The CMS (#6) PHP

Base · #1 (**permalink**) 03-31-2007, 06:41 PM

Ok, so in this kind of mammoth tutorial, we are going to be:

Adding users

Editing users

So lets start off with some add-user.php in your admin directory!

PHP Code:


			
<?php

session_start();

if($login_username=="") {

Header("Location: login.php");

} else {

// Adding a user page, simple form and simple table drop.



include("../includes/connect.php");



// Let's get going!

if($_POST['submit']) {



// Get variables



$username = $_POST['username'];

$pw = $_POST['pw'];



// Now we have the edited user & pass, then we need to run the code.



$query = "INSERT INTO users (ID, username, pw) VALUES ('', '$username', '$pw')";

mysql_query($query) or die(mysql_error());

echo "User has been added to the database sucessfully";

}

?>

<form action="<?php echo $_SERVER[PHP_SELF]; ?>" method="post" name="submit">

Username: <input name="username" type="text" value="Username" size="20"> <br>

Password: <input name="pw" type="text" value="Password" size="20"><br>

<input name="submit" type="submit" value="Add user">

</form>

<?php } ?>

Once agiain and with all my tutorials we will go through this line by line, but baisicly everything that you see in this code, you have seen else where.

Lines 2 to 8 are are security and including our database connection.

Line 11: if($_POST['submit']) { - So we are only going to execute this code, if someone has clicked one of the form buttons.

$username = $_POST['username'];
$pw = $_POST['pw'];

In the case of someone editing a user, we need to get their username & password.

$query = "INSERT INTO users (ID, username, pw) VALUES ('', '$username', '$pw')";

Inserting the new users into the database!

mysql_query($query) or die(mysql_error());
echo "User has been added to the database sucessfully";

Running the query, and echoing to the user.

} - Ending the if statement.

Nothing then needs explaining untill this line: <?php } ?>

This is just just the end of the security, so if a user visits the page and is not logged in, they won't see anything before they are redirected.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

PHP Code:


			
<?php

// Make sure page is secure

session_start();

if($login_username=="") {

Header("Location: login.php");

} else {

// If it is then include file

include("../includes/connect.php");





if($_POST['submit']) {



$id = $_GET['id'];

$username = $_POST['username'];

$pw = $_POST['pw'];



//The MySQL query. Select all from the table users where the ID equals the id sent in URL.



$query = "SELECT * FROM users WHERE ID='$id'";

//Executing the query.

$result = mysql_query($query) or die(mysql_error());

//Displaying the results of the query.

while ($row = mysql_fetch_array($result)) {

//extract() takes an associative array and treats the keys as variable names and values as variable values.



extract($row);



$query = "UPDATE users SET username = '$username', pw = '$pw' WHERE ID = '$id'";



echo "User modified.";

} else {



// Lets get into the code!



$query = "SELECT * FROM users ORDER BY ID DESC";

//Executing the query.

$result = mysql_query($query) or die(mysql_error());

//Displaying the results of the query.

while ($row = mysql_fetch_array($result)) {

//extract() takes an associative array and treats the keys as variable names and values as variable values.



extract($row);

?>





<form method="post" action="<?php echo $_SERVER[PHP_SELF]; ?>">

<table align="center">

<tr>

  <td align="right">Username:</td>

  <td><input type="text" name="username" value="<?php echo "$username"; ?>" maxlength="250" /></td></tr>

<tr>

  <td align="right">Password:</td>

  <td><input type="text" name="pw" value="<?php echo "$pw"; ?>" maxlength="250" /></td></tr>



<tr><td> </td><td><input type="hidden" name="id" value="<?php echo "$ID"; ?>" /><input type="submit" name="edit" value="Modify" /><input type="reset" name="reset" value="Reset" /></td></tr>

</table>

</form>

<?php } } ?>

Ok, so once again we are going to go at this line by line, and once again its all fairly familiar code.

The first 17 lines (up to: The MySQL query. Select all from the table users where the ID equals the id sent in URL.)

We should all know before if we have looked at my previous tutorials.

$query = "SELECT * FROM users WHERE ID='$id'"; - remember we are getting the variable $id from here:

<input type="hidden" name="id" value="<?php echo "$ID"; ?>" />

Onwards!

extract($row);

$query = "UPDATE users SET username = '$username', pw = '$pw' WHERE ID = '$id'";

So we are extracting the row now, and creating this query:

"Update the table users, and set the username to $useraname, and the password to $pw where the row ID is $id"

Get it?

} else {

// Lets get into the code!

$query = "SELECT * FROM users ORDER BY ID DESC";

So this code will only happen if nobody has clicked "modify" i.e. they havent submitted the edit.

$result = mysql_query($query) or die(mysql_error());
//Displaying the results of the query.
while ($row = mysql_fetch_array($result)) {

Again some nice and simple code, just running our query, and putting it into a while loop.

So to explain it.

All of the code in between this:

while ($row = mysql_fetch_array($result)) {

And this

} (this is at the bottom of the code)

Will be placed into a while loop, so baisicly for every result it will execute that code.

You get me?

Hope you have gleamed that little bit more information and knoledge.

As allways a file is included.

Cheers!

Base

nose · #2 (**permalink**) 05-04-2007, 02:14 AM

Great !!!

Regards

Jabba · #3 (**permalink**) 05-19-2007, 02:14 PM

really helpfull tut!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode