ruthangel
asked on
implement client/server side script form validation.
I have this perl script that I need to add some details. Somebody can help me please.
#!/Perl/bin/perl
# Program to read information sent to the server
# from the form in the contact_list.xhtml document.
use CGI qw( :standard );
use DBI;
$dtd =
"-//W3C//DTD XHTML 1.0 Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";
print( header() );
print( start_html( { dtd => $dtd,
title => "Order Response" } ) );
# generic variable to hold output message for user, with default success value
my $message = "<b>Order successful! <br /> Thanks!</b>";
# try updating database
# open connection to Access database
# no passwords on our database
$databaseHandle = DBI->connect('dbi:ODBC:KTC
# server-side check of quantity
$requestedQuantity = param( "quantity" );
my $check=quantityValid();
if ( ! $check ) {
# @TODO add not available message here
} else {
$customerID=param("custome
$productID=param("product_
$quantity=param("quantity"
$deliveryDate=param("deliv
$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
VALUES (?,?,?,?)";
my $insertHandle = $databaseHandle->prepare_c
die "Couldn't prepare insert query; aborting "
unless defined $insertHandle;
my $success = 1;
$success &&= $insertHandle->execute($cu
# autocommit is on, so no need to commit
# my $result = ($success ? $databaseHandle->commit : $databaseHandle->rollback)
unless ($success) {
die "Couldn't finish transaction: " . $databaseHandle->errstr
}
$insertHandle->finish();
}
$databaseHandle->disconnec
print( $message );
print( end_html() );
sub quantityValid {
# use ProductID to find a product name
$productID=; # @TODO get product ID from web page
$query1 = ; #@TODO add query to product table
$statementHandle1 = # @TODO prepare query with existing database handle
# @TODO execute query and loop through results
# put available amount into $availAmount
# @TODO test quantity and return 1 (for true) is ok
# return 0 (for false) if not ok
}
The OBJECTIVE is to implement client/server side script form validation.
The Order table contains the following fields which should be populated by our code:
OrderID, long integer, primary key
CustomerID, long integer, foreign key
ProductID, long integer, foreign key
InvoiceID, long integer, foreign key
ShipmentID, long integer, foreign key
OrderDate, Date/Time
OrderQuantity, Number
OrderCost, Currency
RequestedShipDate, Date/Time
#!/Perl/bin/perl
# Program to read information sent to the server
# from the form in the contact_list.xhtml document.
use CGI qw( :standard );
use DBI;
$dtd =
"-//W3C//DTD XHTML 1.0 Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";
print( header() );
print( start_html( { dtd => $dtd,
title => "Order Response" } ) );
# generic variable to hold output message for user, with default success value
my $message = "<b>Order successful! <br /> Thanks!</b>";
# try updating database
# open connection to Access database
# no passwords on our database
$databaseHandle = DBI->connect('dbi:ODBC:KTC
# server-side check of quantity
$requestedQuantity = param( "quantity" );
my $check=quantityValid();
if ( ! $check ) {
# @TODO add not available message here
} else {
$customerID=param("custome
$productID=param("product_
$quantity=param("quantity"
$deliveryDate=param("deliv
$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
VALUES (?,?,?,?)";
my $insertHandle = $databaseHandle->prepare_c
die "Couldn't prepare insert query; aborting "
unless defined $insertHandle;
my $success = 1;
$success &&= $insertHandle->execute($cu
# autocommit is on, so no need to commit
# my $result = ($success ? $databaseHandle->commit : $databaseHandle->rollback)
unless ($success) {
die "Couldn't finish transaction: " . $databaseHandle->errstr
}
$insertHandle->finish();
}
$databaseHandle->disconnec
print( $message );
print( end_html() );
sub quantityValid {
# use ProductID to find a product name
$productID=; # @TODO get product ID from web page
$query1 = ; #@TODO add query to product table
$statementHandle1 = # @TODO prepare query with existing database handle
# @TODO execute query and loop through results
# put available amount into $availAmount
# @TODO test quantity and return 1 (for true) is ok
# return 0 (for false) if not ok
}
The OBJECTIVE is to implement client/server side script form validation.
The Order table contains the following fields which should be populated by our code:
OrderID, long integer, primary key
CustomerID, long integer, foreign key
ProductID, long integer, foreign key
InvoiceID, long integer, foreign key
ShipmentID, long integer, foreign key
OrderDate, Date/Time
OrderQuantity, Number
OrderCost, Currency
RequestedShipDate, Date/Time
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Manav, thanks. But what do you think that goes here?
$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
VALUES (?,?,?,?)";
About this values (????)
Do you know how to set up this?
# @TODO test quantity and return 1 (for true) is ok
# return 0 (for false) if not ok
thank you
$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
VALUES (?,?,?,?)";
About this values (????)
Do you know how to set up this?
# @TODO test quantity and return 1 (for true) is ok
# return 0 (for false) if not ok
thank you
ASKER
About here, right in the end of the code
What query goes here? is that one: $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
VALUES (?,?,?,?)";
$query1 = ; #@TODO add query to product table
And here is that loop you taked about before? I am new in perl, I just want to understand these statments. Thank you so much
$statementHandle1 = # @TODO prepare query with existing database handle
# @TODO execute query and loop through results
# put available amount into $availAmount
# @TODO test quantity and return 1 (for true) is ok
# return 0 (for false) if not ok
}
What query goes here? is that one: $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
VALUES (?,?,?,?)";
$query1 = ; #@TODO add query to product table
And here is that loop you taked about before? I am new in perl, I just want to understand these statments. Thank you so much
$statementHandle1 = # @TODO prepare query with existing database handle
# @TODO execute query and loop through results
# put available amount into $availAmount
# @TODO test quantity and return 1 (for true) is ok
# return 0 (for false) if not ok
}
After running the querym you'll get the rows throrugh the fetch
my $availAmount
$sth = $dbh->prepare_cached($quer
$rv = $sth->execute;
while($sth->fetchrow_hashr
$availAmount += $_->{'amount_field'}
}