Creating admin section to update website

[styzer]

Hi,

 

I have a music website, with many artists. I'd like to create an admin section to streamline the updating process and make it quicker and easier for me. It means a form to input text (name, surname, band name, etc), image files (artist pic) and audio files (mp3 files).  I tried different programs but they are too bloated for me (Joomla, Jamroom, Websitebaker could have worked, but didn't).

 

I'm new to PHP, I'm using a tutorial online. I started creating a form to insert informations that would then appear on my website. so far I have 2 files created: one is html and the other one is php. However, when I click on OK to submit the info, I get the html page showing the php code. I'm already stomped... not good...

 

I'm creating the files and look and feel in Homesite, a text web editor (no wysiwyg).

 

Anyone can help me figure this out?

 

Thanks!

 

styzer

 

 

[DeanWhitehouse]

can you show us your code

[styzer]

Hey thanks:

 

Sure.

 

HMTL

 

<div align="right" style="width:250px;padding:10px;background-color:#153242;color:#FFFFFF;">
<form method="post" action="verif.php">
Name : <input type="text" name="nom" size="20"><br>
First name : <input type="text" name="prenom" size="20"><br>
Band name: <input type="text" name="bandname" size="20"><br>
URL : <input type="text" name="url" size="20" value="http://"><br>
<br>

<input type="submit" value="OK"> 

</form>
</div>

 

Here is the php file (verif.php,  in the same folder, so the path is right):

 

<?php
$prenom = $_POST['prenom'];
$nom = $_POST['nom'];
$bandname = $_POST['bandname'];
$url = $_POST['url'];

if(empty($titre))
{
print("<center>Le '<b>Titre</b>' est vide !</center>");
exit();
}
// vérification du début de l'url
$verif_url = strtolower($url);
$verif_url = substr("$verif_url", 0, 7);
// on verifie les 7 premiers caractères
if ($verif_url!="http://")
{
print("L'URL doit commencer par <b>http://</b>");
exit();
}
else
{
print("$titre : <a href=\"$url\">$url</a>");
}

print("<center>Bonjour $prenom $nom $bandname $url</center>");
?> 

 

Thanks for looking into it,

 

styzer

 

 

[trq]

Ive gotta ask. You do have a php enabled webserver installed and configured?

[styzer]

hmmm... could this mean I can't test my code offline, then, and have to upload it to my server...

 

I did and now it's showing. Thanks, that's a promising start...

 

styzer

[DeanWhitehouse]

You can test offline you will need to install Apache i believe and PHP 5.0 (newest one).

 

Is the problem fixed?

[styzer]

Yes, so far the problem is fixed. More to come, I'm sure...

 

Anyone has ever done this? creating an admin section to update your website in real-time?

 

styzer

[Andy-H]

if(empty($titre))

{

print("<center>Le '<b>Titre</b>' est vide !</center>");

exit();

}

 

Where is the variable "$titre" coming from??

 

Also you could do with looking into security a little...

[styzer]

ah yes, I have to take "titre" out. Thanks for noticing.

 

As far as security, that would be my most challenging task. So far, I'm just babbling, and not going very far. Tutorials don't always take into account newbies need clear layouts...   You have a tutorial for starting up which you recommend?

 

Thanks all, it's awesome to get responses so quickly!

 

styzer

[DeanWhitehouse]

i say skip the tutorials , they arent always good, go learn php from w3schools and tizag, and some of PHP freaks tutorials, and you will be coding in no time.

[Andy-H]

Basic rules...

 

Data that will be part of an SQL query: mysql_real_escape_string($_POST['data']);

 

http://us3.php.net/mysql_real_escape_string

 

Data that will be displayed on page: stripslashes(htmlentities($_POST['data'], ENT_QUOTES));

 

http://us3.php.net/stripslashes

http://us3.php.net/htmlentities

 

ctype_??? <-- very usefull

http://us3.php.net/ctype

 

[DeanWhitehouse]

i dont think you need stripslashes , if you are using htmlentities, but use stripslashes for $_GET