├── .gitignore ├── chapter1 └── today.php ├── chapter10 └── sql │ └── ijdb.sql ├── chapter11 └── airline.sql ├── chapter12 ├── filestore │ ├── db.inc.php │ ├── error.html.php │ ├── files.html.php │ └── index.php ├── includes │ ├── db.inc.php │ ├── error.html.php │ ├── helpers.inc.php │ └── magicquotes.inc.php ├── recentjokes │ ├── controller.php │ ├── generate.bat │ ├── generate.php │ └── jokes.html.php └── sql │ ├── filestore.sql │ └── ijdb.sql ├── chapter2 └── joketable.sql ├── chapter3 ├── count10-for.php ├── count10.php ├── count10 │ ├── count.html.php │ └── index.php ├── echo.php ├── forms1 │ ├── name.html │ └── name.php ├── forms2 │ ├── name.html │ └── name.php ├── forms3 │ ├── name.html │ └── name.php ├── if │ ├── name.html │ └── name.php ├── ifelse1 │ ├── name.html │ └── name.php ├── ifelse2 │ ├── name.html │ └── name.php ├── links1 │ ├── name.html │ └── name.php ├── links2 │ ├── name.html │ └── name.php ├── links3 │ ├── name.html │ └── name.php ├── today.php ├── today │ └── index.php └── welcome │ ├── form.html.php │ ├── index.php │ └── welcome.html.php ├── chapter4 ├── addjoke │ ├── error.html.php │ ├── form.html.php │ ├── index.php │ └── jokes.html.php ├── connect │ ├── index.php │ └── output.html.php ├── createtable │ ├── index.php │ └── output.html.php ├── deletejoke │ ├── error.html.php │ ├── form.html.php │ ├── index.php │ └── jokes.html.php ├── listjokes │ ├── error.html.php │ ├── index.php │ └── jokes.html.php ├── sql │ └── joketable.sql └── updatechicken │ ├── index.php │ └── output.html.php ├── chapter5 ├── jokes │ ├── error.html.php │ ├── form.html.php │ ├── index.php │ └── jokes.html.php └── sql │ ├── 2tables.sql │ └── jokes1.sql ├── chapter6 ├── calculate-area │ ├── area-function.inc.php │ ├── index.php │ └── output.html.php ├── dynamic-footer │ ├── footer.inc.html.php │ ├── index.php │ └── samplepage.html.php ├── includes │ ├── db.inc.php │ ├── error.html.php │ ├── helpers.inc.php │ └── magicquotes.inc.php ├── jokes-helpers │ ├── error.html.php │ ├── form.html.php │ ├── index.php │ └── jokes.html.php ├── jokes │ ├── db.inc.php │ ├── error.html.php │ ├── form.html.php │ ├── index.php │ └── jokes.html.php ├── sql │ └── joketable.sql ├── static-footer │ ├── footer.inc.html.php │ ├── index.php │ └── samplepage.html.php ├── totaljokes-global1 │ ├── error.html.php │ ├── index.php │ ├── output.html.php │ └── totaljokes-function.inc.php └── totaljokes-global2 │ ├── error.html.php │ ├── index.php │ ├── output.html.php │ └── totaljokes-function.inc.php ├── chapter7 ├── admin │ ├── authors │ │ ├── authors.html.php │ │ ├── error.html.php │ │ ├── form.html.php │ │ └── index.php │ ├── categories │ │ ├── categories.html.php │ │ ├── error.html.php │ │ ├── form.html.php │ │ └── index.php │ ├── index.html │ └── jokes │ │ ├── error.html.php │ │ ├── form.html.php │ │ ├── index.php │ │ ├── jokes.html.php │ │ └── searchform.html.php ├── includes │ ├── db.inc.php │ ├── error.html.php │ ├── helpers.inc.php │ └── magicquotes.inc.php ├── jokes │ ├── error.html.php │ ├── index.php │ └── jokes.html.php └── sql │ └── ijdb.sql ├── chapter8 ├── admin │ ├── authors │ │ ├── authors.html.php │ │ ├── error.html.php │ │ ├── form.html.php │ │ └── index.php │ ├── categories │ │ ├── categories.html.php │ │ ├── error.html.php │ │ ├── form.html.php │ │ └── index.php │ ├── index.html │ └── jokes │ │ ├── error.html.php │ │ ├── form.html.php │ │ ├── index.php │ │ ├── jokes.html.php │ │ └── searchform.html.php ├── includes │ ├── db.inc.php │ ├── error.html.php │ ├── helpers.inc.php │ └── magicquotes.inc.php ├── jokes │ ├── error.html.php │ ├── index.php │ └── jokes.html.php ├── preg_match1 │ ├── index.php │ └── output.html.php ├── preg_match2 │ ├── index.php │ └── output.html.php └── sql │ └── ijdb.sql ├── chapter9 ├── admin │ ├── accessdenied.html.php │ ├── authors │ │ ├── authors.html.php │ │ ├── error.html.php │ │ ├── form.html.php │ │ └── index.php │ ├── categories │ │ ├── categories.html.php │ │ ├── error.html.php │ │ ├── form.html.php │ │ └── index.php │ ├── index.html │ ├── jokes │ │ ├── error.html.php │ │ ├── form.html.php │ │ ├── index.php │ │ ├── jokes.html.php │ │ └── searchform.html.php │ ├── login.html.php │ └── logout.inc.html.php ├── cookiecounter │ ├── index.php │ └── welcome.html.php ├── includes │ ├── access.inc.php │ ├── db.inc.php │ ├── error.html.php │ ├── helpers.inc.php │ └── magicquotes.inc.php ├── jokes │ ├── error.html.php │ ├── index.php │ └── jokes.html.php ├── shoppingcart │ ├── cart.html.php │ ├── catalog.html.php │ └── index.php └── sql │ └── ijdb.sql └── readme.txt /.gitignore: -------------------------------------------------------------------------------- 1 | $ cat .gitignore 2 | .DS_Store 3 | .svn/ 4 | -------------------------------------------------------------------------------- /chapter1/today.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Today’s Date 6 | 7 | 8 |

Today’s date (according to this web server) is 9 | 14 |

15 | 16 | 17 | -------------------------------------------------------------------------------- /chapter10/sql/ijdb.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE author ( 2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 | name VARCHAR(255), 4 | email VARCHAR(255), 5 | password CHAR(32), 6 | UNIQUE (email) 7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 8 | 9 | CREATE TABLE joke ( 10 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 11 | joketext TEXT, 12 | jokedate DATE NOT NULL, 13 | authorid INT, 14 | FOREIGN KEY (authorid) REFERENCES author (id) 15 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 16 | 17 | CREATE TABLE category ( 18 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 19 | name VARCHAR(255) 20 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 21 | 22 | CREATE TABLE jokecategory ( 23 | jokeid INT NOT NULL, 24 | categoryid INT NOT NULL, 25 | PRIMARY KEY (jokeid, categoryid), 26 | FOREIGN KEY (jokeid) REFERENCES joke (id), 27 | FOREIGN KEY (categoryid) REFERENCES category (id) 28 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 29 | 30 | CREATE TABLE role ( 31 | id VARCHAR(255) NOT NULL PRIMARY KEY, 32 | description VARCHAR(255) 33 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 34 | 35 | CREATE TABLE authorrole ( 36 | authorid INT NOT NULL, 37 | roleid VARCHAR(255) NOT NULL, 38 | PRIMARY KEY (authorid, roleid), 39 | FOREIGN KEY (authorid) REFERENCES author (id), 40 | FOREIGN KEY (roleid) REFERENCES role (id) 41 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 42 | 43 | # Sample data 44 | # We specify the IDs so they are known when we add related entries 45 | 46 | INSERT INTO author (id, name, email, password) VALUES 47 | (1, 'Kevin Yank', 'thatguy@kevinyank.com', MD5('passwordijdb')), 48 | (2, 'Joan Smith', 'joan@example.com', NULL); 49 | 50 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES 51 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1), 52 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1), 53 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2), 54 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2); 55 | 56 | INSERT INTO category (id, name) VALUES 57 | (1, 'Knock-knock'), 58 | (2, 'Cross the road'), 59 | (3, 'Lawyers'), 60 | (4, 'Walk the bar'); 61 | 62 | INSERT INTO jokecategory (jokeid, categoryid) VALUES 63 | (1, 2), 64 | (2, 1), 65 | (3, 4), 66 | (4, 3); 67 | 68 | INSERT INTO role (id, description) VALUES 69 | ('Content Editor', 'Add, remove, and edit jokes'), 70 | ('Account Administrator', 'Add, remove, and edit authors'), 71 | ('Site Administrator', 'Add, remove, and edit categories'); 72 | 73 | INSERT INTO authorrole (authorid, roleid) VALUES 74 | (1, 'Account Administrator'); 75 | -------------------------------------------------------------------------------- /chapter11/airline.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple airline database 2 | 3 | CREATE TABLE city ( 4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 5 | name VARCHAR(255) NOT NULL 6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 7 | 8 | CREATE TABLE flight ( 9 | number VARCHAR(10) PRIMARY KEY, 10 | origincityid INT NOT NULL, 11 | destinationcityid INT NOT NULL, 12 | departure DATETIME NOT NULL, 13 | duration TIME NOT NULL, 14 | stops INT NOT NULL, 15 | FOREIGN KEY (origincityid) REFERENCES city (id), 16 | FOREIGN KEY (destinationcityid) REFERENCES city (id) 17 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 18 | 19 | 20 | # Some sample data 21 | 22 | INSERT INTO city (id, name) VALUES 23 | (1, 'Montreal'), 24 | (2, 'Melbourne'), 25 | (3, 'Sydney'), 26 | (4, 'Honolulu'); 27 | 28 | INSERT INTO flight 29 | (number, origincityid, destinationcityid, departure, duration, stops) 30 | VALUES 31 | ('CP110', 1, 3, '2009-06-01 20:30:00', '23:00:00', 1), 32 | ('CP226', 3, 1, '2009-07-29 06:30:00', '23:00:00', 1), 33 | ('QF2026', 2, 3, '2009-06-01 08:30:00', '1:20:00', 0), 34 | ('QF2027', 3, 2, '2009-06-01 10:30:00', '1:20:00', 0); 35 | -------------------------------------------------------------------------------- /chapter12/filestore/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter12/filestore/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | PHP Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter12/filestore/files.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | PHP/MySQL File Repository 8 | 9 | 10 |

PHP/MySQL File Repository

11 | 12 |
13 |
14 | 16 |
17 |
18 | 21 |
22 |
23 | 24 | 25 |
26 |
27 | 28 | 0): ?> 29 | 30 |

The following files are stored in the database:

31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 47 | 48 | 49 | 58 | 67 | 68 | 69 | 70 |
FilenameTypeDescription
44 | 46 | 50 |
51 |
52 | 53 | 54 | 55 |
56 |
57 |
59 |
60 |
61 | 62 | 63 | 64 |
65 |
66 |
71 | 72 | 73 | 74 | 75 | -------------------------------------------------------------------------------- /chapter12/filestore/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 30 | $s->bindValue(':filename', $uploadname); 31 | $s->bindValue(':mimetype', $uploadtype); 32 | $s->bindValue(':description', $uploaddesc); 33 | $s->bindValue(':filedata', $uploaddata); 34 | $s->execute(); 35 | } 36 | catch (PDOException $e) 37 | { 38 | $error = 'Database error storing file!'; 39 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'; 40 | exit(); 41 | } 42 | 43 | header('Location: .'); 44 | exit(); 45 | } 46 | 47 | if (isset($_GET['action']) and 48 | ($_GET['action'] == 'view' or $_GET['action'] == 'download') and 49 | isset($_GET['id'])) 50 | { 51 | include 'db.inc.php'; 52 | 53 | try 54 | { 55 | $sql = 'SELECT filename, mimetype, filedata 56 | FROM filestore 57 | WHERE id = :id'; 58 | $s = $pdo->prepare($sql); 59 | $s->bindValue(':id', $_GET['id']); 60 | $s->execute(); 61 | } 62 | catch (PDOException $e) 63 | { 64 | $error = 'Database error fetching requested file.'; 65 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'; 66 | exit(); 67 | } 68 | 69 | $file = $s->fetch(); 70 | if (!$file) 71 | { 72 | $error = 'File with specified ID not found in the database!'; 73 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'; 74 | exit(); 75 | } 76 | 77 | $filename = $file['filename']; 78 | $mimetype = $file['mimetype']; 79 | $filedata = $file['filedata']; 80 | $disposition = 'inline'; 81 | 82 | if ($_GET['action'] == 'download') 83 | { 84 | $mimetype = 'application/octet-stream'; 85 | $disposition = 'attachment'; 86 | } 87 | 88 | // Content-type must come before Content-disposition 89 | header('Content-length: ' . strlen($filedata)); 90 | header("Content-type: $mimetype"); 91 | header("Content-disposition: $disposition; filename=$filename"); 92 | 93 | echo $filedata; 94 | exit(); 95 | } 96 | 97 | if (isset($_POST['action']) and $_POST['action'] == 'delete' and 98 | isset($_POST['id'])) 99 | { 100 | include 'db.inc.php'; 101 | 102 | try 103 | { 104 | $sql = 'DELETE FROM filestore 105 | WHERE id = :id'; 106 | $s = $pdo->prepare($sql); 107 | $s->bindValue(':id', $_POST['id']); 108 | $s->execute(); 109 | } 110 | catch (PDOException $e) 111 | { 112 | $error = 'Database error deleting requested file.'; 113 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'; 114 | exit(); 115 | } 116 | 117 | header('Location: .'); 118 | exit(); 119 | } 120 | 121 | include 'db.inc.php'; 122 | 123 | try 124 | { 125 | $result = $pdo->query( 126 | 'SELECT id, filename, mimetype, description 127 | FROM filestore'); 128 | } 129 | catch (PDOException $e) 130 | { 131 | $error = 'Database error fetching stored files.'; 132 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'; 133 | exit(); 134 | } 135 | 136 | $files = array(); 137 | foreach ($result as $row) 138 | { 139 | $files[] = array( 140 | 'id' => $row['id'], 141 | 'filename' => $row['filename'], 142 | 'mimetype' => $row['mimetype'], 143 | 'description' => $row['description']); 144 | } 145 | 146 | include 'files.html.php'; 147 | -------------------------------------------------------------------------------- /chapter12/includes/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter12/includes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter12/includes/helpers.inc.php: -------------------------------------------------------------------------------- 1 | $1', $text); 18 | $text = preg_replace('/\*\*(.+?)\*\*/s', '$1', $text); 19 | 20 | // emphasis 21 | $text = preg_replace('/_([^_]+)_/', '$1', $text); 22 | $text = preg_replace('/\*([^\*]+)\*/', '$1', $text); 23 | 24 | // Convert Windows (\r\n) to Unix (\n) 25 | $text = str_replace("\r\n", "\n", $text); 26 | // Convert Macintosh (\r) to Unix (\n) 27 | $text = str_replace("\r", "\n", $text); 28 | 29 | // Paragraphs 30 | $text = '

' . str_replace("\n\n", '

', $text) . '

'; 31 | // Line breaks 32 | $text = str_replace("\n", '
', $text); 33 | 34 | // [linked text](link URL) 35 | $text = preg_replace( 36 | '/\[([^\]]+)]\(([-a-z0-9._~:\/?#@!$&\'()*+,;=%]+)\)/i', 37 | '$1', $text); 38 | 39 | return $text; 40 | } 41 | 42 | function markdownout($text) 43 | { 44 | echo markdown2html($text); 45 | } 46 | -------------------------------------------------------------------------------- /chapter12/includes/magicquotes.inc.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | -------------------------------------------------------------------------------- /chapter12/recentjokes/controller.php: -------------------------------------------------------------------------------- 1 | query($sql); 11 | } 12 | catch (PDOException $e) 13 | { 14 | $error = 'Error fetching jokes.'; 15 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'; 16 | exit(); 17 | } 18 | 19 | foreach ($result as $row) 20 | { 21 | $jokes[] = array('text' => $row['joketext']); 22 | } 23 | 24 | include 'jokes.html.php'; 25 | -------------------------------------------------------------------------------- /chapter12/recentjokes/generate.bat: -------------------------------------------------------------------------------- 1 | @C:\xampp\php\php.exe generate.php 2 | -------------------------------------------------------------------------------- /chapter12/recentjokes/generate.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Recent Jokes 8 | 9 | 10 | 11 |

Here are the most recent jokes in the database:

12 | 13 | 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /chapter12/sql/filestore.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple file storage table 2 | 3 | CREATE TABLE filestore ( 4 | id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, 5 | filename VARCHAR(255) NOT NULL, 6 | mimetype VARCHAR(50) NOT NULL, 7 | description VARCHAR(255) NOT NULL, 8 | filedata MEDIUMBLOB 9 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 10 | -------------------------------------------------------------------------------- /chapter12/sql/ijdb.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE author ( 2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 | name VARCHAR(255), 4 | email VARCHAR(255), 5 | password CHAR(32), 6 | UNIQUE (email) 7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 8 | 9 | CREATE TABLE joke ( 10 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 11 | joketext TEXT, 12 | jokedate DATE NOT NULL, 13 | authorid INT, 14 | FOREIGN KEY (authorid) REFERENCES author (id) 15 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 16 | 17 | CREATE TABLE category ( 18 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 19 | name VARCHAR(255) 20 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 21 | 22 | CREATE TABLE jokecategory ( 23 | jokeid INT NOT NULL, 24 | categoryid INT NOT NULL, 25 | PRIMARY KEY (jokeid, categoryid), 26 | FOREIGN KEY (jokeid) REFERENCES joke (id), 27 | FOREIGN KEY (categoryid) REFERENCES category (id) 28 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 29 | 30 | CREATE TABLE role ( 31 | id VARCHAR(255) NOT NULL PRIMARY KEY, 32 | description VARCHAR(255) 33 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 34 | 35 | CREATE TABLE authorrole ( 36 | authorid INT NOT NULL, 37 | roleid VARCHAR(255) NOT NULL, 38 | PRIMARY KEY (authorid, roleid), 39 | FOREIGN KEY (authorid) REFERENCES author (id), 40 | FOREIGN KEY (roleid) REFERENCES role (id) 41 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 42 | 43 | # Sample data 44 | # We specify the IDs so they are known when we add related entries 45 | 46 | INSERT INTO author (id, name, email, password) VALUES 47 | (1, 'Kevin Yank', 'thatguy@kevinyank.com', MD5('passwordijdb')), 48 | (2, 'Joan Smith', 'joan@example.com', NULL); 49 | 50 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES 51 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1), 52 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1), 53 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2), 54 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2); 55 | 56 | INSERT INTO category (id, name) VALUES 57 | (1, 'Knock-knock'), 58 | (2, 'Cross the road'), 59 | (3, 'Lawyers'), 60 | (4, 'Walk the bar'); 61 | 62 | INSERT INTO jokecategory (jokeid, categoryid) VALUES 63 | (1, 2), 64 | (2, 1), 65 | (3, 4), 66 | (4, 3); 67 | 68 | INSERT INTO role (id, description) VALUES 69 | ('Content Editor', 'Add, remove, and edit jokes'), 70 | ('Account Administrator', 'Add, remove, and edit authors'), 71 | ('Site Administrator', 'Add, remove, and edit categories'); 72 | 73 | INSERT INTO authorrole (authorid, roleid) VALUES 74 | (1, 'Account Administrator'); 75 | -------------------------------------------------------------------------------- /chapter2/joketable.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple joke table 2 | 3 | CREATE TABLE joke ( 4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 5 | joketext TEXT, 6 | jokedate DATE NOT NULL 7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 8 | 9 | 10 | # Adding jokes to the table 11 | 12 | INSERT INTO joke SET 13 | joketext = 'Why did the chicken cross the road? To get to the other side!', 14 | jokedate = '2013-04-01'; 15 | 16 | INSERT INTO joke 17 | (joketext, jokedate) VALUES ( 18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', 19 | "2012-04-01" 20 | ); 21 | 22 | 23 | # Updating the jokedate column in the database 24 | 25 | UPDATE joke SET jokedate = "2012-04-01" WHERE id = "1"; 26 | -------------------------------------------------------------------------------- /chapter3/count10-for.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Counting to Ten 6 | 7 | 8 |

9 | 15 |

16 | 17 | 18 | -------------------------------------------------------------------------------- /chapter3/count10.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Counting to Ten 6 | 7 | 8 |

9 | 17 |

18 | 19 | 20 | -------------------------------------------------------------------------------- /chapter3/count10/count.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Counting to Ten 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter3/count10/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Today’s Date 6 | 7 | 8 |

test!'; ?>

9 | 10 | 11 | -------------------------------------------------------------------------------- /chapter3/forms1/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
14 |
15 |
16 |
17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/forms1/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/forms2/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
14 |
15 |
16 |
17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/forms2/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/forms3/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
14 |
15 |
16 |
17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/forms3/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/if/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
13 |
14 | 15 | 16 | -------------------------------------------------------------------------------- /chapter3/if/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/ifelse1/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
13 |
14 | 15 | 16 | -------------------------------------------------------------------------------- /chapter3/ifelse1/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 21 |

22 | 23 | 24 | -------------------------------------------------------------------------------- /chapter3/ifelse2/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
14 |
15 |
16 |
17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/ifelse2/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 23 |

24 | 25 | 26 | -------------------------------------------------------------------------------- /chapter3/links1/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Query String Link Example 6 | 7 | 8 |

Hi, I’m Kevin!

9 | 10 | 11 | -------------------------------------------------------------------------------- /chapter3/links1/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Query String Link Example 6 | 7 | 8 |

9 | 13 |

14 | 15 | 16 | -------------------------------------------------------------------------------- /chapter3/links2/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Query String Link Example 6 | 7 | 8 |

Hi, I’m Kevin!

9 | 10 | 11 | -------------------------------------------------------------------------------- /chapter3/links2/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Query String Link Example 6 | 7 | 8 |

9 | 14 |

15 | 16 | 17 | -------------------------------------------------------------------------------- /chapter3/links3/name.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Query String Link Example 6 | 7 | 8 |

Hi, I’m Kevin Yank!

9 | 10 | 11 | -------------------------------------------------------------------------------- /chapter3/links3/name.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Query String Link Example 6 | 7 | 8 |

9 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/today.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Today’s Date 6 | 7 | 8 |

Today’s date (according to this web server) is 9 | 14 |

15 | 16 | 17 | -------------------------------------------------------------------------------- /chapter3/today/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Today’s Date 6 | 7 | 8 |

Today’s date (according to this web server) is 9 | 14 |

15 | 16 | 17 | -------------------------------------------------------------------------------- /chapter3/welcome/form.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |
9 |
11 |
12 |
14 |
15 |
16 |
17 | 18 | 19 | -------------------------------------------------------------------------------- /chapter3/welcome/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Form Example 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter4/addjoke/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter4/addjoke/form.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Add Joke 6 | 12 | 13 | 14 |
15 |
16 | 17 | 18 |
19 |
20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /chapter4/addjoke/index.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | 24 | if (isset($_GET['addjoke'])) 25 | { 26 | include 'form.html.php'; 27 | exit(); 28 | } 29 | 30 | try 31 | { 32 | $pdo = new PDO('mysql:host=localhost;dbname=ijdb', 'ijdbuser', 'mypassword'); 33 | $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 34 | $pdo->exec('SET NAMES "utf8"'); 35 | } 36 | catch (PDOException $e) 37 | { 38 | $error = 'Unable to connect to the database server.'; 39 | include 'error.html.php'; 40 | exit(); 41 | } 42 | 43 | if (isset($_POST['joketext'])) 44 | { 45 | try 46 | { 47 | $sql = 'INSERT INTO joke SET 48 | joketext = :joketext, 49 | jokedate = CURDATE()'; 50 | $s = $pdo->prepare($sql); 51 | $s->bindValue(':joketext', $_POST['joketext']); 52 | $s->execute(); 53 | } 54 | catch (PDOException $e) 55 | { 56 | $error = 'Error adding submitted joke: ' . $e->getMessage(); 57 | include 'error.html.php'; 58 | exit(); 59 | } 60 | 61 | header('Location: .'); 62 | exit(); 63 | } 64 | 65 | try 66 | { 67 | $sql = 'SELECT joketext FROM joke'; 68 | $result = $pdo->query($sql); 69 | } 70 | catch (PDOException $e) 71 | { 72 | $error = 'Error fetching jokes: ' . $e->getMessage(); 73 | include 'error.html.php'; 74 | exit(); 75 | } 76 | 77 | while ($row = $result->fetch()) 78 | { 79 | $jokes[] = $row['joketext']; 80 | } 81 | 82 | include 'jokes.html.php'; 83 | -------------------------------------------------------------------------------- /chapter4/addjoke/jokes.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | List of Jokes 6 | 7 | 8 |

Add your own joke

9 |

Here are all the jokes in the database:

10 | 11 |
12 |

13 |
14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /chapter4/connect/index.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $output = 'Unable to connect to the database server.'; 11 | include 'output.html.php'; 12 | exit(); 13 | } 14 | 15 | $output = 'Database connection established.'; 16 | include 'output.html.php'; 17 | -------------------------------------------------------------------------------- /chapter4/connect/output.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Output 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter4/createtable/index.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $output = 'Unable to connect to the database server.'; 11 | include 'output.html.php'; 12 | exit(); 13 | } 14 | 15 | try 16 | { 17 | $sql = 'CREATE TABLE joke ( 18 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 19 | joketext TEXT, 20 | jokedate DATE NOT NULL 21 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB'; 22 | $pdo->exec($sql); 23 | } 24 | catch (PDOException $e) 25 | { 26 | $output = 'Error creating joke table: ' . $e->getMessage(); 27 | include 'output.html.php'; 28 | exit(); 29 | } 30 | 31 | $output = 'Joke table successfully created.'; 32 | include 'output.html.php'; 33 | -------------------------------------------------------------------------------- /chapter4/createtable/output.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Output 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter4/deletejoke/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter4/deletejoke/form.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Add Joke 6 | 12 | 13 | 14 |
15 |
16 | 17 | 18 |
19 |
20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /chapter4/deletejoke/index.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | 24 | if (isset($_GET['addjoke'])) 25 | { 26 | include 'form.html.php'; 27 | exit(); 28 | } 29 | 30 | try 31 | { 32 | $pdo = new PDO('mysql:host=localhost;dbname=ijdb', 'ijdbuser', 'mypassword'); 33 | $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 34 | $pdo->exec('SET NAMES "utf8"'); 35 | } 36 | catch (PDOException $e) 37 | { 38 | $error = 'Unable to connect to the database server.'; 39 | include 'error.html.php'; 40 | exit(); 41 | } 42 | 43 | if (isset($_POST['joketext'])) 44 | { 45 | try 46 | { 47 | $sql = 'INSERT INTO joke SET 48 | joketext = :joketext, 49 | jokedate = CURDATE()'; 50 | $s = $pdo->prepare($sql); 51 | $s->bindValue(':joketext', $_POST['joketext']); 52 | $s->execute(); 53 | } 54 | catch (PDOException $e) 55 | { 56 | $error = 'Error adding submitted joke: ' . $e->getMessage(); 57 | include 'error.html.php'; 58 | exit(); 59 | } 60 | 61 | header('Location: .'); 62 | exit(); 63 | } 64 | 65 | if (isset($_GET['deletejoke'])) 66 | { 67 | try 68 | { 69 | $sql = 'DELETE FROM joke WHERE id = :id'; 70 | $s = $pdo->prepare($sql); 71 | $s->bindValue(':id', $_POST['id']); 72 | $s->execute(); 73 | } 74 | catch (PDOException $e) 75 | { 76 | $error = 'Error deleting joke: ' . $e->getMessage(); 77 | include 'error.html.php'; 78 | exit(); 79 | } 80 | 81 | header('Location: .'); 82 | exit(); 83 | } 84 | 85 | try 86 | { 87 | $sql = 'SELECT id, joketext FROM joke'; 88 | $result = $pdo->query($sql); 89 | } 90 | catch (PDOException $e) 91 | { 92 | $error = 'Error fetching jokes: ' . $e->getMessage(); 93 | include 'error.html.php'; 94 | exit(); 95 | } 96 | 97 | while ($row = $result->fetch()) 98 | { 99 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']); 100 | } 101 | 102 | include 'jokes.html.php'; 103 | -------------------------------------------------------------------------------- /chapter4/deletejoke/jokes.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | List of Jokes 6 | 7 | 8 |

Add your own joke

9 |

Here are all the jokes in the database:

10 | 11 |
12 |
13 |

14 | 15 | 16 | 17 |

18 |
19 |
20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /chapter4/listjokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter4/listjokes/index.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | 15 | try 16 | { 17 | $sql = 'SELECT joketext FROM joke'; 18 | $result = $pdo->query($sql); 19 | } 20 | catch (PDOException $e) 21 | { 22 | $error = 'Error fetching jokes: ' . $e->getMessage(); 23 | include 'error.html.php'; 24 | exit(); 25 | } 26 | 27 | while ($row = $result->fetch()) 28 | { 29 | $jokes[] = $row['joketext']; 30 | } 31 | 32 | include 'jokes.html.php'; 33 | -------------------------------------------------------------------------------- /chapter4/listjokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | List of Jokes 6 | 7 | 8 |

Here are all the jokes in the database:

9 | 10 |
11 |

12 | 13 |

14 |
15 | 16 | 17 | 18 | -------------------------------------------------------------------------------- /chapter4/sql/joketable.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple joke table 2 | 3 | CREATE TABLE joke ( 4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 5 | joketext TEXT, 6 | jokedate DATE NOT NULL 7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 8 | 9 | 10 | # Adding jokes to the table 11 | 12 | INSERT INTO joke SET 13 | joketext = 'Why did the chicken cross the road? To get to the other side!', 14 | jokedate = '2009-04-01'; 15 | 16 | INSERT INTO joke 17 | (joketext, jokedate) VALUES ( 18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', 19 | "2009-04-01" 20 | ); 21 | -------------------------------------------------------------------------------- /chapter4/updatechicken/index.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $output = 'Unable to connect to the database server.'; 11 | include 'output.html.php'; 12 | exit(); 13 | } 14 | 15 | try 16 | { 17 | $sql = 'UPDATE joke SET jokedate="2012-04-01" 18 | WHERE joketext LIKE "%chicken%"'; 19 | $affectedRows = $pdo->exec($sql); 20 | } 21 | catch (PDOException $e) 22 | { 23 | $output = 'Error performing update: ' . $e->getMessage(); 24 | include 'output.html.php'; 25 | exit(); 26 | } 27 | 28 | $output = "Updated $affectedRows rows."; 29 | include 'output.html.php'; 30 | -------------------------------------------------------------------------------- /chapter4/updatechicken/output.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Output 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter5/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter5/jokes/form.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Add Joke 6 | 12 | 13 | 14 |
15 |
16 | 17 | 18 |
19 |
20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /chapter5/jokes/index.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | 24 | if (isset($_GET['addjoke'])) 25 | { 26 | include 'form.html.php'; 27 | exit(); 28 | } 29 | 30 | try 31 | { 32 | $pdo = new PDO('mysql:host=localhost;dbname=ijdb', 'ijdbuser', 'mypassword'); 33 | $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 34 | $pdo->exec('SET NAMES "utf8"'); 35 | } 36 | catch (PDOException $e) 37 | { 38 | $error = 'Unable to connect to the database server.'; 39 | include 'error.html.php'; 40 | exit(); 41 | } 42 | 43 | if (isset($_POST['joketext'])) 44 | { 45 | try 46 | { 47 | $sql = 'INSERT INTO joke SET 48 | joketext = :joketext, 49 | jokedate = CURDATE()'; 50 | $s = $pdo->prepare($sql); 51 | $s->bindValue(':joketext', $_POST['joketext']); 52 | $s->execute(); 53 | } 54 | catch (PDOException $e) 55 | { 56 | $error = 'Error adding submitted joke: ' . $e->getMessage(); 57 | include 'error.html.php'; 58 | exit(); 59 | } 60 | 61 | header('Location: .'); 62 | exit(); 63 | } 64 | 65 | if (isset($_GET['deletejoke'])) 66 | { 67 | try 68 | { 69 | $sql = 'DELETE FROM joke WHERE id = :id'; 70 | $s = $pdo->prepare($sql); 71 | $s->bindValue(':id', $_POST['id']); 72 | $s->execute(); 73 | } 74 | catch (PDOException $e) 75 | { 76 | $error = 'Error deleting joke: ' . $e->getMessage(); 77 | include 'error.html.php'; 78 | exit(); 79 | } 80 | 81 | header('Location: .'); 82 | exit(); 83 | } 84 | 85 | try 86 | { 87 | $sql = 'SELECT joke.id, joketext, name, email 88 | FROM joke INNER JOIN author 89 | ON authorid = author.id'; 90 | $result = $pdo->query($sql); 91 | } 92 | catch (PDOException $e) 93 | { 94 | $error = 'Error fetching jokes: ' . $e->getMessage(); 95 | include 'error.html.php'; 96 | exit(); 97 | } 98 | 99 | foreach ($result as $row) 100 | { 101 | $jokes[] = array( 102 | 'id' => $row['id'], 103 | 'text' => $row['joketext'], 104 | 'name' => $row['name'], 105 | 'email' => $row['email'] 106 | ); 107 | } 108 | 109 | include 'jokes.html.php'; 110 | -------------------------------------------------------------------------------- /chapter5/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | List of Jokes 6 | 7 | 8 |

Add your own joke

9 |

Here are all the jokes in the database:

10 | 11 |
12 |
13 |

14 | 15 | 16 | 17 | (by ) 22 |

23 |
24 |
25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /chapter5/sql/2tables.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple joke table that stores an author ID 2 | 3 | CREATE TABLE joke ( 4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 5 | joketext TEXT, 6 | jokedate DATE NOT NULL, 7 | authorid INT 8 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 9 | 10 | # Code to create a simple author table 11 | 12 | CREATE TABLE author ( 13 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 14 | name VARCHAR(255), 15 | email VARCHAR(255) 16 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 17 | 18 | # Adding authors to the database 19 | # We specify the IDs so they are known when we add the jokes below. 20 | 21 | INSERT INTO author SET 22 | id = 1, 23 | name = 'Kevin Yank', 24 | email = 'thatguy@kevinyank.com'; 25 | 26 | INSERT INTO author (id, name, email) 27 | VALUES (2, 'Joan Smith', 'joan@example.com'); 28 | 29 | # Adding jokes to the database 30 | 31 | INSERT INTO joke SET 32 | joketext = 'Why did the chicken cross the road? To get to the other side!', 33 | jokedate = '2012-04-01', 34 | authorid = 1; 35 | 36 | INSERT INTO joke (joketext, jokedate, authorid) 37 | VALUES ( 38 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', 39 | '2012-04-01', 40 | 1 41 | ); 42 | 43 | INSERT INTO joke (joketext, jokedate, authorid) 44 | VALUES ( 45 | 'A man walks into a bar. "Ouch."', 46 | '2012-04-01', 47 | 2 48 | ); 49 | -------------------------------------------------------------------------------- /chapter5/sql/jokes1.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple joke table 2 | 3 | CREATE TABLE joke ( 4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 5 | joketext TEXT, 6 | jokedate DATE NOT NULL 7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 8 | 9 | 10 | # Adding jokes to the table 11 | 12 | INSERT INTO joke SET 13 | joketext = 'Why did the chicken cross the road? To get to the other side!', 14 | jokedate = '2009-04-01'; 15 | 16 | INSERT INTO joke 17 | (joketext, jokedate) VALUES ( 18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', 19 | "2009-04-01" 20 | ); 21 | -------------------------------------------------------------------------------- /chapter6/calculate-area/area-function.inc.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Calculate Area 6 | 7 | 8 |

9 | Area: 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/dynamic-footer/footer.inc.html.php: -------------------------------------------------------------------------------- 1 | 6 | -------------------------------------------------------------------------------- /chapter6/dynamic-footer/index.php: -------------------------------------------------------------------------------- 1 | 4 | -------------------------------------------------------------------------------- /chapter6/dynamic-footer/samplepage.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | A Sample Page 6 | 7 | 8 |

9 | This page uses a static include to display a standard 10 | copyright notice below. 11 |

12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /chapter6/includes/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter6/includes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/includes/helpers.inc.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | -------------------------------------------------------------------------------- /chapter6/jokes-helpers/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/jokes-helpers/form.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Add Joke 6 | 12 | 13 | 14 |
15 |
16 | 17 | 18 |
19 |
20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /chapter6/jokes-helpers/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 20 | $s->bindValue(':joketext', $_POST['joketext']); 21 | $s->execute(); 22 | } 23 | catch (PDOException $e) 24 | { 25 | $error = 'Error adding submitted joke: ' . $e->getMessage(); 26 | include 'error.html.php'; 27 | exit(); 28 | } 29 | 30 | header('Location: .'); 31 | exit(); 32 | } 33 | 34 | if (isset($_GET['deletejoke'])) 35 | { 36 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 37 | 38 | try 39 | { 40 | $sql = 'DELETE FROM joke WHERE id = :id'; 41 | $s = $pdo->prepare($sql); 42 | $s->bindValue(':id', $_POST['id']); 43 | $s->execute(); 44 | } 45 | catch (PDOException $e) 46 | { 47 | $error = 'Error deleting joke: ' . $e->getMessage(); 48 | include 'error.html.php'; 49 | exit(); 50 | } 51 | 52 | header('Location: .'); 53 | exit(); 54 | } 55 | 56 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 57 | 58 | try 59 | { 60 | $sql = 'SELECT joke.id, joketext, name, email 61 | FROM joke INNER JOIN author 62 | ON authorid = author.id'; 63 | $result = $pdo->query($sql); 64 | } 65 | catch (PDOException $e) 66 | { 67 | $error = 'Error fetching jokes: ' . $e->getMessage(); 68 | include 'error.html.php'; 69 | exit(); 70 | } 71 | 72 | foreach ($result as $row) 73 | { 74 | $jokes[] = array( 75 | 'id' => $row['id'], 76 | 'text' => $row['joketext'], 77 | 'name' => $row['name'], 78 | 'email' => $row['email'] 79 | ); 80 | } 81 | 82 | include 'jokes.html.php'; 83 | -------------------------------------------------------------------------------- /chapter6/jokes-helpers/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | List of Jokes 8 | 9 | 10 |

Add your own joke

11 |

Here are all the jokes in the database:

12 | 13 |
14 |
15 |

16 | 17 | 19 | 20 | (by ) 22 |

23 |
24 |
25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /chapter6/jokes/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter6/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/jokes/form.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Add Joke 6 | 12 | 13 | 14 |
15 |
16 | 17 | 18 |
19 |
20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /chapter6/jokes/index.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | 24 | if (isset($_GET['addjoke'])) 25 | { 26 | include 'form.html.php'; 27 | exit(); 28 | } 29 | 30 | if (isset($_POST['joketext'])) 31 | { 32 | include 'db.inc.php'; 33 | 34 | try 35 | { 36 | $sql = 'INSERT INTO joke SET 37 | joketext = :joketext, 38 | jokedate = CURDATE()'; 39 | $s = $pdo->prepare($sql); 40 | $s->bindValue(':joketext', $_POST['joketext']); 41 | $s->execute(); 42 | } 43 | catch (PDOException $e) 44 | { 45 | $error = 'Error adding submitted joke: ' . $e->getMessage(); 46 | include 'error.html.php'; 47 | exit(); 48 | } 49 | 50 | header('Location: .'); 51 | exit(); 52 | } 53 | 54 | if (isset($_GET['deletejoke'])) 55 | { 56 | include 'db.inc.php'; 57 | 58 | try 59 | { 60 | $sql = 'DELETE FROM joke WHERE id = :id'; 61 | $s = $pdo->prepare($sql); 62 | $s->bindValue(':id', $_POST['id']); 63 | $s->execute(); 64 | } 65 | catch (PDOException $e) 66 | { 67 | $error = 'Error deleting joke: ' . $e->getMessage(); 68 | include 'error.html.php'; 69 | exit(); 70 | } 71 | 72 | header('Location: .'); 73 | exit(); 74 | } 75 | 76 | include 'db.inc.php'; 77 | 78 | try 79 | { 80 | $sql = 'SELECT joke.id, joketext, name, email 81 | FROM joke INNER JOIN author 82 | ON authorid = author.id'; 83 | $result = $pdo->query($sql); 84 | } 85 | catch (PDOException $e) 86 | { 87 | $error = 'Error fetching jokes: ' . $e->getMessage(); 88 | include 'error.html.php'; 89 | exit(); 90 | } 91 | 92 | foreach ($result as $row) 93 | { 94 | $jokes[] = array( 95 | 'id' => $row['id'], 96 | 'text' => $row['joketext'], 97 | 'name' => $row['name'], 98 | 'email' => $row['email'] 99 | ); 100 | } 101 | 102 | include 'jokes.html.php'; 103 | -------------------------------------------------------------------------------- /chapter6/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | List of Jokes 6 | 7 | 8 |

Add your own joke

9 |

Here are all the jokes in the database:

10 | 11 |
12 |
13 |

14 | 15 | 16 | 17 | (by ) 22 |

23 |
24 |
25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /chapter6/sql/joketable.sql: -------------------------------------------------------------------------------- 1 | # Code to create a simple joke table 2 | 3 | CREATE TABLE joke ( 4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 5 | joketext TEXT, 6 | jokedate DATE NOT NULL 7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 8 | 9 | 10 | # Adding jokes to the table 11 | 12 | INSERT INTO joke SET 13 | joketext = 'Why did the chicken cross the road? To get to the other side!', 14 | jokedate = '2009-04-01'; 15 | 16 | INSERT INTO joke 17 | (joketext, jokedate) VALUES ( 18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', 19 | "2009-04-01" 20 | ); 21 | -------------------------------------------------------------------------------- /chapter6/static-footer/footer.inc.html.php: -------------------------------------------------------------------------------- 1 | 5 | -------------------------------------------------------------------------------- /chapter6/static-footer/index.php: -------------------------------------------------------------------------------- 1 | 4 | -------------------------------------------------------------------------------- /chapter6/static-footer/samplepage.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | A Sample Page 6 | 7 | 8 |

9 | This page uses a static include to display a standard 10 | copyright notice below. 11 |

12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /chapter6/totaljokes-global1/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/totaljokes-global1/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Calculate Area 6 | 7 | 8 |

9 | Total jokes: 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/totaljokes-global1/totaljokes-function.inc.php: -------------------------------------------------------------------------------- 1 | query('SELECT COUNT(*) FROM joke'); 11 | } 12 | catch (PDOException $e) 13 | { 14 | $error = 'Database error counting jokes!'; 15 | include 'error.html.php'; 16 | exit(); 17 | } 18 | 19 | $row = $result->fetch(); 20 | 21 | return $row[0]; 22 | } 23 | -------------------------------------------------------------------------------- /chapter6/totaljokes-global2/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/totaljokes-global2/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Calculate Area 6 | 7 | 8 |

9 | Total jokes: 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter6/totaljokes-global2/totaljokes-function.inc.php: -------------------------------------------------------------------------------- 1 | query('SELECT COUNT(*) FROM joke'); 9 | } 10 | catch (PDOException $e) 11 | { 12 | $error = 'Database error counting jokes!'; 13 | include 'error.html.php'; 14 | exit(); 15 | } 16 | 17 | $row = $result->fetch(); 18 | 19 | return $row[0]; 20 | } 21 | -------------------------------------------------------------------------------- /chapter7/admin/authors/authors.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Authors 8 | 9 | 10 |

Manage Authors

11 |

Add new author

12 | 27 |

Return to JMS home

28 | 29 | 30 | -------------------------------------------------------------------------------- /chapter7/admin/authors/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter7/admin/authors/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 9 | 10 |

11 |
12 |
13 | 15 |
16 |
17 | 19 |
20 |
21 | 23 | 24 |
25 |
26 | 27 | 28 | -------------------------------------------------------------------------------- /chapter7/admin/authors/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 28 | $s->bindValue(':name', $_POST['name']); 29 | $s->bindValue(':email', $_POST['email']); 30 | $s->execute(); 31 | } 32 | catch (PDOException $e) 33 | { 34 | $error = 'Error adding submitted author.'; 35 | include 'error.html.php'; 36 | exit(); 37 | } 38 | 39 | header('Location: .'); 40 | exit(); 41 | } 42 | 43 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 44 | { 45 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 46 | 47 | try 48 | { 49 | $sql = 'SELECT id, name, email FROM author WHERE id = :id'; 50 | $s = $pdo->prepare($sql); 51 | $s->bindValue(':id', $_POST['id']); 52 | $s->execute(); 53 | } 54 | catch (PDOException $e) 55 | { 56 | $error = 'Error fetching author details.'; 57 | include 'error.html.php'; 58 | exit(); 59 | } 60 | 61 | $row = $s->fetch(); 62 | 63 | $pageTitle = 'Edit Author'; 64 | $action = 'editform'; 65 | $name = $row['name']; 66 | $email = $row['email']; 67 | $id = $row['id']; 68 | $button = 'Update author'; 69 | 70 | include 'form.html.php'; 71 | exit(); 72 | } 73 | 74 | if (isset($_GET['editform'])) 75 | { 76 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 77 | 78 | try 79 | { 80 | $sql = 'UPDATE author SET 81 | name = :name, 82 | email = :email 83 | WHERE id = :id'; 84 | $s = $pdo->prepare($sql); 85 | $s->bindValue(':id', $_POST['id']); 86 | $s->bindValue(':name', $_POST['name']); 87 | $s->bindValue(':email', $_POST['email']); 88 | $s->execute(); 89 | } 90 | catch (PDOException $e) 91 | { 92 | $error = 'Error updating submitted author.'; 93 | include 'error.html.php'; 94 | exit(); 95 | } 96 | 97 | header('Location: .'); 98 | exit(); 99 | } 100 | 101 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 102 | { 103 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 104 | 105 | // Get jokes belonging to author 106 | try 107 | { 108 | $sql = 'SELECT id FROM joke WHERE authorid = :id'; 109 | $s = $pdo->prepare($sql); 110 | $s->bindValue(':id', $_POST['id']); 111 | $s->execute(); 112 | } 113 | catch (PDOException $e) 114 | { 115 | $error = 'Error getting list of jokes to delete.'; 116 | include 'error.html.php'; 117 | exit(); 118 | } 119 | 120 | $result = $s->fetchAll(); 121 | 122 | // Delete joke category entries 123 | try 124 | { 125 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 126 | $s = $pdo->prepare($sql); 127 | 128 | // For each joke 129 | foreach ($result as $row) 130 | { 131 | $jokeId = $row['id']; 132 | $s->bindValue(':id', $jokeId); 133 | $s->execute(); 134 | } 135 | } 136 | catch (PDOException $e) 137 | { 138 | $error = 'Error deleting category entries for joke.'; 139 | include 'error.html.php'; 140 | exit(); 141 | } 142 | 143 | // Delete jokes belonging to author 144 | try 145 | { 146 | $sql = 'DELETE FROM joke WHERE authorid = :id'; 147 | $s = $pdo->prepare($sql); 148 | $s->bindValue(':id', $_POST['id']); 149 | $s->execute(); 150 | } 151 | catch (PDOException $e) 152 | { 153 | $error = 'Error deleting jokes for author.'; 154 | include 'error.html.php'; 155 | exit(); 156 | } 157 | 158 | // Delete the author 159 | try 160 | { 161 | $sql = 'DELETE FROM author WHERE id = :id'; 162 | $s = $pdo->prepare($sql); 163 | $s->bindValue(':id', $_POST['id']); 164 | $s->execute(); 165 | } 166 | catch (PDOException $e) 167 | { 168 | $error = 'Error deleting author.'; 169 | include 'error.html.php'; 170 | exit(); 171 | } 172 | 173 | header('Location: .'); 174 | exit(); 175 | } 176 | 177 | // Display author list 178 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 179 | 180 | try 181 | { 182 | $result = $pdo->query('SELECT id, name FROM author'); 183 | } 184 | catch (PDOException $e) 185 | { 186 | $error = 'Error fetching authors from the database!'; 187 | include 'error.html.php'; 188 | exit(); 189 | } 190 | 191 | foreach ($result as $row) 192 | { 193 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 194 | } 195 | 196 | include 'authors.html.php'; 197 | -------------------------------------------------------------------------------- /chapter7/admin/categories/categories.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Categories 8 | 9 | 10 |

Manage Categories

11 |

Add new category

12 | 27 |

Return to JMS home

28 | 29 | 30 | -------------------------------------------------------------------------------- /chapter7/admin/categories/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter7/admin/categories/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 9 | 10 |

11 |
12 |
13 | 15 |
16 |
17 | 19 | 20 |
21 |
22 | 23 | 24 | -------------------------------------------------------------------------------- /chapter7/admin/categories/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 26 | $s->bindValue(':name', $_POST['name']); 27 | $s->execute(); 28 | } 29 | catch (PDOException $e) 30 | { 31 | $error = 'Error adding submitted category.'; 32 | include 'error.html.php'; 33 | exit(); 34 | } 35 | 36 | header('Location: .'); 37 | exit(); 38 | } 39 | 40 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 41 | { 42 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 43 | 44 | try 45 | { 46 | $sql = 'SELECT id, name FROM category WHERE id = :id'; 47 | $s = $pdo->prepare($sql); 48 | $s->bindValue(':id', $_POST['id']); 49 | $s->execute(); 50 | } 51 | catch (PDOException $e) 52 | { 53 | $error = 'Error fetching category details.'; 54 | include 'error.html.php'; 55 | exit(); 56 | } 57 | 58 | $row = $s->fetch(); 59 | 60 | $pageTitle = 'Edit Category'; 61 | $action = 'editform'; 62 | $name = $row['name']; 63 | $id = $row['id']; 64 | $button = 'Update category'; 65 | 66 | include 'form.html.php'; 67 | exit(); 68 | } 69 | 70 | if (isset($_GET['editform'])) 71 | { 72 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 73 | 74 | try 75 | { 76 | $sql = 'UPDATE category SET 77 | name = :name 78 | WHERE id = :id'; 79 | $s = $pdo->prepare($sql); 80 | $s->bindValue(':id', $_POST['id']); 81 | $s->bindValue(':name', $_POST['name']); 82 | $s->execute(); 83 | } 84 | catch (PDOException $e) 85 | { 86 | $error = 'Error updating submitted category.'; 87 | include 'error.html.php'; 88 | exit(); 89 | } 90 | 91 | header('Location: .'); 92 | exit(); 93 | } 94 | 95 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 96 | { 97 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 98 | 99 | // Delete joke associations with this category 100 | try 101 | { 102 | $sql = 'DELETE FROM jokecategory WHERE categoryid = :id'; 103 | $s = $pdo->prepare($sql); 104 | $s->bindValue(':id', $_POST['id']); 105 | $s->execute(); 106 | } 107 | catch (PDOException $e) 108 | { 109 | $error = 'Error removing jokes from category.'; 110 | include 'error.html.php'; 111 | exit(); 112 | } 113 | 114 | // Delete the category 115 | try 116 | { 117 | $sql = 'DELETE FROM category WHERE id = :id'; 118 | $s = $pdo->prepare($sql); 119 | $s->bindValue(':id', $_POST['id']); 120 | $s->execute(); 121 | } 122 | catch (PDOException $e) 123 | { 124 | $error = 'Error deleting category.'; 125 | include 'error.html.php'; 126 | exit(); 127 | } 128 | 129 | header('Location: .'); 130 | exit(); 131 | } 132 | 133 | // Display category list 134 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 135 | 136 | try 137 | { 138 | $result = $pdo->query('SELECT id, name FROM category'); 139 | } 140 | catch (PDOException $e) 141 | { 142 | $error = 'Error fetching categories from database!'; 143 | include 'error.html.php'; 144 | exit(); 145 | } 146 | 147 | foreach ($result as $row) 148 | { 149 | $categories[] = array('id' => $row['id'], 'name' => $row['name']); 150 | } 151 | 152 | include 'categories.html.php'; 153 | -------------------------------------------------------------------------------- /chapter7/admin/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Joke CMS 6 | 7 | 8 |

Joke Management System

9 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /chapter7/admin/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter7/admin/jokes/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 14 | 15 | 16 |

17 |
18 |
19 | 20 | 22 |
23 |
24 | 25 | 36 |
37 |
38 | Categories: 39 | 40 |
49 | 50 |
51 |
52 | 54 | 55 |
56 |
57 | 58 | 59 | -------------------------------------------------------------------------------- /chapter7/admin/jokes/index.php: -------------------------------------------------------------------------------- 1 | query('SELECT id, name FROM author'); 20 | } 21 | catch (PDOException $e) 22 | { 23 | $error = 'Error fetching list of authors.'; 24 | include 'error.html.php'; 25 | exit(); 26 | } 27 | 28 | foreach ($result as $row) 29 | { 30 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 31 | } 32 | 33 | // Build the list of categories 34 | try 35 | { 36 | $result = $pdo->query('SELECT id, name FROM category'); 37 | } 38 | catch (PDOException $e) 39 | { 40 | $error = 'Error fetching list of categories.'; 41 | include 'error.html.php'; 42 | exit(); 43 | } 44 | 45 | foreach ($result as $row) 46 | { 47 | $categories[] = array( 48 | 'id' => $row['id'], 49 | 'name' => $row['name'], 50 | 'selected' => FALSE); 51 | } 52 | 53 | include 'form.html.php'; 54 | exit(); 55 | } 56 | 57 | if (isset($_GET['addform'])) 58 | { 59 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 60 | 61 | if ($_POST['author'] == '') 62 | { 63 | $error = 'You must choose an author for this joke. 64 | Click ‘back’ and try again.'; 65 | include 'error.html.php'; 66 | exit(); 67 | } 68 | 69 | try 70 | { 71 | $sql = 'INSERT INTO joke SET 72 | joketext = :joketext, 73 | jokedate = CURDATE(), 74 | authorid = :authorid'; 75 | $s = $pdo->prepare($sql); 76 | $s->bindValue(':joketext', $_POST['text']); 77 | $s->bindValue(':authorid', $_POST['author']); 78 | $s->execute(); 79 | } 80 | catch (PDOException $e) 81 | { 82 | $error = 'Error adding submitted joke.'; 83 | include 'error.html.php'; 84 | exit(); 85 | } 86 | 87 | $jokeid = $pdo->lastInsertId(); 88 | 89 | if (isset($_POST['categories'])) 90 | { 91 | try 92 | { 93 | $sql = 'INSERT INTO jokecategory SET 94 | jokeid = :jokeid, 95 | categoryid = :categoryid'; 96 | $s = $pdo->prepare($sql); 97 | 98 | foreach ($_POST['categories'] as $categoryid) 99 | { 100 | $s->bindValue(':jokeid', $jokeid); 101 | $s->bindValue(':categoryid', $categoryid); 102 | $s->execute(); 103 | } 104 | } 105 | catch (PDOException $e) 106 | { 107 | $error = 'Error inserting joke into selected categories.'; 108 | include 'error.html.php'; 109 | exit(); 110 | } 111 | } 112 | 113 | header('Location: .'); 114 | exit(); 115 | } 116 | 117 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 118 | { 119 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 120 | 121 | try 122 | { 123 | $sql = 'SELECT id, joketext, authorid FROM joke WHERE id = :id'; 124 | $s = $pdo->prepare($sql); 125 | $s->bindValue(':id', $_POST['id']); 126 | $s->execute(); 127 | } 128 | catch (PDOException $e) 129 | { 130 | $error = 'Error fetching joke details.'; 131 | include 'error.html.php'; 132 | exit(); 133 | } 134 | $row = $s->fetch(); 135 | 136 | $pageTitle = 'Edit Joke'; 137 | $action = 'editform'; 138 | $text = $row['joketext']; 139 | $authorid = $row['authorid']; 140 | $id = $row['id']; 141 | $button = 'Update joke'; 142 | 143 | // Build the list of authors 144 | try 145 | { 146 | $result = $pdo->query('SELECT id, name FROM author'); 147 | } 148 | catch (PDOException $e) 149 | { 150 | $error = 'Error fetching list of authors.'; 151 | include 'error.html.php'; 152 | exit(); 153 | } 154 | 155 | foreach ($result as $row) 156 | { 157 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 158 | } 159 | 160 | // Get list of categories containing this joke 161 | try 162 | { 163 | $sql = 'SELECT categoryid FROM jokecategory WHERE jokeid = :id'; 164 | $s = $pdo->prepare($sql); 165 | $s->bindValue(':id', $id); 166 | $s->execute(); 167 | } 168 | catch (PDOException $e) 169 | { 170 | $error = 'Error fetching list of selected categories.'; 171 | include 'error.html.php'; 172 | exit(); 173 | } 174 | 175 | foreach ($s as $row) 176 | { 177 | $selectedCategories[] = $row['categoryid']; 178 | } 179 | 180 | // Build the list of all categories 181 | try 182 | { 183 | $result = $pdo->query('SELECT id, name FROM category'); 184 | } 185 | catch (PDOException $e) 186 | { 187 | $error = 'Error fetching list of categories.'; 188 | include 'error.html.php'; 189 | exit(); 190 | } 191 | 192 | foreach ($result as $row) 193 | { 194 | $categories[] = array( 195 | 'id' => $row['id'], 196 | 'name' => $row['name'], 197 | 'selected' => in_array($row['id'], $selectedCategories)); 198 | } 199 | 200 | include 'form.html.php'; 201 | exit(); 202 | } 203 | 204 | if (isset($_GET['editform'])) 205 | { 206 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 207 | 208 | if ($_POST['author'] == '') 209 | { 210 | $error = 'You must choose an author for this joke. 211 | Click ‘back’ and try again.'; 212 | include 'error.html.php'; 213 | exit(); 214 | } 215 | 216 | try 217 | { 218 | $sql = 'UPDATE joke SET 219 | joketext = :joketext, 220 | authorid = :authorid 221 | WHERE id = :id'; 222 | $s = $pdo->prepare($sql); 223 | $s->bindValue(':id', $_POST['id']); 224 | $s->bindValue(':joketext', $_POST['text']); 225 | $s->bindValue(':authorid', $_POST['author']); 226 | $s->execute(); 227 | } 228 | catch (PDOException $e) 229 | { 230 | $error = 'Error updating submitted joke.'; 231 | include 'error.html.php'; 232 | exit(); 233 | } 234 | 235 | try 236 | { 237 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 238 | $s = $pdo->prepare($sql); 239 | $s->bindValue(':id', $_POST['id']); 240 | $s->execute(); 241 | } 242 | catch (PDOException $e) 243 | { 244 | $error = 'Error removing obsolete joke category entries.'; 245 | include 'error.html.php'; 246 | exit(); 247 | } 248 | 249 | if (isset($_POST['categories'])) 250 | { 251 | try 252 | { 253 | $sql = 'INSERT INTO jokecategory SET 254 | jokeid = :jokeid, 255 | categoryid = :categoryid'; 256 | $s = $pdo->prepare($sql); 257 | 258 | foreach ($_POST['categories'] as $categoryid) 259 | { 260 | $s->bindValue(':jokeid', $_POST['id']); 261 | $s->bindValue(':categoryid', $categoryid); 262 | $s->execute(); 263 | } 264 | } 265 | catch (PDOException $e) 266 | { 267 | $error = 'Error inserting joke into selected categories.'; 268 | include 'error.html.php'; 269 | exit(); 270 | } 271 | } 272 | 273 | header('Location: .'); 274 | exit(); 275 | } 276 | 277 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 278 | { 279 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 280 | 281 | // Delete category assignments for this joke 282 | try 283 | { 284 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 285 | $s = $pdo->prepare($sql); 286 | $s->bindValue(':id', $_POST['id']); 287 | $s->execute(); 288 | } 289 | catch (PDOException $e) 290 | { 291 | $error = 'Error removing joke from categories.'; 292 | include 'error.html.php'; 293 | exit(); 294 | } 295 | 296 | // Delete the joke 297 | try 298 | { 299 | $sql = 'DELETE FROM joke WHERE id = :id'; 300 | $s = $pdo->prepare($sql); 301 | $s->bindValue(':id', $_POST['id']); 302 | $s->execute(); 303 | } 304 | catch (PDOException $e) 305 | { 306 | $error = 'Error deleting joke.'; 307 | include 'error.html.php'; 308 | exit(); 309 | } 310 | 311 | header('Location: .'); 312 | exit(); 313 | } 314 | 315 | if (isset($_GET['action']) and $_GET['action'] == 'search') 316 | { 317 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 318 | 319 | // The basic SELECT statement 320 | $select = 'SELECT id, joketext'; 321 | $from = ' FROM joke'; 322 | $where = ' WHERE TRUE'; 323 | 324 | $placeholders = array(); 325 | 326 | if ($_GET['author'] != '') // An author is selected 327 | { 328 | $where .= " AND authorid = :authorid"; 329 | $placeholders[':authorid'] = $_GET['author']; 330 | } 331 | 332 | if ($_GET['category'] != '') // A category is selected 333 | { 334 | $from .= ' INNER JOIN jokecategory ON id = jokeid'; 335 | $where .= " AND categoryid = :categoryid"; 336 | $placeholders[':categoryid'] = $_GET['category']; 337 | } 338 | 339 | if ($_GET['text'] != '') // Some search text was specified 340 | { 341 | $where .= " AND joketext LIKE :joketext"; 342 | $placeholders[':joketext'] = '%' . $_GET['text'] . '%'; 343 | } 344 | 345 | try 346 | { 347 | $sql = $select . $from . $where; 348 | $s = $pdo->prepare($sql); 349 | $s->execute($placeholders); 350 | } 351 | catch (PDOException $e) 352 | { 353 | $error = 'Error fetching jokes.'; 354 | include 'error.html.php'; 355 | exit(); 356 | } 357 | 358 | foreach ($s as $row) 359 | { 360 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']); 361 | } 362 | 363 | include 'jokes.html.php'; 364 | exit(); 365 | } 366 | 367 | // Display search form 368 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 369 | 370 | try 371 | { 372 | $result = $pdo->query('SELECT id, name FROM author'); 373 | } 374 | catch (PDOException $e) 375 | { 376 | $error = 'Error fetching authors from database!'; 377 | include 'error.html.php'; 378 | exit(); 379 | } 380 | 381 | foreach ($result as $row) 382 | { 383 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 384 | } 385 | 386 | try 387 | { 388 | $result = $pdo->query('SELECT id, name FROM category'); 389 | } 390 | catch (PDOException $e) 391 | { 392 | $error = 'Error fetching categories from database!'; 393 | include 'error.html.php'; 394 | exit(); 395 | } 396 | 397 | foreach ($result as $row) 398 | { 399 | $categories[] = array('id' => $row['id'], 'name' => $row['name']); 400 | } 401 | 402 | include 'searchform.html.php'; 403 | -------------------------------------------------------------------------------- /chapter7/admin/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Jokes: Search Results 8 | 9 | 10 |

Search Results

11 | 12 | 13 | 14 | 15 | 16 | 17 | 27 | 28 | 29 |
Joke TextOptions
18 |
19 |
20 | 22 | 23 | 24 |
25 |
26 |
30 | 31 |

New search

32 |

Return to JMS home

33 | 34 | 35 | -------------------------------------------------------------------------------- /chapter7/admin/jokes/searchform.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Jokes 8 | 9 | 10 |

Manage Jokes

11 |

Add new joke

12 |
13 |

View jokes satisfying the following criteria:

14 |
15 | 16 | 23 |
24 |
25 | 26 | 33 |
34 |
35 | 36 | 37 |
38 |
39 | 40 | 41 |
42 |
43 |

Return to JMS home

44 | 45 | 46 | -------------------------------------------------------------------------------- /chapter7/includes/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter7/includes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter7/includes/helpers.inc.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | -------------------------------------------------------------------------------- /chapter7/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter7/jokes/index.php: -------------------------------------------------------------------------------- 1 | query($sql); 11 | } 12 | catch (PDOException $e) 13 | { 14 | $error = 'Error fetching jokes: ' . $e->getMessage(); 15 | include 'error.html.php'; 16 | exit(); 17 | } 18 | 19 | foreach ($result as $row) 20 | { 21 | $jokes[] = array( 22 | 'id' => $row['id'], 23 | 'text' => $row['joketext'], 24 | 'name' => $row['name'], 25 | 'email' => $row['email'] 26 | ); 27 | } 28 | 29 | include 'jokes.html.php'; 30 | -------------------------------------------------------------------------------- /chapter7/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | List of Jokes 8 | 9 | 10 |

Here are all the jokes in the database:

11 | 12 |
13 |

14 | 15 | (by ) 17 |

18 |
19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /chapter7/sql/ijdb.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE joke ( 2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 | joketext TEXT, 4 | jokedate DATE NOT NULL, 5 | authorid INT 6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 7 | 8 | CREATE TABLE author ( 9 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 10 | name VARCHAR(255), 11 | email VARCHAR(255) 12 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 13 | 14 | CREATE TABLE category ( 15 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 16 | name VARCHAR(255) 17 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 18 | 19 | CREATE TABLE jokecategory ( 20 | jokeid INT NOT NULL, 21 | categoryid INT NOT NULL, 22 | PRIMARY KEY (jokeid, categoryid) 23 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 24 | 25 | # Sample data 26 | # We specify the IDs so they are known when we add related entries 27 | 28 | INSERT INTO author (id, name, email) VALUES 29 | (1, 'Kevin Yank', 'thatguy@kevinyank.com'), 30 | (2, 'Joan Smith', 'joan@example.com'); 31 | 32 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES 33 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1), 34 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1), 35 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2), 36 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2); 37 | 38 | INSERT INTO category (id, name) VALUES 39 | (1, 'Knock-knock'), 40 | (2, 'Cross the road'), 41 | (3, 'Lawyers'), 42 | (4, 'Walk the bar'); 43 | 44 | INSERT INTO jokecategory (jokeid, categoryid) VALUES 45 | (1, 2), 46 | (2, 1), 47 | (3, 4), 48 | (4, 3); 49 | -------------------------------------------------------------------------------- /chapter8/admin/authors/authors.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Authors 8 | 9 | 10 |

Manage Authors

11 |

Add new author

12 | 27 |

Return to JMS home

28 | 29 | 30 | -------------------------------------------------------------------------------- /chapter8/admin/authors/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/admin/authors/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 9 | 10 |

11 |
12 |
13 | 15 |
16 |
17 | 19 |
20 |
21 | 23 | 24 |
25 |
26 | 27 | 28 | -------------------------------------------------------------------------------- /chapter8/admin/authors/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 28 | $s->bindValue(':name', $_POST['name']); 29 | $s->bindValue(':email', $_POST['email']); 30 | $s->execute(); 31 | } 32 | catch (PDOException $e) 33 | { 34 | $error = 'Error adding submitted author.'; 35 | include 'error.html.php'; 36 | exit(); 37 | } 38 | 39 | header('Location: .'); 40 | exit(); 41 | } 42 | 43 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 44 | { 45 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 46 | 47 | try 48 | { 49 | $sql = 'SELECT id, name, email FROM author WHERE id = :id'; 50 | $s = $pdo->prepare($sql); 51 | $s->bindValue(':id', $_POST['id']); 52 | $s->execute(); 53 | } 54 | catch (PDOException $e) 55 | { 56 | $error = 'Error fetching author details.'; 57 | include 'error.html.php'; 58 | exit(); 59 | } 60 | 61 | $row = $s->fetch(); 62 | 63 | $pageTitle = 'Edit Author'; 64 | $action = 'editform'; 65 | $name = $row['name']; 66 | $email = $row['email']; 67 | $id = $row['id']; 68 | $button = 'Update author'; 69 | 70 | include 'form.html.php'; 71 | exit(); 72 | } 73 | 74 | if (isset($_GET['editform'])) 75 | { 76 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 77 | 78 | try 79 | { 80 | $sql = 'UPDATE author SET 81 | name = :name, 82 | email = :email 83 | WHERE id = :id'; 84 | $s = $pdo->prepare($sql); 85 | $s->bindValue(':id', $_POST['id']); 86 | $s->bindValue(':name', $_POST['name']); 87 | $s->bindValue(':email', $_POST['email']); 88 | $s->execute(); 89 | } 90 | catch (PDOException $e) 91 | { 92 | $error = 'Error updating submitted author.'; 93 | include 'error.html.php'; 94 | exit(); 95 | } 96 | 97 | header('Location: .'); 98 | exit(); 99 | } 100 | 101 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 102 | { 103 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 104 | 105 | // Get jokes belonging to author 106 | try 107 | { 108 | $sql = 'SELECT id FROM joke WHERE authorid = :id'; 109 | $s = $pdo->prepare($sql); 110 | $s->bindValue(':id', $_POST['id']); 111 | $s->execute(); 112 | } 113 | catch (PDOException $e) 114 | { 115 | $error = 'Error getting list of jokes to delete.'; 116 | include 'error.html.php'; 117 | exit(); 118 | } 119 | 120 | $result = $s->fetchAll(); 121 | 122 | // Delete joke category entries 123 | try 124 | { 125 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 126 | $s = $pdo->prepare($sql); 127 | 128 | // For each joke 129 | foreach ($result as $row) 130 | { 131 | $jokeId = $row['id']; 132 | $s->bindValue(':id', $jokeId); 133 | $s->execute(); 134 | } 135 | } 136 | catch (PDOException $e) 137 | { 138 | $error = 'Error deleting category entries for joke.'; 139 | include 'error.html.php'; 140 | exit(); 141 | } 142 | 143 | // Delete jokes belonging to author 144 | try 145 | { 146 | $sql = 'DELETE FROM joke WHERE authorid = :id'; 147 | $s = $pdo->prepare($sql); 148 | $s->bindValue(':id', $_POST['id']); 149 | $s->execute(); 150 | } 151 | catch (PDOException $e) 152 | { 153 | $error = 'Error deleting jokes for author.'; 154 | include 'error.html.php'; 155 | exit(); 156 | } 157 | 158 | // Delete the author 159 | try 160 | { 161 | $sql = 'DELETE FROM author WHERE id = :id'; 162 | $s = $pdo->prepare($sql); 163 | $s->bindValue(':id', $_POST['id']); 164 | $s->execute(); 165 | } 166 | catch (PDOException $e) 167 | { 168 | $error = 'Error deleting author.'; 169 | include 'error.html.php'; 170 | exit(); 171 | } 172 | 173 | header('Location: .'); 174 | exit(); 175 | } 176 | 177 | // Display author list 178 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 179 | 180 | try 181 | { 182 | $result = $pdo->query('SELECT id, name FROM author'); 183 | } 184 | catch (PDOException $e) 185 | { 186 | $error = 'Error fetching authors from the database!'; 187 | include 'error.html.php'; 188 | exit(); 189 | } 190 | 191 | foreach ($result as $row) 192 | { 193 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 194 | } 195 | 196 | include 'authors.html.php'; 197 | -------------------------------------------------------------------------------- /chapter8/admin/categories/categories.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Categories 8 | 9 | 10 |

Manage Categories

11 |

Add new category

12 | 27 |

Return to JMS home

28 | 29 | 30 | -------------------------------------------------------------------------------- /chapter8/admin/categories/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/admin/categories/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 9 | 10 |

11 |
12 |
13 | 15 |
16 |
17 | 19 | 20 |
21 |
22 | 23 | 24 | -------------------------------------------------------------------------------- /chapter8/admin/categories/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 26 | $s->bindValue(':name', $_POST['name']); 27 | $s->execute(); 28 | } 29 | catch (PDOException $e) 30 | { 31 | $error = 'Error adding submitted category.'; 32 | include 'error.html.php'; 33 | exit(); 34 | } 35 | 36 | header('Location: .'); 37 | exit(); 38 | } 39 | 40 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 41 | { 42 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 43 | 44 | try 45 | { 46 | $sql = 'SELECT id, name FROM category WHERE id = :id'; 47 | $s = $pdo->prepare($sql); 48 | $s->bindValue(':id', $_POST['id']); 49 | $s->execute(); 50 | } 51 | catch (PDOException $e) 52 | { 53 | $error = 'Error fetching category details.'; 54 | include 'error.html.php'; 55 | exit(); 56 | } 57 | 58 | $row = $s->fetch(); 59 | 60 | $pageTitle = 'Edit Category'; 61 | $action = 'editform'; 62 | $name = $row['name']; 63 | $id = $row['id']; 64 | $button = 'Update category'; 65 | 66 | include 'form.html.php'; 67 | exit(); 68 | } 69 | 70 | if (isset($_GET['editform'])) 71 | { 72 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 73 | 74 | try 75 | { 76 | $sql = 'UPDATE category SET 77 | name = :name 78 | WHERE id = :id'; 79 | $s = $pdo->prepare($sql); 80 | $s->bindValue(':id', $_POST['id']); 81 | $s->bindValue(':name', $_POST['name']); 82 | $s->execute(); 83 | } 84 | catch (PDOException $e) 85 | { 86 | $error = 'Error updating submitted category.'; 87 | include 'error.html.php'; 88 | exit(); 89 | } 90 | 91 | header('Location: .'); 92 | exit(); 93 | } 94 | 95 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 96 | { 97 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 98 | 99 | // Delete joke associations with this category 100 | try 101 | { 102 | $sql = 'DELETE FROM jokecategory WHERE categoryid = :id'; 103 | $s = $pdo->prepare($sql); 104 | $s->bindValue(':id', $_POST['id']); 105 | $s->execute(); 106 | } 107 | catch (PDOException $e) 108 | { 109 | $error = 'Error removing jokes from category.'; 110 | include 'error.html.php'; 111 | exit(); 112 | } 113 | 114 | // Delete the category 115 | try 116 | { 117 | $sql = 'DELETE FROM category WHERE id = :id'; 118 | $s = $pdo->prepare($sql); 119 | $s->bindValue(':id', $_POST['id']); 120 | $s->execute(); 121 | } 122 | catch (PDOException $e) 123 | { 124 | $error = 'Error deleting category.'; 125 | include 'error.html.php'; 126 | exit(); 127 | } 128 | 129 | header('Location: .'); 130 | exit(); 131 | } 132 | 133 | // Display category list 134 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 135 | 136 | try 137 | { 138 | $result = $pdo->query('SELECT id, name FROM category'); 139 | } 140 | catch (PDOException $e) 141 | { 142 | $error = 'Error fetching categories from database!'; 143 | include 'error.html.php'; 144 | exit(); 145 | } 146 | 147 | foreach ($result as $row) 148 | { 149 | $categories[] = array('id' => $row['id'], 'name' => $row['name']); 150 | } 151 | 152 | include 'categories.html.php'; 153 | -------------------------------------------------------------------------------- /chapter8/admin/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Joke CMS 6 | 7 | 8 |

Joke Management System

9 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /chapter8/admin/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/admin/jokes/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 14 | 15 | 16 |

17 |
18 |
19 | 20 | 22 |
23 |
24 | 25 | 36 |
37 |
38 | Categories: 39 | 40 |
49 | 50 |
51 |
52 | 54 | 55 |
56 |
57 | 58 | 59 | -------------------------------------------------------------------------------- /chapter8/admin/jokes/index.php: -------------------------------------------------------------------------------- 1 | query('SELECT id, name FROM author'); 20 | } 21 | catch (PDOException $e) 22 | { 23 | $error = 'Error fetching list of authors.'; 24 | include 'error.html.php'; 25 | exit(); 26 | } 27 | 28 | foreach ($result as $row) 29 | { 30 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 31 | } 32 | 33 | // Build the list of categories 34 | try 35 | { 36 | $result = $pdo->query('SELECT id, name FROM category'); 37 | } 38 | catch (PDOException $e) 39 | { 40 | $error = 'Error fetching list of categories.'; 41 | include 'error.html.php'; 42 | exit(); 43 | } 44 | 45 | foreach ($result as $row) 46 | { 47 | $categories[] = array( 48 | 'id' => $row['id'], 49 | 'name' => $row['name'], 50 | 'selected' => FALSE); 51 | } 52 | 53 | include 'form.html.php'; 54 | exit(); 55 | } 56 | 57 | if (isset($_GET['addform'])) 58 | { 59 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 60 | 61 | if ($_POST['author'] == '') 62 | { 63 | $error = 'You must choose an author for this joke. 64 | Click ‘back’ and try again.'; 65 | include 'error.html.php'; 66 | exit(); 67 | } 68 | 69 | try 70 | { 71 | $sql = 'INSERT INTO joke SET 72 | joketext = :joketext, 73 | jokedate = CURDATE(), 74 | authorid = :authorid'; 75 | $s = $pdo->prepare($sql); 76 | $s->bindValue(':joketext', $_POST['text']); 77 | $s->bindValue(':authorid', $_POST['author']); 78 | $s->execute(); 79 | } 80 | catch (PDOException $e) 81 | { 82 | $error = 'Error adding submitted joke.'; 83 | include 'error.html.php'; 84 | exit(); 85 | } 86 | 87 | $jokeid = $pdo->lastInsertId(); 88 | 89 | if (isset($_POST['categories'])) 90 | { 91 | try 92 | { 93 | $sql = 'INSERT INTO jokecategory SET 94 | jokeid = :jokeid, 95 | categoryid = :categoryid'; 96 | $s = $pdo->prepare($sql); 97 | 98 | foreach ($_POST['categories'] as $categoryid) 99 | { 100 | $s->bindValue(':jokeid', $jokeid); 101 | $s->bindValue(':categoryid', $categoryid); 102 | $s->execute(); 103 | } 104 | } 105 | catch (PDOException $e) 106 | { 107 | $error = 'Error inserting joke into selected categories.'; 108 | include 'error.html.php'; 109 | exit(); 110 | } 111 | } 112 | 113 | header('Location: .'); 114 | exit(); 115 | } 116 | 117 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 118 | { 119 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 120 | 121 | try 122 | { 123 | $sql = 'SELECT id, joketext, authorid FROM joke WHERE id = :id'; 124 | $s = $pdo->prepare($sql); 125 | $s->bindValue(':id', $_POST['id']); 126 | $s->execute(); 127 | } 128 | catch (PDOException $e) 129 | { 130 | $error = 'Error fetching joke details.'; 131 | include 'error.html.php'; 132 | exit(); 133 | } 134 | $row = $s->fetch(); 135 | 136 | $pageTitle = 'Edit Joke'; 137 | $action = 'editform'; 138 | $text = $row['joketext']; 139 | $authorid = $row['authorid']; 140 | $id = $row['id']; 141 | $button = 'Update joke'; 142 | 143 | // Build the list of authors 144 | try 145 | { 146 | $result = $pdo->query('SELECT id, name FROM author'); 147 | } 148 | catch (PDOException $e) 149 | { 150 | $error = 'Error fetching list of authors.'; 151 | include 'error.html.php'; 152 | exit(); 153 | } 154 | 155 | foreach ($result as $row) 156 | { 157 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 158 | } 159 | 160 | // Get list of categories containing this joke 161 | try 162 | { 163 | $sql = 'SELECT categoryid FROM jokecategory WHERE jokeid = :id'; 164 | $s = $pdo->prepare($sql); 165 | $s->bindValue(':id', $id); 166 | $s->execute(); 167 | } 168 | catch (PDOException $e) 169 | { 170 | $error = 'Error fetching list of selected categories.'; 171 | include 'error.html.php'; 172 | exit(); 173 | } 174 | 175 | foreach ($s as $row) 176 | { 177 | $selectedCategories[] = $row['categoryid']; 178 | } 179 | 180 | // Build the list of all categories 181 | try 182 | { 183 | $result = $pdo->query('SELECT id, name FROM category'); 184 | } 185 | catch (PDOException $e) 186 | { 187 | $error = 'Error fetching list of categories.'; 188 | include 'error.html.php'; 189 | exit(); 190 | } 191 | 192 | foreach ($result as $row) 193 | { 194 | $categories[] = array( 195 | 'id' => $row['id'], 196 | 'name' => $row['name'], 197 | 'selected' => in_array($row['id'], $selectedCategories)); 198 | } 199 | 200 | include 'form.html.php'; 201 | exit(); 202 | } 203 | 204 | if (isset($_GET['editform'])) 205 | { 206 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 207 | 208 | if ($_POST['author'] == '') 209 | { 210 | $error = 'You must choose an author for this joke. 211 | Click ‘back’ and try again.'; 212 | include 'error.html.php'; 213 | exit(); 214 | } 215 | 216 | try 217 | { 218 | $sql = 'UPDATE joke SET 219 | joketext = :joketext, 220 | authorid = :authorid 221 | WHERE id = :id'; 222 | $s = $pdo->prepare($sql); 223 | $s->bindValue(':id', $_POST['id']); 224 | $s->bindValue(':joketext', $_POST['text']); 225 | $s->bindValue(':authorid', $_POST['author']); 226 | $s->execute(); 227 | } 228 | catch (PDOException $e) 229 | { 230 | $error = 'Error updating submitted joke.'; 231 | include 'error.html.php'; 232 | exit(); 233 | } 234 | 235 | try 236 | { 237 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 238 | $s = $pdo->prepare($sql); 239 | $s->bindValue(':id', $_POST['id']); 240 | $s->execute(); 241 | } 242 | catch (PDOException $e) 243 | { 244 | $error = 'Error removing obsolete joke category entries.'; 245 | include 'error.html.php'; 246 | exit(); 247 | } 248 | 249 | if (isset($_POST['categories'])) 250 | { 251 | try 252 | { 253 | $sql = 'INSERT INTO jokecategory SET 254 | jokeid = :jokeid, 255 | categoryid = :categoryid'; 256 | $s = $pdo->prepare($sql); 257 | 258 | foreach ($_POST['categories'] as $categoryid) 259 | { 260 | $s->bindValue(':jokeid', $_POST['id']); 261 | $s->bindValue(':categoryid', $categoryid); 262 | $s->execute(); 263 | } 264 | } 265 | catch (PDOException $e) 266 | { 267 | $error = 'Error inserting joke into selected categories.'; 268 | include 'error.html.php'; 269 | exit(); 270 | } 271 | } 272 | 273 | header('Location: .'); 274 | exit(); 275 | } 276 | 277 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 278 | { 279 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 280 | 281 | // Delete category assignments for this joke 282 | try 283 | { 284 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 285 | $s = $pdo->prepare($sql); 286 | $s->bindValue(':id', $_POST['id']); 287 | $s->execute(); 288 | } 289 | catch (PDOException $e) 290 | { 291 | $error = 'Error removing joke from categories.'; 292 | include 'error.html.php'; 293 | exit(); 294 | } 295 | 296 | // Delete the joke 297 | try 298 | { 299 | $sql = 'DELETE FROM joke WHERE id = :id'; 300 | $s = $pdo->prepare($sql); 301 | $s->bindValue(':id', $_POST['id']); 302 | $s->execute(); 303 | } 304 | catch (PDOException $e) 305 | { 306 | $error = 'Error deleting joke.'; 307 | include 'error.html.php'; 308 | exit(); 309 | } 310 | 311 | header('Location: .'); 312 | exit(); 313 | } 314 | 315 | if (isset($_GET['action']) and $_GET['action'] == 'search') 316 | { 317 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 318 | 319 | // The basic SELECT statement 320 | $select = 'SELECT id, joketext'; 321 | $from = ' FROM joke'; 322 | $where = ' WHERE TRUE'; 323 | 324 | $placeholders = array(); 325 | 326 | if ($_GET['author'] != '') // An author is selected 327 | { 328 | $where .= " AND authorid = :authorid"; 329 | $placeholders[':authorid'] = $_GET['author']; 330 | } 331 | 332 | if ($_GET['category'] != '') // A category is selected 333 | { 334 | $from .= ' INNER JOIN jokecategory ON id = jokeid'; 335 | $where .= " AND categoryid = :categoryid"; 336 | $placeholders[':categoryid'] = $_GET['category']; 337 | } 338 | 339 | if ($_GET['text'] != '') // Some search text was specified 340 | { 341 | $where .= " AND joketext LIKE :joketext"; 342 | $placeholders[':joketext'] = '%' . $_GET['text'] . '%'; 343 | } 344 | 345 | try 346 | { 347 | $sql = $select . $from . $where; 348 | $s = $pdo->prepare($sql); 349 | $s->execute($placeholders); 350 | } 351 | catch (PDOException $e) 352 | { 353 | $error = 'Error fetching jokes.'; 354 | include 'error.html.php'; 355 | exit(); 356 | } 357 | 358 | foreach ($s as $row) 359 | { 360 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']); 361 | } 362 | 363 | include 'jokes.html.php'; 364 | exit(); 365 | } 366 | 367 | // Display search form 368 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 369 | 370 | try 371 | { 372 | $result = $pdo->query('SELECT id, name FROM author'); 373 | } 374 | catch (PDOException $e) 375 | { 376 | $error = 'Error fetching authors from database!'; 377 | include 'error.html.php'; 378 | exit(); 379 | } 380 | 381 | foreach ($result as $row) 382 | { 383 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 384 | } 385 | 386 | try 387 | { 388 | $result = $pdo->query('SELECT id, name FROM category'); 389 | } 390 | catch (PDOException $e) 391 | { 392 | $error = 'Error fetching categories from database!'; 393 | include 'error.html.php'; 394 | exit(); 395 | } 396 | 397 | foreach ($result as $row) 398 | { 399 | $categories[] = array('id' => $row['id'], 'name' => $row['name']); 400 | } 401 | 402 | include 'searchform.html.php'; 403 | -------------------------------------------------------------------------------- /chapter8/admin/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Jokes: Search Results 8 | 9 | 10 |

Search Results

11 | 12 | 13 | 14 | 15 | 16 | 17 | 27 | 28 | 29 |
Joke TextOptions
18 |
19 |
20 | 22 | 23 | 24 |
25 |
26 |
30 | 31 |

New search

32 |

Return to JMS home

33 | 34 | 35 | -------------------------------------------------------------------------------- /chapter8/admin/jokes/searchform.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Jokes 8 | 9 | 10 |

Manage Jokes

11 |

Add new joke

12 |
13 |

View jokes satisfying the following criteria:

14 |
15 | 16 | 23 |
24 |
25 | 26 | 33 |
34 |
35 | 36 | 37 |
38 |
39 | 40 | 41 |
42 |
43 |

Return to JMS home

44 | 45 | 46 | -------------------------------------------------------------------------------- /chapter8/includes/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter8/includes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/includes/helpers.inc.php: -------------------------------------------------------------------------------- 1 | $1', $text); 18 | $text = preg_replace('/\*\*(.+?)\*\*/s', '$1', $text); 19 | 20 | // emphasis 21 | $text = preg_replace('/_([^_]+)_/', '$1', $text); 22 | $text = preg_replace('/\*([^\*]+)\*/', '$1', $text); 23 | 24 | // Convert Windows (\r\n) to Unix (\n) 25 | $text = str_replace("\r\n", "\n", $text); 26 | // Convert Macintosh (\r) to Unix (\n) 27 | $text = str_replace("\r", "\n", $text); 28 | 29 | // Paragraphs 30 | $text = '

' . str_replace("\n\n", '

', $text) . '

'; 31 | // Line breaks 32 | $text = str_replace("\n", '
', $text); 33 | 34 | // [linked text](link URL) 35 | $text = preg_replace( 36 | '/\[([^\]]+)]\(([-a-z0-9._~:\/?#@!$&\'()*+,;=%]+)\)/i', 37 | '$1', $text); 38 | 39 | return $text; 40 | } 41 | 42 | function markdownout($text) 43 | { 44 | echo markdown2html($text); 45 | } 46 | -------------------------------------------------------------------------------- /chapter8/includes/magicquotes.inc.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | -------------------------------------------------------------------------------- /chapter8/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/jokes/index.php: -------------------------------------------------------------------------------- 1 | query($sql); 11 | } 12 | catch (PDOException $e) 13 | { 14 | $error = 'Error fetching jokes: ' . $e->getMessage(); 15 | include 'error.html.php'; 16 | exit(); 17 | } 18 | 19 | foreach ($result as $row) 20 | { 21 | $jokes[] = array( 22 | 'id' => $row['id'], 23 | 'text' => $row['joketext'], 24 | 'name' => $row['name'], 25 | 'email' => $row['email'] 26 | ); 27 | } 28 | 29 | include 'jokes.html.php'; 30 | -------------------------------------------------------------------------------- /chapter8/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | List of Jokes 8 | 9 | 10 |

Here are all the jokes in the database:

11 | 12 |
13 |

14 | 15 | (by ) 17 |

18 |
19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /chapter8/preg_match1/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Output 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/preg_match2/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Output 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter8/sql/ijdb.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE joke ( 2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 | joketext TEXT, 4 | jokedate DATE NOT NULL, 5 | authorid INT 6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 7 | 8 | CREATE TABLE author ( 9 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 10 | name VARCHAR(255), 11 | email VARCHAR(255) 12 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 13 | 14 | CREATE TABLE category ( 15 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 16 | name VARCHAR(255) 17 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 18 | 19 | CREATE TABLE jokecategory ( 20 | jokeid INT NOT NULL, 21 | categoryid INT NOT NULL, 22 | PRIMARY KEY (jokeid, categoryid) 23 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 24 | 25 | # Sample data 26 | # We specify the IDs so they are known when we add related entries 27 | 28 | INSERT INTO author (id, name, email) VALUES 29 | (1, 'Kevin Yank', 'thatguy@kevinyank.com'), 30 | (2, 'Joan Smith', 'joan@example.com'); 31 | 32 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES 33 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1), 34 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1), 35 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2), 36 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2); 37 | 38 | INSERT INTO category (id, name) VALUES 39 | (1, 'Knock-knock'), 40 | (2, 'Cross the road'), 41 | (3, 'Lawyers'), 42 | (4, 'Walk the bar'); 43 | 44 | INSERT INTO jokecategory (jokeid, categoryid) VALUES 45 | (1, 2), 46 | (2, 1), 47 | (3, 4), 48 | (4, 3); 49 | -------------------------------------------------------------------------------- /chapter9/admin/accessdenied.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Access Denied 8 | 9 | 10 |

Access Denied

11 |

12 | 13 | 14 | -------------------------------------------------------------------------------- /chapter9/admin/authors/authors.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Authors 8 | 9 | 10 |

Manage Authors

11 |

Add new author

12 | 27 |

Return to JMS home

28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /chapter9/admin/authors/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter9/admin/authors/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 9 | 10 |

11 |
12 |
13 | 15 |
16 |
17 | 19 |
20 |
21 | 23 |
24 |
25 | Roles: 26 | 27 |
28 | : 36 | 37 |
38 | 39 |
40 |
41 | 43 | 44 |
45 |
46 | 47 | 48 | -------------------------------------------------------------------------------- /chapter9/admin/authors/index.php: -------------------------------------------------------------------------------- 1 | query('SELECT id, description FROM role'); 35 | } 36 | catch (PDOException $e) 37 | { 38 | $error = 'Error fetching list of roles.'; 39 | include 'error.html.php'; 40 | exit(); 41 | } 42 | 43 | foreach ($result as $row) 44 | { 45 | $roles[] = array( 46 | 'id' => $row['id'], 47 | 'description' => $row['description'], 48 | 'selected' => FALSE); 49 | } 50 | 51 | include 'form.html.php'; 52 | exit(); 53 | } 54 | 55 | if (isset($_GET['addform'])) 56 | { 57 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 58 | 59 | try 60 | { 61 | $sql = 'INSERT INTO author SET 62 | name = :name, 63 | email = :email'; 64 | $s = $pdo->prepare($sql); 65 | $s->bindValue(':name', $_POST['name']); 66 | $s->bindValue(':email', $_POST['email']); 67 | $s->execute(); 68 | } 69 | catch (PDOException $e) 70 | { 71 | $error = 'Error adding submitted author.'; 72 | include 'error.html.php'; 73 | exit(); 74 | } 75 | 76 | $authorid = $pdo->lastInsertId(); 77 | 78 | if ($_POST['password'] != '') 79 | { 80 | $password = md5($_POST['password'] . 'ijdb'); 81 | 82 | try 83 | { 84 | $sql = 'UPDATE author SET 85 | password = :password 86 | WHERE id = :id'; 87 | $s = $pdo->prepare($sql); 88 | $s->bindValue(':password', $password); 89 | $s->bindValue(':id', $authorid); 90 | $s->execute(); 91 | } 92 | catch (PDOException $e) 93 | { 94 | $error = 'Error setting author password.'; 95 | include 'error.html.php'; 96 | exit(); 97 | } 98 | } 99 | 100 | if (isset($_POST['roles'])) 101 | { 102 | foreach ($_POST['roles'] as $role) 103 | { 104 | try 105 | { 106 | $sql = 'INSERT INTO authorrole SET 107 | authorid = :authorid, 108 | roleid = :roleid'; 109 | $s = $pdo->prepare($sql); 110 | $s->bindValue(':authorid', $authorid); 111 | $s->bindValue(':roleid', $role); 112 | $s->execute(); 113 | } 114 | catch (PDOException $e) 115 | { 116 | $error = 'Error assigning selected role to author.'; 117 | include 'error.html.php'; 118 | exit(); 119 | } 120 | } 121 | } 122 | 123 | header('Location: .'); 124 | exit(); 125 | } 126 | 127 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 128 | { 129 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 130 | 131 | try 132 | { 133 | $sql = 'SELECT id, name, email FROM author WHERE id = :id'; 134 | $s = $pdo->prepare($sql); 135 | $s->bindValue(':id', $_POST['id']); 136 | $s->execute(); 137 | } 138 | catch (PDOException $e) 139 | { 140 | $error = 'Error fetching author details.'; 141 | include 'error.html.php'; 142 | exit(); 143 | } 144 | 145 | $row = $s->fetch(); 146 | 147 | $pageTitle = 'Edit Author'; 148 | $action = 'editform'; 149 | $name = $row['name']; 150 | $email = $row['email']; 151 | $id = $row['id']; 152 | $button = 'Update author'; 153 | 154 | // Get list of roles assigned to this author 155 | try 156 | { 157 | $sql = 'SELECT roleid FROM authorrole WHERE authorid = :id'; 158 | $s = $pdo->prepare($sql); 159 | $s->bindValue(':id', $id); 160 | $s->execute(); 161 | } 162 | catch (PDOException $e) 163 | { 164 | $error = 'Error fetching list of assigned roles.'; 165 | include 'error.html.php'; 166 | exit(); 167 | } 168 | 169 | $selectedRoles = array(); 170 | foreach ($s as $row) 171 | { 172 | $selectedRoles[] = $row['roleid']; 173 | } 174 | 175 | // Build the list of all roles 176 | try 177 | { 178 | $result = $pdo->query('SELECT id, description FROM role'); 179 | } 180 | catch (PDOException $e) 181 | { 182 | $error = 'Error fetching list of roles.'; 183 | include 'error.html.php'; 184 | exit(); 185 | } 186 | 187 | foreach ($result as $row) 188 | { 189 | $roles[] = array( 190 | 'id' => $row['id'], 191 | 'description' => $row['description'], 192 | 'selected' => in_array($row['id'], $selectedRoles)); 193 | } 194 | 195 | include 'form.html.php'; 196 | exit(); 197 | } 198 | 199 | if (isset($_GET['editform'])) 200 | { 201 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 202 | 203 | try 204 | { 205 | $sql = 'UPDATE author SET 206 | name = :name, 207 | email = :email 208 | WHERE id = :id'; 209 | $s = $pdo->prepare($sql); 210 | $s->bindValue(':id', $_POST['id']); 211 | $s->bindValue(':name', $_POST['name']); 212 | $s->bindValue(':email', $_POST['email']); 213 | $s->execute(); 214 | } 215 | catch (PDOException $e) 216 | { 217 | $error = 'Error updating submitted author.'; 218 | include 'error.html.php'; 219 | exit(); 220 | } 221 | 222 | if ($_POST['password'] != '') 223 | { 224 | $password = md5($_POST['password'] . 'ijdb'); 225 | 226 | try 227 | { 228 | $sql = 'UPDATE author SET 229 | password = :password 230 | WHERE id = :id'; 231 | $s = $pdo->prepare($sql); 232 | $s->bindValue(':password', $password); 233 | $s->bindValue(':id', $_POST['id']); 234 | $s->execute(); 235 | } 236 | catch (PDOException $e) 237 | { 238 | $error = 'Error setting author password.'; 239 | include 'error.html.php'; 240 | exit(); 241 | } 242 | } 243 | 244 | try 245 | { 246 | $sql = 'DELETE FROM authorrole WHERE authorid = :id'; 247 | $s = $pdo->prepare($sql); 248 | $s->bindValue(':id', $_POST['id']); 249 | $s->execute(); 250 | } 251 | catch (PDOException $e) 252 | { 253 | $error = 'Error removing obsolete author role entries.'; 254 | include 'error.html.php'; 255 | exit(); 256 | } 257 | 258 | if (isset($_POST['roles'])) 259 | { 260 | foreach ($_POST['roles'] as $role) 261 | { 262 | try 263 | { 264 | $sql = 'INSERT INTO authorrole SET 265 | authorid = :authorid, 266 | roleid = :roleid'; 267 | $s = $pdo->prepare($sql); 268 | $s->bindValue(':authorid', $_POST['id']); 269 | $s->bindValue(':roleid', $role); 270 | $s->execute(); 271 | } 272 | catch (PDOException $e) 273 | { 274 | $error = 'Error assigning selected role to author.'; 275 | include 'error.html.php'; 276 | exit(); 277 | } 278 | } 279 | } 280 | 281 | header('Location: .'); 282 | exit(); 283 | } 284 | 285 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 286 | { 287 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 288 | 289 | // Delete role assignments for this author 290 | try 291 | { 292 | $sql = 'DELETE FROM authorrole WHERE authorid = :id'; 293 | $s = $pdo->prepare($sql); 294 | $s->bindValue(':id', $_POST['id']); 295 | $s->execute(); 296 | } 297 | catch (PDOException $e) 298 | { 299 | $error = 'Error removing author from roles.'; 300 | include 'error.html.php'; 301 | exit(); 302 | } 303 | 304 | // Get jokes belonging to author 305 | try 306 | { 307 | $sql = 'SELECT id FROM joke WHERE authorid = :id'; 308 | $s = $pdo->prepare($sql); 309 | $s->bindValue(':id', $_POST['id']); 310 | $s->execute(); 311 | } 312 | catch (PDOException $e) 313 | { 314 | $error = 'Error getting list of jokes to delete.'; 315 | include 'error.html.php'; 316 | exit(); 317 | } 318 | 319 | $result = $s->fetchAll(); 320 | 321 | // Delete joke category entries 322 | try 323 | { 324 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 325 | $s = $pdo->prepare($sql); 326 | 327 | // For each joke 328 | foreach ($result as $row) 329 | { 330 | $jokeId = $row['id']; 331 | $s->bindValue(':id', $jokeId); 332 | $s->execute(); 333 | } 334 | } 335 | catch (PDOException $e) 336 | { 337 | $error = 'Error deleting category entries for joke.'; 338 | include 'error.html.php'; 339 | exit(); 340 | } 341 | 342 | // Delete jokes belonging to author 343 | try 344 | { 345 | $sql = 'DELETE FROM joke WHERE authorid = :id'; 346 | $s = $pdo->prepare($sql); 347 | $s->bindValue(':id', $_POST['id']); 348 | $s->execute(); 349 | } 350 | catch (PDOException $e) 351 | { 352 | $error = 'Error deleting jokes for author.'; 353 | include 'error.html.php'; 354 | exit(); 355 | } 356 | 357 | // Delete the author 358 | try 359 | { 360 | $sql = 'DELETE FROM author WHERE id = :id'; 361 | $s = $pdo->prepare($sql); 362 | $s->bindValue(':id', $_POST['id']); 363 | $s->execute(); 364 | } 365 | catch (PDOException $e) 366 | { 367 | $error = 'Error deleting author.'; 368 | include 'error.html.php'; 369 | exit(); 370 | } 371 | 372 | header('Location: .'); 373 | exit(); 374 | } 375 | 376 | // Display author list 377 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 378 | 379 | try 380 | { 381 | $result = $pdo->query('SELECT id, name FROM author'); 382 | } 383 | catch (PDOException $e) 384 | { 385 | $error = 'Error fetching authors from the database!'; 386 | include 'error.html.php'; 387 | exit(); 388 | } 389 | 390 | foreach ($result as $row) 391 | { 392 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 393 | } 394 | 395 | include 'authors.html.php'; 396 | -------------------------------------------------------------------------------- /chapter9/admin/categories/categories.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Categories 8 | 9 | 10 |

Manage Categories

11 |

Add new category

12 | 27 |

Return to JMS home

28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /chapter9/admin/categories/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter9/admin/categories/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 9 | 10 |

11 |
12 |
13 | 15 |
16 |
17 | 19 | 20 |
21 |
22 | 23 | 24 | -------------------------------------------------------------------------------- /chapter9/admin/categories/index.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 41 | $s->bindValue(':name', $_POST['name']); 42 | $s->execute(); 43 | } 44 | catch (PDOException $e) 45 | { 46 | $error = 'Error adding submitted category.'; 47 | include 'error.html.php'; 48 | exit(); 49 | } 50 | 51 | header('Location: .'); 52 | exit(); 53 | } 54 | 55 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 56 | { 57 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 58 | 59 | try 60 | { 61 | $sql = 'SELECT id, name FROM category WHERE id = :id'; 62 | $s = $pdo->prepare($sql); 63 | $s->bindValue(':id', $_POST['id']); 64 | $s->execute(); 65 | } 66 | catch (PDOException $e) 67 | { 68 | $error = 'Error fetching category details.'; 69 | include 'error.html.php'; 70 | exit(); 71 | } 72 | 73 | $row = $s->fetch(); 74 | 75 | $pageTitle = 'Edit Category'; 76 | $action = 'editform'; 77 | $name = $row['name']; 78 | $id = $row['id']; 79 | $button = 'Update category'; 80 | 81 | include 'form.html.php'; 82 | exit(); 83 | } 84 | 85 | if (isset($_GET['editform'])) 86 | { 87 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 88 | 89 | try 90 | { 91 | $sql = 'UPDATE category SET 92 | name = :name 93 | WHERE id = :id'; 94 | $s = $pdo->prepare($sql); 95 | $s->bindValue(':id', $_POST['id']); 96 | $s->bindValue(':name', $_POST['name']); 97 | $s->execute(); 98 | } 99 | catch (PDOException $e) 100 | { 101 | $error = 'Error updating submitted category.'; 102 | include 'error.html.php'; 103 | exit(); 104 | } 105 | 106 | header('Location: .'); 107 | exit(); 108 | } 109 | 110 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 111 | { 112 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 113 | 114 | // Delete joke associations with this category 115 | try 116 | { 117 | $sql = 'DELETE FROM jokecategory WHERE categoryid = :id'; 118 | $s = $pdo->prepare($sql); 119 | $s->bindValue(':id', $_POST['id']); 120 | $s->execute(); 121 | } 122 | catch (PDOException $e) 123 | { 124 | $error = 'Error removing jokes from category.'; 125 | include 'error.html.php'; 126 | exit(); 127 | } 128 | 129 | // Delete the category 130 | try 131 | { 132 | $sql = 'DELETE FROM category WHERE id = :id'; 133 | $s = $pdo->prepare($sql); 134 | $s->bindValue(':id', $_POST['id']); 135 | $s->execute(); 136 | } 137 | catch (PDOException $e) 138 | { 139 | $error = 'Error deleting category.'; 140 | include 'error.html.php'; 141 | exit(); 142 | } 143 | 144 | header('Location: .'); 145 | exit(); 146 | } 147 | 148 | // Display category list 149 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 150 | 151 | try 152 | { 153 | $result = $pdo->query('SELECT id, name FROM category'); 154 | } 155 | catch (PDOException $e) 156 | { 157 | $error = 'Error fetching categories from database!'; 158 | include 'error.html.php'; 159 | exit(); 160 | } 161 | 162 | foreach ($result as $row) 163 | { 164 | $categories[] = array('id' => $row['id'], 'name' => $row['name']); 165 | } 166 | 167 | include 'categories.html.php'; 168 | -------------------------------------------------------------------------------- /chapter9/admin/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Joke CMS 6 | 7 | 8 |

Joke Management System

9 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /chapter9/admin/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter9/admin/jokes/form.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | <?php htmlout($pageTitle); ?> 8 | 14 | 15 | 16 |

17 |
18 |
19 | 20 | 22 |
23 |
24 | 25 | 36 |
37 |
38 | Categories: 39 | 40 |
49 | 50 |
51 |
52 | 54 | 55 |
56 |
57 | 58 | 59 | -------------------------------------------------------------------------------- /chapter9/admin/jokes/index.php: -------------------------------------------------------------------------------- 1 | query('SELECT id, name FROM author'); 35 | } 36 | catch (PDOException $e) 37 | { 38 | $error = 'Error fetching list of authors.'; 39 | include 'error.html.php'; 40 | exit(); 41 | } 42 | 43 | foreach ($result as $row) 44 | { 45 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 46 | } 47 | 48 | // Build the list of categories 49 | try 50 | { 51 | $result = $pdo->query('SELECT id, name FROM category'); 52 | } 53 | catch (PDOException $e) 54 | { 55 | $error = 'Error fetching list of categories.'; 56 | include 'error.html.php'; 57 | exit(); 58 | } 59 | 60 | foreach ($result as $row) 61 | { 62 | $categories[] = array( 63 | 'id' => $row['id'], 64 | 'name' => $row['name'], 65 | 'selected' => FALSE); 66 | } 67 | 68 | include 'form.html.php'; 69 | exit(); 70 | } 71 | 72 | if (isset($_GET['addform'])) 73 | { 74 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 75 | 76 | if ($_POST['author'] == '') 77 | { 78 | $error = 'You must choose an author for this joke. 79 | Click ‘back’ and try again.'; 80 | include 'error.html.php'; 81 | exit(); 82 | } 83 | 84 | try 85 | { 86 | $sql = 'INSERT INTO joke SET 87 | joketext = :joketext, 88 | jokedate = CURDATE(), 89 | authorid = :authorid'; 90 | $s = $pdo->prepare($sql); 91 | $s->bindValue(':joketext', $_POST['text']); 92 | $s->bindValue(':authorid', $_POST['author']); 93 | $s->execute(); 94 | } 95 | catch (PDOException $e) 96 | { 97 | $error = 'Error adding submitted joke.'; 98 | include 'error.html.php'; 99 | exit(); 100 | } 101 | 102 | $jokeid = $pdo->lastInsertId(); 103 | 104 | if (isset($_POST['categories'])) 105 | { 106 | try 107 | { 108 | $sql = 'INSERT INTO jokecategory SET 109 | jokeid = :jokeid, 110 | categoryid = :categoryid'; 111 | $s = $pdo->prepare($sql); 112 | 113 | foreach ($_POST['categories'] as $categoryid) 114 | { 115 | $s->bindValue(':jokeid', $jokeid); 116 | $s->bindValue(':categoryid', $categoryid); 117 | $s->execute(); 118 | } 119 | } 120 | catch (PDOException $e) 121 | { 122 | $error = 'Error inserting joke into selected categories.'; 123 | include 'error.html.php'; 124 | exit(); 125 | } 126 | } 127 | 128 | header('Location: .'); 129 | exit(); 130 | } 131 | 132 | if (isset($_POST['action']) and $_POST['action'] == 'Edit') 133 | { 134 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 135 | 136 | try 137 | { 138 | $sql = 'SELECT id, joketext, authorid FROM joke WHERE id = :id'; 139 | $s = $pdo->prepare($sql); 140 | $s->bindValue(':id', $_POST['id']); 141 | $s->execute(); 142 | } 143 | catch (PDOException $e) 144 | { 145 | $error = 'Error fetching joke details.'; 146 | include 'error.html.php'; 147 | exit(); 148 | } 149 | $row = $s->fetch(); 150 | 151 | $pageTitle = 'Edit Joke'; 152 | $action = 'editform'; 153 | $text = $row['joketext']; 154 | $authorid = $row['authorid']; 155 | $id = $row['id']; 156 | $button = 'Update joke'; 157 | 158 | // Build the list of authors 159 | try 160 | { 161 | $result = $pdo->query('SELECT id, name FROM author'); 162 | } 163 | catch (PDOException $e) 164 | { 165 | $error = 'Error fetching list of authors.'; 166 | include 'error.html.php'; 167 | exit(); 168 | } 169 | 170 | foreach ($result as $row) 171 | { 172 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 173 | } 174 | 175 | // Get list of categories containing this joke 176 | try 177 | { 178 | $sql = 'SELECT categoryid FROM jokecategory WHERE jokeid = :id'; 179 | $s = $pdo->prepare($sql); 180 | $s->bindValue(':id', $id); 181 | $s->execute(); 182 | } 183 | catch (PDOException $e) 184 | { 185 | $error = 'Error fetching list of selected categories.'; 186 | include 'error.html.php'; 187 | exit(); 188 | } 189 | 190 | foreach ($s as $row) 191 | { 192 | $selectedCategories[] = $row['categoryid']; 193 | } 194 | 195 | // Build the list of all categories 196 | try 197 | { 198 | $result = $pdo->query('SELECT id, name FROM category'); 199 | } 200 | catch (PDOException $e) 201 | { 202 | $error = 'Error fetching list of categories.'; 203 | include 'error.html.php'; 204 | exit(); 205 | } 206 | 207 | foreach ($result as $row) 208 | { 209 | $categories[] = array( 210 | 'id' => $row['id'], 211 | 'name' => $row['name'], 212 | 'selected' => in_array($row['id'], $selectedCategories)); 213 | } 214 | 215 | include 'form.html.php'; 216 | exit(); 217 | } 218 | 219 | if (isset($_GET['editform'])) 220 | { 221 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 222 | 223 | if ($_POST['author'] == '') 224 | { 225 | $error = 'You must choose an author for this joke. 226 | Click ‘back’ and try again.'; 227 | include 'error.html.php'; 228 | exit(); 229 | } 230 | 231 | try 232 | { 233 | $sql = 'UPDATE joke SET 234 | joketext = :joketext, 235 | authorid = :authorid 236 | WHERE id = :id'; 237 | $s = $pdo->prepare($sql); 238 | $s->bindValue(':id', $_POST['id']); 239 | $s->bindValue(':joketext', $_POST['text']); 240 | $s->bindValue(':authorid', $_POST['author']); 241 | $s->execute(); 242 | } 243 | catch (PDOException $e) 244 | { 245 | $error = 'Error updating submitted joke.'; 246 | include 'error.html.php'; 247 | exit(); 248 | } 249 | 250 | try 251 | { 252 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 253 | $s = $pdo->prepare($sql); 254 | $s->bindValue(':id', $_POST['id']); 255 | $s->execute(); 256 | } 257 | catch (PDOException $e) 258 | { 259 | $error = 'Error removing obsolete joke category entries.'; 260 | include 'error.html.php'; 261 | exit(); 262 | } 263 | 264 | if (isset($_POST['categories'])) 265 | { 266 | try 267 | { 268 | $sql = 'INSERT INTO jokecategory SET 269 | jokeid = :jokeid, 270 | categoryid = :categoryid'; 271 | $s = $pdo->prepare($sql); 272 | 273 | foreach ($_POST['categories'] as $categoryid) 274 | { 275 | $s->bindValue(':jokeid', $_POST['id']); 276 | $s->bindValue(':categoryid', $categoryid); 277 | $s->execute(); 278 | } 279 | } 280 | catch (PDOException $e) 281 | { 282 | $error = 'Error inserting joke into selected categories.'; 283 | include 'error.html.php'; 284 | exit(); 285 | } 286 | } 287 | 288 | header('Location: .'); 289 | exit(); 290 | } 291 | 292 | if (isset($_POST['action']) and $_POST['action'] == 'Delete') 293 | { 294 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 295 | 296 | // Delete category assignments for this joke 297 | try 298 | { 299 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id'; 300 | $s = $pdo->prepare($sql); 301 | $s->bindValue(':id', $_POST['id']); 302 | $s->execute(); 303 | } 304 | catch (PDOException $e) 305 | { 306 | $error = 'Error removing joke from categories.'; 307 | include 'error.html.php'; 308 | exit(); 309 | } 310 | 311 | // Delete the joke 312 | try 313 | { 314 | $sql = 'DELETE FROM joke WHERE id = :id'; 315 | $s = $pdo->prepare($sql); 316 | $s->bindValue(':id', $_POST['id']); 317 | $s->execute(); 318 | } 319 | catch (PDOException $e) 320 | { 321 | $error = 'Error deleting joke.'; 322 | include 'error.html.php'; 323 | exit(); 324 | } 325 | 326 | header('Location: .'); 327 | exit(); 328 | } 329 | 330 | if (isset($_GET['action']) and $_GET['action'] == 'search') 331 | { 332 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 333 | 334 | // The basic SELECT statement 335 | $select = 'SELECT id, joketext'; 336 | $from = ' FROM joke'; 337 | $where = ' WHERE TRUE'; 338 | 339 | $placeholders = array(); 340 | 341 | if ($_GET['author'] != '') // An author is selected 342 | { 343 | $where .= " AND authorid = :authorid"; 344 | $placeholders[':authorid'] = $_GET['author']; 345 | } 346 | 347 | if ($_GET['category'] != '') // A category is selected 348 | { 349 | $from .= ' INNER JOIN jokecategory ON id = jokeid'; 350 | $where .= " AND categoryid = :categoryid"; 351 | $placeholders[':categoryid'] = $_GET['category']; 352 | } 353 | 354 | if ($_GET['text'] != '') // Some search text was specified 355 | { 356 | $where .= " AND joketext LIKE :joketext"; 357 | $placeholders[':joketext'] = '%' . $_GET['text'] . '%'; 358 | } 359 | 360 | try 361 | { 362 | $sql = $select . $from . $where; 363 | $s = $pdo->prepare($sql); 364 | $s->execute($placeholders); 365 | } 366 | catch (PDOException $e) 367 | { 368 | $error = 'Error fetching jokes.'; 369 | include 'error.html.php'; 370 | exit(); 371 | } 372 | 373 | foreach ($s as $row) 374 | { 375 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']); 376 | } 377 | 378 | include 'jokes.html.php'; 379 | exit(); 380 | } 381 | 382 | // Display search form 383 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; 384 | 385 | try 386 | { 387 | $result = $pdo->query('SELECT id, name FROM author'); 388 | } 389 | catch (PDOException $e) 390 | { 391 | $error = 'Error fetching authors from database!'; 392 | include 'error.html.php'; 393 | exit(); 394 | } 395 | 396 | foreach ($result as $row) 397 | { 398 | $authors[] = array('id' => $row['id'], 'name' => $row['name']); 399 | } 400 | 401 | try 402 | { 403 | $result = $pdo->query('SELECT id, name FROM category'); 404 | } 405 | catch (PDOException $e) 406 | { 407 | $error = 'Error fetching categories from database!'; 408 | include 'error.html.php'; 409 | exit(); 410 | } 411 | 412 | foreach ($result as $row) 413 | { 414 | $categories[] = array('id' => $row['id'], 'name' => $row['name']); 415 | } 416 | 417 | include 'searchform.html.php'; 418 | -------------------------------------------------------------------------------- /chapter9/admin/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Jokes: Search Results 8 | 9 | 10 |

Search Results

11 | 12 | 13 | 14 | 15 | 16 | 17 | 27 | 28 | 29 |
Joke TextOptions
18 |
19 |
20 | 22 | 23 | 24 |
25 |
26 |
30 | 31 |

New search

32 |

Return to JMS home

33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /chapter9/admin/jokes/searchform.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Manage Jokes 8 | 9 | 10 |

Manage Jokes

11 |

Add new joke

12 |
13 |

View jokes satisfying the following criteria:

14 |
15 | 16 | 23 |
24 |
25 | 26 | 33 |
34 |
35 | 36 | 37 |
38 |
39 | 40 | 41 |
42 |
43 |

Return to JMS home

44 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /chapter9/admin/login.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Log In 8 | 9 | 10 |

Log In

11 |

Please log in to view the page that you requested.

12 | 13 |

14 | 15 |
16 |
17 | 19 |
20 |
21 | 23 |
24 |
25 | 26 | 27 |
28 |
29 |

Return to JMS home

30 | 31 | 32 | -------------------------------------------------------------------------------- /chapter9/admin/logout.inc.html.php: -------------------------------------------------------------------------------- 1 |
2 |
3 | 4 | 5 | 6 |
7 |
8 | -------------------------------------------------------------------------------- /chapter9/cookiecounter/index.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Cookie counter 8 | 9 | 10 |

11 | 1) 13 | { 14 | echo "This is visit number $visits."; 15 | } 16 | else 17 | { 18 | // First visit 19 | echo 'Welcome to my website! Click here for a tour!'; 20 | } 21 | ?> 22 |

23 | 24 | 25 | -------------------------------------------------------------------------------- /chapter9/includes/access.inc.php: -------------------------------------------------------------------------------- 1 | prepare($sql); 62 | $s->bindValue(':email', $email); 63 | $s->bindValue(':password', $password); 64 | $s->execute(); 65 | } 66 | catch (PDOException $e) 67 | { 68 | $error = 'Error searching for author.'; 69 | include 'error.html.php'; 70 | exit(); 71 | } 72 | 73 | $row = $s->fetch(); 74 | 75 | if ($row[0] > 0) 76 | { 77 | return TRUE; 78 | } 79 | else 80 | { 81 | return FALSE; 82 | } 83 | } 84 | 85 | function userHasRole($role) 86 | { 87 | include 'db.inc.php'; 88 | 89 | try 90 | { 91 | $sql = "SELECT COUNT(*) FROM author 92 | INNER JOIN authorrole ON author.id = authorid 93 | INNER JOIN role ON roleid = role.id 94 | WHERE email = :email AND role.id = :roleId"; 95 | $s = $pdo->prepare($sql); 96 | $s->bindValue(':email', $_SESSION['email']); 97 | $s->bindValue(':roleId', $role); 98 | $s->execute(); 99 | } 100 | catch (PDOException $e) 101 | { 102 | $error = 'Error searching for author roles.'; 103 | include 'error.html.php'; 104 | exit(); 105 | } 106 | 107 | $row = $s->fetch(); 108 | 109 | if ($row[0] > 0) 110 | { 111 | return TRUE; 112 | } 113 | else 114 | { 115 | return FALSE; 116 | } 117 | } 118 | -------------------------------------------------------------------------------- /chapter9/includes/db.inc.php: -------------------------------------------------------------------------------- 1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 6 | $pdo->exec('SET NAMES "utf8"'); 7 | } 8 | catch (PDOException $e) 9 | { 10 | $error = 'Unable to connect to the database server.'; 11 | include 'error.html.php'; 12 | exit(); 13 | } 14 | -------------------------------------------------------------------------------- /chapter9/includes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter9/includes/helpers.inc.php: -------------------------------------------------------------------------------- 1 | $1', $text); 18 | $text = preg_replace('/\*\*(.+?)\*\*/s', '$1', $text); 19 | 20 | // emphasis 21 | $text = preg_replace('/_([^_]+)_/', '$1', $text); 22 | $text = preg_replace('/\*([^\*]+)\*/', '$1', $text); 23 | 24 | // Convert Windows (\r\n) to Unix (\n) 25 | $text = str_replace("\r\n", "\n", $text); 26 | // Convert Macintosh (\r) to Unix (\n) 27 | $text = str_replace("\r", "\n", $text); 28 | 29 | // Paragraphs 30 | $text = '

' . str_replace("\n\n", '

', $text) . '

'; 31 | // Line breaks 32 | $text = str_replace("\n", '
', $text); 33 | 34 | // [linked text](link URL) 35 | $text = preg_replace( 36 | '/\[([^\]]+)]\(([-a-z0-9._~:\/?#@!$&\'()*+,;=%]+)\)/i', 37 | '$1', $text); 38 | 39 | return $text; 40 | } 41 | 42 | function markdownout($text) 43 | { 44 | echo markdown2html($text); 45 | } 46 | -------------------------------------------------------------------------------- /chapter9/includes/magicquotes.inc.php: -------------------------------------------------------------------------------- 1 | $v) 8 | { 9 | unset($process[$key][$k]); 10 | if (is_array($v)) 11 | { 12 | $process[$key][stripslashes($k)] = $v; 13 | $process[] = &$process[$key][stripslashes($k)]; 14 | } 15 | else 16 | { 17 | $process[$key][stripslashes($k)] = stripslashes($v); 18 | } 19 | } 20 | } 21 | unset($process); 22 | } 23 | -------------------------------------------------------------------------------- /chapter9/jokes/error.html.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Script Error 6 | 7 | 8 |

9 | 10 |

11 | 12 | 13 | -------------------------------------------------------------------------------- /chapter9/jokes/index.php: -------------------------------------------------------------------------------- 1 | query($sql); 11 | } 12 | catch (PDOException $e) 13 | { 14 | $error = 'Error fetching jokes: ' . $e->getMessage(); 15 | include 'error.html.php'; 16 | exit(); 17 | } 18 | 19 | foreach ($result as $row) 20 | { 21 | $jokes[] = array( 22 | 'id' => $row['id'], 23 | 'text' => $row['joketext'], 24 | 'name' => $row['name'], 25 | 'email' => $row['email'] 26 | ); 27 | } 28 | 29 | include 'jokes.html.php'; 30 | -------------------------------------------------------------------------------- /chapter9/jokes/jokes.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | List of Jokes 8 | 9 | 10 |

Here are all the jokes in the database:

11 | 12 |
13 |

14 | 15 | (by ) 17 |

18 |
19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /chapter9/shoppingcart/cart.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Shopping Cart 8 | 16 | 17 | 18 |

Your Shopping Cart

19 | 0): ?> 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 40 | 41 | 42 | 43 |
Item DescriptionPrice
Total:$
38 | $ 39 |
44 | 45 |

Your cart is empty!

46 | 47 |
48 |

49 | Continue shopping or 50 | 51 |

52 |
53 | 54 | 55 | -------------------------------------------------------------------------------- /chapter9/shoppingcart/catalog.html.php: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | 6 | 7 | Product Catalog 8 | 16 | 17 | 18 |

Your shopping cart contains items.

20 |

View your cart

21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 35 | 44 | 45 | 46 | 47 |
Item DescriptionPrice
33 | $ 34 | 36 |
37 |
38 | 40 | 41 |
42 |
43 |
48 |

All prices are in imaginary dollars.

49 | 50 | 51 | -------------------------------------------------------------------------------- /chapter9/shoppingcart/index.php: -------------------------------------------------------------------------------- 1 | '1', 'desc' => 'Canadian-Australian Dictionary', 7 | 'price' => 24.95), 8 | array('id' => '2', 'desc' => 'As-new parachute (never opened)', 9 | 'price' => 1000), 10 | array('id' => '3', 'desc' => 'Songs of the Goldfish (2CD set)', 11 | 'price' => 19.99), 12 | array('id' => '4', 'desc' => 'Simply JavaScript (SitePoint)', 13 | 'price' => 39.95)); 14 | 15 | session_start(); 16 | if (!isset($_SESSION['cart'])) 17 | { 18 | $_SESSION['cart'] = array(); 19 | } 20 | 21 | if (isset($_POST['action']) and $_POST['action'] == 'Buy') 22 | { 23 | // Add item to the end of the $_SESSION['cart'] array 24 | $_SESSION['cart'][] = $_POST['id']; 25 | header('Location: .'); 26 | exit(); 27 | } 28 | 29 | if (isset($_POST['action']) and $_POST['action'] == 'Empty cart') 30 | { 31 | // Empty the $_SESSION['cart'] array 32 | unset($_SESSION['cart']); 33 | header('Location: ?cart'); 34 | exit(); 35 | } 36 | 37 | if (isset($_GET['cart'])) 38 | { 39 | $cart = array(); 40 | $total = 0; 41 | foreach ($_SESSION['cart'] as $id) 42 | { 43 | foreach ($items as $product) 44 | { 45 | if ($product['id'] == $id) 46 | { 47 | $cart[] = $product; 48 | $total += $product['price']; 49 | break; 50 | } 51 | } 52 | } 53 | 54 | include 'cart.html.php'; 55 | exit(); 56 | } 57 | 58 | include 'catalog.html.php'; 59 | -------------------------------------------------------------------------------- /chapter9/sql/ijdb.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE joke ( 2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 | joketext TEXT, 4 | jokedate DATE NOT NULL, 5 | authorid INT 6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 7 | 8 | CREATE TABLE author ( 9 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 10 | name VARCHAR(255), 11 | email VARCHAR(255), 12 | password CHAR(32), 13 | UNIQUE (email) 14 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 15 | 16 | CREATE TABLE category ( 17 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 18 | name VARCHAR(255) 19 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 20 | 21 | CREATE TABLE jokecategory ( 22 | jokeid INT NOT NULL, 23 | categoryid INT NOT NULL, 24 | PRIMARY KEY (jokeid, categoryid) 25 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 26 | 27 | CREATE TABLE role ( 28 | id VARCHAR(255) NOT NULL PRIMARY KEY, 29 | description VARCHAR(255) 30 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 31 | 32 | CREATE TABLE authorrole ( 33 | authorid INT NOT NULL, 34 | roleid VARCHAR(255) NOT NULL, 35 | PRIMARY KEY (authorid, roleid) 36 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB; 37 | 38 | # Sample data 39 | # We specify the IDs so they are known when we add related entries 40 | 41 | INSERT INTO author (id, name, email, password) VALUES 42 | (1, 'Kevin Yank', 'thatguy@kevinyank.com', MD5('passwordijdb')), 43 | (2, 'Joan Smith', 'joan@example.com', NULL); 44 | 45 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES 46 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1), 47 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1), 48 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2), 49 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2); 50 | 51 | INSERT INTO category (id, name) VALUES 52 | (1, 'Knock-knock'), 53 | (2, 'Cross the road'), 54 | (3, 'Lawyers'), 55 | (4, 'Walk the bar'); 56 | 57 | INSERT INTO jokecategory (jokeid, categoryid) VALUES 58 | (1, 2), 59 | (2, 1), 60 | (3, 4), 61 | (4, 3); 62 | 63 | INSERT INTO role (id, description) VALUES 64 | ('Content Editor', 'Add, remove, and edit jokes'), 65 | ('Account Administrator', 'Add, remove, and edit authors'), 66 | ('Site Administrator', 'Add, remove, and edit categories'); 67 | 68 | INSERT INTO authorrole (authorid, roleid) VALUES 69 | (1, 'Account Administrator'); 70 | -------------------------------------------------------------------------------- /readme.txt: -------------------------------------------------------------------------------- 1 | Note regarding database connection parameters 2 | --------------------------------------------- 3 | 4 | Most of the database connection function calls in the 5 | .php files included here use the 'root' username and a fictitious 6 | 'mypassword' password. To use these scripts, you will have to change the 7 | username and password for all the files to your actual database username 8 | and password. 9 | 10 | The scripts also use 'ijdb' as the database name in the PDO('mysql:host=localhost;dbname=ijdb' … ) 11 | calls. Be sure to set the name to match that on your server. --------------------------------------------------------------------------------