代码如下:<%@ page contentType="text/html; charset=gb2312" language="java" import="java.sql.*" errorPage="" %>
<%@ page import="java.util.Vector"%>
<%@ page import="beans.teaelement"%>
<%@ page import="java.util.Date"%>
<jsp:useBean id="connDB" scope="page" class="beans.connDB"/>
<jsp:useBean id="chStr" scope="page" class="beans.chStr"/>
<jsp:include page="safe.jsp"/>
<%
String username=chStr.chStr(request.getParameter("username"));
String truename=chStr.chStr(request.getParameter("truename"));
String address=chStr.chStr(request.getParameter("address"));
String postcode=request.getParameter("postcode");
String tel=request.getParameter("tel");
String pay=chStr.chStr(request.getParameter("pay"));
// out.println("<script>alert(' pay= "+String.valueOf(pay)+" ')</script>");
String carry=chStr.chStr(request.getParameter("carry"));
String email=request.getParameter("email");
String bz=chStr.chStr(request.getParameter("bz"));
int orderID=0;
//out.println("<script>alert(' orderID= "+String.valueOf(orderID)+" ')</script>");
Vector cart=(Vector)session.getAttribute("cart");
int number=0;
float price=(float)0.0;
float sum=(float)0.0;
float Totalsum=(float)0.0;
String flag="True";
int temp=0;
int COMMODITYID=-1;
//插入订单主表数据
int tnumber=cart.size();
//out.println("<script>alert(' tnumber= "+tnumber+" ')</script>");
// 测试 tnumber,正确
String sql="insert into ORDER_(TNUMBER,USERNAME,TURENAME,ADDRESS,ZIPCODE,TEL,EMAIL,PAY,CARRY,BEIZHU) values('"+tnumber+"','"+username+"','"+truename+"','"+address+"','"+postcode+"','"+tel+"','"+email+"','"+pay+"','"+carry+"','"+bz+"')";
//out.print(sql+"*****");
//插入日期用oracle自带的getdate()
temp=connDB.executeUpdate(sql);
//out.println(sql);
if (temp==0){
flag="false";
//out.println("<script>alert(' temp= "+String.valueOf(temp)+" ')</script>");
}else{
orderID=temp;
// out.println("<script>alert(' temp= "+String.valueOf(temp)+" ')</script>");
}
String str="";
//插入订单明细表数据
for(int i=0;i<cart.size();i++){
teaelement myteaelement=(teaelement)cart.elementAt(i);
COMMODITYID=myteaelement.COMMODITYID;
price=myteaelement.price;
number=myteaelement.number;
sum=price*number;
String sql_companyid="select COMMODITYNAME,COMPANYNAME,QUANTITY from TEA_INFO where COMMODITYID='"+COMMODITYID+"'";
ResultSet rs_company=connDB.executeQuery(sql_companyid);
String COMPANYNAME="";
if(!rs_company.next()){
session.invalidate();
out.println("<script language='javascript'>alert('rs_company出错!');window.location.href='index.jsp';</script>");
return;
}else{
COMPANYNAME=rs_company.getString("COMPANYNAME");}
//String id=String.valueOf(Math.random()).substring(6,17);
str="insert into ORDER_DETAIL(ORDERID,COMMODITYID,PRICE,NUMBER_,COMPANYNAME)values("+orderID+"','"+COMMODITYID+"','"+price+"','"+number+"','"+COMPANYNAME+"')";
temp=connDB.executeUpdate(str);
out.println(str);
//更新已卖商品数量
String sql_snumber="update TEA_INFO set SNUMBER=SNUMBER+'"+number+"'where COMMODITYID='"+COMMODITYID+"'";