Creating an Administration Area for a Simple Threaded Discussion Forum - Database connection, bad words

(Page 4 of 4 )

The function below sets the database connection details:

function forumdb(){
$dbname="forum";
$host="localhost";
$dbh=mysql_connect($host) or die ('I cannot connect to the
database because: ' . mysql_error());
mysql_select_db ($dbname) or die('I cannot select the database
because: ' . mysql_error());
}

Remember to add your connection details to the this function.

This function shows a form that will enable you to enter a word that you want banned from the forum.

function showfrm(){
echo '<center> <form name="form1" method="post" action="' .$_SERVER['PHP_SELF'].'?action=writewords"> ';
echo 'Enter word to ban:<br>
    <input type="text" name="word"><br>
    <input type="Submit" name="Submit" value="Submit"
class="altButtonFormat"> ';
 echo '</center></form>';
 echo '<center><font color="#FF0000">Banned words will be replace
with XXXX.</font></center>';
}

Here's what the form looks like:

 

Fig. 3 The form is presented when you want a new word to be added to the banned word list.

The "getword()" function retrieves all the banned words:

function getword(){
echo "<center><b><h3>Banned Words</h3></b></center>";
echo "<center>---------------------</center>";
 $words=file('badwords.txt');
for($i=0; $i < count($words); $i++){
echo "<center>$words[$i]</center><br>";
}
}

The function interacts with a text file on the disk and uses PHP's very handy file handling functions to retrieve a list of banned words. Here's a screen shot of the above function result:

Fig. 4 A list of  banned words.

The writeword() function writes all the words to a file called "badwords.txt."

function writeword(){
if(isset($_POST['Submit'])){
$word=$_POST['word'];
if($fp=fopen('badwords.txt', 'a+')){
fwrite($fp, "$wordrn");
fclose($fp);
echo "<center>The word <b>$word</b> has now been
banned.</center>";
}else{
echo "could not open file";
}
}
}

As I mentioned before we will use a $action variable to receive the value passed from the link that has been clicked, and then use the switch command to handle the value accordingly. Here's a snippet of the switch command:

if(isset($_GET['action'])){
$action=$_GET['action'];
switch($action)
{
    Case "gettopics";
        getall();
    break;
  Case "deleteall";
        delall();
        break;

As the code above shows, once the user clicks on the "get all main topics" link the "getall();" function is called. The same thing happens when the user clicks on the "Delete all topics" link; the "delall()" function is called.

Conclusion

That's it for the admin section of the forum. Here are a few suggestions to improve its performance: create a table to store the "bad words." This will enable you to add/remove words more easily than you would with a file-based system. Try to set up a login script to control access to the admin area, as I'm sure you would not want just anyone to have access to the functions on that page!

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

Comments On: Creating an Administration Area for a Simple Threaded Discussion Forum

· This is a very good article, clearly and profesionally written by this wonderful and...    · Thanks for the encouraging comments!   >>> Post your comment now!