Creating a PHP CMS – Part 6

This post is part of a series about creating a PHP CMS. Click here to start from the beginning.

In today's post, I will be showing you how to create administration functions for editing and deleting posts, and setting a new default home page.

First, inside the 'admin' directory, create these files:

  • edit.php
  • update.php
  • confirm.php
  • delete.php
  • sethome.php

edit.php will have a form for making changes to a page, and update.php will do the actual work with the database. confirm.php will just be a page to confirm that you want to delete a file, and delete.php will delete the file. sethome.php will be used to change the home page.

Updating Pages

First, paste the contents of new.php into edit.php. In edit.php, call the connect() function right after including function.php, and add the following code after the </p> closing tag for the 'body' field.

<p>
    <label for="date">Change the date?</label>
    <input type="checkbox" name="date" value="1" />
</p>

This adds a checkbox asking if you would like to change the post's date to today's date. Now, between the textarea tags for the body text, add in this code.

<?php echo $body; ?>

So that you don't have to add in from memory parts of the page that you do not want to change.

Finally, change value of the the action attribute of the form element to

update.php?id=<?php echo $id; ?>

Now enter the following code in update.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<?php
// Update database tables
 
require_once '../config.php';
require_once '../functions.php';
 
connect();
 
// Get the page id
$id = $_GET['id'];
 
// Check if the title is entered
if ($_POST['title']) {
    $title = mysql_real_escape_string($_POST['title']);
} else {
    echo '<p>The title is empty.</p>';
}
 
// Check if the body is entered
if ($_POST['body']) {
    $body = mysql_real_escape_string($_POST['body']);
} else {
    echo '<p>The body is empty.</p>';
}
 
// If the title and body are both entered, insert into the database
if ($title && $body) {
    // Check if they want to change the date
    if (isset($_POST['date'])) {
        // Get Unix time
        $date = mysql_real_escape_string(time());
 
        mysql_query("UPDATE pages SET title='$title', body='$body', date='$date' WHERE id='$id'");
    } else {
        mysql_query("UPDATE pages SET title='$title', body='$body' WHERE id='$id'");
    }
} else {
    echo '<p><a href="edit.php">Back</a></p>';
}
 
?>

This basically does the same thing as when we were inserting posts, except this time we are using UPDATE to modify existing records in the database. You might also see that we are using if (isset($_POST['date'])) to check if the 'change the date' checkbox is checked. If it is, we set a new date.

Deleting Pages

Our confirm.php file will be extremely simple, with just some links to confirm deletion of the page. We are focusing entirely on functionality, and you can easily style this page (and all of the other pages) after functionality is complete. After all, who wants a site that looks good, but does absolutely nothing?

<p>Are you sure?</p>
<ul>
    <li><a href="<?php echo $_POST['id']; ?>">Yes</a></li>
    <li><a href="index.php">No</a></li>
</ul>

Just add in that code into a page with your styling in place. I was originally just going to use p tags, but I'm pretty sure that that wouldn't be semantic enough.

Now we can get to the actual 'action' with delete.php! There actually isn't that much 'action' going on, though, with just 6 lines of code. (Plus 5 lines of whitespace, and 2 lines of comments)

1
2
3
4
5
6
7
8
9
10
11
12
13
<?php
// Delete records
 
require_once '../functions.php';
 
connect();
 
// Get page id
$id = $_GET['id'];
 
mysql_query("DELETE FROM pages WHERE id='$id'");
 
?>

This simply includes functions.php, connects to the database, stores the page ID in a variable, and runs a MySQL query using DELETE FROM. This just deletes a record from a database table. Be sure that you don't forget to include WHERE, because if you don't that will empty your entire table! Trust me, this has happened to me before.

Now you should be able to get to edit.php and confirm.php from our admin table in part 5. Test everything out to make sure it's working properly.

Setting the Home Page

Remember, we also added a link to set a specific page as the home page in our admin table. To do this, simply paste the contents of delete.php into sethome.php. Don't worry, we won't be deleting our home page.

Delete everything in between parentheses on the line with mysql_query and replace it with

"UPDATE settings SET value='$id' WHERE name='homePage'"

This simply updates the value of the 'homePage' setting to match the ID of the page you chose.

That's it for this part of the series, be sure to subscribe to the RSS Feed for updates. In the next post in this series, I will talk about restricting access to the admin area using usernames and passwords.

Click here for Part 7

Stay Updated

Did you enjoy this post? Don't miss a single post by getting free updates!

9 Comments

  1. August 21, 2009

    Learned a lot.

  2. August 21, 2009

    This has been a great series. You have done a remarkable job of making all of this understandable for the ley person. I feel like I am on my way to becoming good at this.

    ~RW

  3. August 21, 2009

    R.W. Jackson: Thanks! I'm glad you like it.

  4. David Melbourn
    June 8, 2010

    Hi, I'm so glad of this tutorial. It precise and understandable.

    Thank you

  5. March 9, 2011

    Honestly, I have to say that this is the best method for constructing a CMS from scratch that I've seen yet. As someone with very little PHP/SQL programming background, this has greatly eased my pain and suffering while building a CMS for the website I maintain for work, from scratch. I've used much of the structure you developed, though with some minor changes to fit our design and setup. I'll be perusing the rest of your site to see what else you have for future ideas.

    BW

  6. December 1, 2011

    Hi,

    I created update.php and edit.php: somehow, everything works fine but the database just doesn't get updated.

    Here's my code:
    <?php
    require_once '../nex_config.php';
    require_once '../functions.php';
    connect();

    $id = $_GET['id'];

    if($_POST['title'])
    {
    $title = mysql_real_escape_string($_POST['title']);
    }
    else
    {
    echo 'Please enter a title';
    }

    if($_POST['content'])
    {
    $content = mysql_real_escape_string(nl2br($_POST['content']));
    }
    else
    {
    echo 'Please enter text in the body';
    }

    if($title && $content)
    {

    if(isset($_POST['date']))
    {

    connect();

    $date = mysql_real_escape_string(time());
    mysql_query("UPDATE pages SET title='$title', content='$content', date='$date' WHERE id='$id'");
    echo '
    location.href="index.php";
    ';
    }

    else
    {

    connect();

    mysql_query("UPDATE pages SET title='$title', content='$content' WHERE id='$id'");
    echo '
    location.href="index.php";
    ';
    }
    }

    else
    {
    echo 'back';
    }

    ?>

  7. December 12, 2011

    I had problems with the update part of this tutorial. it was not gathering the ID and placing it in the action on the form, i sorted it by making a new function called pageID and then called the function.

    function pageID() {
    $_GET['id'];
    $pageID = (int) $_GET['id'];
    echo $pageID;
    }

    • December 12, 2011

      oops a mistake, i meant to post this.

      function pageID() {
      $pageID = (int) $_GET['id'];
      echo $pageID;
      }

Trackbacks/Pingbacks