[Gonzo0193]

Ok i want to make my code more flexible, and easier to configure. Also maybe a bit neater

admin_panel.php

<?php 
echo "<center>";
		echo "<h1>" . "Admin Panel" . "</h1>" . "<br />";

// Add movie		
echo "<fieldset style=\"width:25%\">";
	include("movie_add.inc.php");
echo "</fieldset>";
echo "<br />";

// Update Stock
echo "<fieldset style=\"width:25%\">";
	include("Stock_update.inc.php");
echo "</fieldset>";

echo "</center>";
?>

movie_add.php

<?php include("database/database.php");

// Set variables
$movie = mysql_real_escape_string($_POST['movie']);
$descr = mysql_real_escape_string($_POST['descr']);
$stock = mysql_real_escape_string($_POST['stock']);

// Insert set values
mysql_query("INSERT INTO movies 
(movie, description, stock) VALUES ('$movie', '$descr', '$stock') ")
or die(mysql_error());
echo "<b>" . $movie . "</b>" . " Added";
 ?>

movie_add.inc.php

<html>
<form action="movie_add.php" method="post">
			<font size="+1"><b><u>Add Movie</u></b></font>
			<br />
			Movie:<center><input type="text" name="movie"></center>
		<br />
			Description:<center><td><input type="text" name="descr"></center>
		<br />
			Stock:<center><input type="text" name="stock"></center>
		<br />
			<INPUT TYPE=SUBMIT>
</form>
</html>

stock_update.php

<?php 
include("database/database.php");
include("config/config.php");

echo "<center><font size=\"+1\"><b><u>Stock Update</u></b></font></center>";

$movie_id = mysql_real_escape_string($_POST['movie']);

if($movie_id) {
  // Get the movie
  $sql_result = mysql_query("SELECT * FROM movies WHERE movie = '".$movie_id."' LIMIT 1");

  // Get array
  if(mysql_num_rows($sql_result)>0) {
	$movie = mysql_fetch_array($sql_result);
	// Put code here for administration or anything else.. Example to display the stock count:
	echo $movie_id . ": ";
	echo $movie['stock'];
  } else {
	echo "Movie with such ID not found.";
  }
} else {
echo "No movie ID has been given.";
}

if(mysql_error()) {
  echo mysql_error();
}
// increase stock variables
$incre_id = mysql_real_escape_string($_POST['incre']);

$newstock = $movie['stock'] + $incre_id;
// increase
mysql_query("UPDATE movies SET stock = '".$newstock."'
WHERE movie = '$movie_id'");
echo "<br />" . "New stock: " . $newstock;
echo "<br />" . "$___adminlink";

?>

stock_update.inc.php

<html>
<form action="stock_update.php" method="post">
			<font size="+1"><b><u>Update Stock</u></b></font>
			<br />
			Movie:<center><input type="text" name="movie"></center>
		<br />
			Increase By:<center><input type="text" name="incre"></center>
		<br />
			<INPUT TYPE=SUBMIT>
</form>
</html>

config/config.php

<?php
$___url = "localhost";
$___adminlink = "<a href=\"" . $url . "/admin_panel.php\">Admin Panel</a>";
?>

database/database.php

<?php
		include("settings.inc.php");
		$connection = mysql_connect($CONFIG['DBHOST'],
		$CONFIG['DBUSER'],
		$CONFIG['DBPASS']) or die("Could not establish a connection with mysql.");
		mysql_select_db($CONFIG['DBNAME']) or die("Unable to select database.");
?>

database/settings.inc.php

<?php
		$CONFIG['DBHOST'] = "localhost"; // Database servers location, normally localhost
		$CONFIG['DBUSER'] = "root"; // sql user
		$CONFIG['DBPASS'] = ""; // db users password
		$CONFIG['DBNAME'] = "movies"; // Database to connect to
?>

[brennydoogles]

Gonzo0193, on 16 Dec, 2009 - 11:07 AM, said:

Ok i want to make my code more flexible, and easier to configure. Also maybe a bit neater

You can break out of php when you have blocks of code that don't really need to contain php to keep your code clean. For example:

<?php 
echo "<center>";
		echo "<h1>" . "Admin Panel" . "</h1>" . "<br />";

// Add movie		
echo "<fieldset style=\"width:25%\">";
	include("movie_add.inc.php");
echo "</fieldset>";
echo "<br />";

// Update Stock
echo "<fieldset style=\"width:25%\">";
	include("Stock_update.inc.php");
echo "</fieldset>";

echo "</center>";
?>

Becomes:

<center>
	 <h1>Admin Panel</h1><br />	
	 <fieldset style="width:25%">
	<?php  include("movie_add.inc.php"); ?>
	 </fieldset><br />
	 <fieldset style="width:25%">
	<?php  include("Stock_update.inc.php"); ?>
	 </fieldset>

</center>

This will help your code look nicer, and also allow your generated source code to be tabbed out sanely for reading and debugging in the browser. Hope that helped!

[Gonzo0193]

Hmm it never really passed my mind
Thankyou for that

This post has been edited by Gonzo0193: 16 December 2009 - 01:29 PM

[ghqwerty]

another thing which is a personal bug is when people do what you did

echo "something";
echo "something else";
echo "something else";

same result =

echo "something
something else
something else";

far easier to write, maintain nd read.

look at one of my 'more simple' display functions

function showMineOverview($user, $location, $admin){
		$query = "select * from population where user = $user and location = '$location'";
		$dbdata = mysql_query($query, $this->dblink);
		$row = mysql_fetch_array($dbdata);
		$output = "<form action='home.php?page=population&sub=admin' method='post'>
			<table border='1'>
				<tr>
					<td colspan='4'>
						<center>
							Mines
						</center>						
					</td>
				<tr>
				<tr>
					<td>
						Level
					</td>
					<td>
						Number of Mines
					</td>
					<td>
						Number of Miners
					</td>
					<td>
						Production per Hour
					</td>
				</tr>
				";
		$totProduction = 0;
		for($x=0;$x<5;$x++){
			$y = $x+1;			
			$mines = $this->pop[$this->dbMine[$x]];
			$miners = $this->pop[$this->dbMiners[$x]];
			$production = $this->minerProduction[$x]*$miners;
			$totProduction += $production;
			$output .= "
				<tr>	
					<td>
						 $y
					</td>
					<td>";
						if($admin > 3){ $output .= "<input type='text' name='adminMines".$x."' value='$mines'>"; }else{ $output .= $mines;}
						$output .= "
					</td>
					<td>
						";
						if($admin > 3){ $output .= "<input type='text' name='adminMiners".$x."' value='$miners'>"; }else{ $output .= $miners;}
						$output .= "
					</td>
					<td>
						$production
					</td>
				</tr>";					
		}
		$output .= "
				<tr>
					<td colspan='3'>
						<p align='right'>
							Total Production
						</p>
					</td>
					<td>
						$totProduction
					</td>
				";
				if($admin > 3){
					$output .= "<tr><td colspan='4'><input type='submit' name='adminMineChange' value='Change'></form></td></tr>";
				}
				$output .= "
			</table>
		";

		return $output;
				
	}

imaging writing echo "blah";

on EVERY line

as you may have seen i also use $output = .... or $output .=


at the end of the function i also use return $output not echo.
echo is (relatively) slow and so by having the amount you have slows it down a lot. if you have multip[le 'sections' to a function then you may need to use echo 3-4 times. better still make it into a variable then echo it at the end.

i have used return instead of echo as it allows me to better manipuate where i show it in my interface functions but thats a differant topic

make sure that if you can you line up your tabs. makes it easier and always remember tabs after { in a for, if, function, while etc

hope this helps

[RPGonzo]

Breaking in and out of php "MAY" help some ... but to others drive us INSANE ... don't let CT see you do that or he may just try and have your head.

One key i would point out if your going to try and consolidate, make cleaner, make easier to upgrade/change,etc is look into classes. This would give you more leeway in the future.

also PHP and HTML should be kept separately if at all possible, creating a simple template system to seek and replace values would be best and would allow more flexibility in editing your HTML/PHP later to add or remove simple styling and markup or processing code.

[ghqwerty]

Quote

One key i would point out if your going to try and consolidate, make cleaner, make easier to upgrade/change,etc is look into classes. This would give you more leeway in the futur

couldnt agree more.

[RPGonzo]

http://php.net/manua...nguage.oop5.php

get to know it soon, very well and as through as your little mind can handle.

My little mind is still absorbing don't worry it wont happen overnight but would be VERY much recommended to start getting in the habit of using soon and implementing at all times ( if applicable )

If i have some time tomorrow ill try and make a quick example for you using your code so you can pick it apart and reverse engineer it. I know that always helps me

[Gonzo0193]

Thanks for all your replys, i have take note of suggestions.
But for now im going to get some sleep.

Cheers
-Arron

[Gonzo0193]

Ok it is uploaded to here for now so people can have a go.
i will get to work on the suggestions now.

http://www.wctplaste...admin_panel.php

[RPGonzo]

Im not a professional so therefore not without flaw ....

But here goes something that may help you get started with OOP using your own code, i was able to get all your code into one class including the submissions, made a VERY SIMPLEX template that utilizes str_replace to put some information here and there as i saw may be needed, also tried to comment as much as i could to help better understand what things are doing .. i tested locally and without errors ( as far as i could see ) and also the HTML validates through the W3C markup validator

Hope this helps!!!

admin_panel.php

<?php
/*************************************
	SIMPLE example that could be 
	modified / fitted better for 
	your needs, i simply threw it 
	together!
**************************************/

/* 
	i always use e_all while developing to prevent future bugs as much as possible.
	not a good thing to have on while its a live site to the public though
*/
	error_reporting(E_ALL);

class admin_panel {
	
	/** DB SETTINGS PRIVATE VARIABLES **/
	private $dbhost = "localhost"; 	// Database servers location, normally localhost
	private $dbuser = "root"; 		// sql user
	private $dbpass = "dbpassword";	// db users password
	private $dbname = "movies";		// Database to connect to
	private $conn;
	
	/** LOCAL PUBLIC VARIABLES **/	
	var $admin_html;
	var $html;
	var $post = array();
	
	function __construct() {
		session_start();
		
		/* grab our html template to modify */
		$this->admin_html = file_get_contents("admin_panel_body.html");
		
		/* create database connection */
		$this->conn = @mysql_connect($this->dbhost, $this->dbuser, $this->dbpass);
		mysql_select_db($this->dbname);
		
		/* trigger a error if necessary */
		if (!$this->conn) {
			$this->trigger_message(mysql_error(), "FATAL");
		}
		
		/**
			submit zone:
			if the script finds the submit path filled it will set a session var and 
			redirect, this cause the page to be able to be refreshed and the data NOT 
			resent. But not before we use the submitted data to do our work
		**/
		
		if (isset($_POST['submit_path'])) {
			/* this is the method i use to prevent page refreshs doubling the data sent */
			$_SESSION['post_vars'] = $_POST;
			header("Location: admin_panel.php");
			exit;
		}
		
		/* its double the code for my method but its what i like to do */
		if (isset($_SESSION['post_vars'])) {
			$this->post = $_SESSION['post_vars'];
			
			/* we are done with the submitted information so we clear it */
			unset($_SESSION['post_vars']);
			
			/* 
				if you ever add more form submissions simply add the hidden fields value
				here and let it process the information
			*/
			switch ($this->post['submit_path']) {
				case "add_movie":
					$this->add_movie();
				 break;
				case "update_stock":
					$this->update_stock();
				 break;
			}
		}
	
		/* send the broswer what we have so far */
		$this->flush_html();
	}
		
		/* function for adding movies on request to the database */
		private function add_movie() {
			/* if for some reason we got here with no values to process return */
			if (!isset($this->post)) { return; }
			
			/* if the stock value submitted was not a number return error */
			if (!ctype_digit($this->post['stock'])) {
				$this->trigger_message("Stock quanity provided not a number.", "MINOR");
			}
			
			$_ins = "INSERT INTO movies (movie, description, stock) VALUES ('"
					. $this->clean($this->post['movie']) . "', '"
					. $this->clean($this->post['descr']) . "', '"
					. $this->post['stock'] . "')";
			
			if (mysql_query($_ins)) {
				$this->trigger_message("Movie(" . $this->post['movie'] . ") was added successfully!", "Successful addition.");
			} else {
				$this->trigger_message("Error adding (" . $this->post['movie'] . ") : " . mysql_error(), "Error adding to database.");
			}
		}
		
		/* function for updating existing stock */
		private function update_stock() {
			/* if for some reason we got here with no values to process return */
			if (!isset($this->post)) { return; }
			
			$_chk = "SELECT COUNT(*) as movie_count FROM movies WHERE movie = '"
					. $this->clean($this->post['movie']) . "' LIMIT 1";
			$_result = mysql_query($_chk) or $this->trigger_message(mysql_error(), "FATAL");
			$_var = mysql_fetch_array($_result);
			
			/* if the movie doesnt exist trigger the message */
			if ($_var['movie_count'] != 1) {
				$this->trigger_message("This movie (" . $this->post['movie'] .") does not exists in our database.", "MINOR");
				exit;
			}
			
			/* if the value submitted was not a number return error check first for negative though */
			if (substr($this->post['incre'], 0, 1) == "-") {
				$mth_sym = "-";
				$this->post['incre'] = str_replace("-", "", $this->post['incre']);
			} else {
				$mth_sym = "+";
			}
			
			/* past the checking for negative we check the value for being a number */
			if (!ctype_digit($this->post['incre'])) {
				$this->trigger_message("Update quanity provided not a number.", "MINOR");
			}

			
			$_upt = "UPDATE movies SET stock = stock $mth_sym " . $this->post['incre'] . " WHERE movie = '" 
					. $this->clean($this->post['movie']) . "'";
					
			if (mysql_query($_upt)) {
				$this->trigger_message("Movie(" . $this->post['movie'] . ") was updated successfully!", "Successful update.");
			} else {
				$this->trigger_message("Error updating (" . $this->post['movie'] . ") : " . mysql_error(), "Error updating to database.");
			}
		}
		
		/**
			the reason i make this a function is you can always add any addiontal
			processing or cleaning here and simple call it when necessary, of course
			we start the mysql connnection in the construct function so this should
			"technically" not fail when used
		**/
		private function clean($input) {
			return mysql_real_escape_string($input);
		}
		
		/**
			this function basically will clean any format strings we use in the 
			HTML for the str replace function. If we didn't replace them with HTML
			we wanted we do not want it showing up in the source code
		**/		
		private function strip_format() {
			/* just add any tags you add into this array */
			$tag_arr = array(
				"<!-- MESSAGE ZONE -->",
				"<!-- Add movie  -->",
				"<!-- Update Stock -->",
				"{message_title}",
				"{message_contents}",
				"{mes_bg}",
				"{mes_cl}",
			);
			
			$this->html = str_replace($tag_arr, "", $this->html);
		}
		
		/** 
			this function will push out whatever HTML that is in the buffer to the browser
		**/
		private function flush_html() {
			/* if the html was not set yet we at least give the user the basic admin panel */
			if ($this->html == "" || !isset($this->html)) {
				$this->html = $this->admin_html;
			}
			
			$this->strip_format();
			echo $this->html;
		}
	
		/** 
			i create a function to take care of filling and coloring the message window when we need it
			arguments:
				$message_content = the body of the message window will show this message
				$message_title = preset: FATAL == A fatal error has occured
										 MINOR == An error has occured
										 Default == Whatever you tpe in the argument
		**/
		private function trigger_message($message_contents, $message_title) {
			switch ($message_title) {
				case "FATAL":
					$message_title = "A fatal error has occured.";
					$mes_bg = "#FF0000";
					$mes_cl = "#FFFFFF";
				 break;
				case "MINOR":
					$message_title = "An error has occured.";
					$mes_bg = "#FF0000";
					$mes_cl = "#FFFFFF";
				 break;
				default:
					$message_title = $message_title;
					$mes_bg = "#A4D7FF";
					$mes_cl = "#000000";
				 break;
			}
			
			$fnd_arr = array("{message_title}","{message_contents}","{mes_bg}","{mes_cl}");
			$rpl_arr = array($message_title,$message_contents,$mes_bg,$mes_cl);
			
			$this->html = str_replace($fnd_arr, $rpl_arr, $this->admin_html);
			$this->flush_html();
			exit;
		}
	
};

$ap = new admin_panel;
?>

admin_panel_body.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<head>
		<title>Admin-Panel</title>
		<meta http-equiv="Content-Language" content="en-us"/>
		<meta http-equiv="Content-Type" content="text/html; charset=windows-1252"/>
	</head>
<body>
	<center>
		<h1>Admin Panel</h1><br />

		<!-- MESSAGE ZONE -->
		<div align="center" style="background-color:{mes_bg};color:{mes_cl};text-align:left;width:50%;">
			<h2>{message_title}</h2>
			<h3 style="text-indent:25px;">{message_contents}</h3>
		</div>
		
		<!-- Add movie  -->	  
		<fieldset style="width:25%">
			<form action="admin_panel.php" method="post">
				<font size="+1"><b><u>Add Movie</u></b></font>
				<br />
				Movie:<center><input type="text" name="movie"/></center>
				<br />
				Description:<center><input type="text" name="descr"/></center>
				<br />
				Stock:<center><input type="text" name="stock"/></center>
				<br />
				<input type="hidden" name="submit_path" value="add_movie"/>
				<input type="submit"/>
			</form>
		</fieldset>

		<br />

		<!-- Update Stock -->
		<fieldset style="width:25%">
			<form action="admin_panel.php" method="post">
				<font size="+1"><b><u>Update Stock</u></b></font>
				<br />
				Movie:<center><input type="text" name="movie"/></center>
				<br />
				Increase or Descrease By:<center><input type="text" name="incre"/></center>
				<br />
				<input type="hidden" name="submit_path" value="update_stock"/>
				<input type="submit"/>
			</form>
		</fieldset>

	</center>
</body>
</html>

[Gonzo0193]

Thankyou for spending your time on this for me, i am in the process of reading through and taking it all in. One thing that cunfused me is the variable "$this" is used alot and yet i havent seen it defined anywhere in the code?


The first edit i made was to the validation of submiting a movie. As before it would only produce and error if the stock given was not a number.

/* if the stock, movie, or description inputs are invalid send error message */
			if (!ctype_digit($this->post['stock'])) {
				$this->trigger_message("Stock given was not an interger", "MINOR");
			} elseif (($this->post['descr']) == "")	{
				$this->trigger_message("Description not given", "MINOR");
			} elseif (($this->post['movie']) == "")	{
				$this->trigger_message("Movie not given", "MINOR");
			}

			

This post has been edited by Gonzo0193: 18 December 2009 - 03:51 AM

[RPGonzo]

In OOP ( using classes ) the $this variable is a reference variable to the class itself ....

So since i defined a private function name trigger_message you can use it by doing $this->trigger_message(/*arguments here*/)

And good the good is for you to use / learn from / abuse / manipulate in any way you want / need

Classes can later be used to store multiple routines and functions that you commonly use all the time. For instance one of the most popular ones you will probably see is a database class, which initiates a connection and contains several functions that are commonly used in scripts ie ( updates, inserts , deletes, etc )

at the very bottom of the admin panel you will see i created a instance of the class using $ap = new admin_panel

If there are any pubic functions or variables in the class than you could later access them with that variable. Most of that class is private variables and functions because some of if just needs to remain internal only.

Hope this helps a little

[ghqwerty]

RPGonzo briefly touch upon private variables there, which reminds me

the scope of variables is something you will do well if you can remember this scope inside out. many a time have i been looking through code and NORMALLY would work fine however the variable might be simply in the wrong place (sometimes only one or 2 lines)

so the first thing to do when debugging etc is to echo out all the variables your using and ensure they are all there and also there are all what you want/intended

another thing oop is good for is breaking stuff down into managable chunks. i.e., a page of mine

<?php

session_start();
$pop = new Population;
$pop->populationInterface();

?>

running that code will do everything that is needed for the page i want, which is actually quite a hefty file as it supports multiple pages.

the populations interface then subsequently calls other sub-functions and in tern they call more functions and it build up the page.

this may sound complicated but its actually very easy and i cant stress how much easier it is to isolate errors in your code when you can break it down into premade chunks, think bitesize lol

[RPGonzo]

correct!!

The class i made is a example of OOP not a proper utilization of what it can really be used for.

Truly this could be split into 3 different classes and used more frequently across your site.

1) database class for the initialization and utilization of a MySQL connection. While your there and if you haven't already maybe start looking into MySQLi it has some security built in that could shorten, sweeten and further secure your code for accessing/updating the database.

2) a HTML template system. Simply put you can make a class that all it deals with is the getting and manipulation of HTML as needed

3) session class to further secure your page. Initiating sessions is alot more valuable than just storing a array like i did. Verifying a persons identity and user level could come in REAL handy when wanting to allow only certain features to be usable.

easy way to dump all vars ( if accessible ) from a class is to just simple dump the class itself

$ap = new admin_panel;
// add here the dump
var_dump($ap);

and whatever variables that are set will be shown ... this will also show which vars are private meaning if you directly try to echo it

echo $ap->dbpass;

you will get a error stating

Quote

Fatal error: Cannot access private property admin_panel::$dbuser in \admin_panel.php on line 226

This post has been edited by RPGonzo: 18 December 2009 - 01:31 PM

[ghqwerty]

Gonzo - brain picking time

i have a function below

function readTable($x) {
		$query = "SELECT * FROM ".$this->table[$x]." where id = '".$this->id."'";
		$dbdata = mysql_query($query,$this->dblink) or die('Error reading from '.$this->table[$x]." ".mysql_error());
		$this->row = mysql_fetch_array($dbdata);
	}

along with

function getPop($id, $location){
		$query = "select * from population where user = $id and location = '$location'";
		$dbdata = mysql_query($query, $this->dblink);
		$this->pop = mysql_fetch_array($dbdata);
	}

which i use in pretty much every page however i dont see how i could make them into 1 function short of just using a switch of if, ifelse list to determine which variable name to use since $this-> does not support variable variables.


similar to another problem with updating a table, i had an idea to have 4 params,
table(could be in number form with an array to determine which one for ease of use)
update(array of the columns/cells to update
values (self explanatory- array with same build as other array)
where???


however not quite sure how i would implement this ? any help