Splitting Up - PHP

Next, "add.php". If you think about it, you'll realize that this script actually has two components to it: a form, which displays fields for the administrator to enter information, and a form processor, which validates the input and inserts it into the database.

Now, I could write this as two separate scripts; however, it's a habit of mine to put both components into the same script and wrap a conditional test around them to decide which one gets used when. So, the broad outline of my "add.php" script would look like this:

<?

// form not yet submitted

// display initial form

if (!$submit)

{

 // code to display form goes here

}

// form submitted

// process it

else

{

 // code to process form data goes here

}

?>

Based on the presence or absence of the $submit variable, the script can take a decision as to whether to display the initial form, or initiate the form processor.

Now, when an administrator first accesses the page through a browser, the $submit variable will not exist, and so control will shift to the first section of the script, which displays an HTML form. Let's look at that first:

<?

// add.php - add a new press release

?>



<!-- page header - snip -->



<?

// form not yet submitted

// display initial form

if (!$submit)

{

?>

<table cellspacing="5" cellpadding="5">

<form action="<? echo $PHP_SELF; ?>" method="POST">

<tr>

 <td valign="top"><b><font size="-1">Slug</font></b></td>

 <td><input size="50" maxlength="250" type="text" name="slug"></td>

</tr>

<tr>

 <td valign="top"><b><font size="-1">Content</font></b></td>

 <td><textarea name="content" cols="40" rows="10"></textarea></td>

</tr>

<tr>

 <td valign="top"><font size="-1">Contact person</font></td>

 <td><input size="50" maxlength="250" type="text" name="contact"></td>

</tr>

<tr>

 <td colspan=2><input type="Submit" name="submit" value="Add"></td>

</tr>

</form>

</table>

<?

}

else

{

 // form processor code here

}

?>



<!-- page footer - snip -->

Here's what it looks like:



Now, once the administrator enters data into this form and submits it, the same script is called again to process the data (note the presence of the special $PHP_SELF variable in the form's ACTION attribute). Since the $submit variable will now exist, control will transfer to the latter half of the script, which looks like this:

<?

// add.php - add a new press release

?>



<!-- page header - snip -->



<?

if (!$submit)

{

 // form display code goes here

}

else

{

 // includes

 include("../conf.php");

 include("../functions.php");



 // set up error list array

 $errorList = array();

 $count = 0;



 // validate text input fields

 if (!$slug) { $errorList[$count] = "Invalid entry: Slug"; $count++; }



 if (!$content) { $errorList[$count] = "Invalid entry: Content"; $count++; }



 // set default value for contact person

 if (!$contact) { $contact = $def_contact; }



 // check for errors

 // if none found...

 if (sizeof($errorList) == 0)

 {

  // open database connection

  $connection = mysql_connect($host, $user, $pass) or die ("Unable to

connect!");



  // select database

  mysql_select_db($db) or die ("Unable to select database!");



  // generate and execute query

  $query = "INSERT INTO news(slug, content, contact, timestamp)

VALUES('$slug', '$content', '$contact', NOW())";

  $result = mysql_query($query) or die ("Error in query: $query. " .

mysql_error());



  // print result

  echo "<font size=-1>Update successful. <a href=list.php>Go back to the

main menu</a>.</font>";



  // close database connection

  mysql_close($connection);

 }

 else

 {

  // errors found

  // print as list

  echo "<font size=-1>The following errors were encountered: <br>";

  echo "<ul>";

  for ($x=0; $x<sizeof($errorList); $x++)

  {

   echo "<li>$errorList[$x]";

  }

  echo "</ul></font>";

 }

}

?>



<!-- page footer - snip -->

Fairly simple, this. The first thing to do is ensure that all required values are present, and to generate errors if not. These errors are stored in the array $errorList.

<?

 // set up error list array

 $errorList = array();

 $count = 0;



 // validate text input fields

 if (!$slug) { $errorList[$count] = "Invalid entry: Slug"; $count++; }



 if (!$content) { $errorList[$count] = "Invalid entry: Content"; $count++; }

?>

In the event that the contact person field is left empty, a default value is used; this value is pulled in from the configuration file "conf.php".

<?

 // set default value for contact person

 if (!$contact) { $contact = $def_contact; }

?>

Once all the data validation is complete, the $errorList array is checked for entries. If entries are present in this array, a message is displayed listing the errors; if not, an INSERT query is generated to add the data to the database, and a success message is printed to the browser.

<?

 // check for errors

 // if none found...

 if (sizeof($errorList) == 0)

 {

  // snip



  // generate and execute query

  $query = "INSERT INTO news(slug, content, contact, timestamp)

VALUES('$slug', '$content', '$contact', NOW())";

  $result = mysql_query($query) or die ("Error in query: $query. " .

mysql_error());



  // print result

  echo "<font size=-1>Update successful. <a href=list.php>Go back to the

main menu</a>.</font>";



  // snip

 }

 else

 {

  // errors found

  // print as list

  echo "<font size=-1>The following errors were encountered: <br>";

  echo "<ul>";

  for ($x=0; $x<sizeof($errorList); $x++)

  {

   echo "<li>$errorList[$x]";

  }

  echo "</ul></font>";

 }

?>

>>> More PHP Articles          >>> More By icarus, (c) Melonfire

blog comments powered by Disqus