[skunkfu]

Understood Ben. OOP and MVC would be extreme overkill for the little project I'm dealing with.

I will keep it simple for now then. Later on if I require such scalable features (being taken on for a client perhaps), then I will look into it further.

Thanks for your time!!

[teke]

how can add in table a timeleft column and when the time is up ,automatically delete row

if you can...

[Ben]

teke, on 26 March 2012 - 01:35 PM, said:

how can add in table a timeleft column and when the time is up ,automatically delete row

if you can...

I don't think that is something that is done with plain PHP -- I believe you would need to use a CRON job that repeats a certain number of times a day to call a PHP script to do the cleanup. If you are dealing with small amounts of time (minutes rather than hours, for example) you might use AJAX that loops every x seconds to call a PHP script to do the cleanup.

[teke]

the time in days i need, anyway thanks !

[teke]

i returned... do you know something about countdown timer in table? any

[Blackburn]

I have some problem with this tutorial. I made a bit change to suit my forum script I building. Heres what my changed files.
EDIT.PHP

<?php
//create_cat.php
 include 'connect.php';
 include 'header.php';
 include 'modules/bbcode.php';

/* 
 EDIT.PHP
 Allows user to edit specific entry in database
*/

 // creates the edit record form
 // since this form is used multiple times in this file, I have made it a function that is easily reusable
 function renderForm($id, $firstname, $error)
 {
 ?>
 <html>
 <head>
 <title>Edit Record</title>
 </head>
 <body>
 <?php 
 // if there are any errors, display them
 if ($error != '')
 {
 echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
 }
 ?> 
 
 <form action="" method="post">
 <input type="hidden" name="id" value="<?php echo $id; ?>"/>
 <div>
 <p><strong>ID:</strong> <?php echo $id; ?></p>
 <strong>Content*</strong> <input type="text" name="firstname" value="<?php echo $firstname; ?>"/><br/>
 <p>* Required</p>
 <input type="submit" name="submit" value="Submit">
 </div>
 <a href="/settings.php">Back</a>
 </form> 
 </body>
 </html> 
 <?php
 }



 // connect to the database

 
 // check if the form has been submitted. If it has, process the form and save it to the database
 if (isset($_POST['submit']))
 { 
 // confirm that the 'id' value is a valid integer before getting the form data
 if (is_numeric($_POST['id']))
 {
 // get form data, making sure it is valid
 $id = $_POST['post_id'];
 $firstname = mysql_real_escape_string(htmlspecialchars($_POST['post_content']));
 
 // check that firstname/lastname fields are both filled in
 if ($firstname == '')
 {
 // generate error message
 $error = 'ERROR: Please fill in all required fields!';
 
 //error, display form
 renderForm($id, $firstname, $error);
 }
 else
 {
 // save the data to the database
 mysql_query("UPDATE 
					posts
				SET 
					post_content='$firstname' 
				WHERE post_id='$id'")
				
 or die(mysql_error()); 
 
 // once saved, redirect back to the view page
 header("Location: settings.php"); 
 }
 }
 else
 {
 // if the 'id' isn't valid, display an error
 echo 'Error!';
 }
 }
 else
 // if the form hasn't been submitted, get the data from the db and display the form
 {
 
 // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
 if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
 {
 // query db
 $id = $_GET['id'];
 $result = mysql_query("SELECT * FROM posts WHERE post_id=$id")
 or die(mysql_error()); 
 $row = mysql_fetch_array($result);
 
 // check that the 'id' matches up with a row in the databse
 if($row)
 {
 
 // get data from db
 $firstname = $row['post_content'];
 
 // show form
 renderForm($id, $firstname, '');
 }
 else
 // if no match, display result
 {
 echo "No results!";
 }
 }
 else
 // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
 {
 echo 'Error!';
 }
 }
 include 'footer.php';
?>

and NEW.PHP

<?php
//create_cat.php
include 'connect.php';
include 'header.php';

/* 
 NEW.PHP
 Allows user to create a new entry in the database
*/
 
 // creates the new record form
 // since this form is used multiple times in this file, I have made it a function that is easily reusable
 function renderForm($first, $last, $error)
 {
 ?>
 <html>
 <head>
 <title>New Record</title>
 </head>
 <body>
 <?php 
 // if there are any errors, display them
 if ($error != '')
 {
 echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
 }
 ?> 
 
 <form action="" method="post">
 <div>
 <strong>Content: *</strong> <input type="textarea" name="firstname" value="<?php echo $first; ?>" /><br/>
 <p>* required</p>
 <input type="submit" name="submit" value="Submit">
 </div>
 </form> 
 </body>
 </html>
 <?php 
 }
 
 


 // check if the form has been submitted. If it has, start to process the form and save it to the database
 if (isset($_POST['submit']))
 { 
 // get form data, making sure it is valid
 $firstname = mysql_real_escape_string(htmlspecialchars($_POST['post_content']));

 
 // check to make sure both fields are entered
 if ($firstname == '')
 {
 // generate error message
 $error = 'ERROR: Please fill in all required fields!';
 
 // if either field is blank, display the form again
 renderForm($first, $last, $error);
 }
 else
 {
 // save the data to the database
 mysql_query("INSERT posts SET post_content='$firstname'")
 or die(mysql_error()); 
 
 // once saved, redirect back to the view page
 header("Location: settings.php"); 
 }
 }
 else
 // if the form hasn't been submitted, display the form
 {
 renderForm('','','');
 }
 
 include 'footer.php';
?> 

In both Im getting error "ERROR: Please fill in all required fields" if I want to change something or add. The delete option is working.

[Face]

First post, please be kind!

Ok, so I don't really know much about anything regarding PHP/MySQL - I can do HTML and Flash (providing that is stays away from DBs)...

So I downloaded and installed XAMPP, basically copied and pasted, made all the necessary files - and now I have your basic PHP program running on my computer *ALMOST* exactly as you have it on yours (BEN).

The problem I am having, and i can't figure it out for the life of me is why I get this unexplainable text at the top of the page saying "VALUES(4, 'Sam', 'Smith');" which is the last line of code that I imported into the "RECORDS" DB... (screen shot included). This text will follow me to every part of the program (new.php, edit.php...)



Any ideas of what I missed?

PS - The reason I am learning this is to help someone else with a school project. The more I look into PHP the more I want to know, so this might be the start of a long relationship.

Cheers,
Face

[Ben]

@Face: I would suggest looking at your connect-db.php file. I'm betting that you didn't do the copy/paste exactly right, and you may have that text at the beginning of the file, probably before the opening <?php tag.

[Face]

And of course that is exactly what it was. Thanks for your very quick response to a very stupid problem... I had checked all the files except for that one.

Thanks again. from this point I expect to make my own modifications and actually start learning stuff - so you should be hearing from me soon (very).

Cheers,
Face

[Face]

Actually, to help myself out I'm going to let you all in on what the project is.

Basically its supposed to be a simple PHP/MySQL database that keeps track of books coming in/out of a collection. So basically what I am going to try to do is add a Title, Publisher, and Date Aqcuired column... perhaps a "Aqcuired from where." while always keeping the ability to delete/edit/add...

and then I will move onto a program for myself that can help me inventory shop tools / materials.

Always happy to recieve advice!

Cheers,
Face

[Jeffro78]

How do you type an if statement using $_POST for checkboxes as in IT classes taken or needed, ie IT101b, IT205b, IT210b, IT310b in php? I am a Super Noob and am quite lost because the if statements in Java seem to be easier to figure out than so far in PHP.

Thanks for any assistance with my issue.

[Ben]

Jeffro78, on 10 April 2012 - 10:12 PM, said:

How do you type an if statement using $_POST for checkboxes as in IT classes taken or needed, ie IT101b, IT205b, IT210b, IT310b in php? I am a Super Noob and am quite lost because the if statements in Java seem to be easier to figure out than so far in PHP.

Thanks for any assistance with my issue.

Checkboxes are a little trickier than the standard input elements. Take a look here: http://www.homeandle...hp/php4p11.html -- this will explain how to check if a checkbox is set or not.

[Face]

Me again! Things are moving along. Added a search box where you can search "players" by name or id. Added a few more columns to the table. and some other buttons and changed the look of it a bit - now i'm wondering....

.... What would be the best way to have a "confirm delete" option? Can it be done in PHP? or would it have to be javascript? Or just a generic button?

Cheers,
Face

[Ben]

The easiest way would be do use javascript -- pop up a confirm box asking the user to click "yes", and then redirecting to the delete page only if the user clicks yes.

However, I have heard that it is a best practice to avoid this, and try to avoid using a url that automatically deletes a record only based on $_GET data since there is a chance that it could be abused -- for example, what if the admin user was emailed a link (or something innocent that didn't look like a link) and they clicked on it and it deleted the record?. In addition, only using a Javascript based confirm would mean that for anyone who used the system with Javascript off, it would automatically bypass the confirmation (then again, the number of users who browse with Javascript off is pretty low).

The "best practice" way of going about this would probably have the confirm delete function built into the delete page, so the user visits "delete.php?id=x" and instead of immediately deleting the record, they are asked to confirm within a form, and the item is only deleted based on a "yes" response in the $_POST data.

Alternately, you could build this form into the main page that shows all the records, confirm delete using a Javascript confirm() function, and then only delete the item(s) based on the $_POST data.

[Face]

Thanks, I will see what I can manage. The chances are I will go with Javascript, the reason being that this is a school project for someone and will be run using XAMPP or some sort of similar program - so i'm not so much worried about security issues. Hopefully the person evaluating the project isn't worried either.

I will continue to investigate anyhow.

Cheers,
Face

[LiquidFire]

Hey ben, really like the code and modded it to fit my benefits but im having a small problem with editing where what it shows when im viewing a post i had made it doesn't show up in the box when i click edit (view attachment if you dont understand)



ADMIN.PHP

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<?php
include("../include/session.php");
include("db.php");
?>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>AzureDivinity's Website</title>
<link href="../../css/style1.css" rel="stylesheet" type="text/css">
<link href="../../css/style2.css" rel="stylesheet" type="text/css">
<link href="../../css/style3.css" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="../../slider/themes/default/default.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../slider/nivo-slider.css" type="text/css" media="screen" /> 

</head>

<body>

	<div id="everything">

		<div id="header">
			
			<ul id="menu">
				<li><a class="main" href="http://azuredivinity.com/"></a></li>
				<li><a class="profile" href="http://azuredivinity.com/profile.php"></a></li>						
                <li><a class="cms" href="http://azuredivinity.com/forum/content.php"></a></li>
				<li><a class="forum" href="http://azuredivinity.com/forum/forum.php"></a></li>
				<li><a class="blog" href="http://azuredivinity.com/forum/blog.php"></a></li>
                <li><a class="contact" href="http://azuredivinity.com/index.php?page=contact"></a></li>
                <li><a class="login" href="http://azuredivinity.com/login/main.php"></a></li>
				<li><a class="rotate" href="http://azuredivinity.com/#"></a></li>
                <li><a class="coaching" href="http://azuredivinity.com/coaching/index.html"></a></li>
                <li><a class="clanex" href="http://www.combatex.com/forum/index.php"></a></li>
			</ul>  
		
		</div>
	
		<div id="middle">
	
        
			<div class="slider-wrapper theme-default">
			
			<div class="ribbon">
			</div>
			
				<div id="slider" class="nivoSlider">
                	<img src="../../css/images/slider_images/img15.png" alt="" />
					<img src="../../css/images/slider_images/img1.png" alt="" />
					<img src="../../css/images/slider_images/img3.png" alt="" />
					<img src="../../css/images/slider_images/img6.png" alt="" />
					<img src="../../css/images/slider_images/img7.png" alt="" />
					<img src="../../css/images/slider_images/img8.png" alt="" />
					<img src="../../css/images/slider_images/img9.png" alt="" />
					<img src="../../css/images/slider_images/img10.png" alt="" />
					<img src="../../css/images/slider_images/img11.png" alt="" />
     				<img src="../../css/images/slider_images/img12.png" alt="" />
					<img src="../../css/images/slider_images/img13.png" alt="" />
					<img src="../../css/images/slider_images/img14.png" alt="" />
				</div>
				
			</div>

		</div>
	
	<script type="text/javascript" src="../../slider/scripts/jquery-1.6.1.min.js"></script>
    <script type="text/javascript" src="../../slider/jquery.nivo.slider.pack.js"></script>
    <script type="text/javascript">
		$(window).load(function() {
			$('#slider').nivoSlider();
		});
    </script>
    
	<br />
    <br />
    <br />
	  
				<div id="left_column">
		  
					<div class="left_break">
					</div>
          
					<div class="left">
			
		   
					<div class="left_nav_header">
					</div>
			
					<div class="post_body_nav">
                    
					<div id="navigation">
						<a class="tbt" href="http://blacktowerclan.com/"></a>
                        <a class="scu" href="http://starcraftuniverse.org"></a>
						<a class="combat" href="http://www.twitch.tv/combatex"></a>
						<a class="clanwater" href="http://www.twitch.tv/clanwater"></a>
						<a class="azure" href="http://www.justin.tv/azuredivinity"></a>
						<a class="teammnm" href="http://www.twitch.tv/mnmsc2?"></a>
						<a class="combatsite" href="http://www.combatex.com/" target="_blank"></a>
						<a class="vile" href="http://www.twitch.tv/illusioncss" target="_blank"></a>                    						
                    <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="TG4YRKN4S3NDY">
<input type="image" src="../css/images/buttons/donate2.png" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
                    </div>
					
                    </div>
                    			
					<div class="footer">
					</div>
                    
					</div>
                    
                    <div class="left">
                    
                    <div class="left_break">
					</div>
                    
                    <div class="left_header">
					</div>
                    
					<div class="post_body_nav">
						<br><p><img src="../../css/images/achievements/achieve_1.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_2.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_3.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_4.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_5.png" alt="About Me" align="center"/></p></br>
					</div>
			
					<div class="footer">
					</div>

					</div>
		
				</div>
		  

    			<div id="middle_column" class="two_column">

				<div class="post">

					<div class="header">
					</div>

					<div class="post_body">

						<?

   
						/**
						* User not an administrator, redirect to main page
						* automatically.
						*/
						
						if(!$session->isAdmin()){
							printf("<script>location.href='main.php'</script>");
						}
						else{
						
						
						/**
						* Administrator is viewing page, so display all
						* forms.
						*/
						
						?>
										
					<h1>Admin Center</h1>
					<font size="5" color="#ff0000">
					<b>::::::::::::::::::::::::::::::::::::::::::::</b></font>
					<font size="4">Logged in as <b><? echo $session->username; ?></b></font><br><br>
					Back to [<a href="main.php">Main Page</a>]<br><br>
					Add A  [<a href="http://www.azuredivinity.com/index.php?p=add">New Entry</a>]<br><br>

					<?
					if($form->num_errors > 0){
						echo "<font size=\"4\" color=\"#ff0000\">"
							."!*** Error with request, please fix</font><br><br>";
					}
					?>

		<?php
        // number of results to show per page
        $per_page = 6;
        
        // figure out the total pages in the database
        $result = mysql_query("SELECT * FROM tt_blog");
        $total_results = mysql_num_rows($result);
        $total_pages = ceil($total_results / $per_page);


        // check if the 'page' variable is set in the URL (ex: view-paginated.php?page=1)
        if (isset($_GET['page']) && is_numeric($_GET['page']))
        {
                $show_page = $_GET['page'];
                
                // make sure the $show_page value is valid
                if ($show_page > 0 && $show_page <= $total_pages)
                {
                        $start = ($show_page -1) * $per_page;
                        $end = $start + $per_page; 
                }
                else
                {
                        // error - show first set of results
                        $start = 0;
                        $end = $per_page; 
                }               
        }
        else
        {
                // if page isn't set, show first set of results
                $start = 0;
                $end = $per_page; 
        }
        
        // display pagination
        for ($i = 1; $i <= $total_pages; $i++)
        {
                echo "<a href='admin.php?page=$i'>$i</a> ";
        }
        echo "</p>";
                
        // display data in table
        echo "<table border='1' cellpadding='10'>";
        echo "<tr> <th>ID</th> <th>Post Date</th> <th>Post Title</th> <th>Post Text</th> <th></th> <th></th></tr>";

        // loop through results of database query, displaying them in the table 
        for ($i = $start; $i < $end; $i++)
        {
                // make sure that PHP doesn't try to show results that don't exist
                if ($i == $total_results) { break; }
        
                // echo out the contents of each row into a table
                echo "<tr>";
                echo '<td>' . mysql_result($result, $i, 'id') . '</td>';
                echo '<td>' . mysql_result($result, $i, 'datetime') . '</td>';
                echo '<td>' . mysql_result($result, $i, 'title') . '</td>';
                echo '<td>' . mysql_result($result, $i, 'content') . '</td>';
                echo '<td><a href="edit.php?id=' . mysql_result($result, $i, 'id') . '">Edit</a></td>';
                echo '<td><a href="delete.php?id=' . mysql_result($result, $i, 'id') . '">Delete</a></td>';
                echo "</tr>"; 
        }
        // close table>
        echo "</table>"; 
        
        // pagination
        

?>

					<?
					}
					?>
			
					</div>

					<div class="postedby">
					</div>
          
				</div>
			
			</div>
	
		<div id="footer">
		</div>
			
			</div>
			
</body>
</html>

EDIT.PHP

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<?php
include("../include/sessions.php");
?>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>AzureDivinity's Website</title>
<link href="../../css/style1.css" rel="stylesheet" type="text/css">
<link href="../../css/style2.css" rel="stylesheet" type="text/css">
<link href="../../css/style3.css" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="../../slider/themes/default/default.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../slider/nivo-slider.css" type="text/css" media="screen" /> 

</head>

<body>

	<div id="everything">

		<div id="header">
			
			<ul id="menu">
				<li><a class="main" href="http://azuredivinity.com/"></a></li>
				<li><a class="profile" href="http://azuredivinity.com/profile.php"></a></li>						
                <li><a class="cms" href="http://azuredivinity.com/forum/content.php"></a></li>
				<li><a class="forum" href="http://azuredivinity.com/forum/forum.php"></a></li>
				<li><a class="blog" href="http://azuredivinity.com/forum/blog.php"></a></li>
                <li><a class="contact" href="http://azuredivinity.com/index.php?page=contact"></a></li>
                <li><a class="login" href="http://azuredivinity.com/login/main.php"></a></li>
				<li><a class="rotate" href="http://azuredivinity.com/#"></a></li>
                <li><a class="coaching" href="http://azuredivinity.com/coaching/index.html"></a></li>
                <li><a class="clanex" href="http://www.combatex.com/forum/index.php"></a></li>
			</ul>  
		
		</div>
	
		<div id="middle">
	
        
			<div class="slider-wrapper theme-default">
			
			<div class="ribbon">
			</div>
			
				<div id="slider" class="nivoSlider">
                	<img src="../../css/images/slider_images/img15.png" alt="" />
					<img src="../../css/images/slider_images/img1.png" alt="" />
					<img src="../../css/images/slider_images/img3.png" alt="" />
					<img src="../../css/images/slider_images/img6.png" alt="" />
					<img src="../../css/images/slider_images/img7.png" alt="" />
					<img src="../../css/images/slider_images/img8.png" alt="" />
					<img src="../../css/images/slider_images/img9.png" alt="" />
					<img src="../../css/images/slider_images/img10.png" alt="" />
					<img src="../../css/images/slider_images/img11.png" alt="" />
     				<img src="../../css/images/slider_images/img12.png" alt="" />
					<img src="../../css/images/slider_images/img13.png" alt="" />
					<img src="../../css/images/slider_images/img14.png" alt="" />
				</div>
				
			</div>

		</div>
	
	<script type="text/javascript" src="../../slider/scripts/jquery-1.6.1.min.js"></script>
    <script type="text/javascript" src="../../slider/jquery.nivo.slider.pack.js"></script>
    <script type="text/javascript">
		$(window).load(function() {
			$('#slider').nivoSlider();
		});
    </script>
    
	<br />
    <br />
    <br />
	  
				<div id="left_column">
		  
					<div class="left_break">
					</div>
          
					<div class="left">
			
		   
					<div class="left_nav_header">
					</div>
			
					<div class="post_body_nav">
                    
					<div id="navigation">
						<a class="tbt" href="http://blacktowerclan.com/"></a>
                        <a class="scu" href="http://starcraftuniverse.org"></a>
						<a class="combat" href="http://www.twitch.tv/combatex"></a>
						<a class="clanwater" href="http://www.twitch.tv/clanwater"></a>
						<a class="azure" href="http://www.justin.tv/azuredivinity"></a>
						<a class="teammnm" href="http://www.twitch.tv/mnmsc2?"></a>
						<a class="combatsite" href="http://www.combatex.com/" target="_blank"></a>
						<a class="vile" href="http://www.twitch.tv/illusioncss" target="_blank"></a>                    						
                    <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="TG4YRKN4S3NDY">
<input type="image" src="../../css/images/buttons/donate2.png" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
                    </div>
					
                    </div>
                    			
					<div class="footer">
					</div>
                    
					</div>
                    
                    <div class="left">
                    
                    <div class="left_break">
					</div>
                    
                    <div class="left_header">
					</div>
                    
					<div class="post_body_nav">
						<br><p><img src="../../css/images/achievements/achieve_1.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_2.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_3.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_4.png" alt="About Me" align="center"/></p></br>
						<br><p><img src="../../css/images/achievements/achieve_5.png" alt="About Me" align="center"/></p></br>
					</div>
			
					<div class="footer">
					</div>

					</div>
		
				</div>

			<div id="middle_column" class="two_column">

				<div class="post">

					<div class="header">
					</div>

					<div class="post_body">

<?php
/* 
 EDIT.PHP
 Allows user to edit specific entry in database
*/

 // creates the edit record form
 // since this form is used multiple times in this file, I have made it a function that is easily reusable
 function renderForm($id, $datetime, $title, $content, $error)
 {
 ?>
 
 <?php 
 // if there are any errors, display them
 if ($error != '')
 {
 echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
 }
 ?> 
 
 <form action="" method="post">
 <input type="hidden" name="id" value="<?php echo $id; ?>"/>
 <div>
 <p><strong>ID:</strong> <?php echo $id; ?></p>
 <strong>Post Date: *</strong> <input type="text" name="datetime" value="<?php echo $datetime; ?>"/><br/>
 <strong>Post Title: *</strong> <input type="text" name="title" value="<?php echo $title; ?>"/><br/>
 <strong>Post Text: *</strong> <textarea type="text" name="content" value="<?php echo $content; ?>"></textarea><br/>
 <p>* Required</p>
 <input type="submit" name="submit" value="Submit">
 </div>
 </form> 
 </body>
 </html> 
 <?php
 }



 // connect to the database
 include('db.php');
 
 // check if the form has been submitted. If it has, process the form and save it to the database
 if (isset($_POST['submit']))
 { 
 // confirm that the 'id' value is a valid integer before getting the form data
 if (is_numeric($_POST['id']))
 {
 // get form data, making sure it is valid
 $id = $_POST['id'];
 $datetime = mysql_real_escape_string(htmlspecialchars($_POST['datetime']));
 $title = mysql_real_escape_string(htmlspecialchars($_POST['title']));
 $content = mysql_real_escape_string(htmlspecialchars($_POST['content']));
 
 // check that datetime/title fields are both filled in
 if ($datetime == '' || $title == '' || $content == '')
 {
 // generate error message
 $error = 'ERROR: Please fill in all required fields!';
 
 //error, display form
 renderForm($id, $datetime, $title, $content, $error);
 }
 else
 {
 // save the data to the database
 mysql_query("UPDATE tt_blog SET datetime='$datetime', title='$title', 'content=$content' WHERE id='$id'")
 or die(mysql_error()); 
 
 // once saved, redirect back to the view page
 header("Location: admin.php"); 
 }
 }
 else
 {
 // if the 'id' isn't valid, display an error
 echo 'Error!';
 }
 }
 else
 // if the form hasn't been submitted, get the data from the db and display the form
 {
 
 // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
 if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
 {
 // query db
 $id = $_GET['id'];
 $result = mysql_query("SELECT * FROM tt_blog WHERE id=$id")
 or die(mysql_error()); 
 $row = mysql_fetch_array($result);
 
 // check that the 'id' matches up with a row in the databse
 if($row)
 {
 
 // get data from db
 $datetime = $row['datetime'];
 $title = $row['title'];
 $content = $row['content'];
 
 // show form
 renderForm($id, $datetime, $title, $content, '');
 }
 else
 // if no match, display result
 {
 echo "No results!";
 }
 }
 else
 // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
 {
 echo 'Error!';
 }
 }
?>


					</div>

					<div class="postedby">
					</div>
          
				</div>
			
			</div>
			
					<div id="footer">
		</div>
			
			</div>
			
</body>
</html>

[Ben]

I think the issue is this line within your edit file:

<textarea type="text" name="content" value="<?php echo $content; ?>"></textarea>

A textarea doesn't have a value attribute, as far as I understand it. I believe it needs to be:

<textarea name="content"><?php echo $content; ?></textarea>

I would do a quick web search on textareas and check the exact syntax.

[LiquidFire]

Wow cant believe i forgot about that. lamo, tyvm ben

[LiquidFire]

Ive got another problem now though, when i edit something it gets messed up if it has coding in the post. such as if it has <p align="center"> it will change the align="center" to align=\"center\" will do the same thing to random text like don't will be don\'t

also is there a way to change it to where when im viewing the post to edit or delete them, to show the code if i embeded a video or if theres code in there at all, show that instead of showing what it would look like

[Ben]

1) You probably need to run stripslashes() on your content before you save it to the database.

2) I think using htmlspecialchars() on the content should disable the HTML and fix your second issue.

[LiquidFire]

Would u mind helping me with how to put the stripslashes and htmlspecialchars in, ima be honest im terrible at php D:

[uskolte]

Thank you. It is very good demo, I implemented it using ODBC.

[LadyMustache]

Hello can someone please help me with an employee system?

http://shrib.com/mysql
http://shrib.com/systememp

I have the code in that site, my problem is, the add.php is incorrect.:|

Please help me Thank you

[Ben]

@LiquidFire:

Within your ADMIN.php file, I believe you would want to change this line:

echo '<td>' . mysql_result($result, $i, 'content') . '</td>';

to this:

echo '<td>' . htmlspecialchars(mysql_result($result, $i, 'content')) . '</td>';

and within edit.php, you would want to chnage this line:

 $content = mysql_real_escape_string(htmlspecialchars($_POST['content']));

to this:

 $content = stripslashes(mysql_real_escape_string(htmlspecialchars($_POST['content'])));

[Ben]

@LadyMustache:
Since you are working with different code than I have used at the start of this topic, why don't you make a new topic for your issue within the PHP section? If you can be more clear about what is wrong with add.php and what errors you are getting, that would be helpful.

[LadyMustache]

Ben, on 21 April 2012 - 05:37 PM, said:

@LadyMustache:
Since you are working with different code than I have used at the start of this topic, why don't you make a new topic for your issue within the PHP section? If you can be more clear about what is wrong with add.php and what errors you are getting, that would be helpful.

Thank you for replying! Sorry my bad.

[LiquidFire]

thanks for everything what you said to do is working just got 1 more problem with after i finish the edit (see attachment)

[Manjula]

Hi Administrator,

I am very happy for this post. And Thanks so much.
I am beginner for PHP.So I have created my staff directory table within refer your post.
I want editing my staff directory table. But if click on edit link come following error
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@dwu.ac.pg' at line 1"

Please check bellow attachment from link. It has my database and php file.

http://kithusara.org.../manju/test.zip


If you can help me , I appreciate so much.
Thanks,

Manjula.

[teke]

hi, how can sort columns ascendenting ?

anyone can help me?

[iv4n]

Hi Administrator,

I am very happy for this post. And Thanks so much.

can u help me... how to make a
id_level(AUTO_INCREMENT) in n group_level..
(1 administrator) (2 super_user) etc... with dropdown menu n if edit show all group not only choosen group

sory for my bad english