<%
' Get and validate all inputs
Dim machinenumber, modelid, machinetypeid, businessunitid, alias, machinenotes, mapleft, maptop
machinenumber = Trim(Request.Form("machinenumber"))
modelid = Trim(Request.Form("modelid"))
machinetypeid = Trim(Request.Form("machinetypeid"))
businessunitid = Trim(Request.Form("businessunitid"))
alias = Trim(Request.Form("alias"))
machinenotes = Trim(Request.Form("machinenotes"))
mapleft = Trim(Request.Form("mapleft"))
maptop = Trim(Request.Form("maptop"))
' Get form inputs for new business unit
Dim newbusinessunit
newbusinessunit = Trim(Request.Form("newbusinessunit"))
' Get form inputs for new machine type
Dim newmachinetype, newmachinedescription, newfunctionalaccountid
newmachinetype = Trim(Request.Form("newmachinetype"))
newmachinedescription = Trim(Request.Form("newmachinedescription"))
newfunctionalaccountid = Trim(Request.Form("newfunctionalaccountid"))
' Get form inputs for new functional account
Dim newfunctionalaccount
newfunctionalaccount = Trim(Request.Form("newfunctionalaccount"))
' Get form inputs for new model
Dim newmodelnumber, newvendorid, newmodelimage
newmodelnumber = Trim(Request.Form("newmodelnumber"))
newvendorid = Trim(Request.Form("newvendorid"))
newmodelimage = Trim(Request.Form("newmodelimage"))
' Get form inputs for new vendor
Dim newvendorname
newvendorname = Trim(Request.Form("newvendorname"))
' Validate required fields
If machinenumber = "" Then
Response.Write("
Error: Machine number is required.
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Validate ID fields - allow "new" as a valid value
If modelid <> "new" And Not IsNumeric(modelid) Then
Response.Write("
Error: Invalid model ID.
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If machinetypeid <> "new" And Not IsNumeric(machinetypeid) Then
Response.Write("
Error: Invalid machine type ID.
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If businessunitid <> "new" And Not IsNumeric(businessunitid) Then
Response.Write("
Error: Invalid business unit ID.
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Validate field lengths
If Len(machinenumber) > 50 Or Len(alias) > 50 Then
Response.Write("
Error: Field length exceeded.
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Check if machine number already exists
Dim checkSQL, rsCheck
checkSQL = "SELECT COUNT(*) as cnt FROM machines WHERE machinenumber = '" & Replace(machinenumber, "'", "''") & "'"
Set rsCheck = objConn.Execute(checkSQL)
If Not rsCheck.EOF Then
If CLng(rsCheck("cnt")) > 0 Then
rsCheck.Close
Set rsCheck = Nothing
Response.Write("
Error: Machine number '" & Server.HTMLEncode(machinenumber) & "' already exists.
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
End If
rsCheck.Close
Set rsCheck = Nothing
' Handle new business unit creation
If businessunitid = "new" Then
If Len(newbusinessunit) = 0 Then
Response.Write("
New business unit name is required
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newbusinessunit) > 50 Then
Response.Write("
Business unit name too long
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Escape single quotes
Dim escapedBUName
escapedBUName = Replace(newbusinessunit, "'", "''")
' Insert new business unit
Dim sqlNewBU
sqlNewBU = "INSERT INTO businessunits (businessunit, isactive) VALUES ('" & escapedBUName & "', 1)"
On Error Resume Next
objConn.Execute sqlNewBU
If Err.Number <> 0 Then
Response.Write("
Error creating new business unit: " & Err.Description & "
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Get the newly created business unit ID
Dim rsNewBU
Set rsNewBU = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
businessunitid = CLng(rsNewBU("newid"))
rsNewBU.Close
Set rsNewBU = Nothing
On Error Goto 0
End If
' Handle new machine type creation
If machinetypeid = "new" Then
If Len(newmachinetype) = 0 Then
Response.Write("
New machine type name is required
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newfunctionalaccountid) = 0 Then
Response.Write("
Functional account is required for new machine type
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newmachinetype) > 50 Or Len(newmachinedescription) > 255 Then
Response.Write("
Machine type field length exceeded
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Handle new functional account creation (nested)
If newfunctionalaccountid = "new" Then
If Len(newfunctionalaccount) = 0 Then
Response.Write("
New functional account name is required
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newfunctionalaccount) > 50 Then
Response.Write("
Functional account name too long
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Escape single quotes
Dim escapedFAName
escapedFAName = Replace(newfunctionalaccount, "'", "''")
' Insert new functional account
Dim sqlNewFA
sqlNewFA = "INSERT INTO functionalaccounts (functionalaccount, isactive) VALUES ('" & escapedFAName & "', 1)"
On Error Resume Next
objConn.Execute sqlNewFA
If Err.Number <> 0 Then
Response.Write("
Error creating new functional account: " & Err.Description & "
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Get the newly created functional account ID
Dim rsNewFA
Set rsNewFA = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
newfunctionalaccountid = CLng(rsNewFA("newid"))
rsNewFA.Close
Set rsNewFA = Nothing
On Error Goto 0
End If
' Escape single quotes
Dim escapedMTName, escapedMTDesc
escapedMTName = Replace(newmachinetype, "'", "''")
escapedMTDesc = Replace(newmachinedescription, "'", "''")
' Insert new machine type
Dim sqlNewMT
sqlNewMT = "INSERT INTO machinetypes (machinetype, machinedescription, functionalaccountid, isactive) " & _
"VALUES ('" & escapedMTName & "', '" & escapedMTDesc & "', " & newfunctionalaccountid & ", 1)"
On Error Resume Next
objConn.Execute sqlNewMT
If Err.Number <> 0 Then
Response.Write("
Error creating new machine type: " & Err.Description & "
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Get the newly created machine type ID
Dim rsNewMT
Set rsNewMT = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
machinetypeid = CLng(rsNewMT("newid"))
rsNewMT.Close
Set rsNewMT = Nothing
On Error Goto 0
End If
' Handle new model creation
If modelid = "new" Then
If Len(newmodelnumber) = 0 Then
Response.Write("
New model number is required
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newvendorid) = 0 Then
Response.Write("
Vendor is required for new model
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newmodelnumber) > 50 Or Len(newmodelimage) > 100 Then
Response.Write("
Model field length exceeded
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Handle new vendor creation (nested)
If newvendorid = "new" Then
If Len(newvendorname) = 0 Then
Response.Write("
New vendor name is required
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
If Len(newvendorname) > 50 Then
Response.Write("
Vendor name too long
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Escape single quotes
Dim escapedVendorName
escapedVendorName = Replace(newvendorname, "'", "''")
' Insert new vendor (with ismachine=1)
Dim sqlNewVendor
sqlNewVendor = "INSERT INTO vendors (vendor, isactive, isprinter, ispc, ismachine) " & _
"VALUES ('" & escapedVendorName & "', 1, 0, 0, 1)"
On Error Resume Next
objConn.Execute sqlNewVendor
If Err.Number <> 0 Then
Response.Write("
Error creating new vendor: " & Err.Description & "
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Get the newly created vendor ID
Dim rsNewVendor
Set rsNewVendor = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
newvendorid = CLng(rsNewVendor("newid"))
rsNewVendor.Close
Set rsNewVendor = Nothing
On Error Goto 0
End If
' Escape single quotes for model
Dim escapedModelNumber, escapedModelImage
escapedModelNumber = Replace(newmodelnumber, "'", "''")
escapedModelImage = Replace(newmodelimage, "'", "''")
' Set default image if not specified
If escapedModelImage = "" Then
escapedModelImage = "default.png"
End If
' Insert new model
Dim sqlNewModel
sqlNewModel = "INSERT INTO models (modelnumber, vendorid, image, isactive) " & _
"VALUES ('" & escapedModelNumber & "', " & newvendorid & ", '" & escapedModelImage & "', 1)"
On Error Resume Next
objConn.Execute sqlNewModel
If Err.Number <> 0 Then
Response.Write("
Error creating new model: " & Err.Description & "
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Get the newly created model ID
Dim rsNewModel
Set rsNewModel = objConn.Execute("SELECT LAST_INSERT_ID() AS newid")
modelid = CLng(rsNewModel("newid"))
rsNewModel.Close
Set rsNewModel = Nothing
On Error Goto 0
End If
' Escape single quotes
machinenumber = Replace(machinenumber, "'", "''")
alias = Replace(alias, "'", "''")
machinenotes = Replace(machinenotes, "'", "''")
' Build INSERT statement
Dim strSQL, fields, values
fields = "machinenumber, modelnumberid, machinetypeid, businessunitid"
values = "'" & machinenumber & "', " & modelid & ", " & machinetypeid & ", " & businessunitid
If alias <> "" Then
fields = fields & ", alias"
values = values & ", '" & alias & "'"
End If
If machinenotes <> "" Then
fields = fields & ", machinenotes"
values = values & ", '" & machinenotes & "'"
End If
If mapleft <> "" And maptop <> "" And IsNumeric(mapleft) And IsNumeric(maptop) Then
fields = fields & ", mapleft, maptop"
values = values & ", " & mapleft & ", " & maptop
End If
fields = fields & ", isactive, islocationonly"
values = values & ", 1, 0"
strSQL = "INSERT INTO machines (" & fields & ") VALUES (" & values & ")"
On Error Resume Next
objConn.Execute strSQL
If Err.Number <> 0 Then
Response.Write("
Error: " & Err.Description & "
")
Response.Write("
Go back")
objConn.Close
Response.End
End If
' Get the new machine ID
Dim newMachineId
Set rsCheck = objConn.Execute("SELECT LAST_INSERT_ID() as newid")
newMachineId = CLng(rsCheck("newid"))
rsCheck.Close
Set rsCheck = Nothing
' Link selected PC to this machine by updating its machinenumber field
Dim pcid, updatePCSQL
pcid = Trim(Request.Form("pcid"))
If pcid <> "" And IsNumeric(pcid) And CLng(pcid) > 0 Then
updatePCSQL = "UPDATE pc SET machinenumber = '" & machinenumber & "' WHERE pcid = " & CLng(pcid)
On Error Resume Next
objConn.Execute updatePCSQL
On Error Goto 0
End If
objConn.Close
If CLng(newMachineId) > 0 Then
%>
<%
Else
Response.Write("Error: Machine was not added successfully.")
End If
%>