├── .gitignore
├── chapter1
└── today.php
├── chapter10
└── sql
│ └── ijdb.sql
├── chapter11
└── airline.sql
├── chapter12
├── filestore
│ ├── db.inc.php
│ ├── error.html.php
│ ├── files.html.php
│ └── index.php
├── includes
│ ├── db.inc.php
│ ├── error.html.php
│ ├── helpers.inc.php
│ └── magicquotes.inc.php
├── recentjokes
│ ├── controller.php
│ ├── generate.bat
│ ├── generate.php
│ └── jokes.html.php
└── sql
│ ├── filestore.sql
│ └── ijdb.sql
├── chapter2
└── joketable.sql
├── chapter3
├── count10-for.php
├── count10.php
├── count10
│ ├── count.html.php
│ └── index.php
├── echo.php
├── forms1
│ ├── name.html
│ └── name.php
├── forms2
│ ├── name.html
│ └── name.php
├── forms3
│ ├── name.html
│ └── name.php
├── if
│ ├── name.html
│ └── name.php
├── ifelse1
│ ├── name.html
│ └── name.php
├── ifelse2
│ ├── name.html
│ └── name.php
├── links1
│ ├── name.html
│ └── name.php
├── links2
│ ├── name.html
│ └── name.php
├── links3
│ ├── name.html
│ └── name.php
├── today.php
├── today
│ └── index.php
└── welcome
│ ├── form.html.php
│ ├── index.php
│ └── welcome.html.php
├── chapter4
├── addjoke
│ ├── error.html.php
│ ├── form.html.php
│ ├── index.php
│ └── jokes.html.php
├── connect
│ ├── index.php
│ └── output.html.php
├── createtable
│ ├── index.php
│ └── output.html.php
├── deletejoke
│ ├── error.html.php
│ ├── form.html.php
│ ├── index.php
│ └── jokes.html.php
├── listjokes
│ ├── error.html.php
│ ├── index.php
│ └── jokes.html.php
├── sql
│ └── joketable.sql
└── updatechicken
│ ├── index.php
│ └── output.html.php
├── chapter5
├── jokes
│ ├── error.html.php
│ ├── form.html.php
│ ├── index.php
│ └── jokes.html.php
└── sql
│ ├── 2tables.sql
│ └── jokes1.sql
├── chapter6
├── calculate-area
│ ├── area-function.inc.php
│ ├── index.php
│ └── output.html.php
├── dynamic-footer
│ ├── footer.inc.html.php
│ ├── index.php
│ └── samplepage.html.php
├── includes
│ ├── db.inc.php
│ ├── error.html.php
│ ├── helpers.inc.php
│ └── magicquotes.inc.php
├── jokes-helpers
│ ├── error.html.php
│ ├── form.html.php
│ ├── index.php
│ └── jokes.html.php
├── jokes
│ ├── db.inc.php
│ ├── error.html.php
│ ├── form.html.php
│ ├── index.php
│ └── jokes.html.php
├── sql
│ └── joketable.sql
├── static-footer
│ ├── footer.inc.html.php
│ ├── index.php
│ └── samplepage.html.php
├── totaljokes-global1
│ ├── error.html.php
│ ├── index.php
│ ├── output.html.php
│ └── totaljokes-function.inc.php
└── totaljokes-global2
│ ├── error.html.php
│ ├── index.php
│ ├── output.html.php
│ └── totaljokes-function.inc.php
├── chapter7
├── admin
│ ├── authors
│ │ ├── authors.html.php
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ └── index.php
│ ├── categories
│ │ ├── categories.html.php
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ └── index.php
│ ├── index.html
│ └── jokes
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ ├── index.php
│ │ ├── jokes.html.php
│ │ └── searchform.html.php
├── includes
│ ├── db.inc.php
│ ├── error.html.php
│ ├── helpers.inc.php
│ └── magicquotes.inc.php
├── jokes
│ ├── error.html.php
│ ├── index.php
│ └── jokes.html.php
└── sql
│ └── ijdb.sql
├── chapter8
├── admin
│ ├── authors
│ │ ├── authors.html.php
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ └── index.php
│ ├── categories
│ │ ├── categories.html.php
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ └── index.php
│ ├── index.html
│ └── jokes
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ ├── index.php
│ │ ├── jokes.html.php
│ │ └── searchform.html.php
├── includes
│ ├── db.inc.php
│ ├── error.html.php
│ ├── helpers.inc.php
│ └── magicquotes.inc.php
├── jokes
│ ├── error.html.php
│ ├── index.php
│ └── jokes.html.php
├── preg_match1
│ ├── index.php
│ └── output.html.php
├── preg_match2
│ ├── index.php
│ └── output.html.php
└── sql
│ └── ijdb.sql
├── chapter9
├── admin
│ ├── accessdenied.html.php
│ ├── authors
│ │ ├── authors.html.php
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ └── index.php
│ ├── categories
│ │ ├── categories.html.php
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ └── index.php
│ ├── index.html
│ ├── jokes
│ │ ├── error.html.php
│ │ ├── form.html.php
│ │ ├── index.php
│ │ ├── jokes.html.php
│ │ └── searchform.html.php
│ ├── login.html.php
│ └── logout.inc.html.php
├── cookiecounter
│ ├── index.php
│ └── welcome.html.php
├── includes
│ ├── access.inc.php
│ ├── db.inc.php
│ ├── error.html.php
│ ├── helpers.inc.php
│ └── magicquotes.inc.php
├── jokes
│ ├── error.html.php
│ ├── index.php
│ └── jokes.html.php
├── shoppingcart
│ ├── cart.html.php
│ ├── catalog.html.php
│ └── index.php
└── sql
│ └── ijdb.sql
└── readme.txt
/.gitignore:
--------------------------------------------------------------------------------
1 | $ cat .gitignore
2 | .DS_Store
3 | .svn/
4 |
--------------------------------------------------------------------------------
/chapter1/today.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Today’s Date
6 |
7 |
8 | Today’s date (according to this web server) is
9 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/chapter10/sql/ijdb.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE author (
2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
3 | name VARCHAR(255),
4 | email VARCHAR(255),
5 | password CHAR(32),
6 | UNIQUE (email)
7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
8 |
9 | CREATE TABLE joke (
10 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
11 | joketext TEXT,
12 | jokedate DATE NOT NULL,
13 | authorid INT,
14 | FOREIGN KEY (authorid) REFERENCES author (id)
15 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
16 |
17 | CREATE TABLE category (
18 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
19 | name VARCHAR(255)
20 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
21 |
22 | CREATE TABLE jokecategory (
23 | jokeid INT NOT NULL,
24 | categoryid INT NOT NULL,
25 | PRIMARY KEY (jokeid, categoryid),
26 | FOREIGN KEY (jokeid) REFERENCES joke (id),
27 | FOREIGN KEY (categoryid) REFERENCES category (id)
28 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
29 |
30 | CREATE TABLE role (
31 | id VARCHAR(255) NOT NULL PRIMARY KEY,
32 | description VARCHAR(255)
33 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
34 |
35 | CREATE TABLE authorrole (
36 | authorid INT NOT NULL,
37 | roleid VARCHAR(255) NOT NULL,
38 | PRIMARY KEY (authorid, roleid),
39 | FOREIGN KEY (authorid) REFERENCES author (id),
40 | FOREIGN KEY (roleid) REFERENCES role (id)
41 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
42 |
43 | # Sample data
44 | # We specify the IDs so they are known when we add related entries
45 |
46 | INSERT INTO author (id, name, email, password) VALUES
47 | (1, 'Kevin Yank', 'thatguy@kevinyank.com', MD5('passwordijdb')),
48 | (2, 'Joan Smith', 'joan@example.com', NULL);
49 |
50 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES
51 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1),
52 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1),
53 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2),
54 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2);
55 |
56 | INSERT INTO category (id, name) VALUES
57 | (1, 'Knock-knock'),
58 | (2, 'Cross the road'),
59 | (3, 'Lawyers'),
60 | (4, 'Walk the bar');
61 |
62 | INSERT INTO jokecategory (jokeid, categoryid) VALUES
63 | (1, 2),
64 | (2, 1),
65 | (3, 4),
66 | (4, 3);
67 |
68 | INSERT INTO role (id, description) VALUES
69 | ('Content Editor', 'Add, remove, and edit jokes'),
70 | ('Account Administrator', 'Add, remove, and edit authors'),
71 | ('Site Administrator', 'Add, remove, and edit categories');
72 |
73 | INSERT INTO authorrole (authorid, roleid) VALUES
74 | (1, 'Account Administrator');
75 |
--------------------------------------------------------------------------------
/chapter11/airline.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple airline database
2 |
3 | CREATE TABLE city (
4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
5 | name VARCHAR(255) NOT NULL
6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
7 |
8 | CREATE TABLE flight (
9 | number VARCHAR(10) PRIMARY KEY,
10 | origincityid INT NOT NULL,
11 | destinationcityid INT NOT NULL,
12 | departure DATETIME NOT NULL,
13 | duration TIME NOT NULL,
14 | stops INT NOT NULL,
15 | FOREIGN KEY (origincityid) REFERENCES city (id),
16 | FOREIGN KEY (destinationcityid) REFERENCES city (id)
17 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
18 |
19 |
20 | # Some sample data
21 |
22 | INSERT INTO city (id, name) VALUES
23 | (1, 'Montreal'),
24 | (2, 'Melbourne'),
25 | (3, 'Sydney'),
26 | (4, 'Honolulu');
27 |
28 | INSERT INTO flight
29 | (number, origincityid, destinationcityid, departure, duration, stops)
30 | VALUES
31 | ('CP110', 1, 3, '2009-06-01 20:30:00', '23:00:00', 1),
32 | ('CP226', 3, 1, '2009-07-29 06:30:00', '23:00:00', 1),
33 | ('QF2026', 2, 3, '2009-06-01 08:30:00', '1:20:00', 0),
34 | ('QF2027', 3, 2, '2009-06-01 10:30:00', '1:20:00', 0);
35 |
--------------------------------------------------------------------------------
/chapter12/filestore/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter12/filestore/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | PHP Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter12/filestore/files.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | PHP/MySQL File Repository
8 |
9 |
10 | PHP/MySQL File Repository
11 |
12 |
27 |
28 | 0): ?>
29 |
30 | The following files are stored in the database:
31 |
32 |
33 |
34 |
35 | | Filename |
36 | Type |
37 | Description |
38 |
39 |
40 |
41 |
42 |
43 | |
44 |
46 | |
47 | |
48 | |
49 |
50 |
57 | |
58 |
59 |
66 | |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
--------------------------------------------------------------------------------
/chapter12/filestore/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
30 | $s->bindValue(':filename', $uploadname);
31 | $s->bindValue(':mimetype', $uploadtype);
32 | $s->bindValue(':description', $uploaddesc);
33 | $s->bindValue(':filedata', $uploaddata);
34 | $s->execute();
35 | }
36 | catch (PDOException $e)
37 | {
38 | $error = 'Database error storing file!';
39 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php';
40 | exit();
41 | }
42 |
43 | header('Location: .');
44 | exit();
45 | }
46 |
47 | if (isset($_GET['action']) and
48 | ($_GET['action'] == 'view' or $_GET['action'] == 'download') and
49 | isset($_GET['id']))
50 | {
51 | include 'db.inc.php';
52 |
53 | try
54 | {
55 | $sql = 'SELECT filename, mimetype, filedata
56 | FROM filestore
57 | WHERE id = :id';
58 | $s = $pdo->prepare($sql);
59 | $s->bindValue(':id', $_GET['id']);
60 | $s->execute();
61 | }
62 | catch (PDOException $e)
63 | {
64 | $error = 'Database error fetching requested file.';
65 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php';
66 | exit();
67 | }
68 |
69 | $file = $s->fetch();
70 | if (!$file)
71 | {
72 | $error = 'File with specified ID not found in the database!';
73 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php';
74 | exit();
75 | }
76 |
77 | $filename = $file['filename'];
78 | $mimetype = $file['mimetype'];
79 | $filedata = $file['filedata'];
80 | $disposition = 'inline';
81 |
82 | if ($_GET['action'] == 'download')
83 | {
84 | $mimetype = 'application/octet-stream';
85 | $disposition = 'attachment';
86 | }
87 |
88 | // Content-type must come before Content-disposition
89 | header('Content-length: ' . strlen($filedata));
90 | header("Content-type: $mimetype");
91 | header("Content-disposition: $disposition; filename=$filename");
92 |
93 | echo $filedata;
94 | exit();
95 | }
96 |
97 | if (isset($_POST['action']) and $_POST['action'] == 'delete' and
98 | isset($_POST['id']))
99 | {
100 | include 'db.inc.php';
101 |
102 | try
103 | {
104 | $sql = 'DELETE FROM filestore
105 | WHERE id = :id';
106 | $s = $pdo->prepare($sql);
107 | $s->bindValue(':id', $_POST['id']);
108 | $s->execute();
109 | }
110 | catch (PDOException $e)
111 | {
112 | $error = 'Database error deleting requested file.';
113 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php';
114 | exit();
115 | }
116 |
117 | header('Location: .');
118 | exit();
119 | }
120 |
121 | include 'db.inc.php';
122 |
123 | try
124 | {
125 | $result = $pdo->query(
126 | 'SELECT id, filename, mimetype, description
127 | FROM filestore');
128 | }
129 | catch (PDOException $e)
130 | {
131 | $error = 'Database error fetching stored files.';
132 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php';
133 | exit();
134 | }
135 |
136 | $files = array();
137 | foreach ($result as $row)
138 | {
139 | $files[] = array(
140 | 'id' => $row['id'],
141 | 'filename' => $row['filename'],
142 | 'mimetype' => $row['mimetype'],
143 | 'description' => $row['description']);
144 | }
145 |
146 | include 'files.html.php';
147 |
--------------------------------------------------------------------------------
/chapter12/includes/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter12/includes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter12/includes/helpers.inc.php:
--------------------------------------------------------------------------------
1 | $1', $text);
18 | $text = preg_replace('/\*\*(.+?)\*\*/s', '$1', $text);
19 |
20 | // emphasis
21 | $text = preg_replace('/_([^_]+)_/', '$1', $text);
22 | $text = preg_replace('/\*([^\*]+)\*/', '$1', $text);
23 |
24 | // Convert Windows (\r\n) to Unix (\n)
25 | $text = str_replace("\r\n", "\n", $text);
26 | // Convert Macintosh (\r) to Unix (\n)
27 | $text = str_replace("\r", "\n", $text);
28 |
29 | // Paragraphs
30 | $text = '' . str_replace("\n\n", '
', $text) . '
';
31 | // Line breaks
32 | $text = str_replace("\n", '
', $text);
33 |
34 | // [linked text](link URL)
35 | $text = preg_replace(
36 | '/\[([^\]]+)]\(([-a-z0-9._~:\/?#@!$&\'()*+,;=%]+)\)/i',
37 | '$1', $text);
38 |
39 | return $text;
40 | }
41 |
42 | function markdownout($text)
43 | {
44 | echo markdown2html($text);
45 | }
46 |
--------------------------------------------------------------------------------
/chapter12/includes/magicquotes.inc.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
--------------------------------------------------------------------------------
/chapter12/recentjokes/controller.php:
--------------------------------------------------------------------------------
1 | query($sql);
11 | }
12 | catch (PDOException $e)
13 | {
14 | $error = 'Error fetching jokes.';
15 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php';
16 | exit();
17 | }
18 |
19 | foreach ($result as $row)
20 | {
21 | $jokes[] = array('text' => $row['joketext']);
22 | }
23 |
24 | include 'jokes.html.php';
25 |
--------------------------------------------------------------------------------
/chapter12/recentjokes/generate.bat:
--------------------------------------------------------------------------------
1 | @C:\xampp\php\php.exe generate.php
2 |
--------------------------------------------------------------------------------
/chapter12/recentjokes/generate.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Recent Jokes
8 |
9 |
10 |
11 | Here are the most recent jokes in the database:
12 |
13 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/chapter12/sql/filestore.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple file storage table
2 |
3 | CREATE TABLE filestore (
4 | id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
5 | filename VARCHAR(255) NOT NULL,
6 | mimetype VARCHAR(50) NOT NULL,
7 | description VARCHAR(255) NOT NULL,
8 | filedata MEDIUMBLOB
9 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
10 |
--------------------------------------------------------------------------------
/chapter12/sql/ijdb.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE author (
2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
3 | name VARCHAR(255),
4 | email VARCHAR(255),
5 | password CHAR(32),
6 | UNIQUE (email)
7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
8 |
9 | CREATE TABLE joke (
10 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
11 | joketext TEXT,
12 | jokedate DATE NOT NULL,
13 | authorid INT,
14 | FOREIGN KEY (authorid) REFERENCES author (id)
15 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
16 |
17 | CREATE TABLE category (
18 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
19 | name VARCHAR(255)
20 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
21 |
22 | CREATE TABLE jokecategory (
23 | jokeid INT NOT NULL,
24 | categoryid INT NOT NULL,
25 | PRIMARY KEY (jokeid, categoryid),
26 | FOREIGN KEY (jokeid) REFERENCES joke (id),
27 | FOREIGN KEY (categoryid) REFERENCES category (id)
28 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
29 |
30 | CREATE TABLE role (
31 | id VARCHAR(255) NOT NULL PRIMARY KEY,
32 | description VARCHAR(255)
33 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
34 |
35 | CREATE TABLE authorrole (
36 | authorid INT NOT NULL,
37 | roleid VARCHAR(255) NOT NULL,
38 | PRIMARY KEY (authorid, roleid),
39 | FOREIGN KEY (authorid) REFERENCES author (id),
40 | FOREIGN KEY (roleid) REFERENCES role (id)
41 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
42 |
43 | # Sample data
44 | # We specify the IDs so they are known when we add related entries
45 |
46 | INSERT INTO author (id, name, email, password) VALUES
47 | (1, 'Kevin Yank', 'thatguy@kevinyank.com', MD5('passwordijdb')),
48 | (2, 'Joan Smith', 'joan@example.com', NULL);
49 |
50 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES
51 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1),
52 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1),
53 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2),
54 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2);
55 |
56 | INSERT INTO category (id, name) VALUES
57 | (1, 'Knock-knock'),
58 | (2, 'Cross the road'),
59 | (3, 'Lawyers'),
60 | (4, 'Walk the bar');
61 |
62 | INSERT INTO jokecategory (jokeid, categoryid) VALUES
63 | (1, 2),
64 | (2, 1),
65 | (3, 4),
66 | (4, 3);
67 |
68 | INSERT INTO role (id, description) VALUES
69 | ('Content Editor', 'Add, remove, and edit jokes'),
70 | ('Account Administrator', 'Add, remove, and edit authors'),
71 | ('Site Administrator', 'Add, remove, and edit categories');
72 |
73 | INSERT INTO authorrole (authorid, roleid) VALUES
74 | (1, 'Account Administrator');
75 |
--------------------------------------------------------------------------------
/chapter2/joketable.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple joke table
2 |
3 | CREATE TABLE joke (
4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
5 | joketext TEXT,
6 | jokedate DATE NOT NULL
7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
8 |
9 |
10 | # Adding jokes to the table
11 |
12 | INSERT INTO joke SET
13 | joketext = 'Why did the chicken cross the road? To get to the other side!',
14 | jokedate = '2013-04-01';
15 |
16 | INSERT INTO joke
17 | (joketext, jokedate) VALUES (
18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!',
19 | "2012-04-01"
20 | );
21 |
22 |
23 | # Updating the jokedate column in the database
24 |
25 | UPDATE joke SET jokedate = "2012-04-01" WHERE id = "1";
26 |
--------------------------------------------------------------------------------
/chapter3/count10-for.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Counting to Ten
6 |
7 |
8 |
9 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/chapter3/count10.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Counting to Ten
6 |
7 |
8 |
9 |
17 |
18 |
19 |
20 |
--------------------------------------------------------------------------------
/chapter3/count10/count.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Counting to Ten
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter3/count10/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Today’s Date
6 |
7 |
8 | test!'; ?>
9 |
10 |
11 |
--------------------------------------------------------------------------------
/chapter3/forms1/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/forms1/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/forms2/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/forms2/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/forms3/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/forms3/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/if/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/chapter3/if/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/ifelse1/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/chapter3/ifelse1/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/chapter3/ifelse2/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/ifelse2/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
23 |
24 |
25 |
26 |
--------------------------------------------------------------------------------
/chapter3/links1/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Query String Link Example
6 |
7 |
8 | Hi, I’m Kevin!
9 |
10 |
11 |
--------------------------------------------------------------------------------
/chapter3/links1/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Query String Link Example
6 |
7 |
8 |
9 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/chapter3/links2/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Query String Link Example
6 |
7 |
8 | Hi, I’m Kevin!
9 |
10 |
11 |
--------------------------------------------------------------------------------
/chapter3/links2/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Query String Link Example
6 |
7 |
8 |
9 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/chapter3/links3/name.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Query String Link Example
6 |
7 |
8 | Hi, I’m Kevin Yank!
9 |
10 |
11 |
--------------------------------------------------------------------------------
/chapter3/links3/name.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Query String Link Example
6 |
7 |
8 |
9 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/today.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Today’s Date
6 |
7 |
8 | Today’s date (according to this web server) is
9 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/chapter3/today/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Today’s Date
6 |
7 |
8 | Today’s date (according to this web server) is
9 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/chapter3/welcome/form.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/chapter3/welcome/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Form Example
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter4/addjoke/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter4/addjoke/form.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Add Joke
6 |
12 |
13 |
14 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/chapter4/addjoke/index.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
24 | if (isset($_GET['addjoke']))
25 | {
26 | include 'form.html.php';
27 | exit();
28 | }
29 |
30 | try
31 | {
32 | $pdo = new PDO('mysql:host=localhost;dbname=ijdb', 'ijdbuser', 'mypassword');
33 | $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
34 | $pdo->exec('SET NAMES "utf8"');
35 | }
36 | catch (PDOException $e)
37 | {
38 | $error = 'Unable to connect to the database server.';
39 | include 'error.html.php';
40 | exit();
41 | }
42 |
43 | if (isset($_POST['joketext']))
44 | {
45 | try
46 | {
47 | $sql = 'INSERT INTO joke SET
48 | joketext = :joketext,
49 | jokedate = CURDATE()';
50 | $s = $pdo->prepare($sql);
51 | $s->bindValue(':joketext', $_POST['joketext']);
52 | $s->execute();
53 | }
54 | catch (PDOException $e)
55 | {
56 | $error = 'Error adding submitted joke: ' . $e->getMessage();
57 | include 'error.html.php';
58 | exit();
59 | }
60 |
61 | header('Location: .');
62 | exit();
63 | }
64 |
65 | try
66 | {
67 | $sql = 'SELECT joketext FROM joke';
68 | $result = $pdo->query($sql);
69 | }
70 | catch (PDOException $e)
71 | {
72 | $error = 'Error fetching jokes: ' . $e->getMessage();
73 | include 'error.html.php';
74 | exit();
75 | }
76 |
77 | while ($row = $result->fetch())
78 | {
79 | $jokes[] = $row['joketext'];
80 | }
81 |
82 | include 'jokes.html.php';
83 |
--------------------------------------------------------------------------------
/chapter4/addjoke/jokes.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | List of Jokes
6 |
7 |
8 | Add your own joke
9 | Here are all the jokes in the database:
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/chapter4/connect/index.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $output = 'Unable to connect to the database server.';
11 | include 'output.html.php';
12 | exit();
13 | }
14 |
15 | $output = 'Database connection established.';
16 | include 'output.html.php';
17 |
--------------------------------------------------------------------------------
/chapter4/connect/output.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Output
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter4/createtable/index.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $output = 'Unable to connect to the database server.';
11 | include 'output.html.php';
12 | exit();
13 | }
14 |
15 | try
16 | {
17 | $sql = 'CREATE TABLE joke (
18 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
19 | joketext TEXT,
20 | jokedate DATE NOT NULL
21 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB';
22 | $pdo->exec($sql);
23 | }
24 | catch (PDOException $e)
25 | {
26 | $output = 'Error creating joke table: ' . $e->getMessage();
27 | include 'output.html.php';
28 | exit();
29 | }
30 |
31 | $output = 'Joke table successfully created.';
32 | include 'output.html.php';
33 |
--------------------------------------------------------------------------------
/chapter4/createtable/output.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Output
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter4/deletejoke/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter4/deletejoke/form.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Add Joke
6 |
12 |
13 |
14 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/chapter4/deletejoke/index.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
24 | if (isset($_GET['addjoke']))
25 | {
26 | include 'form.html.php';
27 | exit();
28 | }
29 |
30 | try
31 | {
32 | $pdo = new PDO('mysql:host=localhost;dbname=ijdb', 'ijdbuser', 'mypassword');
33 | $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
34 | $pdo->exec('SET NAMES "utf8"');
35 | }
36 | catch (PDOException $e)
37 | {
38 | $error = 'Unable to connect to the database server.';
39 | include 'error.html.php';
40 | exit();
41 | }
42 |
43 | if (isset($_POST['joketext']))
44 | {
45 | try
46 | {
47 | $sql = 'INSERT INTO joke SET
48 | joketext = :joketext,
49 | jokedate = CURDATE()';
50 | $s = $pdo->prepare($sql);
51 | $s->bindValue(':joketext', $_POST['joketext']);
52 | $s->execute();
53 | }
54 | catch (PDOException $e)
55 | {
56 | $error = 'Error adding submitted joke: ' . $e->getMessage();
57 | include 'error.html.php';
58 | exit();
59 | }
60 |
61 | header('Location: .');
62 | exit();
63 | }
64 |
65 | if (isset($_GET['deletejoke']))
66 | {
67 | try
68 | {
69 | $sql = 'DELETE FROM joke WHERE id = :id';
70 | $s = $pdo->prepare($sql);
71 | $s->bindValue(':id', $_POST['id']);
72 | $s->execute();
73 | }
74 | catch (PDOException $e)
75 | {
76 | $error = 'Error deleting joke: ' . $e->getMessage();
77 | include 'error.html.php';
78 | exit();
79 | }
80 |
81 | header('Location: .');
82 | exit();
83 | }
84 |
85 | try
86 | {
87 | $sql = 'SELECT id, joketext FROM joke';
88 | $result = $pdo->query($sql);
89 | }
90 | catch (PDOException $e)
91 | {
92 | $error = 'Error fetching jokes: ' . $e->getMessage();
93 | include 'error.html.php';
94 | exit();
95 | }
96 |
97 | while ($row = $result->fetch())
98 | {
99 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
100 | }
101 |
102 | include 'jokes.html.php';
103 |
--------------------------------------------------------------------------------
/chapter4/deletejoke/jokes.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | List of Jokes
6 |
7 |
8 | Add your own joke
9 | Here are all the jokes in the database:
10 |
11 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/chapter4/listjokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter4/listjokes/index.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
15 | try
16 | {
17 | $sql = 'SELECT joketext FROM joke';
18 | $result = $pdo->query($sql);
19 | }
20 | catch (PDOException $e)
21 | {
22 | $error = 'Error fetching jokes: ' . $e->getMessage();
23 | include 'error.html.php';
24 | exit();
25 | }
26 |
27 | while ($row = $result->fetch())
28 | {
29 | $jokes[] = $row['joketext'];
30 | }
31 |
32 | include 'jokes.html.php';
33 |
--------------------------------------------------------------------------------
/chapter4/listjokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | List of Jokes
6 |
7 |
8 | Here are all the jokes in the database:
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/chapter4/sql/joketable.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple joke table
2 |
3 | CREATE TABLE joke (
4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
5 | joketext TEXT,
6 | jokedate DATE NOT NULL
7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
8 |
9 |
10 | # Adding jokes to the table
11 |
12 | INSERT INTO joke SET
13 | joketext = 'Why did the chicken cross the road? To get to the other side!',
14 | jokedate = '2009-04-01';
15 |
16 | INSERT INTO joke
17 | (joketext, jokedate) VALUES (
18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!',
19 | "2009-04-01"
20 | );
21 |
--------------------------------------------------------------------------------
/chapter4/updatechicken/index.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $output = 'Unable to connect to the database server.';
11 | include 'output.html.php';
12 | exit();
13 | }
14 |
15 | try
16 | {
17 | $sql = 'UPDATE joke SET jokedate="2012-04-01"
18 | WHERE joketext LIKE "%chicken%"';
19 | $affectedRows = $pdo->exec($sql);
20 | }
21 | catch (PDOException $e)
22 | {
23 | $output = 'Error performing update: ' . $e->getMessage();
24 | include 'output.html.php';
25 | exit();
26 | }
27 |
28 | $output = "Updated $affectedRows rows.";
29 | include 'output.html.php';
30 |
--------------------------------------------------------------------------------
/chapter4/updatechicken/output.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Output
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter5/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter5/jokes/form.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Add Joke
6 |
12 |
13 |
14 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/chapter5/jokes/index.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
24 | if (isset($_GET['addjoke']))
25 | {
26 | include 'form.html.php';
27 | exit();
28 | }
29 |
30 | try
31 | {
32 | $pdo = new PDO('mysql:host=localhost;dbname=ijdb', 'ijdbuser', 'mypassword');
33 | $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
34 | $pdo->exec('SET NAMES "utf8"');
35 | }
36 | catch (PDOException $e)
37 | {
38 | $error = 'Unable to connect to the database server.';
39 | include 'error.html.php';
40 | exit();
41 | }
42 |
43 | if (isset($_POST['joketext']))
44 | {
45 | try
46 | {
47 | $sql = 'INSERT INTO joke SET
48 | joketext = :joketext,
49 | jokedate = CURDATE()';
50 | $s = $pdo->prepare($sql);
51 | $s->bindValue(':joketext', $_POST['joketext']);
52 | $s->execute();
53 | }
54 | catch (PDOException $e)
55 | {
56 | $error = 'Error adding submitted joke: ' . $e->getMessage();
57 | include 'error.html.php';
58 | exit();
59 | }
60 |
61 | header('Location: .');
62 | exit();
63 | }
64 |
65 | if (isset($_GET['deletejoke']))
66 | {
67 | try
68 | {
69 | $sql = 'DELETE FROM joke WHERE id = :id';
70 | $s = $pdo->prepare($sql);
71 | $s->bindValue(':id', $_POST['id']);
72 | $s->execute();
73 | }
74 | catch (PDOException $e)
75 | {
76 | $error = 'Error deleting joke: ' . $e->getMessage();
77 | include 'error.html.php';
78 | exit();
79 | }
80 |
81 | header('Location: .');
82 | exit();
83 | }
84 |
85 | try
86 | {
87 | $sql = 'SELECT joke.id, joketext, name, email
88 | FROM joke INNER JOIN author
89 | ON authorid = author.id';
90 | $result = $pdo->query($sql);
91 | }
92 | catch (PDOException $e)
93 | {
94 | $error = 'Error fetching jokes: ' . $e->getMessage();
95 | include 'error.html.php';
96 | exit();
97 | }
98 |
99 | foreach ($result as $row)
100 | {
101 | $jokes[] = array(
102 | 'id' => $row['id'],
103 | 'text' => $row['joketext'],
104 | 'name' => $row['name'],
105 | 'email' => $row['email']
106 | );
107 | }
108 |
109 | include 'jokes.html.php';
110 |
--------------------------------------------------------------------------------
/chapter5/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | List of Jokes
6 |
7 |
8 | Add your own joke
9 | Here are all the jokes in the database:
10 |
11 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/chapter5/sql/2tables.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple joke table that stores an author ID
2 |
3 | CREATE TABLE joke (
4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
5 | joketext TEXT,
6 | jokedate DATE NOT NULL,
7 | authorid INT
8 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
9 |
10 | # Code to create a simple author table
11 |
12 | CREATE TABLE author (
13 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
14 | name VARCHAR(255),
15 | email VARCHAR(255)
16 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
17 |
18 | # Adding authors to the database
19 | # We specify the IDs so they are known when we add the jokes below.
20 |
21 | INSERT INTO author SET
22 | id = 1,
23 | name = 'Kevin Yank',
24 | email = 'thatguy@kevinyank.com';
25 |
26 | INSERT INTO author (id, name, email)
27 | VALUES (2, 'Joan Smith', 'joan@example.com');
28 |
29 | # Adding jokes to the database
30 |
31 | INSERT INTO joke SET
32 | joketext = 'Why did the chicken cross the road? To get to the other side!',
33 | jokedate = '2012-04-01',
34 | authorid = 1;
35 |
36 | INSERT INTO joke (joketext, jokedate, authorid)
37 | VALUES (
38 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!',
39 | '2012-04-01',
40 | 1
41 | );
42 |
43 | INSERT INTO joke (joketext, jokedate, authorid)
44 | VALUES (
45 | 'A man walks into a bar. "Ouch."',
46 | '2012-04-01',
47 | 2
48 | );
49 |
--------------------------------------------------------------------------------
/chapter5/sql/jokes1.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple joke table
2 |
3 | CREATE TABLE joke (
4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
5 | joketext TEXT,
6 | jokedate DATE NOT NULL
7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
8 |
9 |
10 | # Adding jokes to the table
11 |
12 | INSERT INTO joke SET
13 | joketext = 'Why did the chicken cross the road? To get to the other side!',
14 | jokedate = '2009-04-01';
15 |
16 | INSERT INTO joke
17 | (joketext, jokedate) VALUES (
18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!',
19 | "2009-04-01"
20 | );
21 |
--------------------------------------------------------------------------------
/chapter6/calculate-area/area-function.inc.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Calculate Area
6 |
7 |
8 |
9 | Area:
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/dynamic-footer/footer.inc.html.php:
--------------------------------------------------------------------------------
1 |
6 |
--------------------------------------------------------------------------------
/chapter6/dynamic-footer/index.php:
--------------------------------------------------------------------------------
1 |
4 |
--------------------------------------------------------------------------------
/chapter6/dynamic-footer/samplepage.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | A Sample Page
6 |
7 |
8 |
9 | This page uses a static include to display a standard
10 | copyright notice below.
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/chapter6/includes/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter6/includes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/includes/helpers.inc.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
--------------------------------------------------------------------------------
/chapter6/jokes-helpers/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/jokes-helpers/form.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Add Joke
6 |
12 |
13 |
14 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/chapter6/jokes-helpers/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
20 | $s->bindValue(':joketext', $_POST['joketext']);
21 | $s->execute();
22 | }
23 | catch (PDOException $e)
24 | {
25 | $error = 'Error adding submitted joke: ' . $e->getMessage();
26 | include 'error.html.php';
27 | exit();
28 | }
29 |
30 | header('Location: .');
31 | exit();
32 | }
33 |
34 | if (isset($_GET['deletejoke']))
35 | {
36 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
37 |
38 | try
39 | {
40 | $sql = 'DELETE FROM joke WHERE id = :id';
41 | $s = $pdo->prepare($sql);
42 | $s->bindValue(':id', $_POST['id']);
43 | $s->execute();
44 | }
45 | catch (PDOException $e)
46 | {
47 | $error = 'Error deleting joke: ' . $e->getMessage();
48 | include 'error.html.php';
49 | exit();
50 | }
51 |
52 | header('Location: .');
53 | exit();
54 | }
55 |
56 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
57 |
58 | try
59 | {
60 | $sql = 'SELECT joke.id, joketext, name, email
61 | FROM joke INNER JOIN author
62 | ON authorid = author.id';
63 | $result = $pdo->query($sql);
64 | }
65 | catch (PDOException $e)
66 | {
67 | $error = 'Error fetching jokes: ' . $e->getMessage();
68 | include 'error.html.php';
69 | exit();
70 | }
71 |
72 | foreach ($result as $row)
73 | {
74 | $jokes[] = array(
75 | 'id' => $row['id'],
76 | 'text' => $row['joketext'],
77 | 'name' => $row['name'],
78 | 'email' => $row['email']
79 | );
80 | }
81 |
82 | include 'jokes.html.php';
83 |
--------------------------------------------------------------------------------
/chapter6/jokes-helpers/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | List of Jokes
8 |
9 |
10 | Add your own joke
11 | Here are all the jokes in the database:
12 |
13 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/chapter6/jokes/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter6/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/jokes/form.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Add Joke
6 |
12 |
13 |
14 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/chapter6/jokes/index.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
24 | if (isset($_GET['addjoke']))
25 | {
26 | include 'form.html.php';
27 | exit();
28 | }
29 |
30 | if (isset($_POST['joketext']))
31 | {
32 | include 'db.inc.php';
33 |
34 | try
35 | {
36 | $sql = 'INSERT INTO joke SET
37 | joketext = :joketext,
38 | jokedate = CURDATE()';
39 | $s = $pdo->prepare($sql);
40 | $s->bindValue(':joketext', $_POST['joketext']);
41 | $s->execute();
42 | }
43 | catch (PDOException $e)
44 | {
45 | $error = 'Error adding submitted joke: ' . $e->getMessage();
46 | include 'error.html.php';
47 | exit();
48 | }
49 |
50 | header('Location: .');
51 | exit();
52 | }
53 |
54 | if (isset($_GET['deletejoke']))
55 | {
56 | include 'db.inc.php';
57 |
58 | try
59 | {
60 | $sql = 'DELETE FROM joke WHERE id = :id';
61 | $s = $pdo->prepare($sql);
62 | $s->bindValue(':id', $_POST['id']);
63 | $s->execute();
64 | }
65 | catch (PDOException $e)
66 | {
67 | $error = 'Error deleting joke: ' . $e->getMessage();
68 | include 'error.html.php';
69 | exit();
70 | }
71 |
72 | header('Location: .');
73 | exit();
74 | }
75 |
76 | include 'db.inc.php';
77 |
78 | try
79 | {
80 | $sql = 'SELECT joke.id, joketext, name, email
81 | FROM joke INNER JOIN author
82 | ON authorid = author.id';
83 | $result = $pdo->query($sql);
84 | }
85 | catch (PDOException $e)
86 | {
87 | $error = 'Error fetching jokes: ' . $e->getMessage();
88 | include 'error.html.php';
89 | exit();
90 | }
91 |
92 | foreach ($result as $row)
93 | {
94 | $jokes[] = array(
95 | 'id' => $row['id'],
96 | 'text' => $row['joketext'],
97 | 'name' => $row['name'],
98 | 'email' => $row['email']
99 | );
100 | }
101 |
102 | include 'jokes.html.php';
103 |
--------------------------------------------------------------------------------
/chapter6/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | List of Jokes
6 |
7 |
8 | Add your own joke
9 | Here are all the jokes in the database:
10 |
11 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/chapter6/sql/joketable.sql:
--------------------------------------------------------------------------------
1 | # Code to create a simple joke table
2 |
3 | CREATE TABLE joke (
4 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
5 | joketext TEXT,
6 | jokedate DATE NOT NULL
7 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
8 |
9 |
10 | # Adding jokes to the table
11 |
12 | INSERT INTO joke SET
13 | joketext = 'Why did the chicken cross the road? To get to the other side!',
14 | jokedate = '2009-04-01';
15 |
16 | INSERT INTO joke
17 | (joketext, jokedate) VALUES (
18 | 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!',
19 | "2009-04-01"
20 | );
21 |
--------------------------------------------------------------------------------
/chapter6/static-footer/footer.inc.html.php:
--------------------------------------------------------------------------------
1 |
5 |
--------------------------------------------------------------------------------
/chapter6/static-footer/index.php:
--------------------------------------------------------------------------------
1 |
4 |
--------------------------------------------------------------------------------
/chapter6/static-footer/samplepage.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | A Sample Page
6 |
7 |
8 |
9 | This page uses a static include to display a standard
10 | copyright notice below.
11 |
12 |
13 |
14 |
15 |
--------------------------------------------------------------------------------
/chapter6/totaljokes-global1/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/totaljokes-global1/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Calculate Area
6 |
7 |
8 |
9 | Total jokes:
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/totaljokes-global1/totaljokes-function.inc.php:
--------------------------------------------------------------------------------
1 | query('SELECT COUNT(*) FROM joke');
11 | }
12 | catch (PDOException $e)
13 | {
14 | $error = 'Database error counting jokes!';
15 | include 'error.html.php';
16 | exit();
17 | }
18 |
19 | $row = $result->fetch();
20 |
21 | return $row[0];
22 | }
23 |
--------------------------------------------------------------------------------
/chapter6/totaljokes-global2/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/totaljokes-global2/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Calculate Area
6 |
7 |
8 |
9 | Total jokes:
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter6/totaljokes-global2/totaljokes-function.inc.php:
--------------------------------------------------------------------------------
1 | query('SELECT COUNT(*) FROM joke');
9 | }
10 | catch (PDOException $e)
11 | {
12 | $error = 'Database error counting jokes!';
13 | include 'error.html.php';
14 | exit();
15 | }
16 |
17 | $row = $result->fetch();
18 |
19 | return $row[0];
20 | }
21 |
--------------------------------------------------------------------------------
/chapter7/admin/authors/authors.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Authors
8 |
9 |
10 | Manage Authors
11 | Add new author
12 |
13 |
14 | -
15 |
24 |
25 |
26 |
27 | Return to JMS home
28 |
29 |
30 |
--------------------------------------------------------------------------------
/chapter7/admin/authors/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter7/admin/authors/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
9 |
10 |
11 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/chapter7/admin/authors/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
28 | $s->bindValue(':name', $_POST['name']);
29 | $s->bindValue(':email', $_POST['email']);
30 | $s->execute();
31 | }
32 | catch (PDOException $e)
33 | {
34 | $error = 'Error adding submitted author.';
35 | include 'error.html.php';
36 | exit();
37 | }
38 |
39 | header('Location: .');
40 | exit();
41 | }
42 |
43 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
44 | {
45 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
46 |
47 | try
48 | {
49 | $sql = 'SELECT id, name, email FROM author WHERE id = :id';
50 | $s = $pdo->prepare($sql);
51 | $s->bindValue(':id', $_POST['id']);
52 | $s->execute();
53 | }
54 | catch (PDOException $e)
55 | {
56 | $error = 'Error fetching author details.';
57 | include 'error.html.php';
58 | exit();
59 | }
60 |
61 | $row = $s->fetch();
62 |
63 | $pageTitle = 'Edit Author';
64 | $action = 'editform';
65 | $name = $row['name'];
66 | $email = $row['email'];
67 | $id = $row['id'];
68 | $button = 'Update author';
69 |
70 | include 'form.html.php';
71 | exit();
72 | }
73 |
74 | if (isset($_GET['editform']))
75 | {
76 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
77 |
78 | try
79 | {
80 | $sql = 'UPDATE author SET
81 | name = :name,
82 | email = :email
83 | WHERE id = :id';
84 | $s = $pdo->prepare($sql);
85 | $s->bindValue(':id', $_POST['id']);
86 | $s->bindValue(':name', $_POST['name']);
87 | $s->bindValue(':email', $_POST['email']);
88 | $s->execute();
89 | }
90 | catch (PDOException $e)
91 | {
92 | $error = 'Error updating submitted author.';
93 | include 'error.html.php';
94 | exit();
95 | }
96 |
97 | header('Location: .');
98 | exit();
99 | }
100 |
101 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
102 | {
103 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
104 |
105 | // Get jokes belonging to author
106 | try
107 | {
108 | $sql = 'SELECT id FROM joke WHERE authorid = :id';
109 | $s = $pdo->prepare($sql);
110 | $s->bindValue(':id', $_POST['id']);
111 | $s->execute();
112 | }
113 | catch (PDOException $e)
114 | {
115 | $error = 'Error getting list of jokes to delete.';
116 | include 'error.html.php';
117 | exit();
118 | }
119 |
120 | $result = $s->fetchAll();
121 |
122 | // Delete joke category entries
123 | try
124 | {
125 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
126 | $s = $pdo->prepare($sql);
127 |
128 | // For each joke
129 | foreach ($result as $row)
130 | {
131 | $jokeId = $row['id'];
132 | $s->bindValue(':id', $jokeId);
133 | $s->execute();
134 | }
135 | }
136 | catch (PDOException $e)
137 | {
138 | $error = 'Error deleting category entries for joke.';
139 | include 'error.html.php';
140 | exit();
141 | }
142 |
143 | // Delete jokes belonging to author
144 | try
145 | {
146 | $sql = 'DELETE FROM joke WHERE authorid = :id';
147 | $s = $pdo->prepare($sql);
148 | $s->bindValue(':id', $_POST['id']);
149 | $s->execute();
150 | }
151 | catch (PDOException $e)
152 | {
153 | $error = 'Error deleting jokes for author.';
154 | include 'error.html.php';
155 | exit();
156 | }
157 |
158 | // Delete the author
159 | try
160 | {
161 | $sql = 'DELETE FROM author WHERE id = :id';
162 | $s = $pdo->prepare($sql);
163 | $s->bindValue(':id', $_POST['id']);
164 | $s->execute();
165 | }
166 | catch (PDOException $e)
167 | {
168 | $error = 'Error deleting author.';
169 | include 'error.html.php';
170 | exit();
171 | }
172 |
173 | header('Location: .');
174 | exit();
175 | }
176 |
177 | // Display author list
178 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
179 |
180 | try
181 | {
182 | $result = $pdo->query('SELECT id, name FROM author');
183 | }
184 | catch (PDOException $e)
185 | {
186 | $error = 'Error fetching authors from the database!';
187 | include 'error.html.php';
188 | exit();
189 | }
190 |
191 | foreach ($result as $row)
192 | {
193 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
194 | }
195 |
196 | include 'authors.html.php';
197 |
--------------------------------------------------------------------------------
/chapter7/admin/categories/categories.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Categories
8 |
9 |
10 | Manage Categories
11 | Add new category
12 |
13 |
14 | -
15 |
24 |
25 |
26 |
27 | Return to JMS home
28 |
29 |
30 |
--------------------------------------------------------------------------------
/chapter7/admin/categories/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter7/admin/categories/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
9 |
10 |
11 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/chapter7/admin/categories/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
26 | $s->bindValue(':name', $_POST['name']);
27 | $s->execute();
28 | }
29 | catch (PDOException $e)
30 | {
31 | $error = 'Error adding submitted category.';
32 | include 'error.html.php';
33 | exit();
34 | }
35 |
36 | header('Location: .');
37 | exit();
38 | }
39 |
40 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
41 | {
42 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
43 |
44 | try
45 | {
46 | $sql = 'SELECT id, name FROM category WHERE id = :id';
47 | $s = $pdo->prepare($sql);
48 | $s->bindValue(':id', $_POST['id']);
49 | $s->execute();
50 | }
51 | catch (PDOException $e)
52 | {
53 | $error = 'Error fetching category details.';
54 | include 'error.html.php';
55 | exit();
56 | }
57 |
58 | $row = $s->fetch();
59 |
60 | $pageTitle = 'Edit Category';
61 | $action = 'editform';
62 | $name = $row['name'];
63 | $id = $row['id'];
64 | $button = 'Update category';
65 |
66 | include 'form.html.php';
67 | exit();
68 | }
69 |
70 | if (isset($_GET['editform']))
71 | {
72 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
73 |
74 | try
75 | {
76 | $sql = 'UPDATE category SET
77 | name = :name
78 | WHERE id = :id';
79 | $s = $pdo->prepare($sql);
80 | $s->bindValue(':id', $_POST['id']);
81 | $s->bindValue(':name', $_POST['name']);
82 | $s->execute();
83 | }
84 | catch (PDOException $e)
85 | {
86 | $error = 'Error updating submitted category.';
87 | include 'error.html.php';
88 | exit();
89 | }
90 |
91 | header('Location: .');
92 | exit();
93 | }
94 |
95 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
96 | {
97 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
98 |
99 | // Delete joke associations with this category
100 | try
101 | {
102 | $sql = 'DELETE FROM jokecategory WHERE categoryid = :id';
103 | $s = $pdo->prepare($sql);
104 | $s->bindValue(':id', $_POST['id']);
105 | $s->execute();
106 | }
107 | catch (PDOException $e)
108 | {
109 | $error = 'Error removing jokes from category.';
110 | include 'error.html.php';
111 | exit();
112 | }
113 |
114 | // Delete the category
115 | try
116 | {
117 | $sql = 'DELETE FROM category WHERE id = :id';
118 | $s = $pdo->prepare($sql);
119 | $s->bindValue(':id', $_POST['id']);
120 | $s->execute();
121 | }
122 | catch (PDOException $e)
123 | {
124 | $error = 'Error deleting category.';
125 | include 'error.html.php';
126 | exit();
127 | }
128 |
129 | header('Location: .');
130 | exit();
131 | }
132 |
133 | // Display category list
134 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
135 |
136 | try
137 | {
138 | $result = $pdo->query('SELECT id, name FROM category');
139 | }
140 | catch (PDOException $e)
141 | {
142 | $error = 'Error fetching categories from database!';
143 | include 'error.html.php';
144 | exit();
145 | }
146 |
147 | foreach ($result as $row)
148 | {
149 | $categories[] = array('id' => $row['id'], 'name' => $row['name']);
150 | }
151 |
152 | include 'categories.html.php';
153 |
--------------------------------------------------------------------------------
/chapter7/admin/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Joke CMS
6 |
7 |
8 | Joke Management System
9 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/chapter7/admin/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter7/admin/jokes/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
14 |
15 |
16 |
17 |
57 |
58 |
59 |
--------------------------------------------------------------------------------
/chapter7/admin/jokes/index.php:
--------------------------------------------------------------------------------
1 | query('SELECT id, name FROM author');
20 | }
21 | catch (PDOException $e)
22 | {
23 | $error = 'Error fetching list of authors.';
24 | include 'error.html.php';
25 | exit();
26 | }
27 |
28 | foreach ($result as $row)
29 | {
30 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
31 | }
32 |
33 | // Build the list of categories
34 | try
35 | {
36 | $result = $pdo->query('SELECT id, name FROM category');
37 | }
38 | catch (PDOException $e)
39 | {
40 | $error = 'Error fetching list of categories.';
41 | include 'error.html.php';
42 | exit();
43 | }
44 |
45 | foreach ($result as $row)
46 | {
47 | $categories[] = array(
48 | 'id' => $row['id'],
49 | 'name' => $row['name'],
50 | 'selected' => FALSE);
51 | }
52 |
53 | include 'form.html.php';
54 | exit();
55 | }
56 |
57 | if (isset($_GET['addform']))
58 | {
59 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
60 |
61 | if ($_POST['author'] == '')
62 | {
63 | $error = 'You must choose an author for this joke.
64 | Click ‘back’ and try again.';
65 | include 'error.html.php';
66 | exit();
67 | }
68 |
69 | try
70 | {
71 | $sql = 'INSERT INTO joke SET
72 | joketext = :joketext,
73 | jokedate = CURDATE(),
74 | authorid = :authorid';
75 | $s = $pdo->prepare($sql);
76 | $s->bindValue(':joketext', $_POST['text']);
77 | $s->bindValue(':authorid', $_POST['author']);
78 | $s->execute();
79 | }
80 | catch (PDOException $e)
81 | {
82 | $error = 'Error adding submitted joke.';
83 | include 'error.html.php';
84 | exit();
85 | }
86 |
87 | $jokeid = $pdo->lastInsertId();
88 |
89 | if (isset($_POST['categories']))
90 | {
91 | try
92 | {
93 | $sql = 'INSERT INTO jokecategory SET
94 | jokeid = :jokeid,
95 | categoryid = :categoryid';
96 | $s = $pdo->prepare($sql);
97 |
98 | foreach ($_POST['categories'] as $categoryid)
99 | {
100 | $s->bindValue(':jokeid', $jokeid);
101 | $s->bindValue(':categoryid', $categoryid);
102 | $s->execute();
103 | }
104 | }
105 | catch (PDOException $e)
106 | {
107 | $error = 'Error inserting joke into selected categories.';
108 | include 'error.html.php';
109 | exit();
110 | }
111 | }
112 |
113 | header('Location: .');
114 | exit();
115 | }
116 |
117 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
118 | {
119 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
120 |
121 | try
122 | {
123 | $sql = 'SELECT id, joketext, authorid FROM joke WHERE id = :id';
124 | $s = $pdo->prepare($sql);
125 | $s->bindValue(':id', $_POST['id']);
126 | $s->execute();
127 | }
128 | catch (PDOException $e)
129 | {
130 | $error = 'Error fetching joke details.';
131 | include 'error.html.php';
132 | exit();
133 | }
134 | $row = $s->fetch();
135 |
136 | $pageTitle = 'Edit Joke';
137 | $action = 'editform';
138 | $text = $row['joketext'];
139 | $authorid = $row['authorid'];
140 | $id = $row['id'];
141 | $button = 'Update joke';
142 |
143 | // Build the list of authors
144 | try
145 | {
146 | $result = $pdo->query('SELECT id, name FROM author');
147 | }
148 | catch (PDOException $e)
149 | {
150 | $error = 'Error fetching list of authors.';
151 | include 'error.html.php';
152 | exit();
153 | }
154 |
155 | foreach ($result as $row)
156 | {
157 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
158 | }
159 |
160 | // Get list of categories containing this joke
161 | try
162 | {
163 | $sql = 'SELECT categoryid FROM jokecategory WHERE jokeid = :id';
164 | $s = $pdo->prepare($sql);
165 | $s->bindValue(':id', $id);
166 | $s->execute();
167 | }
168 | catch (PDOException $e)
169 | {
170 | $error = 'Error fetching list of selected categories.';
171 | include 'error.html.php';
172 | exit();
173 | }
174 |
175 | foreach ($s as $row)
176 | {
177 | $selectedCategories[] = $row['categoryid'];
178 | }
179 |
180 | // Build the list of all categories
181 | try
182 | {
183 | $result = $pdo->query('SELECT id, name FROM category');
184 | }
185 | catch (PDOException $e)
186 | {
187 | $error = 'Error fetching list of categories.';
188 | include 'error.html.php';
189 | exit();
190 | }
191 |
192 | foreach ($result as $row)
193 | {
194 | $categories[] = array(
195 | 'id' => $row['id'],
196 | 'name' => $row['name'],
197 | 'selected' => in_array($row['id'], $selectedCategories));
198 | }
199 |
200 | include 'form.html.php';
201 | exit();
202 | }
203 |
204 | if (isset($_GET['editform']))
205 | {
206 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
207 |
208 | if ($_POST['author'] == '')
209 | {
210 | $error = 'You must choose an author for this joke.
211 | Click ‘back’ and try again.';
212 | include 'error.html.php';
213 | exit();
214 | }
215 |
216 | try
217 | {
218 | $sql = 'UPDATE joke SET
219 | joketext = :joketext,
220 | authorid = :authorid
221 | WHERE id = :id';
222 | $s = $pdo->prepare($sql);
223 | $s->bindValue(':id', $_POST['id']);
224 | $s->bindValue(':joketext', $_POST['text']);
225 | $s->bindValue(':authorid', $_POST['author']);
226 | $s->execute();
227 | }
228 | catch (PDOException $e)
229 | {
230 | $error = 'Error updating submitted joke.';
231 | include 'error.html.php';
232 | exit();
233 | }
234 |
235 | try
236 | {
237 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
238 | $s = $pdo->prepare($sql);
239 | $s->bindValue(':id', $_POST['id']);
240 | $s->execute();
241 | }
242 | catch (PDOException $e)
243 | {
244 | $error = 'Error removing obsolete joke category entries.';
245 | include 'error.html.php';
246 | exit();
247 | }
248 |
249 | if (isset($_POST['categories']))
250 | {
251 | try
252 | {
253 | $sql = 'INSERT INTO jokecategory SET
254 | jokeid = :jokeid,
255 | categoryid = :categoryid';
256 | $s = $pdo->prepare($sql);
257 |
258 | foreach ($_POST['categories'] as $categoryid)
259 | {
260 | $s->bindValue(':jokeid', $_POST['id']);
261 | $s->bindValue(':categoryid', $categoryid);
262 | $s->execute();
263 | }
264 | }
265 | catch (PDOException $e)
266 | {
267 | $error = 'Error inserting joke into selected categories.';
268 | include 'error.html.php';
269 | exit();
270 | }
271 | }
272 |
273 | header('Location: .');
274 | exit();
275 | }
276 |
277 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
278 | {
279 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
280 |
281 | // Delete category assignments for this joke
282 | try
283 | {
284 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
285 | $s = $pdo->prepare($sql);
286 | $s->bindValue(':id', $_POST['id']);
287 | $s->execute();
288 | }
289 | catch (PDOException $e)
290 | {
291 | $error = 'Error removing joke from categories.';
292 | include 'error.html.php';
293 | exit();
294 | }
295 |
296 | // Delete the joke
297 | try
298 | {
299 | $sql = 'DELETE FROM joke WHERE id = :id';
300 | $s = $pdo->prepare($sql);
301 | $s->bindValue(':id', $_POST['id']);
302 | $s->execute();
303 | }
304 | catch (PDOException $e)
305 | {
306 | $error = 'Error deleting joke.';
307 | include 'error.html.php';
308 | exit();
309 | }
310 |
311 | header('Location: .');
312 | exit();
313 | }
314 |
315 | if (isset($_GET['action']) and $_GET['action'] == 'search')
316 | {
317 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
318 |
319 | // The basic SELECT statement
320 | $select = 'SELECT id, joketext';
321 | $from = ' FROM joke';
322 | $where = ' WHERE TRUE';
323 |
324 | $placeholders = array();
325 |
326 | if ($_GET['author'] != '') // An author is selected
327 | {
328 | $where .= " AND authorid = :authorid";
329 | $placeholders[':authorid'] = $_GET['author'];
330 | }
331 |
332 | if ($_GET['category'] != '') // A category is selected
333 | {
334 | $from .= ' INNER JOIN jokecategory ON id = jokeid';
335 | $where .= " AND categoryid = :categoryid";
336 | $placeholders[':categoryid'] = $_GET['category'];
337 | }
338 |
339 | if ($_GET['text'] != '') // Some search text was specified
340 | {
341 | $where .= " AND joketext LIKE :joketext";
342 | $placeholders[':joketext'] = '%' . $_GET['text'] . '%';
343 | }
344 |
345 | try
346 | {
347 | $sql = $select . $from . $where;
348 | $s = $pdo->prepare($sql);
349 | $s->execute($placeholders);
350 | }
351 | catch (PDOException $e)
352 | {
353 | $error = 'Error fetching jokes.';
354 | include 'error.html.php';
355 | exit();
356 | }
357 |
358 | foreach ($s as $row)
359 | {
360 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
361 | }
362 |
363 | include 'jokes.html.php';
364 | exit();
365 | }
366 |
367 | // Display search form
368 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
369 |
370 | try
371 | {
372 | $result = $pdo->query('SELECT id, name FROM author');
373 | }
374 | catch (PDOException $e)
375 | {
376 | $error = 'Error fetching authors from database!';
377 | include 'error.html.php';
378 | exit();
379 | }
380 |
381 | foreach ($result as $row)
382 | {
383 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
384 | }
385 |
386 | try
387 | {
388 | $result = $pdo->query('SELECT id, name FROM category');
389 | }
390 | catch (PDOException $e)
391 | {
392 | $error = 'Error fetching categories from database!';
393 | include 'error.html.php';
394 | exit();
395 | }
396 |
397 | foreach ($result as $row)
398 | {
399 | $categories[] = array('id' => $row['id'], 'name' => $row['name']);
400 | }
401 |
402 | include 'searchform.html.php';
403 |
--------------------------------------------------------------------------------
/chapter7/admin/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Jokes: Search Results
8 |
9 |
10 | Search Results
11 |
12 |
13 | | Joke Text | Options |
|---|
14 |
15 |
16 | |
17 |
18 |
26 | |
27 |
28 |
29 |
30 |
31 | New search
32 | Return to JMS home
33 |
34 |
35 |
--------------------------------------------------------------------------------
/chapter7/admin/jokes/searchform.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Jokes
8 |
9 |
10 | Manage Jokes
11 | Add new joke
12 |
43 | Return to JMS home
44 |
45 |
46 |
--------------------------------------------------------------------------------
/chapter7/includes/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter7/includes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter7/includes/helpers.inc.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
--------------------------------------------------------------------------------
/chapter7/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter7/jokes/index.php:
--------------------------------------------------------------------------------
1 | query($sql);
11 | }
12 | catch (PDOException $e)
13 | {
14 | $error = 'Error fetching jokes: ' . $e->getMessage();
15 | include 'error.html.php';
16 | exit();
17 | }
18 |
19 | foreach ($result as $row)
20 | {
21 | $jokes[] = array(
22 | 'id' => $row['id'],
23 | 'text' => $row['joketext'],
24 | 'name' => $row['name'],
25 | 'email' => $row['email']
26 | );
27 | }
28 |
29 | include 'jokes.html.php';
30 |
--------------------------------------------------------------------------------
/chapter7/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | List of Jokes
8 |
9 |
10 | Here are all the jokes in the database:
11 |
12 |
13 |
14 |
15 | (by )
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/chapter7/sql/ijdb.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE joke (
2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
3 | joketext TEXT,
4 | jokedate DATE NOT NULL,
5 | authorid INT
6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
7 |
8 | CREATE TABLE author (
9 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
10 | name VARCHAR(255),
11 | email VARCHAR(255)
12 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
13 |
14 | CREATE TABLE category (
15 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
16 | name VARCHAR(255)
17 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
18 |
19 | CREATE TABLE jokecategory (
20 | jokeid INT NOT NULL,
21 | categoryid INT NOT NULL,
22 | PRIMARY KEY (jokeid, categoryid)
23 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
24 |
25 | # Sample data
26 | # We specify the IDs so they are known when we add related entries
27 |
28 | INSERT INTO author (id, name, email) VALUES
29 | (1, 'Kevin Yank', 'thatguy@kevinyank.com'),
30 | (2, 'Joan Smith', 'joan@example.com');
31 |
32 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES
33 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1),
34 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1),
35 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2),
36 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2);
37 |
38 | INSERT INTO category (id, name) VALUES
39 | (1, 'Knock-knock'),
40 | (2, 'Cross the road'),
41 | (3, 'Lawyers'),
42 | (4, 'Walk the bar');
43 |
44 | INSERT INTO jokecategory (jokeid, categoryid) VALUES
45 | (1, 2),
46 | (2, 1),
47 | (3, 4),
48 | (4, 3);
49 |
--------------------------------------------------------------------------------
/chapter8/admin/authors/authors.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Authors
8 |
9 |
10 | Manage Authors
11 | Add new author
12 |
13 |
14 | -
15 |
24 |
25 |
26 |
27 | Return to JMS home
28 |
29 |
30 |
--------------------------------------------------------------------------------
/chapter8/admin/authors/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/admin/authors/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
9 |
10 |
11 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/chapter8/admin/authors/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
28 | $s->bindValue(':name', $_POST['name']);
29 | $s->bindValue(':email', $_POST['email']);
30 | $s->execute();
31 | }
32 | catch (PDOException $e)
33 | {
34 | $error = 'Error adding submitted author.';
35 | include 'error.html.php';
36 | exit();
37 | }
38 |
39 | header('Location: .');
40 | exit();
41 | }
42 |
43 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
44 | {
45 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
46 |
47 | try
48 | {
49 | $sql = 'SELECT id, name, email FROM author WHERE id = :id';
50 | $s = $pdo->prepare($sql);
51 | $s->bindValue(':id', $_POST['id']);
52 | $s->execute();
53 | }
54 | catch (PDOException $e)
55 | {
56 | $error = 'Error fetching author details.';
57 | include 'error.html.php';
58 | exit();
59 | }
60 |
61 | $row = $s->fetch();
62 |
63 | $pageTitle = 'Edit Author';
64 | $action = 'editform';
65 | $name = $row['name'];
66 | $email = $row['email'];
67 | $id = $row['id'];
68 | $button = 'Update author';
69 |
70 | include 'form.html.php';
71 | exit();
72 | }
73 |
74 | if (isset($_GET['editform']))
75 | {
76 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
77 |
78 | try
79 | {
80 | $sql = 'UPDATE author SET
81 | name = :name,
82 | email = :email
83 | WHERE id = :id';
84 | $s = $pdo->prepare($sql);
85 | $s->bindValue(':id', $_POST['id']);
86 | $s->bindValue(':name', $_POST['name']);
87 | $s->bindValue(':email', $_POST['email']);
88 | $s->execute();
89 | }
90 | catch (PDOException $e)
91 | {
92 | $error = 'Error updating submitted author.';
93 | include 'error.html.php';
94 | exit();
95 | }
96 |
97 | header('Location: .');
98 | exit();
99 | }
100 |
101 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
102 | {
103 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
104 |
105 | // Get jokes belonging to author
106 | try
107 | {
108 | $sql = 'SELECT id FROM joke WHERE authorid = :id';
109 | $s = $pdo->prepare($sql);
110 | $s->bindValue(':id', $_POST['id']);
111 | $s->execute();
112 | }
113 | catch (PDOException $e)
114 | {
115 | $error = 'Error getting list of jokes to delete.';
116 | include 'error.html.php';
117 | exit();
118 | }
119 |
120 | $result = $s->fetchAll();
121 |
122 | // Delete joke category entries
123 | try
124 | {
125 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
126 | $s = $pdo->prepare($sql);
127 |
128 | // For each joke
129 | foreach ($result as $row)
130 | {
131 | $jokeId = $row['id'];
132 | $s->bindValue(':id', $jokeId);
133 | $s->execute();
134 | }
135 | }
136 | catch (PDOException $e)
137 | {
138 | $error = 'Error deleting category entries for joke.';
139 | include 'error.html.php';
140 | exit();
141 | }
142 |
143 | // Delete jokes belonging to author
144 | try
145 | {
146 | $sql = 'DELETE FROM joke WHERE authorid = :id';
147 | $s = $pdo->prepare($sql);
148 | $s->bindValue(':id', $_POST['id']);
149 | $s->execute();
150 | }
151 | catch (PDOException $e)
152 | {
153 | $error = 'Error deleting jokes for author.';
154 | include 'error.html.php';
155 | exit();
156 | }
157 |
158 | // Delete the author
159 | try
160 | {
161 | $sql = 'DELETE FROM author WHERE id = :id';
162 | $s = $pdo->prepare($sql);
163 | $s->bindValue(':id', $_POST['id']);
164 | $s->execute();
165 | }
166 | catch (PDOException $e)
167 | {
168 | $error = 'Error deleting author.';
169 | include 'error.html.php';
170 | exit();
171 | }
172 |
173 | header('Location: .');
174 | exit();
175 | }
176 |
177 | // Display author list
178 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
179 |
180 | try
181 | {
182 | $result = $pdo->query('SELECT id, name FROM author');
183 | }
184 | catch (PDOException $e)
185 | {
186 | $error = 'Error fetching authors from the database!';
187 | include 'error.html.php';
188 | exit();
189 | }
190 |
191 | foreach ($result as $row)
192 | {
193 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
194 | }
195 |
196 | include 'authors.html.php';
197 |
--------------------------------------------------------------------------------
/chapter8/admin/categories/categories.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Categories
8 |
9 |
10 | Manage Categories
11 | Add new category
12 |
13 |
14 | -
15 |
24 |
25 |
26 |
27 | Return to JMS home
28 |
29 |
30 |
--------------------------------------------------------------------------------
/chapter8/admin/categories/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/admin/categories/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
9 |
10 |
11 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/chapter8/admin/categories/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
26 | $s->bindValue(':name', $_POST['name']);
27 | $s->execute();
28 | }
29 | catch (PDOException $e)
30 | {
31 | $error = 'Error adding submitted category.';
32 | include 'error.html.php';
33 | exit();
34 | }
35 |
36 | header('Location: .');
37 | exit();
38 | }
39 |
40 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
41 | {
42 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
43 |
44 | try
45 | {
46 | $sql = 'SELECT id, name FROM category WHERE id = :id';
47 | $s = $pdo->prepare($sql);
48 | $s->bindValue(':id', $_POST['id']);
49 | $s->execute();
50 | }
51 | catch (PDOException $e)
52 | {
53 | $error = 'Error fetching category details.';
54 | include 'error.html.php';
55 | exit();
56 | }
57 |
58 | $row = $s->fetch();
59 |
60 | $pageTitle = 'Edit Category';
61 | $action = 'editform';
62 | $name = $row['name'];
63 | $id = $row['id'];
64 | $button = 'Update category';
65 |
66 | include 'form.html.php';
67 | exit();
68 | }
69 |
70 | if (isset($_GET['editform']))
71 | {
72 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
73 |
74 | try
75 | {
76 | $sql = 'UPDATE category SET
77 | name = :name
78 | WHERE id = :id';
79 | $s = $pdo->prepare($sql);
80 | $s->bindValue(':id', $_POST['id']);
81 | $s->bindValue(':name', $_POST['name']);
82 | $s->execute();
83 | }
84 | catch (PDOException $e)
85 | {
86 | $error = 'Error updating submitted category.';
87 | include 'error.html.php';
88 | exit();
89 | }
90 |
91 | header('Location: .');
92 | exit();
93 | }
94 |
95 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
96 | {
97 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
98 |
99 | // Delete joke associations with this category
100 | try
101 | {
102 | $sql = 'DELETE FROM jokecategory WHERE categoryid = :id';
103 | $s = $pdo->prepare($sql);
104 | $s->bindValue(':id', $_POST['id']);
105 | $s->execute();
106 | }
107 | catch (PDOException $e)
108 | {
109 | $error = 'Error removing jokes from category.';
110 | include 'error.html.php';
111 | exit();
112 | }
113 |
114 | // Delete the category
115 | try
116 | {
117 | $sql = 'DELETE FROM category WHERE id = :id';
118 | $s = $pdo->prepare($sql);
119 | $s->bindValue(':id', $_POST['id']);
120 | $s->execute();
121 | }
122 | catch (PDOException $e)
123 | {
124 | $error = 'Error deleting category.';
125 | include 'error.html.php';
126 | exit();
127 | }
128 |
129 | header('Location: .');
130 | exit();
131 | }
132 |
133 | // Display category list
134 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
135 |
136 | try
137 | {
138 | $result = $pdo->query('SELECT id, name FROM category');
139 | }
140 | catch (PDOException $e)
141 | {
142 | $error = 'Error fetching categories from database!';
143 | include 'error.html.php';
144 | exit();
145 | }
146 |
147 | foreach ($result as $row)
148 | {
149 | $categories[] = array('id' => $row['id'], 'name' => $row['name']);
150 | }
151 |
152 | include 'categories.html.php';
153 |
--------------------------------------------------------------------------------
/chapter8/admin/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Joke CMS
6 |
7 |
8 | Joke Management System
9 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/chapter8/admin/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/admin/jokes/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
14 |
15 |
16 |
17 |
57 |
58 |
59 |
--------------------------------------------------------------------------------
/chapter8/admin/jokes/index.php:
--------------------------------------------------------------------------------
1 | query('SELECT id, name FROM author');
20 | }
21 | catch (PDOException $e)
22 | {
23 | $error = 'Error fetching list of authors.';
24 | include 'error.html.php';
25 | exit();
26 | }
27 |
28 | foreach ($result as $row)
29 | {
30 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
31 | }
32 |
33 | // Build the list of categories
34 | try
35 | {
36 | $result = $pdo->query('SELECT id, name FROM category');
37 | }
38 | catch (PDOException $e)
39 | {
40 | $error = 'Error fetching list of categories.';
41 | include 'error.html.php';
42 | exit();
43 | }
44 |
45 | foreach ($result as $row)
46 | {
47 | $categories[] = array(
48 | 'id' => $row['id'],
49 | 'name' => $row['name'],
50 | 'selected' => FALSE);
51 | }
52 |
53 | include 'form.html.php';
54 | exit();
55 | }
56 |
57 | if (isset($_GET['addform']))
58 | {
59 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
60 |
61 | if ($_POST['author'] == '')
62 | {
63 | $error = 'You must choose an author for this joke.
64 | Click ‘back’ and try again.';
65 | include 'error.html.php';
66 | exit();
67 | }
68 |
69 | try
70 | {
71 | $sql = 'INSERT INTO joke SET
72 | joketext = :joketext,
73 | jokedate = CURDATE(),
74 | authorid = :authorid';
75 | $s = $pdo->prepare($sql);
76 | $s->bindValue(':joketext', $_POST['text']);
77 | $s->bindValue(':authorid', $_POST['author']);
78 | $s->execute();
79 | }
80 | catch (PDOException $e)
81 | {
82 | $error = 'Error adding submitted joke.';
83 | include 'error.html.php';
84 | exit();
85 | }
86 |
87 | $jokeid = $pdo->lastInsertId();
88 |
89 | if (isset($_POST['categories']))
90 | {
91 | try
92 | {
93 | $sql = 'INSERT INTO jokecategory SET
94 | jokeid = :jokeid,
95 | categoryid = :categoryid';
96 | $s = $pdo->prepare($sql);
97 |
98 | foreach ($_POST['categories'] as $categoryid)
99 | {
100 | $s->bindValue(':jokeid', $jokeid);
101 | $s->bindValue(':categoryid', $categoryid);
102 | $s->execute();
103 | }
104 | }
105 | catch (PDOException $e)
106 | {
107 | $error = 'Error inserting joke into selected categories.';
108 | include 'error.html.php';
109 | exit();
110 | }
111 | }
112 |
113 | header('Location: .');
114 | exit();
115 | }
116 |
117 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
118 | {
119 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
120 |
121 | try
122 | {
123 | $sql = 'SELECT id, joketext, authorid FROM joke WHERE id = :id';
124 | $s = $pdo->prepare($sql);
125 | $s->bindValue(':id', $_POST['id']);
126 | $s->execute();
127 | }
128 | catch (PDOException $e)
129 | {
130 | $error = 'Error fetching joke details.';
131 | include 'error.html.php';
132 | exit();
133 | }
134 | $row = $s->fetch();
135 |
136 | $pageTitle = 'Edit Joke';
137 | $action = 'editform';
138 | $text = $row['joketext'];
139 | $authorid = $row['authorid'];
140 | $id = $row['id'];
141 | $button = 'Update joke';
142 |
143 | // Build the list of authors
144 | try
145 | {
146 | $result = $pdo->query('SELECT id, name FROM author');
147 | }
148 | catch (PDOException $e)
149 | {
150 | $error = 'Error fetching list of authors.';
151 | include 'error.html.php';
152 | exit();
153 | }
154 |
155 | foreach ($result as $row)
156 | {
157 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
158 | }
159 |
160 | // Get list of categories containing this joke
161 | try
162 | {
163 | $sql = 'SELECT categoryid FROM jokecategory WHERE jokeid = :id';
164 | $s = $pdo->prepare($sql);
165 | $s->bindValue(':id', $id);
166 | $s->execute();
167 | }
168 | catch (PDOException $e)
169 | {
170 | $error = 'Error fetching list of selected categories.';
171 | include 'error.html.php';
172 | exit();
173 | }
174 |
175 | foreach ($s as $row)
176 | {
177 | $selectedCategories[] = $row['categoryid'];
178 | }
179 |
180 | // Build the list of all categories
181 | try
182 | {
183 | $result = $pdo->query('SELECT id, name FROM category');
184 | }
185 | catch (PDOException $e)
186 | {
187 | $error = 'Error fetching list of categories.';
188 | include 'error.html.php';
189 | exit();
190 | }
191 |
192 | foreach ($result as $row)
193 | {
194 | $categories[] = array(
195 | 'id' => $row['id'],
196 | 'name' => $row['name'],
197 | 'selected' => in_array($row['id'], $selectedCategories));
198 | }
199 |
200 | include 'form.html.php';
201 | exit();
202 | }
203 |
204 | if (isset($_GET['editform']))
205 | {
206 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
207 |
208 | if ($_POST['author'] == '')
209 | {
210 | $error = 'You must choose an author for this joke.
211 | Click ‘back’ and try again.';
212 | include 'error.html.php';
213 | exit();
214 | }
215 |
216 | try
217 | {
218 | $sql = 'UPDATE joke SET
219 | joketext = :joketext,
220 | authorid = :authorid
221 | WHERE id = :id';
222 | $s = $pdo->prepare($sql);
223 | $s->bindValue(':id', $_POST['id']);
224 | $s->bindValue(':joketext', $_POST['text']);
225 | $s->bindValue(':authorid', $_POST['author']);
226 | $s->execute();
227 | }
228 | catch (PDOException $e)
229 | {
230 | $error = 'Error updating submitted joke.';
231 | include 'error.html.php';
232 | exit();
233 | }
234 |
235 | try
236 | {
237 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
238 | $s = $pdo->prepare($sql);
239 | $s->bindValue(':id', $_POST['id']);
240 | $s->execute();
241 | }
242 | catch (PDOException $e)
243 | {
244 | $error = 'Error removing obsolete joke category entries.';
245 | include 'error.html.php';
246 | exit();
247 | }
248 |
249 | if (isset($_POST['categories']))
250 | {
251 | try
252 | {
253 | $sql = 'INSERT INTO jokecategory SET
254 | jokeid = :jokeid,
255 | categoryid = :categoryid';
256 | $s = $pdo->prepare($sql);
257 |
258 | foreach ($_POST['categories'] as $categoryid)
259 | {
260 | $s->bindValue(':jokeid', $_POST['id']);
261 | $s->bindValue(':categoryid', $categoryid);
262 | $s->execute();
263 | }
264 | }
265 | catch (PDOException $e)
266 | {
267 | $error = 'Error inserting joke into selected categories.';
268 | include 'error.html.php';
269 | exit();
270 | }
271 | }
272 |
273 | header('Location: .');
274 | exit();
275 | }
276 |
277 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
278 | {
279 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
280 |
281 | // Delete category assignments for this joke
282 | try
283 | {
284 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
285 | $s = $pdo->prepare($sql);
286 | $s->bindValue(':id', $_POST['id']);
287 | $s->execute();
288 | }
289 | catch (PDOException $e)
290 | {
291 | $error = 'Error removing joke from categories.';
292 | include 'error.html.php';
293 | exit();
294 | }
295 |
296 | // Delete the joke
297 | try
298 | {
299 | $sql = 'DELETE FROM joke WHERE id = :id';
300 | $s = $pdo->prepare($sql);
301 | $s->bindValue(':id', $_POST['id']);
302 | $s->execute();
303 | }
304 | catch (PDOException $e)
305 | {
306 | $error = 'Error deleting joke.';
307 | include 'error.html.php';
308 | exit();
309 | }
310 |
311 | header('Location: .');
312 | exit();
313 | }
314 |
315 | if (isset($_GET['action']) and $_GET['action'] == 'search')
316 | {
317 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
318 |
319 | // The basic SELECT statement
320 | $select = 'SELECT id, joketext';
321 | $from = ' FROM joke';
322 | $where = ' WHERE TRUE';
323 |
324 | $placeholders = array();
325 |
326 | if ($_GET['author'] != '') // An author is selected
327 | {
328 | $where .= " AND authorid = :authorid";
329 | $placeholders[':authorid'] = $_GET['author'];
330 | }
331 |
332 | if ($_GET['category'] != '') // A category is selected
333 | {
334 | $from .= ' INNER JOIN jokecategory ON id = jokeid';
335 | $where .= " AND categoryid = :categoryid";
336 | $placeholders[':categoryid'] = $_GET['category'];
337 | }
338 |
339 | if ($_GET['text'] != '') // Some search text was specified
340 | {
341 | $where .= " AND joketext LIKE :joketext";
342 | $placeholders[':joketext'] = '%' . $_GET['text'] . '%';
343 | }
344 |
345 | try
346 | {
347 | $sql = $select . $from . $where;
348 | $s = $pdo->prepare($sql);
349 | $s->execute($placeholders);
350 | }
351 | catch (PDOException $e)
352 | {
353 | $error = 'Error fetching jokes.';
354 | include 'error.html.php';
355 | exit();
356 | }
357 |
358 | foreach ($s as $row)
359 | {
360 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
361 | }
362 |
363 | include 'jokes.html.php';
364 | exit();
365 | }
366 |
367 | // Display search form
368 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
369 |
370 | try
371 | {
372 | $result = $pdo->query('SELECT id, name FROM author');
373 | }
374 | catch (PDOException $e)
375 | {
376 | $error = 'Error fetching authors from database!';
377 | include 'error.html.php';
378 | exit();
379 | }
380 |
381 | foreach ($result as $row)
382 | {
383 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
384 | }
385 |
386 | try
387 | {
388 | $result = $pdo->query('SELECT id, name FROM category');
389 | }
390 | catch (PDOException $e)
391 | {
392 | $error = 'Error fetching categories from database!';
393 | include 'error.html.php';
394 | exit();
395 | }
396 |
397 | foreach ($result as $row)
398 | {
399 | $categories[] = array('id' => $row['id'], 'name' => $row['name']);
400 | }
401 |
402 | include 'searchform.html.php';
403 |
--------------------------------------------------------------------------------
/chapter8/admin/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Jokes: Search Results
8 |
9 |
10 | Search Results
11 |
12 |
13 | | Joke Text | Options |
|---|
14 |
15 |
16 | |
17 |
18 |
26 | |
27 |
28 |
29 |
30 |
31 | New search
32 | Return to JMS home
33 |
34 |
35 |
--------------------------------------------------------------------------------
/chapter8/admin/jokes/searchform.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Jokes
8 |
9 |
10 | Manage Jokes
11 | Add new joke
12 |
43 | Return to JMS home
44 |
45 |
46 |
--------------------------------------------------------------------------------
/chapter8/includes/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter8/includes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/includes/helpers.inc.php:
--------------------------------------------------------------------------------
1 | $1', $text);
18 | $text = preg_replace('/\*\*(.+?)\*\*/s', '$1', $text);
19 |
20 | // emphasis
21 | $text = preg_replace('/_([^_]+)_/', '$1', $text);
22 | $text = preg_replace('/\*([^\*]+)\*/', '$1', $text);
23 |
24 | // Convert Windows (\r\n) to Unix (\n)
25 | $text = str_replace("\r\n", "\n", $text);
26 | // Convert Macintosh (\r) to Unix (\n)
27 | $text = str_replace("\r", "\n", $text);
28 |
29 | // Paragraphs
30 | $text = '' . str_replace("\n\n", '
', $text) . '
';
31 | // Line breaks
32 | $text = str_replace("\n", '
', $text);
33 |
34 | // [linked text](link URL)
35 | $text = preg_replace(
36 | '/\[([^\]]+)]\(([-a-z0-9._~:\/?#@!$&\'()*+,;=%]+)\)/i',
37 | '$1', $text);
38 |
39 | return $text;
40 | }
41 |
42 | function markdownout($text)
43 | {
44 | echo markdown2html($text);
45 | }
46 |
--------------------------------------------------------------------------------
/chapter8/includes/magicquotes.inc.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
--------------------------------------------------------------------------------
/chapter8/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/jokes/index.php:
--------------------------------------------------------------------------------
1 | query($sql);
11 | }
12 | catch (PDOException $e)
13 | {
14 | $error = 'Error fetching jokes: ' . $e->getMessage();
15 | include 'error.html.php';
16 | exit();
17 | }
18 |
19 | foreach ($result as $row)
20 | {
21 | $jokes[] = array(
22 | 'id' => $row['id'],
23 | 'text' => $row['joketext'],
24 | 'name' => $row['name'],
25 | 'email' => $row['email']
26 | );
27 | }
28 |
29 | include 'jokes.html.php';
30 |
--------------------------------------------------------------------------------
/chapter8/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | List of Jokes
8 |
9 |
10 | Here are all the jokes in the database:
11 |
12 |
13 |
14 |
15 | (by )
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/chapter8/preg_match1/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Output
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/preg_match2/index.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Output
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter8/sql/ijdb.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE joke (
2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
3 | joketext TEXT,
4 | jokedate DATE NOT NULL,
5 | authorid INT
6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
7 |
8 | CREATE TABLE author (
9 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
10 | name VARCHAR(255),
11 | email VARCHAR(255)
12 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
13 |
14 | CREATE TABLE category (
15 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
16 | name VARCHAR(255)
17 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
18 |
19 | CREATE TABLE jokecategory (
20 | jokeid INT NOT NULL,
21 | categoryid INT NOT NULL,
22 | PRIMARY KEY (jokeid, categoryid)
23 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
24 |
25 | # Sample data
26 | # We specify the IDs so they are known when we add related entries
27 |
28 | INSERT INTO author (id, name, email) VALUES
29 | (1, 'Kevin Yank', 'thatguy@kevinyank.com'),
30 | (2, 'Joan Smith', 'joan@example.com');
31 |
32 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES
33 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1),
34 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1),
35 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2),
36 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2);
37 |
38 | INSERT INTO category (id, name) VALUES
39 | (1, 'Knock-knock'),
40 | (2, 'Cross the road'),
41 | (3, 'Lawyers'),
42 | (4, 'Walk the bar');
43 |
44 | INSERT INTO jokecategory (jokeid, categoryid) VALUES
45 | (1, 2),
46 | (2, 1),
47 | (3, 4),
48 | (4, 3);
49 |
--------------------------------------------------------------------------------
/chapter9/admin/accessdenied.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Access Denied
8 |
9 |
10 | Access Denied
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/chapter9/admin/authors/authors.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Authors
8 |
9 |
10 | Manage Authors
11 | Add new author
12 |
13 |
14 | -
15 |
24 |
25 |
26 |
27 | Return to JMS home
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/chapter9/admin/authors/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter9/admin/authors/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
9 |
10 |
11 |
46 |
47 |
48 |
--------------------------------------------------------------------------------
/chapter9/admin/authors/index.php:
--------------------------------------------------------------------------------
1 | query('SELECT id, description FROM role');
35 | }
36 | catch (PDOException $e)
37 | {
38 | $error = 'Error fetching list of roles.';
39 | include 'error.html.php';
40 | exit();
41 | }
42 |
43 | foreach ($result as $row)
44 | {
45 | $roles[] = array(
46 | 'id' => $row['id'],
47 | 'description' => $row['description'],
48 | 'selected' => FALSE);
49 | }
50 |
51 | include 'form.html.php';
52 | exit();
53 | }
54 |
55 | if (isset($_GET['addform']))
56 | {
57 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
58 |
59 | try
60 | {
61 | $sql = 'INSERT INTO author SET
62 | name = :name,
63 | email = :email';
64 | $s = $pdo->prepare($sql);
65 | $s->bindValue(':name', $_POST['name']);
66 | $s->bindValue(':email', $_POST['email']);
67 | $s->execute();
68 | }
69 | catch (PDOException $e)
70 | {
71 | $error = 'Error adding submitted author.';
72 | include 'error.html.php';
73 | exit();
74 | }
75 |
76 | $authorid = $pdo->lastInsertId();
77 |
78 | if ($_POST['password'] != '')
79 | {
80 | $password = md5($_POST['password'] . 'ijdb');
81 |
82 | try
83 | {
84 | $sql = 'UPDATE author SET
85 | password = :password
86 | WHERE id = :id';
87 | $s = $pdo->prepare($sql);
88 | $s->bindValue(':password', $password);
89 | $s->bindValue(':id', $authorid);
90 | $s->execute();
91 | }
92 | catch (PDOException $e)
93 | {
94 | $error = 'Error setting author password.';
95 | include 'error.html.php';
96 | exit();
97 | }
98 | }
99 |
100 | if (isset($_POST['roles']))
101 | {
102 | foreach ($_POST['roles'] as $role)
103 | {
104 | try
105 | {
106 | $sql = 'INSERT INTO authorrole SET
107 | authorid = :authorid,
108 | roleid = :roleid';
109 | $s = $pdo->prepare($sql);
110 | $s->bindValue(':authorid', $authorid);
111 | $s->bindValue(':roleid', $role);
112 | $s->execute();
113 | }
114 | catch (PDOException $e)
115 | {
116 | $error = 'Error assigning selected role to author.';
117 | include 'error.html.php';
118 | exit();
119 | }
120 | }
121 | }
122 |
123 | header('Location: .');
124 | exit();
125 | }
126 |
127 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
128 | {
129 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
130 |
131 | try
132 | {
133 | $sql = 'SELECT id, name, email FROM author WHERE id = :id';
134 | $s = $pdo->prepare($sql);
135 | $s->bindValue(':id', $_POST['id']);
136 | $s->execute();
137 | }
138 | catch (PDOException $e)
139 | {
140 | $error = 'Error fetching author details.';
141 | include 'error.html.php';
142 | exit();
143 | }
144 |
145 | $row = $s->fetch();
146 |
147 | $pageTitle = 'Edit Author';
148 | $action = 'editform';
149 | $name = $row['name'];
150 | $email = $row['email'];
151 | $id = $row['id'];
152 | $button = 'Update author';
153 |
154 | // Get list of roles assigned to this author
155 | try
156 | {
157 | $sql = 'SELECT roleid FROM authorrole WHERE authorid = :id';
158 | $s = $pdo->prepare($sql);
159 | $s->bindValue(':id', $id);
160 | $s->execute();
161 | }
162 | catch (PDOException $e)
163 | {
164 | $error = 'Error fetching list of assigned roles.';
165 | include 'error.html.php';
166 | exit();
167 | }
168 |
169 | $selectedRoles = array();
170 | foreach ($s as $row)
171 | {
172 | $selectedRoles[] = $row['roleid'];
173 | }
174 |
175 | // Build the list of all roles
176 | try
177 | {
178 | $result = $pdo->query('SELECT id, description FROM role');
179 | }
180 | catch (PDOException $e)
181 | {
182 | $error = 'Error fetching list of roles.';
183 | include 'error.html.php';
184 | exit();
185 | }
186 |
187 | foreach ($result as $row)
188 | {
189 | $roles[] = array(
190 | 'id' => $row['id'],
191 | 'description' => $row['description'],
192 | 'selected' => in_array($row['id'], $selectedRoles));
193 | }
194 |
195 | include 'form.html.php';
196 | exit();
197 | }
198 |
199 | if (isset($_GET['editform']))
200 | {
201 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
202 |
203 | try
204 | {
205 | $sql = 'UPDATE author SET
206 | name = :name,
207 | email = :email
208 | WHERE id = :id';
209 | $s = $pdo->prepare($sql);
210 | $s->bindValue(':id', $_POST['id']);
211 | $s->bindValue(':name', $_POST['name']);
212 | $s->bindValue(':email', $_POST['email']);
213 | $s->execute();
214 | }
215 | catch (PDOException $e)
216 | {
217 | $error = 'Error updating submitted author.';
218 | include 'error.html.php';
219 | exit();
220 | }
221 |
222 | if ($_POST['password'] != '')
223 | {
224 | $password = md5($_POST['password'] . 'ijdb');
225 |
226 | try
227 | {
228 | $sql = 'UPDATE author SET
229 | password = :password
230 | WHERE id = :id';
231 | $s = $pdo->prepare($sql);
232 | $s->bindValue(':password', $password);
233 | $s->bindValue(':id', $_POST['id']);
234 | $s->execute();
235 | }
236 | catch (PDOException $e)
237 | {
238 | $error = 'Error setting author password.';
239 | include 'error.html.php';
240 | exit();
241 | }
242 | }
243 |
244 | try
245 | {
246 | $sql = 'DELETE FROM authorrole WHERE authorid = :id';
247 | $s = $pdo->prepare($sql);
248 | $s->bindValue(':id', $_POST['id']);
249 | $s->execute();
250 | }
251 | catch (PDOException $e)
252 | {
253 | $error = 'Error removing obsolete author role entries.';
254 | include 'error.html.php';
255 | exit();
256 | }
257 |
258 | if (isset($_POST['roles']))
259 | {
260 | foreach ($_POST['roles'] as $role)
261 | {
262 | try
263 | {
264 | $sql = 'INSERT INTO authorrole SET
265 | authorid = :authorid,
266 | roleid = :roleid';
267 | $s = $pdo->prepare($sql);
268 | $s->bindValue(':authorid', $_POST['id']);
269 | $s->bindValue(':roleid', $role);
270 | $s->execute();
271 | }
272 | catch (PDOException $e)
273 | {
274 | $error = 'Error assigning selected role to author.';
275 | include 'error.html.php';
276 | exit();
277 | }
278 | }
279 | }
280 |
281 | header('Location: .');
282 | exit();
283 | }
284 |
285 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
286 | {
287 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
288 |
289 | // Delete role assignments for this author
290 | try
291 | {
292 | $sql = 'DELETE FROM authorrole WHERE authorid = :id';
293 | $s = $pdo->prepare($sql);
294 | $s->bindValue(':id', $_POST['id']);
295 | $s->execute();
296 | }
297 | catch (PDOException $e)
298 | {
299 | $error = 'Error removing author from roles.';
300 | include 'error.html.php';
301 | exit();
302 | }
303 |
304 | // Get jokes belonging to author
305 | try
306 | {
307 | $sql = 'SELECT id FROM joke WHERE authorid = :id';
308 | $s = $pdo->prepare($sql);
309 | $s->bindValue(':id', $_POST['id']);
310 | $s->execute();
311 | }
312 | catch (PDOException $e)
313 | {
314 | $error = 'Error getting list of jokes to delete.';
315 | include 'error.html.php';
316 | exit();
317 | }
318 |
319 | $result = $s->fetchAll();
320 |
321 | // Delete joke category entries
322 | try
323 | {
324 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
325 | $s = $pdo->prepare($sql);
326 |
327 | // For each joke
328 | foreach ($result as $row)
329 | {
330 | $jokeId = $row['id'];
331 | $s->bindValue(':id', $jokeId);
332 | $s->execute();
333 | }
334 | }
335 | catch (PDOException $e)
336 | {
337 | $error = 'Error deleting category entries for joke.';
338 | include 'error.html.php';
339 | exit();
340 | }
341 |
342 | // Delete jokes belonging to author
343 | try
344 | {
345 | $sql = 'DELETE FROM joke WHERE authorid = :id';
346 | $s = $pdo->prepare($sql);
347 | $s->bindValue(':id', $_POST['id']);
348 | $s->execute();
349 | }
350 | catch (PDOException $e)
351 | {
352 | $error = 'Error deleting jokes for author.';
353 | include 'error.html.php';
354 | exit();
355 | }
356 |
357 | // Delete the author
358 | try
359 | {
360 | $sql = 'DELETE FROM author WHERE id = :id';
361 | $s = $pdo->prepare($sql);
362 | $s->bindValue(':id', $_POST['id']);
363 | $s->execute();
364 | }
365 | catch (PDOException $e)
366 | {
367 | $error = 'Error deleting author.';
368 | include 'error.html.php';
369 | exit();
370 | }
371 |
372 | header('Location: .');
373 | exit();
374 | }
375 |
376 | // Display author list
377 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
378 |
379 | try
380 | {
381 | $result = $pdo->query('SELECT id, name FROM author');
382 | }
383 | catch (PDOException $e)
384 | {
385 | $error = 'Error fetching authors from the database!';
386 | include 'error.html.php';
387 | exit();
388 | }
389 |
390 | foreach ($result as $row)
391 | {
392 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
393 | }
394 |
395 | include 'authors.html.php';
396 |
--------------------------------------------------------------------------------
/chapter9/admin/categories/categories.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Categories
8 |
9 |
10 | Manage Categories
11 | Add new category
12 |
13 |
14 | -
15 |
24 |
25 |
26 |
27 | Return to JMS home
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/chapter9/admin/categories/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter9/admin/categories/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
9 |
10 |
11 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/chapter9/admin/categories/index.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
41 | $s->bindValue(':name', $_POST['name']);
42 | $s->execute();
43 | }
44 | catch (PDOException $e)
45 | {
46 | $error = 'Error adding submitted category.';
47 | include 'error.html.php';
48 | exit();
49 | }
50 |
51 | header('Location: .');
52 | exit();
53 | }
54 |
55 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
56 | {
57 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
58 |
59 | try
60 | {
61 | $sql = 'SELECT id, name FROM category WHERE id = :id';
62 | $s = $pdo->prepare($sql);
63 | $s->bindValue(':id', $_POST['id']);
64 | $s->execute();
65 | }
66 | catch (PDOException $e)
67 | {
68 | $error = 'Error fetching category details.';
69 | include 'error.html.php';
70 | exit();
71 | }
72 |
73 | $row = $s->fetch();
74 |
75 | $pageTitle = 'Edit Category';
76 | $action = 'editform';
77 | $name = $row['name'];
78 | $id = $row['id'];
79 | $button = 'Update category';
80 |
81 | include 'form.html.php';
82 | exit();
83 | }
84 |
85 | if (isset($_GET['editform']))
86 | {
87 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
88 |
89 | try
90 | {
91 | $sql = 'UPDATE category SET
92 | name = :name
93 | WHERE id = :id';
94 | $s = $pdo->prepare($sql);
95 | $s->bindValue(':id', $_POST['id']);
96 | $s->bindValue(':name', $_POST['name']);
97 | $s->execute();
98 | }
99 | catch (PDOException $e)
100 | {
101 | $error = 'Error updating submitted category.';
102 | include 'error.html.php';
103 | exit();
104 | }
105 |
106 | header('Location: .');
107 | exit();
108 | }
109 |
110 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
111 | {
112 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
113 |
114 | // Delete joke associations with this category
115 | try
116 | {
117 | $sql = 'DELETE FROM jokecategory WHERE categoryid = :id';
118 | $s = $pdo->prepare($sql);
119 | $s->bindValue(':id', $_POST['id']);
120 | $s->execute();
121 | }
122 | catch (PDOException $e)
123 | {
124 | $error = 'Error removing jokes from category.';
125 | include 'error.html.php';
126 | exit();
127 | }
128 |
129 | // Delete the category
130 | try
131 | {
132 | $sql = 'DELETE FROM category WHERE id = :id';
133 | $s = $pdo->prepare($sql);
134 | $s->bindValue(':id', $_POST['id']);
135 | $s->execute();
136 | }
137 | catch (PDOException $e)
138 | {
139 | $error = 'Error deleting category.';
140 | include 'error.html.php';
141 | exit();
142 | }
143 |
144 | header('Location: .');
145 | exit();
146 | }
147 |
148 | // Display category list
149 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
150 |
151 | try
152 | {
153 | $result = $pdo->query('SELECT id, name FROM category');
154 | }
155 | catch (PDOException $e)
156 | {
157 | $error = 'Error fetching categories from database!';
158 | include 'error.html.php';
159 | exit();
160 | }
161 |
162 | foreach ($result as $row)
163 | {
164 | $categories[] = array('id' => $row['id'], 'name' => $row['name']);
165 | }
166 |
167 | include 'categories.html.php';
168 |
--------------------------------------------------------------------------------
/chapter9/admin/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Joke CMS
6 |
7 |
8 | Joke Management System
9 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/chapter9/admin/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter9/admin/jokes/form.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | <?php htmlout($pageTitle); ?>
8 |
14 |
15 |
16 |
17 |
57 |
58 |
59 |
--------------------------------------------------------------------------------
/chapter9/admin/jokes/index.php:
--------------------------------------------------------------------------------
1 | query('SELECT id, name FROM author');
35 | }
36 | catch (PDOException $e)
37 | {
38 | $error = 'Error fetching list of authors.';
39 | include 'error.html.php';
40 | exit();
41 | }
42 |
43 | foreach ($result as $row)
44 | {
45 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
46 | }
47 |
48 | // Build the list of categories
49 | try
50 | {
51 | $result = $pdo->query('SELECT id, name FROM category');
52 | }
53 | catch (PDOException $e)
54 | {
55 | $error = 'Error fetching list of categories.';
56 | include 'error.html.php';
57 | exit();
58 | }
59 |
60 | foreach ($result as $row)
61 | {
62 | $categories[] = array(
63 | 'id' => $row['id'],
64 | 'name' => $row['name'],
65 | 'selected' => FALSE);
66 | }
67 |
68 | include 'form.html.php';
69 | exit();
70 | }
71 |
72 | if (isset($_GET['addform']))
73 | {
74 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
75 |
76 | if ($_POST['author'] == '')
77 | {
78 | $error = 'You must choose an author for this joke.
79 | Click ‘back’ and try again.';
80 | include 'error.html.php';
81 | exit();
82 | }
83 |
84 | try
85 | {
86 | $sql = 'INSERT INTO joke SET
87 | joketext = :joketext,
88 | jokedate = CURDATE(),
89 | authorid = :authorid';
90 | $s = $pdo->prepare($sql);
91 | $s->bindValue(':joketext', $_POST['text']);
92 | $s->bindValue(':authorid', $_POST['author']);
93 | $s->execute();
94 | }
95 | catch (PDOException $e)
96 | {
97 | $error = 'Error adding submitted joke.';
98 | include 'error.html.php';
99 | exit();
100 | }
101 |
102 | $jokeid = $pdo->lastInsertId();
103 |
104 | if (isset($_POST['categories']))
105 | {
106 | try
107 | {
108 | $sql = 'INSERT INTO jokecategory SET
109 | jokeid = :jokeid,
110 | categoryid = :categoryid';
111 | $s = $pdo->prepare($sql);
112 |
113 | foreach ($_POST['categories'] as $categoryid)
114 | {
115 | $s->bindValue(':jokeid', $jokeid);
116 | $s->bindValue(':categoryid', $categoryid);
117 | $s->execute();
118 | }
119 | }
120 | catch (PDOException $e)
121 | {
122 | $error = 'Error inserting joke into selected categories.';
123 | include 'error.html.php';
124 | exit();
125 | }
126 | }
127 |
128 | header('Location: .');
129 | exit();
130 | }
131 |
132 | if (isset($_POST['action']) and $_POST['action'] == 'Edit')
133 | {
134 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
135 |
136 | try
137 | {
138 | $sql = 'SELECT id, joketext, authorid FROM joke WHERE id = :id';
139 | $s = $pdo->prepare($sql);
140 | $s->bindValue(':id', $_POST['id']);
141 | $s->execute();
142 | }
143 | catch (PDOException $e)
144 | {
145 | $error = 'Error fetching joke details.';
146 | include 'error.html.php';
147 | exit();
148 | }
149 | $row = $s->fetch();
150 |
151 | $pageTitle = 'Edit Joke';
152 | $action = 'editform';
153 | $text = $row['joketext'];
154 | $authorid = $row['authorid'];
155 | $id = $row['id'];
156 | $button = 'Update joke';
157 |
158 | // Build the list of authors
159 | try
160 | {
161 | $result = $pdo->query('SELECT id, name FROM author');
162 | }
163 | catch (PDOException $e)
164 | {
165 | $error = 'Error fetching list of authors.';
166 | include 'error.html.php';
167 | exit();
168 | }
169 |
170 | foreach ($result as $row)
171 | {
172 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
173 | }
174 |
175 | // Get list of categories containing this joke
176 | try
177 | {
178 | $sql = 'SELECT categoryid FROM jokecategory WHERE jokeid = :id';
179 | $s = $pdo->prepare($sql);
180 | $s->bindValue(':id', $id);
181 | $s->execute();
182 | }
183 | catch (PDOException $e)
184 | {
185 | $error = 'Error fetching list of selected categories.';
186 | include 'error.html.php';
187 | exit();
188 | }
189 |
190 | foreach ($s as $row)
191 | {
192 | $selectedCategories[] = $row['categoryid'];
193 | }
194 |
195 | // Build the list of all categories
196 | try
197 | {
198 | $result = $pdo->query('SELECT id, name FROM category');
199 | }
200 | catch (PDOException $e)
201 | {
202 | $error = 'Error fetching list of categories.';
203 | include 'error.html.php';
204 | exit();
205 | }
206 |
207 | foreach ($result as $row)
208 | {
209 | $categories[] = array(
210 | 'id' => $row['id'],
211 | 'name' => $row['name'],
212 | 'selected' => in_array($row['id'], $selectedCategories));
213 | }
214 |
215 | include 'form.html.php';
216 | exit();
217 | }
218 |
219 | if (isset($_GET['editform']))
220 | {
221 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
222 |
223 | if ($_POST['author'] == '')
224 | {
225 | $error = 'You must choose an author for this joke.
226 | Click ‘back’ and try again.';
227 | include 'error.html.php';
228 | exit();
229 | }
230 |
231 | try
232 | {
233 | $sql = 'UPDATE joke SET
234 | joketext = :joketext,
235 | authorid = :authorid
236 | WHERE id = :id';
237 | $s = $pdo->prepare($sql);
238 | $s->bindValue(':id', $_POST['id']);
239 | $s->bindValue(':joketext', $_POST['text']);
240 | $s->bindValue(':authorid', $_POST['author']);
241 | $s->execute();
242 | }
243 | catch (PDOException $e)
244 | {
245 | $error = 'Error updating submitted joke.';
246 | include 'error.html.php';
247 | exit();
248 | }
249 |
250 | try
251 | {
252 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
253 | $s = $pdo->prepare($sql);
254 | $s->bindValue(':id', $_POST['id']);
255 | $s->execute();
256 | }
257 | catch (PDOException $e)
258 | {
259 | $error = 'Error removing obsolete joke category entries.';
260 | include 'error.html.php';
261 | exit();
262 | }
263 |
264 | if (isset($_POST['categories']))
265 | {
266 | try
267 | {
268 | $sql = 'INSERT INTO jokecategory SET
269 | jokeid = :jokeid,
270 | categoryid = :categoryid';
271 | $s = $pdo->prepare($sql);
272 |
273 | foreach ($_POST['categories'] as $categoryid)
274 | {
275 | $s->bindValue(':jokeid', $_POST['id']);
276 | $s->bindValue(':categoryid', $categoryid);
277 | $s->execute();
278 | }
279 | }
280 | catch (PDOException $e)
281 | {
282 | $error = 'Error inserting joke into selected categories.';
283 | include 'error.html.php';
284 | exit();
285 | }
286 | }
287 |
288 | header('Location: .');
289 | exit();
290 | }
291 |
292 | if (isset($_POST['action']) and $_POST['action'] == 'Delete')
293 | {
294 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
295 |
296 | // Delete category assignments for this joke
297 | try
298 | {
299 | $sql = 'DELETE FROM jokecategory WHERE jokeid = :id';
300 | $s = $pdo->prepare($sql);
301 | $s->bindValue(':id', $_POST['id']);
302 | $s->execute();
303 | }
304 | catch (PDOException $e)
305 | {
306 | $error = 'Error removing joke from categories.';
307 | include 'error.html.php';
308 | exit();
309 | }
310 |
311 | // Delete the joke
312 | try
313 | {
314 | $sql = 'DELETE FROM joke WHERE id = :id';
315 | $s = $pdo->prepare($sql);
316 | $s->bindValue(':id', $_POST['id']);
317 | $s->execute();
318 | }
319 | catch (PDOException $e)
320 | {
321 | $error = 'Error deleting joke.';
322 | include 'error.html.php';
323 | exit();
324 | }
325 |
326 | header('Location: .');
327 | exit();
328 | }
329 |
330 | if (isset($_GET['action']) and $_GET['action'] == 'search')
331 | {
332 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
333 |
334 | // The basic SELECT statement
335 | $select = 'SELECT id, joketext';
336 | $from = ' FROM joke';
337 | $where = ' WHERE TRUE';
338 |
339 | $placeholders = array();
340 |
341 | if ($_GET['author'] != '') // An author is selected
342 | {
343 | $where .= " AND authorid = :authorid";
344 | $placeholders[':authorid'] = $_GET['author'];
345 | }
346 |
347 | if ($_GET['category'] != '') // A category is selected
348 | {
349 | $from .= ' INNER JOIN jokecategory ON id = jokeid';
350 | $where .= " AND categoryid = :categoryid";
351 | $placeholders[':categoryid'] = $_GET['category'];
352 | }
353 |
354 | if ($_GET['text'] != '') // Some search text was specified
355 | {
356 | $where .= " AND joketext LIKE :joketext";
357 | $placeholders[':joketext'] = '%' . $_GET['text'] . '%';
358 | }
359 |
360 | try
361 | {
362 | $sql = $select . $from . $where;
363 | $s = $pdo->prepare($sql);
364 | $s->execute($placeholders);
365 | }
366 | catch (PDOException $e)
367 | {
368 | $error = 'Error fetching jokes.';
369 | include 'error.html.php';
370 | exit();
371 | }
372 |
373 | foreach ($s as $row)
374 | {
375 | $jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
376 | }
377 |
378 | include 'jokes.html.php';
379 | exit();
380 | }
381 |
382 | // Display search form
383 | include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
384 |
385 | try
386 | {
387 | $result = $pdo->query('SELECT id, name FROM author');
388 | }
389 | catch (PDOException $e)
390 | {
391 | $error = 'Error fetching authors from database!';
392 | include 'error.html.php';
393 | exit();
394 | }
395 |
396 | foreach ($result as $row)
397 | {
398 | $authors[] = array('id' => $row['id'], 'name' => $row['name']);
399 | }
400 |
401 | try
402 | {
403 | $result = $pdo->query('SELECT id, name FROM category');
404 | }
405 | catch (PDOException $e)
406 | {
407 | $error = 'Error fetching categories from database!';
408 | include 'error.html.php';
409 | exit();
410 | }
411 |
412 | foreach ($result as $row)
413 | {
414 | $categories[] = array('id' => $row['id'], 'name' => $row['name']);
415 | }
416 |
417 | include 'searchform.html.php';
418 |
--------------------------------------------------------------------------------
/chapter9/admin/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Jokes: Search Results
8 |
9 |
10 | Search Results
11 |
12 |
13 | | Joke Text | Options |
|---|
14 |
15 |
16 | |
17 |
18 |
26 | |
27 |
28 |
29 |
30 |
31 | New search
32 | Return to JMS home
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/chapter9/admin/jokes/searchform.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Manage Jokes
8 |
9 |
10 | Manage Jokes
11 | Add new joke
12 |
43 | Return to JMS home
44 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/chapter9/admin/login.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Log In
8 |
9 |
10 | Log In
11 | Please log in to view the page that you requested.
12 |
13 |
14 |
15 |
29 | Return to JMS home
30 |
31 |
32 |
--------------------------------------------------------------------------------
/chapter9/admin/logout.inc.html.php:
--------------------------------------------------------------------------------
1 |
8 |
--------------------------------------------------------------------------------
/chapter9/cookiecounter/index.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Cookie counter
8 |
9 |
10 |
11 | 1)
13 | {
14 | echo "This is visit number $visits.";
15 | }
16 | else
17 | {
18 | // First visit
19 | echo 'Welcome to my website! Click here for a tour!';
20 | }
21 | ?>
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/chapter9/includes/access.inc.php:
--------------------------------------------------------------------------------
1 | prepare($sql);
62 | $s->bindValue(':email', $email);
63 | $s->bindValue(':password', $password);
64 | $s->execute();
65 | }
66 | catch (PDOException $e)
67 | {
68 | $error = 'Error searching for author.';
69 | include 'error.html.php';
70 | exit();
71 | }
72 |
73 | $row = $s->fetch();
74 |
75 | if ($row[0] > 0)
76 | {
77 | return TRUE;
78 | }
79 | else
80 | {
81 | return FALSE;
82 | }
83 | }
84 |
85 | function userHasRole($role)
86 | {
87 | include 'db.inc.php';
88 |
89 | try
90 | {
91 | $sql = "SELECT COUNT(*) FROM author
92 | INNER JOIN authorrole ON author.id = authorid
93 | INNER JOIN role ON roleid = role.id
94 | WHERE email = :email AND role.id = :roleId";
95 | $s = $pdo->prepare($sql);
96 | $s->bindValue(':email', $_SESSION['email']);
97 | $s->bindValue(':roleId', $role);
98 | $s->execute();
99 | }
100 | catch (PDOException $e)
101 | {
102 | $error = 'Error searching for author roles.';
103 | include 'error.html.php';
104 | exit();
105 | }
106 |
107 | $row = $s->fetch();
108 |
109 | if ($row[0] > 0)
110 | {
111 | return TRUE;
112 | }
113 | else
114 | {
115 | return FALSE;
116 | }
117 | }
118 |
--------------------------------------------------------------------------------
/chapter9/includes/db.inc.php:
--------------------------------------------------------------------------------
1 | setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
6 | $pdo->exec('SET NAMES "utf8"');
7 | }
8 | catch (PDOException $e)
9 | {
10 | $error = 'Unable to connect to the database server.';
11 | include 'error.html.php';
12 | exit();
13 | }
14 |
--------------------------------------------------------------------------------
/chapter9/includes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter9/includes/helpers.inc.php:
--------------------------------------------------------------------------------
1 | $1', $text);
18 | $text = preg_replace('/\*\*(.+?)\*\*/s', '$1', $text);
19 |
20 | // emphasis
21 | $text = preg_replace('/_([^_]+)_/', '$1', $text);
22 | $text = preg_replace('/\*([^\*]+)\*/', '$1', $text);
23 |
24 | // Convert Windows (\r\n) to Unix (\n)
25 | $text = str_replace("\r\n", "\n", $text);
26 | // Convert Macintosh (\r) to Unix (\n)
27 | $text = str_replace("\r", "\n", $text);
28 |
29 | // Paragraphs
30 | $text = '' . str_replace("\n\n", '
', $text) . '
';
31 | // Line breaks
32 | $text = str_replace("\n", '
', $text);
33 |
34 | // [linked text](link URL)
35 | $text = preg_replace(
36 | '/\[([^\]]+)]\(([-a-z0-9._~:\/?#@!$&\'()*+,;=%]+)\)/i',
37 | '$1', $text);
38 |
39 | return $text;
40 | }
41 |
42 | function markdownout($text)
43 | {
44 | echo markdown2html($text);
45 | }
46 |
--------------------------------------------------------------------------------
/chapter9/includes/magicquotes.inc.php:
--------------------------------------------------------------------------------
1 | $v)
8 | {
9 | unset($process[$key][$k]);
10 | if (is_array($v))
11 | {
12 | $process[$key][stripslashes($k)] = $v;
13 | $process[] = &$process[$key][stripslashes($k)];
14 | }
15 | else
16 | {
17 | $process[$key][stripslashes($k)] = stripslashes($v);
18 | }
19 | }
20 | }
21 | unset($process);
22 | }
23 |
--------------------------------------------------------------------------------
/chapter9/jokes/error.html.php:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Script Error
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/chapter9/jokes/index.php:
--------------------------------------------------------------------------------
1 | query($sql);
11 | }
12 | catch (PDOException $e)
13 | {
14 | $error = 'Error fetching jokes: ' . $e->getMessage();
15 | include 'error.html.php';
16 | exit();
17 | }
18 |
19 | foreach ($result as $row)
20 | {
21 | $jokes[] = array(
22 | 'id' => $row['id'],
23 | 'text' => $row['joketext'],
24 | 'name' => $row['name'],
25 | 'email' => $row['email']
26 | );
27 | }
28 |
29 | include 'jokes.html.php';
30 |
--------------------------------------------------------------------------------
/chapter9/jokes/jokes.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | List of Jokes
8 |
9 |
10 | Here are all the jokes in the database:
11 |
12 |
13 |
14 |
15 | (by )
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/chapter9/shoppingcart/cart.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Shopping Cart
8 |
16 |
17 |
18 | Your Shopping Cart
19 | 0): ?>
20 |
21 |
22 |
23 | | Item Description |
24 | Price |
25 |
26 |
27 |
28 |
29 | | Total: |
30 | $ |
31 |
32 |
33 |
34 |
35 |
36 | |
37 |
38 | $
39 | |
40 |
41 |
42 |
43 |
44 |
45 | Your cart is empty!
46 |
47 |
53 |
54 |
55 |
--------------------------------------------------------------------------------
/chapter9/shoppingcart/catalog.html.php:
--------------------------------------------------------------------------------
1 |
3 |
4 |
5 |
6 |
7 | Product Catalog
8 |
16 |
17 |
18 | Your shopping cart contains items.
20 | View your cart
21 |
22 |
23 |
24 | | Item Description |
25 | Price |
26 |
27 |
28 |
29 |
30 |
31 | |
32 |
33 | $
34 | |
35 |
36 |
43 | |
44 |
45 |
46 |
47 |
48 | All prices are in imaginary dollars.
49 |
50 |
51 |
--------------------------------------------------------------------------------
/chapter9/shoppingcart/index.php:
--------------------------------------------------------------------------------
1 | '1', 'desc' => 'Canadian-Australian Dictionary',
7 | 'price' => 24.95),
8 | array('id' => '2', 'desc' => 'As-new parachute (never opened)',
9 | 'price' => 1000),
10 | array('id' => '3', 'desc' => 'Songs of the Goldfish (2CD set)',
11 | 'price' => 19.99),
12 | array('id' => '4', 'desc' => 'Simply JavaScript (SitePoint)',
13 | 'price' => 39.95));
14 |
15 | session_start();
16 | if (!isset($_SESSION['cart']))
17 | {
18 | $_SESSION['cart'] = array();
19 | }
20 |
21 | if (isset($_POST['action']) and $_POST['action'] == 'Buy')
22 | {
23 | // Add item to the end of the $_SESSION['cart'] array
24 | $_SESSION['cart'][] = $_POST['id'];
25 | header('Location: .');
26 | exit();
27 | }
28 |
29 | if (isset($_POST['action']) and $_POST['action'] == 'Empty cart')
30 | {
31 | // Empty the $_SESSION['cart'] array
32 | unset($_SESSION['cart']);
33 | header('Location: ?cart');
34 | exit();
35 | }
36 |
37 | if (isset($_GET['cart']))
38 | {
39 | $cart = array();
40 | $total = 0;
41 | foreach ($_SESSION['cart'] as $id)
42 | {
43 | foreach ($items as $product)
44 | {
45 | if ($product['id'] == $id)
46 | {
47 | $cart[] = $product;
48 | $total += $product['price'];
49 | break;
50 | }
51 | }
52 | }
53 |
54 | include 'cart.html.php';
55 | exit();
56 | }
57 |
58 | include 'catalog.html.php';
59 |
--------------------------------------------------------------------------------
/chapter9/sql/ijdb.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE joke (
2 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
3 | joketext TEXT,
4 | jokedate DATE NOT NULL,
5 | authorid INT
6 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
7 |
8 | CREATE TABLE author (
9 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
10 | name VARCHAR(255),
11 | email VARCHAR(255),
12 | password CHAR(32),
13 | UNIQUE (email)
14 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
15 |
16 | CREATE TABLE category (
17 | id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
18 | name VARCHAR(255)
19 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
20 |
21 | CREATE TABLE jokecategory (
22 | jokeid INT NOT NULL,
23 | categoryid INT NOT NULL,
24 | PRIMARY KEY (jokeid, categoryid)
25 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
26 |
27 | CREATE TABLE role (
28 | id VARCHAR(255) NOT NULL PRIMARY KEY,
29 | description VARCHAR(255)
30 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
31 |
32 | CREATE TABLE authorrole (
33 | authorid INT NOT NULL,
34 | roleid VARCHAR(255) NOT NULL,
35 | PRIMARY KEY (authorid, roleid)
36 | ) DEFAULT CHARACTER SET utf8 ENGINE=InnoDB;
37 |
38 | # Sample data
39 | # We specify the IDs so they are known when we add related entries
40 |
41 | INSERT INTO author (id, name, email, password) VALUES
42 | (1, 'Kevin Yank', 'thatguy@kevinyank.com', MD5('passwordijdb')),
43 | (2, 'Joan Smith', 'joan@example.com', NULL);
44 |
45 | INSERT INTO joke (id, joketext, jokedate, authorid) VALUES
46 | (1, 'Why did the chicken cross the road? To get to the other side!', '2012-04-01', 1),
47 | (2, 'Knock-knock! Who\'s there? Boo! "Boo" who? Don\'t cry; it\'s only a joke!', '2012-04-01', 1),
48 | (3, 'A man walks into a bar. "Ouch."', '2012-04-01', 2),
49 | (4, 'How many lawyers does it take to screw in a lightbulb? I can\'t say: I might be sued!', '2012-04-01', 2);
50 |
51 | INSERT INTO category (id, name) VALUES
52 | (1, 'Knock-knock'),
53 | (2, 'Cross the road'),
54 | (3, 'Lawyers'),
55 | (4, 'Walk the bar');
56 |
57 | INSERT INTO jokecategory (jokeid, categoryid) VALUES
58 | (1, 2),
59 | (2, 1),
60 | (3, 4),
61 | (4, 3);
62 |
63 | INSERT INTO role (id, description) VALUES
64 | ('Content Editor', 'Add, remove, and edit jokes'),
65 | ('Account Administrator', 'Add, remove, and edit authors'),
66 | ('Site Administrator', 'Add, remove, and edit categories');
67 |
68 | INSERT INTO authorrole (authorid, roleid) VALUES
69 | (1, 'Account Administrator');
70 |
--------------------------------------------------------------------------------
/readme.txt:
--------------------------------------------------------------------------------
1 | Note regarding database connection parameters
2 | ---------------------------------------------
3 |
4 | Most of the database connection function calls in the
5 | .php files included here use the 'root' username and a fictitious
6 | 'mypassword' password. To use these scripts, you will have to change the
7 | username and password for all the files to your actual database username
8 | and password.
9 |
10 | The scripts also use 'ijdb' as the database name in the PDO('mysql:host=localhost;dbname=ijdb' … )
11 | calls. Be sure to set the name to match that on your server.
--------------------------------------------------------------------------------