JavaScript Editor Javascript source editor     Web programming 

Team LiB
Previous Section Next Section

Adding Posts to a Topic

In this final step, you will create the replytopost.php script, which contains code that looks quite similar to the script used to add a new topic. Listing 20.5 shows the code for this all-in-one form and script, which begins with the database connection in lines 35. Although the script performs different tasks depending on the status of the form (whether it's being shown or submitted), both conditions require database interaction at some point.

Listing 20.5. Script to Add Replies to a Topic
 1: <?php
 2: //connect to server and select database; we'll need it soon
 3: $conn = mysql_connect("localhost", "joeuser", "somepass")
 4:     or die(mysql_error());
 5: mysql_select_db("testDB",$conn) or die(mysql_error());
 7: //check to see if we're showing the form or adding the post
 8: if ($_POST[op] != "addpost") {
 9:    // showing the form; check for required item in query string
10:    if (!$_GET[post_id]) {
11:         header("Location: topiclist.php");
12:         exit;
13:    }
15:       //still have to verify topic and post
16:    $verify = "select ft.topic_id, ft.topic_title from
17:     forum_posts as fp left join forum_topics as ft on
18:     fp.topic_id = ft.topic_id where fp.post_id = $_GET[post_id]";
20:    $verify_res = mysql_query($verify, $conn) or die(mysql_error());
21:     if (mysql_num_rows($verify_res) < 1) {
22:        //this post or topic does not exist
23:        header("Location: topiclist.php");
24:        exit;
25:    } else {
26:        //get the topic id and title
27:        $topic_id = mysql_result($verify_res,0,'topic_id');
28:        $topic_title = stripslashes(mysql_result($verify_res,
29:         0,'topic_title'));
31:        echo "
32:        <html>
33:        <head>
34:        <title>Post Your Reply in $topic_title</title>
35:        </head>
36:        <body>
37:        <h1>Post Your Reply in $topic_title</h1>
38:        <form method=post action=\"$_SERVER[PHP_SELF]\">
40:        <p><strong>Your E-Mail Address:</strong><br>
41:        <input type=\"text\" name=\"post_owner\" size=40 maxlength=150>
43:        <P><strong>Post Text:</strong><br>
44:        <textarea name=\"post_text\" rows=8 cols=40 wrap=virtual></textarea>
46:        <input type=\"hidden\" name=\"op\" value=\"addpost\">
47:        <input type=\"hidden\" name=\"topic_id\" value=\"$topic_id\">
48:        <P><input type=\"submit\" name=\"submit\" value=\"Add Post\"></p>
49:        </form>
50:        </body>
51:        </html>";
52:    }
53: } else if ($_POST[op] == "addpost") {
54:    //check for required items from form
55:    if ((!$_POST[topic_id]) || (!$_POST[post_text]) ||
56:    (!$_POST[post_owner])) {
57:       header("Location: topiclist.php");
58:       exit;
59:    }
61:    //add the post
62:    $add_post = "insert into forum_posts values ('', '$_POST[topic_id]',
63:     '$_POST[post_text]', now(), '$_POST[post_owner]')";
64:    mysql_query($add_post,$conn) or die(mysql_error());
66:    //redirect user to topic
67:    header("Location: showtopic.php?topic_id=$topic_id");
68:    exit;
69: }
70: ?>

Line 8 checks to see whether the form is being submitted. If the value of $_POST[op] is not "addpost", the form has not yet been submitted and, therefore, it must be shown. Before showing the form, however, you must check for that one required item; lines 1013 check for the existence of a value for post_id in the GET query string. If a value in $_GET[post_id] does not exist, the user is redirected back to the topic listing page.

If you made it past the check for a value in $_GET[topic_id], lines 1720 issue a complicated-looking query that gets the values of the topic_id and topic_title fields from the forum_topics table, based on the only value that you know: the value of $_GET[post_id]. This query both validates the existence of the post and gets information you will need later in the script. Lines 2124 act on the results of this validity test, again redirecting the user back to the topiclist.php page if the test fails.

If the value of $_GET[post_id] represents a valid post, you extract the value of topic_id and topic_title in lines 2729, again using stripslashes() to remove any escape characters. Next, the entirety of the form for adding a post is printed to the screen, and that's it for this script until the form submission button is clicked. In the form, you see that the action is $_SERVER[PHP_SELF] on line 38, indicating that this script will be recalled into action. Two hidden fields are present, in lines 46 and 47, which hold the information that needs to be passed along to the next iteration of the script.

Moving on to line 53, this block of code is executed when the script is reloaded and the value of $_POST[op] (one of the hidden fields in the form) is "addpost". This block checks for the presence of all required fields from the form (lines 5559) and then, if they are all present, issues the query to add the post to the database (lines 6264). After the post is added to the database, the user is redirected to the showtopic.php page (lines 6768), using the appropriate query string to display the active topic.

If you save this file as replytopost.php and place it in your Web server document root, try it out and you may see something like Figures 20.8 and 20.9.

Figure 20.8. Preparing to add a post.

Figure 20.9. A post was added to the list.

    Team LiB
    Previous Section Next Section

    JavaScript Editor Javascript source editor     Web programming