This section details the code involved in the script. The descriptions are of a high level, as most of the topics have already been covered. Additional descriptions are provided when new topics are introduced.
meeting.sql
meeting.sql is the SQL code used to create the database for this application.
Script 9-1 meeting.sql
1. CREATE TABLE users ( 2. id INT NOT NULL, 3. first VARCHAR(32), 4. last VARCHAR(32), 5. phone VARCHAR(16), 6. email VARCHAR(64), 7. pass VARCHAR(8), 8. PRIMARY KEY(id)); 9. 10. CREATE TABLE rooms ( 11. id INT NOT NULL, 12. name VARCHAR(32), 13. location VARCHAR(128), 14. PRIMARY KEY(id)); 15. 16. INSERT INTO rooms VALUES(0,'Virtual Room','Virtual Location'); 17. 18. CREATE TABLE meetings ( 19. id INT NOT NULL, 20. name VARCHAR(64), 21. startdate DATETIME, 22. enddate DATETIME, 23. room INT, 24. agenda TEXT, 25. phone VARCHAR(16), 26. web VARCHAR(128), 27. originator INT, 28. PRIMARY KEY(id)); 29. 30. CREATE TABLE meetingusers ( 31. meeting INT, 32. userid INT);
Script 9-1. meeting.sql Line-by-Line Explanation
| LINE | DESCRIPTION |
| 1 8 | Create the table that holds the user information. |
| 10 14 | Create the table that holds the room information. |
| 16 | Create a default room to be used in "virtual" meetings that occur over the phone or on the Web. |
| 18 28 | Create the table to hold the meeting data. "room" and "originator" are pseudo-foreign keys that link back to the users and rooms tables. |
| 30 32 | Create a table to hold the users for each meeting. Each row in the table corresponds to keys for a user and a meeting. One meeting can have several records in this table. |
meeting.php
meeting.php is the main script for the application. It contains all of the commonly used functions.
Script 9-2 meeting.php
[View full width]
1. <? 2. function addmeetingwizard($step) { 3. session_start(); 4. head(); 5. global $fields, $page, $HTTP_POST_VARS, $user; 6. switch($step) { 7. case("1"): 8. if(isset($fields)) { session_unregister("fields"); } 9. ?> 10. <form action="<?=$page?>" method="post"> 11. <table border=0> 12. <tr><td colspan=2><h3>Add New Meeting - Step 1</h3></td></tr> 13. <tr><td>Name: </td><td><input type="text" name="name"></td></tr> 14. <tr><td>Start Date & Time:</td> 15. <td> 16. <?createdate("start");?> 17. </td></tr> 18. <tr><td>End Date & Time: </td> 19. <td> 20. <?createdate("end");?> 21. <br><i>(YYYY-MM-DD HH:MM)</i></td></tr> 22. <tr><td colspan=2><input type="submit" name="addmeeting" value="Next"></td><tr> 23. </table> 24. <input type="hidden" name="step" value="2"> 25. </form> 26. <? 27. break; 28. case("2"): 29. ?><h2>Step 2 - Select Room</h2><? 30. session_register("fields"); 31. if($HTTP_POST_VARS['name'] == "") { 32. ?> 33. <h2>You must select a name!</h2> 34. <form action=<?=$page?> method="post"> 35. <input type="hidden" name="step" value="1"> 36. <input type="submit" name="addmeeting" value="Back"> 37. </form> 38. <? 39. } else { 40. $dbconn = connect(); 41. $sql = "select id from users where email = '$user'"; 42. $result = $dbconn->query($sql); 43. errortrap($result); 44. $result->fetchInto($r); 45. $fields['originator'] = $r['id']; 46. $fields['name'] = $HTTP_POST_VARS['name']; 47. $fields['startdate'] = $HTTP_POST_VARS['startyears'] . "-" . 
$HTTP_POST_VARS['startmonths'] . "-" . $HTTP_POST_VARS['startdays'] . " " . $HTTP_POST_VARS['starthours'] . $HTTP_POST_VARS['startminutes']; 48. $fields['enddate'] = $HTTP_POST_VARS['endyears'] . "-" . $HTTP_POST_VARS['endmonths'] . "-" . $HTTP_POST_VARS['enddays'] . " " . $HTTP_POST_VARS['endhours'] . $HTTP_POST_VARS['endminutes']; 49. $sql = "select room from meetings where startdate <= '" . $fields['enddate'] . "' AND enddate >= '" . $fields['startdate'] . "' AND room != '0'"; 50. $result = $dbconn->query($sql); 51. errortrap($result); 52. meetingdisplay($fields); 53. ?> 54. <p> 55. <h3>The following rooms are available for your meeting time:</h3> 56. <form action=<?=$page?> method=post> 57. <input type="hidden" name="step" value="3"> 58. <p>Select One: 59. <? 60. $sql = "select * from rooms where id != '"; 61. while($result->fetchInto($row)) { 62. $sql .= $row['room'] . "' AND id != '"; 63. } 64. $sql .= "-1'"; 65. $result = $dbconn->query($sql); 66. errortrap($result); 67. while($result->fetchInto($row)) { 68. $sql = "select * from rooms where id = '" . $row['id'] . "'"; 69. $resultroom = $dbconn->query($sql); 70. errortrap($resultroom); 71. $resultroom->fetchInto($roomrow); 72. if($roomrow['id'] == '0') { 73. ?> 74. <br><input type="radio" name="roomchoice" value="<?=$roomrow['id']?>" checked> <?=$roomrow['name']?> <?=$roomrow['location']?> 75. <? 76. } else { 77. ?> 78. <br><input type="radio" name="roomchoice" value="<?=$roomrow['id']?>"> <?=$roomrow['name']?> <?=$roomrow['location']?> 79. <? 80. } 81. } 82. ?> 83. <p><input type="submit" name="addmeeting" value="Next"> 84. </form> 85. <? 86. } 87. break; 88. case("3"): 89. ?><h2>Step 3 - Select Attendees</h2><? 90. $fields['roomchoice'] = $HTTP_POST_VARS['roomchoice']; 91. $busyuser = array(); 92. $openuser = array(); 93. meetingdisplay($fields); 94. ?> 95. <p>Select People to Invite (CTRL-Click to choose multiple. Be sure to invite yourself!): 96. <? 97. //determine from meetings table which people are available and which are not 98. $dbconn = connect(); 99. $sql = "select id from meetings where startdate <= '" . $fields['enddate'] . "' AND enddate >= '" . $fields['startdate'] . "'"; 100. $result = $dbconn->query($sql); 101. errortrap($result); 102. while($result->fetchInto($row)) { 103. $sql = "select userid from meetingusers where meeting = '" . $row['id'] . "' order by userid"; 104. $userresult = $dbconn->query($sql); 105. errortrap($userresult); 106. while($userresult->fetchInto($row2)) { 107. $busyuser[$row2['userid']] = $row2['userid']; 108. } 109. } 110. $sql = "select id from users"; 111. $result = $dbconn->query($sql); 112. errortrap($result); 113. while($result->fetchInto($row)) { 114. $count = 0; 115. if(sizeof($busyuser) > 0) { 116. foreach($busyuser as $buser) { 117. if($row['id'] == $buser) { 118. $count++; 119. } 120. } 121. } 122. if($count == 0) { 123. $openuser[] = $row['id']; 124. } 125. } 126. ?> 127. <form action="<?=$page?>" method="post"> 128. <select name="attendees[]" size="8" multiple> 129. <? 130. foreach($openuser as $ouser) { 131. $row = datafromid($dbconn, "users", $ouser); 132. printf("<option value=%s>%s, %s</option>", $row['id'], $row['last'], $row['first']); 133. } 134. foreach($busyuser as $buser) { 135. $row = datafromid($dbconn, "users", $buser); 136. printf("<option value=%s>%s, %s (busy)</option>", $row['id'], $row['last'], $row['first']); 137. } 138. ?> 139. </select> 140. <input type="hidden" name="step" value="4"> 141. <p><input type="submit" name="addmeeting" value="Next"> 142. </form> 143. <? 144. break; 145. case("4"): 146. ?><h2>Step 4 - Define Agenda and Phone/Web Options< /h2><? 147. if(sizeof($fields['attendees']) == 0) { 148. if($HTTP_POST_VARS['attendees'] != "") { 149. $fields['attendees'] = $HTTP_POST_VARS['attendees']; 150. } 151. } 152. if(sizeof($fields['attendees']) == 0) { 153. ?> 154. <h2>You must select at least one attendee!</h2> 155. <form action=<?=$page?> method="post"> 156. <input type="hidden" name="step" value="3"> 157. <input type="submit" name="addmeeting" value="Back"> 158. </form> 159. <? 160. } else { 161. meetingdisplay($fields); 162. ?> 163. <p>Define Phone, Web, and Agenda: 164. <form action="<?=$page?>" method="post"> 165. Agenda:<br><textarea cols="20" rows="5" name="agenda"></textarea> 166. <br>Web Address: <input type="text" name="web"> 167. <br>Phone Number: <input type="text" name="phone"> 168. <input type="hidden" name="step" value="5"> 169. <p><input type="submit" name="addmeeting" value="Next"> 170. </form> 171. <? 172. } 173. break; 174. case("5"): 175. ?><h2>Step 5 - Confirmation</h2><? 176. if($HTTP_POST_VARS['agenda'] == "") { 177. ?> 178. <h2>You must enter an agenda!</h2> 179. <form action=<?=$page?> method="post"> 180. <input type="hidden" name="step" value="4"> 181. <input type="submit" name="addmeeting" value="Back"> 182. </form> 183. <? 184. } else { 185. $fields['agenda'] = $HTTP_POST_VARS['agenda']; 186. $fields['web'] = $HTTP_POST_VARS['web']; 187. $fields['phone'] = $HTTP_POST_VARS['phone']; 188. meetingdisplay($fields); 189. ?> 190. <h2>Click the button below to schedule your metting!</h2> 191. <form action=<?=$page?> method="post"> 192. <input type="hidden" name="step" value="6"> 193. <input type="submit" name="addmeeting" value="Finish!"> 194. </form> 195. <? 196. } 197. break; 198. case("6"): 199. ?><h2>Finished!</h2><? 200. $dbconn = connect(); 201. $id = $dbconn->nextID('meeting_id',true); 202. errortrap($id); 203. $sql = "insert into meetings values('$id', '" . $fields['name'] . "','" . $fields['startdate'] . "','" . $fields['enddate'] . "','" . $fields['roomchoice'] . "','" . $fields['agenda'] . "','" . $fields['phone'] . "','" . $fields['web'] . "','" . $fields['originator'] . "')"; 204. $result = $dbconn->query($sql); 205. errortrap($result); 206. foreach($fields['attendees'] as $attendee) { 207. $sql = "insert into meetingusers values('$id', '$attendee')"; 208. $result = $dbconn->query($sql); 209. errortrap($result); 210. } 211. session_unset(); 212. session_destroy(); 213. notifyusers($id); 214. choices(); 215. break; 216. default: 217. head(); 218. ?> 219. <h3>There was an error. Please restart from the beginning.</h3> 220. <? 221. session_unset(); 222. session_destroy(); 223. ?> 224. <form action=<?=$page?> method="post"> 225. <input type="hidden" name="step" value="1"> 226. <input type="submit" name="addmeeting" value="Restart"> 227. </form> 228. <? 229. break; 230. } //end switch 231. } //end addmeetingwizard 232. 233. function meetingdisplay($fields) { 234. ?> 235. <h3>Meeting: <?=$fields['name']?></h3> 236. <h4>Start: <?=$fields['startdate']?></h4> 237. <h4>End: <?=$fields['enddate']?></h4> 238. <? 239. if(sizeof($fields) > 4) { 240. ?> 241. <h4>Room: 242. <? 243. $dbconn = connect(); 244. $row = datafromid($dbconn, "rooms", $fields['roomchoice']); 245. printf("%s - %s", $row['name'], $row['location']); 246. ?> 247. </h4> 248. <? 249. } 250. if(sizeof($fields) > 5) { 251. ?> 252. <h4>Attendees:</h4> 253. <? 254. foreach($fields['attendees'] as $attendee) { 255. $row = datafromid($dbconn, "users", $attendee); 256. printf("<li>%s, %s - <a href=mailto:%s>%s</a>", $row['last'], $row['first'], $row['email'], $row['email']); 257. } 258. } 259. if(sizeof($fields) > 6) { 260. ?> 261. <h4>Agenda: <?=$fields['agenda']?></h4> 262. <h4>Web: <?=$fields['web']?></h4> 263. <h4>Phone: <?=$fields['phone']?></h4> 264. <? 265. } 266. } //end meetingdisplay 267. 268. function viewschedule($email) { 269. $dbconn = connect(); 270. $sql1 = "select id from users where email = '$email'"; 271. $result1 = $dbconn->query($sql1); 272. errortrap($result1); 273. $result1->fetchInto($row1); 274. $userid = $row1['id']; 275. $sql2 = "select meeting from meetingusers where userid = '$userid'"; 276. $result2 = $dbconn->query($sql2); 277. errortrap($result2); 278. $bgcolor = "#FFFF99"; 279. ?> 280. <p>You have the following meetings on your schedule: 281. <p><table border=1 cellspacing=0 cellpadding=4> 282. <tr bgcolor="<?=$bgcolor?>"><td colspan=3><b>Meeting Name</b></td></tr> 283. <tr bgcolor="<?=$bgcolor?>"><td><b>Start</b></td><td><b>End</b></td><td><b>Location</ b></td></tr> 284. <? 285. $bgcolor ="#FFFFFF"; 286. while($result2->fetchInto($row2)) { 287. $row3 = datafromid($dbconn, "meetings", $row2['meeting']); 288. $room = datafromid($dbconn, "rooms", $row3['room']); 289. ?> 290. <tr bgcolor="<?=$bgcolor?>"><td colspan=2><a href=<?=$page?>?action=viewmeetingdetails&id=<?=$row2['meeting']?>><?=$row3['name']?></ a></td><td> 291. <? 292. $sql = "select originator from meetings where id = '" . $row2['meeting'] . "'"; 293. $result = $dbconn->query($sql); 294. errortrap($result); 295. $result->fetchinto($r); 296. if($r['originator'] == $userid) { 297. ?><a href=<?=$page?>?action=deletemeeting&id=<?=$row2['meeting' ]?>><b>Cancel</b><? 298. } else { 299. echo " "; 300. } 301. ?> 302. </td></tr> 303. <tr bgcolor="<?=$bgcolor?>"><td><?=$row3['startdate']?></td> 304. <td><?=$row3['enddate']?></td><td><?=$room['name']?><br><?=$room['location']?></td></ tr> 305. <? 306. if($bgcolor == "#FFFFFF") { 307. $bgcolor = "#FFFF99"; 308. } else { 309. $bgcolor = "#FFFFFF"; 310. } 311. } 312. ?> 313. </table> 314. <? 315. } //end viewschedule 316. 317. 318. function view_meeting_details($id) { 319. $dbconn = connect(); 320. $row = datafromid($dbconn, "meetings", $id); 321. $row2 = datafromid($dbconn, "users", $row['originator']); 322. $row3 = datafromid($dbconn, "rooms", $row['room']); 323. $originator = $row2['first'] . " " . $row2['last']; 324. ?> 325. <h3>Meeting Details</h3> 326. <table border=1 cellspacing=0 cellpadding=5> 327. <tr><td>Meeting Name: <?=$row['name']?></td><td>Orginator: <?=$originator?></td></tr> 328. <tr><td>Start Time: <?=$row['startdate']?></td><td>End Time: <?=$row['enddate']?></ td></tr> 329. <tr><td>Room: <?=$row3['name']?></td><td>Location: <?=$row3['location']?></td></tr> 330. <tr><td colspan=2>Invited Guests: 331. <? 332. $sql = "select * from meetingusers where meeting = '$id'"; 333. $result = $dbconn->query($sql); 334. errortrap($result); 335. while($result->fetchinto($r)) { 336. $users = datafromid($dbconn, "users", $r['userid']); 337. ?> 338. <li><?=$users['first']?> <?=$users['last']?> 339. <? 340. } 341. ?> 342. </td> 343. <tr><td colspan=2>Agenda:<br><pre><?=$row['agenda']?></pre></td></tr> 344. <tr><td colspan=2>Website: <?=$row['web']?> </td></tr> 345. <tr><td colspan=2>Call-in Number: <?=$row['phone']?> </td></tr> 346. </table> 347. <? 348. } 349. 350. function deletemeeting($id) { 351. $dbconn = connect(); 352. $row = datafromid($dbconn, "meetings", $id); 353. $row2 = datafromid($dbconn, "users", $row['originator']); 354. $name = $row['name']; 355. $start = $row['startdate']; 356. $end = $row['enddate']; 357. $originator = $row2['first'] . " " . $row2['last']; 358. $subject = "Meeting $name Cancelled!"; 359. $msg = "The meeting $name scheduled by $originator has been cancelled.\n"; 360. $msg .= "The meeting was to take place from $start to $end\n"; 361. $msg .= "If you log in to the Meeting Manager, you will see the meeting has been removed from your schedule.\n"; 362. $sql = "select * from meetingusers where meeting = '$id'"; 363. $result = $dbconn->query($sql); 364. errortrap($result); 365. while($result->fetchinto($r)) { 366. $r2 = datafromid($dbconn, "users", $r['userid']); 367. $to = $r2['email']; 368. if(!mail($to, $subject, $msg, "From: Meeting Tracker Admin <noreply@example.com?")) { 369. echo "<h1>Mail Failed!</h1>"; 370. } 371. echo "<h3>Meeting Cancelled</h3>"; 372. } 373. $sql1 = "delete from meetings where id = '$id'"; 374. $result1 = $dbconn->query($sql1); 375. errortrap($result1); 376. $sql2 = "delete from meetingusers where meeting = '$id'"; 377. $result2 = $dbconn->query($sql2); 378. errortrap($result2); 379. } 380. 381. function notifyusers($id) { 382. $dbconn = connect(); 383. $row = datafromid($dbconn, "meetings", $id); 384. $row2 = datafromid($dbconn, "users", $row['originator']); 385. $name = $row['name']; 386. $start = $row['startdate']; 387. $end = $row['enddate']; 388. $originator = $row2['first'] . " " . $row2['last']; 389. $subject = "Meeting $name Scheduled!"; 390. $msg = "A meeting has been scheduled: $name.\n Scheduled by $originator.\n"; 391. $msg .= "The meeting will take place from $start to $end\n"; 392. $msg .= "If you log in to the Meeting Manager, you will see the meeting has been added your schedule.\n"; 393. $sql = "select * from meetingusers where meeting = '$id'"; 394. $result = $dbconn->query($sql); 395. errortrap($result); 396. while($result->fetchinto($r)) { 397. $r2 = datafromid($dbconn, "users", $r['userid']); 398. $to = $r2['email']; 399. if(!mail($to, $subject, $msg, "From: Meeting Tracker Admin <noreply@example.com?")) { 400. echo "<h1>Mail Failed!</h1>"; 401. } 402. } 403. } 404. 405. function check_user($user, $password) { 406. $timestamp = date("m-d-Y H:i:s (T)"); 407. $dbconn = connect(); 408. $password_enc = substr(md5($password), 0, 8); 409. //echo "<P>USERPASS:" . $user . $password_enc; 410. $sql = "select * from users where email = '$user' and pass = '$password_enc'"; 411. $result = $dbconn->query($sql); 412. errortrap($result); 413. if ($result->numRows() == 1) { 414. setcookie("user",$user); 415. setcookie("password",$password); 416. error_log("Sucessful login by $user on $timestamp\n",3,"sucessful_logins.txt"); 417. return 1; 418. } else { 419. setcookie("user"); 420. setcookie("password"); 421. ?> 422. <h3>Sorry, you are not authorized!</h3> 423. <? 424. error_log("Failed login attempt by $user on $timestamp\n",3,"failed_logins.txt"); 425. return 0; 426. } 427. } 428. 429. function login() { 430. global $page; 431. ?> 432. <h1>You must log in to view this page</h1> 433. <form action = "<?=$page?>" method="post"> 434. <P>Email: <input type="text" name="user"><br> 435. Password: <input type="password" name="password" maxlength="8" size="8"><br> 436. <input type="submit" name="submit" value="Submit"> 437. </form> 438. <? 439. } 440. 441. function choices() { 442. ?> 443. <p> 444. <li><A href="<?=$page?>?action=viewschedule">View Schedule</a> 445. <li><A href="<?=$page?>?action=addmeeting">Add A Meeting</a> 446. <? 447. } 448. 449. /***** MAIN *****/ 450. $page = "meeting.php"; 451. require_once("meeting_inc.php"); 452. if(!isset($user) or !check_user($user, $password)) { 453. login(); 454. } else { 455. if(isset($addmeeting)) { 456. addmeetingwizard($HTTP_POST_VARS['step']); 457. } elseif(isset($action)) { 458. switch($action) { 459. case("viewschedule"): 460. head(); 461. choices(); 462. viewschedule($user); 463. break; 464. case("addmeeting"): 465. addmeetingwizard("1"); 466. break; 467. case("deletemeeting"): 468. head(); 469. choices(); 470. deletemeeting($id); 471. break; 472. case("viewmeetingdetails"): 473. head(); 474. choices(); 475. view_meeting_details($id); 476. break; 477. default; 478. break; 479. } //end switch 480. } else { 481. head(); 482. choices(); 483. } 484. } 485. 486. ?> 487. </body> 488. </html> Figure 9-2 shows an example of the Schedule View.
Figure 9-2. meeting.pgp viewing a schedule
Script 9-2. meeting.php Line-by-Line Explanation
| LINE | DESCRIPTION |
| 2 231 | Define a function, addmeetingwizard(), that guides the user through creating a meeting. This function takes one argument, the current step of the wizard. |
| 3 | Start a session to hold variables for the wizard. |
| 4 | Print out the beginning of the HTML for the page. We need to do this after the session_start() function, because sessions will not work if you have already printed text to a page. |
| 5 | Define some global variables that are used in the script. |
| 6 | Create a switch statement. Each case in the switch statement corresponds to a step in the wizard. |
| 7 27 | Begin the first step in the wizard. Here we ask the user for the name of the meeting, as well as the time duration on which the meeting occurs. Use a hidden form field to send the users to the next step when they submit this form. |
| 28 87 | Begin step two of the wizard. This step first checks to see if the user entered a name for the meeting. If no name is entered, the user is sent back to step one. If the user has entered a name, then the script creates an array called $fields in which to store the values for the meeting. The script also gets the id for the user and enters it into the $fields array as the originator of the meeting. It then adds the name and times of the meeting into the $fields array. The current information that has been entered is displayed on the screen using the meetingdisplay() function. The script then goes on to determine which rooms are available and lists the open rooms, as well as the "virtual" room. Once the user selects a room, the script goes to step three. |
| 88 144 | Begin step three of the wizard. Determine which users have already been scheduled for a meeting, and place them in the list with the word "(busy)" next to their name. Once the user has selected the attendees, go on to step four. |
| 145 173 | Begin step four of the wizard. Verify that at least one user has been selected as an attendee. If no users have been selected as attendees, then send the user back to step three. If at least one person has been selected as an attendee, then provide a form so that the user can enter the agenda, phone number, and Web site of the meeting. |
| 174 197 | Begin step five of the wizard. Verify that the agenda has been filled in. If it has not, then send the user back to step four. If the agenda has been filled in, then provide a button so that the user can finalize the meeting. |
| 198 215 | Enter the values from the session $fields array into the database and call the notifyuser() function to send email to all of the invited participants. |
| 216 229 | Provide a default case or the switch, in case anything happens to cause the function to skip over the other cases. Print an error message to the user. |
| 230 | Close out the switch statement started way back on line 6! |
| 231 | End the function declaration for addmeetingwizard(). |
| 233 266 | Define a function, meetingdisplay(), to display the details of the meeting while the user is going through the meeting creation wizard. Since the $fields array has items added to it during each step, we only show the information that the user has entered. |
| 268 315 | Define a function, viewschedule(), that allows the users to view all of their meetings at once within a table. This function also provides a link so that the users may view the full details of the meeting or, if they are the originator, a link to cancel a meeting. |
| 318 348 | Define a function, view_meeting_details(), that allows the user to view the full details for a particular meeting. |
| 350 379 | Define a function, deletemeeting(), that deletes a meeting from the database and notifies all the participants by email that the meeting has been cancelled. |
| 381 403 | Define a function, notifyusers(), that sends out email notifying the users that they have been invited to a new meeting. |
| 405 427 | Define a function, check_user(), that verifies a user login. This is similar to the function used in Chapter 7. |
| 429 439 | Define a function, login(), that prints a form allowing the user to log in. |
| 441 447 | Define a function, choices(), that allows users to view their schedules or schedule new meetings. |
| 449 | Begin the main program. |
| 450 | Define the $page variable that is used in the functions that have forms. |
| 451 | Require the meeting_inc.php script, as it contains some functions used by this script. |
| 452 453 | Check to see if the user is logged in. If not, call the login() function so that the user may log in. |
| 454 456 | If the user is logged in and the $addmeeting variable is set, then we know the user is in the middle of the meeting creation wizard. Send the user back to the wizard. |
| 457 479 | If the user is logged in and the $action variable is set, then we know the user is starting or finishing a particular task. Send the user to the correct function depending on which action is being taken. |
| 480 483 | If the user is logged in but not creating a meeting or doing any other tasks, then provide some options to do something with the choices() function. |
| 484 | Close out the if statement started on line 452. |
| 486 | End the PHP for the page. |
| 487 488 | End the HTML for the page. |
Figure 9-3 shows an example of the Meeting Detail View.
Figure 9-3. meeting.php viewing meeting details
meeting_inc.php
meeting_inc.php contains code used by both meeting.php and admin.php.
Script 9-3 meeting_inc.php
[View full width]
1. <? 2. 3. /***** FUNCTIONS *****/ 4. function connect() { 5. ini_set("include_path", "G:\apache\Apache\php\pear"); 6. require_once("DB.php"); 7. $type = "mysql"; 8. $username = "php"; 9. $password = "password"; 10. $host = "localhost"; 11. $database = "meeting"; 12. $dsn = $type . "://" . $username . ":" . $password . "@" . $host . "/" . $database; 13. $dbconn = DB::connect($dsn); 14. errortrap($dbconn); 15. $dbconn->setFetchMode(DB_FETCHMODE_ASSOC); 16. return $dbconn; 17. }//end connect 18. 19. function errortrap($result) { 20. if(DB::isError($result)) { 21. ?><h3>There was an error!</h3><? 22. die($result->getMessage()); 23. } 24. } //end errortrap 25. 26. function datafromid($dbconn, $table, $id) { 27. $sql = "select * from $table where id = '$id'"; 28. $result = $dbconn->query($sql); 29. errortrap($result); 30. $result->fetchInto($row); 31. return $row; 32. } //end datafromid 33. 34. function createdate($type) { 35. $years = array("2002","2003","2004"); 36. $minutes = array(":00", ":15", ":30", ":45"); 37. $months = array(); 38. $days = array(); 39. $hours = array(); 40. for($i = 1; $i < 13; $i++) { 41. if($i < 10) { 42. $months[] = "0" . $i; 43. } else { 44. $months[] = $i; 45. } 46. } 47. for($i = 1; $i < 32; $i++) { 48. if($i < 10) { 49. $days[] = "0" . $i; 50. } else { 51. $days[] = $i; 52. } 53. } 54. for($i = 1; $i < 25; $i++) { 55. $hours[] = $i; 56. } 57. $fields = array("years", "months", "days", "hours", "minutes"); 58. foreach($fields as $field) { 59. ?> 60. <select name="<? echo $type . $field ?>"> 61. <? 62. foreach($$field as $item) { 63. echo"<option value=$item>$item</option>\n"; 64. } 65. ?> 66. </select> 67. <? 68. if($field == "days") { 69. echo " at "; 70. } 71. } 72. } //end createdate 73. 74. function head() { 75. ?> 76. <html> 77. <head> 78. <style type=text/css> 79. h1, h2, h3, p, td, li {font-family: verdana, sans-serif; } 80. </style> 81. </head> 82. <body bgcolor="#FFFFFF"> 83. <div align=center> 84. <table width="74%" border="0" cellspacing="0" cellpadding="0" height="128" bgcolor="#FFFFFF"> 85. <tr> 86. <td height="134" align="center"><h1>A Meeting Manager</h1></td> 87. </tr> 88. </table> 89. </div> 90. <? 91. } 92. ?> Script 9-3. meeting_inc.php Line-by-Line Explanation
| LINE | DESCRIPTION |
| 4 17 | Define a function, connect(), that establishes a connection to the database. Be sure to change the values so that they match your particular setup. |
| 19 24 | Define a function, errortrap(), that traps any PEAR DB errors that might occur. |
| 26 32 | Define a function, datafromid(), that selects all of the information from a particular table based on an id. This is used throughout the script and saves a lot of typing. |
| 34 72 | Define a function, createdate(), that creates a nice dropdown menu for date formats. |
| 74 91 | Define a function, head(), that prints out the beginning of the HTML for any given page. |
| 92 | End the PHP for the script. |
Figure 9-4 shows an example of the Create Meeting Wizard.
Figure 9-4. meeting.php create meeting wizard
admin.php
admin.php is the administration interface for the application.
Script 9-4 admin.php
[View full width]
1. <? 2. function adduserform() { 3. global $page; 4. ?> 5. <form action="<?=$page?>" method="post"> 6. <table border=0> 7. <tr><td colspan=2><h3>Add User</h3></td></tr> 8. <tr><td>First Name: </td><td><input type="text" name="first"></td></tr> 9. <tr><td>Last Name: </td><td><input type="text" name="last"></td></tr> 10. <tr><td>Phone: </td><td><input type="text" name="phone"></td></tr> 11. <tr><td>Email: </td><td><input type="text" name="email"></td></tr> 12. <tr><td>Password:</td><td><input type="text" name="password" size="8" maxlength="8"></ td></tr> 13. <tr><td colspan=2><input type="submit" name="adduser" value="Add User"></td></tr> 14. </table> 15. </form> 16. <? 17. } //end adduserform 18. 19. function adduser($HTTP_POST_VARS) { 20. if(($HTTP_POST_VARS['first'] or $HTTP_POST_VARS['last'] or $HTTP_POST_VARS['email'] or $HTTP_POST_VARS['password']) == "") { 21. return 0; 22. } else { 23. $dbconn = connect(); 24. $id = $dbconn->nextID('user_id',true); 25. if(DB::isError($id)) { 26. die($id->getMessage()); 27. } 28. $password = md5($HTTP_POST_VARS['password']); 29. $sql = "INSERT INTO users VALUES('$id', '" . $HTTP_POST_VARS['first'] . "','" . $HTTP_POST_VARS['last'] . "','" . 30. $HTTP_POST_VARS['phone'] . "','" . $HTTP_POST_VARS['email'] . "', '$password')"; 31. $result = $dbconn->query($sql); 32. errortrap($result); 33. return 1; 34. } 35. } //end adduser 36. 37. function addroomform() { 38. global $page; 39. ?> 40. <form action="<?=$page?>" method="post"> 41. <table border=0> 42. <tr><td colspan=2><h3>Add Room</h3></td></tr> 43. <tr><td>Name: </td><td><input type="text" name="name"></td></tr> 44. <tr><td>Location: </td><td><input type="text" name="location"></td></tr> 45. <tr><td colspan=2><input type="submit" name="addroom" value="Add Room"></td></tr> 46. </table> 47. </form> 48. <? 49. } //end addroomform 50. 51. 52. function addroom($HTTP_POST_VARS) { 53. $dbconn = connect(); 54. $id = $dbconn->nextID('room_id',true); 55. errortrap($id); 56. $sql = "INSERT INTO rooms VALUES('$id', '" . $HTTP_POST_VARS['name'] . "','" . $HTTP_POST_VARS['location'] . "')"; 57. $result = $dbconn->query($sql); 58. errortrap($result); 59. return 1; 60. } //end addroom 61. 62. function admin_choices() { 63. ?> 64. <li><a href="<?=$page?>?action=newuser">New User</a> 65. <li><a href="<?=$page?>?action=newroom">New Room</a> 66. <? 67. } 68. 69. /***** MAIN *****/ 70. 71. $page = "admin.php"; 72. require_once("../meeting_inc.php"); 73. 74. if(isset($addroom)) { 75. if(addroom($HTTP_POST_VARS)) { 76. echo "<h3>Room Added!</h3>"; 77. } 78. } 79. if(isset($adduser)) { 80. if(adduser($HTTP_POST_VARS)) { 81. echo "<h3>User Added!</h3>"; 82. } else { 83. ?> 84. <h2>You must enter First and Last Name, Email, and a Password!</h2> 85. <h3>Please Try Again</h3> 86. <? 87. adduserform(); 88. } 89. } 90. 91. if(isset($action)) { 92. switch($action) { 93. case("newuser"): 94. adduserform(); 95. break; 96. case("newroom"): 97. addroomform(); 98. break; 99. default: 100. echo "Bad Action"; 101. } 102. } 103. 104. admin_choices(); 105. ?> 106. </body> 107. </html> Script 9-4. admin.php Line-by-Line Explanation
| LINE | DESCRIPTION |
| 2 17 | Define a function, adduserform(), that prints out the form so the administrator can add a new user to the database. |
| 19 35 | Define a function, adduser(), that processes the data entered into the form above and adds a user to the database. |
| 37 49 | Define a function, addroomform(), that prints out a form so the administrator can add a new room to the database. |
| 52 60 | Define a function, addroom(), that processes the data entered from the form above and adds the room to the database. |
| 62 67 | Define a function, admin_choices(), that presents the administrator with the option of adding a new user or room to the database. |
| 69 | Begin the main program. |
| 71 | Define the $page variable that is used in the above function to submit forms. |
| 72 | Require the meeting_inc.php script so that this script can use its functions. |
| 74 78 | If the $addroom variable is set, then we know the administrator has submitted the form to add a room. Call the addroom() function to add the room. |
| 79 89 | If the $adduser variable is set, then we know the administrator has submitted the form to add a user. Verify that the First Name, Last Name, Email, and Password fields have been filled out, then call the addroom() function to add the room. |
| 91 102 | If the $action variable is set, then we know that the administrator has clicked on one of the links from the admin_choices() function. Take the required action depending on which link was clicked. |
| 104 | Execute the admin_choices() function so that the administrator can add rooms or users. |
| 105 | End the PHP for the script. |
| 106 107 | End the HTML for the page. |
|
 |
