Skip to content

Instantly share code, notes, and snippets.

@zyphlar zyphlar/class.php
Created Jul 18, 2012

Embed
What would you like to do?
<?php
// Public variables -- CONFIGURE ME
$dbname = "exampledb";
$dbuser = "exampleuser";
$dbpass = "examplepassword";
// Connect to MySQL using PDO
try {
$dbh = new PDO('mysql:host=localhost;dbname='.$dbname, $dbuser, $dbpass);
}
catch(Exception $e){
// If there are issues we'll output an error message. Warning, this can be a security risk!
die("Couldn't connect to the database. <pre>".$e."</pre>");
}
// only do processing if the form's been submitted
if(isset($_POST['submitbutton'])) {
// Sanitize inputs
$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$age = filter_var($_POST['age'], FILTER_SANITIZE_NUMBER_INT);
// Calculate birth year
$birthyear = date('Y') - $age;
// Prepare a statement to insert the sanitized inputs (important that they are sanitized!)
$stmt = $dbh->prepare("INSERT INTO birthyears (name, birthyear) VALUES (?, ?)");
// Run the statement in MySQL (grabbing the sanitized inputs above)
if($stmt->execute(array($name, $birthyear)) == 1) {
$message = "Created new Birthyear successfully.";
}
else {
$message = "Error creating new Birthyear.";
}
}
// Prepare a query to get all the birthyear data
$stmt = $dbh->query('SELECT * FROM birthyears');
// Execute it and store all the results in $results for use later
$resultrows = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Close the MySQL connection
$dbh = null;
?><html>
<head>
<style type="text/css">
body { font-family: Arial, Helvetica, sans-serif; }
p.message { color: green; }
table { border-collapse: collapse; }
table, td,th { border: 1px solid black; padding: 0.25em; }
</style>
</head>
<body>
<?php
// Time to display the data.
// First, output any messages. We can include simple variables inside quoted strings for brevity.
echo "<p class='message'>$message</p>";
// We're going to show all the birthyear data (if there is any) and ALSO the form to add more.
// Your choice, but it's good to keep the processing separate from the displaying.
// We'll start by preparing an HTML table for our data to show up in.
// The \r\n is a newline, so that we don't end up with all our HTML on the same line.
echo "<h2>Birthyears</h2>\r\n";
echo "<table>\r\n";
echo "<tr><th>Name</th><th>Birth Year</th></tr>\r\n";
// ForEach is a nice function that takes an array like $resultrows and goes thru it one-by-one, giving us
// the $row variable to work with. It's like for() except without all the math.
foreach($resultrows as $row) {
echo "<tr><td>".$row['name']."</td><td>".$row['birthyear']."</td></tr>\r\n";
}
echo "</table>\r\n";
?>
<hr />
<h3>Add a new Birthyear</h3>
<!-- The action is set by PHP code that returns the current file path (PHP_SELF) and
filters it with the htmlentities command for security. -->
<form method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
<input type="text" name="name" id="name" value="Your Name" />
<input type="text" name="age" id="age" value="Your Age" />
<input type="submit" name="submitbutton" id="submitbutton" value="Go!" />
</form>
</body>
</html>
<?php
// Public variables -- CONFIGURE ME
$dbname = "exampledb";
$dbuser = "exampleuser";
$dbpass = "examplepassword";
// Connect to MySQL using PDO
try {
$dbh = new PDO('mysql:host=localhost;dbname='.$dbname, $dbuser, $dbpass);
}
catch(Exception $e){
// If there are issues we'll output an error message. Warning, this can be a security risk!
die("Couldn't connect to the database. <pre>".$e."</pre>");
}
// Create tables and insert first bit of data
$stmt = $dbh->prepare("CREATE TABLE birthyears (id INT, name VARCHAR(99), birthyear INT)");
if($stmt->execute() == 1){
$stmt = $dbh->prepare("INSERT INTO birthyears (name, birthyear) VALUES (?, ?)");
if($stmt->execute(array("John Doe", "1984")) == 1) {
echo "Install successful!";
}
else {
echo "Couldn't insert into the table.";
}
}
else {
echo "Couldn't create the table.";
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.