class Form_testDB_computers { var $TEXTAREA_ROWS=6; var $TEXTAREA_COLS=40; var $renderStyle=array( 'computerID'=>'input','make'=>'input','model'=>'input','c_usage'=>'textarea','price'=>'input', 'short_description'=>'input','long_description'=>'textarea','image'=>'input'); var $labels=array( 'computerID'=>'computerID','make'=>'make','model'=>'model', 'c_usage'=>'usage','price'=>'price','short_description'=>'short_description', 'long_description'=>'long_description','image'=>'image');
function generateForm ( $source="",$var2Keep='' ) { $fields = array_keys($this->renderStyle); if ( $source == 'request' || $source == 'input' || $source =='form' ) { foreach ( $fields as $n=>$f) $$f=$_REQUEST[$f]; } else if ( !empty($source) ) { //$source should be a mySQL string $query = mysql_query($source); $data = mysql_fetch_array($query);
//Begin conversion from DB row to our form variables foreach ( $fields as $n=>$f) $$f=$data[$f]; }
echo "
"; }
function verifyForm () { foreach ( $this->renderStyle as $f=>$r) if ( empty($_REQUEST[$f]) ) return false; //At least one empty element
return true; }
function getSQL_setClause () { $c=0; $ret=""; foreach ($this->renderStyle as $f=>$r) { if ( $c++ > 0 ) $ret .= ","; $ret .= "$f='$_REQUEST[$f]'"; } return $ret; }
function getSQL_updateRow ( $whereClause) { $sql = "update computers set " .$this->getSQL_setClause() . " where $whereClause"; return $sql; }
function getSQL_insertRow () { $sql = "insert into computers set " . $this->getSQL_setClause(); return $sql; }
} //End Class
function showMainMenu () { global $form;
if ( isset($_REQUEST['compID']) ) { ob_start(); $compID = $_REQUEST['compID']; if ( $_SESSION['loggedIn'] ) { if ( isset($_REQUEST['submitted']) ) { if ( $form->verifyForm() ) { $sql = $form->getSQL_updateRow('computerId='.$compID); if ( mysql_query($sql) ) echo "Computer info updated"; } else $form->generateForm('form','compID'); } else $form->generateForm("select * from computers where computerId=$compID",'compID'); } else { echo "Please log-in first to edit data"; } $printLater = ob_get_contents(); ob_end_clean();
$info = mysql_fetch_array(mysql_query("select * from computers where computerId=$_REQUEST[compID]")); echo "
$info[short_description]
".nl2br($info[long_description])."Usage: $info[c_usage] Price: $info[price] Make: $info[make] Model: $info[model]"; echo $printLater; } else { //Show all available computers $sql = mysql_query("select * from computers order by computerID desc"); while ( $row = mysql_fetch_array($sql) ) { echo "$row[short_description] "; } echo "Insert new computer";
if ( !$_SESSION['loggedIn'] ) { echo "Log-in"; } else echo "Logged in as admin"; } }
$form = new Form_testDB_computers();
//print_r($_REQUEST);
if ($_REQUEST['process'] == 'insert' ) { if ( isset($_REQUEST['submitted']) ) { if ( $form->verifyForm() ) { $sql = $form->getSQL_insertRow(); if ( mysql_query($sql) ) { echo "Computer info added"; showMainMenu(); } else { echo "Can't do $sql" . ", " . mysql_error(); $form->generateForm('form','process'); } } else $form->generateForm('form','process'); } else $form->generateForm('','process'); } else if ( $_REQUEST['process'] == 'login' ) { if ( isset($_REQUEST['username']) ) { if ( $_REQUEST['username'] == $ADMIN_USERNAME && $_REQUEST['password'] == $ADMIN_PASSWORD ) { $_SESSION['loggedIn']=true; showMainMenu(); die(); } else echo "Log-in failed"; }
echo ""; } else { showMainMenu(); }
?>
By : webhappy
<?php /* CRITICAL NOTE!!! We MUST be guaranteed table structure does NOT change while we are using this script It can change after we have generated our PHP code, but not while we are between steps B and C, in particular */
/* Generate form code A: DB name, table name B: List table columns -> checkbox, if to apply; possibly radio if different forms: if integer, only textbox; if varchar: textbox; blob/text: textbox or textarea C: Process choices->generate PHP: Produce function generateForm($source="","request","db") Produce function insertIntoDB; //grab data from _REQUEST */
if ( !isset($db) || !isset($table) ) { echo "<form action=$PHP_SELF>"; echo "DB: <input name=db><br> Table: <input name=table><br> <input type=submit value=Go></form>"; } else { if ( $ready ) { // print_r($_POST); ob_start(); echo '<?PHP class Form_'.$db.'_'.$table.' { var $TEXTAREA_ROWS=6; var $TEXTAREA_COLS=40; '; $fields = mysql_list_fields($db,$table); echo 'var $renderStyle=array('; $n=0; for ( $i=0; $i < mysql_num_fields($fields); $i++ ) { if ( isset($_REQUEST["enable$i"]) ) { echo ($n++==0?'':',').($n % 5 ==1?' ':'')."'".mysql_field_name($fields,$i).'\'=>'."'".$_POST["represent$i"]."'"; } } echo '); ';//close the array()
echo ' function generateForm ( $source="" ) { $fields = array_keys($this->renderStyle); if ( $source == \'request\' || $source == \'input\' || $source ==\'form\' ) { foreach ( $fields as $n=>$f) $$f=$_REQUEST[$f]; } else if ( !empty($source) ) { //$source should be a mySQL string $query = mysql_query($source); $data = mysql_fetch_array($query);
//Begin conversion from DB row to our form variables foreach ( $fields as $n=>$f) $$f=$data[$f]; }
echo "<table><form action=$_SERVER[PHP_SELF] method=post>"; echo "<input type=hidden name=submitted value=true> <input type=hidden name=process value=$_REQUEST[process]>"; //Time to render the form itself, now that we have the variables; foreach ( $fields as $n=>$f ) { echo "<tr><td>".$this->labels[$f]."</td><td>"; switch($this->renderStyle[$f]) { case \'textarea\': echo "<textarea name=$f rows=TEXTAREA_ROWS cols=TEXTAREA_COLS>".$$f."</textarea>"; break;
function ob_pre ( $buffer ) { return "<pre>".$buffer."</pre>"; }
?>
DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.
/ 3 