Solved

implement client/server side script form validation.

Posted on 2006-11-02
4
331 Views
Last Modified: 2013-11-18
I have this perl script that I need to add some details. Somebody can help me please.

#!/Perl/bin/perl
# Program to read information sent to the server
# from the form in the contact_list.xhtml document.

use CGI qw( :standard );
use DBI;

$dtd =
"-//W3C//DTD XHTML 1.0 Transitional//EN\"
   \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";

print( header() );
print( start_html( { dtd    => $dtd,
                     title  => "Order Response" } ) );

# generic variable to hold output message for user, with default success value
my $message = "<b>Order successful!  <br /> Thanks!</b>";

# try updating database
# open connection to Access database
# no passwords on our database
$databaseHandle = DBI->connect('dbi:ODBC:KTC');

# server-side check of quantity
$requestedQuantity = param( "quantity" );
my $check=quantityValid();
if ( ! $check ) {
   # @TODO add not available message here
} else {
   $customerID=param("customer_id");
   $productID=param("product_id");
   $quantity=param("quantity");
   $deliveryDate=param("delivery_date");

   $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
              VALUES (?,?,?,?)";

   my $insertHandle = $databaseHandle->prepare_cached($query1);
   die "Couldn't prepare insert query; aborting "
      unless defined $insertHandle;

   my $success = 1;
   $success &&= $insertHandle->execute($customerID,$productID,$quantity,$deliveryDate);

   # autocommit is on, so no need to commit
   # my $result = ($success ? $databaseHandle->commit : $databaseHandle->rollback);
   unless ($success) {
      die "Couldn't finish transaction: " . $databaseHandle->errstr
   }

   $insertHandle->finish();
}

$databaseHandle->disconnect();

print( $message );
print( end_html() );


sub quantityValid {

   # use ProductID to find a product name

   $productID=; # @TODO get product ID from web page

   $query1 = ; #@TODO add query to product table

   $statementHandle1 = # @TODO prepare query with existing database handle
   # @TODO execute query and loop through results
   #       put available amount into $availAmount

   # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok

}






The OBJECTIVE is to implement client/server side script form validation.


The Order table contains the following fields which should be populated by our code:

OrderID, long integer, primary key
CustomerID, long integer, foreign key
ProductID, long integer, foreign key
InvoiceID, long integer, foreign key
ShipmentID, long integer, foreign key
OrderDate, Date/Time
OrderQuantity, Number
OrderCost, Currency
RequestedShipDate, Date/Time



 


 
0
Comment
Question by:ruthangel
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
manav_mathur earned 500 total points
ID: 17859808
# @TODO add not available message here
$message = "Quantity not available" ;
 $productID=; # @TODO get product ID from web page
$product_id = param("product_id");

I can only see you order table. What tabel stores the amount available??
0
 
LVL 16

Expert Comment

by:manav_mathur
ID: 17859847
The query you would build be similar to the update query.
After running the querym you'll get the rows throrugh the fetch
my $availAmount
$sth = $dbh->prepare_cached($query);
$rv = $sth->execute;
while($sth->fetchrow_hashref) {
    $availAmount += $_->{'amount_field'}
}
0
 

Author Comment

by:ruthangel
ID: 17863353
Hi Manav, thanks. But what do you think that goes here?

$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
              VALUES (?,?,?,?)";

About this values (????)

Do you know how to set up this?
 # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok



thank you
0
 

Author Comment

by:ruthangel
ID: 17863467
About here, right in the end of the code

What query goes here? is that one: $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
                                                    VALUES (?,?,?,?)";


   $query1 = ; #@TODO add query to product table

And here is that loop you taked about before? I am new in perl, I just want to understand these statments. Thank you so much

   $statementHandle1 = # @TODO prepare query with existing database handle
   # @TODO execute query and loop through results
   #       put available amount into $availAmount

   # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok

}
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been pestered over the years to produce and distribute regular data extracts, and often the request have explicitly requested the data be emailed as an Excel attachement; specifically Excel, as it appears: CSV files confuse (no Red or Green h…
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question