PHP and MySQL Web Development - P121 pps

$w = get_writer_record$HTTP_SESSION_VARS['auth_user'];print 'Welcome, '.$w['full_name']; print ' Logout'; The function get_writer_recordis defined in db_fns.phpand returns an array of al

Trang 1

$w = get_writer_record($HTTP_SESSION_VARS['auth_user']);

print 'Welcome, '.$w['full_name'];

print ' (<a href="logout.php">Logout</a>)';

The function get_writer_record()is defined in db_fns.phpand returns an array of all the fields in the writer table for the passed in username.The script logout.php sim-ply unsets the value of auth_user.

The following SQL finds all a writer’s stories, starting with the most recently added:

$sql = 'select * from stories where writer = \'' '.$HTTP_SESSION_VARS['auth_user'].'\'' order by created desc';

We are storing a created, modified, and published timestamp against each story record When a new story is added, both the created and modified timestamps are set to the sys-tem time Each subsequent change updates only the modified field.

All this information is shown on the stories screen, first with

print date('M d, H:i', $qry['created']);

and then

print date('M d, H:i', $qry['modified']);

and finally

if ($qry['published']) print '[Published '.date('M d, H:i', $qry['published']).']';

else { print '[<a href="story.php?story='.$qry['id'].'">edit</a>] ';

print '[<a href="delete_story.php?story='.$qry['id'].'">delete</a>] ';

print '[<a href="keywords.php?story='.$qry['id'].'">keywords</a>]';

}

This will show the published date if appropriate; otherwise, it will show links to edit or delete that story and to set search keywords.

The script for entering a new story or editing an existing one is story.php, and is shown in Figure 26.6 editing one of the stories in the sample application database The complete listing of story.phpcan be seen in listing 26.6.

Trang 2

Figure 26.6 Editing a story.

Listing 26.6 story.php—Is Used to Create or Edit a Story

<?php

include ('include_fns.php');

if (isset($HTTP_GET_VARS['story']))

$s = get_story_record($HTTP_GET_VARS['story']);

?>

<input type="hidden" name="destination"

value="<?php print $HTTP_SERVER_VARS['HTTP_REFERER'];?>">

<table>

<tr>

<td align="center">Headline<td>

</tr>

<tr>

Trang 3

<td><input size="80" name="headline"

value="<?php print $s['headline'];?>"></td>

</tr>

<tr>

</tr>

<tr>

<td align="center"><?php print query_select('page',

"select p.code, p.description from pages p, writer_permissions wp, stories s where p.code = wp.page

and wp.writer = s.writer and s.id =".$HTTP_GET_VARS['story'], $s['page']);?></td>

</tr>

<tr>

<td align="center">Story text (can contain HTML tags)</td>

</tr>

<tr>

<td><textarea cols="80" rows="7" name="story_text"

wrap="virtual"><?php print $s['story_text'];?></textarea>

</td>

</tr>

<tr>

<td align="center">Or upload HTML file</td>

</tr>

<tr>

</tr>

<tr>

<td align="center">Picture</td>

</tr>

<tr>

</tr>

<?php

if ($s[picture]) {

$size = getImageSize($s['picture']);

$width = $size[0];

$height = $size[1];

?>

Listing 26.6 Continued

Trang 4

<img src="<?php print $s['picture'];?>"

width="<?php print $width;?>" height="<?php print $height;?>">

</td>

</tr>

<?php } ?>

<tr>

</tr>

</table>

</form>

The same script can be used whether adding or editing, and the action depends on whether storyis set when the script is called.

if (isset($HTTP_GET_VARS['story']))

$s = get_story_record($HTTP_GET_VARS['story']);

The function get_story_record()is defined in db_fns.phpand returns an array of all the fields in the stories table for the specified story ID If no story ID is passed in,

$storywill be null and $swill not contain the array elements.

<input size="80" name="headline"

value="<?php print $s['headline'];?>">

If storyis not set, the preceding code will produce no value from the PHP statement,

so the headline input box will be blank If storyis set, it will contain the headline text for the story being edited.

print query_select('page',

"select p.code, p.description from pages p, writer_permissions wp where p.code = wp.page

and wp.writer = '".$HTTP_SESSION_VARS['auth_user']."'", $s['page']);

The function query_select()is defined in select_fns.phpand returns the HTML code to produce a SELECTlist from a given SQL query.The first parameter is the NAME attribute for the SELECT.The SQL query in the second parameter selects two columns, where the first is the VALUEpart of each option, and the second appears after the OPTION tag and is the text actually displayed in the list.The third parameter is optional It adds a SELECTEDattribute to the option whose value matches the specified value.

Listing 26.6 Continued

Trang 5

This sets up a placeholder variable, setting the new value for story from the passed in

story.When the form is submitted,story_submit.phpchecks whether there is a value for storyand generates an SQL UPDATE or INSERT statement accordingly.

The code for story_submit.phpis shown in Listing 26.7.

Listing 26.7 story_submit.php—Is Used to Insert or Update a Story in the Database

<?php

// story_submit.php // add / modify story record

include('include_fns.php');

$conn = db_connect();

$headline = $HTTP_POST_VARS['headline'];

$page = $HTTP_POST_VARS['page'];

$time = time();

if ( (isset($HTTP_POST_FILES['html']['name']) &&

(dirname($HTTP_POST_FILES['html']['type']) == 'text')

&& is_uploaded_file($HTTP_POST_FILES['html']['tmp_name']))) {

$fp = fopen($HTTP_POST_FILES['html']['tmp_name'], 'r');

$story_text = addslashes(fread($fp, filesize($HTTP_POST_FILES['html']['tmp_name'])));

fclose($fp);

} else

$story_text = $HTTP_POST_VARS['story_text'];

if (isset($HTTP_POST_VARS['story']) && $HTTP_POST_VARS['story']!='') { // It's an update

$story = $HTTP_POST_VARS['story'];

$sql = "update stories

set headline = '$headline', story_text = '$story_text', page = '$page',

modified = $time where id = $story";

} else { // It's a new story

$sql = "insert into stories

Định dạng
Số trang	5
Dung lượng	91,11 KB