Standardize ASP filenames: remove underscores
Renamed 45 ASP files to follow lowercase concatenated naming convention: - Direct handlers: save_machine_direct.asp -> savemachinedirect.asp - USB files: checkin_usb.asp -> checkinusb.asp - API files: api_usb.asp -> apiusb.asp - Map files: network_map.asp -> networkmap.asp - Printer files: printer_lookup.asp -> printerlookup.asp Also: - Updated 84+ internal references across all ASP and JS files - Deleted 6 test/duplicate files (editmacine.asp, test_*.asp) - Updated production migration guide with filename changes - Added rename scripts for Linux (bash) and Windows (PowerShell)
This commit is contained in:
cproudlock
153
updatenotificationdirect.asp
Normal file
153
updatenotificationdirect.asp
Normal file
@@ -0,0 +1,153 @@
|
||||
<%
|
||||
'=============================================================================
|
||||
' FILE: updatenotificationdirect.asp
|
||||
' PURPOSE: Update existing notification
|
||||
' SECURITY: Parameterized queries, HTML encoding, input validation
|
||||
' UPDATED: 2025-10-27 - Migrated to secure patterns
|
||||
'=============================================================================
|
||||
%>
|
||||
<!--#include file="./includes/sql.asp"-->
|
||||
<!--#include file="./includes/response.asp"-->
|
||||
<%
|
||||
' Get form inputs
|
||||
Dim notificationid, notification, ticketnumber, starttime, endtime, isactive, isshopfloor, notificationtypeid, businessunitid, appid
|
||||
notificationid = Trim(Request.Form("notificationid"))
|
||||
notification = Trim(Request.Form("notification"))
|
||||
ticketnumber = Trim(Request.Form("ticketnumber"))
|
||||
starttime = Trim(Request.Form("starttime"))
|
||||
endtime = Trim(Request.Form("endtime"))
|
||||
notificationtypeid = Trim(Request.Form("notificationtypeid"))
|
||||
businessunitid = Trim(Request.Form("businessunitid"))
|
||||
appid = Trim(Request.Form("appid"))
|
||||
|
||||
' Handle checkbox - if the hidden field is submitted but checkbox isn't, it means unchecked
|
||||
If Request.Form("isactive_submitted") = "1" Then
|
||||
If Request.Form("isactive") = "1" Then
|
||||
isactive = 1
|
||||
Else
|
||||
isactive = 0
|
||||
End If
|
||||
Else
|
||||
' Fallback for backward compatibility
|
||||
If Request.Form("isactive") = "1" Then
|
||||
isactive = 1
|
||||
Else
|
||||
isactive = 0
|
||||
End If
|
||||
End If
|
||||
|
||||
' Handle isshopfloor checkbox - same pattern as isactive
|
||||
If Request.Form("isshopfloor_submitted") = "1" Then
|
||||
If Request.Form("isshopfloor") = "1" Then
|
||||
isshopfloor = 1
|
||||
Else
|
||||
isshopfloor = 0
|
||||
End If
|
||||
Else
|
||||
' Fallback for backward compatibility
|
||||
If Request.Form("isshopfloor") = "1" Then
|
||||
isshopfloor = 1
|
||||
Else
|
||||
isshopfloor = 0
|
||||
End If
|
||||
End If
|
||||
|
||||
' Validate
|
||||
If Not IsNumeric(notificationid) Or CLng(notificationid) < 1 Then
|
||||
objConn.Close
|
||||
ShowError "Invalid notification ID.", "displaynotifications.asp"
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Default to TBD if no type selected
|
||||
If notificationtypeid = "" Or Not IsNumeric(notificationtypeid) Then
|
||||
notificationtypeid = "1"
|
||||
End If
|
||||
|
||||
' Validate required fields (endtime is now optional)
|
||||
If Len(notification) = 0 Or Len(starttime) = 0 Then
|
||||
objConn.Close
|
||||
ShowError "Required fields missing.", "editnotification.asp?notificationid=" & notificationid
|
||||
Response.End
|
||||
End If
|
||||
|
||||
If Len(notification) > 500 Or Len(ticketnumber) > 50 Then
|
||||
objConn.Close
|
||||
ShowError "Field length exceeded.", "editnotification.asp?notificationid=" & notificationid
|
||||
Response.End
|
||||
End If
|
||||
|
||||
' Convert datetime format for starttime
|
||||
starttime = Replace(starttime, "T", " ") & ":00"
|
||||
|
||||
' Handle optional endtime - leave as NULL if blank (indefinite)
|
||||
Dim endtimeValue, businessunitValue
|
||||
If Len(endtime) = 0 Then
|
||||
' No end date - store as NULL for indefinite notifications
|
||||
endtimeValue = Null
|
||||
Else
|
||||
' End date specified - convert format
|
||||
endtime = Replace(endtime, "T", " ") & ":00"
|
||||
endtimeValue = endtime
|
||||
End If
|
||||
|
||||
' Handle optional businessunitid - NULL means applies to all business units
|
||||
If businessunitid = "" Or Not IsNumeric(businessunitid) Then
|
||||
businessunitValue = Null
|
||||
Else
|
||||
businessunitValue = CLng(businessunitid)
|
||||
End If
|
||||
|
||||
' Handle optional appid - NULL means not linked to an application
|
||||
Dim appidValue
|
||||
If appid = "" Or Not IsNumeric(appid) Then
|
||||
appidValue = Null
|
||||
Else
|
||||
appidValue = CLng(appid)
|
||||
End If
|
||||
|
||||
' UPDATE using parameterized query
|
||||
Dim strSQL, cmdUpdate
|
||||
strSQL = "UPDATE notifications SET notificationtypeid = ?, businessunitid = ?, appid = ?, notification = ?, ticketnumber = ?, starttime = ?, endtime = ?, isactive = ?, isshopfloor = ? WHERE notificationid = ?"
|
||||
Set cmdUpdate = Server.CreateObject("ADODB.Command")
|
||||
cmdUpdate.ActiveConnection = objConn
|
||||
cmdUpdate.CommandText = strSQL
|
||||
cmdUpdate.CommandType = 1
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@notificationtypeid", 3, 1, , CLng(notificationtypeid))
|
||||
If IsNull(businessunitValue) Then
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@businessunitid", 3, 1, , Null)
|
||||
Else
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@businessunitid", 3, 1, , businessunitValue)
|
||||
End If
|
||||
If IsNull(appidValue) Then
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@appid", 2, 1, , Null)
|
||||
Else
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@appid", 2, 1, , appidValue)
|
||||
End If
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@notification", 200, 1, 500, notification)
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@ticketnumber", 200, 1, 50, ticketnumber)
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@starttime", 135, 1, , starttime)
|
||||
If IsNull(endtimeValue) Then
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@endtime", 135, 1, , Null)
|
||||
Else
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@endtime", 135, 1, , endtimeValue)
|
||||
End If
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@isactive", 11, 1, , CBool(isactive))
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@isshopfloor", 11, 1, , CBool(isshopfloor))
|
||||
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@notificationid", 3, 1, , CLng(notificationid))
|
||||
|
||||
On Error Resume Next
|
||||
cmdUpdate.Execute
|
||||
|
||||
If Err.Number = 0 Then
|
||||
Set cmdUpdate = Nothing
|
||||
objConn.Close
|
||||
ShowSuccess "Notification updated successfully.", "displaynotifications.asp", "notifications"
|
||||
Else
|
||||
Dim updateErr
|
||||
updateErr = Err.Description
|
||||
Set cmdUpdate = Nothing
|
||||
objConn.Close
|
||||
ShowError "Error: " & Server.HTMLEncode(updateErr), "editnotification.asp?notificationid=" & notificationid
|
||||
End If
|
||||
%>
|
||||
Reference in New Issue
Block a user