/* The SQL statment to insert a new customer into the database is constructed here based upon the values obtained from the form elements in "customer.htm", which are passed as properties of the REQUEST object. Notice how each value is surrounded by single quotes, as specified by SQL syntax rules. This operation could also have been performed by establishing a cursor on the CUSTOMER table and performing and calling the "cursor.updateRow()" method. */ database.execute("insert into customer values ('" + request.name + "'," + request.ID + ",'" + request.address + "','" + request.city + "','" + request.state + "','" + request.zip + "','" + request.phone + "')") redirect("customer.htm")