jeg skal have creditcard delen ud af dette script

<!-- #include file="db.asp" -->
<!-- #include file="functions.asp" -->
<%

Response.Buffer = true
For Each key in Request.Form
    strname = key
    strvalue = Request.Form(key)
    Session(strname) = strvalue
Next

Dim arrCart, scartItem
    arrCart = Session("MyCart")
    scartItem = Session("cartItem")
    if scartItem = 0 then
        Response.Redirect "error.asp?msg=" & Server.URLEncode ("Or your session has expired, or you tried to re-submit the form.")
    end if

If Request.Form("cardno") = "" OR len(Request.Form("cardno")) <=12 Then
    Response.Redirect "checkout.asp?msg=" & Server.URLEncode ("Please fill in a correct credit card number.")
Elseif Request.Form("cardname") = "" OR len(Request.Form("cardname")) <=6 Then
    Response.Redirect "checkout.asp?msg=" & Server.URLEncode ("Please fill in a correct credit card name.")
Else

strTotal = Cstr(Request.Form("ordertotal"))
intTotal = Replace(strTotal,",",".")

    imonth = Request.Form("expMonth")
    iyear = Request.Form("expYear")
    'use one of the following date formats: mm/dd/yyyy OR dd/mm/yyyy
    'if your server's settings are dd/mm/yyyy, please put a single quote in front of next line
    expDate = imonth & "/" & "28" & "/" & iyear
    'and remove single quote on next line:
    'expDate = "28" & "/" & imonth  & "/" & iyear

    'On error resume next
    sqlAdd = "INSERT INTO orders(ocustomerid,odate,orderamount,ocardtype,ocardno,"
    sqlAdd = sqlAdd & "ocardname,ocardexpires,ocardaddress"
    If Not Request.Form("shipaddress")="" then
        sqlAdd = sqlAdd & ",oshipaddress,oshiptown,oshipzip,oshipstate,oshipcountry"
    End If
    sqlAdd = sqlAdd & ") VALUES("
    sqlAdd = sqlAdd & Session("customerid") & ",#" & Date & "#," & intTotal
    sqlAdd = sqlAdd & ",'" & Request.Form("paymentm") & "','" & Request.Form("cardno") & "'"
    sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("cardname")) & "',#" & expDate & "#"
    sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("cardaddress")) & " '"
    If Not Request.Form("shipaddress")="" then
        sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("shipaddress")) & "'"
        sqlAdd = sqlAdd & ",'" & TwoSingleQ(Request.Form("shiptown")) & " '"
        sqlAdd = sqlAdd & ",'" & Request.Form("shipzip") & " '"
        sqlAdd = sqlAdd & ",'" & Request.Form("shipstate") & " '"
        sqlAdd = sqlAdd & ",'" & Request.Form("shipcountry") & " '"
    End If
    sqlAdd = sqlAdd & ")"
       
    call openConn()
    dbc.execute sqlAdd, intAffected

    if dbc.Errors.count > 0 then
        call closeConn()
        Response.Redirect "error.asp?msg=" & server.URLEncode("Error occurred sending info to Database. Please contact us.")   
    elseif intAffected = 1 then
        Dim oid, sqlo
        sqlo = "SELECT max(orderID) FROM orders"
        Set rso = dbc.Execute(sqlo)   
        oid = Cint(rso(0))
        rso.Close
       
        If oid < 1 Then
            call closeConn()
            Response.Redirect "error.asp?msg=" & Server.URLEncode ("Error: No order id.")
        Else
            'insert order items into oitems table
            For i = 1 To scartItem
                sqlOItem = "INSERT INTO oitems(orderid,catalogid,numitems) VALUES("
                sqlOItem = sqlOItem & oid
                sqlOItem = sqlOItem & "," & arrCart(cProductid,i)
                sqlOItem = sqlOItem & "," & arrCart(cQuantity,i)
                sqlOItem = sqlOItem & ")"
                dbc.execute sqlOItem
            Next
            If dbc.Errors.Count > 0 then
                call closeConn()
                Response.Redirect "error.asp?msg=" & Server.URLEncode ("Not succeeded. Error: ") & dbc.Error.Description
            else
                'send mail to merchant, use function mailMerchant
                blnMail =  mailMerchant("youremail@yourserver",oid,nosmtp)
                if blnMail = false then
                    call closeConn()
                    Response.Redirect "error.asp?msg=" & Server.URLEncode ("Could not send mail to merchant.")
                end if
            end if
        End if
    else
        call closeConn()
        Response.Redirect "error.asp?msg=" & Server.URLEncode ("Order information could not be sent to database. Please try again later.")
    end if
        If dbc.Errors.Count > 0 then
            dbc.Close
            set dbc = nothing
            Response.Redirect "error.asp?msg=" & Server.URLEncode ("Not succeeded. Error: ") & dbc.Error.Description
        Else
            dbc.close
            set dbc = nothing
            Response.Redirect "thanks.asp"
        End If
End If

function mailMerchant(merchantmail,orderid,smtpServer)
    'get client info from DB
    set cmd = server.CreateObject("ADODB.Command")
    cmd.ActiveConnection = dbc
    cmd.CommandText = "qryOrderInfo"
    cmd.CommandType = adCmdStoredProc
    set param = cmd.CreateParameter("oid",adInteger,adParamInput,4)
    cmd.Parameters.Append param
    cmd("oid") = orderid
   
    'build message body strBody
    set rs = server.CreateObject("ADODB.recordset")
    set rs = cmd.Execute
    if not rs.eof then
        strBody = "Online order by a.shopKart on " & rs("odate") & vbCrLf & vbCrLf
        strBody = strBody & "Customer info:" & vbCrLf
        strBody = strBody & rs("cfirstname") & vbCrLf
        strBody = strBody & rs("clastname") & vbCrLf
        strBody = strBody & rs("cemail") & vbCrLf
        strBody = strBody & rs("caddress") & " - " & rs("caddress2") & vbCrLf
        strBody = strBody & rs("ctown") & vbCrLf
        strBody = strBody & rs("czip") & vbCrLf
        strBody = strBody & rs("cstate") & vbCrLf
        strBody = strBody & rs("ccountry") & vbCrLf
        strBody = strBody & rs("cphone") & vbCrLf & vbCrLf
       
        strBody = strBody & "Credit card info:" & vbCrLf
        strBody = strBody & rs("ocardtype") & vbCrLf
        strBody = strBody & left(rs("ocardno"),4) & "..." & vbCrLf
        strBody = strBody & rs("ocardname") & vbCrLf
        strBody = strBody & rs("ocardexpires") & vbCrLf & vbCrLf
       
        strBody = strBody & "Ordered items:" & vbCrLf
        strBody = strBody & "Code" & vbTab & "Item" & vbTab & "No." & vbTab & "Price" & vbCrLf
        strBody = strBody & "-------------------------------------------------------" & vbCrLf
        dblOrderTotal = 0
        while not rs.EOF
            strBody = strBody & rs("ccode") & vbTab & rs("cname") & vbTab
            lineTotal = rs("cprice")*rs("numitems")
            strBody = strBody & rs("numitems") & vbTab & lineTotal & vbCrLf
            dblOrderTotal = dblOrderTotal + lineTotal
            rs.MoveNext
        wend
        strBody = strBody & "-------------------------------------------------------" & vbCrLf
        strBody = strBody & "Total: " & dblOrderTotal & vbCrLf
        strBody = strBody & vbCrLf & vbCrLf
       
        rs.Close
        set rs = nothing
        set cmd = nothing
       
        'use CDONTS to send mail
        set Mailer = Server.CreateObject("CDONTS.NewMail")
        mailer.From = merchantmail
        Mailer.To = merchantmail
        Mailer.Subject = "Online order (a.shopKart)"
        Mailer.Body = strBody
        Mailer.Send
        if Err.number > 0 then
            mailMerchant = false
        else
            mailMerchant = true
        end if
   
        'OR use ASPMail - choose your own
        'Set Mailer = Server.CreateObject ("SMTPsvg.Mailer")
        'Mailer.FromName = "a.shopKart"
        'Mailer.FromAddress = merchantmail
        'Mailer.Subject = "a.shopKart Order"
        'Mailer.BodyText = strBody
        'Mailer.RemoteHost = smtpServer
   
        'Mailer.AddRecipient "", merchantmail
        'if Mailer.SendMail then
            ' Message sent sucessfully
        ' mailMerchant = true
        'else
          ' Message send failure
        '    mailMerchant = false
        'end if
    else
        rs.Close
        set rs = nothing
        set cmd = nothing
        mailMerchant = false
    end if

end function

%>