Home arrow Site Administration arrow Page 8 - Talk To Me!

The Last Word - Administration

You've seen how many Web sites (including this one) allow you topost comments and opinions on the material they publish. If you've everwished you had this capability on your Web site, or are simply curious asto how this is accomplished, read on.

TABLE OF CONTENTS:
  1. Talk To Me!
  2. The Job
  3. Building The Foundation
  4. Mole In A Hole
  5. Speak Now, Or Forever Hold Your Peace
  6. Of Trees And Branches
  7. Closing The Loop
  8. The Last Word
By: Vikram Vaswani, (c) Melonfire
Rating: starstarstarstarstar / 1
March 12, 2001

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
There are a couple of other things that can be added to complete this application. First, since all this work will come to naught if the article and section numbers are not transmitted correctly, you can build in a rudimentary error check by validating the presence of these two variables before performing any database operation. In case these variables are not present, simply redirect the user to an error page.

<? // redirect if missing important parameters // place at the top of every page if (!$article || !$section) { header("Location: error.php"); } ?>

In the interests of consistency, you might also like to connect related posts to one another by including the string "Re: " in the subject line of replies, as on USENET. This is a relatively simple operation to accomplish - simply add this refinement to "post.php".

<form action="<? echo $PHP_SELF; ?>" method="post"> <input type="hidden" name="replytopost" value="<?php echo $replytopost; ?>"> <input type="hidden" name="section" value="<?php echo $section; ?>"> <input type="hidden" name="article" value="<?php echo $article; ?>"> <table border="0" cellspacing="5" cellpadding="0"> <tr> <td colspan=2> <font face="Verdana, Arial" size="2" color="Black"><b>Your comment:</b></font><p> </td> </tr> <tr> <td><font face="Verdana, Arial" size="2" color="Black">Name</font></td> <td><input type="text" name="username" size="25"></td> </tr> <tr> <td><font face="Verdana, Arial" size="2" color="Black">Email address</font></td> <td><input type="text" name="email" size="25"></td> </tr> <? // if this is a reply to an existing post if ($replytopost) { // connect to database and pre-fill the subject field include("config.php"); $connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect!"); $query = "SELECT subject FROM $table WHERE id='$replytopost'"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query . " . mysql_error()); list($subject) = mysql_fetch_row($result); // fix the subject line if necessary $substring = substr($subject,0, 3); if ($substring != "Re:") { $subject = "Re: " . $subject; } } ?> <tr> <td><font face="Verdana, Arial" size="2" color="Black">Subject</font></td> <td><input type="text" name="subject" size="25" value="<? if ($subject) { echo $subject; } ?>"></td> </tr> <tr> <td><font face="Verdana, Arial" size="2" color="Black">Comment</font></td> <td><textarea name="post" rows="5"></textarea></td> </tr> <tr> <td colspan=2 align=center><input type="submit" name="submit" value="Add Comment"></td> </tr> </table> </form>

In the case of replies (indicated by the presence of the $replytopost variable), the subject field in the form is pre-filled with the subject of the parent post (obtained by querying the database), and the string "Re: " is prefixed to it. The user can, of course, replace this suggested subject line with anything else (s)he chooses.

Here's what it looks like:



Finally, it should be said that this system, as described above, is by no means perfect. For example, the passing of parameters via the URL GET method is an inherent vulnerability, allowing experienced users to alter the parameters and the subsequent attributes of the record in the database. A possible solution to this is to store the relevant numbers in session variables, which are inaccessible to the user, and thereby prevent mischief.

It should also be noted that the architecture on which this application is premised is by no means optimal - a few obvious flaws present themselves, the primary one being the odd duality of the article and section number combination. However, when performing development on an existing, active Web site with a pre-defined database architecture (as we were), and given the constraints inherent in such a situation, it's difficult to redesign a system from scratch, and often, the only practical (and cost-effective) option is to simply build on existing plumbing rather than going back to square one.

Either way, I hope this case study has given you some insight into how many Web sites build their online discussion forums, and perhaps also sparked some ideas on how you can apply this application to your own development activities. See you soon!

This article copyright Melonfire 2001. All rights reserved.

 
 
>>> More Site Administration Articles          >>> More By Vikram Vaswani, (c) Melonfire
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: