|
|
|
Site Navigation
Join and learn FrontPage
|
Designing
FrontPage forms for MySQL using PHP Since many people who use FrontPage do not host on a Window’s server, we receive many requests asking how to create forms on Linux servers running Apache. Most of these servers also have MySQL databases and PHP scripting languages, since many distributions of Linux comes with these included. The requirements to follow this example are:
First, open FrontPage and select-- File | New | Page or Webpage. This will open the side panel. From the side panel, select Empty Web (name it dataweb), then—From New Template | Page Templates. Select--Form Page Wizard from the pages offered. The form page wizard will began to run. Select Next and a box with Add over it will appear. Select add to add form information. The list of options now appears. Under the type of input to collect for this question, includes-- Contact Information. Select it, and click next. A check-box options list will appear, select the following:
Click on Next. The next screen will offer you the option of editing the text above the form, but for now, leave it as the default. Now we need to decide what presentation options to select. Let us check – Normal paragraphs, No table of contents and use table to align form. Click-- Next-- to arrive at the output options. For our purpose, select - use custom CGI script. What this does is direct the form output to a file named custom.cgi. We can change this later to direct our results to a php page. Now, select 'Finish' to complete the form. You may wonder why not just use a CGI file for the output. You can, however in order the run a CGI file, the file must reside in a cgi-bin directory. One of the great advantages of php is that an interpreter reads the code and the results are returned as html. So, the script can be executed anywhere an html file can be viewed. Now, we can select a theme. Select-- Format | Theme, select your theme. (Any theme is o.k.) Select the HTML view of your new page, and look at the script we have created. Save the page as index.htm. Notice that right under <body>, the <H1> banner area. Delete the current text and enter <H1>Contact Information</H1>. You can also change the Title to Contact information. The top of the page should look like this: <HTML> <HEAD> <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252"> <meta http-equiv="Content-Language" content="en-us"> <TITLE>New Page 1</TITLE> <meta name="Microsoft Theme" content="echo 011"> </HEAD> <BODY> <div style="border-style: groove"> <H1 align="center">Contact information</H1> </div> <HR> <P> This is an explanation of the purpose of the form ...</P> <FORM METHOD="POST" ACTION="process.php"> <P> Please provide the following contact information:</P> <BLOCKQUOTE> <TABLE> <TR> <TD ALIGN="right"> <EM>First Name</EM></TD> <TD> And so forth… Notice the form area. The first line says, FORM METHOD=”POST” ACTION=”…etc. This line defines how and where the form information goes on completion. The method means it is sent (posted) to another page for processing and the Action tells it the name of that page. Now since the web is unpublished, the file referenced will be on your hard drive. Look at the way each field of the form sets up, INPUT TYPE=TEXT NAME= the field name, and finally the size determines the input area length. The names used by FrontPage are fine, but one thing to remember, is that Linux and MySQL are case sensitive, so if you use the default field names, all references to these fields must exactly match the default names. Therefore, we have eleven fields for our database. Next, we will create the data entry page. Click on the new page icon on the right side of the tool bar and create a new blank page. Click on the tab area of the new page, and change the name to process.php. Save the file using the same name. To setup the database, check with your hosting company on database creation. Most will provide a database management program like phpMyAdmin, which simplifies the database creation process. In the manager, add a user named “user”. You can use the phpMyAdmin GUI to create the database or copy and paste into your SQL window the following: Create database contact; /* Your database may add your root name to the database name. In my case, the lhost is added by MySQL, so below you will see the full name lhost_contact. */ Select go or the enter button on the GUI. Then enter this: Grant
select, insert, index, alter, create on lhost_contact.* to user; /*Once again, the root name is appended giving the user name of lhost_user.*/ Again, enter this command. To setup the table, the following will work: Create
TABLE
customer(
Contact_FirstName
char(
25
)
not
null
,
Contact_LastName
char(
25
)
not
null
primary
key
,
Contact_StreetAddress
char(
35
)
,
Contact_Address2
char(
35
)
,
Contact_City
char(
35
)
,
Contact_State
char(
35
)
,
Contact_ZipCode
char(
12
)
,
Contact_Country
char(
25
)
,
Contact_HomePhone
char(
25
)
,
Contact_Email
char(
100
)
not
null
,
Contact_URL
char(
100
)
not
null
) Complete
the entry. This
sets up a table named ‘customer’ in the database named ‘contact’.
In addition to the normal database users, the ‘lhost_user’ will be
the default name for transactions on the database.
This will restrict the form from being used as a gateway for crackers.
The rights for ‘lhost_user’ are restricted to this database and do
not include the ability to grant other privileges to itself or others. Back
in FrontPage, go to process.php. We
are ready to receive the data from the index.htm page. <html> <head> <meta
http-equiv="Content-Language" content="en-us"> <meta
http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta
name="GENERATOR" content="Microsoft FrontPage 5.0"> <meta
name="ProgId" content="FrontPage.Editor.Document"> <title>Database
entry results</title> </head> <body> <H1>Data
Entry Results</H1> <?
/* This starts the php code section.
If you need to place a code area on a FrontPage .htm page, use the <%
to start the code and %> to end it. The
|| means or in PHP.
So it reads- if not $Contact_FirstName or not …*/ if
(!$Contact_FirstName || !$Contact_LastName || !$Contact_Email || !$Contact_URL )
{
echo "You have not filled out
all required details. Please go
back and try again.";
exit;
//This makes sure the require information is added. } /* Here
we assign php variables and make sure dangerous code is excluded by using the
addslashes feature. This make sure
that code entered in your form, can not be executed. If I were writing this code
for a production server, I would use different names for the variables on the
database side. The reason for this
is to make it easier to debug and to make sure the incoming variables are not
being entered into the database without the addslashes function. */ $Contact_FirstName
= addslashes($Contact_FirstName); $Contact_LastName
= addslashes($Contact_LastName);
$Contact_StreetAddress
= addslashes($Contact_StreetAddress); $Contact_Address2
= addslashes($Contact_Address2); $Contact_City
= addslashes($Contact_City); $Contact_State
= addslashes($Contact_State); $Contact_ZipCode
= addslashes($Contact_ZipCode); $Contact_Country
= addslashes($Contact_Country); $Contact_HomePhone
= addslashes($Contact_HomePhone); $Contact_Email
= addslashes($Contact_Email); $Contact_URL
= addslashes($Contact_URL); //
Now we open the database. @
$db = mysql_pconnect("localhost", "lhost_user",
"password"); //Next
we check to see if it opened. If
(!$db) // The ! or 'bang' means, not
in php. {
echo "Error opening database.
Please try again later.";
exit; } mysql_select_db("lhost_contact");
//Selects the database. //
Then we write a string to hold the incoming data. $query
= "insert into customer values ('".$Contact_FirstName."',
'".$Contact_LastName."', '".$Contact_StreetAddress."',
'".$Contact_Address2."', '".$Contact_City."', '".$Contact_State."',
'".$Contact_ZipCode."', '".$Contact_Country."', '".$Contact_HomePhone."',
'".$Contact_Email."', '".$Contact_URL."')"; /*
Each variable is surrounded by a single quote ' followed by a double quote
" then a period -The variable name-then the . period next " double
quote, ' single quote ' and separated by a comma. */ //
Now we query the SQL database.
$result
= mysql_query($query); //Check
results. If
($result)
Echo mysql_affected_rows()."
Contact fields inserted into the database."; //Prints results. //
Now we end the php. ?> </body> </html> You can copy and paste the above onto the process.php page. If the code inserts correctly, it will print out “11 Contact fields inserted into the database.” If you want a copy emailed to you, it’s easy at this point because the customer information is still contained in $results as well as each variable. The string - mail(string to, string subject, string message); can be defined like this: $to = “your_email_address”; $subject = “Contact alert”; $message = trim($Contact_FirstName.” “.Contact_LastName. “ “.$Contact_Email.” “. $Contact_URL); // Using any or all fields. Then to send the email: mail($to, $subject, $message); And that’s it. The form information has been entered into your database and an email of notification sent to the mailbox of your choice. Areas for additional improvement include:
|
Send mail to webmaster@ladatahost.com with questions or comments about this web site.The Ladata, Ladatahost and LaDataSoft
names, logos and intellectual property belong to LaData Software Development L.
L. C. All rights reserved.
|
