Need to sctript a blog-entry page [HTML/PHP]

[RidleyofZebes]

Okay, I'm making a website for my friend's cosplay group. Everything's going great so far, especially considering that I'm coding the entire thing in notepad. We have an excellent layout, an actual purpose for the site, and most importantly, a steady stream of content. So, yeah. I'm pretty happy with it.

A technical complication has cropped up in the actual use of the site though. If I were the only one using the website, this wouldn't be a problem. But that's not the case. I have 5-6 other people who will be updating it as well. My original plan was to just pull the news page down, type up the entry, save it and re-upload. (It's what I did with my last site.) But not all of the people in the group are experienced enough to make this practical.

That being said, I'm looking for a tutorial to create a simple page that will allow the different users to type up their own post title, post text, _possibly_ attach files, and submit it with little to no mess or fuss, and have the main news page update itself accordingly. Hopefully, it will also read and apply the name the user is logged in under, as well as the date and time.

Now, I know beggars can't be choosers, but I know a decent amount of HTML/PHP/Java, so I might just be able to tweak it to get it to cooperate, but let me state once again, I am a student, not a master. This is more of a learning experience for me than anything else.

Any help will be greatly appreciated. Even if it's just a tutorial from someone's blog I wasn't fortunate enough to stumble across, that'll be okay too. (I've already tried google, but apparently I don't know the right keywords for what I'm looking for. )

Thanks in advance, and I'll be checking in later.

[Mithrandir]

It seems like you really want a database back-end to store the data, a php script to query it, and an HTML output to the end user. There are probably dozens of open source scripts to do exactly what you're saying, but if you want to roll your own, it shouldn't be too hard. What kind of database do you have access to (if any)?

[RidleyofZebes]

It seems like you really want a database back-end to store the data, a php script to query it, and an HTML output to the end user. There are probably dozens of open source scripts to do exactly what you're saying, but if you want to roll your own, it shouldn't be too hard. What kind of database do you have access to (if any)?

I feel kinda embarrassed... I actually had to look up what you meant by "database back-end". >.< I don't know as much as I thought, apparently.

By database, I assume you mean MySQL or something similar, correct?

Assuming this is a server-type program that you install on your system:
I had put this off because it seemed complicated... But it now looks like it's necessary. I haven't yet installed any sort of database software. If you know of a really good free one, I'll look it up immediately. Waiting for your recommendation.

If you meant what is resident on the web server where the site is hosted:
We don't have a domain yet. I'm running the page out of a folder on my computer. Although I intend to find a temporary place to host the skinless website for my partners-in-crime to review during the ongoing design process, I won't know what we have to work with until we have it.

Also, if you happen to know where any of those open-source scripts are, I'd love to take a look at them. If "rolling my own" proves to be too complex, I just may use one as a last resort.

...though rolling my own would be preferable.

[Mithrandir]

The typical setup is called LAMP, which stands for Linux Apache MySQL and either PHP or Perl. ( http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 ) I prefer perl, but PHP is probably easier for a beginner to pick up if all you want to do is web stuff (Sorry, Midori!!!).

I use MySQL with both PHP and Perl for web stuff; it just depends on what I want to do.

HIH

[RidleyofZebes]

Ah, this is great. I wish I had known about these 2 years ago. XD After a bit of searching, looks like I'll be going with the XAMPP package. Wish me luck. lol

[RidleyofZebes]

Parse error: syntax error, unexpected $end in C:\XAMPP\htdocs\website\test.php on line 128

...Where 128 is the last line of code, consisting of a ?>

This has happened with every PHP script i've run so far. I can't figure out what i'm doing wrong. Can someone help the noob again? >.<

[Mithrandir]

Without seeing the rest of the page, I'm afraid I can't help much. What's the rest of the page?

[RidleyofZebes]

Okay... well, basically, that was the entire page. that was all that would display. (see the attachment?) I was trying to run a simple, free script just to see if it would work. It was this one right here:

Code: Select all

<?php

// Author: PHPFront.com © 2005
// License: Free (GPL)
//
// Version: 1.1
//
// Created: 8.12.2005
//
// More information and downloads
// available at http://www.PHPFront.com
//
// #### poll.php ####



include("admincp/config.php");



$user_ip = $_SERVER['REMOTE_ADDR'];

$ipquery = mysql_query("SELECT * FROM fpoll_ips WHERE ip='$user_ip'");
$select_banned = mysql_num_rows($ipquery);

if($select_banned){

   //display results
   
   
   $poll = mysql_fetch_array(mysql_query("select * from fpoll_poll"));
   $question = $poll['question'];
   
   $countvotes = mysql_query("select votes from fpoll_options");
   while ($row = mysql_fetch_assoc($countvotes)) {
       $totalvotes += $row["votes"];
   }
         
   echo("<div class=poll>$question

");
   
   $get_questions = mysql_query("select * from fpoll_options");
   while($r=mysql_fetch_array($get_questions)){
   
   
      extract($r);
      $per = $votes * 100 / $totalvotes;
      $per = floor($per);
      
      echo htmlspecialchars($field);
      ?> <strong><? echo("$votes"); ?></strong>

      <div style="background-color: <? echo config(bg1); ?>;"><div style="color: <? echo config(text); ?>; font-size: <? echo config(size); ?>px; text-align: right;background-color: <? echo config(bg2); ?>; width: <? echo($per); ?>%;"><? echo("$per%"); ?></div></div>
      <?
         
   }
   
   echo("
Total votes: <strong>$totalvotes</strong></div>");
   
   
   
   
   
}else{





//if the submit button was pressed
if($_POST['submit']){
   
   //grab vars
   $vote = $_POST['vote'];
   $refer = $_POST['refer'];
   
      
   //update numbers
   $update_totalvotes = "UPDATE fpoll_poll SET totalvotes = totalvotes + 1";
   $insert = mysql_query($update_totalvotes);
   
   $update_votes = "UPDATE fpoll_options SET votes = votes + 1 WHERE id = $vote";
   $insert = mysql_query($update_votes);
         
   //add ip to stop multiple voting
   $ip = $_SERVER['REMOTE_ADDR'];
   $addip = mysql_query("INSERT INTO fpoll_ips (ip)". "VALUES ('$ip')");

   
   //send the user back to thepage they were just viewing
   header("Location: $refer");
   
   
      
}   

   $uri = $_SERVER['REQUEST_URI'];
   
   //display the form!
   ?><div class="poll"><form action="/Fpoll/poll.php" method="post"><?
      
   $poll = mysql_fetch_array(mysql_query("select * from fpoll_poll"));
   $question = $poll['question'];
         
   echo("$question

");
   
   
   $getcurrent = mysql_query("select * from fpoll_options ORDER by id");
   while($r=mysql_fetch_array($getcurrent)){
      
      extract($r);
      
      ?><input type="radio" name="vote" value="<? echo($id); ?>" class="radiobutton" /> <? echo($field); ?>
<?
      
   }   
      
      
   ?>
   <input type="hidden" name="refer" value="<? echo $_SERVER['PHP_SELF']; ?>" />
   <input type="submit" name="submit" value="Submit" />
   </form></div>
   <?   
   
   
   
}



?>


it had reviews where I got it from saying it worked fine, and the demo on the site worked too...


Oh, and this script:

Code: Select all

<?
phpinfo();
?>


Displayed a blank page, while this script:

Code: Select all

<script language="php">
phpinfo();
</script>


worked correctly. What's up with that? I hope it's a simple problem like I installed something incorrectly. I'm lost. XD

[Mithrandir]

I would suggest you use:

Code: Select all

<?PHP
phpinfo();
?>


instead. I don't think the server will like it much with just <? instead of <?PHP at the beginning.

Also, I don't think you can break out of PHP using the ?> while you're inside a loop (identified by } ). Instead, when you need to display some HTML, do it with a print <<<EOF loop:

Code: Select all

print <<<EOF
 <p>this is some html</p>
EOF;


[RidleyofZebes]

OK, I changed all the <? to <?PHP and it seemed to work... but now I'm getting a whole new set of errors. Unfortunately, they have nothing to do with my main goal, and would only entail debugging an irrelevant script. I figured out how to get my scripts to work; I don't have time to debug someone else's. Seriously, what is up with all these downloadable scripts!? XD Either I'm doing something terribly wrong, or you have to heavily modify any script you wanna use to get it to work. >.<

UPDATE:
I've been coming along in leaps and bounds. Thanks to a few tutorial sites (that, coincidentally, I've had bookmarked for years), I now have half of the necessary script. I know it's a mess, but I'll format it after I get it doing EVERYTHING it needs to.

The log in page:

Code: Select all

<form method="post" action="post.php">
<table>
<tr><td>Username:</td><td><input type="text" name="username" /></td></tr>
<tr><td>Password:</td><td><input type="password" name="password" /></td></tr>
<tr><td align="center"><input type="submit" name="login" value="Log In" /></td></tr>
</table>
</form>


The PHP code:

Code: Select all

<?php
session_start();
$user = "YourName";
$pass = "yourpass";
if($_POST['username'] == $user & $_POST['password'] == $pass)
{
$_SESSION['logged_in'] = "true";
$_SESSION['username'] = $_POST['username'];
echo('<meta name="refresh" content="0; url=page.php" />');
}
if(!isset($_SESSION['logged_in']))
  {
  echo('You must log in to view this page.
<a href="login.html">Click here</a> to log in.');
  }
else
    {
?>

<?php
$usern = $_SESSION['username'];
$title = $_POST["title"];
$post = $_POST["post"];
if (!isset($_POST['submit'])) {
?>
<html>
<head>
<title>Create Entry</title>
</head>
<body>
<?php
echo "You are logged in as:
<b>".$usern."</b>.

";
?>
<form method="post" action="<?php echo $PHP_SELF;?>">
Post Title:
<input type="text" size="36" maxlength="128" name="title">

Post Content:
<textarea rows="24" cols="100" name="post" wrap="physical"></textarea>

<input type="submit" value="Submit Post" name="submit">
</form>
<?php
} else {
$v0 = "Posted by <b>".$usern."</b> on ".date("F dS, Y @ h:i:sa").".";
$v1 = "".$title.".";
$v2 = "$post";

$file = "post.txt";
 
$values = "$v0\r\n $v1\r\n $v2\r\n";
 
$fp = fopen($file, "w") or die("Couldn't open $file for writing!");
$numBytes = fwrite($fp, $values) or die("Couldn't write values to file!");
 
fclose($fp);
echo "Wrote $numBytes bytes to $file successfully!";
}
?>

<?php
    }
?>


Basically, it creates a text document that I now have to figure out how to query line by line to insert it into the news section on the home page. I'm amazed how far I've come in 48 hours. XD

[RidleyofZebes]

...Okay, I'm stuck. XD Everything was working fine until I tried to implement multiple users. Had everything perfect except I could only use one user. Here's the modified, buggy code:

Code: Select all

<?php
session_start();
$usernames = array("user1", "user2", "user3", "admin");
$passwords = array("pass1", "pass2", "pass3", "");

for($i=0;$i<count($usernames);$i++){
  $logindata[$usernames[$i]]=$passwords[$i];
}
{
$_SESSION['logged_in'] = "true";
$_SESSION['username'] = $_POST['username'];
echo('<meta name="refresh" content="0; url=post.php" />');
}
if(!isset($_SESSION['logged_in']))
  {
  echo('You must log in to view this page.
<a href="login.html">Click here</a> to log in.');
  }
else
    {
?>

<?php
$usern = $_SESSION['username']; \\Here, I create $usern to display the user's login name both in the form and in the data file to be displayed on the front page.
$title = $_POST["title"];
$post = $_POST["post"];
if (!isset($_POST['submit'])) {
?>

<html>
  <head>
    <title>Create Entry</title>
  </head>
  <body>
    <table align="center" border="0">
      <tr>
        <td>
          <form method="post" action="<?php echo $PHP_SELF;?>">
            Post Title:
<input type="text" size="36" maxlength="128" name="title">

        </td>
        <td align="center">
          <?php echo "You are logged in as:
<b>".$usern."</b>

";?>    \\$usern works fine here, but..

        </td>
      </tr>
      <tr>
        <td colspan="2">
            Post Content:
<textarea rows="10" cols="67" name="post" wrap="physical"></textarea>

        </td>
      </tr>
      <tr>
        <td>
            <input type="submit" value="Submit Post" name="submit">
        </td>
        <td>
            <a href="logout.php">Click here to log out and go back to the main page.</a>
        </td>
          </form>
        </td>
      </tr>
    </table>
  </body>
</html>

<?php
} else {
$v0 = "Posted by <b>".$usern."</b> on ".date("F dS, Y @ h:i:sa").".";
$v1 = "$title";
$v2 = "$post";

$file = "post.txt";

$old = file_get_contents($file, 1);

$v3 = str_replace(array("\r\n", "\r", "\n"), "
", $v2);

$values = '
<!--POST BEGIN-->
        <tr>
          <td align="center" valign="top">
            <img src="img/avatar100.jpg" class="avatar">
          </td>
          <td align="left">
            <font size="8" class="ptitle">'.$v1.'</font>
           

            <font size="2" align="right">'.$v0.'</font>  \\Somewhere before here, $usern gets eaten. why?
           

          </td>
        </tr>
        <tr>
          <td>
          </td>
          <td>
            <p class="post">'.$v3.'</p>
          </td>
        </tr>
<!--POST END-->'.$old.'';
 
$fp = fopen($file, "w") or die("Couldn't open $file for writing!");
$numBytes = fwrite($fp, $values) or die("Couldn't write values to file!");
 
fclose($fp);
echo '[align=center]News article posted successfully!
 Click <a href="logout.php">here</a> to log out and return

to the main page. [/align]';
}
?>

<?php
    }
?>


As JarJar once said: "Any help here would be hot."

[Mithrandir]

It looks like you're breaking the } across multiple <?PHP lines again...

Code: Select all

<?php
    }
?>


[RidleyofZebes]

>.< Gah... I forgot to fix that... Sorry, I'll get that outta the way.

[Mithrandir]

Also, hash arrays are probably more suited to what you want to accomplish. A hash associates one identifier (like a username) directly with another (like a password):

Code: Select all

$in-user = $_REQUEST{username};
$in-pass = $_REQUEST{password};
$user_array = array(
 'user1' => 'pass1',
 'user2' => 'pass2',
 'user3' => 'pass3'
);
if ($user_array{$in-user} == $in-pass)
{
 # is valid user
}
else
{
 # is not valid user
}


Also, I have to say the above is not very secure. In the event that there's any problem with the server, and the PHP code gets displayed to the web, all usernames and passwords are shown in plaintext. Consider php's md5() function which converts a string into a 32 character bit of gobbeldygook. Note that the "salt" below is to prevent rainbow tables from allowing a trivial look-up.

Code: Select all

$salt = 'some random text 78sdga698ags987asg90';
$in-pass = $_REQUEST{password};
$encrypted_password = md5($salt . $in-pass);


Of course, you'll need to store the password (which will look like: 827b8d6a08e12a73bd94275d9fd15d36 in the compare string. You can find the md5 of your password by just doing a print md5('yourpasswordgoeshere');

HIH

[RidleyofZebes]

Helped incredibly, thank you, Mith! =D I got it working, complete with MD5 hash on the passwords. (This is a really neat little tool for that, btw. o.o)

There is one thing I was wondering about tho... I'm afraid I made a bit of a Frankenstein with a system I rigged up to keep only the first 10 posts on the main page. It works, but man it sure is ugly.

Basically, I have 11 text files in the /posts directory, p0 through p9, plus a file named archive. It takes the contents of p9 and writes it to the beginning of the archive file, writes p8 over p9, p7 over p8 and so forth, then writes the input over p0. p0 through p9 display on the main page, and the archive file displays when "older posts" is clicked.

The code for it is here, and hopefully you'll see what I mean when I say ugly. >.<

Code: Select all

$d0 = "post/p0.txt";
$d1 = "post/p1.txt";
$d2 = "post/p2.txt";
$d3 = "post/p3.txt";
$d4 = "post/p4.txt";
$d5 = "post/p5.txt";
$d6 = "post/p6.txt";
$d7 = "post/p7.txt";
$d8 = "post/p8.txt";
$d9 = "post/p9.txt";
$ar = "post/archive.txt";

$n0 = file_get_contents($d0, 1);
$n1 = file_get_contents($d1, 1);
$n2 = file_get_contents($d2, 1);
$n3 = file_get_contents($d3, 1);
$n4 = file_get_contents($d4, 1);
$n5 = file_get_contents($d5, 1);
$n6 = file_get_contents($d6, 1);
$n7 = file_get_contents($d7, 1);
$n8 = file_get_contents($d8, 1);
$n9 = file_get_contents($d9, 1);
$na = file_get_contents($ar, 1);

$v0 = ''.$n0.'';
$v1 = ''.$n1.'';
$v2 = ''.$n2.'';
$v3 = ''.$n3.'';
$v4 = ''.$n4.'';
$v5 = ''.$n5.'';
$v6 = ''.$n6.'';
$v7 = ''.$n7.'';
$v8 = ''.$n8.'';
$v9 = ''.$n9.'';

$var = ''.$n9.'
'.$na.'';
 
$fp10 = fopen($ar, "w") or die("Couldn't open $start for writing!");
fwrite($fp10, $var) or die("Couldn't write values to file!");
fclose($fp10);

$fp9 = fopen($d9, "w") or die("Couldn't open $start for writing!");
fwrite($fp9, $n8) or die("Couldn't write values to file!");
fclose($fp9);

$fp8 = fopen($d8, "w") or die("Couldn't open $start for writing!");
fwrite($fp8, $n7) or die("Couldn't write values to file!");
fclose($fp8);

$fp7 = fopen($d7, "w") or die("Couldn't open $start for writing!");
fwrite($fp7, $n6) or die("Couldn't write values to file!");
fclose($fp7);

$fp6 = fopen($d6, "w") or die("Couldn't open $start for writing!");
fwrite($fp6, $n5) or die("Couldn't write values to file!");
fclose($fp6);

$fp5 = fopen($d5, "w") or die("Couldn't open $start for writing!");
fwrite($fp5, $n4) or die("Couldn't write values to file!");
fclose($fp5);

$fp4 = fopen($d4, "w") or die("Couldn't open $start for writing!");
fwrite($fp4, $n3) or die("Couldn't write values to file!");
fclose($fp4);

$fp3 = fopen($d3, "w") or die("Couldn't open $start for writing!");
fwrite($fp3, $n2) or die("Couldn't write values to file!");
fclose($fp3);

$fp2 = fopen($d2, "w") or die("Couldn't open $start for writing!");
fwrite($fp2, $n1) or die("Couldn't write values to file!");
fclose($fp2);

$fp1 = fopen($d1, "w") or die("Couldn't open $start for writing!");
fwrite($fp1, $n0) or die("Couldn't write values to file!");
fclose($fp1);

$fp0 = fopen($d0, "w") or die("Couldn't open $start for writing!");
fwrite($fp0, $new) or die("Couldn't write values to file!");
fclose($fp0);

After thinking about it for awhile, I'm wondering if there's an easier way to do this... maybe, a way where the posts are stored as variables, or maybe all just stored in one file; kind of like how multiple user names/passwords are stored in one file and the code is able to query them individually.

Like I said, it works as-is, but there's gotta be a better way. XD I'm looking for a tutorial or something right now, honestly.

[Cap'n Nick]

First off, you could make your existing system a bit more expandable by using arrays. Putting in some loops shortens the code and also makes it possible to change the number of posts you want to deal with:

Code: Select all


$post_count = 10;

$ar = 'post/archive.txt';
$na = file_get_contents($ar, 1);

$d = array();
$n = array();
$v = array();

for($post_index = 0; $post_index < $post_count; $post_index++) {
  $d[$post_index] = 'post/p' . $post_index . '.txt';
  $n[$post_index] = file_get_contents($d[$post_index], 1);
  $v[$post_index] = '' . $n[$post_index] . '';
}

$var = '' . $n[$post_count] . '' . $na . '';
$fp = array();

$fp[$post_count] = fopen($ar, "w") or die("Couldn't open $start for writing!");
fwrite($fp[$post_count], $var) or die("Couldn't write values to file!");
fclose($fp[$post_count]);

for($post_index = $post_count - 1; $post_index > 0; $post_index--) {
  $fp[$post_index] = fopen($d[$post_index], "w") or
    die("Couldn't open $start for writing!");
  fwrite($fp[$post_index], $n[$post_index - 1]) or
    die("Couldn't write values to file!");
  fclose($fp[$post_index]);
}

$fp[0] = fopen($d[0], "w") or die("Couldn't open $start for writing!");
fwrite($fp[0], $new) or die("Couldn't write values to file!");
fclose($fp[0]);



The kind of data you're dealing with would also work well in an XML file. PHP has some good extensions for dealing with XML, some of which are outlined here. This would give you a nice object-oriented way of dealing with your entries as well as simple load and save functions.

And of course, there's always the database. Here's a short tutorial on using MySQL for running a blog.

[Kaligraphic]

Not to be a spoilsport, but why not just use a free blog engine like Wordpress or something? Or you could even do the whole site in something like Joomla, and all you'd have to do codewise is a bit of customization on a template.

[Mithrandir]

According to OP, "this is more of a learning experience" so we're bypassing a discussion of tools like that.

Be very careful about using text files or XML in this way, if there is ANY possibility that two people may try to edit the file(s) at the same time. If two writes happen, you could end up with garbage (if your fs doesn't handle the contention properly) or lost data (if the code properly "dies" because it cannot open something.)

[RidleyofZebes]

Mithrandir, Capn' Nick? I wanna thank you guys for all of your help. I couldn't have done it without you. I now have a extremely well-functioning site that does everything I stated in the opening post and then some. I have increased my knowledge of PHP tenfold, and am now actually decent with a language that I will continue to use for many years in the future.

If you want to check it out, it's here:
http://www.HMCosplay.tk

Since the site isn't scheduled to actually 'go live' until the middle of next month sometime, there are still a lot of testing posts and people getting used to the features, as well as some bugs here and there. Also, I still need to get together with the art crew on my end and get a decent skin going instead of the one I slapped on it. But in the end, the framework of the site is established and running.

Again, I wanted to thank you for your support. It's been a thoroughly enjoyable learning experience.