Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creating a Dynamic Web Site Stewart Blakeway FML 208

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Creating a Dynamic Web Site Stewart Blakeway FML 208"— Presentation transcript:

1 Creating a Dynamic Web Site Stewart Blakeway FML 208 blakews@hope.ac.uk

2 http://hopelive.hope.ac.uk/computing/ What will we cover  Deleting Records  Amending Records

3 http://hopelive.hope.ac.uk/computing/ Why  You need to authenticate the user before allowing them to delete/amend records  You need to be able to delete/amend records as a user and as an administrator  With conditions

4 http://hopelive.hope.ac.uk/computing/ User Sessions  You will have to authenticate the log in of the user in order to allow the addition of records into the database  You have to follow certain steps in order to ensure that the user is who they claim to be  Refer to slides from last week if you have forgotten how to do this

5 http://hopelive.hope.ac.uk/computing/ Deleting Data  Before we allow the deletion of data we need to ensure the user is logged in  We have to establish if the user is authorised to delete the record  The user added that particular book  The user has administrator privileges

6 http://hopelive.hope.ac.uk/computing/ Deleting Structure if user not logged in { display login link } else { display form to select record display the selected record and confirm deletion delete the selected record }

7 http://hopelive.hope.ac.uk/computing/ Further refinement if form not yet displayed { display form to select record to delete } else if record selected { display the selected record } else if delete confirmed { delete the record }

8 http://hopelive.hope.ac.uk/computing/ Checking to see if the user has logged in <?php if (!isset($_SESSION[‘username']) { echo "not authorised"; echo " Login "; } else { // DISPLAY THE FORM }

9 http://hopelive.hope.ac.uk/computing/ Displaying the form  This form is different to the forms we have already seen. So far we have seen a form that passes data to itself and does a simple if else check if (!isset($_POST[‘viewed’])) { // Display form } else { // Process Data }

10 http://hopelive.hope.ac.uk/computing/ 3 Checks  This time we have 3 major checks with the processing of the form 1. Has form been displayed? 2. Has user selected the record? 3. Has user confirmed deletion of the record?

11 http://hopelive.hope.ac.uk/computing/ Display Records and Get Users Selection Show user their selection and Confirm Delete Delete / Not Delete the Record

12 http://hopelive.hope.ac.uk/computing/ 3 Checks if (!isset($_POST[‘selected’])) { // Display form and get selection } if (isset ($_POST[‘selected’])) { // Display selection for confirmation } if (isset ($_POST[‘delete’])) { // Delete the record }

13 http://hopelive.hope.ac.uk/computing/ Another Check  Just because the user is logged in does not mean that they are authorised to delete the record!  Should user Smith be able to delete an entry added by Williams?  What about the administrator of the website or the content manager?

14 http://hopelive.hope.ac.uk/computing/ Simple Check if user != user that initially added the record { display “not authorised”; } else { delete the record }

15 http://hopelive.hope.ac.uk/computing/ Refined if user != user that initially added the record or user != “administrator” { display “not authorised”; } else { delete the record }

16 http://hopelive.hope.ac.uk/computing/ What about future growth?  Initially your website is small and only has two or three administrators.  As your website grows your administration team will grow.  What if your administration team becomes four strong?

17 http://hopelive.hope.ac.uk/computing/ Not a great solution! if user != user that initially added the record or user != “administrator” or user != “content_administrator” or user != “designer_administrator” or user != “stradministrator” { display “not authorised”; } else { delete the record }

18 http://hopelive.hope.ac.uk/computing/ What about now? if user != user that initially added the record or user_level != “administrator” { display “not authorised”; } else { delete the record }

19 http://hopelive.hope.ac.uk/computing/ so far! if user authorised if form not displayed if record selected if delete confirmed if user = original user if user level = administrator and couple of whiles (for the extraction of data) That ’ s a lot of {{{{}}}}} and we haven ’ t even included any validation of the text entry boxes!

20 http://hopelive.hope.ac.uk/computing/ Indentation & Comments  Your code is growing with each conditional IF you insert.  You have to indent your code so that it reads well.  You have to comment your code throughout.  Failure to comment code and indent throughout will result in marks being deducted Better Still – Break your code down into functions, try not to over use functions though

21 http://hopelive.hope.ac.uk/computing/ Display Records and Get Users Selection Show user their selection and Confirm Delete Delete / Not Delete the Record function showRecords() function showSelected() function deleteRecord()

22 http://hopelive.hope.ac.uk/computing/ So how do we delete? DELETE FROM table WHERE something = ‘ something' DELETE FROM `user` WHERE name = 'Carl'

23 http://hopelive.hope.ac.uk/computing/ Amending Records Structure if form not yet displayed { display form to select record to amend } else if record selected { display the selected record allow amendments } else if amend confirmed { amend the record }

24 http://hopelive.hope.ac.uk/computing/ Displaying the form  This form is very similar to deleting a record in that there are three if conditions if (($_POST[viewed] != "yes") && ($_POST[viewed] != "amend")) { // Display form and Set viewed = “ yes ” } elseif ($_POST[viewed] != "amend") { // Process Data and Set viewed = “ amend ” } else { // Amend the Record }

25 http://hopelive.hope.ac.uk/computing/ Amending the Record $sql = “ UPDATE book SET ( ‘ username ’ = '$_POST[bUsername]', ‘ bookTitle ’ = '$_POST[bTitle]', ‘ bookType ’ = '$_POST[bType]', ‘ bookDesc ’ = '$_POST[bDesc]', ‘ bookPrice ’ = '$_POST[bPrice] ‘ WHERE ‘ bookID ’ = ‘ $_POST[bID] ’ )";

26 http://hopelive.hope.ac.uk/computing/ A Week Friday  Submission of Portfolio Exercises  Save onto CD  Submitted to Deanery Office by 3pm  Worth 40% of PBL 3

27 http://hopelive.hope.ac.uk/computing/ After Easter  Test  Submission of Website  Working Website  Connectivity to the database  Able to add/view/delete/update records  User able to register  User Login and Authentication  Appropriate validation on text fields  Appropriate use of CSS  Cross browser/platform support  Code must be commented throughout  Database  Team Report  Reflection

28 http://hopelive.hope.ac.uk/computing/ Test  2 Sections  10 Multiple Choice Questions worth 10 marks  Code to debug, 15 Errors worth 30 marks

29 http://hopelive.hope.ac.uk/computing/ Example Question Question – Which best describes an Associate Array? a)Associate Arrays use a numbered index; you can specify the index with any integer value. An associative array is principally the same as an ordinary array – however instead of labelled indexes you use integers. b)Associate Arrays do not use a numbered index; you can specify the index with meaningful names. An associative array is principally the same as an ordinary index array – however instead of numbered indexes you use labels. c)Associate Arrays do not use an index at all; when you build the array the items are sorted automatically which eliminates the need for such an index. d)Associate Arrays are a combination of two or more arrays with a relationship to the parent array of the parent class. The child class or child array within the child class will inherit all the values from the parent array contained within the parent class.

30 http://hopelive.hope.ac.uk/computing/ Example Code $conn = mysql_connect("localhost","stewart",""); mysql_select_database("sbass",$conn); if (($_POST[viewed] != "yes") & ($_POST[viewed] != "amend")) { echo " Select Entry "; $get_list = "SELECT bookTitle FROM book"; $get_list_res = mysql_query(get_list); echo " Select a Record to View <select name=\"sel_book\" -- Select a Book -- "; … 5 Errors – Can you spot them?

31 http://hopelive.hope.ac.uk/computing/ Example Code $conn = mysql_connect("localhost","stewart",""); mysql_select_db("sbass",$conn); if (($_POST[viewed] != "yes") && ($_POST[viewed] != "amend")) { echo " Select Entry "; $get_list = "SELECT bookTitle FROM book"; $get_list_res = mysql_query($get_list); echo = " Select a Record to View -- Select a Book -- "; …

32 http://hopelive.hope.ac.uk/computing/ Any Questions?

33 http://hopelive.hope.ac.uk/computing/ Conclusion

Download ppt "Creating a Dynamic Web Site Stewart Blakeway FML 208"

Similar presentations

CINAHL DATABASE FOR HINARI USERS: nursing and allied health information (Module 7.1)

CINAHL DATABASE FOR HINARI USERS: nursing and allied health information (Module 7.1)
UOW Purchasing Card Application Coding & Approval Presentation.

UOW Purchasing Card Application Coding & Approval Presentation.
How to Enter Time/Leave Select: Log In Enter your CCU User Name and Password * Once logged in, Select: Employees * Note: (if you do not know it, click.

How to Enter Time/Leave Select: Log In Enter your CCU User Name and Password * Once logged in, Select: Employees * Note: (if you do not know it, click.
Organisation Of Data (1) Database Theory www.ICT-Teacher.com.

Organisation Of Data (1) Database Theory
09/04/2015Unit 2 (b) Back-Office processes Unit 2 Assessment Criteria (b) 10 marks.

09/04/2015Unit 2 (b) Back-Office processes Unit 2 Assessment Criteria (b) 10 marks.
1 CS2SPE- Group project presentation Haia Al-Majali Bojin Zhou Rania Ali Suraj Patel Fatima Tunc Victoria Casas Sam Diab 19 th March 2008.

1 CS2SPE- Group project presentation Haia Al-Majali Bojin Zhou Rania Ali Suraj Patel Fatima Tunc Victoria Casas Sam Diab 19 th March 2008.
COM621 Interactive Web Development Dr. Jose Santos MS 017A.

COM621 Interactive Web Development Dr. Jose Santos MS 017A.
Indistar: Updates, Additions, and Coming Soon Stephanie Benedict, ADI.

Indistar: Updates, Additions, and Coming Soon Stephanie Benedict, ADI.
NMED 3850 A Advanced Online Design February 25, 2010 V. Mahadevan.

NMED 3850 A Advanced Online Design February 25, 2010 V. Mahadevan.
Faculty of Sciences and Social Sciences HOPE Different Users and Uploading Files Stewart Blakeway FML 213

Faculty of Sciences and Social Sciences HOPE Different Users and Uploading Files Stewart Blakeway FML 213
Faculty of Sciences and Social Sciences HOPE User Sessions & The Include Statement Stewart Blakeway FML 213

Faculty of Sciences and Social Sciences HOPE User Sessions & The Include Statement Stewart Blakeway FML 213
Faculty of Sciences and Social Sciences HOPE PHP & MySQL Stewart Blakeway FML 213

Faculty of Sciences and Social Sciences HOPE PHP & MySQL Stewart Blakeway FML 213
Faculty of Sciences and Social Sciences HOPE PHP – Working with Input Stewart Blakeway FML 213

Faculty of Sciences and Social Sciences HOPE PHP – Working with Input Stewart Blakeway FML 213
Faculty of Sciences and Social Sciences HOPE Uploading Resources Stewart Blakeway FML 213

Faculty of Sciences and Social Sciences HOPE Uploading Resources Stewart Blakeway FML 213
PHP (2) – Functions, Arrays, Databases, email and sessions.

PHP (2) – Functions, Arrays, Databases, and sessions.
J4www/jea Week 3 Version 2.3.2009Slide edits: nas1 Format of lecture: Assignment context: CRUD - “update details” JSP models.

J4www/jea Week 3 Version Slide edits: nas1 Format of lecture: Assignment context: CRUD - “update details” JSP models.
Reference and Instruction Automated Statistics Gathering and Reporting System Members: Patrick Chen (pyc7) Soo-Yung Cho (sc444) Gregg Herlacher (gah24)

Reference and Instruction Automated Statistics Gathering and Reporting System Members: Patrick Chen (pyc7) Soo-Yung Cho (sc444) Gregg Herlacher (gah24)
New Student Orientation Registration System Stephen Nakamura EE496 Final Presentation Fall 2008.

New Student Orientation Registration System Stephen Nakamura EE496 Final Presentation Fall 2008.
Quick Start Guide. This 22 page introduction to the Financial Assessment Subsystem provides the user with a visual overview of the components of the system.

Quick Start Guide. This 22 page introduction to the Financial Assessment Subsystem provides the user with a visual overview of the components of the system.
Software Development, Programming, Testing & Implementation.

Software Development, Programming, Testing & Implementation.

Similar presentations

Ads by Google