 PHP Page 3 - Viewing and Editing Tasks for a Project Management Application |
Script Explained - PHPWelcome to the fifth part of a seven part series on building a project management application. In the last article we looked at the view_tasks.php script. Specifically, we looked at the PHP portion of the script in detail. In this article we will finish discussing that script by examining the HTML portion. We will then move on to discuss the edit_task.php script, which is responsible for handling any changes that the user makes to a task.
print this article SEARCH DEV SHED |
So let's look at the code: <?php include "dbcon.php"; include "functions.php"; The code cleans the two IDs that it receives, before using them in queries. The "tid" is a task ID and the "pid" is a project ID. Ideally, we would not need the project ID, but we need it to retrieve the project name in order to display it on the form. Also, without the name of the project prominently displayed across the form, some users might forget which project they are editing the tasks for: $cpid=mysql_escape_String($_GET['pid']); $tpid=mysql_escape_String($_GET['tid']); First we retrieve the title of the project from the projects table, using the project ID that we received, and store the name in the $title variable: $getname = "SELECT title FROM projects WHERE pid = '".$cpid."'"; $g_result = mysql_query($getname); if(!$g_result){ echo mysql_error(); }else{ $rowname = mysql_fetch_assoc($g_result); $title = $rowname['title']; } Next, the code retrieves the specific task based on the task ID rather than the project ID. There might be more than one task with the same project ID, so it is safer to do it this way: $gettask= "SELECT * FROM tasks WHERE tid = '".$ctid."'"; $t_result = mysql_query($gettask); if(!$t_result){ echo mysql_error(); }else{ The result of the query is stored in the "$rowtask" variable: $rowtask = mysql_fetch_assoc($t_result); } We run this query to populate the HTML form with the task data. The next part of the code deals with updating the task. It receives the form data, does the security checks, and then runs the query to update the table: if(isset($_POST['submit'])){ //check vars $descr=mysql_escape_string($_POST['descr']); $p_pid=mysql_escape_string($_POST['p_pid']); //build date $duedt = $_POST['yy'] . "-"; if($_POST['mm'] < 10) { $duedt .= "0"; } $duedt .= $_POST['mm'] . "-"; if($_POST['mm'] == 4 || $_POST['mm'] == 6 || $_POST['mm'] == 9 || $_POST['mm'] == 11) { if($_POST['dd'] > 30) { $duedt .= "30"; } else { $duedt .= $_POST['dd']; } } elseif($_POST['mm'] == 2) { if($_POST['yy'] == 2008 || $_POST['yy'] == 2012) { if($_POST['dd'] > 29) { $duedt .= "29"; } else { $duedt .= $_POST['dd']; } } else { if($_POST['dd'] > 28) { $duedt .= "28"; } else { $duedt .= $_POST['dd']; } } } else { $duedt .= $_POST['dd']; }
//insert $update = "UPDATE tasks SET task_description = '".$descr."',"; $update .= "complete_by = '".$duedt."',p_id= '".$p_pid."'"; if(!mysql_query($update)){ echo mysql_error(); } } ?>
blog comments powered by Disqus |
|
|
|
|
|
|
|
