Home arrow PHP arrow Page 2 - Completing the Project Management Application

Code Explained - PHP

In this article we are going to look at the last three scripts for this application. They deal with viewing the names of staff members who work on a project and adding staff to a project. They will also enable you to remove staff from a project. This article is the conclusion to a seven-part series.

TABLE OF CONTENTS:
  1. Completing the Project Management Application
  2. Code Explained
  3. The view_staff script
  4. HTML Form
By: David Web
Rating: starstarstarstarstar / 7
July 14, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Let's take a closer look at the code. The first thing that the code does is check if the project id has been sent over. If so, it checks to see if the project id is actually a number. If it is not, then the user is redirected to the login page:


<?php

include "dbcon.php";

include "functions.php";



if(isset($_GET['pid'])){


//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}



If the project id passes the number check, it is cleaned and then used in the query:


//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

}


The first query is run to get the name of the project that matches the id that was received. If a match is found, the result is stored in the $title variable:


$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}


After checking to see if the form has been submitted, an insert query is executed and the staff details are inserted into the database. The user is then redirected to the main page of the application:


if(isset($_POST['submit'])){

//check vars


$sname=mysql_escape_string($_POST['s_name']);

$p_pid=mysql_escape_string($_POST['p_pid']);


//insert

$insert = "INSERT INTO staff SET name = '".$sname."',";

$insert .= "p_id= '".$p_pid."'";

if(!mysql_query($insert)){

echo mysql_error();

}else{

header("location:main.php");

}


}

?>




 
 
>>> More PHP Articles          >>> More By David Web
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: