Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

implement client/server side script form validation.

Posted on 2006-11-02
4
Medium Priority
?
341 Views
Last Modified: 2013-11-18
I have this perl script that I need to add some details. Somebody can help me please.

#!/Perl/bin/perl
# Program to read information sent to the server
# from the form in the contact_list.xhtml document.

use CGI qw( :standard );
use DBI;

$dtd =
"-//W3C//DTD XHTML 1.0 Transitional//EN\"
   \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";

print( header() );
print( start_html( { dtd    => $dtd,
                     title  => "Order Response" } ) );

# generic variable to hold output message for user, with default success value
my $message = "<b>Order successful!  <br /> Thanks!</b>";

# try updating database
# open connection to Access database
# no passwords on our database
$databaseHandle = DBI->connect('dbi:ODBC:KTC');

# server-side check of quantity
$requestedQuantity = param( "quantity" );
my $check=quantityValid();
if ( ! $check ) {
   # @TODO add not available message here
} else {
   $customerID=param("customer_id");
   $productID=param("product_id");
   $quantity=param("quantity");
   $deliveryDate=param("delivery_date");

   $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
              VALUES (?,?,?,?)";

   my $insertHandle = $databaseHandle->prepare_cached($query1);
   die "Couldn't prepare insert query; aborting "
      unless defined $insertHandle;

   my $success = 1;
   $success &&= $insertHandle->execute($customerID,$productID,$quantity,$deliveryDate);

   # autocommit is on, so no need to commit
   # my $result = ($success ? $databaseHandle->commit : $databaseHandle->rollback);
   unless ($success) {
      die "Couldn't finish transaction: " . $databaseHandle->errstr
   }

   $insertHandle->finish();
}

$databaseHandle->disconnect();

print( $message );
print( end_html() );


sub quantityValid {

   # use ProductID to find a product name

   $productID=; # @TODO get product ID from web page

   $query1 = ; #@TODO add query to product table

   $statementHandle1 = # @TODO prepare query with existing database handle
   # @TODO execute query and loop through results
   #       put available amount into $availAmount

   # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok

}






The OBJECTIVE is to implement client/server side script form validation.


The Order table contains the following fields which should be populated by our code:

OrderID, long integer, primary key
CustomerID, long integer, foreign key
ProductID, long integer, foreign key
InvoiceID, long integer, foreign key
ShipmentID, long integer, foreign key
OrderDate, Date/Time
OrderQuantity, Number
OrderCost, Currency
RequestedShipDate, Date/Time



 


 
0
Comment
Question by:ruthangel
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
manav_mathur earned 2000 total points
ID: 17859808
# @TODO add not available message here
$message = "Quantity not available" ;
 $productID=; # @TODO get product ID from web page
$product_id = param("product_id");

I can only see you order table. What tabel stores the amount available??
0
 
LVL 16

Expert Comment

by:manav_mathur
ID: 17859847
The query you would build be similar to the update query.
After running the querym you'll get the rows throrugh the fetch
my $availAmount
$sth = $dbh->prepare_cached($query);
$rv = $sth->execute;
while($sth->fetchrow_hashref) {
    $availAmount += $_->{'amount_field'}
}
0
 

Author Comment

by:ruthangel
ID: 17863353
Hi Manav, thanks. But what do you think that goes here?

$query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
              VALUES (?,?,?,?)";

About this values (????)

Do you know how to set up this?
 # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok



thank you
0
 

Author Comment

by:ruthangel
ID: 17863467
About here, right in the end of the code

What query goes here? is that one: $query1 = "INSERT INTO Orders (CustomerID, ProductID, OrderQuantity, RequestedShipDate)
                                                    VALUES (?,?,?,?)";


   $query1 = ; #@TODO add query to product table

And here is that loop you taked about before? I am new in perl, I just want to understand these statments. Thank you so much

   $statementHandle1 = # @TODO prepare query with existing database handle
   # @TODO execute query and loop through results
   #       put available amount into $availAmount

   # @TODO test quantity and return 1 (for true) is ok
   #                         return 0 (for false) if not ok

}
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface In the first article: A Better Website Login System (http://www.experts-exchange.com/A_2902.html) I introduced the EE Collaborative Login System and its intended purpose. In this article I will discuss some of the design consideratio…
Introduction Knockoutjs (Knockout) is a JavaScript framework (Model View ViewModel or MVVM framework).   The main ideology behind Knockout is to control from JavaScript how a page looks whilst creating an engaging user experience in the least …
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question