ge-aerospace/shopdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
65b622c361f4b625efaf0bea1fff0a81308033a7
shopdb/savenotification_direct.asp
cproudlock 65b622c361 Add USB checkout system and SSO profile page 
New Features:
- USB Device checkout/check-in system with barcode scanning
  - displayusb.asp: List all USB devices with status
  - addusb.asp: Add new USB devices via barcode scan
  - checkout_usb.asp/savecheckout_usb.asp: Check out USB to SSO
  - checkin_usb.asp/savecheckin_usb.asp: Check in with wipe confirmation
  - usb_history.asp: Full checkout history with filters
  - api_usb.asp: JSON API for AJAX lookups
- displayprofile.asp: SSO profile page showing user info and USB history
- Date/time format changed to 12-hour (MM/DD/YYYY h:mm AM/PM)
- SSO links in USB history now link to profile page via search

Database:
- New machinetypeid 44 for USB devices
- New usb_checkouts table for tracking checkouts

Cleanup:
- Removed v2 folder (duplicate/old files)
- Removed old debug/test files
- Removed completed migration documentation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-07 11:16:14 -05:00

127 lines
4.5 KiB
Plaintext
Raw Blame History

<%
'=============================================================================
' FILE: savenotification_direct.asp
' PURPOSE: Create new notification
' SECURITY: Parameterized queries, HTML encoding, input validation
' UPDATED: 2025-10-27 - Migrated to secure patterns
'=============================================================================
%>
<!--#include file="./includes/sql.asp"-->
<!--#include file="./includes/response.asp"-->
<%
' Get form inputs
Dim notification, ticketnumber, starttime, endtime, isactive, isshopfloor, notificationtypeid, businessunitid, appid
notification = Trim(Request.Form("notification"))
ticketnumber = Trim(Request.Form("ticketnumber"))
starttime = Trim(Request.Form("starttime"))
endtime = Trim(Request.Form("endtime"))
notificationtypeid = Trim(Request.Form("notificationtypeid"))
businessunitid = Trim(Request.Form("businessunitid"))
appid = Trim(Request.Form("appid"))
' Checkboxes - ensure they are always integers 0 or 1
If Request.Form("isactive") = "1" Then
isactive = 1
Else
isactive = 0
End If
If Request.Form("isshopfloor") = "1" Then
isshopfloor = 1
Else
isshopfloor = 0
End If
' Default to TBD if no type selected
If notificationtypeid = "" Or Not IsNumeric(notificationtypeid) Then
notificationtypeid = "1"
End If
' Validate required fields (endtime is now optional)
If Len(notification) = 0 Or Len(starttime) = 0 Then
objConn.Close
ShowError "Required fields missing.", "addnotification.asp"
Response.End
End If
If Len(notification) > 500 Or Len(ticketnumber) > 50 Then
objConn.Close
ShowError "Field length exceeded.", "addnotification.asp"
Response.End
End If
' Convert datetime format for starttime
starttime = Replace(starttime, "T", " ") & ":00"
' Handle optional endtime - leave as NULL if blank (indefinite)
Dim endtimeValue, businessunitValue
If Len(endtime) = 0 Then
' No end date - store as NULL for indefinite notifications
endtimeValue = Null
Else
' End date specified - convert format
endtime = Replace(endtime, "T", " ") & ":00"
endtimeValue = endtime
End If
' Handle optional businessunitid - NULL means applies to all business units
If businessunitid = "" Or Not IsNumeric(businessunitid) Then
businessunitValue = Null
Else
businessunitValue = CLng(businessunitid)
End If
' Handle optional appid - NULL means not linked to an application
Dim appidValue
If appid = "" Or Not IsNumeric(appid) Then
appidValue = Null
Else
appidValue = CLng(appid)
End If
' INSERT using parameterized query
Dim strSQL, cmdInsert
strSQL = "INSERT INTO notifications (notificationtypeid, businessunitid, appid, notification, ticketnumber, starttime, endtime, isactive, isshopfloor) " & _
"VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"
Set cmdInsert = Server.CreateObject("ADODB.Command")
cmdInsert.ActiveConnection = objConn
cmdInsert.CommandText = strSQL
cmdInsert.CommandType = 1
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@notificationtypeid", 3, 1, , CLng(notificationtypeid))
If IsNull(businessunitValue) Then
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@businessunitid", 3, 1, , Null)
Else
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@businessunitid", 3, 1, , businessunitValue)
End If
If IsNull(appidValue) Then
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@appid", 2, 1, , Null)
Else
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@appid", 2, 1, , appidValue)
End If
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@notification", 200, 1, 500, notification)
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@ticketnumber", 200, 1, 50, ticketnumber)
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@starttime", 135, 1, , starttime)
If IsNull(endtimeValue) Then
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@endtime", 135, 1, , Null)
Else
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@endtime", 135, 1, , endtimeValue)
End If
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@isactive", 11, 1, , CBool(isactive))
cmdInsert.Parameters.Append cmdInsert.CreateParameter("@isshopfloor", 11, 1, , CBool(isshopfloor))
On Error Resume Next
cmdInsert.Execute
If Err.Number = 0 Then
Set cmdInsert = Nothing
objConn.Close
ShowSuccess "Notification created successfully.", "displaynotifications.asp", "notifications"
Else
Dim insertErr
insertErr = Err.Description
Set cmdInsert = Nothing
objConn.Close
ShowError "Error: " & Server.HTMLEncode(insertErr), "addnotification.asp"
End If
%>
Reference in New Issue View Git Blame Copy Permalink