In: Categories » Computers and technology » Programming » Building the company edit action template
The code in CompanyEditAction.cfm is like the code in CompanyAddAction.cfm, but the edit action updates rather than inserts. Create a file named CompanyEditAction.cfm inside the Ch02 directory, type the code into the file’s editing window, and save the file.
<cfquery name=”UpdateCompany” datasource=”#Request.MainDSN#”> UPDATE Company SET CompanyName = ‘#Trim(Form.CompanyName)#’, Address = ‘#Trim(Form.Address)#’, City = ‘#Trim(Form.City)#’, State = ‘#Trim(Form.State)#’, ZipCode = ‘#Trim(Form.ZipCode)#’, Comments = <cfif Len(Trim(Form.Comments)) GT 0> ‘#Trim(Form.Comments)#’ <cfelse> NULL </cfif> WHERE CompanyID = #Val(Form.CompanyID)# </cfquery> <cflocation url=”Finished.cfm?msg=#URLEncodedFormat(‘#Form.CompanyName# has been updated in the database.’)#”>
Now that you’ve finished these three templates, you can see them in action. Point your Web browser to http://<yourserver>/CFMXBible/Ch02/CompanyGetEditForm.cfm and enter a CompanyID. (To get a valid ID, go to the company list and pick a number in the ID column.) Click Submit, and you should see the chosen company’s information appear in the form fields on the edit form. Edit the Zip Code and click Submit; then revisit the company list and click your browser’s Refresh button. You should see the updated data in the company list. If you don’t, compare the files that you’ve created with their respective listings. Open CompanyEditForm.cfm in HomeSite. Because the edit form is very similar to the add form, compare the two. The first difference between the edit form and add form is the CFQUERY at the beginning of CompanyEditForm.cfm. CompanyEditForm.cfm calls CFQUERY to retrieve the company record that the user wants to edit. This query is like the one in CompanyList.cfm, with a few differences. First, CompanyEditForm.cfm doesn’t include CompanyID in the select list, because the chosen company’s ID is already available in the CompanyID that was sent to this template in the form post. Second, you now find a WHERE clause that restricts the result set to include only the company with an ID that matches CompanyID. Third, you find no ORDER BY clause, because this query returns only a single record. Look at the WHERE clause again in the following code:
WHERE CompanyID = #Val(CompanyID)#
CompanyID came from the CompanyGetEditForm.cfm form post, so it is said to be a part of the Form scope, and as such would normally be referenced as Form.CompanyID. Likewise, if CompanyID had been passed in a hyperlink as a URL parameter, it would be a part of the URL scope, and as such would normally be referenced as URL.CompanyID. Notice that in the preceding line of code, we omitted the scope prefix to the CompanyID variable. This causes ColdFusion to go “hunting” for the scope that contains the CompanyID variable. By using this technique, you can build a flexible template that may receive values from either the URL or a form post. Val() is a ColdFusion function that takes a string and returns the numeric part of that string (for example, 123ABC would become 123). If the string does not begin with a number, Val() returns zero. Val() is very important, especially with URL parameters, for the following two reasons:
If the database is expecting a number but the user passes a nonnumeric parameter, Val() ensures that the database doesn’t throw a syntax error.
Val() is a security precaution. If you don’t use Val(), a hacker could append a malicious query such as DELETE FROM Customer onto the end of the URL parameter, and the extra query would execute against your database. Val() removes all nonnumeric characters, so the malicious query could never touch your database. Notice also that you don’t surround the pound signs with single quotes as you do in CompanyAddAction.cfm, because CompanyID is a numeric column. Only text strings can be surrounded with single quotes. Moving further down CompanyEditForm.cfm, you see a plain HTML INPUT tag of Type = “hidden”. Hidden form fields are invisible to the user; they pass data to the action page without user intervention. The hidden INPUT tag has two attributes aside from its Type: Name and Value. Name becomes the name of the Form variable on the action page. Value is what that variable contains. You use a hidden form field here so that CompanyEditAction.cfm knows which company to update in the database. Notice that the value of the hidden form field is CompanyID, which was the CompanyID posted from CompanyGetEditForm.cfm. The hidden INPUT field is the mechanism that passes through CompanyID to CompanyEditAction.cfm. The final difference between CompanyEditForm.cfm and CompanyAddForm.cfm is that the edit form’s fields are prepopulated with data. Each of the five CFINPUT tags on CompanyEditForm.cfm has a Value attribute. The Value attribute is the text that the user sees in the input field as he first browses CompanyEditForm.cfm. All the Value attributes look as follows:
value=”#GetCompany.CompanyName#”
Remember that, in CompanyList.cfm, if you output the value of a column in a result set, you just use the column name without the name of the result set preceding it. In CompanyEditForm.cfm, however, your data is not inside a <cfoutput query=”GetCompany”> tag, so you must tell ColdFusion where this variable is by preceding the column name with the name of the result set containing it. The final difference is in the TEXTAREA tag. TEXTAREA doesn’t have a Value attribute; the value of the text area is whatever appears between the <textarea> and </textarea> tag pair. Now look at CompanyEditAction.cfm. As in CompanyAddAction.cfm, only two ColdFusion tags are in this template: CFQUERY, which updates the company record in the database; and CFLOCATION, which redirects the user away from the edit action template. The UPDATE statement on this page uses three SQL clauses: UPDATE, SET, and WHERE. UPDATE tells the database which table to update; SET tells the database the new values to assign to each column in the updated record; and WHERE tells the database which record to update. Look at the WHERE, clause and you’ll see why you used a hidden form field on the company edit form. Remember that the hidden form field contained the CompanyID of the company that you were editing. The WHERE clause tells the database to update the company with the ID that matches CompanyID. After CFQUERY, CompanyEditAction.cfm calls CFLOCATION, which redirects the user to the Finished page. You don’t need a separate Finished page for the Edit Action; simply modify URL.msg to describe what happened: #Form.CompanyName# has been updated in the database. Compared to adding and editing companies, deleting a company is a breeze. As does editing a company, deleting a company requires four templates: one template to choose which company to delete, one template to display the company record so that the user can confirm that he is deleting the correct company, an action page to delete the company from the database, and the Finished page that you have already created. Creating the first template is a piece of cake because you’ve already written it! The Get Delete Form listing is almost exactly the same as the Get Edit Form listing. Create a file named CompanyGetDeleteForm.cfm inside the Ch02 directory, type the code into the file’s editing window, and save the file.
<html> <head> <title>ColdFusion MX Bible</title> <link rel=”stylesheet” href=”styles.css”> </head> <body> <h1>Delete a Company</h1> <table> <cfform action=”CompanyDeleteForm.cfm” method=”POST”> <tr> <td>Company ID</td> <td> <cfinput type=”Text” name=”CompanyID” message=”Please enter the Company ID” validate=”integer” required=”Yes” size=”22” maxlength=”20”> </td> </tr> <tr> <td> </td> <td> <input type=”submit” value=”Get Company”> </td> </tr> </cfform>
</table> </body> </html>
The only difference between the Get Delete and Get Edit forms is where the user submits them! The delete form is a template that enables the user to inspect the company record before deciding to delete the company. No editing takes place on this page—the user is just viewing static data. Create a file named CompanyDeleteForm.cfm inside the Ch02 directory, type the code into the file’s editing window, and save the file.
<cfquery name=”GetCompany” datasource=”#Request.MainDSN#”> SELECT CompanyName, Address, City, State, ZipCode, Comments FROM Company WHERE CompanyID = #Val(CompanyID)# </cfquery> <html> <head> <title>ColdFusion MX Bible</title> <link rel=”stylesheet” href=”styles.css”> </head> <body> <h1>Delete a Company</h1> <cfoutput> <table> <cfform action=”CompanyDeleteAction.cfm” method=”POST”>
<input type=”hidden” name=”CompanyID” value=”#Val(CompanyID)#”> <tr> <td>Company Name</td> <td>#GetCompany.CompanyName#</td> </tr> <tr> <td>Address</td> <td>#GetCompany.Address#</td> </tr> <tr> <td>City</td> <td>#GetCompany.City#</td> </tr> <tr> <td>State</td> <td>#GetCompany.State#</td> </tr> <tr> <td>ZIP Code</td> <td>#GetCompany.ZipCode#</td> </tr> <tr> <td>Comments</td> <td>#GetCompany.Comments#</td> </tr> <tr> <td> </td> <td> <input type=”submit” value=”Delete From Database”> </td> </tr> </cfform> </table> </cfoutput> </body> </html>
The first line of code in the delete form is the same CFQUERY used in the edit form; it retrieves the company record from the database. You use CFFORM and a hidden form field because you are submitting the CompanyID to the action page. You don’t need any CFINPUT tags because you don’t need any user input on this form. All that’s left is the Submit button. The last template in the company delete process controls the delete action. Create a file named CompanyDeleteAction.cfm inside the Ch02 directory, type the code into the file’s editing window, and save the file.
<cfquery name=”DeleteCompany” datasource=”#Request.MainDSN#”> DELETE FROM Company WHERE CompanyID = #Val(Form.CompanyID)# </cfquery> <cflocation url=”Finished.cfm?msg=#URLEncodedFormat(‘Company ID #Form.CompanyID# has been deleted from the database.’)#”>
Only two ColdFusion tags are on this page: CFQUERY, which tells the database to delete a row; and CFLOCATION, which redirects the user to the Finished page.
legal notice
Our website is not responsible for the information contained by this article. Web-articles is a free articles resource.
Suggestion: If you need fresh, daily updated content for your website, feel free to use our service. Click here for more information.
Useful tools and features
If you like this article (tutorial), please link to it from your web page using the information above.
related articles
You learn by doing, and then we go back and explain how ColdFusion worked its magic. Before you get started, though, you must learn a few terms, set up the database, and create the Web directory that you’re going to use. These are some terms that you should know: A template is a file with a .cfm extension. ColdFusion executes these templates and produces HTML that is returned to the user’s browser. A page is what appears in your browser. It is rendered from the HTML that ColdFusion Server sends back ...
2. Building the company add action template
In this article, you create the template that puts your form data into the database. Create a file named CompanyAddAction.cfm inside the Ch02 directory, type the code into the file’s editing window, and save the file. <cfquery name=”InsertCompany” datasource=”#Request.MainDSN#”> INSERT INTO Company( CompanyName, Address, City, State, ZipCode, Comments ) VALUES ( ‘#Trim(Form.CompanyName)#’, ‘#Trim(Form.Address)#’, ...
3. Modifying a Company in the Database
The data that CFQUERY requests from the database comes back in a result set, and the Name attribute tells ColdFusion what that result set is to be named. The SQL statement consists of three clauses: SELECT, FROM, and ORDER BY. SELECT tells the database which columns to retrieve from the database; FROM tells the database which table to retrieve those columns from; and ORDER BY tells the database how to sort the results. The result set returned from CFQUERY contains multiple rows of data, and each row has multiple columns. It would ...
4. Adding a New Employee to the Database
The CFQUERY in CompanyDeleteAction.cfm uses a DELETE statement with two SQL clauses: DELETE and WHERE. DELETE tells the database the table from which to delete a record, and WHERE tells the database which record to delete. You can watch the company delete process in action. Point your Web browser to http://<yourserver>/CFMXBible/Ch02/CompanyGetDeleteForm.cfm and enter a CompanyID. (To get a valid ID, go to the company list and pick a number from the ID column.) Click Submit to see the chosen company’s informatio...
The DateFormat() function around the DateOfBirth column in the codereturns the employee’s birth date reformatted according to a display mask. DateOfBirth normally comes back from the database in the following format: 2002-01-01 00:00:00.0 That format is not very user-friendly. Calling DateFormat() with a mask of “mm/dd/yyyy” returns the date as follows: 01/01/2002 This version is, of course, more natural and easy to read. The same is true for the employee edit process...
6. Removing an Employee From the Database
The user must have the capability to remove employees from the database. The employee delete process is a simple combination of techniques that you have already learned, such as retrieving a record from the database, displaying that record in a template, and so on. The first page in this process is nearly identical to the employee get edit form. Create a file named EmployeeGetDeleteForm.cfm inside the Ch02 directory, type the code into the file’s editing window, and save the file. <html> <head> <ti...
7. Making direct links to the forms
Say that you want to modify or delete a company. Right now, you need to remember the company’s ID, go back to the launch pad, click Company Edit, and enter the company ID, all just to get to the edit form. Wouldn’t you rather click a company in the list and go directly to the edit form? ... <table> <tr> <td><b>ID</b></td> <td><b>Name</b></td> <td><b>Address</b></td> <td><b>City</b></t...