Admin Section Question

[wistex]

I have an admin login system designed. Within the "protected" area where I would place a form for data insertion, I would like to place two or more forms for various areas within the web site. An example of what I mean is as follows:

Admin Section...

• Form A

• Form B

• Form C

About.php

• Data from Form A

Index.php

• Data from Form B

Service.php

• Data from Form C

I would like my client to log into on area and there locate three separate forms which would send data to their respected pages. Hopefully this makes sense. How would I set this up?

[jacek]

Have you tried anything yet ? Generally asking a question like this will not get a very good response unless you show what you have tried.

[wistex]

This is what I have so far. Would you mind taking a look?

post.php

<?php
$e = mysql_error();
mysql_connect ("localhost", "root", "") or die ($e);
mysql_select_db ("newsfeed") or die ($e);
 
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Post News and Events</title>
</head>

<body>

<?php 

	if (isset ($_POST["post"]) ) {
		
		$title	=	$_POST['title'];
		$body	=	$_POST['body'];
	
	if ($title&&$body)
		{
			$date = 	date("Y-m-d");
			$insert = mysql_query("INSERT INTO news VALUES ('','$title','$body','$date')") or die ($e);
			die("Your news has been posted.");
			
		}
		else 
			echo "Please fill out the title and body";
	}

?>

<div>

<form action="post.php" method="post">
    <div>
         <label for="name">Title:<br />
         </label>
      <input type="text" name="title" id="name" value="" tabindex="1" />
    </div>

	<div>
		<label for="textarea">Body:<br />
		</label>
	  <textarea cols="40" rows="8" name="body" id="textarea"></textarea>
	</div>

	<div>
      <input type="submit" name="post" value="Submit" />
    </div>
</form>


</div>


	<p>
	  <?php 
    
    if (isset ($_POST["post"]) )  {
    
		$venue			=	$_POST['venue'];
		$description	=	$_POST['description'];
		$other			=	$_POST['other'];
    
    if ($venue&&$description&&$other) {
    
        $insert = mysql_query("INSERT INTO events VALUES ('','$venue','$description','$other')") or die ($e);
        die("Your event has been posted.");
        
    }
    else 
        echo "Please fill out the venue, description and other";
    }
    
    ?>
</p>
	<p>  </p>
<div>
  <form action="post.php" method="post">
    <div>
         <label for="name">Venue:<br />
         </label>
      <input type="text" name="venue" id="name" value=""  />
    </div>

	<div>
		<label for="textarea">Description:<br />
		</label>
		<textarea cols="40" rows="8" name="description" id="textarea"></textarea>
	</div>
    
	<div>
		<label for="textarea">Other:<br />
		</label>
		<textarea cols="40" rows="8" name="other" id="textarea"></textarea>
	</div>    

	<div>
      <input type="submit" name="post" value="Submit" />
    </div>
</form>

</div>
</body>
</html>

news.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<?php 

$e = mysql_error();

mysql_connect ("localhost", "root", "") or die ($e);
mysql_select_db ("newsfeed") or die ($e);

$getnews = mysql_query("SELECT * FROM news ORDER BY id DESC") or die ($e);

while ($row = mysql_fetch_assoc($getnews)) {
	
	$id 	= 	$row['id'];
	$title 	= 	$row['title'];
	$body	= 	$row['body'];
	$date	=	$row['date'];
	
	echo "
	$title posted on $date<br />
	$body
	<hr />
	";
}

?>
</body>
</html>

events.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<?php 

$e = mysql_error();

mysql_connect ("localhost", "root", "") or die ($e);
mysql_select_db ("newsfeed") or die ($e);

$getnews = mysql_query("SELECT * FROM events") or die ($e);

while ($row = mysql_fetch_assoc($getnews)) {
	
	$id 	= 	$row['id'];
	$venue 	= 	$row['venue'];
	$desciption	= 	$row['description'];
	$other	=	$row['other'];
	
	echo "
	$venue<br />
	$desciption<br />
	$other
	<hr />
	";
}

?>
</body>
</html>

SQL

-- phpMyAdmin SQL Dump
-- version 3.3.9
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Oct 20, 2011 at 05:12 AM
-- Server version: 5.5.8
-- PHP Version: 5.3.5

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";

--
-- Database: `newsfeed`
--

-- --------------------------------------------------------

--
-- Table structure for table `events`
--

CREATE TABLE IF NOT EXISTS `events` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `venue` varchar(100) NOT NULL,
  `description` text NOT NULL,
  `other` text NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=6 ;

--
-- Dumping data for table `events`
--

INSERT INTO `events` (`id`, `venue`, `description`, `other`) VALUES
(1, 'dallas', '<p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Vestibulum tortor quam, feugiat vitae, ultricies eget, tempor sit amet, ante. Donec eu libero sit amet quam egestas semper. Aenean ultricies mi vitae est. Mauris placerat eleifend leo.</p>', 'Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.'),
(2, 'san diego', '<p>Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Vestibulum tortor quam, feugiat vitae, ultricies eget, tempor sit amet, ante. Donec eu libero sit amet quam egestas semper. Aenean ultricies mi vitae est. Mauris placerat eleifend leo.</p>', 'Aenean ultricies mi vitae est. Mauris placerat eleifend leo.'),
(3, 'tweet', 'tweeter', 'tweetiest'),
(4, 'tweet', 'tweeter', 'tweetiest'),
(5, 'tweet', 'tweeter', 'tweetiest');

-- --------------------------------------------------------

--
-- Table structure for table `news`
--

CREATE TABLE IF NOT EXISTS `news` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `title` varchar(100) NOT NULL,
  `body` text NOT NULL,
  `date` date NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;

--
-- Dumping data for table `news`
--

INSERT INTO `news` (`id`, `title`, `body`, `date`) VALUES
(1, 'blah', 'blah', '2011-10-18'),
(2, 'doink', 'doink', '2011-10-19'),
(3, 'test', 'test', '2011-10-20');

[jacek]

$e = mysql_error();
mysql_connect ("localhost", "root", "") or die ($e);
mysql_select_db ("newsfeed") or die ($e);

This makes no sense, mysql_error() is a function. It returns a value based on the last query. You have to actually use it after a query.

Other than that, it looks okay. What is wrong with that code ?

[tomek]

Hi
If I understand correctly.
wistex is going to send data from every single form separately.
The customer can fill in either one form or all together.
In my opinion code is all right but what I would suggest to change the name of submit button,
for instance :
form 1

<input type="submit" name="post1" value="submit">

form2

 <input type="submit" name="post2" value="submit">

and then checking, verifying which form has been post,
for instance:
--for form1

    if (isset($_POST["post1"])
    {  
    // code
    }

--for form2
     if (isset($_POST["post2"])
     {
     // code
     }

--etc if you have got more forms

Correct me please if I am wrong.

Anyway I would suggest to direct every single query to separate file e.g

header("Location: checkpost1.php")

and then redirect back to post.php with message such as "You data have been added".
I said that due to after submitting the form every single F5 or "refreshing the page" is going to add data into your database.