Page 1 of 1

need some tweaking

Posted: Sat Jul 12, 2014 11:57 am
by toyo
Team, i am writing this simple program like a simple dictionary. What it does is that it allow users enter words into a database but does not accept same word twice... incase of that, it will inform the user that word already exist.

Also there will be an admin panel to accept the word

these are the requirements listed below:

Submitter Panel

1. Only the words that are not in database can be added
2. When somebody types in word in database, autocomplete (1 character or more) is there and it shows what all are there and allows
to add to database on hitting enter (not button)
3. Give the message that the word has been added.
4. When the name is added, it is added as stutus "Pending"
5. On the side show them the names as "name" status as "Pending"/"Approved"/"Rejected"

Approver Panel (provide a separate page)
Provide an interface that has the following fields
name, username (who submitted the name), checkbox (selecting approves the words) and it should show the user as "Approved". The ones that are not accepted are marked "Rejected". So it will be either accepted or rejected....

this is how far i have gone:

Code: Select all

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Word Dictionary</title>
</head>

<?php

session_start();

  


if(isset($_POST['submit']))

{
$name=$_POST['name'];
$word=$_POST['word'];


	$conn = mysql_connect('localhost', 'root', '');
	 if (!$conn)
    {
	 die('Could not connect: ' . mysql_error());
	}
	mysql_select_db("ani", $conn);
mysql_query("INSERT INTO `words`(user_name,word) 
		 VALUES ('$name','$word')"   ); 
		 
		echo "Thank you ! Your submission is pending";
				
}



?>



<body>


<form id="form1" name="form1" method="post" action="index.php">
  <p>Username 
    <label for="name"></label>
  <input type="text" name="name" id="name" />
  </p>
  <p>Word 
    <label for="word"></label>
    <input name="word" type="text" id="word" value="" size="45" />
  </p>
  <p>
    <input type="submit" name="submit" id="button" value="Submit" />
  </p>
</form>
</body>
</html>

I need contribution from you guys to achieve this goal. and i am sure i will get it.
thx in advance

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:18 pm
by Celauran
I don't think autocompleting after a single character is a good idea. As your dictionary grows, the autocomplete will basically become worthless. Returns every word starting with A? That's no help at all. Maybe firing after 3 characters would be better. Another thing to consider is that words often have more than one definition. What if a word already exists in the dictionary but the user wants to add another definition to it? How will you handle that?

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:24 pm
by toyo
hmmmmmmmmm.. thats true, never tot of that. thanks for your quick reply.. what do you suggest i do? and how to manage the synchronization between the admin and the user, the admin have to accept the word b4 it will be added

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:24 pm
by toyo
here is the admin snippet so far.

Code: Select all

<?php

session_start();


	$conn = mysql_connect('localhost', 'root', '');
	 if (!$conn)
    {
	 die('Could not connect: ' . mysql_error());
	}
	mysql_select_db("ani", $conn);
$result = mysql_query("SELECT user_name,word FROM `words` "   ); 
$row = mysql_fetch_array( $result );
 echo "<table border='1' cellpadding='5'>";
        echo "<tr><th>User Name</th> <th>Word </th> <th></th><th></th><th></th><th></th></tr>";
 while($row = mysql_fetch_array( $result )) 
 {
                // echo out the contents of each row into a table
                echo "<tr>";
                echo '<td>' . $row['user_name'] . '</td>';
				echo '<td>' . $row['word'] . '</td>';
				
			} 
			 // close table>
        echo "</table>";

?>

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:25 pm
by toyo
I need just two pages.

1. user page
2. Admin page

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:28 pm
by Celauran
Now for the code itself:
  • Why XHTML over HTML?
  • Although you don't appear to be making use of sessions, you're calling session_start() and calling it after output has been sent to the browser, which means it won't work for cookie-based sessions.
  • You're using mysql_ functions, which are deprecated. Use PDO instead.
  • You're connecting to the DB as root, and root has no password. Both bad ideas.
  • die() is not acceptable error handling.
  • You're passing user data directly into your queries. This can end badly. Sanitize your inputs. Better yet, use prepared statements.
  • You're not validating your data. 7372y9889di';p$$$ would be accepted by your dictionary. This last one can definitely be tricky, as you don't want to refuse valid words.

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:47 pm
by toyo
ok. thx for that.. using root because am working locally and i dont share my PC..... Also about to sanitize the entries right now.. but i have a little problem,
Assuming i am using a text area instead of a text field, how will i match new words to ensure that we dont have a duplicate?

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:48 pm
by Celauran
If your users are going to be submitting single words, why would you use a text area? If they're going to be submitting multiple words via the text area, then you can strip out punctuation and explode on space or something to get an array of the individual words, then check those one at a time. Textarea probably means you can't practically use autocomplete.

Re: need some tweaking

Posted: Sat Jul 12, 2014 12:57 pm
by toyo
ok. i see, i guess i will just stick to the text area then so i cand do the auto complete easily

Re: need some tweaking

Posted: Sat Jul 12, 2014 5:06 pm
by toyo
i cant get the username to display after login.. even after using session. what am i doing wrong?

Code: Select all

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Word Dictionary</title>
</head>

<?php


session_start();


  $name=$_POST['name'];
 $_SESSION['name']=$username;
if($username)
{

       
	echo 'Hi ' . $username . "
	";
	echo "This is the Members Area
	";
	echo "<a href='logout.php'>Logout</a>";
}
if(isset($_POST['submit']))

{

$word=$_POST['word'];


	$conn = mysql_connect('localhost', 'root', '');
	 if (!$conn)
    {
	 die('Could not connect: ' . mysql_error());
	}
	mysql_select_db("ani", $conn);
mysql_query("INSERT INTO `words`(user_name,word) 
		 VALUES ('$name','$word')"   ); 
		 
		echo "Thank you ! Your submission is pending";
				
}



?>



<body>


<form id="form1" name="form1" method="post" action="login.php">
  <p>Username 
    <label for="name"></label>
  <input type="text" name="name" id="name" />
  </p>
  <p>Word 
    <label for="word"></label>
    <input name="word" type="text" id="word" value="" size="45" />
  </p>
  <p>
    <input type="submit" name="submit" id="button" value="Submit" />
  </p>
</form>
</body>
</html>

Re: need some tweaking

Posted: Sat Jul 12, 2014 5:09 pm
by Celauran
You need to call session_start before any output is sent to the browser.

Re: need some tweaking

Posted: Sun Jul 13, 2014 12:01 pm
by toyo
ok . thx for your contribution