Home arrow PHP arrow Page 11 - Cracking The Vault (part 1)

Basic Maintenance - PHP

Electronic documents are all well and good - but when you work onthem collaboratively, they can end up being more difficult to handle thanordinary pieces of paper. Multiple versions, competing standards, accesspermissions and revision history tracking are just some of the issues thatarise in a paperless office. This article discusses building and deployinga document management system across your network - and also teachesbeginnners a little bit about designing Web-based applications with PHP andmySQL in the process.

TABLE OF CONTENTS:
  1. Cracking The Vault (part 1)
  2. Just Another Day At The Office
  3. An Evil Plan Is Born
  4. Setting The Ground Rules
  5. Design Time
  6. Start Me Up
  7. Entry Points
  8. Seeding The System
  9. Red And Green Clouds
  10. Digging Deeper
  11. Basic Maintenance
  12. The D Word
By: Vikram Vaswani, (c) Melonfire
Rating: starstarstarstarstar / 2
May 14, 2001

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
As I've just explained, the owner of a document has the ability to edit document properties, or delete the document from the system. The scripts that accomplish these tasks are "edit.php" and "delete.php" respectively, and I'll briefly explain them here.

"edit.php" is almost identical to "add.php" - it contains both a form and a form processing script, and includes all of the same form elements, with the exception of the file upload box. The document owner can use this script to alter the file description, and grant/revoke user permissions.

Since this is a pre-existing document, "edit.php" needs to query the database in order to pre-fill the form with the current values of the various fields. This piece of code is designed to obtain the list of allowed user IDs from the database, create an array, and then use the array to pre-select the usernames in the list boxes.

<? if (!$submit) // form not yet submitted, display initial form { // query to obtain current properties and rights $query = "SELECT category, realname, description, comment FROM data WHERE id = '$id' AND status = '0' AND owner = '$SESSION_UID'"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); // error check // obtain data from resultset list($category, $realname, $description, $comment) = mysql_fetch_row($result); mysql_free_result($result); // display the form // much water under the bridge... ?> <td><select name="view[]" multiple> <? // query for view list $query = "SELECT uid FROM data, perms WHERE perms.fid = '$id' AND data.id = perms.fid AND status = '0' AND perms.rights = '1'"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); // place the result in an array $viewList = array(); $y = 0; while (list($uid) = mysql_fetch_row($result)) { $viewList[$y] = $uid; $y++; } // now query to get a complete list of users and user IDs $query2 = "SELECT id, username FROM user ORDER BY username"; $result2 = mysql_db_query($database, $query2, $connection) or die ("Error in query: $query2 . " . mysql_error()); while(list($ID, $USERNAME) = mysql_fetch_row($result2)) { $str = "<option value=\"$ID\""; // iterate through current list of users and select those that match foreach($viewList as $temp) { if ($ID == $temp) { $str .= " selected"; } } $str .= ">$USERNAME</option>"; echo $str; } ?> </select></td> } else { // process form } ?>

Here's what the form looks like.



Once the form is submitted, the database is UPDATEd with new information.

<? if (!$submit) { // form not yet submitted, display initial form } else { // snip! // update db with new information $query = "UPDATE data SET category='$category', description='$description', comment='$comment' WHERE id = '$id'"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); // clean out the old permissions $query = "DELETE FROM perms WHERE fid = '$id'"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); // INSERT new user permissions - view for($x=0; $x<sizeof($view); $x++) { $query = "INSERT INTO perms (fid, uid, rights) VALUES('$id', '$view[$x]', '1')"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); } // INSERT new user permissions - modify for($x=0; $x<sizeof($modify); $x++) { $query = "INSERT INTO perms (fid, uid, rights) VALUES('$id', '$modify[$x]', '2')"; $result = mysql_db_query($database, $query, $connection) or die ("Error in query: $query. " . mysql_error()); } } ?>


This article copyright Melonfire 2001. All rights reserved.

 
 
>>> More PHP Articles          >>> More By Vikram Vaswani, (c) Melonfire
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: