Creating a PHP CMS – Part 6
This post is part of a series about creating a PHP CMS. Click here to start from the beginning.
In today's post, I will be showing you how to create administration functions for editing and deleting posts, and setting a new default home page.
First, inside the 'admin' directory, create these files:
- edit.php
- update.php
- confirm.php
- delete.php
- sethome.php
edit.php will have a form for making changes to a page, and update.php will do the actual work with the database. confirm.php will just be a page to confirm that you want to delete a file, and delete.php will delete the file. sethome.php will be used to change the home page.
Updating Pages
First, paste the contents of new.php into edit.php. In edit.php, call the connect() function right after including function.php, and add the following code after the </p> closing tag for the 'body' field.
<p> <label for="date">Change the date?</label> <input type="checkbox" name="date" value="1" /> </p>
This adds a checkbox asking if you would like to change the post's date to today's date. Now, between the textarea tags for the body text, add in this code.
<?php echo $body; ?>
So that you don't have to add in from memory parts of the page that you do not want to change.
Finally, change value of the the action attribute of the form element to
update.php?id=<?php echo $id; ?>
Now enter the following code in update.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | <?php // Update database tables require_once '../config.php'; require_once '../functions.php'; connect(); // Get the page id $id = $_GET['id']; // Check if the title is entered if ($_POST['title']) { $title = mysql_real_escape_string($_POST['title']); } else { echo '<p>The title is empty.</p>'; } // Check if the body is entered if ($_POST['body']) { $body = mysql_real_escape_string($_POST['body']); } else { echo '<p>The body is empty.</p>'; } // If the title and body are both entered, insert into the database if ($title && $body) { // Check if they want to change the date if (isset($_POST['date'])) { // Get Unix time $date = mysql_real_escape_string(time()); mysql_query("UPDATE pages SET title='$title', body='$body', date='$date' WHERE id='$id'"); } else { mysql_query("UPDATE pages SET title='$title', body='$body' WHERE id='$id'"); } } else { echo '<p><a href="edit.php">Back</a></p>'; } ?> |
This basically does the same thing as when we were inserting posts, except this time we are using UPDATE to modify existing records in the database. You might also see that we are using if (isset($_POST['date'])) to check if the 'change the date' checkbox is checked. If it is, we set a new date.
Deleting Pages
Our confirm.php file will be extremely simple, with just some links to confirm deletion of the page. We are focusing entirely on functionality, and you can easily style this page (and all of the other pages) after functionality is complete. After all, who wants a site that looks good, but does absolutely nothing?
<p>Are you sure?</p> <ul> <li><a href="<?php echo $_POST['id']; ?>">Yes</a></li> <li><a href="index.php">No</a></li> </ul>
Just add in that code into a page with your styling in place. I was originally just going to use p tags, but I'm pretty sure that that wouldn't be semantic enough.
Now we can get to the actual 'action' with delete.php! There actually isn't that much 'action' going on, though, with just 6 lines of code. (Plus 5 lines of whitespace, and 2 lines of comments)
1 2 3 4 5 6 7 8 9 10 11 12 13 | <?php // Delete records require_once '../functions.php'; connect(); // Get page id $id = $_GET['id']; mysql_query("DELETE FROM pages WHERE id='$id'"); ?> |
This simply includes functions.php, connects to the database, stores the page ID in a variable, and runs a MySQL query using DELETE FROM. This just deletes a record from a database table. Be sure that you don't forget to include WHERE, because if you don't that will empty your entire table! Trust me, this has happened to me before.
Now you should be able to get to edit.php and confirm.php from our admin table in part 5. Test everything out to make sure it's working properly.
Setting the Home Page
Remember, we also added a link to set a specific page as the home page in our admin table. To do this, simply paste the contents of delete.php into sethome.php. Don't worry, we won't be deleting our home page.
Delete everything in between parentheses on the line with mysql_query and replace it with
"UPDATE settings SET value='$id' WHERE name='homePage'"This simply updates the value of the 'homePage' setting to match the ID of the page you chose.
That's it for this part of the series, be sure to subscribe to the RSS Feed for updates. In the next post in this series, I will talk about restricting access to the admin area using usernames and passwords.
Learned a lot.
This has been a great series. You have done a remarkable job of making all of this understandable for the ley person. I feel like I am on my way to becoming good at this.
~RW
R.W. Jackson: Thanks! I'm glad you like it.
Hi, I'm so glad of this tutorial. It precise and understandable.
Thank you
Honestly, I have to say that this is the best method for constructing a CMS from scratch that I've seen yet. As someone with very little PHP/SQL programming background, this has greatly eased my pain and suffering while building a CMS for the website I maintain for work, from scratch. I've used much of the structure you developed, though with some minor changes to fit our design and setup. I'll be perusing the rest of your site to see what else you have for future ideas.
BW