PHP Logged In As:

:( Can't find it

EDIT: OOOOOOO, is it this bit?

Code: 
<?php
session_start();
if(!$_SESSION['username']) {
       //not logged in. redirect to login page
       header("Location: hotel-login.php");
       exit;
}

$address = "localhost";
$username = "dsf";
$password = "sdf";
$database = "sdf";

mysql_connect($address,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

if (isset($_POST['submit'])) {
	$hotel_name = mysql_real_escape_string($_POST['hotel_name']);
	$contact = mysql_real_escape_string($_POST['contact_name']);
	$telephone = mysql_real_escape_string($_POST['telephone']);
	$do = mysql_real_escape_string($_POST['do']);
	$have = mysql_real_escape_string($_POST['have']);
	
	$query = "SELECT `hotel_name` FROM `survey` WHERE `hotel_name` = '$hotel_name'";
	$result = mysql_query($query);
	if (mysql_num_rows($result) == 1) {
		$message = 'That hotel name is already in the database. Please use another.';
	} else {
		mysql_query("INSERT INTO `survey` (hotel_name, contact, telephone, do, have) VALUES 

('$hotel_name','$contact','$telephone','$do','$have')");
		$message = "Thank you! Your survey is now complete and the information has been submitted";
	}
	mysql_close();
?>

the { is open, but doesnt seem to close again in the line:

if (isset($_POST['submit'])) {

Double Edit: YES Get in!!!!!!!!
 
Last edited:
When using PHP to print dynamic content, try to limit the echo to the variable only, and avoid echoing the HTML itself.

i.e. don't do this:
Code: 
<?php 
echo "<p>You are logged in as: <strong>$userName</strong></p>";
echo "<table>";
foreach ($values as $value)
{
  echo "<tr><td>$value->getXyz()</td></tr>";
}
echo "</table>"; 
?>

do this:
Code: 
<p>You are logged in as: <strong><?php echo $userName ?></strong></p>
<table>
<?php foreach ($values as $value): ?>
<tr><td><?php echo $value->getXyz() ?></td></tr>
<?php endforeach; ?>
</table>

There are a couple of reasons for this -
  • It's more readable, especially to non-php bods
  • Your editors html syntax highlighting will still work
  • PHP doesn't have to parse strings to see if there's a hidden variable it needs to replace
 
Ok, thanks

Back to what marc2003 was explaining:

I have a load of questions where the answers are either 'Yes' or 'No' which should be displayed in a drop down box.

I define the variables in php as:

<?php
$Yes = "Yes";
$No = "No";
?>

How do I implement that in to the HTML form?
 
Code: 
<?php $answers = array('yes' => 'yes', 'no' => 'no'); ?>

<select name="answer">
<?php foreach ($answers as $value => $display): ?>
  <option value="<?php echo $value ?>"><?php echo $display ?></option>
<?php endforeach; ?>
</select>

Something like that should work.
 
stick it inside a function then you can use multiple times....

Code: 
$choices= array('Yes', 'No');

//sorry lazymanc, completed ignored your advice about echoing html. 
//i use single quotes though so php won't parse it. 
function selectbox($name, $options, $selected = null) {
	echo '<select name="'.$name.'">';
	foreach($options as $value) {
		echo '<option value="'.$value.'"';
			if($selected == $value) echo ' selected="selected"';
		}
		echo '>'.$value.'</option>';
	}
	echo '</select>';
}

//now we can call the function by passing it 3 parameters
//first is the name of our select
//2nd is our array ($choices)
//3rd is the selected ($_POST value if there is one)

<form name="form" method="post" action="">
<label>question 1</label><?php selectbox('question_1', $choices, $_POST['question_1']); ?>
<label>question 2</label><?php selectbox('question_2', $choices, $_POST['question_2']); ?>
</form>
 
Last edited:
If you're building a helper function like that then it's not so much an issue.

However, i'd probably build a HTML string and return it from the function rather than echoing in the function itself, and then call it with <?php echo functionName() ?>
 
LazyManc said:
If you're building a helper function like that then it's not so much an issue.

However, i'd probably build a HTML string and return it from the function rather than echoing in the function itself, and then call it with <?php echo functionName() ?>
Click to expand...

see i have no idea about best practices when it comes to outputting html with php (i'm still a noob myself). anywhere you can point to me towards so i can readup about this. :o

so instead, you'd do it like this?

Code: 
function selectbox($name, $options, $selected = null) {
	$string = '<select name="'.$name.'">';
	foreach($options as $value) {
		$string .= '<option value="'.$value.'"';
			if($selected == $value) $string .= ' selected="selected"';
		}
		$string .= '>'.$value.'</option>';
	}
	$string .= '</select>';
        return $string;
}

<form name="form" method="post" action="">
<label>question 1</label><?php echo selectbox('question_1', $choices, $_POST['question_1']); ?>
</form>
 
It's generally just stuff I've picked up from working with various frameworks, particularly Symfony. The guys who build them are usually very smart, and once you've seen a particular way of doing things a few times you start to understand the benefits and copy them.

The Zend Framework PHP Coding Standards is as good a place as any to start I guess.
 
thanks for that. :)

but four spaces for indentation instead of using the tab key? 80 characters per line. oh dear. back to the drawing board for me. :p
 
marc2003 said:
thanks for that. :)

but four spaces for indentation instead of using the tab key? 80 characters per line. oh dear. back to the drawing board for me. :p
Click to expand...

Ah, I wouldn't take it as gospel, it's generally just guidelines. I'm a tab man myself, but it's a contentious issue, even on this forum ;)

Just pick and choose whatever suits your working style and makes sense to you.
 
LazyManc said:
When using PHP to print dynamic content, try to limit the echo to the variable only, and avoid echoing the HTML itself.

i.e. don't do this:
Code: 
<?php 
echo "<p>You are logged in as: <strong>$userName</strong></p>";
echo "<table>";
foreach ($values as $value)
{
  echo "<tr><td>$value->getXyz()</td></tr>";
}
echo "</table>"; 
?>

do this:
Code: 
<p>You are logged in as: <strong><?php echo $userName ?></strong></p>
<table>
<?php foreach ($values as $value): ?>
<tr><td><?php echo $value->getXyz() ?></td></tr>
<?php endforeach; ?>
</table>

There are a couple of reasons for this -
  • It's more readable, especially to non-php bods
  • Your editors html syntax highlighting will still work
  • PHP doesn't have to parse strings to see if there's a hidden variable it needs to replace
Click to expand...

I think it's a personal preference thing. I can't stand the way you've recommended to do it - I much prefer using printf() if I have to inject variables into strings:

Code: 
printf('<html><head><title>%s</title></head></html>',$PageTitle);

I agree about the syntax highlighting thing, but you get used to that after a while!
 
Sic said:
I think it's a personal preference thing. I can't stand the way you've recommended to do it - I much prefer using printf() if I have to inject variables into strings:

Code: 
printf('<html><head><title>%s</title></head></html>',$PageTitle);

I agree about the syntax highlighting thing, but you get used to that after a while!
Click to expand...

I think it also depends on your environment - if you're the only person who's going to have to edit the code then it makes little if any difference.

If on the other hand you have a designer(s) also working on the same templates, then it makes their job easier if they don't have to worry about breaking anything by putting a quotation mark in the wrong place.
 
ok you guys have posted some simple examples of what you would do. but what if you have loads of variables you want to output in 1 row - like this? :p


Code: 
while($row = mysql_fetch_assoc($result)) {
        .....
        echo '<tr><td>'.$x.'</td><td><a href="'.$compare.'">'.$score.'</a></td><td>'.$user.'</td><td style="color: '.$cpu_colour.'">'.$cpu.'</td><td style="color: '.$gpu_colour.'">'.$gpu.'</td></tr>'.$n;
}

what would you do with that? :)
 
marc2003 said:
ok you guys have posted some simple examples of what you would do. but what if you have loads of variables you want to output in 1 row - like this? :p


Code: 
while($row = mysql_fetch_assoc($result)) {
        .....
        echo '<tr><td>'.$x.'</td><td><a href="'.$compare.'">'.$score.'</a></td><td>'.$user.'</td><td style="color: '.$cpu_colour.'">'.$cpu.'</td><td style="color: '.$gpu_colour.'">'.$gpu.'</td></tr>'.$n;
}

what would you do with that? :)
Click to expand...

Code: 
<?php while($row = mysql_fetch_assoc($result)): ?>
<tr>
  <td><?php echo $x ?></td>
  <td><?php echo link_to($score, $compare) ?></td>
  <td><?php echo $user ?></td>
  <td style="color:<?php echo $cpu_color ?>"><?php echo $cpu ?></td>
  <td style="color:<?php echo $gpu_color ?>"><?php echo $gpu ?></td>
</tr>
<?php endwhile; ?>

I've cheated a bit by using a Symfony style link helper but you get the idea. I'd also probably avoid using inline styling and just apply a class="cpu" / class="gpu" to the td and set the colour in a seperate css file.

Also, if you're using a framework, you'd probably never use mysql_fetch_assoc in the same file as html, you'd just pass an array of widgets to the template and loop through them.
 
Last edited:
hehe, i think templates/framworks are a little beyond me at the moment. i'm only dabbling. :p

thanks for the replies though. definitely something for me to look into. :)
 
If you don't fancy going the whole hog with a full framework, consider looking at a templating engine like smarty.

Smarty version:
Code: 
{foreach from=$rows item="row"}
<tr>
  <td>{$x}</td>
  <td><a href="{$compare}">{$score}</a></td>
  <td>{$user}</td>
  <td style="color:{$cpu_color}">{$cpu}</td>
  <td style="color:{$gpu_color}">{$gpu}</td>
</tr>
{/foreach}
 
If you're working with "non-PHP bods" you should make life far easier for both you and them by using Smarty or some fully-fledged MVC framework.
 
You must log in or register to reply here.
Back
Top Bottom