tailieunhanh - PHP 5/MySQL Programming- P88

PHP 5/MySQL Programming- P88:computer programming has often been seen as a difficult and arcane skill. Programming languages are difficult and complicated, out of the typical person’s reach. However, the advent of the World Wide Web has changed that to some extent. It’s reasonably easy to build and post a Web page for the entire world to see. The language of the Web is reasonably simple, and numerous applications are available to assist in the preparation of static pages | 413 td colspan 5 center form action input type hidden name tableName value tableName input type submit value add a record form center td HERE output . table n return output end tToEdit Look carefully at the forms for editing and deleting records. These forms contain hidden fields with the table name key field name and record number. This information will be used by subsequent functions to build a query specific to the record associated with that particular table row. Creating a Generic Form to Edit a Record The table created in tToEdit calls a program called . This program accepts a one-record query. It prints out an HTML table based on the results of that query. The output of rToEdit is shown in Figure . The rToEdit function produces a very simple HTML table. Every field has a corresponding textbox. The advantage of this approach is that it works with any table. However the use of this form is quite risky. The user should not be allowed to change the primary key because that would edit some other record which could have disastrous results. The operationlD field is a foreign key reference. The only valid entries to this field are integers corresponding to records in the operation table. There s no way for the user to know what operation a particular integer is related to. Worse she could enter any number or any text into the field. The results would be unpredictable but almost certainly bad. I fix these defects in the smartRToEdit function coming up next but begin by studying this simpler function because smartRToEdit is built on rToEdit . Chapter 12 Building a Three-Tiered Data Application 414 PHP 5 MySQL Programming for the Absolute Beginner figure The rToEdit function is simple but produces dangerous output. function rToEdit query given a one-record query creates a form to edit that record works on any table but allows direct editing of keys use smartRToEdit instead if you can global dbConn output result mysql_query query .