#!/usr/local/bin/perl #Administrator Page use DBI; use CGI qw(:standard); my $q = new CGI; #Get their username so if they do any update/add's to the database it +is recorded for stats and functions. my $username=$q->remote_user; #Variables my $errmsg; my $errtitle; my $seconds = 3; #Database Connection my $dbh = DBI->connect("dbi:Oracle:Secert.Universe", "secertusername", + "secertpassword"); #Get everything in the database related to records. Dont grab stats st +uff. my $st = $dbh->prepare(" select EQUIP_ID, EQUIP_DESC, EQUIP_QTY, EQUIP_UOM, EQUIP_DEPT, FROM_ST +ORE, TO_CHAR(FROM_DATE,'MM/DD/YYYY'), RESERVED_STORE, RECEIVING_STORE +, TO_CHAR(RECEIVING_DATE,'MM/DD/YYYY'), COMMENTS FROM secerttable.ENGINEERING_EQUIPMENT order by EQUIP_DESC ASC "); $st->execute(); open (ACCESS, ".htaccess"); my $ACCESS = <ACCESS>; close(ACCESS); unless (param()) { #Input Pages print header(), start_html('ESF Inventory - Administration'); print " <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"htt +p://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"> <html xmlns=\"http://www.w3.org/1999/xhtml\"> <head> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-885 +9-1\" /> <title>ESF Inventory - Administration</title> <style type=\"text/css\"> <!-- table.servicesT { font-family: Verdana; font-weight: normal; font-size: 11px; color: \#404040; width: 320px; background-color: \#fafafa; border: 1px \#FFF solid; border-collapse: collapse; border-spacing: 0px; margin-top: 0px;} table.servicesT td.servHd { border-bottom: 2px solid \#FFF; background-color: \#2a2c41; text-align: center; font-family: Verdana; font-weight: bold; font-size: 11px; color: \#FFF;} table.servicesT td { border-bottom: 1px dotted \#000; font-family: Verdana, sans-serif, Arial; font-weight: normal; font-size: 11px; color: \#404040; background-color: white; text-align: left; padding-left: 3px;} table.servicesS { font-family: Verdana; font-weight: normal; font-size: 11px; color: \#404040; background-color: \#fafafa; border: 1px \#FFF solid; border-collapse: collapse; border-spacing: 0px; margin-top: 0px;} table.servicesS td.servHd { border-bottom: 2px solid \#FFF; background-color: \#2a2c41; text-align: center; font-family: Verdana; font-weight: bold; font-size: 11px; color: \#FFF;} table.servicesS td { border-bottom: 1px dotted \#000; font-family: Verdana, sans-serif, Arial; font-weight: normal; font-size: 11px; color: \#404040; background-color: white; text-align: left; padding-left: 3px;} .servBodL {} body { background-color: \#181829; } .style1 {font-size: 18px} input { font-size:9px; } a:link { color: \#FFFFFF; } a:visited { color: \#FFFFFF; } a:hover { color: \#CCCCCC; } a:active { color: \#0066CC; } --> </style> </head> <script LANGUAGE=\"JavaScript\"> <!-- function confirmSubmit() { var agree=confirm(\"Are you sure you want to delete that item from ESF +I?\"); if (agree) return true ; else return false ; } // --> </script> <body><a name='top' id='top'></a> <p align=\"center\"><img src=\"images/admin.jpg\" alt=\"Admin Banner +\" border=\"0\" /><br><a href='\#edit'>Edit Mode</a> - <a href='\#add +'>Add Mode</a> - <a href='..\'>Exit Admin</a></p> <table width=\"1028\" align=\"center\" cellspacing=\"0\" class=\"ser +vicesT\" summary=\"Services, or Links box template\"> <tr> <td colspan=\"12\" class=\"servHd\"><div align=\"left\" class=\" +style1\">Inventory Edit Mode </div><a name='edit' id='edit'></a></td> </tr> <tr> <td width=\"23\" class=\"servBodL\"><div align=\"center\">Qty</d +iv></td> <td width=\"31\" class=\"servBodL\"><div align=\"center\">Type</ +div></td> <td width=\"363\" class=\"servBodL\"><div align=\"center\">Equip +ment</div></td> <td width=\"71\" class=\"servBodL\"><div align=\"center\">Depart +ment</div></td> <td width=\"36\" class=\"servBodL\"><div align=\"center\">From S +tore</div></td> <td width=\"55\" class=\"servBodL\"><div align=\"center\">Date R +eceived</div></td> <td width=\"61\" class=\"servBodL\"><div align=\"center\">Reserv +ed Store</div></td> <td width=\"62\" class=\"servBodL\"><div align=\"center\">Receiv +ing Store</div></td> <td width=\"58\" class=\"servBodL\"><div align=\"center\">Date D +elivered</div></td> <td width=\"183\" class=\"servBodL\"><div align=\"center\">Comme +nt</div></td> <td width=\"61\" class=\"servBodL\"><div align=\"center\">Delete + Record </div></td> <td width=\"61\" class=\"servBodL\"><div align=\"center\">Update + Record </div></td> </tr>"; #List out the different fields. while (my ($EQUIP_ID, $EQUIP_DESC, $EQUIP_QTY, $EQUIP_UOM, $EQUIP_ +DEPT, $FROM_STORE, $FROM_DATE, $RESERVED_STORE, $RECEIVING_STORE, $RE +CEIVING_DATE, $COMMENTS) = $st->fetchrow_array) { print" <form id=\"f$EQUIP_ID\" name=\"f$EQUIP_ID\" method=\"get\" action= +\"\"> <tr> <td class=\"servBodL\"><div align=\"center\"> <input name=\"id\" type=\"hidden\" id=\"id\" value=\"$EQUIP_ID +\"/><input name=\"qty\" type=\"text\" id=\"qty\" value=\"$EQUIP_QTY\" + size=\"2\" maxlength=\"7\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"type\" type=\"text\" id=\"type\" value=\"$EQUIP_ +UOM\" size=\"3\" maxlength=\"5\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"equip\" type=\"text\" id=\"equip\" value=\"$EQUI +P_DESC\" size=\"60\" maxlength=\"100\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"dept\" type=\"text\" id=\"dept\" value=\"$EQUIP_ +DEPT\" size=\"7\" maxlength=\"10\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"fstore\" type=\"text\" id=\"fstore\" value=\"$FR +OM_STORE\" size=\"4\" maxlength=\"10\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"dreceived\" type=\"text\" id=\"dreceived\" value +=\"$FROM_DATE\" size=\"9\" maxlength=\"10\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"rstore\" type=\"text\" id=\"rstore\" value=\"$RE +SERVED_STORE\" size=\"4\" maxlength=\"3\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"ringstore\" type=\"text\" id=\"ringstore\" value +=\"$RECEIVING_STORE\" size=\"4\" maxlength=\"3\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"dated\" type=\"text\" id=\"dated\" value=\"$RECE +IVING_DATE\" size=\"9\" maxlength=\"10\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"comment\" type=\"text\" id=\"comment\" value=\"$ +COMMENTS\" size=\"15\" maxlength=\"100\" /> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"action\" type=\"submit\" id=\"1\" value=\" X \" +onClick=\"return confirmSubmit()\"/> </div></td> <td class=\"servBodL\"><div align=\"center\"> <input name=\"action\" type=\"submit\" id=\"2\" value=\" U \" +/> </div></td> </tr> </form>"; } print " </table><br><br><center> <form id=\"3\" name=\"3\" method=\"get\" action=\"\"> <table cellspacing=\"0\" class=\"servicesT\" summary=\"Services, or +Links box template\"> <tr> <td class=\"servHd\"><div align=\"left\" class=\"style1\">Invent +ory Add Item Mode </div><a name='add' id='add'></a></td> </tr> <tr> <td><strong>Qty \#: <input name=\"qty\" type=\"text\" id=\"addqty\" size=\"3\" max +length=\"7\"/> Type (if needed): <input name=\"type\" type=\"text\" id=\"addtype\" size=\"3\" m +axlength=\"5\"/> </strong></td> </tr> <tr> <td><strong>Equipment Name: <input name=\"equip\" type=\"text\" id=\"addequip\" size=\"60\ +" maxlength=\"100\"/> </strong></td> </tr> <tr> <td><strong>Department: <input name=\"dept\" type=\"text\" id=\"adddept\" size=\"7\" m +axlength=\"10\"/> </strong></td> </tr> <tr> <td><strong>From Store: <input name=\"fstore\" type=\"text\" id=\"addstore\" size=\"4\ +" maxlength=\"10\"/> </strong><strong>Date Received: <input name=\"dreceived\" type=\"text\" id=\"addrecieved\" s +ize=\"8\" maxlength=\"10\" value=\"mm/dd/yyyy\"/> </strong></td> </tr> <tr> <td><strong>Reserved Store: <input name=\"rstore\" type=\"text\" id=\"addrstore\" size=\"4 +\" maxlength=\"3\"/> </strong><strong>Receiving Store: <input name=\"ringstore\" type=\"text\" id=\"addringstore\" +size=\"4\" maxlength=\"3\"/> </strong></td> </tr> <tr> <td><strong>Date Delivered: <input name=\"dated\" type=\"text\" id=\"adddated\" size=\"8\" + maxlength=\"10\" value=\"mm/dd/yyyy\"/> </strong></td> </tr> <tr> <td><strong>Comment: <input name=\"comment\" type=\"text\" id=\"addcomment\" size=\ +"30\" maxlength=\"100\"/> </strong></td> </tr> <tr> <td><div align=\"center\"> <input name=\"action\" type=\"submit\" id=\"3\" value=\"Add\ +" /> <input type=\"reset\" name=\"Submit2\" value=\"Clear\" /> </div></td> </tr> </table> </form>"; #Stats #Get Top 5 Users my $gs = $dbh->prepare(" select * from (select EQUIP_DESC, UPDATE_DATE, UPDATE_ID from secerttable.ENGINEERING_EQUIPMENT ORDER BY UPDATE_DATE DESC ) where rownum <= 5 "); $gs->execute(); print " <table cellspacing=\"0\" class=\"servicesS\" summary=\"Services, or +Links box template\"> <tr> <td class=\"servHd\"><div align=\"left\" class=\"style1\">System S +tats </div></td> </tr> <tr> <td><strong>Last 5 User Updates: </strong></td> </tr>"; my $sCounter = 1; #Get last who updated on while (my ($sEQUIP_DESC, $sUPDATE_DATE, $sUPDATE_ID) = $gs->fetchrow_a +rray) { print" <tr> <td>$sCounter) $sUPDATE_ID updated \"$sEQUIP_DESC\" on $sUPDATE_DA +TE</td> </tr> "; $sCounter++; } #Get the number of inventory items my $wo = $dbh->prepare(" select rownum from secerttable.ENGINEERING_EQUIPMENT ORDER BY rownum DESC "); $wo->execute(); #Got the rownumbers. my $rownumbers = $wo->fetchrow_array; print " <tr> <td><strong>Number of inventory items: $rownumbers</strong></td> </tr>"; #Find the last updated date. my $ah = $dbh->prepare(" select UPDATE_DATE from secerttable.ENGINEERING_EQUIPMENT WHERE rownum <= 5 ORDER BY UPDATE_DATE DESC "); $ah->execute(); my $lastupdate = $ah->fetchrow_array; $ACCESS =~ s/\b\w+\W+\w+//; print " <tr> <td><strong>Inventory last updated on: $lastupdate</strong></td> </tr> <tr> <td><strong>Users allowed to use ESF:</strong> $ACCESS</td> </tr> <br /> </table></center> <a href='\#top'>Top</a> </div> </body> </html> "; } else { #Completed Page #Do an action, but first get the values from the form sub read_input { local ($buffer, @pairs, $pair, $name, $value, %FORM); # Read in text $ENV{'REQUEST_METHOD'} =~ tr/a-z/A-Z/; if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); } else { $buffer = $ENV{'QUERY_STRING'}; } # Split information into name/value pairs @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%(..)/pack("C", hex($1))/eg; $FORM{$name} = $value; } %FORM; } my %incoming = &read_input; # Read information into associated # array %incoming. my $qty = $incoming{'qty'}; # Fetch the text from the array. my $type = $incoming{'type'}; # Fetch the text from the array. my $equip = $incoming{'equip'}; # Fetch the text from the array. my $dept = $incoming{'dept'}; # Fetch the text from the array. my $fstore = $incoming{'fstore'}; # Fetch the text from the array. my $dreceived = $incoming{'dreceived'}; # Fetch the text from the arra +y. my $rstore = $incoming{'rstore'}; # Fetch the text from the array. my $ringstore = $incoming{'ringstore'}; # Fetch the text from the arra +y. my $dated = $incoming{'dated'}; # Fetch the text from the array. my $comment = $incoming{'comment'}; # Fetch the text from the array. my $id = $incoming{'id'}; # Fetch the text from the array. my $action = $incoming{'action'}; # Fetch the text from the array. #House Keeping #If the user left mm/dd/yyyy in the boxes for dated and dreceived we n +eed to clear the values. if ($dreceived eq 'mm/dd/yyyy') { $dreceived = ''; } if ($dated eq 'mm/dd/yyyy') { $dated = ''; } #--------connect to the database my $dbh = DBI->connect( 'dbi:Oracle:Itoldyouitwasasecert.Universe', 'MysteryMan', 'abc123', { RaiseError => 1 } ) || die "Database connection not made: $DBI::er +rstr"; #VALIDATION! my $passfail = 1; #0 = FAIL 1= PASS! if ($rstore =~ /^[0-9]*\z/ || $rstore eq '') { #They passed - Do nothing } else { $passfail = 0; #User failed, RSTORE doesnt have a number! $errmsg = 'The Reserved Store box is for 3 digit numbers only!'; $errtitle = 'Invaild Value'; $seconds = 7; } if ($ringstore =~ /^[0-9]*\z/ || $ringstore eq '') { #They passed - Do nothing } else { $passfail = 0; #User failed, RSTORE doesnt have a number! $errmsg = 'The Reserved Store box is for 3 digit numbers only!'; $errtitle = 'Invaild Value'; $seconds = 7; } if ($equip eq '') { $passfail = 0; #User failed, RSTORE doesnt have a number! $errmsg = 'You must give that item an equipment name in order for it t +o be processed.'; $errtitle = 'Validation Error'; $seconds = 7; } #Even though oracle will check these dates for us later, lets just mak +e sure at least #they have the right format before moving to the next item. if ($dated =~ /^(?:[01]\d\/[0-3]\d\/(?:19|20)\d\d)?$/) { #They passed - Do nothing } else { #User entered an invaild date. $passfail = 0; $errmsg = 'Unable to use date format. Please use "MM/DD/YYYY" or M +M-DD-YYYY for the Date Delivered Field'; $errtitle = 'Validation Error'; $seconds = 7; } #Even though oracle will check these dates for us later, lets just mak +e sure at least #they have the right format before moving to the next item if ($dreceived =~ /^(?:[01]\d\/[0-3]\d\/(?:19|20)\d\d)?$/) { #They passed - Do nothing } else { #User entered an invaild date. $passfail = 0; $errmsg = 'Unable to use date format. Please use "MM/DD/YYYY" or M +M-DD-YYYY on the Date Received field'; $errtitle = 'Validation Error'; $seconds = 7; } #Activate Passfail under variable of 1, if the user passed everything +attempt t0 #do what they wanted with the database. if ($passfail == 1) { if ($action eq 'Add') { $errmsg = 'That item has been sucessfully added to ESFI.'; $errtitle = 'Action Completed'; my $sl = $dbh->prepare(" select EQUIP_ID FROM secerttable.ENGINEERING_EQUIPMENT where rownum <= 1 order by EQUIP_ID DESC "); $sl->execute(); my $highnum = $sl->fetchrow_array; $highnum++; my $mmid = $highnum; my $in = $dbh->prepare(" INSERT INTO secerttable.ENGINEERING_EQUIPMENT (EQUIP_ID, EQUIP_DESC, EQUIP_QTY, EQUIP_UOM, EQUIP_DEPT, FROM_STORE, F +ROM_DATE, RESERVED_STORE, RECEIVING_STORE, RECEIVING_DATE, COMMENTS, +UPDATE_DATE, UPDATE_ID) VALUES (:1, upper(:2), :3, :4, :5, :6, TO_DATE(:7,'mm/dd/yyyy'), :8, : +9, TO_DATE(:10,'mm/dd/yyyy'), :11, SYSDATE, :12) "); eval { $in->execute($mmid, $equip, $qty, $type, $dept, $fstore, $dreceived, $ +rstore, $ringstore, $dated, $comment, $username); }; } #--EVAL - - EVALUATE THE STATEMENT WHILE ITS DOING ITS THING - That me +ans if it fails oracle will grab the error codes and stuff in $@ #Update the selected record. if ($action eq ' U ') { $errmsg = 'The item you selected has been sucessfully updated.'; $errtitle = 'Action Completed'; #This is currently broken, haha :( my $ud = $dbh->prepare(" UPDATE secerttable.ENGINEERING_EQUIPMENT SET EQUIP_DESC = upper(?), EQUIP_QTY = ?, EQUIP_UOM = ?, EQUIP_DEPT = ?, FROM_STORE = ?, FROM_DATE = TO_DATE(?,'mm-dd-yyyy'), RESERVED_STORE = ?, RECEIVING_STORE = ?, RECEIVING_DATE = TO_DATE(?,'mm-dd-yyyy'), COMMENTS = ?, UPDATE_DATE = SYSDATE, UPDATE_ID = ? WHERE equip_id = '$id'"); eval { $ud->execute($equip, $qty, $type, $dept, $fstore, $dreceived, $rstore, + $ringstore, $dated, $comment, $username); }; } #Deleted the selected record. if ($action eq ' X ') { $errmsg = 'The item you selected has been sucessfully deleted.'; $errtitle = 'Action Completed'; my $td = $dbh->prepare(" DELETE FROM secerttable.ENGINEERING_EQUIPMENT WHERE EQUIP_ID = '$id' "); eval { $td->execute(); }; } }else { } #Check for database error if ($@) { $passfail = 0; #There was a database error. $errmsg = "An error has occurred because you might have entered invail +d data in a field that requires numbers only or a specific date forma +t<b>(MM/DD/YYYY)</b>. <br><br>Database Error: $@"; $errtitle = 'Unexpected Error Occurred'; $seconds = 10; } print header(), start_html('ESF Inventory - Administration'); print " <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"htt +p://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"> <html xmlns=\"http://www.w3.org/1999/xhtml\"> <head> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-885 +9-1\" /> <meta http-equiv=\"Refresh\" content=\"$seconds\;URL=index.cgi\"> <title>ESF Inventory - Administration</title> <style type=\"text/css\"> <!-- table.servicesT { font-family: Verdana; font-weight: normal; font-size: 11px; color: \#404040; width: 320px; background-color: \#fafafa; border: 1px \#FFF solid; border-collapse: collapse; border-spacing: 0px; margin-top: 0px;} table.servicesT td.servHd { border-bottom: 2px solid \#FFF; background-color: \#2a2c41; text-align: center; font-family: Verdana; font-weight: bold; font-size: 11px; color: \#FFF;} table.servicesT td { border-bottom: 1px dotted \#000; font-family: Verdana, sans-serif, Arial; font-weight: normal; font-size: 11px; color: \#404040; background-color: white; text-align: left; padding-left: 3px;} .servBodL { border-left: 1px dotted \#000; } body { background-color: \#181829; } .style1 {font-size: 18px} --> </style> </head> <body> <table align=\"center\" cellspacing=\"0\" class=\"servicesT\" summary= +\"Services, or Links box template\"> <tr> <td class=\"servHd\"><div align=\"left\" class=\"style1\">$errti +tle</div></td> </tr> <tr> <td><div align=\"center\">$errmsg</div></td> </tr> <br /> </table> </div> </body> </html>"; } exit;
Readmore tags added by Arunbear
In reply to Re: Passing a lot of form values
by Trihedralguy
in thread Passing a lot of form values
by Trihedralguy
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |