I'm new to webdev and still trying to understand what to do and what not to do..
Last night I wrote a small script to help myself with keeping all the notes and ideas in one place. I'm using PHP/HTML/JS(jQuery+ajax) only, whole script is written in one file (except for jquery).
Script took me 2 hours to write, for me it looks like I have done everything correctly, but I doubt it. Could I please get some critique and tips on what (if) I'm doing wrong?
Script:
Code: Select all
<?php
$con=mysqli_connect("-","-","-","-");
if(isset($_POST["data"])){
$data=explode(":",$_POST["data"]);
if($data[0]==1 && preg_match('/^[0-9]*$/', $data[1]))
if (mysqli_query($con,"DELETE FROM tracker WHERE id=$data[1]")) echo "<span style=\"color:green\">Entry with id ".$data[1]." deleted!";
die;
}
if(isset($_POST["edit"]) && preg_match('/^[0-9]*$/', $_POST["id"])) {
if (mysqli_query($con,"UPDATE tracker SET data='".mysqli_real_escape_string($con,$_POST["value"])."' WHERE id=$_POST[edit]")) echo $_POST["value"];
die;
}
echo "<head>
<link href=\"http://fonts.googleapis.com/css?family=Prociono\" rel=\"stylesheet\" type=\"text/css\">
<script src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js\"></script>
<script src=\"js.js\"></script>
<style>
body { background: url(http://i.imgur.com/6RNBEba.jpg) no-repeat black fixed ; color:white; }
</style>
<script>
$(document).ready(function(){
$('.edit_area').editable('tracker.php', {
id: 'edit',
name: 'value',
type: 'textarea',
cancel: 'Cancel',
submit: 'OK',
event: 'dblclick',
indicator: '<img src=\"http://www.appelsiini.net/projects/jeditable/img/indicator.gif\">',
tooltip: 'Click to edit...'
});
$(\".ajax\").click(function(e){
var r=confirm('Are you sure you want to delete this record?');
if (r==true)
{
$.ajax({
type: 'POST',
url: 'tracker.php',
data: { data: $(this).attr('value')},
success:function(result){
$('#result').html(result);
$('#saraksts').html('<font color=\"white\">Loading..</color>');
$.ajax({
type: 'POST',
url: 'tracker.php',
data: { load: 'saraksts'},
success:function(result){ $('#saraksts').html(result); }
});
}
});
}
});
});
</script>
</head>";
echo "<body>";
if($_POST["submit"]) mysqli_query($con,"INSERT INTO tracker (type,data,time,deleted) VALUES (".mysqli_real_escape_string($con,$_POST["type"]).", '".mysqli_real_escape_string($con,$_POST["text"])."',".time().", 0)");
if(!$_POST["load"]) echo "<center>
<form action=\"tracker.php\" method=\"POST\">
<select name=\"type\" style=\"color: white; background-color: #1F1F00\">
<option value=\"1\">Note</option>
<option value=\"2\">Important</option>
<option value=\"3\">Idea</option>
</select><br/>
<textarea name=\"text\" rows=\"4\" cols=\"50\" style=\"color: white; background-color: #1F1F00\"></textarea><br/>
<input type=\"submit\" name=\"submit\" value=\"Submit\" style=\"color: white; background-color: #1F1F00\">
</form>
<div id='result'></div>
</center>";
$t=mysqli_query($con,"SELECT * FROM tracker WHERE deleted=FALSE ORDER BY time DESC"); if(mysqli_num_rows($t)){
echo "<div id=\"saraksts\" align='center' style='width:800px; margin: auto'><table style=\"width:100%;border-collapse: collapse; \">";
$c; $cc;
while ($t2 = mysqli_fetch_array($t)) {
if($c) { $c=FALSE; $cc="#191919"; } else { $c=TRUE; $cc="#303030"; }
if($t2[2]==1) $ccc="#0066FF"; elseif($t2[2]==2) $ccc="#FF0000"; elseif($t2[2]==3) $ccc="#00FF00";
echo "<tr>
<td style=\"background-color:".$ccc.";width:0.5%;\"></td>
<td style=\"background-color:#1F1F00; width:20%; color:white; border-bottom:dashed grey; border-width:1px;\">
<a class='ajax' value='1:".$t2[1]."'>[<span style=\"color:red\">X</span>]</a> ".date("Y/m/d H:i:s",$t2[4])."
</td>
<td style=\"color:white; font-family: 'Prociono', serif; border-bottom:dashed grey; border-width:1px; background-color:".$cc.";opacity:0.85;\">
<div id='".$t2[1]."' class=\"edit_area\">".str_replace("\\", "", $t2[3])."</div>
</td>
</tr>";
}
echo "</table></div></body>";
}