need some tweaking

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

need some tweaking

Post by toyo »

Team, i am writing this simple program like a simple dictionary. What it does is that it allow users enter words into a database but does not accept same word twice... incase of that, it will inform the user that word already exist.

Also there will be an admin panel to accept the word

these are the requirements listed below:

Submitter Panel

1. Only the words that are not in database can be added
2. When somebody types in word in database, autocomplete (1 character or more) is there and it shows what all are there and allows
to add to database on hitting enter (not button)
3. Give the message that the word has been added.
4. When the name is added, it is added as stutus "Pending"
5. On the side show them the names as "name" status as "Pending"/"Approved"/"Rejected"

Approver Panel (provide a separate page)
Provide an interface that has the following fields
name, username (who submitted the name), checkbox (selecting approves the words) and it should show the user as "Approved". The ones that are not accepted are marked "Rejected". So it will be either accepted or rejected....

this is how far i have gone:

Code: Select all

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Word Dictionary</title>
</head>

<?php

session_start();

  


if(isset($_POST['submit']))

{
$name=$_POST['name'];
$word=$_POST['word'];


	$conn = mysql_connect('localhost', 'root', '');
	 if (!$conn)
    {
	 die('Could not connect: ' . mysql_error());
	}
	mysql_select_db("ani", $conn);
mysql_query("INSERT INTO `words`(user_name,word) 
		 VALUES ('$name','$word')"   ); 
		 
		echo "Thank you ! Your submission is pending";
				
}



?>



<body>


<form id="form1" name="form1" method="post" action="index.php">
  <p>Username 
    <label for="name"></label>
  <input type="text" name="name" id="name" />
  </p>
  <p>Word 
    <label for="word"></label>
    <input name="word" type="text" id="word" value="" size="45" />
  </p>
  <p>
    <input type="submit" name="submit" id="button" value="Submit" />
  </p>
</form>
</body>
</html>

I need contribution from you guys to achieve this goal. and i am sure i will get it.
thx in advance
Last edited by Celauran on Sat Jul 12, 2014 12:13 pm, edited 1 time in total.
Reason: Please wrap your code in syntax tags to keep it legible.
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: need some tweaking

Post by Celauran »

I don't think autocompleting after a single character is a good idea. As your dictionary grows, the autocomplete will basically become worthless. Returns every word starting with A? That's no help at all. Maybe firing after 3 characters would be better. Another thing to consider is that words often have more than one definition. What if a word already exists in the dictionary but the user wants to add another definition to it? How will you handle that?
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

hmmmmmmmmm.. thats true, never tot of that. thanks for your quick reply.. what do you suggest i do? and how to manage the synchronization between the admin and the user, the admin have to accept the word b4 it will be added
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

here is the admin snippet so far.

Code: Select all

<?php

session_start();


	$conn = mysql_connect('localhost', 'root', '');
	 if (!$conn)
    {
	 die('Could not connect: ' . mysql_error());
	}
	mysql_select_db("ani", $conn);
$result = mysql_query("SELECT user_name,word FROM `words` "   ); 
$row = mysql_fetch_array( $result );
 echo "<table border='1' cellpadding='5'>";
        echo "<tr><th>User Name</th> <th>Word </th> <th></th><th></th><th></th><th></th></tr>";
 while($row = mysql_fetch_array( $result )) 
 {
                // echo out the contents of each row into a table
                echo "<tr>";
                echo '<td>' . $row['user_name'] . '</td>';
				echo '<td>' . $row['word'] . '</td>';
				
			} 
			 // close table>
        echo "</table>";

?>
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

I need just two pages.

1. user page
2. Admin page
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: need some tweaking

Post by Celauran »

Now for the code itself:
  • Why XHTML over HTML?
  • Although you don't appear to be making use of sessions, you're calling session_start() and calling it after output has been sent to the browser, which means it won't work for cookie-based sessions.
  • You're using mysql_ functions, which are deprecated. Use PDO instead.
  • You're connecting to the DB as root, and root has no password. Both bad ideas.
  • die() is not acceptable error handling.
  • You're passing user data directly into your queries. This can end badly. Sanitize your inputs. Better yet, use prepared statements.
  • You're not validating your data. 7372y9889di';p$$$ would be accepted by your dictionary. This last one can definitely be tricky, as you don't want to refuse valid words.
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

ok. thx for that.. using root because am working locally and i dont share my PC..... Also about to sanitize the entries right now.. but i have a little problem,
Assuming i am using a text area instead of a text field, how will i match new words to ensure that we dont have a duplicate?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: need some tweaking

Post by Celauran »

If your users are going to be submitting single words, why would you use a text area? If they're going to be submitting multiple words via the text area, then you can strip out punctuation and explode on space or something to get an array of the individual words, then check those one at a time. Textarea probably means you can't practically use autocomplete.
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

ok. i see, i guess i will just stick to the text area then so i cand do the auto complete easily
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

i cant get the username to display after login.. even after using session. what am i doing wrong?

Code: Select all

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Word Dictionary</title>
</head>

<?php


session_start();


  $name=$_POST['name'];
 $_SESSION['name']=$username;
if($username)
{

       
	echo 'Hi ' . $username . "
	";
	echo "This is the Members Area
	";
	echo "<a href='logout.php'>Logout</a>";
}
if(isset($_POST['submit']))

{

$word=$_POST['word'];


	$conn = mysql_connect('localhost', 'root', '');
	 if (!$conn)
    {
	 die('Could not connect: ' . mysql_error());
	}
	mysql_select_db("ani", $conn);
mysql_query("INSERT INTO `words`(user_name,word) 
		 VALUES ('$name','$word')"   ); 
		 
		echo "Thank you ! Your submission is pending";
				
}



?>



<body>


<form id="form1" name="form1" method="post" action="login.php">
  <p>Username 
    <label for="name"></label>
  <input type="text" name="name" id="name" />
  </p>
  <p>Word 
    <label for="word"></label>
    <input name="word" type="text" id="word" value="" size="45" />
  </p>
  <p>
    <input type="submit" name="submit" id="button" value="Submit" />
  </p>
</form>
</body>
</html>
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: need some tweaking

Post by Celauran »

You need to call session_start before any output is sent to the browser.
toyo
Forum Commoner
Posts: 42
Joined: Thu May 15, 2014 1:27 am

Re: need some tweaking

Post by toyo »

ok . thx for your contribution
Post Reply