1. Home
  2. Lainnya

DELETING ENTRIES

DELETING ENTRIES

The most complex portion of this application involves deleting entries from the guestbook. This stands to reason because you don’t want your guestbook being fooled by anonymous users. So the first thing you need to do before deleting an entry is authenticate users. When discussing the authenticate() function, we showed how an HTTP 401 header will bring up the browser’s username and password dialog box. The values entered then need to be checked against the guestbook_admin database table. The authenticate.php file takes care of this for you, which is why this file is included in the edit.php file.

The heart of authenticate.php is this: if (empty($PHP_AUTH_USER))

{ authenticate($realm,$errmsg,”header”); }

Chapter 8: Guestbook 2000, the (Semi- )Bulletproof Guestbook

else {

$query = “select username from guestbook_admin where password = password(lower(‘$PHP_AUTH_PW’)) and username = lower(‘$PHP_AUTH_USER’)”;

$result = mysql_query($query); if ($result) { list($valid_user) = mysql_fetch_row($result); } if (!$result || empty($valid_user)) {

authenticate($realm,$errmsg,”query”); } } print “<p><b>Editing as $PHP_AUTH_USER</b></p>\n”;

If no username has been entered the header is sent through your authenticate() function. If the username does exist, a query is sent to the database to validate the user. If a row is returned, the user is validated and can continue working; otherwise the header is sent again.

Once a valid username and password have been entered, the remainder of the edit.php file will be sent. But this time, in addition to all the other information, the checkbox will be included, so the user can decide which entries should be deleted. The value of the checkbox will be the primary key of the guestbook table.

while ($row = mysql_fetch_array($result)) {

print_entry($row,$preserve,”name”,”entry date”,”location”,”email”,”URL”,”comments”);

print “ <tr>\n”; print “ <td valign=top align=right><b>Delete?</b></td>\n”; print “ <td valign=top align=left><input type=checkbox

name=\”entry_id[]\” value=\””.$row[“entry_id”].”\”> Yes, delete entry #”.$row[“entry_id”].”</td>\n”;

print “ </tr>\n\n”; print “<tr><td colspan=2> </td></tr>\n”;

} This form is then submitted to the confirm_delete.php file. Notice how you’re

passing an array here. The name of the form element is entry_id[], which means that when this form is passed to PHP, entry_id will become an array. The number of values in the array depends on the number of boxes checked. HTTP will not send the unchecked boxes at all.

214 Part III: Simple Applications

The first time through the confirm_delete.php file, we will print out the entries. This will make the person deleting these entries make sure he or she isn’t doing something stupid.

while (list($key,$value) = each($entry_id)) {

print “<li>Delete entry #$value?\n”; print “<input type=hidden name=\”entry_id[]\”

value=\”$value\”>\n”; }

If any of these entries are to be deleted, this page will submit to itself, with a different value (Confirm Delete) sent with the submit button. This will make the following code run:

while (list($key,$value) = each($entry_id)) {

print “<li>Deleting entry #$value\n”; $q = “delete from guestbook where entry_id = $value”; safe_query($q);

} We loop through the $entry_id array, deleting records for each member.

Dokumen yang terkait

Minggu 2 : PHP, HTML, and State

0 0 25

Chapter02 - Presenting Data in Tables and Charts

0 0 35

Strategies and Steps to eBusiness Success

0 0 51

Chapter07 - Sampling and Sampling Distributions

0 0 37

Chapter12 - Chi Square Tests and Nonparametric

0 0 65

Chapter16 - Time-Series Forecasting and Index

0 1 57

Intro to Network Security and Scanning

1 2 40

Req and Specification.zip

0 0 25

Limit Index: This index groups the records (keys) and only provides the location

0 0 7

File Organization and Storage Structures

0 0 7