The next script we will be looking at is the view tasks script. It is responsible for displaying tasks that are linked to a particular project. This page can only be accessed when viewing project details. It will list all the tasks that are related to the project that you are viewing. The HTML portion of the page is made up of a dynamic HTML table that will dynamically create as many table rows as commanded by the PHP. Below is a screen shot of the page:

Also, here is the entire code for the page:

<?php

include "dbcon.php";

include "functions.php";

if(isset($_GET['pid'])){

//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}

//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

}

//get project name

$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}

//get the tasks

$gettask="SELECT * FROM tasks WHERE p_id = '".$cpid."' ORDER BY tid";

$result = mysql_query($gettask);

if(!$result){

echo mysql_error();

}else{

$num=mysql_num_rows($result);

}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/PM_Main.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Untitled Document</title>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" -->

<!-- InstanceEndEditable -->

<link href="Templates/main.css" rel="stylesheet" type="text/css" />

</head>

<body>

<table width="100%" border="0">

<tr>

<td width="33%">&nbsp;</td>

<td width="28%">&nbsp;</td>

<td width="39%">Logged in: <!-- InstanceBeginEditable name="login" --><? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<td colspan="3"><!-- InstanceBeginEditable name="main" -->

<table width="100%" border="0">

<tr>

<td colspan="2" class="loginheader"><?php echo $title;?> </td>

</tr>

<tr>

<td>&nbsp;</td>

<td>&nbsp;</td>

</tr>

<tr>

<td>Task Description: </td>

<td>To be completed by: </td>

</tr>

<?php

if($num > 0){

while($row = mysql_fetch_assoc($result)){?>

<tr>

<td><?php echo $row['task_description']?></td>

<td><?php echo $row['complete_by']?></td>

</tr>

<?php

}

}else{

?>

<tr>

<td colspan="2"><p>There are no tasks registered for this project.</p></td>

</tr>

<?php }

?>

</table>

<!-- InstanceEndEditable --></td>

</tr>

<tr>

<td colspan="3"><!-- InstanceBeginEditable name="nav" --><table width="100%" border="0">

<tr>

<td><a href="edit_task.php?pid=<?php echo $_GET['pid'];?>">Edit Task</a> | <a href="admin/login.php">Administrators Corner </a></td>

</tr>

</table><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td align="right" class="cright" colspan="3">copyright &copy; 2007 PM</td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>

Let's look at the code that makes this page come to life. The code first checks to see if the project id that it received is a number. If not, the user is redirected to the login page. It does this by using the 'is_numeric()' function:

<?php

include "dbcon.php";

include "functions.php";

if(isset($_GET['pid'])){

//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}

If the id passes the numeric test, it is cleaned for query use. The first thing the code does is retrieve the project title from the projects table:

//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

}

//get project name

$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}

The code retrieves all the tasks that are related to the project id and stores the results in the $num variable:

//get the tasks

$gettask="SELECT * FROM tasks WHERE p_id = '".$cpid."' ORDER BY tid";

$result = mysql_query($gettask);

if(!$result){

echo mysql_error();

}else{

$num=mysql_num_rows($result);

}

?>

And that's it. Be sure to check back next week for the fifth part of this seven-part series.