Practical 2
PHP MySQL CRUD Application
1 Creating Posts
1.1 Edit create.php
create.php
<?php require "../includes/header.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_POST['submit'])) {
if($_POST['title'] == '' OR $_POST['subtitle'] == '' OR $_POST['body'] == '') {
echo "one or more inputs are empty";
} else {
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$body = $_POST['body'];
$img = $_FILES['img']['name'];
$user_id = $_SESSION['user_id'];
$dir = 'images/' . basename($img);
$insert = $conn->prepare("INSERT INTO posts (title, subtitle, body, img, user_id)
VALUES (:title, :subtitle, :body, :img, :user_id)");
$insert->execute([
':title' => $title,
':subtitle' => $subtitle,
':body' => $body,
':img' => $img,
':user_id' => $user_id,
]);
if(move_uploaded_file($_FILES['img']['tmp_name'], $dir)) {
//echo "done";
header('location: http://localhost/clean-blog/index.php');
}
}
}
?>
<form method="POST" action="create.php" enctype="multipart/form-data">
<!-- Email input -->
<div class="form-outline mb-4">
<input type="text" name="title" id="form2Example1" class="form-control"
placeholder="title" />
</div>
<div class="form-outline mb-4">
<input type="text" name="subtitle" id="form2Example1" class="form-control"
placeholder="subtitle" />
</div>
<div class="form-outline mb-4">
<textarea type="text" name="body" id="form2Example1" class="form-control"
placeholder="body" rows="8"></textarea>
</div>
<div class="form-outline mb-4">
<input type="file" name="img" id="form2Example1" class="form-control"
placeholder="image" />
</div>
<!-- Submit button -->
<button type="submit" name="submit" class="btn btn-primary mb-4 text-
center">create</button>
</form>
<?php require "../includes/footer.php"; ?>
1.1.1 Create folder images
1.1.2 Create table posts
1.1.3 Edit login.php
if($login->rowCount() > 0) {
if(password_verify($password, $row['mypassword'])) {
echo "logged in";
$_SESSION['username'] = $row['username'];
$_SESSION['user_id'] = $row['id'];
header('location: http://localhost:8080/clean-blog/index.php');
}
}
1.1.4 Clean up all hyperlinks
Use full link for all hyperlinks. Examples:
From "../clean-blog/auth/login.php" to "http://localhost/clean-blog/auth/login.php"
2 Showing the Posts in the Index Page
By studying the output, we need to store username to database because it is displayed with every posts.
2.1 Edit create.php
create.php
<?php require "../includes/header.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_POST['submit'])) {
if($_POST['title'] == '' OR $_POST['subtitle'] == '' OR $_POST['body'] == '') {
echo "one or more inputs are empty";
} else {
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$body = $_POST['body'];
$img = $_FILES['img']['name'];
$user_id = $_SESSION['user_id'];
$user_name = $_SESSION['username'];
$dir = 'images/' . basename($img);
$insert = $conn->prepare("INSERT INTO posts (title, subtitle, body, img, user_id,
user_name)
VALUES (:title, :subtitle, :body, :img, :user_id, :user_name)");
$insert->execute([
':title' => $title,
':subtitle' => $subtitle,
':body' => $body,
':img' => $img,
':user_id' => $user_id,
':user_name' => $user_name,
]);
if(move_uploaded_file($_FILES['img']['tmp_name'], $dir)) {
//echo "done";
header('location: http://localhost/clean-blog/index.php');
}
}
}
?>
<form method="POST" action="create.php" enctype="multipart/form-data">
<!-- Email input -->
<div class="form-outline mb-4">
<input type="text" name="title" id="form2Example1" class="form-control"
placeholder="title" />
</div>
<div class="form-outline mb-4">
<input type="text" name="subtitle" id="form2Example1" class="form-control"
placeholder="subtitle" />
</div>
<div class="form-outline mb-4">
<textarea type="text" name="body" id="form2Example1" class="form-control"
placeholder="body" rows="8"></textarea>
</div>
<div class="form-outline mb-4">
<input type="file" name="img" id="form2Example1" class="form-control"
placeholder="image" />
</div>
<!-- Submit button -->
<button type="submit" name="submit" class="btn btn-primary mb-4 text-
center">create</button>
</form>
<?php require "../includes/footer.php"; ?>
2.2 Add username to table posts
2.3 Edit index.php
index.php
<?php require "includes/header.php"; ?>
<?php require "config/config.php"; ?>
<?php
$posts = $conn->query("SELECT * FROM posts");
$posts->execute();
$rows = $posts->fetchAll(PDO::FETCH_OBJ);
?>
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<?php //echo 'hello ' . $_SESSION['username']; ?>
<?php foreach($rows as $row) : ?>
<!-- Post preview-->
<div class="post-preview">
<a href="http://localhost/clean-blog/posts/post.php?post_id=<?php echo $row->id;
?>">
<h2 class="post-title"><?php echo $row->title; ?></h2>
<h3 class="post-subtitle"><?php echo $row->subtitle; ?></h3>
</a>
<p class="post-meta">
Posted by
<a href="#!"><?php echo $row->user_name; ?></a>
<?php echo date('F', strtotime($row->created_at)) . ' ' . date('d',
strtotime($row->created_at)) . ', ' . date('Y', strtotime($row->created_at)); ?>
</p>
</div>
<!-- Divider-->
<hr class="my-4" />
<?php endforeach; ?>
<!-- Pager-->
</div>
</div>
<?php require "includes/footer.php"; ?>
3 Showing a Single Post
Something wrong when using <?php require "../includes/header.php"; ?>.
Need to separate page header with navigation bar
3.1 Create navbar.php
navbar.php
<?php session_start(); ?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
<meta name="description" content="" />
<meta name="author" content="" />
<title>Clean Blog - Start Bootstrap Theme</title>
<link rel="icon" type="image/x-icon" href="assets/favicon.ico" />
<!-- Font Awesome icons (free version)-->
<script src="https://use.fontawesome.com/releases/v6.1.0/js/all.js"
crossorigin="anonymous"></script>
<!-- Google fonts-->
<link href="https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic"
rel="stylesheet" type="text/css" />
<link href="https://fonts.googleapis.com/css?
family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800"
rel="stylesheet" type="text/css" />
<!-- Core theme CSS (includes Bootstrap)-->
<link href="http://localhost/clean-blog/css/styles.css" rel="stylesheet" />
</head>
<body>
<!-- Navigation-->
<nav class="navbar navbar-expand-lg navbar-light" id="mainNav">
<div class="container px-4 px-lg-5">
<a class="navbar-brand" href="index.html">Start Bootstrap</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-
target="#navbarResponsive" aria-controls="navbarResponsive" aria-expanded="false" aria-
label="Toggle navigation">
Menu
<i class="fas fa-bars"></i>
</button>
<div class="collapse navbar-collapse" id="navbarResponsive">
<ul class="navbar-nav ms-auto py-4 py-lg-0">
<div class="input-group ps-5">
<div id="navbar-search-autocomplete" class="w-100">
<form method="POST" action="#">
<input name="search" type="search" id="form1" class="form-control mt-3"
placeholder="search" />
</form>
</div>
</div>
<li class="nav-item"><a class="nav-link px-lg-3 py-3 py-lg-4"
href="http://localhost/clean-blog/index.php">Home</a></li>
<?php if(isset($_SESSION['username'])) : ?>
<li class="nav-item"><a class="nav-link px-lg-3 py-3 py-lg-4"
href="http://localhost/clean-blog/posts/create.php">create</a></li>
<li class="nav-item dropdown mt-3">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button"
data-bs-toggle="dropdown" aria-expanded="false">
<?php echo $_SESSION['username']; ?>
</a>
<ul class="dropdown-menu" aria-labelledby="navbarDropdown">
<li><a class="dropdown-item" href="#">Profile</a></li>
<li><a class="dropdown-item"
href="http://localhost/clean-blog/auth/logout.php">logout</a></li>
</ul>
</li>
<?php else : ?>
<li class="nav-item"><a class="nav-link px-lg-3 py-3 py-lg-4"
href="http://localhost/clean-blog/auth/login.php">login</a></li>
<li class="nav-item"><a class="nav-link px-lg-3 py-3 py-lg-4"
href="http://localhost/clean-blog/auth/register.php">register</a></li>
<?php endif; ?>
<li class="nav-item"><a class="nav-link px-lg-3 py-3 py-lg-4"
href="http://localhost/clean-blog/contact.php">Contact</a></li>
</ul>
</div>
</div>
</nav>
3.2 Edit header.php
header.php
<?php require "navbar.php"; ?>
<!-- Page Header-->
<header class="masthead" style="background-image:
url('http://localhost/clean-blog/assets/img/home-bg.jpg')">
<div class="container position-relative px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<div class="site-heading">
<h1>Clean Blog</h1>
<span class="subheading">A Blog Theme by Start Bootstrap</span>
</div>
</div>
</div>
</div>
</header>
<!-- Main Content-->
<div class="container px-4 px-lg-5">
3.3 Edit post.php
<?php require "../includes/navbar.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['post_id'])) {
$id = $_GET['post_id'];
$select = $conn->query("SELECT * FROM posts WHERE id = '$id'");
$select->execute();
$post = $select->fetch(PDO::FETCH_OBJ);
}
else {
echo "404"; /** This line will produce error. Ignore for now. */
}
?>
<!-- Page Header-->
<header class="masthead" style="background-image: url('images/<?php echo $post->img; ?
>')">
<div class="container position-relative px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<div class="post-heading">
<h1><?php echo $post->title; ?></h1>
<h2 class="subheading"><?php echo $post->subtitle; ?></h2>
<span class="meta">
Posted by
<a href="#!"><?php echo $post->user_name; ?></a>
on
<?php echo date('F', strtotime($post->created_at)) . ' ' . date('d',
strtotime($post->created_at)) . ', ' . date('Y', strtotime($post->created_at)); ?>
</span>
</div>
</div>
</div>
</div>
</header>
<!-- Post Content-->
<article class="mb-4">
<div class="container px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<p><?php echo $post->body; ?></p>
<!--<p>
Placeholder text by
<a href="http://spaceipsum.com/">Space Ipsum</a>
· Images by
<a href="https://www.flickr.com/photos/nasacommons/">NASA on The Commons</a>
</p>-->
</div>
</div>
</div>
</article>
<?php require "../includes/footer.php"; ?>
4 Deleting Posts
4.1 Edit post.php
post.php
<?php require "../includes/navbar.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['post_id'])) {
$id = $_GET['post_id'];
$select = $conn->query("SELECT * FROM posts WHERE id = '$id'");
$select->execute();
$post = $select->fetch(PDO::FETCH_OBJ);
}
else {
echo "404"; /** This line will produce error. Ignore for now. */
}
?>
<!-- Page Header-->
<header class="masthead" style="background-image: url('images/<?php echo $post->img; ?
>')">
<div class="container position-relative px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<div class="post-heading">
<h1><?php echo $post->title; ?></h1>
<h2 class="subheading"><?php echo $post->subtitle; ?></h2>
<span class="meta">
Posted by
<a href="#!"><?php echo $post->user_name; ?></a>
on
<?php echo date('F', strtotime($post->created_at)) . ' ' . date('d',
strtotime($post->created_at)) . ', ' . date('Y', strtotime($post->created_at)); ?>
</span>
</div>
</div>
</div>
</div>
</header>
<!-- Post Content-->
<article class="mb-4">
<div class="container px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<p><?php echo $post->body; ?></p>
<!--<p>
Placeholder text by
<a href="http://spaceipsum.com/">Space Ipsum</a>
· Images by
<a href="https://www.flickr.com/photos/nasacommons/">NASA on The Commons</a>
</p>-->
<a href="http://localhost/clean-blog/posts/delete.php?del_id=<?php echo $post-
>id; ?>" class="btn btn-danger text-center float-end">Delete</a>
</div>
</div>
</div>
</article>
<?php require "../includes/footer.php"; ?>
4.2 Create delete.php
delete.php
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['del_id'])) {
$id = $_GET['del_id'];
$delete = $conn->prepare("DELETE FROM posts WHERE id = :id");
$delete->execute([':id' => $id]);
header('location: http://localhost/clean-blog/index.php');
}
?>
5 Updating Posts
5.1 Edit post.php
post.php
<?php require "../includes/navbar.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['post_id'])) {
$id = $_GET['post_id'];
$select = $conn->query("SELECT * FROM posts WHERE id = '$id'");
$select->execute();
$post = $select->fetch(PDO::FETCH_OBJ);
}
else {
echo "404"; /** This line will produce error. Ignore for now. */
}
?>
<!-- Page Header-->
<header class="masthead" style="background-image: url('images/<?php echo $post->img; ?
>')">
<div class="container position-relative px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<div class="post-heading">
<h1><?php echo $post->title; ?></h1>
<h2 class="subheading"><?php echo $post->subtitle; ?></h2>
<span class="meta">
Posted by
<a href="#!"><?php echo $post->user_name; ?></a>
on
<?php echo date('F', strtotime($post->created_at)) . ' ' . date('d',
strtotime($post->created_at)) . ', ' . date('Y', strtotime($post->created_at)); ?>
</span>
</div>
</div>
</div>
</div>
</header>
<!-- Post Content-->
<article class="mb-4">
<div class="container px-4 px-lg-5">
<div class="row gx-4 gx-lg-5 justify-content-center">
<div class="col-md-10 col-lg-8 col-xl-7">
<p><?php echo $post->body; ?></p>
<!--<p>
Placeholder text by
<a href="http://spaceipsum.com/">Space Ipsum</a>
· Images by
<a href="https://www.flickr.com/photos/nasacommons/">NASA on The Commons</a>
</p>-->
<a href="http://localhost/clean-blog/posts/delete.php?del_id=<?php echo $post-
>id; ?>" class="btn btn-danger text-center float-end">Delete</a>
<a href="update.php?upd_id=<?php echo $post->id; ?>" class="btn btn-warning text-
center">Update</a>
</div>
</div>
</div>
</article>
<?php require "../includes/footer.php"; ?>
5.2 Edit update.php
update.php
<?php require "../includes/header.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['upd_id'])) {
$id = $_GET['upd_id'];
//first query
$select = $conn->query("SELECT * FROM posts WHERE id = '$id'");
$select->execute();
$rows = $select->fetch(PDO::FETCH_OBJ);
//second query
if(isset($_POST['submit'])) {
if($_POST['title'] == '' OR $_POST['subtitle'] == '' OR $_POST['body'] == '') {
echo "one or more inputs are empty";
} else {
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$body = $_POST['body'];
$update = $conn->prepare("UPDATE posts SET title = :title, subtitle = :subtitle, body =
:body WHERE id = '$id'");
$update->execute([
':title' => $title,
':subtitle' => $subtitle,
':body' => $body,
]);
header('location: http://localhost/clean-blog/index.php');
}
}
}
?>
<form method="POST" action="update.php?upd_id=<?php echo $id; ?>">
<!-- Email input -->
<div class="form-outline mb-4">
<input type="text" name="title" id="form2Example1" class="form-control"
placeholder="title" value="<?php echo $rows->title; ?>"/>
</div>
<div class="form-outline mb-4">
<input type="text" name="subtitle" id="form2Example1" class="form-control"
placeholder="subtitle" value="<?php echo $rows->subtitle; ?>"/>
</div>
<div class="form-outline mb-4">
<textarea type="text" name="body" id="form2Example1" class="form-control"
placeholder="body" rows="8"><?php echo $rows->body; ?></textarea>
</div>
<div class="form-outline mb-4">
<input type="file" name="img" id="form2Example1" class="form-control" placeholder="image"
/>
</div>
<!-- Submit button -->
<button type="submit" name="submit" class="btn btn-primary mb-4 text-
center">Update</button>
</form>
<?php require "../includes/footer.php"; ?>
6 Finishing up Updating and Deleting Posts (with Images)
Previously, delete or update post do not delete or update (change) image in directory.
Now, we’re going to do that.
6.1 Edit delete.php
delete.php
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['del_id'])) {
$id = $_GET['del_id'];
$select = $conn->query("SELECT * FROM posts WHERE id =' $id'");
$select->execute();
$posts = $select->fetch(PDO::FETCH_OBJ);
unlink("images/" . $posts->img . "");
$delete = $conn->prepare("DELETE FROM posts WHERE id = :id");
$delete->execute([':id' => $id]);
header('location: http://localhost/clean-blog/index.php');
}
?>
6.2 Edit update.php
update.php
<?php require "../includes/header.php"; ?>
<?php require "../config/config.php"; ?>
<?php
if(isset($_GET['upd_id'])) {
$id = $_GET['upd_id'];
//first query
$select = $conn->query("SELECT * FROM posts WHERE id = '$id'");
$select->execute();
$rows = $select->fetch(PDO::FETCH_OBJ);
//second query
if(isset($_POST['submit'])) {
if($_POST['title'] == '' OR $_POST['subtitle'] == '' OR $_POST['body'] == '') {
echo "one or more inputs are empty";
} else {
unlink("images/" .$rows->img. "");
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$body = $_POST['body'];
$img = $_FILES['img']['name'];
$dir = 'images/' . basename($img);
$update = $conn->prepare("UPDATE posts SET title = :title, subtitle = :subtitle, body =
:body, img = :img WHERE id = '$id'");
$update->execute([
':title' => $title,
':subtitle' => $subtitle,
':body' => $body,
':img' => $img
]);
if(move_uploaded_file($_FILES['img']['tmp_name'], $dir)) {
header('location: http://localhost/clean-blog/index.php');
}
}
}
}
?>
<form method="POST" action="update.php?upd_id=<?php echo $id; ?>" enctype="multipart/form-
data">
<!-- Email input -->
<div class="form-outline mb-4">
<input type="text" name="title" id="form2Example1" class="form-control"
placeholder="title" value="<?php echo $rows->title; ?>"/>
</div>
<div class="form-outline mb-4">
<input type="text" name="subtitle" id="form2Example1" class="form-control"
placeholder="subtitle" value="<?php echo $rows->subtitle; ?>"/>
</div>
<div class="form-outline mb-4">
<textarea type="text" name="body" id="form2Example1" class="form-control"
placeholder="body" rows="8"><?php echo $rows->body; ?></textarea>
</div>
<div class="form-outline mb-4">
<input type="file" name="img" id="form2Example1" class="form-control" placeholder="image"
/>
</div>
<!-- Submit button -->
<button type="submit" name="submit" class="btn btn-primary mb-4 text-
center">Update</button>
</form>
<?php require "../includes/footer.php"; ?>