Creating a News System with PHP - Part 2 - The Final Product

(Page 5 of 5 )

That's it! Now we have edit and delete functionality to our little news system. I would like to remind everyone, however, that this is all meant to just be an exercise in PHP. There are many other concerns to worry about when making a real live news system such as concurrent use, other strange characters that can get in the mix, and millions of other things. You CAN use this for a live news system, but this should really be taken as a learning lesson. OK, on to the final code for our new administrative script.

<? if($action == "edit" && isset($HTTP_POST_VARS['password'])) {     //obviously you should change this password on the next line     if($HTTP_POST_VARS['password'] == "editpass") {         //First let's recompile that line with the pipe symbols so we can reinsert it         $line = $HTTP_POST_VARS['date'] . "|" . $HTTP_POST_VARS['name'];         $line .= "|" . $HTTP_POST_VARS['news'];         $line = str_replace("\r\n","<BR>",$line);         $line .= "\r\n";         $data = file('news.txt');         $data[$id] = $line;         //the next line makes sure the $data array starts at the beginning         reset($data);         //now we open the file with mode 'w' which truncates the file         $fp = fopen('news.txt','w');         foreach($data as $element) {             fwrite($fp, $element);         }         fclose($fp);         echo "Item Edited!<BR><BR>\n";         echo "<a href=\"$PHP_SELF\">Go Back</a>\n";         exit;     } else {         echo "Bad password!\n";         exit;     } } if($action == "edit") {     $data = file('news.txt');     $element = trim($data[$id]);     $pieces = explode("|", $element);     //the next line is to reverse the process of turning the end of lines into breaking returns     $news = str_replace("<BR>","\r\n",$pieces[2]);     echo "Make the changes you would like and press save.<BR>\n";     echo "<FORM ACTION=\"$PHP_SELF?action=edit\" METHOD=\"POST\" NAME=\"editform\">\n";     echo "Name:<BR>\n";     echo "<INPUT TYPE=\"text\" SIZE=\"30\" NAME=\"name\" value=\"".$pieces[1]."\"><BR>\n";     echo "The News:<BR>\n";     echo "<TEXTAREA NAME=\"news\" COLS=\"40\" ROWS=\"5\">".$news."</TEXTAREA><BR><BR>\n";     echo "Password:<BR>\n";     echo "<INPUT TYPE=\"password\" SIZE=\"30\" NAME=\"password\"><BR>\n";     echo "<INPUT TYPE=\"hidden\" NAME=\"date\" VALUE=\"".$pieces[0]."\">\n";     echo "<INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";     echo "<INPUT TYPE=\"submit\" NAME=\"submit\" VALUE=\"Save\"><BR>\n";     echo "</FORM>\n";     exit; } if($action == "delete" && isset($HTTP_POST_VARS['password'])) {     //obviously you should change this password on the next line     if($HTTP_POST_VARS['password'] == "deletepass") {         $data = file('news.txt');         //this next line will remove the single news item from the array         array_splice($data,$id,1);         //now we open the file with mode 'w' which truncates the file         $fp = fopen('news.txt','w');         foreach($data as $element) {             fwrite($fp, $element);         }         fclose($fp);             echo "Item deleted!<BR><BR>\n";             echo "<a href=\"$PHP_SELF\">Go Back</a>\n";         exit;     } else {         echo "Bad password!\n";         exit;     } } if($action == "delete") {     echo "<H2>You are about to delete the following news item.</H2>\n";     $data = file('news.txt');     $element = trim($data[$id]);     $pieces = explode("|", $element);     echo $pieces[2] . "<BR>" . "<b>Posted by " . $pieces[1] . " on " . $pieces[0] . "</b>\n";     echo "<BR><BR>\n";     echo "Are you sure you want to delete this news item? If so, enter the password and click on Delete.<BR>\n";     echo "<FORM ACTION=\"$PHP_SELF?action=delete\" METHOD=\"POST\" NAME=\"deleteform\">\n";     echo "Password:<BR>\n";     echo "<INPUT TYPE=\"password\" SIZE=\"30\" NAME=\"password\"><BR>\n";     echo "<INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";     echo "<INPUT TYPE=\"submit\" NAME=\"submit\" VALUE=\"Delete\"><BR>\n";     echo "</FORM>\n";     exit; } echo "<H1><u>Current News</u></H1>\n"; $data = file('news.txt'); //next line removed to make everything else easier in the admin script //$data = array_reverse($data); foreach($data as $key=>$element) {     $element = trim($element);     $pieces = explode("|", $element);     echo $pieces[2] . "<BR>" . "<b>Posted by " . $pieces[1] . " on " . $pieces[0] . "</b>\n";     echo " <a href=\"$PHP_SELF?action=delete&id=$key\">Delete</a>\n";     echo " <a href=\"$PHP_SELF?action=edit&id=$key\">Edit</a>\n";     echo "<BR><BR>\n"; } echo "<HR>\n"; echo "<H1><u>Add News</u></H1>\n"; if($HTTP_POST_VARS['submit']) {     if($HTTP_POST_VARS['password'] == 'pass') {         if(!$HTTP_POST_VARS['name']) {             echo "You must enter a name";             exit;         }         if(!$HTTP_POST_VARS['news']) {             echo "You must enter some news";             exit;         }         if(strstr($HTTP_POST_VARS['name'],"|")) {             echo "Name cannot contain the pipe symbol - |";             exit;         }         if(strstr($HTTP_POST_VARS['news'],"|")) {             echo "News cannot contain the pipe symbol - |";             exit;         }         $fp = fopen('news.txt','a');         if(!$fp) {             echo "Error opening file!";             exit;         }         $line = date("m.d.y") . "|" . $HTTP_POST_VARS['name'];         $line .= "|" . $HTTP_POST_VARS['news'];         $line = str_replace("\r\n","<BR>",$line);         $line .= "\r\n";         fwrite($fp, $line);         if(!fclose($fp)) {             echo "Error closing file!";             exit;         }         echo "<b>News added!</b>\n";         } else {         echo "Bad Password";     } } ?> <FORM ACTION="<?=$PHP_SELF?>" METHOD="POST" NAME="newsentry"> Your name:<BR> <INPUT TYPE="text" SIZE="30" NAME="name"><BR> The News:<BR> <TEXTAREA NAME="news" COLS="40" ROWS="5"></TEXTAREA><BR><BR> News Password:<BR> <INPUT TYPE="password" SIZE="30" NAME="password"><BR> <INPUT TYPE="submit" NAME="submit" VALUE="Post it!"><BR> </FORM>

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

Comments On: Creating a News System with PHP - Part 2

· need an html output to see exactly what is happening    · it is really annoying    · Just a note that the final product doesn't show up in the pdf, so if you print out...    · How would I make it post news from newest to oldest?    · Forget I ever posted that, I didn't read through the whole thing. It says it in the...    · I've gone through this tutorial and updated the HTTP_POST_VAR to $_POST and I can...    · I've been playing with the code and just can't seem to get it to work. I kept...   >>> Post your comment now!