haveRequiredData() This method determines whether the required fields for the form are provided. It uses the member variable $REQUIRED, which is set in the setupForm() method. validateData() This method validates all the fields for the form. This is how it works: ◆ It first creates an object of class DataValidator. ◆ Then the method validate() of DataValidator is called, with type, size, and validation methods for each field of the form. If data validation fails, the field is pushed into the $ERRORS array. ◆ The method returns TRUE if none of the fields fail during data validation. cleanupData() This method is responsible for cleaning up the given data as prescribed in the form configuration file. This is how it works: ◆ It first creates an object of the DataCleanup class. ◆ For each field, the list of clean-up methods is retrieved. Those methods are called from the DataCleanup class. ◆ All the field data is returned after cleanup. submitData() This method is responsible for adding the given data into the form table in the database. This is how it works: ◆ First, the fields with type text are escaped for characters such as quotation marks and slashes by using the $this->_DBI->quote(addslashes()) methods. ◆ The common field for all forms, SUBMIT_TS (to store the time of form sub- mission), is prepared from the current time and added to the insert query statement. ◆ The insert query statement is executed using the query() method of the DBI object. ◆ The method returns TRUE or FALSE depending on the success of the inser- tion process. Chapter 19: Web Forms Manager 671 25 549669 ch19.qxd 4/4/03 9:27 AM Page 671 uploadFile() This method is responsible for uploading any attachments from the user. This is how it works: ◆ It first creates an object of the DataValidator class to validate the size of the file(s) to be uploaded. ◆ For each upload field retrieved from the form configuration file, the method determines whether it is a required upload. If the upload is required but not supplied, it returns with a proper failure signal. ◆ The method moves the uploaded file to the appropriate destination direc- tory as specified in the form configuration file. sendMail() This method is responsible for sending the form-specific inbound or outbound e-mail to the user or the administrator. This is how it works: ◆ It takes the list of recipients, the message template file name, and the sub- ject as parameters. ◆ It immediately returns FALSE if the list of recipients is empty. ◆ It determines whether a form-specific template for the message exists. If not, it uses the default template directory of the application to instantiate the template class. ◆ Data received from the form is sent to the message template. Then the template is parsed and sent as the body to the recipient(s) using the mail() API with the given subject. Designing and implementing the FormData class The FormData class manipulates the submitted form data. For example, it is used in a report generation application to show the report to administrative users. The ch19/apps/class/class.FormData.php file on the CD-ROM implements this class, which implements the methods described in the following sections. FormData() This is the constructor method. It sets the member variables $DBI and $DL_TBl to hold the DBI object and the name of the download track table, respectively. Then it calls the setFormID() method to set the form ID. setFormID() This method first sets the given form ID as the member variable $fid. Then it includes the configuration file for the form. Two more member variables — $fieldArr (an array of form fields and their configurations) and $fields (a 672 Part V: Internet Applications 25 549669 ch19.qxd 4/4/03 9:27 AM Page 672 comma-separated list of the fields) — are set by retrieving the list of fields from the form configuration file. getFormData() This method is used to retrieve form data from the database. This is how it works: ◆ The setFormID() method is called to set the given form ID. ◆ If no sort criteria are supplied, the default sort criteria is set to the ID field. ◆ If no lower bound for submission time is given, it is assumed to be zero. Similarly, if no upper bound is supplied, it is assumed to be the current time. ◆ The SELECT query statement is prepared with the help of the member variable $fields. ◆ The name of the table is taken from the form configuration file, which has already been included. ◆ The SELECT query is executed using the query() method of the DBI object, and all rows of the query result are returned as an array. getDataAfterRecordID() This method returns all the data of a form that has a record ID greater than the given record ID. This is how it works: ◆ It first calls setFormID() to set the given form ID. ◆ The query statement is prepared using the member variable $fields and the given record ID. ◆ The name of the table is taken from the form configuration file, which has already been included. ◆ The SELECT query is executed using the query() method of the DBI object, and all rows of the query result are returned as an array. getLastDLRecordID() This method returns the largest record ID number for a given form that has been tracked in the download track table. This is how it works: ◆ First, it calls setFormID() to set the given form ID. ◆ The query statement is prepared. ◆ The name of the table is taken from the form configuration file, which has already been included. ◆ Finally, the SELECT query is executed using the query() method of the DBI object, and the maximum record ID is returned after retrieving it from the query result. Chapter 19: Web Forms Manager 673 25 549669 ch19.qxd 4/4/03 9:27 AM Page 673 updateDownloadTrack() This method updates the download track table whenever a download is performed by the user. It takes the form ID and the top record ID up to the time at which the data was downloaded. Then it inserts them along with the current timestamp into the download track table. It returns TRUE or FALSE depending on the status of the insertion operation. Creating the Application Configuration Files Like all other applications we have developed in this book, the Web Forms Manager application also uses a standard set of configuration and error files. These files are discussed in the following sections. Creating the main configuration file The primary configuration file for the entire system is called webforms.conf. Table 19-1 describes each configuration variable. TABLE 19-1 THE WEBFORMS.CONF VARIABLES THAT NEED TO BE CHANGED Configuration Variable Purpose $PEAR_DIR Set to the directory containing the PEAR package; specifically, the DB module needed for class.DBI.php in our application framework. $PHPLIB_DIR Set to the PHPLIB directory, which contains the PHPLIB packages; specifically, the template.inc package needed for template manipulation. $APP_FRAMEWORK_DIR Set to our application framework directory. $PATH Set to the combined directory path consisting of the $PEAR_DIR, $PHPLIB_DIR, and the $APP_FRAMEWORK_DIR. This path is used with the ini_set() method to redefine the php.ini entry for include_path to include $PATH ahead of the default path. This enables PHP to find our application framework, PHPLIB, and PEAR-related files. $APPLICATION_NAME Internal name of the application. 674 Part V: Internet Applications 25 549669 ch19.qxd 4/4/03 9:27 AM Page 674 Configuration Variable Purpose $DEFAULT_LANGUAGE Set to the two-digit default characterslanguage code. $ROOT_PATH Set to the root path of the application. $REL_ROOT_PATH Relative path to the root directory. $REL_APP_PATH Relative application path as seen from a Web browser. $TEMPLATE_DIR The fully qualified path to the template directory. $CLASS_DIR The fully qualified path to the class directory. $ACL_CLASS Name of the ACL class file. $DATA_VALIDATOR_CLASS Name of the DataValidator class file. $FORM_SUBMISSION_CLASS Name of the FormSubmission class file. $DATA_CLEANUP_CLASS Name of the DataCleanup class file. $FORMDATA_CLASS Name of the FormData class file. $FORM_DB_URL The fully qualified URL for the database used to store the form information. $MISSING_REQUIRED_VALUES Code for identifying the signal that required data is missing. $BAD_DATA Code for identifying the signal that the data is invalid. $DATABASE_FAILURE Code for identifying the signal that the form table does not exist. $INVALID_FILE_SIZE Code for identifying the signal that the file size is invalid. $KNOWN_FORMS The associative array of forms holding the form ID, along with its configuration file name. $FORM_CONF_FILE_DIR The directory that holds the configuration files of different forms. $REPORT_TEMPLATE The template used for showing the form data report. $ODD_COLOR Color used as background in odd-numbered rows in the report. $EVEN_COLOR Color used as background in even-numbered rows in the report. Continued Chapter 19: Web Forms Manager 675 25 549669 ch19.qxd 4/4/03 9:27 AM Page 675 . package; specifically, the DB module needed for class.DBI .php in our application framework. $PHPLIB_DIR Set to the PHPLIB directory, which contains the PHPLIB packages; specifically, the template.inc package. $PHPLIB_DIR, and the $APP_FRAMEWORK_DIR. This path is used with the ini_set() method to redefine the php. ini entry for include_path to include $PATH ahead of the default path. This enables PHP. generation application to show the report to administrative users. The ch19/apps/class/class.FormData .php file on the CD-ROM implements this class, which implements the methods described in the following