Page 1 of 1

news system (adding an edit and delete option)

Posted: Tue Jun 10, 2003 3:48 am
by irealms
i have a news system on my site and want to add an option to edit and delete certain articles. The code is :

Code: Select all

<?php
echo "<table class="log" width="100%">";

$link = mysql_connect($page_mysqlserver, $page_mysqluser, $page_mysqlpass);
mysql_select_db($page_mysqldb);

$sql = "SELECT * FROM blog";
$result = mysql_query($sql);
$entries = mysql_num_rows($result);

if ($_GET['viewing'] != NULL) {
$viewing = $_GET['viewing'];
}
else {
$viewing = $entries;
}

echo '<tr align="right">';
echo "<td>view:  ";
if ($viewing < $entries) {
echo "<a href="index.php?page=siteann&&viewing=".($viewing + 5)."">newer</a> | ";
}
else {
echo "newer | ";
}
if ($viewing > 0 AND ($viewing - 5) >= 0) {
echo "<a href="index.php?page=siteann&&viewing=".($viewing - 5)."">older</a><p></td>";
}
else {
echo 'older<p><hr color="#9A0602"></td>';
}

echo "</tr>";

echo "<tr>";
echo "<td width="100%">";

$sql = "SELECT * FROM blog WHERE id>".($viewing - 5)." AND id<=".$viewing." order by id desc";
$result = mysql_query($sql);

while ($row = mysql_fetch_array($result)) {
$id = $row[0];
$date = $row[1];
$title = $row[2];
$entry = $row[3];

if ($id != NULL) {
echo '<b>Title:</b> '.$title.'<p>';
echo '<b>Date:</b> '.$date.'<p>';
echo '<b>News:</b><br /><p>'.$entry.'</p>';
echo '<hr color="#9A0602">';
}

}

echo "</td>";
echo "</tr>";

echo "</table>";
?>
and i'm not sure how to do this. I need a link to come up with each article that would allow for deletion or editing of the particular article only.

Posted: Tue Jun 10, 2003 4:11 am
by volka
the articles are identified by the field id?
if so transfer this parameter through e.g. a link and use it for a DELETE query

Posted: Tue Jun 10, 2003 4:16 am
by twigletmac
Hiya, kinda went through your code:

Code: Select all

<?php 
// indenting code makes it much easier to read

// you can use single quotes around HTML to make escaping the double quotes
// uneccessary (as I see you've done later on)
echo '<table class="log" width="100%">'; 

// it's always a good idea to have some sort of error handling for the mysql
// functions otherwise it can cause lots of problems if something fails and
// users will get error messages you don't really want them to see (of course
// for a production site you wouldn't want to use mysql_error() but something
// more generic.
@$link = mysql_connect($page_mysqlserver, $page_mysqluser, $page_mysqlpass) or die(mysql_error()); 
@mysql_select_db($page_mysqldb) or die(mysql_error()); 

// don't select everything from a table if you only want to see how many rows there
// are in it, just put the name of one field in the SELECT
$sql = "SELECT id FROM blog"; 
$result = mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>'); 
$entries = mysql_num_rows($result); 

// using empty() will check for zeros and an empty string as well as for a
// NULL value and you can use the ternary operator to cut 6 lines down to one
$viewing = (!empty($_GET['viewing'])) ? $_GET['viewing'] : $entries; 

echo '<tr align="right">'; 
echo '<td>view:  '; 
if ($viewing < $entries) { 
	echo '<a href="index.php?page=siteann&&viewing='.($viewing + 5).'">newer</a> | '; 
} 
else { 
	echo "newer | "; 
} 

if ($viewing > 0 && ($viewing - 5) >= 0) { 
	echo '<a href="index.php?page=siteann&&viewing='.($viewing - 5).'">older</a><p></td>'; 
} 
else { 
	echo 'older<p><hr color="#9A0602"></td>'; 
} 

echo '</tr>'; 

echo '<tr>'; 
echo '<td width="100%">'; 

// specify the fields you want to return from the table
// you probably don't want to rely on the ID field for returning the correct
// values as if you delete anything there will be gaps and the results will
// not appear as you expect, instead use a LIMIT clause on the SELECT
$sql = "SELECT id, date, title, entry FROM blog ORDER BY id DESC LIMIT ".($viewing-5).", 5"; 
$result = mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>'); 

// using mysql_fetch_assoc() is probably more reliable than referencing the 
// rows by number because that could cause odd results if the database
// structure changes (e.g. a new field is added between existing ones)
while ($row = mysql_fetch_assoc($result)) { 
	// data should be formatted for output by using functions such as
	// htmlspecialchars()

	$id = $row['id']; 

	// how are you storing the date in the database? a DATE or TIMESTAMP field
	// should be used instead of VARCHAR and the date can be formatted in the
	// SELECT statement using DATE_FORMAT()
	$date = $row['id'];

	$title = htmlspecialchars($row['title']); 
	$entry = htmlspecialchars($row['entry']); 

	if (!empty($id)) { 
		echo '<p><b>Title:</b> '.$title.'</p>'; 
		echo '<p><b>Date:</b> '.$date.'</p>'; 
		echo '<p><b>News:</b></p><p>'.$entry.'</p>'; 

		// if you wanted to add links for editing or deleting articles you could
		// add them here (you'd probably need to put in some validation that only
		// printed these links if you were logged in as the author

		// since you've passed the id to the editing and deleting pages you can 
		// then use that information to identify the record in the database and
		// either prepare it for editing or delete it.
		echo '<p><a href="editpage.php?article='.$id.'">Edit Article</a> | <a href="deletepage.php?article='.$id.'">Delete Article</a></p>';

		echo '<hr color="#9A0602" />'; 

	} 
} 

echo '</td>'; 
echo '</tr>'; 

echo '</table>'; 
?>
Mac

wow

Posted: Tue Jun 10, 2003 4:23 am
by irealms
wow thanks twig, lots for me to look at :)

i've decided not to use delete as it is news and i'd rather people not delete things so the site has a true archive.

Looking at what you said regarding the date, i'd like to change it so instead of using a varchar, when someone enters a record it automatically sets the date. Any way of doing this?