Chapter 12 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-6 The users obviously haven’t logged in yet, so they are not allowed to anything else here They are given the choice to log in if they have registered before, or they can register to activate an account Should the users decide to log in, they will be presented with the same options as when you created the previous login pages The page should look like the one in Figure 12-7 390 User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-7 Users will be required to supply the usernames and passwords they chose for themselves The only difference between this login page and the previous one you created is that the authorization is coming from a MySQL database, rather than hard coding of the authorization into the pages themselves If users don’t enter the information correctly, they will be asked for the information again, and have the option to register from that page as well If a user chooses to register, he or she will see a page similar to the one in Figure 12-8 391 Chapter 12 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-8 Now users can fill in their information and register to be a user of this site Once the user fills in the information and hits the register button, the code checks whether or not the required fields have been filled out If one (or more) of the required fields is not filled out, the form appears again with the information entered still in the form and an error message stating the problem The page will look similar to the one shown in Figure 12-9 392 User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-9 Users can now fill in the missing information and continue A check is performed after the required fields are satisfied to see if the username chosen is already taken Should that be the case, the form again retains any information that has been filled out, and a different error message appears on the screen stating that the username is taken The username field is erased so users know that they need to choose another username The screen will look like that in Figure 12-10 393 Chapter 12 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-10 Now users can choose another username and complete the registration process Once the user chooses a username that is not already taken, the registration is complete Once the registration is complete, the user is automatically logged in for this session using the username and password as the session values, and he or she will be redirected to the home page After being redirected, the user’s screen should look similar to Figure 12-11 394 User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-11 Now the logged-in users are able to navigate to their own personal information pages where they can update their information at any time and are also allowed to delete their account from this location The beauty of sessions and keeping track of users is that you don’t have to worry about passing information about the users with form data, or passing it through the query string or address bar All the data is stored temporarily on the server where the Web site resides You also don’t have to worry about people trying to put parameters into the address bar to fake the identity of another user The session data is unavailable to users on the site, so only if they had access to the server itself would they be able to obtain the user-supplied data Now you will look at the pages where the user’s information is displayed, and where a user can update or delete his or her account The display page simply displays the previously entered user information The update page is also straightforward: It shows a form with the user’s previously entered data and gives the user the ability to update it if he or she wishes or simply cancel the update and return to the previous screen The delete page merely asks if the user is sure he or she wants to delete the account and gives the option of returning to the previous screen The user’s information display page should look something like the one shown in Figure 12-12 395 Chapter 12 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-12 When users choose to update their accounts, they will see a screen similar to Figure 12-13 396 User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-13 Should they update their information, users will be told that the information was indeed updated and they will be allowed to update the information again if they wish (for example, if on review they realize they input something incorrectly) That page will look like the one in Figure 12-14 397 Chapter 12 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-14 Finally, the delete page looks similar to the one shown in Figure 12-15 This appears once users choose the Delete Account link on the display page From here, if users choose Yes, their account is deleted, their logged-in session will be destroyed, and they will be redirected to the index page 398 User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 12-15 That’s it for the user portion of the registration system You’ll create an administration section later in the chapter, where you can allow certain levels of admins to have different privileges from others But now, let’s move on to a quick cookie example, which you can implement into the previous registration system Using Cookies in PHP Cookies are used much like sessions, as explained previously The main difference between sessions and cookies is you can control the amount of time the cookie is available for, unlike sessions, which disappear when users close their browser Cookies are used to store information about a user’s logins, preferences, or anything else you want to store there that you want to retrieve when a user revisits your site 399 Building a Content Management System Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Hey, a function Shouldn’t this go in an include file, such as outputfunctions.php? Perhaps, and you could certainly that if you wanted to However, this function is very specific to this file, so it really doesn’t need to go in an include file It’s up to you, really function echoUserList($lvl) { To use the array you created earlier within this function, you must declare it global Now the function can access the data in the array global $a_users; This function will be called more than once Each time, a different value will be contained in the $lvl variable The following SQL pulls the appropriate data according to the $lvl value: $sql = “SELECT user_id, name, email FROM cms_users “ “WHERE access_lvl = $lvl ORDER BY name”; $result = mysql_query($sql) or die(mysql_error()); If no users are found in the database for this access level, you display a message explaining that those users were not found You this by using the array you created earlier: if (mysql_num_rows($result) == 0) { echo “No “ $a_users[$lvl] “ created.”; A user cannot modify his or her own record Instead, his or her name is shown in plain text, with no link } else { while ($row = mysql_fetch_array($result)) { if ($row[‘user_id’] == $_SESSION[‘user_id’]) { echo htmlspecialchars($row[‘name’]) “\n”; Otherwise, the user’s name is displayed on the screen, as a link that loads useraccount.php } else { echo ‘’ htmlspecialchars($row[‘name’]) “\n”; } Here’s the end of the function Note that nothing has been output to the screen yet } } } 457 Chapter 13 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com First you display the page title: ?> User Administration Then you loop through the code three times, running the function each time with a different level value: And then you’re done Article Publishing You have all these transaction pages and user account maintenance so far, but nothing that would put your application squarely into the “CMS” category Well that’s all about to change! In this section you’ll be creating the pages that allow you to create, review, read, and comment on articles On to the articles! Try It Out Creating an Article In your first step toward having content, you’re going to create the page that allows you to actually write out the articles and save them to the database Create a new file and name it compose.php: Compose Article Title:
Click the Compose link to load compose.php (see Figure 13-7) Enter a title and some text for the article When you are done, click Submit New Article You will be taken back to the index page, but there will still be no article The article you just wrote is pending review 459 Chapter 13 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 13-7 How It Works You’re almost there Next, you tackle compose.php, the page where you create new articles First, initialize the variables you are going to be using: Compose Article Title:
The article ID must be carried over to the transaction page if you are modifying an existing article The following hidden input field will this for you
If you’ve looked around your Web site, you might have noticed that the article you just created doesn’t show up yet That’s because you’ve set up a review system wherein an administrator or moderator must approve an article before it is published to the public view This sort of control is found on many CMSbased sites on the Web and is a good way to keep an eye on quality and duplicate stories Try It Out Reviewing New Articles In this exercise, you’ll create the reviewing system that lets you approve your articles Create pending.php: Next, create reviewarticle.php: Article Review Click the Review link The Review page pending.php loads (see Figure 13-8) with a list of all pending and published articles Right now, there is only one pending article — the one you just wrote Click the article You will be taken to reviewarticle.php It should look similar to Figure 13-9 You have the option to edit, publish, or delete the article Figure 13-8 464 Building a Content Management System Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 13-9 Click the Publish button You will be taken back to pending.php, and the article will now be listed under Published Articles Click the Articles link, and you will be taken back to the index page This time, the article should appear on the page (see Figure 13-10) 465 Chapter 13 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Figure 13-10 How It Works Next comes pending.php: 467 Chapter 13 Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com And so ends another exciting day in the CMS saga Stay tuned while we look at your next file, reviewarticle.php This time, you need to use one of the functions in outputfunctions.php, so you include it at the top of your page First, you display the title of the page, and then use the outputStory() function to display the article on the page Article Review And they all lived happily ever after The End Feeling a little déjà vu? Good Try It Out Article Pages So you’ve created an article, reviewed it, and published it Now it’s time to give the public a way to view the article and provide feedback Create viewarticle.php: Now, create comment.php: Add a comment Comment:
Go back to the index by clicking the Articles link Click the “Full Story” link below the snippet of the article you want to view The full article should appear, complete with a link to add comments How It Works The first page, viewarticle.php, is very short, yet it illustrates the nature of included files and functions wonderfully As you can see, there is no content displayed directly with viewarticle It simply includes the necessary files and uses two functions to display the article and all of the comments 470 Building a Content Management System Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com You may notice that you don’t worry about the situation in which an article is not passed As it stands, if you load viewarticle.php without the “article” parameter in the URL, you will simply get a page that consists of the site title, search, and a menu (all included in header.php) The rest will be blank If that’s the desired result, then that’s fine You may decide to redirect the user back to the home page if $_GET[‘article’] is empty If you do, don’t forget to include http.php and use redirect() before header.php The next page is comment.php Include the necessary files: Add a comment A simple text area is used to enter a new comment:
Comment:
The next bit deals with the submit button and a hidden field for the article ID This is needed to send the article ID to the next page: Beginning PHP5, Apache and MySQL< /title> 4 06 User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com... User Logins, Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com ?> Beginning PHP5, Apache and MySQL< /title> ... Profiles, and Personalization Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com Finally, create the fifth file, testcookie.php: Beginning PHP5, Apache and MySQL< /title>
