Specifications
If $story is not set, the preceding code will produce no value from the PHP statement, so the
headline input box will be blank. If $story is set, it will contain the headline text for the story
being edited.
echo query_select(“page”,
“select p.code, p.description
from pages p, writer_permissions w
where p.code = w.page
and w.writer = ‘$auth_user’”, $s[page]);
The function query_select() is defined in select_fns.php and returns the HTML code to
produce a SELECT list from a given SQL query. The first parameter is the NAME attribute for the
SELECT. The SQL query in the second parameter selects two columns, where the first is the
VALUE part of each option, and the second appears after the OPTION tag and is the text actually
displayed in the list. The third parameter is optional. It adds a
SELECTED attribute to the option
whose value matches the specified value.
<INPUT TYPE=HIDDEN NAME=”story” VALUE=”<?echo $story;?>”>
This sets up a placeholder variable, setting the new value for story from the passed in $story.
When the form is submitted, story_submit.php checks whether there is a value for $story
and generates an SQL UPDATE or INSERT statement accordingly.
The code for story_submit.php is shown in Listing 26.7.
LISTING 26.7 story_submit.php Is Used to Insert or Update a Story in the Database
<?
// story_action.php
// add / modify story record
include (“include_fns.php”);
$conn = db_connect();
$time = time();
if ( ($html) && (dirname($html_type) == “text”) ) {
$fp = fopen($html, “r”);
$story_text = addslashes(fread($fp, filesize($html)));
fclose($fp);
}
if ($story) { // It’s an update
$sql = “update stories
Building a Content Management System
C
HAPTER 26
26
CONTENT
MANAGEMENT
SYSTEMS
609
32 7842 ch26 3/6/01 3:36 PM Page 609