Viewing and Editing Tasks for a Project Management Application - Script Explained

(Page 3 of 4 )

So let's look at the code:

<?php

include "dbcon.php";

include "functions.php";

The code cleans the two IDs that it receives, before using them in queries. The "tid" is a task ID and the "pid" is a project ID. Ideally, we would not need the project ID, but we need it to retrieve the project name in order to display it on the form. Also, without the name of the project prominently displayed across the form, some users might forget which project they are editing the tasks for:

$cpid=mysql_escape_String($_GET['pid']);

$tpid=mysql_escape_String($_GET['tid']);

First we retrieve the title of the project from the projects table, using the project ID that we received, and store the name in the $title variable:

$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $rowname['title'];

}

Next, the code retrieves the specific task based on the task ID rather than the project ID. There might be more than one task with the same project ID, so it is safer to do it this way:

$gettask= "SELECT * FROM tasks WHERE tid = '".$ctid."'";

$t_result = mysql_query($gettask);

if(!$t_result){

echo mysql_error();

}else{

The result of the query is stored in the "$rowtask" variable:

$rowtask = mysql_fetch_assoc($t_result);

}

We run this query to populate the HTML form with the task data. The next part of the code deals with updating the task. It receives the form data, does the security checks, and then runs the query to update the table:

if(isset($_POST['submit'])){

//check vars

$descr=mysql_escape_string($_POST['descr']);

$p_pid=mysql_escape_string($_POST['p_pid']);

//build date

$duedt = $_POST['yy'] . "-";

if($_POST['mm'] < 10) {

$duedt .= "0";

}

$duedt .= $_POST['mm'] . "-";

if($_POST['mm'] == 4 || $_POST['mm'] == 6 || $_POST['mm'] == 9 || $_POST['mm'] == 11) {

if($_POST['dd'] > 30) {

$duedt .= "30";

} else {

$duedt .= $_POST['dd'];

}

} elseif($_POST['mm'] == 2) {

if($_POST['yy'] == 2008 || $_POST['yy'] == 2012) {

if($_POST['dd'] > 29) {

$duedt .= "29";

} else {

$duedt .= $_POST['dd'];

}

} else {

if($_POST['dd'] > 28) {

$duedt .= "28";

} else {

$duedt .= $_POST['dd'];

}

}

} else {

$duedt .= $_POST['dd'];

}

 

//insert

$update = "UPDATE tasks SET task_description = '".$descr."',";

$update .= "complete_by = '".$duedt."',p_id= '".$p_pid."'";

if(!mysql_query($update)){

echo mysql_error();

}

}

?>

Next: HTML Form >>
 

More PHP Articles
More By David Web

Comments On: Viewing and Editing Tasks for a Project Management Application

>>> Be the FIRST to comment on this article!