<!-- #include file="../onlinestore/common.asp" -->
<!-- #include file="../onlinestore/commonfunc.asp" -->
<!-- #INCLUDE file = "../onlinestore/cartcommon.asp"    -->

<%
	call connect()
    	
	'id = request_equerystring(decrypt(strauth),"id")
	'pid = request.Querystring("pid")
	'price = request.Querystring("price")
	'Qty = request.Querystring("txtqty")
	
	strauth=trim(request.QueryString("auth"))
	pid =request_equerystring(decrypt(strauth),"prodid")
	price = request_equerystring(decrypt(strauth),"price")
	Qty = request_equerystring(decrypt(strauth),"Qty")
	if Qty="" then
	Qty=1
	end if
	session_ID = Session.SessionID
	
'	call check_qty(pid,Qty)
	
	sql_check = "SELECT * FROM cart WHERE sessionID='" & session_ID & "' AND productid=" & pid 
	set rs = cnn.Execute(sql_check)
	
	
	if rs.bof and rs.eof then
	
		sql = "INSERT INTO cart (SessionID, productid, Qty, Price) VALUES ('" & session_ID & "'," & pid & ",'"  & Qty & "','" & price & "')"
		cnn.Execute sql
		response.write sql
		response.redirect("checkout-step1.asp")
		response.End()
		
	else

		sql2 = "UPDATE cart SET Qty ='" & rs("Qty") + Qty & "' WHERE sessionID='" & session_ID & "' AND productid=" & pid 
		cnn.Execute sql2
		response.write sql2
		response.redirect("checkout-step1.asp")
		response.End()
		
	end if
				
%>