/* The SQL statment to insert a new customer into the database is constructed
here based upon the values obtained from the form elements in "customer.htm",
which are passed as properties of the REQUEST object. Notice how each value
is surrounded by single quotes, as specified by SQL syntax rules.
This operation could also have been performed by establishing a cursor
on the CUSTOMER table and performing and calling the "cursor.updateRow()" method.
*/
database.execute("insert into customer values ('" +
request.name + "'," +
request.ID + ",'" +
request.address + "','" +
request.city + "','" +
request.state + "','" +
request.zip + "','" +
request.phone + "')")
redirect("customer.htm")