User Friendly Admin

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

camhabib
Forum Commoner
Posts: 37
Joined: Tue Aug 16, 2005 8:36 pm
Location: Boston, MA

User Friendly Admin

Post by camhabib »

Last stage of my project. The client wants a kind of admin page for the MySQL database. I have set up a page that requires PHP authentication, that works fine. The only thing is how to get the data from the database into a user friendly and neat table. The client would also like a way to give each entry a "yes" or "no" designation allowing the entries to then be separated based on that. So I'm thinking the following scripts would be necessary:

1) Retrieve data from database and display
2) Allow for the editing of a field, creating a "0" or "1"
3) Create a script (dropdown menu) to allow for showing of "0" "1" neither or both

I suppose #2 would be the easiest of them all. The hardest part for me would be making it so that when the user logs in, the information is quickly and neatly displayed (we're talking around 10,000 entries by the time the project is complete). Any suggestions on how to do ANY of this or where to even start, I'd really appreciate it. Thanks.

-Cameron
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

could not think of sth more simpler :)

Code: Select all

while ($row = mysql_fetch_row($result)){
	$id = $row["id"]//unique id 
	$yes = $row["yesNO"]//assume this as the yes/no field which has either 1 or 0
	if ($yes){//if yes make no
		$caption = "Make No";
		$value = 0;
	}else{//if no make yes
		$caption = "Make Yes";
		$value = 1;
	}

	echo "<a href = "somepage.php?action=changeYesNO&value=$value">$caption</a>";
}
Last edited by raghavan20 on Thu Aug 18, 2005 7:31 pm, edited 1 time in total.
camhabib
Forum Commoner
Posts: 37
Joined: Tue Aug 16, 2005 8:36 pm
Location: Boston, MA

Post by camhabib »

You’re right on the simple part. The only problem is she wants to have like 100 submissions per page. I'm just trying to think of a way to do almost something like inserting the SQL entries into a HTML table. The first column would be of course the dropdown box for the selection of 0 or 1.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

dropdown? use a checkbox, where the value is the record ID, the name should autocreate an array like the following:

Code: Select all

<input type="checkbox" name="remove[]" value="1234" />rest of the record row data.... blah blah
<input type="checkbox" name="remove[]" value="1235" />rest of the record row data.... blah blah
you'll get it like

Code: Select all

print_r($_POST['remove']);
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

to complement feyd,

Code: Select all

<form method='post'>
<input type="checkbox" name="remove[]" value="1234" />rest of the record row data.... blah blah 
<input type="checkbox" name="remove[]" value="1235" />rest of the record row data.... blah blah
<input type="submit" value = "submit" />
</form>

Code: Select all

if (isset($_POST['remove'])){
	$tempArray = $_POST['remove'];
	foreach($tempArray as $key => $value){
		if (!empty($value) || $value >= 1){
			$query = "update table_name set `YesNo` = 1";
			echo $query."<br />";
		}
	}
}
camhabib
Forum Commoner
Posts: 37
Joined: Tue Aug 16, 2005 8:36 pm
Location: Boston, MA

Post by camhabib »

Hmmm, alright, thanks.

How about getting the database to fit on a table? So far I've thought of something like:

Code: Select all

<?php 

$_SERVER['PHP_AUTH_USER']=$_POST['username'];
$_SERVER['PHP_AUTH_PW']=$_POST['password'];


if ($_SERVER['PHP_AUTH_USER'] != 'username') { 
die("Wrong username");
} else if ($_SERVER['PHP_AUTH_PW'] != 'password') {
die("Wrong password");
} else {}

?>


<html>
<body>

<?php
mysql_connect("mysql","username","password");
@mysql_select_db("mysql") or die("Could not select database");

$result=mysql_query("SELECT * FROM Submissions.info");

print "<table width=800 border=1><tr>
				<td>ID#</td>
				<td>0/1</td>
				<td>Quote</td>
				<td>FName</td>
				<td>LName</td>
				<td>City</td>
				<td>State</td>
				<td>Country</td>
				<td>Age</td>
				<td>Gender</td>
				<td>Marital</td>
				<td>Occupation</td>
				<td>Education</td>
				<td>E-Mail</td>
				<td>IP</td>
				<td>DateTime</td>
			</tr>\n";
while ($get_info = mysql_fetch_row($result)){ 
print "<tr>\n";
foreach ($get_info as $field) 
print "\t<td><font face=arial size=1/>$field</font></td>\n";
print "</tr>\n";
}
print "</table>\n";
mysql_close($link);

?>

</body>
</html>
It works fine for displaying. I'm scratching the dropdown / button idea and I think I'm going to switch to a small field up top where the user can enter the unique ID# of the submission and change the ATTR to anything they like. Also, I was thinking about doing pages, but on the

Code: Select all

$result=mysql_query("SELECT * FROM Submissions.info");

statment I couldn't figure out on how to do something like "1000 > ID# > 1".
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

hope this works :wink:

Code: Select all

$fields = mysql_num_fields($result); 
echo "<table>"; 
echo "<form method = 'post'>"
while ($row = mysql_fetch_row($result)){ 
	echo "<tr>"; 
	for ($i=0; $i < $fields; $i++) { 
		$name  = mysql_field_name($result, $i); 
		if ($name == "0/1") {
			echo "<td class = 'something'>$row[$i]</td>"; //pls do use classes, css for styling 
			echo "<td><input type = \"checkbox\" name = \"remove[]\" value = \"$row[0]\" /></td>";//guess $row[0] is pk
		}
		else{	
			echo "<td class = 'something'>$field</td>"; 
		}
	} 
	echo "</tr>"; 
} 
echo "<input type = 'submit' value ='submit'>";
echo "</form></table>"; 

//process the $_POST['remove'] here
//use the earlier code for processing arrays
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

are you using http authentication???why???
do you atleast use md5 with it???
does this snippet go into admin page???
feyd, how many ppl still use http authentication for admin or somewhere???
camhabib
Forum Commoner
Posts: 37
Joined: Tue Aug 16, 2005 8:36 pm
Location: Boston, MA

Post by camhabib »

Raghavan20, thanks a lot. There is only one issue, if you look to the left of your screen, under my name, it says "forum newbie".... just so happens I'm a PHP newbie too. Is there any chance you could break that down a little, I'm getting rather confused with all the code flying around this post. Sorry to burden you.
raghavan20 wrote:hope this works :wink:

Code: Select all

$fields = mysql_num_fields($result); 
echo "<table>"; 
echo "<form method = 'post'>"
while ($row = mysql_fetch_row($result)){ 
	echo "<tr>"; 
	for ($i=0; $i < $fields; $i++) { 
		$name  = mysql_field_name($result, $i); 
		if ($name == "0/1") {
			echo "<td class = 'something'>$row[$i]</td>"; //pls do use classes, css for styling 
			echo "<td><input type = "checkbox" name = "remove[]" value = "$row[0]" /></td>";//guess $row[0] is pk
		}
		else{	
			echo "<td class = 'something'>$field</td>"; 
		}
	} 
	echo "</tr>"; 
} 
echo "<input type = 'submit' value ='submit'>";
echo "</form></table>"; 

//process the $_POST['remove'] here
//use the earlier code for processing arrays
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

it can be used effectively, for added security, you could require HTTP auth and internal login... HTTP Auth is used in a lot of system, the username and password could easily be varied minute-to-minute, so it's not like it's a single login fits all scenario..
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

updated with comments

Post by raghavan20 »

Code: Select all

$fields = mysql_num_fields($result); //number of fields returned by the result resource
echo "<table>"; 
echo "<form method = 'post'>";//it uses post which is important
while ($row = mysql_fetch_row($result)){ 
	echo "<tr>"; 
	for ($i=0; $i < $fields; $i++) { //loop until all fields are displayed
		$name  = mysql_field_name($result, $i); //find the name of the current field
		if ($name == "0/1") {//check for your field name, if so add input check box control
			echo "<td class = 'something'>$row[$i]</td>"; //pls do use classes, css for styling 
			echo "<td><input type = \"checkbox\" name = \"remove[]\" value = \"$row[0]\" /></td>";//guess $row[0] is pk
		}
		else{	
			echo "<td class = 'something'>$field</td>"; 
		}
	} 
	echo "</tr>"; 
} 
echo "<input type = 'submit' value ='submit'>";//submit the form
echo "</form></table>";
Last edited by raghavan20 on Thu Aug 18, 2005 9:01 pm, edited 1 time in total.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

feyd, as you say it can only be an additional layer of security not itself the security!!!
camhabib
Forum Commoner
Posts: 37
Joined: Tue Aug 16, 2005 8:36 pm
Location: Boston, MA

Post by camhabib »

Code: Select all

<?php 
$_SERVER['PHP_AUTH_USER']=$_POST['username'];
$_SERVER['PHP_AUTH_PW']=$_POST['password'];
if ($_SERVER['PHP_AUTH_USER'] != 'username') { 
die("Wrong username");
} else if ($_SERVER['PHP_AUTH_PW'] != password') {
die("Wrong password");
} else {}
?>
That’s my script for the authentication. It works for the first page, but then any page linked to that script (via a require() command) returns a "Wrong username". Any suggestions on how to fix. There is no need to create an overly secure page, its just to keep out random visitors.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

I dont get this actually.
let me assume, you have a form with user name and password fields.
the user fills in, you validate with server variables and allow him to view the same page or redirect to another page.
then you check/authenticate elsewhere???
if you are doin soemthing like that, then the $_POST wont be following you which I think should be stored in the session variable. dont store the password jus the username alone in the session to maintain identity.
hope you get wot i say. 8O
camhabib
Forum Commoner
Posts: 37
Joined: Tue Aug 16, 2005 8:36 pm
Location: Boston, MA

Post by camhabib »

The user enters the username and password via a form.

Code: Select all

<FORM method="post" action="admin.php'>
That code is in the login screen and redirects to a page that I want secure. The page that I want secure has a

Code: Select all

require("admin.php");
tag before anything which links to that script I posted before. On the admin.php page, there are several links to other pages, all with the same

Code: Select all

require("admin.php");
tag in the beginning. So basically the user is authenticated on the secure page. I was trying to figure out a way to do something like a

Code: Select all

return($authtic)
to return that the user has been authenticated and is allowed to view all secure pages. I can easily so security on my own server running W2k3SEE w/ IIS6.0 however that’s by user groups and folder/page privileges.
Post Reply