PHP Code for Create Categories in Blog Database
Content Management System: Blogs
- regular blog: home page
- small blog: home page
- tiny blog: home page
- blog: search
- blog: login
- blog: topic and replies viewing page
- blog: add topic to database
- blog: add reply to database
- blog: edit topic in database
- blog: create topic in database
- blog: delete topic in database
- blog: delete reply in database
- blog: create categories in database
- blog: edit categories in database
- blog: open or close topic
- blog: delete user account in members table
The blog's category creating page whose code is on this web page allows you to input all the categories at once, although there is an app that allows category editing—but that's a different app page. The category creating page's only goal is to let you create categories, and this involves one table of the MySQL db, blogcategories, which is where the category list is stored.
This page has these instructions: "Use letters, numbers, and underscores only in categories. Categories must be separated by commas with NO SPACES ANYWHERE and each category must be under 30 characters long, e.g.: fish,birds,mammals,insects." The script will separate the joined-up comma-separated input into discrete words and perform the SQL function INSERT INTO blogcategories with them.
On to the PHP code. As usual, we start with config.php, since without it, the MySQL-based blog would not be viable. You cannot relate to a db without knowing the magic words. Next, the security of the page is dealt with by ensuring the page visitor has the administrator's username. Note that the various pages on our blog app use both forms and URL query strings to transfer data between pages, so both POST and GET are checked for username, and if neither works, the visitor is sent to the login script. Not only is the username checked to ensure it is the administrator's username, the username is checked to make sure it has only 6 to 20 letters, numbers or underscore in it and no other characters—otherwise, it's off to the login script. If a hacker has put something nasty in the query string, he'll end up at the login script. All our blog app scripts have this same (almost) username checker at the top of the PHP section—except for the login script. We say "almost" because most pages (like this one) only allow the administrator access because most pages are about adding, deleting, or editing topics, replies, or categories. So, seeing if the username is the administrator's is in the user checker on most of these blog app pages.
The administrator's username is a bit silly, as you see. Feel free to change it (to AfDqC_1f3_DkI3j5k9N_ for example) when you register the administrator username and password, but you must use search and replace on ALL blog app pages searching for our silly name and replacing it with your not-as-silly name or you'll have more problems than a pregnant nun.
If your username matches the administrator's username, the table blogcategories gets created and then any category inputting is checked and sanitized, using strip_tags(), preg_replace(), and mysql_real_escape_string(). Next, the category adding form is echoed to the screen. Then the script uses the PHP explode() function to separate the input string into words that become elements in an array. Finally, the blogcategories table is filled with your categories, using the SQL command INSERT INTO. You get informed of the success or failure of your operation.
SAVE THIS PAGE AS: cms-blog-categories.php
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Creating Blog Categories—Content Management System (CMS)</TITLE>
<meta name="description" content="Creating Blog Categories—Content Management System (CMS)">
<meta name="keywords" content="Creating Blog Categories,Content Management System,Content Management System Articles,php,CMS,javascript, dhtml, DHTML">
<script language="javascript">
var cat=new Array();
mactest=(navigator.userAgent.indexOf("Mac")!=-1) //My browser sniffers
is_chrome = navigator.userAgent.toLowerCase().indexOf('chrome') > -1
Netscape=(navigator.appName.indexOf("Netscape") != -1)
msafari=(navigator.userAgent.indexOf("Safari")!= -1)
wsafari=0; if(!mactest&&msafari){wsafari=1;msafari=0}
is_opera = 0; if(window.opera){is_opera=1}
is_ie_mac = 0; is_ie=0;if(document.all){is_ie=1}
if(is_ie&&mactest){is_ie_mac=1}
function fix(){if(Netscape||is_opera){e=document.getElementById('top');e.style.marginTop='1px';e=document.getElementById('info');e.style.marginTop='1px';}}
</script>
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left;background-color:#ddd}
p, li {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 20px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
.url {position:absolute;top:0px;left:10px;width:989px}
.form {position:absolute;top:140px;left:200px;width:700px}
.form2 {position:absolute;top:340px;left:200px;width:700px}
.info {position:absolute;top:80px;left:45px;width:900px;border:1px solid blue;padding:6px;background-color:#bbb}
.side {position:absolute;top:160px;left:715px;width:277px;padding:6px;background-color:#bbb;border:1px solid blue}
</style>
</head>
<body onload='fix()'>
<?php
include_once"config.php";
$U=$_POST['username'];if (!isset($U)){$U=$_GET['username'];}
if (isset($U)&&preg_match("/[A-Za-z0-9_]{6,20}$/",$U)){if($U<>"DIRTY_dog_DROPPINGS_"){unset($U);}}else{unset($U);}
if (!isset($U)){echo '<script language="javascript">alert("You are not the Administrator. Go login again but you can only add replies or just read topics.");window.location="blog-login.php"; </script>';}
$sql = "CREATE TABLE IF NOT EXISTS blogcategories (
id int(11) NOT NULL auto_increment,
category varchar(30) NOT NULL,
PRIMARY KEY (id)
) ENGINE=MyISAM AUTO_INCREMENT=1";
mysql_query($sql);
$pattern1 = '/[^a-zA-Z0-9\\_\\,]/i';
$replacement = '';
$C=$_POST['category'];
$C=strip_tags($C);
$C=preg_replace($pattern1, $replacement, $C);
$C=mysql_real_escape_string($C);
if (strlen($C)<5) {unset($C);
echo "<div id='form' class='form'>
<form name='myform' method='post' action='cms-blog-categories.php?username=".stripslashes($U)."'>
<table width='700' border='0' cellpadding='2' cellspacing='2' align='center'>
<tr>
<td width='60'>Categories separated by commas, e.g.: fish,birds,mammals,insects</td><br>
<td><textarea name='category' cols='50' rows='22'></textarea></td>
</tr>
<tr>
<td> </td><td><input name='save' type='submit' value='Save Categories to DB'>
<input name='reset' type='reset' value='Reset'></td></tr>
</table>
</form>
</div>";
}
if (strlen($C)>4){
$ct = explode(",", $C);$n=count($ct);
for ($i=0;$i<$n;$i++) {
mysql_query("INSERT INTO blogcategories (id, category)
VALUES ('','".$ct[$i]."')") or die('Error ,saving failed');}
$rc = mysql_affected_rows();
if ($rc>0){echo '<script language="javascript">alert("The saving was successful.");window.location = "cms-blog.php?username='.$U.'";</script>';}
else{echo '<script language="javascript">alert("The saving was unsuccessful.");</script>';}
}
mysql_close();
?>
<div id='top' class='url'>
<h1>Creating Blog Categories—Content Management System (CMS)</h1>
<div id='info' class='info'>Use letters, numbers, and underscores only in categories. Categories must be separated by commas with NO SPACES ANYWHERE and each category must be under 30 characters long, e.g.: <b>fish,birds,mammals,insects</b>.<br></div>
</div>
</body>
</html>