Solved

implement client/server side script form validation.

Posted on 2006-11-02
4
333 Views
Last Modified: 2013-11-18
I have this perl script that I need to add some details. Somebody can help me please.

#!/Perl/bin/perl
# Program to read information sent to the server
# from the form in the contact_list.xhtml document.

use CGI qw( :standard );
use DBI;

$dtd =
"-//W3C//DTD XHTML 1.0 Transitional//EN\"
   \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";

print( header() );
print( start_html( { dtd    => $dtd,
                     title  => "Order Response" } ) );

# generic variable to hold output message for user, with default success value
my $message = "<b>Order successful!  <br /> Thanks!</b>";

# try updating database
# open connection to Access database
# no passwords on our database
$databaseHandle = DBI->connect('dbi:ODBC:KTC');

# server-side check of quantity
$requestedQuantity = param( "quantity" );
my $check=quantityValid();
if ( ! $check ) {
   # @TODO add not available message here
} else {
   $customerID=param("customer_id");
   $productID=param("product_id");
   $quantity=param("quantity");
   $deliveryDate=param("delivery_date");

   $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
              VALUES (?,?,?,?)";

   my $insertHandle = $databaseHandle->prepare_cached($query1);
   die "Couldn't prepare insert query; aborting "
      unless defined $insertHandle;

   my $success = 1;
   $success &&= $insertHandle->execute($customerID,$productID,$quantity,$deliveryDate);

   # autocommit is on, so no need to commit
   # my $result = ($success ? $databaseHandle->commit : $databaseHandle->rollback);
   unless ($success) {
      die "Couldn't finish transaction: " . $databaseHandle->errstr
   }

   $insertHandle->finish();
}

$databaseHandle->disconnect();

print( $message );
print( end_html() );


sub quantityValid {

   # use ProductID to find a product name

   $productID=; # @TODO get product ID from web page

   $query1 = ; #@TODO add query to product table

   $statementHandle1 = # @TODO prepare query with existing database handle
   # @TODO execute query and loop through results
   #       put available amount into $availAmount

   # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok

}






The OBJECTIVE is to implement client/server side script form validation.


The Order table contains the following fields which should be populated by our code:

OrderID, long integer, primary key
CustomerID, long integer, foreign key
ProductID, long integer, foreign key
InvoiceID, long integer, foreign key
ShipmentID, long integer, foreign key
OrderDate, Date/Time
OrderQuantity, Number
OrderCost, Currency
RequestedShipDate, Date/Time



 


 
0
Comment
Question by:ruthangel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
manav_mathur earned 500 total points
ID: 17859808
# @TODO add not available message here
$message = "Quantity not available" ;
 $productID=; # @TODO get product ID from web page
$product_id = param("product_id");

I can only see you order table. What tabel stores the amount available??
0
 
LVL 16

Expert Comment

by:manav_mathur
ID: 17859847
The query you would build be similar to the update query.
After running the querym you'll get the rows throrugh the fetch
my $availAmount
$sth = $dbh->prepare_cached($query);
$rv = $sth->execute;
while($sth->fetchrow_hashref) {
    $availAmount += $_->{'amount_field'}
}
0
 

Author Comment

by:ruthangel
ID: 17863353
Hi Manav, thanks. But what do you think that goes here?

$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
              VALUES (?,?,?,?)";

About this values (????)

Do you know how to set up this?
 # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok



thank you
0
 

Author Comment

by:ruthangel
ID: 17863467
About here, right in the end of the code

What query goes here? is that one: $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
                                                    VALUES (?,?,?,?)";


   $query1 = ; #@TODO add query to product table

And here is that loop you taked about before? I am new in perl, I just want to understand these statments. Thank you so much

   $statementHandle1 = # @TODO prepare query with existing database handle
   # @TODO execute query and loop through results
   #       put available amount into $availAmount

   # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok

}
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question