<%@ Language=VBScript %> <% Response.Buffer=true %> Laundry Carts
Account Access

<% Dim LaunConn Dim CookCartID Dim objFSO Set LaunConn=Server.CreateObject("ADODB.Connection") LaunConn.Open "DSN=LaundryCarts;" CookCartID = Session("CookCartID") CustID = Session("CustID") %>


Parts Administration
<%if Session("level") <> 4 and Request.querystring("CustID") <> CustID2 then response.redirect ("http://www.laundry-carts.com") end if%> <% ' NOTE: Since I'm writing for illustration, I'm doing almost ' no error checking so there are a number of places where this ' script could easily throw errors if you give it invalid input. ' Before you use this anywhere outside of a testing environment ' be sure you add the appropriate error handling and securty. ' Declare some "pseudo-constants". These are really variables ' because when declaring a Const you can't use any functions ' to do it. I use the old Const naming structure so I know that ' after this they don't get changed anywhere. ' Our connection string... you can replace this with whatever ' connection string you want to use. Dim CONN_STRING 'CONN_STRING = "Provider=SQLOLEDB;Data Source=10.2.1.214;" _ ' & "Initial Catalog=samples;User Id=samples;Password=password;" _ ' & "Connect Timeout=15;Network Library=dbmssocn;" CONN_STRING="DSN=LaundryCarts;" ' The name of this file so all the links and forms will still ' work if you rename it. Dim SCRIPT_NAME SCRIPT_NAME = Request.ServerVariables("SCRIPT_NAME") ' I use this link a lot so I threw it into a "pseudo-const" ' so I don't have to keep typing it. Dim BACK_TO_LIST_TEXT BACK_TO_LIST_TEXT = "

Click " _ & "here to go back to record list.

" ' Declare our standard variables. Dim cnnDBEdit, rstDBEdit ' ADO objects Dim strSQL ' To hold various SQL Strings Dim iRecordId ' Used to keep track of the record in play ' Choose what to do by looking at the action parameter Select Case LCase(Trim(Request.QueryString("action"))) Case "add" ' Select an empty RS strSQL = "SELECT * FROM Shipping WHERE Zone=0;" Set rstDBEdit = Server.CreateObject("ADODB.Recordset") rstDBEdit.Open strSQL, CONN_STRING, adOpenKeyset, adLockOptimistic, adCmdText ' Add our record and set it's values. You could bounce ' into an edit mode here to let people enter the initial ' values, but for simplicity I just add the record with ' some default values. 'rstDBEdit.AddNew 'rstDBEdit.Fields("Zone").Value = CStr(WeekdayName(WeekDay(Date()))) 'rstDBEdit.Fields("1").Value = CInt(Day(Now())) 'rstDBEdit.Fields("2").Value = Now() 'rstDBEdit.Update ' Get the id of the record just added. This might cause ' problems with some DB providers, but it works with ' the SQL Server our sample runs off. 'iRecordId = rstDBEdit.Fields("id").Value 'rstDBEdit.Close 'Set rstDBEdit = Nothing Response.Write("

Record Id #" & iRecordId & " added!

") Response.Write(BACK_TO_LIST_TEXT) ' Here's the more efficient way, but since I want to get ' back the new record's id I'm not using it. ' 'strSQL = "INSERT INTO scratch " _ ' & "(text_field, integer_field, date_time_field) " _ ' & "VALUES (" _ ' & "'" & CStr(WeekdayName(WeekDay(Date()))) & "', " _ ' & CInt(Day(Now())) & ", " _ ' & "'" & Now() & "'" _ ' & ")" ' ''Response.Write strSQL ' 'Set cnnDBEdit = Server.CreateObject("ADODB.Connection") 'cnnDBEdit.Open CONN_STRING ' 'cnnDBEdit.Execute strSQL, adAffectAll, adCmdText Or adExecuteNoRecords ' 'cnnDBEdit.Close 'Set cnnDBEdit = Nothing Case "delete" ' Get the id to delete iRecordId = Request.QueryString("id") If IsNumeric(iRecordId) Then iRecordId = CLng(iRecordId) Else iRecordId = 0 End If strSQL = "DELETE FROM Shipping WHERE zone=" & iRecordId & ";" Set cnnDBEdit = Server.CreateObject("ADODB.Connection") cnnDBEdit.Open CONN_STRING cnnDBEdit.Execute strSQL, adAffectAll, adExecuteNoRecords cnnDBEdit.Close Set cnnDBEdit = Nothing ' We assume all is fine. Notice that we really don't ' check that anything was done... we just assume ' so since no error was thrown. For example... if ' you enter an id that's not really in the DB, the ' script runs fine, but nothing gets deleted. Response.Write("Zone #" & iRecordId & " deleted!") Response.Write(BACK_TO_LIST_TEXT) Case "edit" ' First of a 2 part process... build a form with the ' values from the db. iRecordId = Request.QueryString("Zone") If IsNumeric(iRecordId) Then iRecordId = CLng(iRecordId) Else iRecordId = 0 End If strSQL = "SELECT * FROM Shipping WHERE Zone=" & iRecordId & ";" 'Response.Write strSQL Set rstDBEdit = Server.CreateObject("ADODB.Recordset") rstDBEdit.Open strSQL, CONN_STRING', adOpenKeyset, adLockOptimistic, adCmdText If Not rstDBEdit.EOF Then %>

Note: Watch your input... the text field is small and no error handling is done to check for valid integers or dates. If an error gets thrown when you submit simply hit back and fix the offending entry before resubmitting.

" /> Quant1: " />
Quant2: " />
Quant3: " />
Quant4: " />
Quant5: " />
Quant6: " />
Quant7: " />
Quant8: " />
Quant9: " />
Quant10: " />
Quant11: " />
Quant12: " />
Quant13: " />
Quant14: " />
Quant15: " />
Quant16: " />
Quant17: " />
Quant18: " />
Quant19: " />
Quant20: " />
Quant21: " />
Quant22: " />
Quant23: " />
Quant24: " />
<% Else Response.Write "Record not found!" End If rstDBEdit.Close Set rstDBEdit = Nothing Response.Write(BACK_TO_LIST_TEXT) Case "editsave" ' Part 2 of 2: Here's where we save the values that the ' user entered back to the DB. Again... no error ' handling or input checking so ' characters and invalid ' values will throw error messages. iRecordId = Request.Form("zone") iRecordId = Replace(iRecordId, "'", "''") ' Date delimiter on this should be changed to # for Access strSQL = "UPDATE Shipping SET " _ & "1 = " & CCur(Replace(Request.Form("1"), "'", "''")) & ", " _ & "2 = " & CCur(Replace(Request.Form("2"), "'", "''")) & ", " _ & "3 = " & CCur(Replace(Request.Form("3"), "'", "''")) & ", " _ & "4 = " & CCur(Replace(Request.Form("4"), "'", "''")) & ", " _ & "5 = " & CCur(Replace(Request.Form("5"), "'", "''")) & ", " _ & "6 = " & CCur(Replace(Request.Form("6"), "'", "''")) & ", " _ & "7 = " & CCur(Replace(Request.Form("7"), "'", "''")) & ", " _ & "8 = " & CCur(Replace(Request.Form("8"), "'", "''")) & ", " _ & "9 = " & CCur(Replace(Request.Form("9"), "'", "''")) & ", " _ & "10 = " & CCur(Replace(Request.Form("10"), "'", "''")) & ", " _ & "11 = " & CCur(Replace(Request.Form("11"), "'", "''")) & ", " _ & "12 = " & CCur(Replace(Request.Form("12"), "'", "''")) & ", " _ & "13 = " & CCur(Replace(Request.Form("13"), "'", "''")) & ", " _ & "14 = " & CCur(Replace(Request.Form("14"), "'", "''")) & ", " _ & "15 = " & CCur(Replace(Request.Form("15"), "'", "''")) & ", " _ & "16 = " & CCur(Replace(Request.Form("16"), "'", "''")) & ", " _ & "17 = " & CCur(Replace(Request.Form("17"), "'", "''")) & ", " _ & "18 = " & CCur(Replace(Request.Form("18"), "'", "''")) & ", " _ & "19 = " & CCur(Replace(Request.Form("19"), "'", "''")) & ", " _ & "20 = " & CCur(Replace(Request.Form("20"), "'", "''")) & ", " _ & "21 = " & CCur(Replace(Request.Form("21"), "'", "''")) & ", " _ & "22 = " & CCur(Replace(Request.Form("22"), "'", "''")) & ", " _ & "23 = " & CCur(Replace(Request.Form("23"), "'", "''")) & ", " _ & "24 = " & CCur(Replace(Request.Form("24"), "'", "''")) & " " _ & "WHERE (Zone = " & iRecordId & ")" ' If something does throw an error, checking this is ' actually a valid command often helps debug. 'Response.Write strSQL Set cnnDBEdit = Server.CreateObject("ADODB.Connection") cnnDBEdit.Open CONN_STRING cnnDBEdit.Execute strSQL', adAffectAll, adCmdText Or adExecuteNoRecords cnnDBEdit.Close Set cnnDBEdit = Nothing Response.Write("

Zone Id #" & iRecordId & " updated!

") Response.Write(BACK_TO_LIST_TEXT) Case Else ' view ' Our default action... just lists the records in the DB strSQL = "SELECT * FROM Shipping ORDER BY Zone;" Set rstDBEdit = Server.CreateObject("ADODB.Recordset") rstDBEdit.Open strSQL, CONN_STRING', adOpenForwardOnly, adLockReadOnly, adCmdText %> <% Do While Not rstDBEdit.EOF %> <% rstDBEdit.MoveNext Loop %>
Zone Quantity 1 Quantity 2 Quantity 3 Quantity 4 Quantity 5 Quantity 6 Quantity 7 Quantity 8 Quantity 9 Quantity 10 Quantity 11 Quantity 12 Quantity 13 Quantity 14 Quantity 15 Quantity 16 Quantity 17 Quantity 18 Quantity 19 Quantity 20 Quantity 21 Quantity 22 Quantity 23 Quantity 24 Edit
<%= rstDBEdit.Fields("Zone").Value %> <%= rstDBEdit.Fields("1").Value %> <%= rstDBEdit.Fields("2").Value %> <%= rstDBEdit.Fields("3").Value %> <%= rstDBEdit.Fields("4").Value %> <%= rstDBEdit.Fields("5").Value %> <%= rstDBEdit.Fields("6").Value %> <%= rstDBEdit.Fields("7").Value %> <%= rstDBEdit.Fields("8").Value %> <%= rstDBEdit.Fields("9").Value %> <%= rstDBEdit.Fields("10").Value %> <%= rstDBEdit.Fields("11").Value %> <%= rstDBEdit.Fields("12").Value %> <%= rstDBEdit.Fields("13").Value %> <%= rstDBEdit.Fields("14").Value %> <%= rstDBEdit.Fields("15").Value %> <%= rstDBEdit.Fields("16").Value %> <%= rstDBEdit.Fields("17").Value %> <%= rstDBEdit.Fields("18").Value %> <%= rstDBEdit.Fields("19").Value %> <%= rstDBEdit.Fields("20").Value %> <%= rstDBEdit.Fields("21").Value %> <%= rstDBEdit.Fields("22").Value %> <%= rstDBEdit.Fields("23").Value %> <%= rstDBEdit.Fields("24").Value %> ">Edit
<% rstDBEdit.Close Set rstDBEdit = Nothing End Select %> <% LaunConn.Close Set LaunConn = Nothing %>

Return to Menu
 
Call Us: 1-866-891-5513, Email Us: parts@sterlingequipmentco.com
All contents © copyright 2004 Laundry Cart Co., All rights reserved.