Chapter 19 Web Forms Manager IN THIS CHAPTER ◆ Developing a Web Forms Manager ◆ Installing the Web Forms Manager ◆ Using the Web Forms Manager WEB FORMS ARE COMMON in virtually any commercial Web site. Using Web forms, you can collect data from users and perform business operations such as sending a quotation or brochures or soliciting feedback. In this chapter, you will design a general-purpose Web Forms Management application that enables you to manage virtually any single-page Web form. The virtue of managing all your Web forms by using a central general-purpose Web forms application suite is that you can control and manage your data security from a single point, thus eliminating a great deal of the time and effort that goes into managing multiple form scripts for security and other issues. Functionality Requirements Our general-purpose Web Forms Management application suite offers the following feature set: ◆ A single application for Web form processing. All single-page Web forms can be managed by a single application. ◆ Central, smart CSV downloading. A central CSV export application enables a site administrator to download new data at any time. The application enables the administrator to export data from the form data- base by using either a range of dates or the last download. This is a nice feature if, for example, your business has a department that retrieves data from your Web forms and sends out brochures or other documents to potential customers. ◆ Central form data reporting. A single interface to view form data as stored in a database. 661 25 549669 ch19.qxd 4/4/03 9:27 AM Page 661 ◆ Inbound and outbound e-mail. When a form is submitted, the Web form processor can send e-mail to both the submitter and the Web administrator or to anyone else to whom inbound e-mail should be directed. The e-mail messages sent are created by using mail templates and are, therefore, very flexible. ◆ A template-driven interface. Each form should have its own thank-you page template and inbound and outbound message template. ◆ Automatic return to the referred page. If the Web form provides a return URL, the form processing application should return the user to the return URL once processing is completed. Understanding Prerequisites This is an Internet application and does not require central authentication tech- niques. Therefore, it is not dependent on intranet tools discussed in earlier chapters. However, it does require the application framework classes discussed in Chapter 4. You must install the application framework classes along with the PHPLIB and PEAR packages. Designing the Database Figure 19-1 shows the database diagram for the Web Forms Manager. Here, I will describe the only table (WEBFORMS_DL_TBL) of the database. Furthermore, there will be one or more tables, depending on the number of forms. This means that each form to be managed will have its own table. For your convenience, I will describe a sample form table along with WEBFORMS_DL_TBL. Figure 19-1: The WEBFORMS database diagram. 662 Part V: Internet Applications 25 549669 ch19.qxd 4/4/03 9:27 AM Page 662 WEBFORMS_DL_TBL table This table is responsible for storing the track of record ID for each form up to which the user has downloaded the data. This helps the user download the latest data for a form. This table stores the form code (FORM_ID), timestamp of download (DOWNLOAD_TS), and the record ID (RECORD_ID) up to which the form data have been downloaded. X_TBL table (a sample form table) This is a form-specific table. X_TBL stores the data collected from the X form. The two fields of this table that are common to all form tables are the record ID (id) and the time of form submission (SUBMIT_TS). The record ID is auto-incremented with each insertion. Depending on the particular form, you can have many other fields in each of the form tables. These fields are used to store the data collected from the form. Listing 19-1 shows an implementation of the WEBFORMS database in MySQL. To implement this WEBFORMS database in MySQL, you can create a database called WEBFORMS in your MySQL database server and run the following command: mysql -u root -p -D WEBFORMS < webforms.sql Make sure that you change the username (root) to whatever is appropriate for your system. Listing 19-1: WEBFORMS.mysql # phpMyAdmin MySQL-Dump # version 2.2.5 # http://phpwizard.net/phpMyAdmin/ # http://phpmyadmin.sourceforge.net/ (download page) # # Host: localhost # Generation Time: Dec 13, 2002 at 07:50 PM # Server version: 3.23.35 # PHP Version: 4.1.0 # Database : `WEBFORMS` # # # Table structure for table `WEBFORMS_DL_TBL` # CREATE TABLE WEBFORMS_DL_TBL ( Continued Chapter 19: Web Forms Manager 663 25 549669 ch19.qxd 4/4/03 9:27 AM Page 663 Listing 19-1 (Continued) FORM_ID varchar(255) NOT NULL default ‘0’, DOWNLOAD_TS bigint(20) NOT NULL default ‘0’, RECORD_ID int(11) NOT NULL default ‘0’ ) TYPE=MyISAM; # # # Table structure for table `X_TBL` # CREATE TABLE X_TBL ( id int(11) NOT NULL auto_increment, x_field_1 varchar(255) NOT NULL default ‘’, x_field_2 text NOT NULL, x_field_3 int(11) NOT NULL default ‘0’, SUBMIT_TS bigint(20) NOT NULL default ‘0’, PRIMARY KEY (id) ) TYPE=MyISAM; Note that the X_TBL is really an example table; you should rename it to match your form name. For example, if you have a form called ASK.php or ASK.html, with three fields named first, last, and e-mail, you can create it as follows: CREATE TABLE ASK_TBL ( id int(11) NOT NULL auto_increment, first varchar(25) NOT NULL default ‘’, last varchar(25) NOT NULL, email varchar(60) NOT NULL, SUBMIT_TS bigint(20) NOT NULL default ‘0’, PRIMARY KEY (id) ) TYPE=MyISAM; Notice that the id and SUBMIT_TS fields are required for managing the forms. Designing and Implementing the Web Forms Manager Application Classes As shown in the system diagram (see Figure 19-2), five objects are needed to imple- ment the Web Forms Manager application. 664 Part V: Internet Applications 25 549669 ch19.qxd 4/4/03 9:27 AM Page 664 Figure 19-2: System diagram of the Web Forms Manager. In this section, you will develop the class that provides the objects needed for your Web Forms Manager application. Designing and implementing the ACL class The ACL (Access Control List) class is used to control access to the application. The ch19/apps/class/class.ACL.php file on the CD-ROM implements this class, which implements the methods described in the following sections. ACL() This is the constructor method. It sets the member variables $IP, $ALLOW, and $DENY from the given parameter $param. $IP holds the IP address of the current machine; $ALLOW holds the comma-separated list of allowed IP addresses; and $DENY holds the list of denied IP addresses. isAllowed() This method identifies whether the current IP is allowed to access the application. If the list of denied IPs is not empty, this method matches the current IP with each of the denied IPs. It uses the isNetworkAddr() method and the isNodeOf() method to ensure that the current IP is not part of any denied network address. The method returns TRUE or FALSE depending on the match result. isDenied() This method uses the isAllowed() method to decide whether the current IP is denied access to the application. It returns exactly the opposite value (TRUE/FALSE) of the result of the isAllowed() method. Form Submission Application Form Reporter Application CSV Export Application PHP Application Framework Web Form Management Application DataCleanup Object class.DataCleanup.php Form Submission Object class.FormSubmission.php DataValidator Object class.DataValidator.php FormData Object class.FormData.php ACL Object class.ACL.php Chapter 19: Web Forms Manager 665 25 549669 ch19.qxd 4/4/03 9:27 AM Page 665 . appropriate for your system. Listing 19-1: WEBFORMS.mysql # phpMyAdmin MySQL-Dump # version 2.2.5 # http://phpwizard.net/phpMyAdmin/ # http://phpmyadmin.sourceforge.net/ (download page) # # Host: localhost #. Application PHP Application Framework Web Form Management Application DataCleanup Object class.DataCleanup .php Form Submission Object class.FormSubmission .php DataValidator Object class.DataValidator .php FormData. class.FormSubmission .php DataValidator Object class.DataValidator .php FormData Object class.FormData .php ACL Object class.ACL .php Chapter 19: Web Forms Manager 665 25 549669 ch19.qxd 4/4/03 9:27 AM Page 665