PHP & MySQL Introduction

A session keeps variables ‘in mind’ after you load a new page It does this in the $_SESSION array You need two extra lines in THE TOP of your pages session_name( “oneword_no_spaces” ); session_start(); This of it as a fridge You put something in de box before you go Take something out after you return

$_SESSION[‘valid_user’] Three steps of login… $_SESSION[‘valid_user’] $_POST[‘submit’] mysql_query()

The proper order

Database > link $query = “SELECT * FROM books”; //execute & loop $row = mysql_fetch_assoc($result); $id = $row[‘id’]; $title = $row[‘title’]; print "<p>".$title." ["; print "<a href='?r=".$id."'>delete print "</a>]<p>\n";

Q: What’s the proper order? Link > Database <?php $remove_id = $_GET['r'] + 0; if ($remove_id > 0 ){ $query = “DELETE FROM books WHERE id=”.$remove_id.” LIMIT 1”; mysql_query( $query ); } ?> Q: What’s the proper order?

Tasks $_GET/$_POST exercise Delete test

Goals You know what a CMS is You’ll create a website from pages stored in a database You’ll create a form to put pages into a database We’ll use the UPDATE statement

Content Management System CMS Content Management System Users Permissions Content Examples UvA DWS Joomla! ( http://www.linux.com/ ) Drupal (http://www.london.gov.uk/ )

Many people can’t write HTML Conforms to company style Why a CMS? Many people can’t write HTML Conforms to company style Makes managing a website easier Who made a page? When? Still relevant? Who can change what? Can be handled from a website Anytime, anyplace, anywhere

Not really, for a small site Handy for us? Not really, for a small site One user Not a lot of content However No more FileZilla for every change No need to copy/paste header & footer Menu makes itself with a bit of programming Limitations We’ll use HTML code Images still need to be uploaded

Table Primary key = id (int, primary key, a.i.) Content is your html code Menu_name is displayed in the menu Level is the horizontal hierarchy Position is the vertical hierarchy / order website.php?page_id=4

Create table if you haven’t done so yet Exercise Create table if you haven’t done so yet Initials + _ + website Insert a few pages in phpMyAdmin Just add some rubbish but pay attention to the level and order so you can check if your menu is properly generated Make a new folder in your website Example: cindy/cms/ Make a new file index.php Example: cindy/cms/index.php

Creating your main page We’ll only use one file to show every page: index.php For now we’ll put header & footer etc all in that file We need a php script with the following Database connection SELECT id, menu_name, position, level Use the results to make the menu SELECT content WHERE id=x Show the current page content

Menu script Animals Welcome Birds level position Bees if ( $row[‘level’] > 1 ){ print “<p class=‘submenu’>”; } else{ print “<p class=‘menu’>”;

Menu script print “<p class=‘menu_”. $row[‘level’].”’>”; print “<a href= ‘index.php?page_id=“. $row[‘id’].”’>”; print $row[‘menu_name’]; print “</a></p>\n”;

Exercise Create table if you haven’t done so yet Insert a few pages in phpMyAdmin Make a new folder in your website Make a new file index.php Make a table for banner, menu, content Add menu and content php

What goes out must go in Now for the input side Form input types Names id will be dealt with by database content > textarea Menu_name > text input Position > text input (for now) Level > radio input or select Names Same as database fields

Add form html, use print for each line Exercise, admin pages Make a new file cms/admin/index.php Add form html, use print for each line

You want to see a list of current pages Below or above comes the form What goes out must go in You want to see a list of current pages Think of book pages Below or above comes the form On submit we add a new page INSERT INTO xyz_website VALUES ( NULL, ‘”.$content.”’, ‘”.$menu_name.”’, “.$level.”, “.$position.” )” Strip & check incoming variables! A delete option would also be nice

Add form html, use print for each line Add insert and delete code Exercise, admin pages Make a new file cms/admin/index.php Add form html, use print for each line Add insert and delete code

You can only add things at the end… Drawbacks You can only add things at the end… Use large numbers for position Recalculate position Last one is better but you’ll need a timestamp Last page that edited and shares a position is the proper one, the stuff below it moves up one position So…

Add form html, use print for each line Add insert and delete code Exercise, admin pages Make a new file cms/admin/index.php Add form html, use print for each line Add insert and delete code Add a new column at the end of your table Name: changed Type: timestamp

On submit we add a new page Drawbacks On submit we add a new page INSERT INTO xyz_website VALUES ( NULL, ‘”.$content.”’, ‘”.$menu_name.”’, “.$level.”, “.$position.”, NOW())” After you insert or delete a record you run UpdatePosition( $row[‘page_id’]; See next page for this function I nicked it from some website and copy/pasted it ever after

UpdatePosition function UpdatePosition( $id ){ //set counter $query = "SET @counter=0"; mysql_query( $query ); //recalculate positions $query = "UPDATE xyz_website SET position = ( SELECT @counter:= @counter+1 ) WHERE id=".$id." ORDER BY position ASC, changed ASC"; }

Add form html, use print for each line Add insert and delete code Exercise, admin pages Make a new file cms/admin/index.php Add form html, use print for each line Add insert and delete code Add a new column at the end of your table Add UpdatePosition()

Goals You know what a CMS is You’ll create a website from pages stored in a database You’ll create a form to put pages into a database We’ll use the UPDATE statement

Think about your CMS and make a list Tasks Think about your CMS and make a list What is really missing and needed? What else do you like to add? Are there any bugs or vulnerabilities? Add a few pages to your CMS Make a nice CSS layout Add a banner The two above could be taken from your site of the previous course

Done