Shangz R Brown Presentation


Published on

Stored Procedure & php for with validation

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Shangz R Brown Presentation

  1. 1. 818-235-9779
  2. 2. •MSSQL SERVER user stored procedure•SSRS – Customer Transaction Summary•HTML Form – The HTML behind it!•PHP Form Validation – The PHP behind it!
  3. 3.  This particular piece of code creates a stored procedure. Upon execution it initially validates that the customer is linked to the account. There are two other validations that has to do with entry of negative numbers in the “TransactionAmount” field and adding an overdraft service charge when there isn‟t any funds to cover the transaction.
  4. 4. Microsoft SQL USE [PiggyBank] GO /****** Object: StoredProcedure [dbo].[WithdrawalODFees] Script Date: 02/24/2011 13:23:09 ******/ SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO ---- ============================================= ---- Author: Shangz Brown ---- Create date: 02/22/2011 ---- Description Withdrawal with overdraft fee generation ---- ============================================= CREATE PROCEDURE [dbo].[WithdrawalODFees] --Input and output parameters to create account @CustomerID int = null, @AccountID int = null, @TransactionAmount money = null, @TransactionTypeID int = null, @NewBalance money OUTPUT AS SET XACT_ABORT ON --Validate that @AccountID belongs to the same customer (linked in customer Accounts table) IF (SELECT CustomerAccountID FROM CustomerAccount WHERE AccountID = @AccountID and CustomerID = @CustomerID) is null BEGIN raiserror(Account must be linked to the CustomerID entered, 11, 1) RETURN END
  5. 5. This part of the T-SQL stored procedure code blocksactivity on closed accounts that may be entered by users --Block Transactions on inactive accounts. IF (Select A.AccountID FROM Account AS A JOIN CustomerAccount AS CA ON A.AccountID=CA.AccountID WHERE AccountStatusID=2 AND CA.CustomerID=@CustomerID AND A.AccountID =@AccountID) =@AccountID BEGIN raiserror(Transactions are not allowed on inactive accounts, 11, 1) RETURN END --D/E CHECK: Prevent negative money amounts to be entered in the Transaction Amount parameter. --Logic: You can not make a deposit via the withdraw proc. IF @TransactionAmount <=0 BEGIN raiserror(Transaction Amount can not be a negative number., 11, 1) RETURN END BEGIN -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. SET NOCOUNT ON;
  6. 6.  -- Encapsulate procedure in a try catch block BEGIN TRY BEGIN TRAN --make insert conditional -- If TA >CB, AND test if EXIST [OD] is true, if TRUE proceed. IF @TransactionAmount > (SELECT CurrentBalance FROM Account WHERE AccountID =@AccountID) AND exists (SELECT AccountID FROM Account WHERE OverDraftAccountID is not null) SET @NewBalance = (SELECT CurrentBalance FROM Account WHERE AccountID = @AccountID) - (@TransactionAmount+10) -- record transaction. INSERT INTO [PiggyBank].[dbo].[Transactions] ([AccountID] ,[TransactionTypeID] ,[CustomerID] ,[TransactionDate] ,[TransactionAmount] ,[NewBalance])
  7. 7.  VALUES (@AccountID ,@TransactionTypeID ,@CustomerID ,GETDATE() ,@TransactionAmount ,@NewBalance) UPDATE dbo.Account SET CurrentBalance =@NewBalance WHERE AccountID = @AccountID Print Not enough funds in main account to cover transaction. Transaction amount + $10 service fee HAS BEEN debited from this account COMMIT TRAN END TRY --Catch errors BEGIN CATCH --Rollback transaction IF @@trancount > 0 ROLLBACK TRAN DECLARE @ErrorMessage NVARCHAR(4000), @ErrorState INT SELECT @ErrorMessage = ERROR_MESSAGE(), @ErrorState = ERROR_STATE() RAISERROR ( @ErrorMessage, 11, @ErrorState) RETURN END CATCH END GO
  8. 8. SSRS – SQL Server Reporting Services – This is a report I created using Visual Studio2008. The source was a stored procedure in my PiggyBank project. I wanted to create astatement listing the transactions along with customer name and address. The resultfollows on the next slide.
  9. 9.  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ""> <html xmlns="" xml:lang="en" lang="en"> <head> <metahttp-equiv="content-type" content="text/html; charset=iso-8859-1" /> <title>Simple HTML Form</title> </head> <body> <form action="handle_form.php" method="post"> <fieldset><legend>Enter your information in the form below:</legend> <p> <b>Name:</b> <input type="text" name="name" size="20” maxlength="40" /> </p> <p> <b> Email Address: </b> <input type="text" name="email" size="40“ maxlength="60" /> </p> <p> <b>Gender:</b> <input type="radio" name="gender" value="M" />Male <input type="radio" name="gender" value="F" /> Female </p> <p> <b>Age:</b> <select name="age"> <option value="0-29"> Under 30 </option> <option value="30-60"> Between 30 and 60 </option> <option value="60+"> Over 60 </option> </select> </p> <p> <b>Comments:</b> <textarea name="comments" rows="3" cols="40"></textarea> </p> </fieldset> <div align="center"><input type="submit" name="submit" value="Submit My Information" /> </div> </form> </body>
  10. 10.  <html> <head> <title>PHP Test</title> </head> <body> <?php # handle_form.php // Create a shorthand for the form data. $name = $_REQUEST[name]; $email = $_REQUEST[email]; $comments = $_REQUEST[comments]; $age = $_REQUEST[age]; $gender = $_REQUEST[gender]; //Validate the name and combat Magic Quotes, if necessary. if (!empty($_REQUEST[name])) { $name = stripslashes($_REQUEST[name]); } else {$name = NULL; echo „ <p><font color ="red">You forgot to enter your name!</font></p>; } //Validate the email address. if (!empty($_REQUEST[email])) { $email = $_REQUEST[email]; } else { $email = NULL; echo <p><font color="red"> You forgot to enter your email address! </font></p>; }
  11. 11.  //*Validate the comments and combat Magic Quotes, if necessary*// if ( !empty($_REQUEST[comments‟])) { $comments = stripslashes($_REQUEST[comments„]); } else { $comments = NULL; echo <p><font color ="red">What? Nothing to say! You forgot to leave some comments! <font/> </p> ; } if (isset($_REQUEST[gender„])) { $gender = $_REQUEST[gender]; if ($gender == M) { $message = <p><b>Good day, Sir!</b></p>; } elseif ($gender == F‟) { $message = <p><b>Good day, Madam!</b> </p>; } else { // Unacceptable value. $message=NULL; echo <p><font color="red">Gender should be either male or female!</font></p>; } } else { //gender is not set. $gender = NULL; echo „ <p><font color="red">You forgot to select your gender! </font></p>; }
  12. 12.  // If everything is okay, print the message. if ($name && $email && $gender && $comments) { echo <p>Thank you <b>$name</b> for the following comments: <br/> <tt>$comments</tt> </p>; echo <p> We will reply to you at <i>$email</i></p> n; echo $message; // From the $gender conditional. } else { // One form element was not filled out properly. echo „<p><font color="red">Please go back and fill out the form again.</font></p>; } ?> </body> </html>