There was a long discussion about how to let users add to a field without being able to change the contents of the field a while back. I just can't remember enough about it to be able to find it in the search. So I guess I'll try to recreate it from memory.
You'll need to make another subroutine to create your "user comments" form. (You could use html_record_form, but it would get really messy with a lot of "if" statements.)
Change anything in bold print to fit your database.
Code:
sub html_user_comment_form {
my (%rec) = @_;
foreach $column (@db_cols) {
print qq|<input type="hidden" name="$column" value="$rec{$column}">|;
}
&html_record(%rec); # prints out the current contents of the record
print qq|<textarea name="new_comment" rows=
5 columns="
40 wrap="virtual"></textarea>|;
}
In html_modify_form_record change
&html_record_form (%rec);
to
Code:
if ($per_admin) {
&html_record_form (%rec);
}
else {
&html_user_comment_form (%rec);
}
The above assumes that you only want the admin to be able to modify the other information in the database. If users will be adding records, and will "own" the records (and be allowed to modify them), use the following instead:
Code:
if (($per_admin) | | $rec{'
Userid'} eq $db_userid)) {
&html_record_form (%rec);
}
else {
&html_user_comment_form (%rec);
}
Take out the space between the two | characters above.
In db.cgi, in modify_record
after
my ($status, $line, @lines, @data, $output, $found, $restricted);
add
Code:
if ($in{'new_comment'}) {
$date = &get_date;
$time = &get_time;
$timestamp= "$date $time $db_userid";
$in{'
Comments'} .= "\n$timestamp\n$in{'new_comment'}";
}
This will add a linefeed to the end of the comment field and add the new comment to the end of it.
This does assume that the user is logged in. Otherwise the $db_userid will equal "default."
This is very different from the previous discussion, but I'm pretty sure it will work. I haven't tried it, though.
There is a potential for security problems with this. A user could save the form to his own computer, edit the hidden fields, load the form back into his browser and click the submit button. If that's a concern for you, I'll try to remember the other way we did it.
------------------
JPD