Guestbook

jellyfish

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Add a Message</TITLE>
</HEAD>

<BODY BGCOLOR="white">

<H1>Add A Message</H1>

<!-- Let them know that they have to fill in all the blanks -->
<? if ($notall == 1) { ?>
<P><FONT COLOR="red">Please answer all fields</FONT></P>
<? } ?>

<!-- The bits of PHP in the form allow the data that was already input
     to be placed back in the form if it is filled out incompletely -->

<FORM METHOD="post" ACTION="guest.php">
<PRE>
Your Name:       <INPUT
                  TYPE="text"
                  NAME="name"
                  SIZE="20"
                  MAXLENGTH="50"
                  VALUE="<? echo $name; ?>">
Your Email:      <INPUT
                  TYPE="text"
                  NAME="email"
                  SIZE="20"
                  MAXLENGTH="50"
                  VALUE="<? echo $email; ?>">

Enter Message:
<TEXTAREA NAME="message" COLS="40" ROWS="8" WRAP="Virtual">
<? echo $message; ?>
</TEXTAREA>

<INPUT TYPE="submit" VALUE="Add">

</PRE>
</FORM>

<HR>

This is part of the code of a guestbook application which i gotten from Anthony Awtrey Consulting

but i dont understand the following lines of code VALUE="<? echo $name; ?>"> & VALUE="<? echo $email; ?>"> , would someone mind explaining the use of this codes?

Thx

tekky

its pretty straight forward

<? opens up telling the web server that the following information is PHP code

echo $somevariable; sends the value of $somevariable to the webbrowser thus displaying on the page (or in the HTML atleast)

?> tells the server "ok done with this block of PHP, back to your regularly scheduled HTML"

Mordecai

Originally posted by tekky
<? opens up telling the web server that the following information is PHP code

OT: actually, <? is just XML... I really wished that they hadn't ever put that in (it's almost as bad as that ugly <?= crap)... <?php is the wave of the future.

tekky

Originally posted by Mordecai
OT: actually, <? is just XML... I really wished that they hadn't ever put that in (it's almost as bad as that ugly <?= crap)... <?php is the wave of the future.

in this instance, and a lot of others <? is PHP tag shorthand

its possible XML uses it too, but in this case, its definately PHP

jellyfish

When i try out the code, the text box for Your Name & Your Email has the following value <? echo $name; ?> & <? echo $email; ?>.... isn't the text box suppose to be empty and wait for user to input the text?

tekky

Originally posted by jellyfish
When i try out the code, the text box for Your Name & Your Email has the following value <? echo $name; ?> & <? echo $email; ?>.... isn't the text box suppose to be empty and wait for user to input the text?

yeah... is the file name something.php or something.html? if its not PHP or you havent told apache to use php to parse HTML files, then it wont treat <? as php either, just plain HTML

jellyfish

Originally posted by tekky
yeah... is the file name something.php or something.html? if its not PHP or you havent told apache to use php to parse HTML files, then it wont treat <? as php either, just plain HTML

The file is guestbook.html . My other php files is working fine.
i included the whole code for easier checking

<?
/*
PHP Guestbook 1.1
Written by Tony Awtrey
Anthony Awtrey Consulting
See [url]http://www.awtrey.com/support/dbeweb/[/url] for more information

1.1 - Oct. 20, 1999 - changed the SQL statement that reads data
      back out of the database to reverse the order putting the
      newest entries at the top and limiting the total displayed
      by default to 20. Added the ability to get the complete list
      by appending the URL with '?complete=1'. Added the code and
      additional query to count and list the total number of entries
      and included a link to the complete list.
1.0 - Initial release

This is the SQL statement to create the database required for
this application.

CREATE TABLE guests (
  guest_id
    int(4)
    unsigned
    zerofill
    DEFAULT '0000'
    NOT NULL
    auto_increment,
  guest_name varchar(50),
  guest_email varchar(50),
  guest_time timestamp(14),
  guest_message text,
  PRIMARY KEY (guest_id)
);

*/

////////////////////////////////
// This checks to see if we need to add another guestbook entry.
////////////////////////////////
if (($REQUEST_METHOD=='POST')) {

////////////////////////////////
// This loop removed "dangerous" characters from the posted data
// and puts backslashes in front of characters that might cause
// problems in the database.
////////////////////////////////
  for(reset($HTTP_POST_VARS);
            $key=key($HTTP_POST_VARS);
            next($HTTP_POST_VARS)) {
    $this = addslashes($HTTP_POST_VARS[$key]);
    $this = strtr($this, ">", " ");
    $this = strtr($this, "<", " ");
    $this = strtr($this, "|", " ");
    $$key = $this;
  }
  ////////////////////////////////
  // This will catch if someone is trying to submit a blank
  // or incomplete form.
  ////////////////////////////////
  if ($name && $email && $message ) {

////////////////////////////////
// This is the meat of the query that updates the guests table
////////////////////////////////
$query = "INSERT INTO guests ";
$query .= "(guest_id, guest_name, ";
$query .= "guest_email, guest_time, guest_message) ";
$query .= "values(0000,'$name','$email',NULL,'$message')";
mysql_pconnect("host","user","password")
               or die("Unable to connect to SQL server");
mysql_select_db("dbasename") or die("Unable to select database");
mysql_query($query) or die("Insert Failed!");

  } else {

////////////////////////////////
// If they didn't include all the required fields set a variable
// and keep going.
////////////////////////////////
$notall = 1;

  }
}
?>
<!-- Start Page -->
<HTML>
<HEAD>
<TITLE>Add a Message</TITLE>
</HEAD>

<BODY BGCOLOR="white">

<H1>Add A Message</H1>

<!-- Let them know that they have to fill in all the blanks -->
<? if ($notall == 1) { ?>
<P><FONT COLOR="red">Please answer all fields</FONT></P>
<? } ?>

<!-- The bits of PHP in the form allow the data that was already input
     to be placed back in the form if it is filled out incompletely -->

<FORM METHOD="post" ACTION="guest.php">
<PRE>
Your Name:       <INPUT
                  TYPE="text"
                  NAME="name"
                  SIZE="20"
                  MAXLENGTH="50"
                  VALUE="<? echo $name; ?>">
Your Email:      <INPUT
                  TYPE="text"
                  NAME="email"
                  SIZE="20"
                  MAXLENGTH="50"
                  VALUE="<? echo $email; ?>">

Enter Message:
<TEXTAREA NAME="message" COLS="40" ROWS="8" WRAP="Virtual">
<? echo $message; ?>
</TEXTAREA>

<INPUT TYPE="submit" VALUE="Add">

</PRE>
</FORM>

<HR>

<?

////////////////////////////////
// This is where we connect to the database for reading.
////////////////////////////////
mysql_pconnect("host","user","password")
               or die("Unable to connect to SQL server");
mysql_select_db("dbasename") or die("Unable to select database");

////////////////////////////////
// This is where we count the number of entries.
////////////////////////////////
$query = "SELECT COUNT(*) FROM guests";
$numguests = mysql_query($query) or die("Select Failed!");
$numguest = mysql_fetch_array($numguests);

?>

<!--  This is where we report the total messages. -->
<P>
<A HREF="guest.php?complete=1"><? echo $numguest[0]; ?> people</A> have
left me a message.
</P>

<?

////////////////////////////////
// This is where we decide to get all the entries or just the last 20.
// This variable is set by just adding a '?complete=1' after the URL.
////////////////////////////////
if ($complete == 1) {
  $query = "SELECT * FROM guests ORDER BY guest_time DESC";
} else {
  $query = "SELECT * FROM guests ORDER BY guest_time DESC LIMIT 20";
}
$guests = mysql_query($query) or die("Select Failed!");

////////////////////////////////
// This will loop as long as there are records waiting to be processed.
// Notice the plain HTML inside the while loop structure. PHP is flexable
// enough to allow you to break into and out of the "code" at any point.
////////////////////////////////
while ($guest = mysql_fetch_array($guests)) {

?>
<TABLE BORDER="1" WIDTH="500">
<TR><TD>
Name: <? echo $guest['guest_name']; ?>
</TD><TD>
Email: <A HREF="mailto:<? echo $guest['guest_email']; ?>">
       <? echo $guest['guest_email']; ?></A>
</TD><TD>
<?

////////////////////////////////
// The database has a timestamp record type that we can use to show the
// date the guestbook was filled out.
////////////////////////////////
$datefromdb = $guest['guest_time'];
$year = substr($datefromdb,0,4);
$mon  = substr($datefromdb,4,2);
$day  = substr($datefromdb,6,2);
$hour = substr($datefromdb,8,2);
$min  = substr($datefromdb,10,2);
$sec  = substr($datefromdb,12,2);
$orgdate = date("l F dS, Y h:i A",mktime($hour,$min,$sec,$mon,$day,$year));
?>
Date: <? echo $orgdate; ?>
</TD></TR>
<TR><TD COLSPAN="3">
<? echo $guest['guest_message']; ?>
</TD></TR>
</TABLE>
<BR>

<? } ?>

</BODY>
</HTML>

tekky

you need it to be guestbook.php, it shoudl work if you rename it to guestbook.php

jellyfish

Originally posted by tekky
you need it to be guestbook.php, it shoudl work if you rename it to guestbook.php

weeee it works , but i find it strange that for some pages i named it with a .html but it works.... hehe thx for the help u and the others have given :p

The_Chancer

You could always instruct the web server to parse all files (HTML ones included) as PHP - and they would come out as requested....

jellyfish

Originally posted by The Chancer
You could always instruct the web server to parse all files (HTML ones included) as PHP - and they would come out as requested....

how do i do that?