Online Photo Album Development using PHP and GD: Part 2 - Connecting to the Database (
Page 4 of 5 )
The first thing we do is check to see if the album name and description is incomplete
(empty). If they are empty, we call the displayPage() function and pass to it
our error message. The displayPage() function simply accepts a string argument,
and displays the message to the user. Once the displayPage() function has been
called, we call the die() function, which simply terminates the script's execution.
If the album name and description has been completed, we connect to our database
by calling the db_connect() function, located in our config.php script.
// Connect to database
<br />db_connect();
<br />$sql = "INSERT INTO albums VALUES(0, '" . addslashes($_POST['album_name']) .
"', '" . addslashes($_POST['album_desc']) . "', '')";
<br />$result = @mysql_query($sql) or die("Error inserting record: " . mysql_error());
Once connected, we create and execute our SQL statement, which simply inserts
the values passed from the form into our album table. We deliberately leave the
value of the thumbnail location empty; this value will be populated when uploading
our album images.
<p>if ($result){
<br />// Notify use that album was successfully created.
<br />$msg .= "Album <strong>" . $_POST['album_name'] . "</strong> successfully created!";
<br />$msg .= "
<br /><a href="/administrator/'edit_album.php?album_id=">Click here</a> to administrate the " . $_POST['album_name'] . " album";
<br />$msg .= " </p>
<p><a href="/administrator/'index.php'">Click here</a> to return to the administrative area</p>";
<br />displayPage($msg);
<p> </p>"; displayPage($msg);";displayPage($msg);
<p>If our insert query is successfully executed, we call the displayPage() function,
and pass it our string argument; in this case, a notice to the user that the album
has been added. We also indicate options for administrating the album (ie: adding
pictures, etc.).</p>
<p>Now that our add_album.php script is complete, we can add functionality to edit
our existing albums. We'll create a script called edit_albums.php:</p>
<p><!--p<-->include_once("../include/config.php");
<br />// Has album been updated?
<br />if ( $_POST['edit'] ){
<br />if ( empty($_POST['album_name']) || empty($_POST['album_desc'])){
<br />$msg = "Please complete all required fields!
<br /><a href="/administrator/'new_album.php'">Go Back</a>";
<br />displayPage( $msg, "Error Updating Album!");
<br />die();
<br />}
<br />db_connect();
<br />// Insert updated record into DB
<br />$sql = "UPDATE albums SET album_name = '" . addslashes($_POST['album_name'])
. "', album_desc = '" . addslashes($_POST['album_desc']) . "' WHERE album_id =
" . addslashes($_POST['album_id']);
<br />$result = @mysql_query( $sql ) or die("Error inserting record: " . mysql_error());
<br />if ($result){
<br />$msg = "Album updated successfully!
<br /><a href="/administrator/'index.php'">Return to Admin Menu</a>";
<br />displayPage($msg, "Album Updated Successfully!");
<br />die();
<br />}
<br />} else if ( !$_POST['edit'] && !empty($_GET['album_id'])){
<br />db_connect();
<br />// Retrieve album information
<br />$sql = "SELECT album_id, album_name, album_desc FROM albums WHERE album_id =
" . addslahes($_GET['album_id']);
<br />$result = @mysql_query( $sql ) or die("Error retrieving record: " . mysql_error());
<br />while($row = mysql_fetch_array( $result )){
<br />// Display edit page
<br />$msg .= "
<form action="edit_albums.php" method="post">";
<br />$msg .= "
<table cellspacing="0" cellpadding="5" width="60%" border="0">";
<br />$msg .= "
<tbody>
<tr>
<td>Album Name:</td>
<td>
<input id="album_name" type="text" size="40" value="" name="album_name" /></td></tr>";
<br />$msg .= "
<tr>
<td>Album Description:</td>
<td><textarea id="album_desc" name="album_desc" rows="4" cols="30">" . $row['album_desc'] . "</textarea></td></tr>";
<br />$msg .= "
<tr>
<td>
<input type="hidden" value="1" name="edit" />
<input type="hidden" value="" name="album_id" /></td>";
<br />$msg .= "
<td>
<input id="submit" type="submit" value="Continue" name="submit" />";
<br />$msg .= "<a href="/administrator/del_albums.php?album_id=">Delete</a>";
<br />$msg .= "</td></tr></tbody></table></form>";
<br />$album_name = $row['album_name'];
<br />}
<br />displayPage($msg, "Editing Album " . $album_name . ":");
<br />// Display album summaries
<br />} elseif ( !$_GET['album_id'] ){
<br />db_connect();
<br />// Retrieve all album information
<br />$sql = "SELECT album_id, album_name FROM albums";
<br />$result = @mysql_query( $sql ) or die( "Error retrieving records: " . mysql_error()
);
<br />$i = 0;
<br />while($row = mysql_fetch_array($result)){
<br />if (( $i % 2 ) == 0 && ( $i != 0 )){
<br />$msg .= ("
</tr />
<tr />");
<br />}
<br />$msg .= ("
<td />" . ($i + 1) . ". <a href="/administrator/'edit_albums.php?album_id=">" . $row['album_name'] . "
</td />");
<br />$i++;
<br />}
<br />displayPage( $msg, "Edit Albums", false );
<br />}
<br />
<p>Here's a breakdown of the code: </p>
<p>include_once("../include/config.php");
<br />// Has album been updated?
<br />if ( $_POST['edit'] ){
<br />if ( empty($_POST['album_name']) || empty($_POST['album_desc'])){
<br />$msg = "Please complete all required fields!
<br /><a href="/administrator/'new_album.php'">Go Back</a>";
<br />displayPage( $msg, "Error Updating Album!");
<br />die();
<br />}
<br />db_connect();
<br />// Insert updated record into DB
<br />$sql = "UPDATE albums SET album_name = '" . addslashes($_POST['album_name'])
. "', album_desc = '" . addslashes($_POST['album_desc']) . "' WHERE album_id =
" . addslashes($_POST['album_id']);
<br />$result = @mysql_query( $sql ) or die("Error inserting record: " . mysql_error());
<br />if ($result){
<br />$msg = "Album updated successfully!
<br /><a href="/administrator/'index.php'">Return to Admin Menu</a>";
<br />displayPage($msg, "Album Updated Successfully!");
<br />die();
<br />}</p></a></p>
</a />"; displayPage( $msg, "Error Updating Album!"); die(); } db_connect(); // Insert
updated record into DB $sql = "UPDATE albums SET album_name = '" . addslashes($_POST['album_name'])
. "', album_desc = '" . addslashes($_POST['album_desc']) . "' WHERE album_id =
" . addslashes($_POST['album_id']); $result = @mysql_query( $sql ) or die("Error
inserting record: " . mysql_error()); if ($result){ $msg = "Album updated successfully!
"; displayPage($msg, "Album Updated Successfully!"); die(); }
</a />
>
|
