<%
' Initialize error handling
Call InitializeErrorHandling("updatenotification.asp")
' Get form inputs
Dim notificationid, notification, ticketnumber, starttime, endtime, isactive
notificationid = Trim(Request.Form("notificationid"))
notification = Trim(Request.Form("notification"))
ticketnumber = Trim(Request.Form("ticketnumber"))
starttime = Trim(Request.Form("starttime"))
endtime = Trim(Request.Form("endtime"))
' Checkbox - ensure it is always integer 0 or 1
If Request.Form("isactive") = "1" Then
isactive = 1
Else
isactive = 0
End If
' Validate notificationid
If Not ValidateID(notificationid) Then
Call HandleValidationError("displaynotifications.asp", "INVALID_ID")
End If
' Validate required fields
If Len(notification) = 0 Or Len(starttime) = 0 Or Len(endtime) = 0 Then
Call HandleValidationError("editnotification.asp?notificationid=" & Server.URLEncode(notificationid), "REQUIRED_FIELD")
End If
' Validate field lengths
If Len(notification) > 500 Then
Call HandleValidationError("editnotification.asp?notificationid=" & Server.URLEncode(notificationid), "INVALID_INPUT")
End If
If Len(ticketnumber) > 50 Then
Call HandleValidationError("editnotification.asp?notificationid=" & Server.URLEncode(notificationid), "INVALID_INPUT")
End If
' Verify the notification exists
If Not RecordExists(objConn, "notifications", "notificationid", notificationid) Then
Call HandleValidationError("displaynotifications.asp", "NOT_FOUND")
End If
' Convert datetime-local format (YYYY-MM-DDTHH:MM) to MySQL format (YYYY-MM-DD HH:MM:SS)
starttime = Replace(starttime, "T", " ") & ":00"
endtime = Replace(endtime, "T", " ") & ":00"
' Update using parameterized query
Dim strSQL, recordsAffected
strSQL = "UPDATE notifications SET notification = ?, ticketnumber = ?, starttime = ?, endtime = ?, isactive = ? WHERE notificationid = ?"
recordsAffected = ExecuteParameterizedUpdate(objConn, strSQL, Array(notification, ticketnumber, starttime, endtime, CInt(isactive), notificationid))
' Cleanup and redirect
Call CleanupResources()
If recordsAffected > 0 Then
Response.Redirect("displaynotifications.asp")
Else
Response.Write("")
Response.Write("Error: Could not update notification.
")
Response.Write("Go Back
")
Response.Write("")
End If
%>