Aims:
shag.html
)
becomes a PHP script (shag.php
)
CREATE TABLE comments_table ( id INT NOT NULL AUTO_INCREMENT, username VARCHAR(255), message TEXT, PRIMARY KEY (id) );
<!DOCTYPE html> <html lang="en"> <head> <title>Shag Ireland - News</title> <link rel="stylesheet" href="comments.css" /> </head> <body> <header> <h1>Shag Ireland - News</h1> </header> <article> <!-- The rest of the 'normal' web page goes here --> <?php require_once( 'output_functions.php' ); function output_form( ) { echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">"; echo "<fieldset>"; echo "<legend>Post a new comment</legend>"; output_textfield('username', 'Name: ', 'username', 25, 25, '', false); echo "<div>"; echo "<label for=\"message\">Comment:</label>"; echo "<textarea name=\"message\" id=\"message\" rows=\"5\" cols=\"50\">"; echo "</textarea>"; echo "</div>"; output_submit_button('Submit'); output_reset_button('Reset'); echo "</fieldset>"; echo "</form>"; } function is_initial_request() { return ! isset($_POST['submit']); } // Connect to database $dbconnection = mysqli_connect( $host, $user, $password, $dbname ); if ( ! $dbconnection ) { die(); } if ( ! is_initial_request() ) { $username = $_POST['username']; $message = $_POST['message']; // Insert into the database $insert_sql = "INSERT INTO comments_table (username, message) VALUES ('{$username}', '{$message}');"; $dbinsert_result = mysqli_query( $dbconnection, $insert_sql ); if ( ! $dbinsert_result ) { die(); } } echo "<section>"; echo "<h1>Comments</h1>"; output_form(); $retrieve_sql = "SELECT * FROM comments_table ORDER BY id DESC"; $dbretrieve_result = mysqli_query( $dbconnection, $retrieve_sql ); if ( ! $dbretrieve_result ) { die(); } if ( mysqli_num_rows( $dbretrieve_result ) != 0 ) { while ( $row = mysqli_fetch_assoc( $dbretrieve_result ) ) { echo "<article> <h1>{$row['username']}</h1> <p>{$row['message']}</p> </article>"; } } echo "</section>"; mysqli_free_result( $dbretrieve_result ); mysqli_close( $dbconnection ); ?> </article> </body> </html>
method
attributeaction
attributemethod="get"
, the data is added to the end of the URL
after a question mark, e.g.:
GET guestbook.php?first=Hugh&surname=Jeegoh HTTP/1.1
method="post"
, the data is included in the HTTP request body,
not the header
POST guestbook.php HTTP/1.1
first=Hugh&surname=Jeegoh
method="get"
,
method="post"
,
method="post"
method="post"
instead of
method="get"
$_POST
instead
of $_GET
comments_script.php
)
wombats.html
,
badgers.html
) will
become a PHP script (wombats.php
,
badgers.php
) and we will use
require_once
to include the chunk of PHP
CREATE TABLE comments_table ( id INT NOT NULL AUTO_INCREMENT, username VARCHAR(255), url VARCHAR(255) NOT NULL, message TEXT, PRIMARY KEY (id) );
wombats.php
<!DOCTYPE html> <html lang="en"> <head> <title>Wombat Lovers Corner</title> <link rel="stylesheet" type="text/css" href="comments.css" /> </head> <body> <header> <h1>Wombat Lovers Corner</h1> </header> <article> <!-- The rest of the 'normal' web page goes here --> <?php require_once('comments_script.php'); ?> </article> </body> </html>
comments_script.php
<?php require_once( 'output_functions.php' ); function output_form( ) { echo "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\""; echo "<fieldset>"; echo "<legend>Post a new comment</legend>"; output_textfield('username', 'Name: ', 'username', 25, 25, '', false); echo "<div>"; echo "<label for=\"message\">Comment:</label>"; echo "<textarea name=\"message\" id=\"message\" rows=\"5\" cols=\"50\">"; echo "</textarea>"; echo "</div>"; output_submit_button('Submit'); output_reset_button('Reset'); echo "</fieldset>"; echo "</form>"; } function is_initial_request() { return ! isset($_POST['submit']); } // Connect to database $dbconnection = mysqli_connect( $host, $user, $password, $dbname ); if ( ! $dbconnection ) { die(); } $url = $_SERVER['PHP_SELF']; if ( ! is_initial_request() ) { $username = $_POST['username']; $message = $_POST['message']; // Insert into the database $insert_sql = "INSERT INTO comments_table (username, url, message) VALUES ('{$username}', '{$url}', '{$message}');"; $dbinsert_result = mysqli_query( $dbconnection, $insert_sql ); if ( ! $dbinsert_result ) { die(); } } echo "<section>"; echo "<h1>Comments</h1>"; output_form(); $retrieve_sql = "SELECT * FROM comments_table WHERE url = '{$url}' ORDER BY id DESC"; $dbretrieve_result = mysqli_query( $dbconnection, $retrieve_sql ); if ( ! $dbretrieve_result ) { die(); } if ( mysqli_num_rows( $dbretrieve_result ) != 0 ) { while ( $row = mysql_fetch_assoc( $dbretrieve_result ) ) { echo "<article> <h1>{$row['username']}</h1> <p>{$row['message']}</p> </article>"; } } echo "</section>"; mysqli_free_result( $dbretrieve_result ); mysqli_close( $dbconnection ); ?>