Question: Web scripting php Use the php scripts below for Ch13 and Ch14. Implement the codes in a fully functional working web application which does the
Web scripting php
Use the php scripts below for Ch13 and Ch14. Implement the codes in a fully functional working web application which does the following:
Allows users to register with their personal information (include legible screen shot
Confirmation messages of logging in, out and successful registration
Allows users to log in to the database
Allows users to visit all the links, Upcoming events, current reading list, contact book club
View the book club members list
View individual book club member details
All the working links (members area, previous and next buttons etc )
PHP SCRIPTS:
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
book_club.sql
USE mydatabase;
CREATE TABLE members ( id SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, username VARCHAR(30) BINARY NOT NULL UNIQUE, password CHAR(41) NOT NULL, firstName VARCHAR(30) NOT NULL, lastName VARCHAR(30) NOT NULL, joinDate DATE NOT NULL, gender ENUM( 'm', 'f' ) NOT NULL, favoriteGenre ENUM( 'crime', 'horror', 'thriller', 'romance', 'sciFi', 'adventure', 'nonFiction' ) NOT NULL, emailAddress VARCHAR(50) NOT NULL UNIQUE, otherInterests TEXT NOT NULL, PRIMARY KEY (id) );
INSERT INTO members VALUES( 1, 'sparky', password('mypass'), 'John', 'Sparks', '2007-11-13', 'm', 'crime', 'jsparks@example.com', 'Football, fishing and gardening' ); INSERT INTO members VALUES( 2, 'mary', password('mypass'), 'Mary', 'Newton', '2007-02-06', 'f', 'thriller', 'mary@example.com', 'Writing, hunting and travel' ); INSERT INTO members VALUES( 3, 'jojo', password('mypass'), 'Jo', 'Scrivener', '2006-09-03', 'f', 'romance', 'jscrivener@example.com', 'Genealogy, writing, painting' ); INSERT INTO members VALUES( 4, 'marty', password('mypass'), 'Marty', 'Pareene', '2007-01-07', 'm', 'horror', 'marty@example.com', 'Guitar playing, rock music, clubbing' ); INSERT INTO members VALUES( 5, 'nickb', password('mypass'), 'Nick', 'Blakeley', '2007-08-19', 'm', 'sciFi', 'nick@example.com', 'Watching movies, cooking, socializing' ); INSERT INTO members VALUES( 6, 'bigbill', password('mypass'), 'Bill', 'Swan', '2007-06-11', 'm', 'nonFiction', 'billswan@example.com', 'Tennis, judo, music' ); INSERT INTO members VALUES( 7, 'janefield', password('mypass'), 'Jane', 'Field', '2006-03-03', 'f', 'crime', 'janefield@example.com', 'Thai cookery, gardening, traveling' );
CREATE TABLE accessLog ( memberId SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, pageUrl VARCHAR(255) NOT NULL, numVisits MEDIUMINT NOT NULL, lastAccess TIMESTAMP NOT NULL, PRIMARY KEY (memberId, pageUrl) );
INSERT INTO accessLog( memberId, pageUrl, numVisits ) VALUES( 1, 'diary.php', 2 ); INSERT INTO accessLog( memberId, pageUrl, numVisits ) VALUES( 3, 'books.php', 2 ); INSERT INTO accessLog( memberId, pageUrl, numVisits ) VALUES( 3, 'contact.php', 1 ); INSERT INTO accessLog( memberId, pageUrl, numVisits ) VALUES( 6, 'books.php', 4 );
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
COMMON.CSS
/* Page body */ body { font-family: Arial, Helvetica, sans-serif; }
/* Definition lists */ dl { width: 100%; margin: 2em 0; padding: 0; clear: both; overflow: auto; } dt { width: 30%; float: left; margin: 0; padding: 5px 9.9% 5px 0; border-top: 1px solid #DDDDB7; font-weight: bold; overflow: auto; clear: left; } dd { width: 60%; float: left; margin: 0; padding: 6px 0 5px 0; border-top: 1px solid #DDDDB7; overflow: auto; }
/* Headings */ h1 { font-weight: bold; margin: 35px 0 14px; color: #666; font-size: 1.5em; } h2 { font-weight: bold; margin: 30px 0 12px; color: #666; font-size: 1.3em; } h3 { font-weight: normal; margin: 30px 0 12px; color: #666; font-size: 1.2em; } h4 { font-weight: bold; margin: 25px 0 12px; color: #666; font-size: 1.0em; } h5 { font-weight: bold; margin: 25px 0 12px; color: #666; font-size: 0.9em; }
/* Forms */ label { display: block; float: left; clear: both; text-align: right; margin: 0.6em 5px 0 0; width: 40%; } input, select, textarea { float: right; margin: 1em 0 0 0; width: 57%; } input { border: 1px solid #666; } input[type=radio], input[type=checkbox], input[type=submit], input[type=reset], input[type=button], input[type=image] { width: auto; }
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Common.inc
require_once( "config.php" ); require_once( "Member.class.php" ); require_once( "LogEntry.class.php" );
function displayPageHeader( $pageTitle, $membersArea = false ) { ?>
function displayPageFooter() { ?>
function validateField( $fieldName, $missingFields ) { if ( in_array( $fieldName, $missingFields ) ) { echo ' class="error"'; } }
function setChecked( DataObject $obj, $fieldName, $fieldValue ) { if ( $obj->getValue( $fieldName ) == $fieldValue ) { echo ' checked="checked"'; } }
function setSelected( DataObject $obj, $fieldName, $fieldValue ) { if ( $obj->getValue( $fieldName ) == $fieldValue ) { echo ' selected="selected"'; } }
function checkLogin() { session_start(); if ( !$_SESSION["member"] or !$_SESSION["member"] = Member::getMember( $_SESSION["member"]->getValue( "id" ) ) ) { $_SESSION["member"] = ""; header( "Location: login.php" ); exit; } else { $logEntry = new LogEntry( array ( "memberId" => $_SESSION["member"]->getValue( "id" ), "pageUrl" => basename( $_SERVER["PHP_SELF"] ) ) ); $logEntry->record(); } }
?>
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Config.php
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
dataobject.class.php
require_once "config.php";
abstract class DataObject {
protected $data = array();
public function __construct( $data ) { foreach ( $data as $key => $value ) { if ( array_key_exists( $key, $this->data ) ) $this->data[$key] = $value; } }
public function getValue( $field ) { if ( array_key_exists( $field, $this->data ) ) { return $this->data[$field]; } else { die( "Field not found" ); } }
public function getValueEncoded( $field ) { return htmlspecialchars( $this->getValue( $field ) ); }
protected function connect() { try { $conn = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD ); $conn->setAttribute( PDO::ATTR_PERSISTENT, true ); $conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION ); } catch ( PDOException $e ) { die( "Connection failed: " . $e->getMessage() ); }
return $conn; }
protected function disconnect( $conn ) { $conn = ""; } }
?>
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
LogEntry.class.php
require_once "DataObject.class.php";
class LogEntry extends DataObject {
protected $data = array( "memberId" => "", "pageUrl" => "", "numVisits" => "", "lastAccess" => "" );
public static function getLogEntries( $memberId ) { $conn = parent::connect(); $sql = "SELECT * FROM " . TBL_ACCESS_LOG . " WHERE memberId = :memberId ORDER BY lastAccess DESC";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":memberId", $memberId, PDO::PARAM_INT ); $st->execute(); $logEntries = array(); foreach ( $st->fetchAll() as $row ) { $logEntries[] = new LogEntry( $row ); } parent::disconnect( $conn ); return $logEntries; } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public function record() { $conn = parent::connect(); $sql = "SELECT * FROM " . TBL_ACCESS_LOG . " WHERE memberId = :memberId AND pageUrl = :pageUrl";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":memberId", $this->data["memberId"], PDO::PARAM_INT ); $st->bindValue( ":pageUrl", $this->data["pageUrl"], PDO::PARAM_STR ); $st->execute();
if ( $st->fetch() ) { $sql = "UPDATE " . TBL_ACCESS_LOG . " SET numVisits = numVisits + 1 WHERE memberId = :memberId AND pageUrl = :pageUrl"; $st = $conn->prepare( $sql ); $st->bindValue( ":memberId", $this->data["memberId"], PDO::PARAM_INT ); $st->bindValue( ":pageUrl", $this->data["pageUrl"], PDO::PARAM_STR ); $st->execute(); } else { $sql = "INSERT INTO " . TBL_ACCESS_LOG . " ( memberId, pageUrl, numVisits ) VALUES ( :memberId, :pageUrl, 1 )"; $st = $conn->prepare( $sql ); $st->bindValue( ":memberId", $this->data["memberId"], PDO::PARAM_INT ); $st->bindValue( ":pageUrl", $this->data["pageUrl"], PDO::PARAM_STR ); $st->execute(); }
parent::disconnect( $conn ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public static function deleteAllForMember( $memberId ) { $conn = parent::connect(); $sql = "DELETE FROM " . TBL_ACCESS_LOG . " WHERE memberId = :memberId";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":memberId", $memberId, PDO::PARAM_INT ); $st->execute(); parent::disconnect( $conn ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
}
?>
-----------------------------------------------------------------------------------------------------------------------------------------------------------
Member.class.php
require_once "DataObject.class.php";
class Member extends DataObject {
protected $data = array( "id" => "", "username" => "", "password" => "", "firstName" => "", "lastName" => "", "joinDate" => "", "gender" => "", "favoriteGenre" => "", "emailAddress" => "", "otherInterests" => "" );
private $_genres = array( "crime" => "Crime", "horror" => "Horror", "thriller" => "Thriller", "romance" => "Romance", "sciFi" => "Sci-Fi", "adventure" => "Adventure", "nonFiction" => "Non-Fiction" );
public static function getMembers( $startRow, $numRows, $order ) { $conn = parent::connect(); $sql = "SELECT SQL_CALC_FOUND_ROWS * FROM " . TBL_MEMBERS . " ORDER BY $order LIMIT :startRow, :numRows";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":startRow", $startRow, PDO::PARAM_INT ); $st->bindValue( ":numRows", $numRows, PDO::PARAM_INT ); $st->execute(); $members = array(); foreach ( $st->fetchAll() as $row ) { $members[] = new Member( $row ); } $st = $conn->query( "SELECT found_rows() as totalRows" ); $row = $st->fetch(); parent::disconnect( $conn ); return array( $members, $row["totalRows"] ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public static function getMember( $id ) { $conn = parent::connect(); $sql = "SELECT * FROM " . TBL_MEMBERS . " WHERE id = :id";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":id", $id, PDO::PARAM_INT ); $st->execute(); $row = $st->fetch(); parent::disconnect( $conn ); if ( $row ) return new Member( $row ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public static function getByUsername( $username ) { $conn = parent::connect(); $sql = "SELECT * FROM " . TBL_MEMBERS . " WHERE username = :username";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":username", $username, PDO::PARAM_STR ); $st->execute(); $row = $st->fetch(); parent::disconnect( $conn ); if ( $row ) return new Member( $row ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public static function getByEmailAddress( $emailAddress ) { $conn = parent::connect(); $sql = "SELECT * FROM " . TBL_MEMBERS . " WHERE emailAddress = :emailAddress";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":emailAddress", $emailAddress, PDO::PARAM_STR ); $st->execute(); $row = $st->fetch(); parent::disconnect( $conn ); if ( $row ) return new Member( $row ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public function getGenderString() { return ( $this->data["gender"] == "f" ) ? "Female" : "Male"; }
public function getFavoriteGenreString() { return ( $this->_genres[$this->data["favoriteGenre"]] ); }
public function getGenres() { return $this->_genres; }
public function insert() { $conn = parent::connect(); $sql = "INSERT INTO " . TBL_MEMBERS . " ( username, password, firstName, lastName, joinDate, gender, favoriteGenre, emailAddress, otherInterests ) VALUES ( :username, password(:password), :firstName, :lastName, :joinDate, :gender, :favoriteGenre, :emailAddress, :otherInterests )";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":username", $this->data["username"], PDO::PARAM_STR ); $st->bindValue( ":password", $this->data["password"], PDO::PARAM_STR ); $st->bindValue( ":firstName", $this->data["firstName"], PDO::PARAM_STR ); $st->bindValue( ":lastName", $this->data["lastName"], PDO::PARAM_STR ); $st->bindValue( ":joinDate", $this->data["joinDate"], PDO::PARAM_STR ); $st->bindValue( ":gender", $this->data["gender"], PDO::PARAM_STR ); $st->bindValue( ":favoriteGenre", $this->data["favoriteGenre"], PDO::PARAM_STR ); $st->bindValue( ":emailAddress", $this->data["emailAddress"], PDO::PARAM_STR ); $st->bindValue( ":otherInterests", $this->data["otherInterests"], PDO::PARAM_STR ); $st->execute(); parent::disconnect( $conn ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public function update() { $conn = parent::connect(); $passwordSql = $this->data["password"] ? "password = password(:password)," : ""; $sql = "UPDATE " . TBL_MEMBERS . " SET username = :username, $passwordSql firstName = :firstName, lastName = :lastName, joinDate = :joinDate, gender = :gender, favoriteGenre = :favoriteGenre, emailAddress = :emailAddress, otherInterests = :otherInterests WHERE id = :id";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":id", $this->data["id"], PDO::PARAM_INT ); $st->bindValue( ":username", $this->data["username"], PDO::PARAM_STR ); if ( $this->data["password"] ) $st->bindValue( ":password", $this->data["password"], PDO::PARAM_STR ); $st->bindValue( ":firstName", $this->data["firstName"], PDO::PARAM_STR ); $st->bindValue( ":lastName", $this->data["lastName"], PDO::PARAM_STR ); $st->bindValue( ":joinDate", $this->data["joinDate"], PDO::PARAM_STR ); $st->bindValue( ":gender", $this->data["gender"], PDO::PARAM_STR ); $st->bindValue( ":favoriteGenre", $this->data["favoriteGenre"], PDO::PARAM_STR ); $st->bindValue( ":emailAddress", $this->data["emailAddress"], PDO::PARAM_STR ); $st->bindValue( ":otherInterests", $this->data["otherInterests"], PDO::PARAM_STR ); $st->execute(); parent::disconnect( $conn ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } } public function delete() { $conn = parent::connect(); $sql = "DELETE FROM " . TBL_MEMBERS . " WHERE id = :id";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":id", $this->data["id"], PDO::PARAM_INT ); $st->execute(); parent::disconnect( $conn ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
public function authenticate() { $conn = parent::connect(); $sql = "SELECT * FROM " . TBL_MEMBERS . " WHERE username = :username AND password = password(:password)";
try { $st = $conn->prepare( $sql ); $st->bindValue( ":username", $this->data["username"], PDO::PARAM_STR ); $st->bindValue( ":password", $this->data["password"], PDO::PARAM_STR ); $st->execute(); $row = $st->fetch(); parent::disconnect( $conn ); if ( $row ) return new Member( $row ); } catch ( PDOException $e ) { parent::disconnect( $conn ); die( "Query failed: " . $e->getMessage() ); } }
}
?>
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
register.php
require_once( "common.inc.php" );
if ( isset( $_POST["action"] ) and $_POST["action"] == "register" ) { processForm(); } else { displayForm( array(), array(), new Member( array() ) ); }
function displayForm( $errorMessages, $missingFields, $member ) { displayPageHeader( "Sign up for the book club!" );
if ( $errorMessages ) { foreach ( $errorMessages as $errorMessage ) { echo $errorMessage; } } else { ?>
Thanks for choosing to join our book club.
To register, please fill in your details below and click Send Details.
Fields marked with an asterisk (*) are required.
function processForm() { $requiredFields = array( "username", "password", "emailAddress", "firstName", "lastName", "gender" ); $missingFields = array(); $errorMessages = array();
$member = new Member( array( "username" => isset( $_POST["username"] ) ? preg_replace( "/[^ \-\_a-zA-Z0-9]/", "", $_POST["username"] ) : "", "password" => ( isset( $_POST["password1"] ) and isset( $_POST["password2"] ) and $_POST["password1"] == $_POST["password2"] ) ? preg_replace( "/[^ \-\_a-zA-Z0-9]/", "", $_POST["password1"] ) : "", "firstName" => isset( $_POST["firstName"] ) ? preg_replace( "/[^ \'\-a-zA-Z0-9]/", "", $_POST["firstName"] ) : "", "lastName" => isset( $_POST["lastName"] ) ? preg_replace( "/[^ \'\-a-zA-Z0-9]/", "", $_POST["lastName"] ) : "", "gender" => isset( $_POST["gender"] ) ? preg_replace( "/[^mf]/", "", $_POST["gender"] ) : "", "favoriteGenre" => isset( $_POST["favoriteGenre"] ) ? preg_replace( "/[^a-zA-Z]/", "", $_POST["favoriteGenre"] ) : "", "emailAddress" => isset( $_POST["emailAddress"] ) ? preg_replace( "/[^ \@\.\-\_a-zA-Z0-9]/", "", $_POST["emailAddress"] ) : "", "otherInterests" => isset( $_POST["otherInterests"] ) ? preg_replace( "/[^ \'\,\.\-a-zA-Z0-9]/", "", $_POST["otherInterests"] ) : "", "joinDate" => date( "Y-m-d" ) ) );
foreach ( $requiredFields as $requiredField ) { if ( !$member->getValue( $requiredField ) ) { $missingFields[] = $requiredField; } }
if ( $missingFields ) { $errorMessages[] = '
There were some missing fields in the form you submitted. Please complete the fields highlighted below and click Send Details to resend the form.
'; }if ( !isset( $_POST["password1"] ) or !isset( $_POST["password2"] ) or !$_POST["password1"] or !$_POST["password2"] or ( $_POST["password1"] != $_POST["password2"] ) ) { $errorMessages[] = '
Please make sure you enter your password correctly in both password fields.
'; }if ( Member::getByUsername( $member->getValue( "username" ) ) ) { $errorMessages[] = '
A member with that username already exists in the database. Please choose another username.
'; }if ( Member::getByEmailAddress( $member->getValue( "emailAddress" ) ) ) { $errorMessages[] = '
A member with that email address already exists in the database. Please choose another email address, or contact the webmaster to retrieve your password.
'; }if ( $errorMessages ) { displayForm( $errorMessages, $missingFields, $member ); } else { $member->insert(); displayThanks(); } }
function displayThanks() { displayPageHeader( "Thanks for registering!" ); ?>
Thank you, you are now a registered member of the book club.
-------------------------------------------------------------------------------------------------------------------------------------------------
view_member.php
require_once( "common.inc.php" ); require_once( "config.php" ); require_once( "Member.class.php" ); require_once( "LogEntry.class.php" );
$memberId = isset( $_REQUEST["memberId"] ) ? (int)$_REQUEST["memberId"] : 0;
if ( !$member = Member::getMember( $memberId ) ) { displayPageHeader( "Error" ); echo "
if ( isset( $_POST["action"] ) and $_POST["action"] == "Save Changes" ) { saveMember(); } elseif ( isset( $_POST["action"] ) and $_POST["action"] == "Delete Member" ) { deleteMember(); } else { displayForm( array(), array(), $member ); }
function displayForm( $errorMessages, $missingFields, $member ) { $logEntries = LogEntry::getLogEntries( $member->getValue( "id" ) ); displayPageHeader( "View member: " . $member->getValueEncoded( "firstName" ) . " " . $member->getValueEncoded( "lastName" ) );
if ( $errorMessages ) { foreach ( $errorMessages as $errorMessage ) { echo $errorMessage; } }
$start = isset( $_REQUEST["start"] ) ? (int)$_REQUEST["start"] : 0; $order = isset( $_REQUEST["order"] ) ? preg_replace( "/[^ a-zA-Z]/", "", $_REQUEST["order"] ) : "username"; ?>
Access log
| Web page | Number of visits | Last visit | getValueEncoded( "pageUrl" ) ?> | getValueEncoded( "numVisits" ) ?> | getValueEncoded( "lastAccess" ) ?> |
|---|
function saveMember() { $requiredFields = array( "username", "emailAddress", "firstName", "lastName", "joinDate", "gender" ); $missingFields = array(); $errorMessages = array();
$member = new Member( array( "id" => isset( $_POST["memberId"] ) ? (int) $_POST["memberId"] : "", "username" => isset( $_POST["username"] ) ? preg_replace( "/[^ \-\_a-zA-Z0-9]/", "", $_POST["username"] ) : "", "password" => isset( $_POST["password"] ) ? preg_replace( "/[^ \-\_a-zA-Z0-9]/", "", $_POST["password"] ) : "", "emailAddress" => isset( $_POST["emailAddress"] ) ? preg_replace( "/[^ \@\.\-\_a-zA-Z0-9]/", "", $_POST["emailAddress"] ) : "", "firstName" => isset( $_POST["firstName"] ) ? preg_replace( "/[^ \'\-a-zA-Z0-9]/", "", $_POST["firstName"] ) : "", "lastName" => isset( $_POST["lastName"] ) ? preg_replace( "/[^ \'\-a-zA-Z0-9]/", "", $_POST["lastName"] ) : "", "joinDate" => isset( $_POST["joinDate"] ) ? preg_replace( "/[^\-0-9]/", "", $_POST["joinDate"] ) : "", "gender" => isset( $_POST["gender"] ) ? preg_replace( "/[^mf]/", "", $_POST["gender"] ) : "", "favoriteGenre" => isset( $_POST["favoriteGenre"] ) ? preg_replace( "/[^a-zA-Z]/", "", $_POST["favoriteGenre"] ) : "", "otherInterests" => isset( $_POST["otherInterests"] ) ? preg_replace( "/[^ \'\,\.\-a-zA-Z0-9]/", "", $_POST["otherInterests"] ) : "" ) );
foreach ( $requiredFields as $requiredField ) { if ( !$member->getValue( $requiredField ) ) { $missingFields[] = $requiredField; } }
if ( $missingFields ) { $errorMessages[] = '
There were some missing fields in the form you submitted. Please complete the fields highlighted below and click Save Changes to resend the form.
'; }if ( $existingMember = Member::getByUsername( $member->getValue( "username" ) ) and $existingMember->getValue( "id" ) != $member->getValue( "id" ) ) { $errorMessages[] = '
A member with that username already exists in the database. Please choose another username.
'; }if ( $existingMember = Member::getByEmailAddress( $member->getValue( "emailAddress" ) ) and $existingMember->getValue( "id" ) != $member->getValue( "id" ) ) { $errorMessages[] = '
A member with that email address already exists in the database. Please choose another email address.
'; }if ( $errorMessages ) { displayForm( $errorMessages, $missingFields, $member ); } else { $member->update(); displaySuccess(); } }
function deleteMember() { $member = new Member( array( "id" => isset( $_POST["memberId"] ) ? (int) $_POST["memberId"] : "", ) ); LogEntry::deleteAllForMember( $member->getValue( "id" ) ); $member->delete(); displaySuccess(); }
function displaySuccess() { $start = isset( $_REQUEST["start"] ) ? (int)$_REQUEST["start"] : 0; $order = isset( $_REQUEST["order"] ) ? preg_replace( "/[^ a-zA-Z]/", "", $_REQUEST["order"] ) : "username"; displayPageHeader( "Changes saved" ); ?>
Your changes have been saved. &order=">Return to member list
?>
------------------------------------------------------------------------------------------------------------------------------------------------------
view_members.php
require_once( "common.inc.php" ); require_once( "config.php" ); require_once( "Member.class.php" );
$start = isset( $_GET["start"] ) ? (int)$_GET["start"] : 0; $order = isset( $_GET["order"] ) ? preg_replace( "/[^ a-zA-Z]/", "", $_GET["order"] ) : "username"; list( $members, $totalRows ) = Member::getMembers( $start, PAGE_SIZE, $order ); displayPageHeader( "View book club members" );
?>
Displaying members - of
| Username | First name | Last name | getValueEncoded( "id" ) ?>&start=&order=">getValueEncoded( "username" ) ?> | getValueEncoded( "firstName" ) ?> | getValueEncoded( "lastName" ) ?> |
|---|
-------------------------------------------------------------------------------------------------------------
MEMBERS FOLDER
____________________________________________________________________
books.php
- Moby Dick
- by Herman Melville
- Down and Out in Paris and London
- by George Orwell
- The Grapes of Wrath
- by John Steinbeck
Members' area home page
--------------------------------------------------------------------------------------------------------------------------------------------------
contact.php
You can contact Marian, the organizer of the book club, on 187-812-8166.
Members' area home page
------------------------------------------------------------------------------------------------------------
diary.php
- September 23
- Book reading by Billy Pierce
- October 3
- Club outing to Yellowstone
- October 17
- Book signing by Valerie Wordsworth at the local bookstore
Members' area home page
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
index.php
Welcome, getValue( "firstName" ) ?>! Please choose an option below:
- Upcoming events
- Current reading list
- Contact the book club
- Logout
----------------------------------------------------------------------------------------------------------------------
login.php
if ( isset( $_POST["action"] ) and $_POST["action"] == "login" ) { processForm(); } else { displayForm( array(), array(), new Member( array() ) ); }
function displayForm( $errorMessages, $missingFields, $member ) { displayPageHeader( "Login to the book club members' area", true );
if ( $errorMessages ) { foreach ( $errorMessages as $errorMessage ) { echo $errorMessage; } } else { ?>
To access the members' area, pleas enter your username and password below then click Login.
function processForm() { $requiredFields = array( "username", "password" ); $missingFields = array(); $errorMessages = array();
$member = new Member( array( "username" => isset( $_POST["username"] ) ? preg_replace( "/[^ \-\_a-zA-Z0-9]/", "", $_POST["username"] ) : "", "password" => isset( $_POST["password"] ) ? preg_replace( "/[^ \-\_a-zA-Z0-9]/", "", $_POST["password"] ) : "", ) );
foreach ( $requiredFields as $requiredField ) { if ( !$member->getValue( $requiredField ) ) { $missingFields[] = $requiredField; } }
if ( $missingFields ) { $errorMessages[] = '
There were some missing fields in the form you submitted. Please complete the fields highlighted below and click Login to resend the form.
'; } elseif ( !$loggedInMember = $member->authenticate() ) { $errorMessages[] = 'Sorry, we could not log you in with those details. Please check your username and password, and try again.
'; } if ( $errorMessages ) { displayForm( $errorMessages, $missingFields, $member ); } else { $_SESSION["member"] = $loggedInMember; displayThanks(); } }function displayThanks() { displayPageHeader( "Thanks for logging in!", true ); ?>
Thank you for logging in. Please proceed to the members' area.
-----------------------------------------------------------------------------------------------------------------------------------------------------
logout.php
Thank you, you are now logged out. Login again.
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help