Hi Wade,
Should be simple, no?
> Im supposed to create a simple little page to collect a Picture,
> Address, Price, Description and DateAdded. My question is about
> the picture.
So make a simple form, containing some input fields and a file input field.
That way a pic can be uploaded as well.
> They want the information put into a db only after its finally
> submitted. I cant do any temp tables.
I never ever used any temp tables, so I am not really sure about what you
mean. But finally submitted means the moment they hit the 'submit' button,
no?
So in the form let's say there are fields hoAddress, hoPrice, hoDescription
and hoPicture. On submit the date go to your script.
Do something like
"INSERT INTO homes (hoPrice, hoAddress, hoDescription, hoDateAdded) VALUES
($_POST["hoPrice"], $_POST["hoAddress"], $_POST["hoDescription"], NOW());"
Of course instead of $_POST["variable"] make a function clean_input($String,
$MaxLength) that strips HTML, cleans other possibly harmful stuff, replaces
special characters with HTML entities, escapes characters for storing them
in the DB and so on and when necessary reduces the length of the remaining
string after treatment to the length specified by $MaxLength.
Directly inserting posted data in a db is asking to get hacked. And the fun
thing is, you need to make that function only once, put it in
'functions.inc.php' and that file you use for ALL your customers**.
Now using mysql_insert_id or comparable functions for other databases
retrieve the value of the primary key.
The image in the meantime has been stored in $_FILES[], and now you will
need to:
- make sure that what was uploaded really was a picture (and not a virus,
script, executable, whatever
- determine its mime type and define the file extension (".jpg")
- give the file a name, say $Filename = "pic_".$PKValue.$Extension
- move the file from php's default temp location to $FullsizeDir.$Filename.
- if this successful (function returned true):
"UPDATE homes SET hoPicture='".$Filename."' WHERE hoPK=".$PKValue
- then when wanted create a thumbnail of the pic and store this in say
$ThumbsDir.$Filename
Pronto!
> Basically, with every home there is a id (obviously), and they dont
> want any records inserted unless its a done deal.
What is a done deal. Would say the deal is done when they pass the person
the info on how to put the house on the site, no?
> If the agent chooses Cancel they dont want any forgotten records in the
db.
Cancel=>
SELECT hoPicture FROM homes WHERE hoPK=...
if hoPicture<>'' => delete fullsize and thumbnail image, and delete the
corresponding record. Db cleaned up.
If they want to be able to judge the home before it goes visible on the
site, add a field hoAccepted (enum('yes','no')), default 'no' (or boolean,
default false) and let the person judging the houses set this 'yes' or
'true' when accepting (and doing the delete pic/deleta data thing on not
accepting).
That way the database stays clean, no messing around with temporary data and
always only submitted AND accepted homes on the site.
Basically, I would also add fields hoStatus, enum('for sale', 'sold') and
hoSold (datetime) to the table so that houses sold in the past need not be
deleted but can be filtered out, or shown for until one week after sale or
something like that, to give a bit an impression of recent sales or whatever
(always handy not to destroy your salesdata but to be able to do some
analysis on them later, you can always write the SQL so that only houses
that are both accepted AND are still for sale are the only ones shown. Do a
bit of thinking for your customer and make them some suggestions.
Although in the US I don't know if thinking done by the one who is only
supposed to do the job is really accepted*.
Marc
*In the times when I was still 18, and there was still a drafted army in the
Netherlands, there was a training, and Dutch and US soldiers were training
together. The Dutch were on one 'side', the Americans on the 'other'.
The Dutch had to make a fortified position that the Americans were going to
raid with tanks. The Dutch decided that the standard NATO way of making anti
tank trenches served for nothing, at least not to stop tanks, and improvised
something else. The improvisation did stop the American tanks ;-) After the
training, they got Flak for not following the rules on how to make an
anti-tank defense and hindering the Americans in their training. But...
At least in the Netherlands staff takes a pride in thinking for themselfes
and if there are good reasons for not doing something the way your boss
wants it to be done, you just try to convince him and show him what is the
weak point of how he wants it done. To a boss it's no loss of face when,
after some reasoning, agreeing with the other way.
Just meaning to say: if your client, who doesn't know too much of
programming and the way the site works, wants it done exactly this way, but
in your opinion another way is better, don't accept to do the job the wrong
way, just because you are paid for that. Try to convince them of having it
done right, or let them come with a good reason to do it the sloppy way.
After all, using one or two 'flag' fields you can build a solution that acts
exactly like the way they wanted the job done, but is a better
implementation of it.
**try to write your functions following some API, and keep your functions
using the same naming and parameter passing conventions. Now if later you
improve your 'functions.inc.php' you can upload it not only to the site you
were working on, but also to the sites of all your old customers as well, as
a service to them. They will be happy to hear that maintenance is being done
for free or for a small fee. And happy customers come back, or bring you new
customers.
Community email addresses:
Post message: [email protected]
Subscribe: [EMAIL PROTECTED]
Unsubscribe: [EMAIL PROTECTED]
List owner: [EMAIL PROTECTED]
Shortcut URL to this page:
http://groups.yahoo.com/group/php-list
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php-list/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
