Update a Record, Display Results. One Page.

Coding Critique is the place to post source code for peer review by other members of DevNetwork. Any kind of code can be posted. Code posted does not have to be limited to PHP. All members are invited to contribute constructive criticism with the goal of improving the code. Posted code should include some background information about it and what areas you specifically would like help with.

Popular code excerpts may be moved to "Code Snippets" by the moderators.

Moderator: General Moderators

Post Reply
wibblywobbly
Forum Newbie
Posts: 17
Joined: Mon Oct 19, 2009 10:11 am

Update a Record, Display Results. One Page.

Post by wibblywobbly »

Hello everyone.

I've decided to learn PHP, and I'm in week 3 of my education. My heads hurts, no one said it would be algebra! I'm finding it very exciting. One day, I want to be able to create simple content management systems. I've just written my first piece of code, and I could do with your help and critique on it.

It displays some text saved in a database. You can adjust the text using a text box and click update, it then shows you the new updated text.

Simple really.

What I'd like to know is,

- Is there a better way of doing this?
- Are any of the functions I'm using dated or just wrong?
- Could more error messages be added to help if things go wrong, where?

Generally I'd love to discuss with you how this code can be streamlined, made more professional and efficient. It's my first php...

Code: Select all

<?php
 
/*
 
Hello, you'll need an SQL database, mine's called "default"
and a table in that database called "textrecord"
and a field in that table called "blurb"
Insert some text data into your record to begin wth, this script only edits the record, it doesn't create new text
 
Thanks!
*/
 
// connecting to the database
$connect = mysql_connect ("localhost","root","root") or die ("Connection to database failed");
mysql_select_db ("default");
 
//extracting the record from the database and displaying it
 
$extract = mysql_query ("SELECT * FROM textrecord"); 
$numrows = mysql_num_rows ($extract);
 
while ($row = mysql_fetch_assoc ($extract))
{
    $currentblurb   =   $row ['blurb'];
}
 
    echo "Your record currently contains this text: <p>";
    echo "'$currentblurb'";
    
//Next is the form to update the record. I want the text area to show what's currently contained in the record so it can easily be edited.
 
?>
 
<form method = 'post' action='updatingrecords.php'>
Edit the text and click update.
<p>
<textarea name="blurbarea" rows="20"><?php  echo $currentblurb; ?></textarea>
<p>
<input type='submit' name = 'submit' value='Update'>
<p>
</form>
 
<?php
 
// updating the record with the new text once it's been submitted
 
$blurbarea = $_POST ['blurbarea'];
$submit = $_POST ['submit'];
 
if ($submit)
 
{
        //update the record with the users new text
        $update = mysql_query ("UPDATE textrecord SET blurb = '$blurbarea'");
        //Refresh the page with the new record showing
        echo "Please wait, updating... <meta http-equiv = 'refresh' content = '2'>";
    
}
 
?>
 

My own critique: I don't like that the refresh comes after 2 seconds, and whilst your waiting the text in the text box goes back to the original record entry. I also don't like that the message "Please wait, updating..." is at the bottom of the page and not at the top. I don't know how you'd move it.

Next I'm going to work on stripping the html tags but including line breaks, then securing this page using login and sessions and finally making it looks attractive in CSS.

Great to be here,
Thanks in advance for any help!
-- wobblywobbly.
nshiell
Forum Newbie
Posts: 12
Joined: Mon Oct 19, 2009 12:20 pm

Re: Update a Record, Display Results. One Page.

Post by nshiell »

My heads hurts, no one said it would be algebra
Welcome to PHP! Fun Tho!

Well it's good practice to throw Exceptions if the database connections and queries fail.
Definitely look at the tutorials on W3 Schools.

Well if this is ALL it's going to do then why change it?
On my CMS I have split up all the functionality into functions so all I have to do is call a function in another file and not worry about how it does something.

So many things you can play with, like arrays, more SQL query types, classes, OOP.
If I where you I would think about splitting the design of your pages from the code to make them work - this is SUPER IMPORTANT in CMS systems!

MVC is fun too although very deep
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Update a Record, Display Results. One Page.

Post by Christopher »

First you should add some error checking for it the database connection or query fail. And you need to escape all data that goes into the database for security. I would recommend using PDO and prepared statements instead.

Code: Select all

       $blurbarea = mysql_real_escape_string($blurbarea);
        $update = mysql_query ("UPDATE textrecord SET blurb = '$blurbarea'");
And if you are displaying data that users can enter in the database, then you could escape the output when generating the page.
(#10850)
TheOnly92
Forum Newbie
Posts: 19
Joined: Thu Jan 15, 2009 6:05 am

Re: Update a Record, Display Results. One Page.

Post by TheOnly92 »

Why not update the record before displaying it? Like check for POSTS at the beginning of the script, then retrieve the data later on so that you don't have to refresh the page again.
Post Reply