membersrecord.jsp

一个简单的网上书店例子

<%@ page contentType="text/html;charset=gb2312"%>
<%@ include file="Common.jsp" %><%!
//
//   Filename: MembersRecord.jsp

static final String sFileName = "MembersRecord.jsp";
              
%><%

String cSec = checkSecurity(2, session, response, request);
if ("sendRedirect".equals(cSec) ) return;
                
boolean bDebug = false;

String sAction = getParam( request, "FormAction");
String sForm = getParam( request, "FormName");
String sMembersErr = "";

java.sql.Connection conn = null;
java.sql.Statement stat = null;
String sErr = loadDriver();
conn = cn();
stat = conn.createStatement();
if ( ! sErr.equals("") ) {
 try {
   out.println(sErr);
 }
 catch (Exception e) {}
}
if ( sForm.equals("Members") ) {
  sMembersErr = MembersAction(request, response, session, out, sAction, sForm, conn, stat);
  if ( "sendRedirect".equals(sMembersErr)) return;
}

%>            
<html>
<head>
<title>Book Store</title>
<meta http-equiv="pragma" content="no-cache"/>
<meta http-equiv="expires" content="0"/>
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
</head>
<body style="background-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helveticabackground-color: #FFFFFF; color: #000000; font-family: Arial, Tahoma, Verdana, Helvetica">
<jsp:include page="Header.jsp" flush="true"/>
 <table>
  <tr>
   
   <td valign="top">
<% Members_Show(request, response, session, out, sMembersErr, sForm, sAction, conn, stat); %>
    <SCRIPT Language="JavaScript">
if (document.forms["Members"])
document.Members.onsubmit=delconf;
function delconf() {
if (document.Members.FormAction.value == 'delete')
  return confirm('Delete record?');
}
</SCRIPT>
   </td>
  </tr>
 </table>

<jsp:include page="Footer.jsp" flush="true"/>
</body>
</html>
<%%>
<%
if ( stat != null ) stat.close();
if ( conn != null ) conn.close();
%>
<%!


  String MembersAction(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession session, javax.servlet.jsp.JspWriter out, String sAction, String sForm, java.sql.Connection conn, java.sql.Statement stat) throws java.io.IOException {
  
    String sMembersErr ="";
    try {

      if (sAction.equals("")) return "";

      String sSQL="";
      String transitParams = "";
      String primaryKeyParams = "";
      String sQueryString = "";
      String sPage = "";
      String sParams = "";
      String sActionFileName = "MembersGrid.jsp";
      String sWhere = " ";
      boolean bErr = false;
      long iCount = 0;

  
      sParams = "?";
      sParams += "member_login=" + toURL(getParam( request, "Trn_member_login"));
      String pPKmember_id = "";
      if (sAction.equalsIgnoreCase("cancel") ) {
        try {
          if ( stat != null ) stat.close();
          if ( conn != null ) conn.close();
        }
        catch ( java.sql.SQLException ignore ) {}
        response.sendRedirect (sActionFileName + sParams);
        return "sendRedirect";
      }

      final int iinsertAction = 1;
      final int iupdateAction = 2;
      final int ideleteAction = 3;
      int iAction = 0;

      if ( sAction.equalsIgnoreCase("insert") ) { iAction = iinsertAction; }
      if ( sAction.equalsIgnoreCase("update") ) { iAction = iupdateAction; }
      if ( sAction.equalsIgnoreCase("delete") ) { iAction = ideleteAction; }

      // Create WHERE statement

      if ( iAction == iupdateAction || iAction == ideleteAction ) { 
        pPKmember_id = getParam( request, "PK_member_id");
        if ( isEmpty(pPKmember_id)) return sMembersErr;
        sWhere = "member_id=" + toSQL(pPKmember_id, adNumber);
      }


      String fldmember_login="";
      String fldmember_password="";
      String fldmember_level="";
      String fldname="";
      String fldlast_name="";
      String fldemail="";
      String fldphone="";
      String fldaddress="";
      String fldnotes="";
      String fldcard_type_id="";
      String fldcard_number="";
      String fldmember_id="";

      // Load all form fields into variables
    
      fldmember_login = getParam(request, "member_login");
      fldmember_password = getParam(request, "member_password");
      fldmember_level = getParam(request, "member_level");
      fldname = getParam(request, "name");
      fldlast_name = getParam(request, "last_name");
      fldemail = getParam(request, "email");
      fldphone = getParam(request, "phone");
      fldaddress = getParam(request, "address");
      fldnotes = getParam(request, "notes");
      fldcard_type_id = getParam(request, "card_type_id");
      fldcard_number = getParam(request, "card_number");
      // Validate fields
      if ( iAction == iinsertAction || iAction == iupdateAction ) {
        if ( isEmpty(fldmember_login) ) {
          sMembersErr = sMembersErr + "The value in field Login* is required.<br>";
        }
        if ( isEmpty(fldmember_password) ) {
          sMembersErr = sMembersErr + "The value in field Password* is required.<br>";
        }
        if ( isEmpty(fldmember_level) ) {
          sMembersErr = sMembersErr + "The value in field Level* is required.<br>";
        }
        if ( isEmpty(fldname) ) {
          sMembersErr = sMembersErr + "The value in field First Name* is required.<br>";
        }
        if ( isEmpty(fldlast_name) ) {
          sMembersErr = sMembersErr + "The value in field Last Name* is required.<br>";
        }
        if ( isEmpty(fldemail) ) {
          sMembersErr = sMembersErr + "The value in field Email* is required.<br>";
        }
        if ( ! isNumber(fldmember_level)) {
          sMembersErr = sMembersErr + "The value in field Level* is incorrect.<br>";
        }
        if ( ! isNumber(fldcard_type_id)) {
          sMembersErr = sMembersErr + "The value in field Credit Card Type is incorrect.<br>";
        }
        if ( ! isEmpty(fldmember_login)) {
          iCount = 0;
          if ( iAction == iinsertAction ) {
            iCount = dCountRec(stat, "members", "member_login=" + toSQL(fldmember_login, adText));
          }
          else {
            if ( iAction == iupdateAction ) {
              iCount = dCountRec( stat, "members", "member_login=" + toSQL(fldmember_login, adText) + " and not(" + sWhere + ")");
            }
          }
          if (iCount > 0) {
            sMembersErr = sMembersErr + "The value in field Login* is already in database.<br>";
          }
        }
        if (sMembersErr.length() > 0 ) {
          return (sMembersErr);
        }
      }


      sSQL = "";
      // Create SQL statement

      switch (iAction) {
  
        case iinsertAction :
          
            sSQL = "insert into members (" + 
                "member_login," +
                "member_password," +
                "member_level," +
                "first_name," +
                "last_name," +
                "email," +
                "phone," +
                "address," +
                "notes," +
                "card_type_id," +
                "card_number)" +

                " values (" + 
                toSQL(fldmember_login, adText) + "," +
                toSQL(fldmember_password, adText) + "," +
                toSQL(fldmember_level, adNumber) + "," +
                toSQL(fldname, adText) + "," +
                toSQL(fldlast_name, adText) + "," +
                toSQL(fldemail, adText) + "," +
                toSQL(fldphone, adText) + "," +
                toSQL(fldaddress, adText) + "," +
                toSQL(fldnotes, adText) + "," +
                toSQL(fldcard_type_id, adNumber) + "," +
                toSQL(fldcard_number, adText) + ")";
          break;
  
      case iupdateAction:
        
          sSQL = "update members set " +
                "member_login=" + toSQL(fldmember_login, adText) +
                ",member_password=" + toSQL(fldmember_password, adText) +
                ",member_level=" + toSQL(fldmember_level, adNumber) +
                ",first_name=" + toSQL(fldname, adText) +
                ",last_name=" + toSQL(fldlast_name, adText) +
                ",email=" + toSQL(fldemail, adText) +