A simple yet efficient tagboard written in PHP with a MySQL back-end.

By : ipx

HTML for tagboard:
<iframe src='view.php' border='0' name='tagboard'></iframe><br>
<form action='post.php' method='post' target='tagboard'>
<input type='text' name='name' value='name'><br>
<input type='text' name='http' value='http://'><br>
<input type='text' name='msg' value='message'><br>
<input type='submit' value='Submit'> <input type='reset' value='Reset'>
</form>

--post.php--
<?php
#change localhost to the sql server, user to the correct username, and pass to the correct password
$con = mysql_connect("localhost","user","pass") or die("Unable to establish a connection to the database.");

#change database to the database name
$database = "database";
$db = mysql_select_db("$database") or die("Couldn't select database $database.");

#lets strip some chars and slashes
$name = stripslashes($name);
$name = htmlspecialchars($name);
$http = stripslashes($http);
$http = htmlspecialchars($http);
$msg = stripslashes($msg);
$msg = htmlspecialchars($msg);

$query = "INSERT INTO tagboard(name,http,msg)
VALUES('$name,$http,$msg')";

$result = mysql_query($query) or die("Data couldn't be entered into the database.");

echo "Click <a href='view.php'>here</a>.";
?>

--view.php--
<?php
#change localhost to the sql server, user to the correct username, and pass to the correct password
$con = mysql_connect("localhost","user","pass") or die("Unable to establish a connection to the database.");

#change database to the database name
$database = "database";
$db = mysql_select_db("$database") or die("Couldn't select database $database.");

$query = "SELECT id,name,http,msg FROM tagboard ORDER BY id DESC"; selects all the rows from the table tagboard and orders them in descending order

$result = mysql_query($query);
while ($rows = mysql_fetch_row($result))//a loop
{
echo "<a href='$row[http]' target='_blank'>$row[name]</a>: $row[msg]<br>";
}
?>

--admin.php--
<?php
/*$PHP_AUTH_USER != 'user' is the username setting & $PHP_AUTH=PW !='open' is the password setting*/

if ( ( !isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))
|| ( $PHP_AUTH_USER != 'user' ) || ( $PHP_AUTH_PW != 'open' ) ) {

//name of the realm or protected area.
header( 'WWW-Authenticate: Basic realm="Tagboard Administration"' );

header( 'HTTP/1.0 401 Unauthorized' );

/*when authorization fails*/
echo "Authorization Required.";
exit;

}
else {
/*Function used to connect to sql server and choose database*/
function connect(){
#change localhost to the sql server, user to the correct username, and pass to the correct password
$con = mysql_connect("localhost","user","pass") or die("Unable to establish a connection to the database.");

#change database to the database name
$database = "database";

$db = mysql_select_db("$database") or die("Couldn't select database $database.");
}
echo "Tagboard Administration <br> <a href='admin.php?action=view'>View messages
</a> <a href='admin.php?action=delall'>Delete all messages</a> <a href='admin.php?action=update'><br><br>";
if($action == "view"){
connect();
$query = "SELECT id,name,http,msg FROM tagboard ORDER BY id DESC";
$result = mysql_query($query);
while ($rows = mysql_fetch_row($result)){
echo "<a href='$row[http]' target='_blank'>$row[name]</a>: $row[msg] : <a href='admin.php?action=del&id=$row[id]'>Delete</a><br>";
}
}
if($action == "del"){
connect();
$query = "DELETE FROM tagboard WHERE id='$id'";
$result = mysql_query($query);
}
if($action == "delall"){
connect();
$query = "DELETE FROM tagboard";
$result = mysql_query($query);
}
if($action == "update"){
connect();
$query = "SELECT id,name,http,msg FROM tagboard ORDER BY id DESC";
$result = mysql_query($query);
while ($rows = mysql_fetch_row($result)){
echo "<a href='$row[http]' target='_blank'>$row[name]</a>: $row[msg] : ID#: $row[id]<br>";
}
echo "<br>
<form action='admin.php?action=update&go=yes' method='post'>
<input type='text' name='id' value='ID #'><br>
<input type='text' name='name' value='Name'><br>
<input type='text' name='http' value='http://'><br>
<textarea name='msg'>Message</textarea><br>
<input type='submit' value='Submit'> <input type='reset' value='Reset'>
</form>";
}
if($go == "yes"){
connect();
$id = stripslashes($id);
$id = htmlspecialchars($id);
$name = stripslashes($name);
$name = htmlspecialchars($name);
$http = stripslashes($http);
$http = htmlspecialchars($http);
$msg = stripslashes($msg);
$msg = htmlspecialchars($msg);

$query = "UPDATE tagbard WHERE id='$id' SET name='$name' http='$http' msg='$msg'";
$result = mysql_query($query);
echo "ID # $id has been edited successfully.";
}
}
?>

--sql syntax--
CREATE TABLE tagboard (id TINYINT (4) not null AUTO_INCREMENT, name VARCHAR (32), msg VARCHAR (50), http VARCHAR (32) , PRIMARY KEY (id))

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More Database Code Articles
More By Codewalkers

blog comments powered by Disqus