Pages and functions structure

Tom10

Hello,

im creating a CV website, where companies can add announcements about free work spaces and users can send motivational letters for companies. Moreover, companies can create section about them, users can write CV's.

im stuck in managing everything. This is how i work:
1. Create form for data entry.

form action="processCV.php" method="POST" name="createCV">
                            ASMENIN&#278; INFORMACIJA <br/>
                            Vardas:
                            <input type="text" name="name"> <br/> <br/>
                            Pavard&#279;:
                            <input type="text" name="surename"> <br/> <br/> 
                            Gimimo data: (xxxx-xx-xx):
                            <input type="text" name="birth_date"> <br/> <br/>
                            Telefono numeris: (+xxx-xxx-xx-xxx):
                            <input type="text" name="phone_number"> <br/> <br/>
                            Elektroninis paštas: 
                            <input type="text" name="email"> <br/> <br/>
                            Adresas:
                            <input type="text" name="address"> <br/> <br/>
                            Miestas:
                            <input type="text" name="city">  <br/> <br/>
                            DARBO PATIRTIS <br/>
                            Laikotarpis:
                             <input type="text" name="work_length"> <br/> <br/>
                            Pareigos:
                             <input type="text" name="postition"> <br/> <br/>
                            &#302;mon&#279;:
                             <input type="text" name="company"> <br/> <br/>


                        <input type="hidden" name="subaddcv" value="1">
                        <input type="submit" value="&#302;kelti" name="add_cv" />

                    </form>

2. Create process.php, which takes data from form.

<?php

include("include/session.php");

class CVProcess {
    /* Class constructor */

function CVProcess() {
     global $session, $database;
    /* User submitted login form */
    if (isset($_REQUEST['add_cv'])) {
        $this->procPersonalInfo();
        $this->procAddress();
    }
     if (isset($_REQUEST['edit_cv'])) {
        $this->editCVPersonalInfo(); 
        $this->editCVAddressInfo();

    }

    /**
     * Should not get here, which means user_name is viewing this page
     * by mistake and therefore is redirected.
     */ else {
        header("Location: index.php");
    }
}

//Transfer personal info from form to database
    function procPersonalInfo() {
        global $database, $session;
        $username = $_SESSION['username'];
        $name = $_POST['name'];
        $surename = $_POST['surename'];
        $birth_date = $_POST['birth_date'];
        $phone_number = $_POST['phone_number'];
        $email = $_POST['email'];
        $database->addPersonalInfo($username, $name, $surename, $birth_date, $phone_number, $email);
        header("Location: " . 'cvpreview.php');

}
//Transfer personal info from form to database
function procAddress() {
    global $database;
    $username = $_SESSION['username'];
    $address = $_POST['address'];
    $city = $_POST['city'];
    $database->addAddress($username, $address, $city);
}
}
/* Initialize process */
$cv_process = new CVProcess;
?>

3. From process.php, im sending data to database function in database.php.

/Add CV personal data
      function addPersonalInfo($username, $name, $surename, $birth_date, $phone_number, $email) {
        $q = "INSERT INTO " . TBL_CV_PERSONAL . " VALUES ('$username', '$name', '$surename', '$birth_date', '$phone_number', '$email')";
        return mysql_query($q, $this->connection);
      }
//Add CV address data  

      function addAddress($username, $address, $city) {
        $q = "INSERT INTO " . TBL_CV_ADDRESS . " VALUES ('$username', '$address', '$city')";
        return mysql_query($q, $this->connection);
      }

Moreover, this is just for CV creation. Preview and edit are new files like cvPreview.php and cvEdit.php. Im not quite sure wheter this is good way for creating a website. I mean, for me, it looks like im creating too much new pages and my work is not efficient at all. Hope my explaination is clear enought.

Tom10

Well, maybe i should try to explain better 🙂

Because my page is database related, (Users need to enter information, view it and be enable to edit entries)every new option in my website is created with three files: create_option, edit_option, preview_option. So if i create CV, company info, announcements, motivation letters, that means (with my coding technique), that i will have 3x4=12 files. I think its not correct workflow, thats why im asking for support.

Bonesnap

I don't think it has too many pages; many applications have dozens of pages with dozens of folders. It really depends on the size of your project but as it gets larger you're going to need more pages simply because you're going to need to organize it better.

Simply put: don't be concerned with how many pages you have and instead ask yourself if your project is organized in a logical way. Breaking stuff down - even if it means creating lots of pages - is always a good practice since it increases maintainability and readability and that will help you in the long run.

Tom10

Its the first time then i am creating a website with php, its for university project. For me, it looks like damn, i use a new page for every new function. When i take a look at any php based page, im curious, does they really create new page for every link in the site 🙂))

Hmm, i have couple more questions to ask. For example, i have method to create new announce in the page. On submit, i print out announcer name, city, and lets say, time. I want to show announce info after clicking on announcers name. I do not know how to make it dynamic, that after different announcements users could watch information about them. Lets say i create a page, which publishes all announce information. But how make it dynamic, thats a question. I do not ask for code, i need just a direction towards.

Another question: For editing forms, i take user data from database, store it in session variable userInfo. Once user gets to the form edit page, in input field value i add this value:

value="<?php echo $session->userinfo['name'] ?>">

Is this is a good way of retrieving data? Im wondering, because session variables gets pumped up with (maybe not always necessary) data.

laserlight

Tom10 wrote:
On submit, i print out announcer name, city, and lets say, time. I want to show announce info after clicking on announcers name. I do not know how to make it dynamic, that after different announcements users could watch information about them.

So, you need a page that displays the announcements made by an announcer. The idea here is to retrieve all the announcements from the database where the announcer is the given announcer, then display them, looping over each announcement.

Tom10 wrote:
Lets say i create a page, which publishes all announce information. But how make it dynamic, thats a question.

Basically, you store the announcement information in a database, then retrieve from the database and display it, looping over each piece of announcement information.

There is the idea of separation of concerns here where one concern is the data model in terms of entities and relationships. Another concern is the presentation of the data to the user (stuff like HTML and a template language, or the use of PHP as a template language, can come into play). Yet another concern is with what exactly to present to the user, from the data that was stored (your functions that return data to be rendered in a template, etc).

Tom10

Here is what i did:
In the page announcement.php i added such a code:

while($row=mysql_fetch_array($result)){
                            $job_position = $row['job_position'];
                            echo "<tr><td>";   

                            echo "<a href=\"announcementPreview.php?job_position="  . $job_position . "\">$job_position</a>";
                            echo "</td><td>";
                        ?>

In announcementPreview.php, query, made such a change (query returning everything at this moment):

<?php
                        $job_position = $_GET['job_position'];
                        $sql = "SELECT * FROM " . TBL_COMPANIES_JOB . "," . TBL_COMPANIES . "
                            WHERE " . TBL_COMPANIES_JOB . ".`username` =  " . TBL_COMPANIES . ".`username` AND " 
                                . TBL_COMPANIES_JOB . ".`job_position` = '$job_position'";
                        $result=mysql_query($sql) or die(mysql_error());
                        ?>

The results are as i want, but im interesting whether this method is good for such a preview function 🙂

spufi

You'll want to handle validating the input to protect yourself from things like SQL injections. I prefer doing this using PDO.

http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/

Tom10

I guess your suggestion is for advance use.

For now, im interesting whether i made right decision in #6 post.

Another question:

For data displaying, i use these lines of code, in my announcePreview.php file:

                   <?php
                        $sql = "SELECT * FROM " . TBL_COMPANIES_JOB . "," . TBL_COMPANIES . "
                            WHERE " . TBL_COMPANIES_JOB . ".`username` =  " . TBL_COMPANIES . ".`username`";
                        $result=mysql_query($sql) or die(mysql_error());
                        ?>
                        <table border="1" cellpadding="5" cellspacing="5" width="100%">
                        <caption><EM>TEST TABLE returning values</EM></caption>
                        <tr>
                        <th>Ieškomas darbuotojas</th>
                        <th>&#302;mon&#279;</th>
                        <th>Miestas</th>
                        <th>&#302;k&#279;limo laikas</th>
                        </tr>
                         <?php
                        while($row=mysql_fetch_array($result)){
                            $job_position = $row['job_position'];
                            echo "<tr><td>";   

                            echo "<a href=\"announcementPreview.php?job_position=" . $job_position . "\">$job_position</a>";
                            echo "</td><td>";
                        ?>

I need to sort announcements by time, asc and desc. I could add buttons or select options. It would be good if someone tell me the way of passing sql query results from page to page. In that way, i could write method with sql for sorting and just send query for displaying data. And this would enable me to write query in database.php, not in the same page with html. I have some missunderstoods of using html with php in the same page.

bradgrafelman

Tom10;11000837 wrote:
I guess your suggestion is for advance use.

Definitely not; preventing SQL injections and/or just plain SQL errors (both due to unescaped input) should be considered even for "basic" use (or any use, really). Unless, of course, you don't care if your database is compromised and/or users receive receive error messages. Otherwise, see the PHP manual page [man]security.database.sql-injection[/man].

Other than the lack of security already mentioned, I'm not sure what else we're supposed to be critiquing.

Tom10

This is why i like foreign countries specialized forums, people always giving significant information what to look for, particularly then you are new in some sphere. Im always keen on learning good techniques, thats why im asking for help. Thanks.

I edited my #8th post while you were answering about injections.