<%
Response.Expires = 0
'Response.AddHeader "pragma","no-cache"
'Response.CacheControl = "no-cache"
%>
<!--#include file="shell.asp" -->

<% 
'objConn.Execute("insert into messages set message = 'Grab Image ln 15: beginning of script'")
specs_id = request("specs_id")
job_id = request("job_id")

'objConn.Execute("insert into messages set message = 'Grab Image ln 206 " & Request("auth_string") & "'")
sqlSelect = "select * "
sqlSelect = sqlSelect & "from files_specs "
sqlSelect = sqlSelect & "where id="&specs_id

set specsRS = objConn.Execute(sqlSelect)

'set diRS = objConn.Execute("Select * from download_images where id="&download_id)

If specsRS.EOF then 
	response.Write("Invalid Download Id")
	response.End()
end if

if CONST_specsAddToBidderListOnDownload then
	set orderRS = objConn.Execute("select * from orders where job_id="&specsRS("job_id")&" and contact_id="&session("User_Id"))
	if orderRS.EOF then
		set compRS = objConn.Execute("select * from company where id="&session("User_Company"))
		set tradeRS = objConn.Execute("select * from trade_to_company where company_id="&session("User_Company")&" order by is_default")

		if NOT tradeRS.EOF then
			tradeID = tradeRS("trade_id")
		else
			tradeID = CONST_tradeNoneID
		End If			
			
			
		sqlString = "insert into orders set "
		sqlString = sqlString & "job_id="&specsRS("job_id")&", "
		sqlString = sqlString & "company_id="&session("User_Company")&", "
		sqlString = sqlString & "contact_id="&Session("User_Id")&", "
		sqlString = sqlString & "status = 'Spec Download', "
		sqlString = sqlString & "minority_owned_company = 0, "
		sqlString = sqlString & "bid_category='', "
		sqlString = sqlString & "date_ordered = '" & db_mysqlDate(Date) & "', "
		sqlString = sqlString & "shipment_method = '', "
		sqlString = sqlString & "comment = 'Specs Download', "
		sqlString = sqlString & "care_of = '', "
		sqlString = sqlString & "shipto_address1 = '" & db_addSlashes(compRS("shipto_address1")) & "', "
		sqlString = sqlString & "shipto_address2 = '" & db_addSlashes(compRS("shipto_address2")) & "', "
		sqlString = sqlString & "shipto_city = '" & db_addSlashes(compRS("shipto_city")) & "', "
		sqlString = sqlString & "shipto_country = '" & compRS("shipto_country") & "', "
		sqlString = sqlString & "shipto_state = '" & compRS("shipto_state") & "', "
		sqlString = sqlString & "shipto_zip = '" & compRS("shipto_zip") & "', "
		sqlString = sqlString & "billto_address1 = '" & db_addSlashes(compRS("billto_address1")) & "', "
		sqlString = sqlString & "billto_address2 = '" & db_addSlashes(compRS("billto_address2")) & "', "
		sqlString = sqlString & "billto_city = '" & db_addSlashes(compRS("billto_city")) & "', "
		sqlString = sqlString & "billto_state = '" & compRS("billto_state") & "', "
		sqlString = sqlString & "billto_country = '" & compRS("billto_country") & "', "
		sqlString = sqlString & "billto_zip = '" & compRS("billto_zip") & "', "
		sqlString = sqlString & "trade_id = " &  tradeID  & ", "
		sqlString = sqlString & "user_who_placed = " & Session("User_Id")
		objConn.Execute(sqlString)
		
		sqlString = "select id from orders order by id desc limit 1"
		set objRS = objConn.Execute(sqlString)
		order_id = objRS("id")
	
		sqlString = "Insert into order_lines set " 
		sqlString = sqlString & "order_id = " & order_id & ", "
		sqlString = sqlString & "line_number = 1, " 
		sqlString = sqlString & "job_item_id = " & specs_id & ", "
		sqlString = sqlString & "description = '" & db_addSlashes(specsRS("description")) & "', "
		sqlString = sqlString & "item_type = 'specs_download', "
		sqlString = sqlString & "quantity = 1, "
		sqlString = sqlString & "unit_price = 0, "
		sqlString = sqlString & "extended_price = 0, "
		sqlString = sqlString & "status='Specs Download', "
		sqlString = sqlString & "payment_type='0', "
		sqlString = sqlString & "paid=0, "
		sqlString = sqlString & "date_paid='', "
		sqlString = sqlString & "comment='', "
		sqlString = sqlString & "name='" & db_addSlashes(specsRS("filename")) & "' "
		objConn.Execute(sqlString)
	end if		
end if

fileName = specsRS("filename")
dirName = specsRS("directory_name")

'Read in the filename
Dim strFileName
Dim Extension

'Form the file path and name

passFile dirName, fileName


Function ReadBinaryFile(FileName)
  Const adTypeBinary = 1
  
  'Create Stream object
  Dim BinaryStream
  Set BinaryStream = CreateObject("ADODB.Stream")
  
  'Specify stream type - we want To get binary data.
  BinaryStream.Type = adTypeBinary
  
  'Open the stream
  BinaryStream.Open
  
  'Load the file data from disk To stream object
  BinaryStream.LoadFromFile FileName
  
  'Open the stream And get binary data from the object
  ReadBinaryFile = BinaryStream.Read
End Function


function passFile(dirName, fileName)
	Dim objBinFile, vntStream

	vntStream = ReadBinaryFile(CONST_specsLocation & dirName & "/" & fileName)
	tempFileName = lcase(fileName)
	extension = fileExtension(tempFileName)

	select case extension
		case "jpg"
			Response.ContentType = "image/jpeg"
		case "tif"
			Response.ContentType = "image/tiff"
		case "gif"
			Response.ContentType = "image/gif"
		case "pdf"
			Response.ContentType = "application/pdf"
		case "doc"
			Response.ContentType = "application/MSWord"
		case "exe"
			Response.ContentType = "application/octet-stream"
		case "zip"
			Response.ContentType = "application/zip"
		case else
			Response.ContentType = "Text/HTML"
	end select
	Response.Addheader "Content-Disposition", "attatchment; filename=""" & fileName &""""
	Response.BinaryWrite(vntStream)
	Response.End

	Set objBinFile = Nothing
End function

function fileExtension(filename)
	a = split(filename,".")
	fileExtension = trim(a(ubound(a)))
end function

function UnauthorizedAlert
	Response.ContentType = "Text/HTML"
	Response.Write "Error - Invalid File Download Attempt<br>"
	cdoBody = "An attempt to download an image improperly has failed. A 'session variables' and 'server variables' dump follow:<br><br>" 

	cdoBody = cdoBody & "Job Name : " & request.querystring("dirname") & "<br>"
	cdoBody = cdoBody & "Image Name : " & request.querystring("imagename") & "<br><br>"
	cdoBody = cdoBody & "Auth String : " & strAuthString & "<br><br>"
	cdoBody = cdoBody & "Active session variables : <br>"
	cdoBody = cdoBody & Fdumpsessions & "<br><br>"
	cdoBody = cdoBody & "Active server variables : <br>"
	cdoBody = cdoBody & Fdumpservervariables

	cdoBody = Replace(cdoBody, "<br>", vbcrlf) 
'	sendMail fromdistributionEmail, "choward@boxlake.com", "Error - Invalid File Download Attempt" , cdoBody
	Response.write cdoBody
End function

Function Fdumpservervariables()
   a = ""
   For Each key In Request.ServerVariables
      a = a & Key & " = " & Request.Servervariables(Key) & "<br>"
   Next
   Fdumpservervariables = a
End Function

Function FdumpSessions()
	a = ""
	for each i in session.Contents
	   a = a & session.Contents.key(i) & ":" & session.Contents.Item(i) & "<br>"
	next
	Fdumpsessions = a
End Function
%>