...

View Full Version : content management system



wayne3503
07-27-2007, 07:50 PM
I have done a couple projects in a book of mine which were great but I have a few errors and not sure why I am getting them.So if I do "add URL" and fill out the form I get "Please try again." Then with the view files, when I try to view I get "There are currently no files to be viewed." Yet the files are in the folder and the records for them are in the db. So what gives? thanks in advance for the help. Here is my code as of now.
My add_urls.php

<?php
$page_title = 'Add a URL';
include ('header.php');
require_once ('db.php');

//handle the form
if (isset($_POST['submit'])) {

//function for escaping and trimming form data
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string (trim ($data), $dbc);
} //end of escape_data function.

//check for a URL
if (!empty($_POST['url'])) {
$u = escape_data($_POST['url']);
} else {
$u = FALSE;
echo '<p><font color="red">Please enter a URL!</font></p>';
}

//check for a description (not required)
if (!empty($_POST['description'])) {
$d = escape_data($_POST['description']);
} else {
$d = '';
}

//check for catergory
if (($_POST['type1']) > 0) //OR ($_POST['type2'] > 0) OR ($_POST['type3']) > 0)
{
$type = TRUE;
} else {
$type = FALSE;
echo '<p><font color="red">Please select a category!</font></p>';
}

if ($u && $t && $type) { //if everything is ok
//add the URL to the url_titles table
$query = "INSERT INTO url_titles (url, title, description) VALUES ('$u', '$t', '$d')";
$result = @mysql_query ($query); //run the query
$tid = @mysql_insert_id(); //get the title ID

if ($tid >0) { //if it ran ok

//build the query
$query = 'INSERT INTO urls (title_id, type_id, approved, date_submitted) VALUES ';
if ($_POST['type1'] > 0) {
$query .= "($tid, {$_POST['type1']}, 'y', NOW()), ";
}
//if ($_POST['type2'] > 0) {
// $query .= "($tid, {$_POST['type2']}, 'y', NOW()), ";
//}
//if ($_POST['type3'] > 0) {
// $query .= "($tid, {$_POST['type3']}, 'y', NOW()), ";
//}
$query = substr ($query, 0, -2); //chop off the last comma and space

//run the query
$result = @mysql_query ($query);
if ($result) {
echo '<p><b>Thank you for your submission!<b><p>';
$_POST = array();
} else { //if it did not run ok
echo '<p> <font color="red">Your submission could not be processed due to a system error. We apologize for any inconvenience.</font></p>';
}

} else { //if it did not run ok
echo '<p><font color="red">Your submission could not be processed due to a system error. We apologize for any inconvenience.</font></p>';
}

} else{ //if one of the data tests failed
echo '<p><font color="red">Please try again.</font><p>';
}
} //end of the main submit conditional

//----------------Display the form----------------

//create the pull down menu information
$query = "SELECT * FROM url_types ORDER BY type_id ASC";
$result = @mysql_query ($query);
$pulldown = '<option>Select One</option>';

while ($row = mysql_fetch_array ($result, MYSQL_ASSOC)) {
$pulldown .= "<option value=\"{$row['type_id']}\">{$row['type']}</option>\n";
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Fill out the form to submit a URL (you can choose up to 3 categories):</legend>

<p><b>URL:</b> <input type="text" name="url" size="60" maxlength="60" value="<?php if (isset($_POST['url'])) echo $_POST['url'];?>" /><br />
<small>Do not include the initial <i>http://</i></small></p>;

<p><b>URL Name/Title:</b> <input type="text" name="text" size="60" maxlength="60" value="<?php if (isset($_POST['title'])) echo $_POST['title'];?>" /></p>

<p><b>Description:</b> <textarea name="description" cols="40" rows="5"><?php if (isset($_POST['description'])) echo $_POST['description'];?></textarea></p>

<p><b>Category 1:</b>
<select name="type1"><?php echo $pulldown; ?>
<option value="1">Email Address</option>
<option value="2">Website Address</option>
</select></p>
<!--<p><b>Category 2:</b> <select name="type2"><?php echo $pulldown; ?></select></p>
<p><b>Category 3:</b> <select name="type3"><?php echo $pulldown; ?></select></p>-->
</fieldset>
<div align="center"><input type="submit" name="submit" value="Submit" /></div>
</form><!------end of form-->

<?php
mysql_close(); //close the db connection
include ('footer.php'); //include the footer
?>


and my view_files.php

<?php
//This page displays the files uploaded to the server

//Set the page title and include the header
$page_title = 'View Files';
include_once ('header.php');
require_once ('db.php'); //connect to db

$first = TRUE; //Initialize the variable.

//query the db
$query = "SELECT upload_id, file_name, ROUND(file_size/1024) AS fs, description,
DATE_FORMAT(upload_date, '%M %e, %Y') AS d FROM uploads ORDER BY upload_date DDESC";
$result = mysql_query ($query);

//Display all the URLs
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {

//If this is the first record then create the table header
if ($first) {
echo '<table border="0" width="100%" cellspacing="3" cellpadding="3" align="center">
<tr>
<td align="left" width="20%"><font size="+1">File Name</font></td>
<td align="left" width="40%"><font size="+1">Description</font></td>
<td align="center" width="20%"><font size="+1">File Size</font></td>
<td align="left" width="20%"><font size="+1">Upload Date</font></td>
</tr>';
} //End of first IF

//Display each record
echo " <tr>
<td align=\"left\"><a href=\"download_file.php?uid={$row['upload_id']}\">{$row['file_name']}</a></td>
<td align=\"left\">" . stripslashes($row['description']) . "</td>
<td align=\"center\">{$row['fs']}kb</td>
<td align=\"left\">{$row['d']}</td>
</tr>\n";

$first = FALSE; //one record has been returned
} //End of while loop

//If no records were displayed...
if($first) {
echo '<div align="center"> There are currently no files to be viewed.</div>';
} else {
echo '</table>'; //Close table
}

mysql_close(); //Close the db connection
include_once ('footer.php'); //require the footer
?>


Thanks again for the help

_Aerospace_Eng_
07-27-2007, 07:55 PM
Don't use empty(). You should use

if($_POST['url'] !== '')
I think empty may return false sometimes even if there is input.

wayne3503
07-27-2007, 08:51 PM
well I dont know if that was supposed to solve my issue or not but I did replace both
if (!empty($_POST['url'])) {
-and-
if (!empty($_POST['description'])) {
-with-
if($_POST['url'] !== '')
-and-
if($_POST['description'] !== '')

But it didnt solve my issue.

rafiki
07-27-2007, 09:05 PM
shouldnt it be
if ($_POST['url'] != '') {
//code
}
if ($_POST['description'] !='') {
//code
}

wayne3503
07-27-2007, 11:51 PM
well I have the one issue kind of resolved but I am still having problems with the view files deal.
Any ideas.

wayne3503
07-28-2007, 02:52 PM
im still trying to resolve the issue above but one thing I also am trying to figure out is what kinds of features are handy for the administrative side back end for this? Right now an admin can see all users in the db and I would like to set up an IP banning feature, other then that im out of ideas.

wayne3503
07-30-2007, 02:36 AM
Any ideas here?
Thanks for the help

Fumigator
07-30-2007, 03:26 AM
I am still having problems with the view files deal

Yeah that doesn't really tell us anything. Maybe I missed something in your first post, but you should probably describe in detail what kind of problem you are having.

wayne3503
07-30-2007, 03:38 AM
Im sorry. The view files script I have is meant to "list" files that I have uploaded. Now I should probably mention that there isn't a path to the file in the db but the file name and other info is there and the file does end up in the folder as it should. The problem I am having is that when I run this script I get "could not select database". If its on any help, before when I didnt have that error built into my script I would get "There are currently no files to be viewed", which you can see is at the bottom of the script. Anyway in either case it doesnt show that any files are even uploaded, yet all the info is in the db and the files do end up getting in the folder they should when they are uploaded. So with that said here is my code as of now. Thank you for your help and sorry if I wasnt clear before. If you need more info let me know.

<?php
//This page displays the files uploaded to the server

//Set the page title and include the header
$page_title = 'View Files';
include_once ('header.php');
require_once ('db.php'); //connect to db

$first = TRUE; //Initialize the variable.

//query the db
$query = "SELECT upload_id, file_name, ROUND(file_size/1024) AS fs, description,
DATE_FORMAT(upload_date, '%M %e, %Y') AS d FROM uploads ORDER BY upload_id DESC";
$result =@mysql_query($query) or die ("could not select database");

//Display all the URLs
while ($row =@mysql_fetch_array($result, MYSQL_ASSOC)) {

//If this is the first record then create the table header
if ($first) {
echo '<table border="0" width="100%" cellspacing="3" cellpadding="3" align="center">
<tr>
<td align="left" width="20%"><font size="+1">File Name</font></td>
<td align="left" width="40%"><font size="+1">Description</font></td>
<td align="center" width="20%"><font size="+1">File Size</font></td>
<td align="left" width="20%"><font size="+1">Upload Date</font></td>
</tr>';
} //End of first IF

//Display each record
echo " <tr>
<td align=\"left\"><a href=\"download_file.php?uid={$row['upload_id']}\">{$row['file_name']}</a></td>
<td align=\"left\">" . stripslashes($row['description']) . "</td>
<td align=\"center\">{$row['fs']}kb</td>
<td align=\"left\">{$row['d']}</td>
</tr>\n";

$first = FALSE; //one record has been returned
} //End of while loop

//If no records were displayed...
if($first) {
echo '<div align="center"> There are currently no files to be viewed.</div>';
} else {
echo '</table>'; //Close table
}

mysql_close(); //Close the db connection
include_once ('footer.php'); //require the footer
?>

wayne3503
08-01-2007, 07:15 PM
Ok I hate to bring this one back but im still stumped on this one and cant get it working yet.
Any help would be greatly appreciated.

wayne3503
08-01-2007, 07:50 PM
Well I have changed the sql query to this...

$query = "SELECT * FROM uploads"; and it seems this is the only way for me to get any results. It does put "kb" in the file size column but no number infront of it, and doesnt display the uploaded date.
So my guess is that this...

$query = "SELECT upload_id, file_name, ROUND(file_size/1024) AS fs, description,
DATE_FORMAT(upload_date, '%M %e, %Y') AS d FROM uploads ORDER BY upload_id DESC";
isnt in the correct syntax or order that it needs to be in and I have never seen such an elaborate long drawn out query so any ideas as to how to finish correcting this would be greatly appreciated

Thanks again everyone

wayne3503
08-01-2007, 08:44 PM
Ok so I have figured out a few things and for the most part have it working great...Only I want to change the standard date/time it outputs to be mm-dd-yyyy rather then its normal yyyy-mm-dd. How would I go about doing that?
Oh yea this is what I have done to my code now

//query the db
$query = "SELECT file_name, file_size, description, upload_date FROM uploads";
$result =@mysql_query($query);

//Display all the URLs
while ($row =@mysql_fetch_array($result, MYSQL_ASSOC)) {

//If this is the first record then create the table header
if ($first) {
echo '<table border="0" width="100%" cellspacing="3" cellpadding="3" align="center">
<tr>
<td align="left" width="20%"><font size="+1">File Name</font></td>
<td align="left" width="40%"><font size="+1">Description</font></td>
<td align="center" width="20%"><font size="+1">File Size</font></td>
<td align="left" width="20%"><font size="+1">Upload Date</font></td>
</tr>';
} //End of first IF

//Display each record
echo " <tr>
<td align=\"left\"><a href=\"download_file.php?uid={$row['upload_id']}\">{$row['file_name']}</a></td>
<td align=\"left\">" . stripslashes($row['description']) . "</td>
<td align=\"center\">{$row['file_size']}kb</td>
<td align=\"left\">{$row['upload_date']}</td>
</tr>\n";

Fumigator
08-01-2007, 09:42 PM
Assuming the date is stored in you MySQL table as a "DATE" type, you can use date_format() (http://dev.mysql.com/doc/refman/4.1/en/date-and-time-functions.html#function_date-format) in the query to format the output.



SELECT date_format(dateField, '%m-%d-%Y') as formattedDate
FROM tableName

wayne3503
08-01-2007, 09:51 PM
Well it did something...It didnt fix it, it just cleared out showing anything. I also changed my MySQL from DATETIME to DATE also. any ideas?
Thanks

Fumigator
08-02-2007, 12:32 AM
I just noticed you aren't checking your queries to see if they failed. So what is your plan when a query throws an error? You've got to catch it. It doesn't catch itself. Also get rid of those "@"s, you are suppressing errors in a development environment which makes no sense.



$query = "SELECT file_name, file_size, description, upload_date FROM uploads";
$result =mysql_query($query);
if (!$result) {
die("QUERY ERROR! Query text is: $query<br />Query error is: ".mysql_error());
}

wayne3503
08-02-2007, 04:22 AM
I have that fixed, but for some reason I still cant seem to pull the date in the format Id like. It either pulls it as yyyy-mm-dd or it doesnt pull at all.
Thanks for your help

Fumigator
08-02-2007, 03:01 PM
What does your code look like now? Are you still using "SELECT *"? Are you referring to the correct column name?

wayne3503
08-02-2007, 03:31 PM
Yes, right now this is what I have

$query = "SELECT file_name, file_size, description, upload_date FROM uploads";
$result =mysql_query($query);
if (!$result) {
die("QUERY ERROR! Query text is: $query<br />Query error is: ".mysql_error());
}
This is the syntax that returns a date in yyyy-mm-dd format and if I replace "upload_date" with "date_format(upload_date, '%m-%d-%Y')" all it does is returns nothing.

Fumigator
08-02-2007, 04:45 PM
I'd like to see how you are referring to that formatted date, because without an alias the associative index would be $row["date_format(upload_date, '%m-%d-%Y')"].

wayne3503
08-02-2007, 04:55 PM
Ok grab a huge stick from a tree and I want you to beat me in the head with it...I had that but not the right one, i still had the "$row['upload_date']" thank you for your help again :D

Fumigator
08-02-2007, 05:05 PM
I would be happy to oblige-- I'll bring my own stick! :p

I usually put an alias on the column to keep the typing down..


$query = "SELECT file_name, file_size, description, date_format(upload_date, '%m-%d-%Y') as formatted_date FROM uploads";
.
.
.
echo $row['formatted_date'];

wayne3503
08-02-2007, 05:47 PM
Now one more issue I am having still with my CMS just a different issue, is Im trying to add a delete feature to my "view_files.php" script. I seem to be having some issues with getting it to work. This is what I have right now. What am I doing wrong?

Thanks for the help

<?php
//This page displays the files uploaded to the server

//Set the page title and include the header
$page_title = 'View Files';
include_once ('header.php');
require_once ('db.php'); //connect to db

if(isset($_POST['update']))
{
if(isset($_POST['delete']) AND is_array($_POST['delete']))
{
$i = 0;
foreach($_POST['delete'] as $file_name => $value)
{
# Is it checked? - probably don't need this!
if($value == 1)
{
# Delete the records
$sql = "DELETE FROM `uploads` WHERE `file_name` = '".addslashes($file_name)."'";
mysql_query($sql);

# Use unlink to remove any files on the server - you will have to do a bit of research into this - it's not as easy as it should be

$i++;
}
}

# Records deleted!
$message .= '<p><span style="font-size: 1.2em; color: red;">'.$i.' Record(s) deleted!</span></p>';
}
}

$first = TRUE; //Initialize the variable.

$query = "SELECT file_name, file_size, description, date_format(upload_date, '%m-%d-%Y') FROM uploads";
$result =mysql_query($query);
if (!$result) {
die("QUERY ERROR! Query text is: $query<br />Query error is: ".mysql_error());
}
//query the db
//$query = "SELECT file_name, file_size, description, date_format(upload_date, '%m-%d-%Y') as formattedDate FROM uploads";
//$result =@mysql_query($query);

//Display all the URLs
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {

//If this is the first record then create the table header
if ($first) {
echo '<table border="0" width="100%" cellspacing="3" cellpadding="3" align="center">
<tr>
<td align="left" width="5%"><font size="+1">Delete</font></td>
<td align="left" width="25%"><font size="+1">File Name</font></td>
<td align="left" width="30%"><font size="+1">Description</font></td>
<td align="center" width="20%"><font size="+1">File Size</font></td>
<td align="left" width="20%"><font size="+1">Upload Date</font></td>
</tr>';
} //End of first IF

//Display each record
echo " <tr>
<td align=\"center\"><input type=\"checkbox\" name=\"delete{$row['file_name']}\" value=\"1\"></td>
<td align=\"left\"><a href=\"download_file.php?uid={$row['upload_id']}\">{$row['file_name']}</a></td>
<td align=\"left\">" . stripslashes($row['description']) . "</td>
<td align=\"center\">{$row['file_size']}kb</td>
<td align=\"center\">{$row["date_format(upload_date, '%m-%d-%Y')"]}</td>
</tr>\n";


$first = FALSE; //one record has been returned
} //End of while loop

mysql_free_result($result);
echo '<tr>';
echo '<td colspan="5" style="text-align: center;"><input type="submit" name="update" value="Delete" /></td>';
echo '</tr>';

//If no records were displayed...
if($first) {
echo '<div align="center"> There are currently no files to be viewed.</div>';
} else {
echo '</table>'; //Close table
}

mysql_close(); //Close the db connection
include_once ('footer.php'); //require the footer
?>

Fumigator
08-02-2007, 06:33 PM
You just made me cry, because you are still not checking ALL of your queries to see if they failed.

wayne3503
08-02-2007, 07:00 PM
Actually I was...im sorry when i did my editing i didnt put it back in...:D

wayne3503
08-02-2007, 07:04 PM
Got ALL of them now:D



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum