ge-aerospace/shopdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1b7946900cb18a8cce7e217903c3540da9446741
shopdb/updatenotificationdirect.asp
cproudlock 28e8071570 Add Employee Recognition feature to notifications system 
- Add Recognition notification type (ID 5) with blue color
- Add employeesso field to notifications table
- Create carousel display for Recognition on shopfloor dashboard
- Show employee names (lookup from wjf_employees) instead of SSO
- Auto-set starttime to NOW and endtime to 4AM next day
- Auto-enable shopfloor display for Recognition type
- Add Achievements tab to employee profile (displayprofile.asp)
- Hide Recognition from calendar view
- Add lookupemployee.asp AJAX endpoint for name preview
- Fix datetime double-formatting bug in save/update files
- Fix URL parameter loading on shopfloor dashboard init

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-09 07:27:37 -05:00

206 lines
7.3 KiB
Plaintext
Raw Blame History

<%
'=============================================================================
' FILE: updatenotificationdirect.asp
' PURPOSE: Update existing notification
' SECURITY: Parameterized queries, HTML encoding, input validation
' UPDATED: 2025-10-27 - Migrated to secure patterns
'=============================================================================
%>
<!--#include file="./includes/sql.asp"-->
<!--#include file="./includes/response.asp"-->
<%
' Get form inputs
Dim notificationid, notification, ticketnumber, starttime, endtime, isactive, isshopfloor, notificationtypeid, businessunitid, appid, employeesso
notificationid = Trim(Request.Form("notificationid"))
notification = Trim(Request.Form("notification"))
ticketnumber = Trim(Request.Form("ticketnumber"))
starttime = Trim(Request.Form("starttime"))
endtime = Trim(Request.Form("endtime"))
notificationtypeid = Trim(Request.Form("notificationtypeid"))
businessunitid = Trim(Request.Form("businessunitid"))
appid = Trim(Request.Form("appid"))
employeesso = Trim(Request.Form("employeesso"))
' Recognition type ID
Const RECOGNITION_TYPE_ID = 5
' Handle checkbox - if the hidden field is submitted but checkbox isn't, it means unchecked
If Request.Form("isactive_submitted") = "1" Then
If Request.Form("isactive") = "1" Then
isactive = 1
Else
isactive = 0
End If
Else
' Fallback for backward compatibility
If Request.Form("isactive") = "1" Then
isactive = 1
Else
isactive = 0
End If
End If
' Handle isshopfloor checkbox - same pattern as isactive
If Request.Form("isshopfloor_submitted") = "1" Then
If Request.Form("isshopfloor") = "1" Then
isshopfloor = 1
Else
isshopfloor = 0
End If
Else
' Fallback for backward compatibility
If Request.Form("isshopfloor") = "1" Then
isshopfloor = 1
Else
isshopfloor = 0
End If
End If
' Validate
If Not IsNumeric(notificationid) Or CLng(notificationid) < 1 Then
objConn.Close
ShowError "Invalid notification ID.", "displaynotifications.asp"
Response.End
End If
' Default to TBD if no type selected
If notificationtypeid = "" Or Not IsNumeric(notificationtypeid) Then
notificationtypeid = "1"
End If
' Handle Recognition type - auto-set times and require employeesso
Dim isRecognition
isRecognition = (CLng(notificationtypeid) = RECOGNITION_TYPE_ID)
If isRecognition Then
' Validate employeesso is provided for Recognition
If Len(employeesso) = 0 Then
objConn.Close
ShowError "Employee SSO is required for Recognition notifications.", "editnotification.asp?notificationid=" & notificationid
Response.End
End If
' Auto-set starttime to NOW
starttime = Year(Now) & "-" & Right("0" & Month(Now), 2) & "-" & Right("0" & Day(Now), 2) & " " & _
Right("0" & Hour(Now), 2) & ":" & Right("0" & Minute(Now), 2) & ":00"
' Auto-set endtime to 4AM next day
Dim nextDay
nextDay = DateAdd("d", 1, Date)
endtime = Year(nextDay) & "-" & Right("0" & Month(nextDay), 2) & "-" & Right("0" & Day(nextDay), 2) & " 04:00:00"
' Auto-enable shopfloor display for Recognition
isshopfloor = 1
End If
' Validate required fields (endtime is now optional, starttime not required for Recognition)
If Len(notification) = 0 Then
objConn.Close
ShowError "Notification message is required.", "editnotification.asp?notificationid=" & notificationid
Response.End
End If
If Not isRecognition And Len(starttime) = 0 Then
objConn.Close
ShowError "Start time is required.", "editnotification.asp?notificationid=" & notificationid
Response.End
End If
If Len(notification) > 500 Or Len(ticketnumber) > 50 Then
objConn.Close
ShowError "Field length exceeded.", "editnotification.asp?notificationid=" & notificationid
Response.End
End If
' Convert datetime format for starttime (skip if already formatted for Recognition)
If InStr(starttime, "T") > 0 Then
starttime = Replace(starttime, "T", " ") & ":00"
End If
' Handle optional endtime - leave as NULL if blank (indefinite)
Dim endtimeValue, businessunitValue
If Len(endtime) = 0 Then
' No end date - store as NULL for indefinite notifications
endtimeValue = Null
Else
' End date specified - convert format (only add :00 if from datetime-local input with T)
If InStr(endtime, "T") > 0 Then
endtime = Replace(endtime, "T", " ") & ":00"
End If
endtimeValue = endtime
End If
' Handle optional businessunitid - NULL means applies to all business units
If businessunitid = "" Or Not IsNumeric(businessunitid) Then
businessunitValue = Null
Else
businessunitValue = CLng(businessunitid)
End If
' Handle optional appid - NULL means not linked to an application
Dim appidValue
If appid = "" Or Not IsNumeric(appid) Then
appidValue = Null
Else
appidValue = CLng(appid)
End If
' Handle optional employeesso - only for Recognition type
Dim employeessoValue
If Len(employeesso) = 0 Then
employeessoValue = Null
Else
employeessoValue = employeesso
End If
' UPDATE using parameterized query
Dim strSQL, cmdUpdate
strSQL = "UPDATE notifications SET notificationtypeid = ?, businessunitid = ?, appid = ?, notification = ?, ticketnumber = ?, starttime = ?, endtime = ?, isactive = ?, isshopfloor = ?, employeesso = ? WHERE notificationid = ?"
Set cmdUpdate = Server.CreateObject("ADODB.Command")
cmdUpdate.ActiveConnection = objConn
cmdUpdate.CommandText = strSQL
cmdUpdate.CommandType = 1
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@notificationtypeid", 3, 1, , CLng(notificationtypeid))
If IsNull(businessunitValue) Then
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@businessunitid", 3, 1, , Null)
Else
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@businessunitid", 3, 1, , businessunitValue)
End If
If IsNull(appidValue) Then
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@appid", 2, 1, , Null)
Else
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@appid", 2, 1, , appidValue)
End If
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@notification", 200, 1, 500, notification)
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@ticketnumber", 200, 1, 50, ticketnumber)
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@starttime", 135, 1, , starttime)
If IsNull(endtimeValue) Then
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@endtime", 135, 1, , Null)
Else
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@endtime", 135, 1, , endtimeValue)
End If
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@isactive", 11, 1, , CBool(isactive))
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@isshopfloor", 11, 1, , CBool(isshopfloor))
If IsNull(employeessoValue) Then
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@employeesso", 200, 1, 100, Null)
Else
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@employeesso", 200, 1, 100, employeessoValue)
End If
cmdUpdate.Parameters.Append cmdUpdate.CreateParameter("@notificationid", 3, 1, , CLng(notificationid))
On Error Resume Next
cmdUpdate.Execute
If Err.Number = 0 Then
Set cmdUpdate = Nothing
objConn.Close
ShowSuccess "Notification updated successfully.", "displaynotifications.asp", "notifications"
Else
Dim updateErr
updateErr = Err.Description
Set cmdUpdate = Nothing
objConn.Close
ShowError "Error: " & Server.HTMLEncode(updateErr), "editnotification.asp?notificationid=" & notificationid
End If
%>
Reference in New Issue View Git Blame Copy Permalink