"&x_fax=" & x_fax &"&x_cust_id=" & x_cust_id & "&x_customer_ip=" & x_customer_ip & "&x_customer_tax_id=" & x_customer_tax_id &"&x_email=" & x_email &"&x_email_customer=" & x_email_customer &"&x_merchant_email=" & x_merchant_email &"&x_invoice_num=" & x_invoice_num &"&x_description=" & x_description & "&x_ship_to_first_name=" & x_ship_to_first_name &"&x_ship_to_last_name=" & x_ship_to_last_name &"&x_ship_to_company=" & x_ship_to_company &"&x_ship_to_address=" & x_ship_to_address &"&x_ship_to_city=" & x_ship_to_city &"&x_ship_to_state=" & x_ship_to_state &"&x_ship_to_zip=" & x_ship_to_zip &"&x_ship_to_country=" & x_ship_to_country &"&x_amount=" & x_amount &"&x_currency_code=" & x_currency_code &"&x_method=" & x_method &"&x_type=" & x_type &"&x_recurring_billing=" & x_recurring_billing &"&x_bank_aba_code=" & x_bank_aba_code &   "&x_bank_acct_num=" & x_bank_acct_num &"&x_bank_acct_type=" & x_bank_acct_type &"&x_bank_name=" & x_bank_name &"&x_bank_acct_name=" & x_bank_acct_name &"&x_echeck_type=" & x_echeck_type &"&x_card_num=" & x_card_num &"&x_exp_date=" & x_exp_date &"&x_card_code=" & x_card_code &"&x_trans_id=" & x_trans_id &"&x_auth_code=" & x_auth_code &"&x_authentication_indicator=" & x_authentication_indicator &"&x_cardholder_authentication_value=" & x_cardholder_authentication_value &"&x_customer_organization_type=" & x_customer_organization_type &"&x_drivers_license_num=" & x_drivers_license_num &"&x_drivers_license_state=" & x_drivers_license_state &"&x_drivers_license_dob=" & x_drivers_license_dob &"&my_own_variable_name=" & my_own_variable_name &"&another_field_name=" & another_field_name &"&x_po_num=" & x_po_num &"&x_tax=" & x_tax &"&x_tax_exempt=" & x_tax_exempt &"&x_freight=" & x_freight &"&x_duty=" & x_duty

'**************************************************************
' USING WINHTTP TO PERFORM A POST OPERATION
'**************************************************************
' SEND DATA VIA HTTPS POST TO AUTHORIZE.NET
'
' WINHTTP:
' IF YOUR IIS WEB SERVER HAS WINHHTP INSTALLED, YOU CAN USE
' WINHTTP TO PERFORM THE HTTPS POST OPERATION AS LONG AS YOU
' KNOW:
'	 1) WHICH VERSION OF WINHTTP IS INSTALLED
'	 2) HOW TO REFER TO THAT SPECIFIC VERSION
' IF YOU DO NOT KNOW ANY OF THIS INFORMATION, PLEASE CHECK WITH
' YOUR IIS ADMINISTRATOR OR REFER TO REFERENCE MATERIALS AT
' WWW.MICROSOFT.COM
'
' Here is an example of using WINHTTP Version 5:
' Dim objHttp
' Set objHTTP = Server.CreateObject("WinHttp.WinHttpRequest.5")
'**************************************************************

' OR

'**************************************************************
' USING XMLHTTP TO PERFORM A POST OPERATION
'**************************************************************
' SEND DATA VIA HTTPS POST TO AUTHORIZE.NET
'
' XMLHTTP:
' IF YOUR IIS WEB SERVER HAS XMLHHTP INSTALLED, YOU CAN USE
' XMLHTTP TO PERFORM THE HTTPS POST OPERATION AS LONG AS YOU
' KNOW:
'	 1) WHICH VERSION OF XMLHTTP IS INSTALLED
'	 2) HOW TO REFER TO THAT SPECIFIC VERSION
' IF YOU DO NOT KNOW ANY OF THIS INFORMATION, PLEASE CHECK WITH
' YOUR IIS ADMINISTRATOR OR REFER TO REFERENCE MATERIALS AT
' WWW.MICROSOFT.COM
'
' Below is an example of using XMLHTTP:

Dim xml
Dim strStatus
Dim strRetval
Set xml = Server.CreateObject("Microsoft.XMLHTTP")
xml.open "POST", "https://test.authorize.net/gateway/transact.dll", false
' Uncomment the line ABOVE for test accounts OR the line BELOW for LIVE accounts
' xml.open "POST", "https://secure.authorize.net/gateway/transact.dll", false
xml.send vPostData
strStatus = xml.Status
strRetval = xml.responseText
Set xml = nothing

'**************************************************************
' USING AN UPDATED VERSION OF XMLHTTP TO PERFORM AN HTTPS POST
' OPERATION
'**************************************************************
'
' AGAIN, YOU NEED TO VERIFY WHICH VERSION OF XMLHTTP IS
' INSTALLED ON YOUR IIS WEB SERVER, BECAUSE DIFFERENT VERSIONS
' REQUIRE DIFFERENT SYNTAX
'
' Below is an example of using a more recent version of XMLHTTP
'dim xmlhttp
'set xmlhttp = server.Createobject("MSXML2.ServerXMLHTTP")
'xmlhttp.Open "POST","https://test.authorize.net/gateway/transact.dll?" & vPostData & "",false
'xmlhttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
'xmlhttp.send ""
'Response.ContentType = "text/xml"
'strRetval = xmlhttp.responsexml.xml
'Set xmlhttp = nothing
'**************************************************************


'**************************************************************
' DONE PERFORMING THE HTTPS POST OPERATION
' At this point, you have submitted the transaction data to
' Authorize.Net and Authorize.Net has already sent you a
' response string back by way of the HTTPS POST operation.
'**************************************************************


'**************************************************************
' PARSING THE RESPONSE STRING
'
' It's entirely up to you to decide what you want to do with
' the payment gateway response. You can parse the string (and
' that's all it is -- one long string, not an array or any other
' object) and take specific actions based on certain parameters.
'
' Below is an example of how to parse the string, convert it and
' display the returned payment gateway response.
'
'**************************************************************
'
'First we'll create an array from the return value by splitting on the
'x_delim_char and then we'll assign each member of the array to values that
'better describe them for the reader.  Of course we'd probably want to
'do something else with these values like save them to a database,
'create an email to send to the webmaster and/or the user
'**************************************************************

Dim strArrayVal
strArrayVal = split(strRetVal, "|", -1)

%>

<html>
<head>
<title>ASP Example  ::  Authorize.Net AIM</title>

<style type="text/css" media="all">
<!--
BODY {
	background-color: #ffffff;
	font-family: Arial, Verdana, Helvetica, Geneva, sans-serif;
	font-size: 8pt;
}

TD {
	font-family: Arial, Verdana, Helvetica, Geneva, sans-serif;
	font-size: 12px;
}

.small {
	font-family: Arial, Verdana, Helvetica, Geneva, sans-serif;
	font-size: 10px;
}

.copy {
	font-family: Arial, Verdana, Helvetica, Geneva, sans-serif;
	font-size: 12px;
}

//-->
</style>

<head>

<body marginheight="10" marginwidth="10" topmargin="10" leftmargin="10" rightmargin="10" link="#73757B" vlink="#73757B" alink="#73757B" bgcolor="#ffffff">
<%
' Begin code to get the last modified date of the current document
' Get the location of the root directory for the server
file_info = request.servervariables("appl_physical_path")
' Get the location of the current file on the server
file_info = file_info + right(request.servervariables("script_name"),(len(request.servervariables("script_name"))-1))
' create a file scripting object on the server
set fso = createobject("scripting.filesystemobject")
' Assign a variable to contain the document date last modified
document_date=fso.getfile(file_info).datelastmodified
response.write "This code was last updated: "
response.write datevalue(document_date)
' End code to get the last modified date of the current document
Response.Write "<br><br>"
Response.Write "Length of the return string: "&len(strRetVal)
Response.Write "<br></br>"

Response.Write "<hr>"

Dim arrData, iq
arrData = strArrayVal

' The following few variables are simply to facilitate the display of the information
Dim tr1, tr2
tr1 = "<tr class='small' bgcolor='#EEEEEE'>"
tr2 = "</tr>"
td1 = "<td>"
td2 = "</td>"

Response.Write "<table width='100%' border='0' cellspacing='0' cellpadding='1'>"

	   for i=0 to ubound(arrData)
			' the next line trims out leading and trailing spaces if the data is not null or zero-length
			If arrData(i)<>"" and not IsNull(arrData(i)) then arrData(i) = trim(arrData(i))

			' alternating table row colors
			If i MOD 2 = 0 Then
				tr1 = "<tr class='small' bgcolor='#eeeeee'>"
			Else
				tr1 = "<tr class='small' bgcolor='#ffffff'>"
			End If

			iq = i + 1
			Select Case iq
				Case 1,2,3,4,5,6,7
					Response.Write tr1
					Response.Write td1
					Response.Write iq & " - Authorize.Net Response: " & arrData(i)
					'br()
					Response.Write "<br>"
					Response.Write td2
					Response.Write tr2
				Case 8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37
					Response.Write tr1
					Response.Write td1
					Response.Write iq & " - Returned Values: " & arrData(i)
					'br()
					Response.Write "<br>"
					Response.Write td2
					Response.Write tr2
				Case 38
					Response.Write tr1
					Response.Write td1
					Response.Write iq & " - MD5 Hash: " & arrData(i)
					'br()
					Response.Write "<br>"
					Response.Write td2
					Response.Write tr2
				Case Else
					If iq >= 69 then
					Response.Write tr1
					Response.Write td1
						Response.Write iq & " - Merchant-defined: " & arrData(i)
					'br()
					Response.Write "<br>"
					Response.Write td2
					Response.Write tr2
					Else
					Response.Write tr1
					Response.Write td1
						Response.Write iq & " - Other: " & arrData(i)
					'br()
					Response.Write "<br>"
					Response.Write td2
					Response.Write tr2
					End If
			End Select

		next

Response.Write "</table>"


Response.Write "<hr>"



sub br()
	Response.Write("<br>")
end sub


%>


<br>
<br>


</body>
</html>

what part are you not able to understand we can go part by part on this :),comments are making it self explanatory, anyways kindly start with what part of this code are u finding hard to understand

Still some things are a bit confusing. I understand declaring the variables, but im not sure what Dim means. Also why would you set the variables equal to just a random value? I'll start with that for now.

Dim is used for declaring a variable without dim you won't be able to use the variable.
Now setting of variables to random value might be for testing purposes or , avoiding the null error

Alright that makes sense. After the form is submitted a email is sent to the seller with a list of the products purchased. I am trying to find that part in this code.

im developing a software using asp.net... i want to know how to code when it comes to protecting passwords especially when the function is for normal users as well as the administrator's login

im developing a software using asp.net... i want to know how to code when it comes to giving access of report contents to users according to their needs.

This article has been dead for over six months. Start a new discussion instead.