Completing the Project Management Application

In this article we are going to look at the last three scripts for this application. They deal with viewing the names of staff members who work on a project and adding staff to a project. They will also enable you to remove staff from a project. This article is the conclusion to a seven-part series.

The add_staff script

The add_staff page gives the project manager the option to add staff to the given project. The script presents the user with a form in which it provides a text field for the user to enter a staff member’s name. Below is the entire code that makes up the page:


<?php

include "dbcon.php";

include "functions.php";


if(isset($_GET['pid'])){


//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}

//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

}

$getname = "SELECT title FROM projects WHERE pid = ‘".$cpid."’";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}




if(isset($_POST['submit'])){

//check vars


$sname=mysql_escape_string($_POST['s_name']);

$p_pid=mysql_escape_string($_POST['p_pid']);


//insert

$insert = "INSERT INTO staff SET name = ‘".$sname."’,";

$insert .= "p_id= ‘".$p_pid."’";

if(!mysql_query($insert)){

echo mysql_error();

}else{

header("location:main.php");

}



}

?>



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!– InstanceBegin template="/Templates/PM_Main.dwt.php" codeOutsideHTMLIsLocked="false" –>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!– InstanceBeginEditable name="doctitle" –>

<title>Untitled Document</title>

<!– InstanceEndEditable –>

<!– InstanceBeginEditable name="head" –>

<!– InstanceEndEditable –>

<link href="Templates/main.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td width="33%">&nbsp;</td>

<td width="28%">&nbsp;</td>

<td width="39%">Logged in: <!– InstanceBeginEditable name="login" –><? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a><!– InstanceEndEditable –></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<td colspan="3"><!– InstanceBeginEditable name="main" –> <form id="form1" name="form1" method="post" action="add_staff.php" >

<table width="100%" border="0">

<tr>

<td colspan="2" class="loginheader"><?php echo $title;?></td>

</tr>

<tr>

<td colspan="2"><?php if(isset($msg)){

echo $msg;

}?> </td>

</tr>

<tr>

<td width="10%">Name </td>

<td width="90%"><label>

<input name="s_name" type="text" />

<input type="hidden" name="p_pid" value="<?php echo $_GET['pid'];?>"/>

</label></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><label>

<input type="submit" name="submit" value="Add Member to Project" />

</label></td>

</tr>

</table>

</form><!– InstanceEndEditable –></td>

</tr>

<tr>

<td colspan="3"><!– InstanceBeginEditable name="nav" –><a href="main.php">View Project List</a> | <a href="admin/login.php">Administrators Corner </a><!– InstanceEndEditable –></td>

</tr>

<tr>

<td align="right" class="cright" colspan="3">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!– InstanceEnd –></html>

{mospagebreak title=Code Explained}

Let’s take a closer look at the code. The first thing that the code does is check if the project id has been sent over. If so, it checks to see if the project id is actually a number. If it is not, then the user is redirected to the login page:


<?php

include "dbcon.php";

include "functions.php";



if(isset($_GET['pid'])){


//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}



If the project id passes the number check, it is cleaned and then used in the query:


//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

}


The first query is run to get the name of the project that matches the id that was received. If a match is found, the result is stored in the $title variable:


$getname = "SELECT title FROM projects WHERE pid = ‘".$cpid."’";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}


After checking to see if the form has been submitted, an insert query is executed and the staff details are inserted into the database. The user is then redirected to the main page of the application:


if(isset($_POST['submit'])){

//check vars


$sname=mysql_escape_string($_POST['s_name']);

$p_pid=mysql_escape_string($_POST['p_pid']);


//insert

$insert = "INSERT INTO staff SET name = ‘".$sname."’,";

$insert .= "p_id= ‘".$p_pid."’";

if(!mysql_query($insert)){

echo mysql_error();

}else{

header("location:main.php");

}


}

?>


{mospagebreak title=The view_staff script}

The view staff page lists all the staff members that are involved in a project. It runs a query to retrieve all the names from the staff table that match a particular project id, and then builds a dynamic table based on the result of the table. Below is a screen shot of what the page looks like:


And below is the code that makes up the page:

<?php

include "dbcon.php";

include "functions.php";


if(isset($_GET['pid'])){

//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}


//otherwise clean the received value for query use


$cpid = mysql_escape_string($_GET['pid']);


//get project name


$getname = "SELECT title FROM projects WHERE pid = ‘".$cpid."’";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error()

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}

//get the files

$gettaff="SELECT * FROM staff WHERE p_id = ‘".$cpid."’ ORDER BY sid";

$result = mysql_query($gettaff);

if(!$result){

echo mysql_error();

}else{

$num=mysql_num_rows($result);

}


?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!– InstanceBegin template="/Templates/PM_Main.dwt.php" codeOutsideHTMLIsLocked="false" –>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!– InstanceBeginEditable name="doctitle" –>

<title>Untitled Document</title>

<!– InstanceEndEditable –>

<!– InstanceBeginEditable name="head" –>

<!– InstanceEndEditable –>

<link href="Templates/main.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td width="33%">&nbsp;</td>

<td width="28%">&nbsp;</td>

<td width="39%">Logged in: <!– InstanceBeginEditable name="login" –><? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a><!– InstanceEndEditable –></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<td colspan="3"><!– InstanceBeginEditable name="main" –> <table width="99%" border="0">

<tr>

<td colspan="2" class="loginheader"><?php echo $title;?> </td>

</tr>

<tr>

<td width="44%">Members of this project: </td>

<td width="56%">&nbsp;</td>

</tr>

<tr>

<td>&nbsp;</td>

<td>&nbsp;</td>

</tr>

<tr>

<td><strong> Name</strong></td>

<td><strong>Action</strong></td>

</tr>

<?php

if($num > 0){

while($row = mysql_fetch_assoc($result)){?>

<tr>

<td><?php echo $row['name']?> </td>

<td><a href="delete_member.php?sid=<?php echo $row['sid']?> & cpid=<?php echo $cpid?> ">Delete</a></td>

</tr>

<?php

}

}else{

?>

<tr>

<td colspan="2"><p>There are no members registered for this project.</p></td>

</tr>

<?php }

 

?>

</table><!– InstanceEndEditable –></td>

</tr>

<tr>

<td colspan="3"><!– InstanceBeginEditable name="nav" –><a href="main.php">View Project List</a> | <a href="admin/login.php">Administrators Corner </a><!– InstanceEndEditable –></td>

</tr>

<tr>

<td align="right" class="cright" colspan="3">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!– InstanceEnd –></html>


delete

<?php

include "dbcon.php";

include "functions.php";

$remove = "DELETE FROM staff WHERE sid = ‘".$_GET['sid']."’";

mysql_query($remove);

header("localtion:view_staff.php?pid=".$_GET['cpid']."");


?>



The code starts by checking to see if the pid is numeric or not. If it is not numeric, we will not be able to run the script at all. If it is numeric, it is escaped and ready to be used in a MySQL query:


<?php

include "dbcon.php";

include "functions.php";


if(isset($_GET['pid'])){

//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}


//otherwise clean the received value for query use


$cpid = mysql_escape_string($_GET['pid']);


PHP then runs a query to retrieve the name of the project concerned, and stores the name in a variable called $title:


//get project name

$getname = "SELECT title FROM projects WHERE pid = ‘".$cpid."’";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error()

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}


Finally the query to get the list of staff names that work on the project is queried. The results are then stored in the $num variable:

//get the files

$getstaff="SELECT * FROM staff WHERE p_id = ‘".$cpid."’ ORDER BY sid";

$result = mysql_query($gettaff);

if(!$result){

echo mysql_error();

}else{

$num=mysql_num_rows($result);

}


?>

{mospagebreak title=HTML Form}

In the HTML below, the $num variable is going to be used to create a dynamic table. This table will list all the staff working on this project. It will also give the user the option to remove staff from the project. This will be done dynamically based on the number of rows returned by the query we ran above:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!– InstanceBegin template="/Templates/PM_Main.dwt.php" codeOutsideHTMLIsLocked="false" –>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!– InstanceBeginEditable name="doctitle" –>

<title>Untitled Document</title>

<!– InstanceEndEditable –>

<!– InstanceBeginEditable name="head" –>

<!– InstanceEndEditable –>

<link href="Templates/main.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td width="33%">&nbsp;</td>

<td width="28%">&nbsp;</td>

<td width="39%">Logged in: <!– InstanceBeginEditable name="login" –><? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a><!– InstanceEndEditable –></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<td colspan="3"><!– InstanceBeginEditable name="main" –> <table width="99%" border="0">

<tr>

<td colspan="2" class="loginheader"><?php echo $title;?> </td>

</tr>

<tr>

<td width="44%">Members of this project: </td>

<td width="56%">&nbsp;</td>

</tr>

<tr>

<td>&nbsp;</td>

<td>&nbsp;</td>

</tr>

 The static headers for the table are created here. The action header will host the option for the user to delete a staff member from the project:

<tr>

<td><strong> Name</strong></td>

<td><strong>Action</strong></td>

</tr>

The dynamic rows are created here, with the use of the $num variable. Depending on the value contained in the $num variable, the dynamic rows will be built. At the same time PHP is going to retrieve the results of the query through a results array called $row and populate the dynamic rows with it. Also, a hyper link is built linking the Delete action with the delete_member.php script:

<?php

if($num > 0){

while($row = mysql_fetch_assoc($result)){?>

<tr>

<td><?php echo $row['name']?> </td>

<td><a href="delete_member.php?sid=<?php echo $row['sid']?> & cpid=<?php echo $cpid?> ">Delete</a></td>

</tr>

If the $num variable does not have a value that is greater than zero, it means that the query did not return any results:

<?php

}

}else{

?>

<tr>

<td colspan="2"><p>There are no members registered for this project.</p></td>

</tr>

<?php }

?>

</table><!– InstanceEndEditable –></td>

</tr>

<tr>

<td colspan="3"><!– InstanceBeginEditable name="nav" –><a href="main.php">View Project List</a> | <a href="admin/login.php">Administrators Corner </a><!– InstanceEndEditable –></td>

</tr>

<tr>

<td align="right" class="cright" colspan="3">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!– InstanceEnd –></html>


Finally we look at the delete_member.php script that deletes staff members from the project:


<?php

include "dbcon.php";

include "functions.php";

$csid = mysql_escape_string($_GET['sid']);


$remove = "DELETE FROM staff WHERE sid = ‘".$csid."’";

mysql_query($remove);

header("localtion:view_staff.php?pid=".$_GET['cpid']."");


?>


The code is straightforward; it basically removes the name of the staff member from the staff table, based on the staff id that it receives from the view staff script.

And that concludes our series. We’ve come a long way in seven articles. I hope you’ve enjoyed the trip.  

[gp-comments width="770" linklove="off" ]

chat sex hikayeleri Ensest hikaye