I am working in a project which has the following restriction defined:
My PHP files must not have more than one opening or closing tag.
So it's PHP from top to bottom, but I am allowed to add static content by the means of 'import'.
What are proper/elegant ways to add static HTML content to my PHP index file (like outputting a website menu header or a formular) and at the same time resolve PHP variables inside the file.
Like a formular which makes a HTTP POST (login or register) and displays the previously entered email address in case of a mismatch, etc etc.
One way would be
echo "<form ...> \n <input ... value='$lastemail'>";
But I dislike the quoting. echo <<< EOF is also not great for the purpose imho.
I think HTML code should stay together without separating it into multiple echos so it can be validated.
So I am looking for a good solution to import/integrate static HTML code, like a template system and still resolve PHP variables.
Update:
The restriction is made to not mix HTML and PHP code.
I think I will need an engine/class/function which replaces variables inside a HTML template with PHP code. Like searching for ${variable} and replacing it with the php $variable as if it was PHP code.
I just thought maybe there is already something existing within PHP to solve that.
Update:
Should I oppose the requirement ?
Would be very interesting to hear the oppinion of a professional PHP developer with long history in that area. (On The restriction is made to not mix HTML and PHP code. )
Perhaps you could use a templating system? There are plenty out there for PHP. Some nice ones are (in my opinion):
Twig, which is very small and fast
Smarty, a little larger, but also fast and very popular
The solution that I provide now may seem lengthy and strenuous to enact but would one of the best ways to solve problems with such constraints. Create a database with two tables, one of which would store all the static data i.e. HTML code whereas the other would store dynamic data i.e. data that you want to be personalised. You can then use the database to separately eject dynamic and static data, all using just pure PHP.
<?php
$host = "127.0.0.1";
$user = "root";
$password = "****";
$db = "project";
$txt = NULL;
$conn = mysqli_connect($host, $user, $password, $db);
if(!conn){
header("location:error.htm");
}
$query1 = "SELECT dynamicdata FROM projectdynamicdata WHERE pagename ='index'";
$resultset1 = mysqli_query($conn, $query1);
while($row = mysqli_fetch_assoc($resultset1){
$txt = $row["dynamicdata"];
}
$query2 = "SELECT htmlpage FROM projectstaticdata WHERE pagename='index'";
$resultset2 = mysqli_query($conn, $query);
while($row = mysqli_fetch_assoc($resultset){
echo $row["htmlpage"];
}
mysqli_close($conn);
?>
This is what I would to solve such a problem.
Related
I'm new to this and I know I'm probably doing this entire thing the wrong way, but I've been at it all day trying to figure it out. I'm realizing there's a big difference between programming a real project of my own rather than just practicing small syntax-code online. So, I lack the experience on how to merge/pass different variables/scopes together. Understanding how to fit everything within the bigger picture is a completely different story for me. Thanks in advance.
What I'm trying to do, is to make the function "selectyacht" output data in a different location from where it's being called (in viewship.php). The output data (in viewship.php) needs to be only certain fields (not everything) returned and those results will be scattered all over the html page (not in a table). In addition to that, I have this variable: "$sqlstatement" (in sqlconn.php) that I'm trying to bring outside the function because I don't want to repeat the connection function every time. I tried a global variable, as much as I shouldn't, and it thankfully it gave me an error, which means I have to find a better way.
Basically my struggle is in understanding how I should structure this entire thing based on two factors:
To allow the second conditional statement in sqlconn.php to be typed
as least often as possible for different "selectyacht" functions
that will come in the future.
To allow the connection instance in sqlconn.php to reside outside the function since it will be used many times for different functions.
Returning data in a different place from where it's being called in viewship.php because the call will be a button press, not the results to be shown.
This is probably very simple, but yet it eludes me.
P.S. Some of this code is a copy/paste from other resources on the internet that I'm trying to merge with my own needs.
sqlconn.php
<?php
$servername = "XXXXXXXX";
$username = "XXXXXXXX";
$password = "XXXXXXXX";
$dbname = "XXXXXXXX";
// Instantiate the connection object
$dbconn = new mysqli($servername, $username, $password, $dbname);
// Check if the connection works or show an error
if ($dbconn->connect_error) {
die("Connection failed: " . $dbconn->connect_error);
}
// Create a query based on the ship's name
function selectyacht($shipname) {
global $sqlstatement;
$sqlstatement = "SELECT * FROM ships WHERE Name=" . "'" . $shipname . "'";
}
// Put the sql statement inside the connection.
// Additional sql statements will be added in the future somehow from other functions
$query = $dbconn->query($sqlstatement);
// Return the data from the ship to be repeated as less as possible for each future function
if ($query->field_count > 0) {
while($data = $query->fetch_assoc()) {
return $data;
}
}
else {
echo "No data found";
}
// Close the connection
$dbconn->close();
?>
viewship.php
<html>
<body>
<?php include 'sqlconn.php';?>
<!-- ship being selected from different buttons -->
<?php selectyacht("Pelorus");?>
<br>
<!-- This is the output result -->
<?php echo $data["Designer"];?>
<?php echo $data["Length"];?>
<?php echo $data["Beam"];?>
<?php echo $data["Height"];?>
</body>
</html>
Mate, I am not sure if I can cover whole PHP coding standards in one answer but I will try to at least direct you.
First of all you need to learn about classes and object oriented programming. The subject itself could be a book but what you should research is autoloading which basically allows you to put your functions code in different files and let server to include these files when you call function used in one of these files. This way you will be able to split code responsible for database connection and for performing data operations (fetching/updating/deleting).
Second, drop mysqli and move to PDO (or even better to DBAL when you discover what Composer is). I know that Internet is full of examples based on mysqli but this method is just on it's way out and it is not coming back.
Next, use prepared statements - it's a security thing (read about SQL injection). Never, ever put external variables into query like this:
"SELECT * FROM ships WHERE Name=" . "'" . $shipname . "'";
Anyone with mean intentions is able to put there string which will modify your query to do whatever he wants eg. erase your database completely. Using prepared statements in PDO your query would look like this:
$stmt = $this->pdo->prepare("SELECT * FROM ships WHERE Name = :ship_name");
$stmt->bindValue(':ship_name', $shipname);
Now to your structure - you should have DB class responsible only for database connection and Ships class where you would have your functions responsible eg. for fetching data. Than you would pass (inject) database connection as an argument to class containing you selectYacht function.
Look here for details how implementation looks like: Singleton alternative for PHP PDO
For
'Returning data in a different place from where it's being called'
If I understand you correctly you would like to have some field to input ship name and button to show its details after clicking into it. You have 2 options here:
standard form - you just create standard html form and submit it with button click redirecting it to itself (or other page). In file where you would like to show results you just use function selectYacht getting ship name from POST and passing it to function selectYacht and then just printing it's results (field by field in places you need them)
AJAX form - if you prefer doing it without reloading original page - sending field value representing ship name via AJAX to other page where you use selectYacht function and update page with Java Script
Just a small question for anyone out there that uses smarty. I am trying to pass PHP directly into my code, but when I do, the cached version cuts out the PHP and just prints it directly like so.
<div class="dashboard-card-content">
<?php
$con = mysqli_connect(Nice,Try,Fly,Guy);
$company_id = $_smarty_tpl->tpl_vars['auth']->value['user_id'];
$company_id = mysqli_query($con,"SELECT company_id FROM cscart_users WHERE user_id = $company_id")->fetch_object()->company_id;
$company_id = mysqli_query($con,"SELECT goal FROM cscart_companies WHERE company_id = $company_id")->fetch_object()->goal;
echo "Your current goal is: ".$company_id;
?>
This just prints all of it out on my webpage, so I tried using the following:
{Literal}
{Include_php}
{php}
And I just can't find a way to get my PHP code to go into my TPL how I want it. This is becoming really frustrating and all I want is for my cache files to leave the PHP code alone. Sorry if this is a dumb question but I have been researching this for a while. How do I implement SmartyBC so that I can still use PHP injections. And if using SmartyBC is a bad idea, can someone give me a dumbed down version of how to use a seperate PHP function page to set variables to show in the Template?
Smarty is a template engine for presentation logic only. You cannot put application logic inside a template. It was possible in older versions of Smarty but fortunately not anymore. Just execute those funcions in a php file and pass the result to the template.
And yes, you can use SmartyBC: http://www.smarty.net/docs/en/bc.tpl, but that's supposed to be used for compatibility with existing projects. It's a really bad idea and shouldn't be used for new projects.
Why do you want to use php in Smarty?
Put your logic into a class or function, and pass the data via the controller: Registry::get('view')->assign('smarty_variable', $data), and you are good to go.
You can create PHP function which gets necessary data from database. E.g.
function fn_get_company_goal($user_id)
{
$company_id = db_get_field("SELECT company_id FROM ?:users WHERE user_id = ?i, $user_id");
$goal = db_get_field("SELECT goal FROM ?:companies WHERE company_id = ?i, $company_id");
return $goal;
}
Put it to your addon. Then you can use it in the Smarty template in the following manner:
{$goal = $user_id|fn_get_company_goal}
I am new to PHP.
I need a help regarding the methods of extracting DB name and table name from the given URL name.
For example, let's say, I have an URL like the one below:
/test.php?db=...&table=.../
How to extract the DB name and table name from this URL using PHP and use the result for other query purposes.
If you mean how to parse an existing URL for it's parameters:
parse_url() and parse_str() will help you strip the components of the url. You will primarily be looking at the following
$elements = parse_url($url);
$kvps = $elements->query;
$db = parse_str($kvps['db']);
$table = parse_str($kvps['table']);
But, if you mean how to GET variables from the current page before render:
<?php
$dbname = $_GET['db'];
$tablename = $_GET['table'];
?>
And yea, there are major security risks involved in opening up 'direct' access to your database this way. Best to obfuscate / encapsulate / wrap your functions in tasks like index.php&addUser=tim instead of index.php&insert=tim&db=boofar&table=users&dbuser=root&dbpassword=secure.
If you're just learning, what you're doing is fine, as long as you realize why it's wrong. If you're coding for production, you really need an alternate solution.
There are two ways to pass variables or data to another page.
GET (via the URL)
and
POST (usually a form submission)
You can alway get via
$_GET
http://php.net/manual/en/reserved.variables.get.php
or
$_POST
http://nl.php.net/manual/en/reserved.variables.post.php
So, im making a file hosting site, and am using some form builders to start off with. However, these builders do NOT support PHP. Now, i would like to shrink some URLs, how can i do this in pure HTML, without adding in PHP methods. I am fine with goo[dot]gl, bit.ly, tinyurl.com, or whatever else!
HTML is a Markup Language.
If you want to use some API, or anything more coding-oriented, you have to use a real programming language - you choose : for your purpose PHP would be the best choice.
Now, if you finally decide to use PHP, it's really easy.
Code (for TinyURL) :
<?php
function createTinyUrl($strURL) {
$tinyurl = file_get_contents("http://tinyurl.com/api-create.php?url=".$strURL);
return $tinyurl;
}
?>
Usage :
<?php
$myTinyUrl = createTinyUrl("http://www.yourdomain.com/some-long-url-here");
?>
And that's all! ;-)
If the form builders don't support PHP you need to write it yourself. PHP is very easy to work with.
Here is an example for you. (Assuming you have PHP set up on your web host:)
Save the file with the extension .PHP (or whatever your web host uses - might be .PHP5 for php5) instead of .HTML
You can use the super-global $_GET to accept certain variables from the URL in the address bar ex.:
$short_url = $_GET["q"];
Since i'm getting a variable named 'q', if you access the page with a parameter named 'q' I will have that variable stored ex.:
http://your.site/?q=shorturl # Assumes your index file takes the 'q' variable
Now it is up to you what to do with that variable. The best thing would be to set up a MySQL database so that when you get a value like 'shorturl' you can do a quick SQL query to return the full address ex.:
# Make DB connection
$db = new PDO("mysql:host='X.X.X.X';dbname='mydb'", $user, $secret);
# Function to search database for URL
function getFullURL($short_url) {
$result;
$sql = "SELECT full_url FROM tbl_addresses WHERE short_url='?'";
$query = $db->prepare($sql);
$query->execute(array($short_url));
$rows = $query->rowCount();
if ($rows == 1)
$result = $query->fetchAll();
return $result;
}
There's really not much to it in PHP with MySQL.
I've searched far and wide and every CMS tutorial out there either doesn't explain this at all or gives you a huge chunk of code without explaining how it works. Even on stack overflow I can't find anything close to the answer, though I'd be okay with eating my words if someone could point me to the answer.
I am using PHP and mysql for this project.
I am building a CMS. Its extremely simple and I understand every concept I think I'll need except how to dynamically generate pages and page links. The way I want to do it is by having a database table that stores the name of a page and the main content of the page. That's all. Then I'd just call a script to pull the main content of a page into whatever page I happen to call. No big deal, right? Wrong.
Here's the problem. If I were to do this then I'd have to create a file for every page I want to create that calls the script that pulls the content from the correct database row. So I could add all sorts of page names and contents into the table but I don't know how to call them without manually creating new files each time I want to link to a new page.
Ideally there'd be a script that creates links to pages based on the page name row of the DB table as the pages are created. But how do you get those links with the ?=pageName at the end? If I just knew how that worked then I could figure the rest out.
UPDATE
The second answer really confirmed everything I thought I had to do but there is one catch. My plan now is to split up all the code into a series of functions and either include or require them in different templates that will be used to format the way pages are displayed. I need one look for the home page and one other design for the rest of the pages. I'm thinking that I'll have a function that says if ID is 0 then call this page template.php else call this other template file.php. But how do I pass the required variables to these new files? Do I just include the index.PHP page in them?
Bill your actually on the right track. Almost all web software today does extensive URL processing. Traditionally you would have php pages on your web root and then utilize the query string in the URL to refine the page's output. You have already arrived at why this might not be desired. So the popular alternative is the Front Controller design pattern. Basically we funnel every request to your index.php page and then route the request to internal pages or apps outside the web root. This can get complicated fast and everybody seems to implement this pattern in unique ways.
We can utilize this pattern without the routing by simply putting our app in the index page. The script below shows an example of what your trying to do in the simplest of ways. We basically have one page with our script. We can request the virtual pages by changing the id query string in our url. For example www.demo.net/?id=0 can be utilized as an index to your site. This should be the same as www.demo.net without the 'id' query. Just keep solving those problems one by one even if you don't know what the problem is. Once you start looking at other peoples code, then you can start seeing how other people solved the same problems you have.
The solution below will get you started, but then what do you do when you want an admin page? How do you authenticate the user? Do you duplicate alot of the code for yet another page? If your serious about your CMS then your going to want to implement some kind of framework underneath it. A framework to process the url, route to your application, load configuration files, and probably manage your database connection. Yea it gets complicated, but not if you solve each problem one at a time. Utilize classes or functions to share code to start. At the very least include a common "bootstrap" file at the top of your page to initialize common functionality such as a database connection. Read Stack Overflow just to keep up with whats going on. You can learn alot of terminology and probably find some answers to questions you didn't even know you wanted to ask.
Below assume we have a table with the following fields:
page_id
page_name
page_title
page_body
<?php
//<--------Move outside of web root-------------->
define('DB_HOST', 'localhost');
define('DB_USER', 'cms');
define('DB_PASS', 'changeme');
define('DB_DB', 'cms');
define('DB_TABLE', 'cms_pages');
//<---------------------------------------------->
//Display errors for development testing
ini_set('display_errors','On');
//Get the requested page id
if(isset($_GET['id']))
{
$id = $_GET['id'];
}
else
{
//Make page id '0' an index page to catch all
$id = 0;
}
//Establish a connection to MySQL
$conn = mysql_connect(DB_HOST,DB_USER,DB_PASS) or die(mysql_error());
//Select the database we will be querying
mysql_select_db(DB_DB, $conn) or die(mysql_error());
//Lets just grab the whole table
$sql = "SELECT * FROM ".DB_TABLE;
$resultset = mysql_query($sql, $conn) or die(mysql_error());
//The Select Query succeeded, but returned 0 result.
if (mysql_num_rows($resultset)==0)
{
echo "<pre>Add some Pages to my CMS</pre>";
exit;
}
//This is our target array we need to fill with arrays of pages
$result = array();
//Convert result into an array of associative arrays
while($row = mysql_fetch_assoc($resultset))
{
$result[] = $row;
}
//We now have all the information needed to build our app
//Page name - Short name for buttons, etc.
$name = "";
//Page title - The page content title
$title = "";
//Page body - The content you have stored in a table
$body = "";
//Page navigation - Array of formatted links
$nav = array();
//Process all pages in one pass
foreach($result as $row)
{
//Logic to match the requested page id
if($row['page_id'] == $id)
{
//Requested Page
$name = $row['page_name'];
$title = $row['page_title'];
$body = $row['page_body'];
$page = "<b>$name</b>";
}
else
{
//Not the requested page
$page = $row['page_name'];
}
//Build the navigation array preformatted with list items
$url = "./?id=" . $row['page_id'];
$nav[] = "<li>$page</li>";
}
?>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>SimpleCMS | <?php echo $title; ?></title>
</head>
<body>
<div>
<div id="navigation" style="float:left;">
<ul>
<?php
foreach($nav as $item)
{
echo $item;
}
?>
</ul>
</div>
<div id="content"><?php echo $body;?></div>
</div>
</body>
</html>
I think you need to read about $_GET.
I also recommend a decent PHP book. Forget online tutorials; they are (for the most part) utterly useless.