#!/usr/local/bin/perl
use strict;
use CGI;
use CGI::Carp 'fatalsToBrowser'; #remove for prod
use DBI;

# get form parameters
my $q = new CGI;
my $action = $q->param('go');
my $empid  = $q->param('empid');

my $dbh = dbh(); # connect to db
$dbh->do("SET search_path to northwind") or die;

# If the confirm form was properly submitted, update the record
my $msg;
# change validation to suit
if ( ($action eq "UPDATE") && ($empid =~ /\d+/)) {
  my $sql = qq!UPDATE 
                   "Employees" 
                SET
                   "LastName"              = "." \'$input{lastname}\', 
                   "FirstName"             = "." \'$input{firstname}\', 
                   "Title"                 = "." \'$input{title}\', 
                   "TitleOfCourtesy"       = "." \'$input{toc}\', 
                   "BirthDate"             = "." \'$input{dob}\',
                   "HireDate"              = "." \'$input{doh}\',
                   "Address"               = "." \'$input{address}\', 
                   "City"                  = "." \'$input{city}\', 
                   "Region"                = "." \'$input{region}\', 
                   "PostalCode"            = "." \'$input{pcode}\',
                   "Country"               = "." \'$input{country}\',
                   "HomePhone"             = "." \'$input{homephone}\', 
                   "Extension"             = "." \'$input{ext}\', 
                   "Notes"                 = "." \'$input{notes}\', 
                   "ReportsTo"             = "." \'$input{repto}\'
                WHERE "EmployeeID" = ? !;
               
  my $count = $dbh->do( $sql,undef,$empid );
  $msg = "$count Record updated - $sql, $empid";
} else {
  $msg = "Please complete form";
}

# get employees
my $sql = qq!SELECT "EmployeeID" AS empid, 
             "FirstName"::text || ' ' ||"LastName"::text AS name 
             FROM "Employees" !;
my $ar = $dbh->selectall_arrayref($sql);

# Make up a pulldown menu 
my $options = qq!<option value="">select name</option>!;
for my $row (@$ar) {
  $options .= qq!<option value="$row->[0]">$row->[1]</option>\n!;
}

# build html page
my $style = q!
  body { background-color: pink ; color: #3300cc; }
  .container { width: 500px; clear: both; }
  .container input { width: 100%; clear: both;}
!;

# Send out the header and form
print $q->header;
print $q->start_html(-title=>'Update an employee record',
                     -style=>{ -code=>$style } );
print qq!<h1 style="color:3300CC">Please update an employee</h1>!;

# Fetch data
if ( $action eq "FETCH" ) {
  #print qq!<h3>Please make the necessary updates to $empid ?</h3>
  my $sql = 'SELECT * FROM "Employees" 
           WHERE "EmployeeID" = ?';
my $hr = $dbh->selectrow_hashref($sql,undef,$empid);
#my $hr = $dbh->selectrow_hashref($sql,undef,$input{empid});

print qq!
<form action="" method="post">
Employee ID : $hr->{'EmployeeID'}<br/>
<input type="hidden" name="EmployeeID" value="$hr->{'EmployeeID'}"/>
Last Name :<input name="lastname" value="$hr->{'LastName'}"/><br/>
First Name :<input name="firstname" value="$hr->{'FirstName'}"/><br/>
Title :<input name="title" value="$hr->{'Title'}"/><br/>
Title Of Courtesy :<input name="toc" value="$hr->{'TitleOfCourtesy'}"/><br/>
Birth Date :<input name="dob" value="$hr->{'BirthDate'}"/><br/>
Hire Date :<input name="doh" value="$hr->{'HireDate'}"/><br/>
Address :<input name="address" value="$hr->{'Address'}"/><br/>
City :<input name="city" value="$hr->{'City'}"/><br/>
Region :<input name="region" value="$hr->{'Region'}"/><br/>
PostalCode :<input name="pcode" value="$hr->{'PostalCode'}"/><br/>
Country :<input name="country" value="$hr->{'Country'}"/><br/>
Home Phone :<input name="homephone" value="$hr->{'HomePhone'}"/><br/>
Extension :<input name="ext" value="$hr->{'Extension'}"/><br/>
Notes :<input name="notes" value="$hr->{'Notes'}"/><br/>
<input type="submit" name="go" value="UPDATE"/>
</form>!;

  my $count = $dbh->do( $sql,undef,$empid );
    $msg = "$count Record fetched - $sql, $empid";

} else {
  print qq!<div class="container">
  Select Employee to be updated :
<form method="post" action="">
  <select name="empid"> $options </select><br/>
  <input type="submit" name="go" value="FETCH"/>
</form></div><hr/>!;
 
  # Standard links to the rest of the application
  print <<"FOOTER";
<b>$msg</b>
<hr/>
Jump to - <a href="emp2.pl">View Employees Listing</a><br/>
Jump to - <a href="addemp.pl">Add an Employee</a><br/>
Jump to - <a href="updatephoto.pl">Add or update Employee Photo</a><br/>
<hr/>
Edited by Terry on July, 06 2014.
FOOTER
}
print $q->end_html;

# connect to database
sub dbh {
  my $dsn = 'DBI:Pg:dbname=northwind;host=localhost';
  my $user = 'postgres';
  my $pwd  = 'postgres';
  my $dbh = DBI -> connect($dsn,$user,$pwd,{'RaiseError' => 1});
  return $dbh;
}