My custom built books manager

Coding Critique is the place to post source code for peer review by other members of DevNetwork. Any kind of code can be posted. Code posted does not have to be limited to PHP. All members are invited to contribute constructive criticism with the goal of improving the code. Posted code should include some background information about it and what areas you specifically would like help with.

Popular code excerpts may be moved to "Code Snippets" by the moderators.

Moderator: General Moderators

Post Reply
matthewcl375
Forum Newbie
Posts: 8
Joined: Wed Jul 30, 2008 1:35 pm

My custom built books manager

Post by matthewcl375 »

NOTE: I custom built this app for MY own use and not to be distributed to others - the source code reflects this:

As many of the processor scripts in my app look the same, i am just posting one script - the book adding script - up here for criticism and checking.

form_processor.php

Code: Select all

<?php
 
include 'config.php';
 
$id = $_POST['id'];
$location = $_POST['location'];
$title = $_POST['title'];
$author = $_POST['author'];
$subject = $_POST['subject'];
$isbn = $_POST['isbn'];
 
//open database connection
$connection = mysql_connect($host, $user, $pass) or die ('Unable to connect!');
 
//select database
mysql_select_db($database) or die ('Unable to select database!');
 
//generate and execute query
$query = "INSERT INTO `library`.`books` (`ID`, `Location`, `Title`, `Author`, `Subject`, `ISBN`) VALUES ('$id', '$location', '$title', '$author', '$subject', '$isbn')";
 
$result = mysql_query($query) or die ('Error in query: ' . $query);
 
//print result
echo 'New record added succesfully!';
echo '<br>';
echo "<a href='test1.php'>Return >></a>";
 
//close database connection
mysql_close($connection);
 
?>
Thanks for any (constructive) criticism and reviewing!
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: My custom built books manager

Post by Christopher »

matthewcl375 wrote:NOTE: I custom built this app for MY own use and not to be distributed to others - the source code reflects this:
I don't see the source code having any license or restrictions with it. If the code you posted above cannot be used by others, then it would probably be better to remove it from this site. We do not delete old posts, so that code will be available for many years.
(#10850)
matthewcl375
Forum Newbie
Posts: 8
Joined: Wed Jul 30, 2008 1:35 pm

Re: My custom built books manager

Post by matthewcl375 »

The code above is allowed to be copied as it is only a part of my application. I will not be posting the whole code up on these forums.

I suppose i wrote that line a little wrongly. What i meant was that the APPLICATION was not to be distributed. I am not worried about whether this source code gets passed on or not.

Thanks for alerting me to this :wink:
User avatar
Greenconure
Forum Commoner
Posts: 30
Joined: Mon Jun 16, 2008 8:19 am

Re: My custom built books manager

Post by Greenconure »

I would probably change your query statement to the below snippet or something similar.
I would also add some verification of some sort (Only numbers for the ID/ISBN, Etc, etc)

Code: Select all

 
$query = sprintf("INSERT INTO `library`.`books` (`ID`, `Location`, `Title`, `Author`, `Subject`, `ISBN`) VALUES ('%s', '%s', '%s', '%s', '%s', '%s')",
mysql_real_escape_string($id),
mysql_real_escape_string($location),
mysql_real_escape_string($title),
mysql_real_escape_string($author)
mysql_real_escape_string($subject)
mysql_real_escape_string($isbn));
 
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: My custom built books manager

Post by onion2k »

If I was writing something to manage books I think I'd just get the user to enter the ISBN number (or better yet, buy a cheap barcode scanner and scan it) and then I'd use a web service like isbndb.com or Amazon to fetch the details from the net. Much easier for the user.

For example, the ISBNDB API - http://isbndb.com/docs/api/
Post Reply