Home arrow PHP arrow Page 3 - Completing the Project Management Application

The view_staff script - PHP

In this article we are going to look at the last three scripts for this application. They deal with viewing the names of staff members who work on a project and adding staff to a project. They will also enable you to remove staff from a project. This article is the conclusion to a seven-part series.

TABLE OF CONTENTS:
  1. Completing the Project Management Application
  2. Code Explained
  3. The view_staff script
  4. HTML Form
By: David Web
Rating: starstarstarstarstar / 7
July 14, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

The view staff page lists all the staff members that are involved in a project. It runs a query to retrieve all the names from the staff table that match a particular project id, and then builds a dynamic table based on the result of the table. Below is a screen shot of what the page looks like:


And below is the code that makes up the page:

<?php

include "dbcon.php";

include "functions.php";


if(isset($_GET['pid'])){

//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}


//otherwise clean the received value for query use


$cpid = mysql_escape_string($_GET['pid']);


//get project name


$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error()

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}

//get the files

$gettaff="SELECT * FROM staff WHERE p_id = '".$cpid."' ORDER BY sid";

$result = mysql_query($gettaff);

if(!$result){

echo mysql_error();

}else{

$num=mysql_num_rows($result);

}


?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/PM_Main.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Untitled Document</title>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" -->

<!-- InstanceEndEditable -->

<link href="Templates/main.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td width="33%">&nbsp;</td>

<td width="28%">&nbsp;</td>

<td width="39%">Logged in: <!-- InstanceBeginEditable name="login" --><? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<td colspan="3"><!-- InstanceBeginEditable name="main" --> <table width="99%" border="0">

<tr>

<td colspan="2" class="loginheader"><?php echo $title;?> </td>

</tr>

<tr>

<td width="44%">Members of this project: </td>

<td width="56%">&nbsp;</td>

</tr>

<tr>

<td>&nbsp;</td>

<td>&nbsp;</td>

</tr>

<tr>

<td><strong> Name</strong></td>

<td><strong>Action</strong></td>

</tr>

<?php

if($num > 0){

while($row = mysql_fetch_assoc($result)){?>

<tr>

<td><?php echo $row['name']?> </td>

<td><a href="delete_member.php?sid=<?php echo $row['sid']?> & cpid=<?php echo $cpid?> ">Delete</a></td>

</tr>

<?php

}

}else{

?>

<tr>

<td colspan="2"><p>There are no members registered for this project.</p></td>

</tr>

<?php }

 

?>

</table><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td colspan="3"><!-- InstanceBeginEditable name="nav" --><a href="main.php">View Project List</a> | <a href="admin/login.php">Administrators Corner </a><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td align="right" class="cright" colspan="3">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>


delete

<?php

include "dbcon.php";

include "functions.php";

$remove = "DELETE FROM staff WHERE sid = '".$_GET['sid']."'";

mysql_query($remove);

header("localtion:view_staff.php?pid=".$_GET['cpid']."");


?>



The code starts by checking to see if the pid is numeric or not. If it is not numeric, we will not be able to run the script at all. If it is numeric, it is escaped and ready to be used in a MySQL query:


<?php

include "dbcon.php";

include "functions.php";


if(isset($_GET['pid'])){

//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}


//otherwise clean the received value for query use


$cpid = mysql_escape_string($_GET['pid']);


PHP then runs a query to retrieve the name of the project concerned, and stores the name in a variable called $title:


//get project name

$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error()

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}


Finally the query to get the list of staff names that work on the project is queried. The results are then stored in the $num variable:

//get the files

$getstaff="SELECT * FROM staff WHERE p_id = '".$cpid."' ORDER BY sid";

$result = mysql_query($gettaff);

if(!$result){

echo mysql_error();

}else{

$num=mysql_num_rows($result);

}


?>



 
 
>>> More PHP Articles          >>> More By David Web
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: