When user clicks on "add_new_story" button (or any other names such as , new topic , new post) , he is directed to "newtopic.php" page , this page is a form that user can enter his post in it , ( a hidden variable is also sent to this page to inform it that the user is directed from which forum ), as you can see in the image below the new-topic page contains : a drop-off menu to choose the post issue (field) , a text field for Title , a text field for post body , a verification code field and a submit button.
Put the following codes in "newtopic.php" file .
code:
<?php
include "auth.inc"; // we check that if user has loged in or not
include ("funcs.php"); // the functions look like : connect (to connect to the database) and creatcode (for verification text) can be put in a file and then we include that file wherever it is required.
?>
<a href="logout.php">log out</a>
<br>
// the following html codes show a menu-bar on the page . they have been created by Frontpage . You can omit them.
<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>new story </title>
</head>
<body bgcolor="#99FF66" >
<table border="0" cellpadding="0" cellspacing="0" width="1055" height="625">
<!-- MSTableType="layout" -->
<tr>
<td valign="top" colspan="3" height="148">
<!-- MSCellType="ContentHead" -->
<p align="center">
<br>
<!--webbot bot="Navigation" S-Type="sequence" S-Orientation="horizontal" S-Rendering="graphics" S-Theme="poetic 0000" B-Include-Home="FALSE" B-Include-Up="FALSE" U-Page="sid:1001" --><a href="index.php"><img src="_derived/index.php_cmp_poetic000_hbtn.gif" width="154" height="37" border="0" alt="index.php" align="middle"></a> <a href="about.php"><img src="_derived/about.php_cmp_poetic000_hbtn.gif" width="154" height="37" border="0" alt="about.php" align="middle"></a> <a href="search.php"><img src="_derived/search.php_cmp_poetic000_hbtn.gif" width="154" height="37" border="0" alt="search.php" align="middle"></a><!--webbot bot="Navigation" i-checksum="38819" endspan --><br>
</p>
<p><font size="6"><b>new story </b></font></td>
</tr>
<tr>
<td valign="top" width="161">
<!-- MSCellType="NavBody" -->
</td>
<td valign="top" width="747">
<!-- MSCellType="ContentBody" -->
<p align="justify"><b><font size="4">
<?php
// when the user clicks on the submit button (on the page) , the form information is sent to an other php page to process , for example "topic_preview.php" , there , base on the entered data two sessions ($_SESSION["sec_code_err_2"] , $_SESSION["fill_all_of_fields"] ) are used to inform incorrect entered code or format.
// if the security code is entered incorrect $_SESSION["sec_code_err_2"] is set to 1 and the browser is redirected to "newtopic.php" again.
// if one of the text fields is empty, $_SESSION["fill_all_of_fields"] is set to 1 and the browser is redirected to "newtopic.php" again.
if($_SESSION["sec_code_err_2"] == 1){
echo "please enter the code correctly";
$_SESSION["sec_code_err_2"] = 0;
}
if($_SESSION["fill_all_of_fields"] == 1){
echo "please fill all of the fields";
$_SESSION["fill_all_of_fields"] = 0;
}
create_code(); // please see "the verification code post" on the weblog
?>
<br>
PLease enter title contains only numbers, Capital and Small letters and space
<br>
<br>
// this form information is sent to an other php page to process , for example "topic_preview.php"
<FORM ACTION="topic_preview.php" METHOD=POST>
<?php
// A drop-off menu to assign the post field , the default value has been sent from the forum page ("showforum.php") by a hidden variable to inform the forum issue.
$options = array("satire" => "SATIRE","drama" => "DRAMA","tragic" => "TRAGIC"
,"joke" => "JOKE","others" => "OTHERS");
$default= $_POST["originforum"];
$html = generate_menu("field",$options,$default);
echo $html;
?>
<BR>
<BR>
Title:
<INPUT TYPE="TEXT" NAME="title" SIZE="100" >
<BR>
<BR>
post body:
<BR>
<textarea name="body" ROWS=40 COLS=100 ></textarea>
<BR>
<BR>
<BR>
<INPUT TYPE="TEXT" NAME="SecCode2" SIZE="30" >
<BR>
<img src="security_image.php">
<BR>
<BR>
<BR>
<INPUT TYPE="SUBMIT" NAME="BUTTON2" VALUE="new_topic">
</FORM>
</td>
<td valign="top" height="427" width="147">
<!-- MSCellType="NavBody2" -->
</td>
</tr>
<tr>
<td valign="top" colspan="3" height="50">
<!-- MSCellType="ContentFoot" -->
</td>
</tr>
</table>
</body>
</html>
<p>
<br>
</p>
<html dir="ltr">
when the user clicks on the submit button (on the page) , the form information is sent to an other php page to process , for example "topic_preview.php" , there the enteries are processed and if there is any problem such as , wrong verification code , empty text field and wrong format for enteries , the user is redirected to "newtopic.php" to correct his enteries and the appropriate message is shown related to the problem . If there isn't any problem then the enteries will be recorded in the database and the browser will be directed to the forum that the user had begun from it (the forum that the user wanted to submit a new post to it).
In the following you can see the codes of "topic_preview.php" page :
code:
<?php
include "auth.inc";
include "funcs.php";
session_start();
// some processes over security code .
$UserSecCode = strtolower($_POST["SecCode2"]);
$SysSecCopde = strtolower($_SESSION["SecImageStr"]);
if($UserSecCode != $SysSecCopde){
// check if the security code has been entered correctly
$_SESSION["sec_code_err_2"] = 1;
header("Location: newtopic.php");
exit;
}
if( (($_POST["title"])=="") or (($_POST["body"])=="") )
// check if there is any of the text fields empty
{
$_SESSION["fill_all_of_fields"] = 1;
header("Location: newtopic.php");
exit;
}else{
// deactivate the error sessions because now there is no problem
$_SESSION["sec_code_err_2"] = 0;
$_SESSION["fill_all_of_fields"] = 0;
// the author's username of the post is one of the things that should be recorded to the database:
$user = $_SESSION["auth_usr"];
// some prosses over the entered title
$title = $_POST["title"];
$user = trim($user); // trim omits "space" characters from two sides of a text
$title = trim($title);
$user = htmlspecialchars($user); // change html characters in to regular text , this is an anti-hack process
$title = htmlspecialchars($title);
if(ereg("[^a-zA-z0-9\ ]",$title))
{
// here we chek the title format that it should contain only numbers and letters , I haven't defined any session for it to show a message , you can do it by yourselves. Anyway , the user is redirected to "newtopic.php" if the format isn't correct.
header("Location: newtopic.php");
exit;
}
// omit the dangerous characters from the enteries , these are far too much process on the data , I just wanted to show you a bunch of these processes.
$user = str_replace("'", "", $user);
$title = str_replace("'", "", $title);
$user = str_replace("\\", "", $user);
$title = str_replace("\\", "", $title);
$post_folder = ($user . $title .md5(rand(0,9999))); // this line is not needed , in the previous version of my codes , I wanted to work with files , but i have changed my codes and this guy has remained from then.
// the post body should be recorded in to the database.
$data = $_POST["body"];
// post field (the entery from the drop-off menu) shows that the post belongs to which forum.
$path = $_POST['field'];
connect_2();
// the date is an other thing that should be recorded in to the database.
$Today = date("Ymd");
// This is the most important thing : For each new post we produce a "$link" variable , this variable is unique for each post it is a combination of the date ($Today) , author name ($user) , the post title ($title) and a random created string( md5(rand(0,9999)) ). This link ($link) is recoreded in to the database and it's also used in the hyperlink to the post on the forum.
$link = ($Today . $user . $title .md5(rand(0,9999)));
// the post information are recorded to the database , the following query is used to record . the variable "numreply" (that is zero by default) , shows the number of replies that is submitted to the post.
$sql = "INSERT INTO topics (author,field,date,title,foldername,link,numreply,text) VALUES ('$user','$path','$Today','$title','$post_folder','$link','0','$data')";
mysql_query($sql);
// After the post was recorded to the database , it's time to direct the user to the forum. we direct the user to "showforum.php" and we also send the variable "link" , to inform the field of the forum to be shown.
$dd = "showforum.php?link=". $_POST['field'];
header("Location: $dd");
exit;
}
?>
As I told in the comments of the codes , For each new post we produce a "$link" variable , this variable is unique for each post , it is a combination of the date ($Today) , author name ($user) , the post title ($title) and a random created string( md5(rand(0,9999)) ). This link ($link) is recoreded in to the database and it's also used in the hyperlink to the post on the forum.
Now to produce a hyperlink to a certain post , we can use the following codes. (these codes are belong to "showforum.php" ) . you can see :
http://webprogram4beginners.blogspot.com/2011/04/how-to-show-posts-inside-of-forum.html
Codes:
connect();
$sql = "SELECT * FROM topics WHERE field='$forumlink' "; // we extarct the post under a certain forum issue (field)
$SearchResult = mysql_query($sql);
$TotalResults = mysql_num_rows($SearchResult);
$TextTitle = mysql_result($SearchResult, $i, 3); // for all search results we put the post title in "$TextTitle" .($i is a counter , it means the i-th result)
$Textauthor = mysql_result($SearchResult, $i, 0); // for all search results we put the post author in "$Textauthor" .
$Textlink = mysql_result($SearchResult, $i, 5); // for all search results we put the post link (the variable we discussed about in the above) in "$Textlink".
echo "<a href=\"showtopic.php?Textlink=" .$Textlink. " \">" . $TextTitle . "</a>"; // now we produce a hyperlink that the "link" (Textlink) is its variable. The page "showtopic.php" will show the appropriate post base on the variable.
You may need to read the following posts to understand the current post better :
http://webprogram4beginners.blogspot.com/2011/04/how-to-make-drop-off-menu.html
http://webprogram4beginners.blogspot.com/2011/02/how-to-make-verification-text-field.html
http://webprogram4beginners.blogspot.com/2011/02/php-orders-to-work-with-database-and.html
http://webprogram4beginners.blogspot.com/2011/02/how-to-add-variable-to-url-adress.html
No comments:
Post a Comment