<% ' Initialize error handling Call InitializeErrorHandling("updatedevice.asp") ' Get form data Dim pcid, machinestatusid, pctypeid, hostname, modelnumberid, machinenumber, isactive pcid = Trim(Request.Form("pcid")) machinestatusid = Trim(Request.Form("machinestatusid")) pctypeid = Trim(Request.Form("pctypeid")) hostname = Trim(Request.Form("hostname")) modelnumberid = Trim(Request.Form("modelnumberid")) machinenumber = Trim(Request.Form("machinenumber")) isactive = Trim(Request.Form("isactive")) ' Validate required ID fields If Not ValidateID(pcid) Then Call HandleValidationError("default.asp", "INVALID_ID") End If If Not ValidateID(machinestatusid) Then Call HandleValidationError("editdevice.asp?pcid=" & pcid, "REQUIRED_FIELD") End If ' Verify the PC exists in machines table If Not RecordExists(objConn, "machines", "machineid", pcid) Then Call HandleValidationError("default.asp", "NOT_FOUND") End If ' Set isactive: if checkbox not checked, it won't be in form data If isactive = "1" Then isactive = 1 Else isactive = 0 End If ' Validate optional ID fields If pctypeid <> "" And Not ValidateID(pctypeid) Then Call HandleValidationError("editdevice.asp?pcid=" & pcid, "INVALID_ID") End If If modelnumberid <> "" And Not ValidateID(modelnumberid) Then Call HandleValidationError("editdevice.asp?pcid=" & pcid, "INVALID_ID") End If ' Validate hostname length if provided If hostname <> "" And Len(hostname) > 255 Then Call HandleValidationError("editdevice.asp?pcid=" & pcid, "INVALID_INPUT") End If ' Validate machine number length if provided If machinenumber <> "" And Len(machinenumber) > 50 Then Call HandleValidationError("editdevice.asp?pcid=" & pcid, "INVALID_INPUT") End If ' Build parameterized UPDATE query Dim updateSQL, params, paramList, paramIndex, paramCount updateSQL = "UPDATE machines SET machinestatusid = ?, isactive = ?, " ' Count parameters paramCount = 2 ' machinestatusid, isactive If pctypeid <> "" Then paramCount = paramCount + 1 If hostname <> "" Then paramCount = paramCount + 1 If modelnumberid <> "" Then paramCount = paramCount + 1 If machinenumber <> "" Then paramCount = paramCount + 1 paramCount = paramCount + 1 ' pcid for WHERE clause ' Initialize parameter array with correct size ReDim paramList(paramCount - 1) paramIndex = 0 ' Add required parameters paramList(paramIndex) = machinestatusid paramIndex = paramIndex + 1 paramList(paramIndex) = isactive paramIndex = paramIndex + 1 ' Add optional fields If pctypeid <> "" Then updateSQL = updateSQL & "pctypeid = ?, " paramList(paramIndex) = pctypeid paramIndex = paramIndex + 1 Else updateSQL = updateSQL & "pctypeid = NULL, " End If If hostname <> "" Then updateSQL = updateSQL & "hostname = ?, " paramList(paramIndex) = hostname paramIndex = paramIndex + 1 Else updateSQL = updateSQL & "hostname = NULL, " End If If modelnumberid <> "" Then updateSQL = updateSQL & "modelnumberid = ?, " paramList(paramIndex) = modelnumberid paramIndex = paramIndex + 1 Else updateSQL = updateSQL & "modelnumberid = NULL, " End If If machinenumber <> "" Then updateSQL = updateSQL & "machinenumber = ?, " paramList(paramIndex) = machinenumber paramIndex = paramIndex + 1 Else updateSQL = updateSQL & "machinenumber = NULL, " End If ' Add lastupdated timestamp and WHERE clause updateSQL = updateSQL & "lastupdated = NOW() WHERE machineid = ? AND pctypeid IS NOT NULL" paramList(paramIndex) = pcid ' Execute parameterized update Dim recordsAffected recordsAffected = ExecuteParameterizedUpdate(objConn, updateSQL, paramList) ' Cleanup resources Call CleanupResources() If recordsAffected > 0 Then ' Success - redirect back to scan page ready for next scan Response.Redirect("./adddevice.asp") Else Response.Redirect("./editdevice.asp?pcid=" & pcid & "&error=db") End If %>