Skip to main content

Validating and Saving a New Member (Advance PHP)


In this tutorial, will be focusing on using advance PHP through Object-Oriented Programming approach. Using OOP approach it provides a clear modular structure for programs which it good for defining abstract data types and it makes easy to modify existing code as new objects can be created with small differences to existing ones.
This time let’s create a new PHP file named “member.php” and save it inside includes folder. Then add the following code:

  1. <?php
  2. /**
  3. * Description: This is a class for member.
  4. * Author: Joken Villanueva
  5. * Date Created: Nov. 2, 2013
  6. * Revised By:
  7. */
  8. require_once(LIB_PATH.DS.'database.php');
  9. class member {
  10.  
  11. protected static $tbl_name = "user_info";
  12. function db_fields(){
  13. global $mydb;
  14. return $mydb->getFieldsOnOneTable(self::$tbl_name);
  15. }
  16. function listOfautonumber(){
  17. global $mydb;
  18. $mydb->setQuery("Select * from ".self::$tbl_name);
  19. $cur = $mydb->loadResultList();
  20. return $cur;
  21.  
  22. }
  23. static function bPrimary($id=0){
  24. global $mydb;
  25. $mydb->setQuery("SELECT * FROM ".self::$tbl_name." WHERE auto_id={$id} LIMIT 1");
  26. $row = $mydb->loadSingleResult();
  27. $s = $row->autostart + $row->incval;
  28. $a = $row->appenchar;
  29. return $a.$s;
  30. }
  31. static function bPrimaryUpdate($id=0){
  32. global $mydb;
  33. $mydb->setQuery("SELECT * FROM ".self::$tbl_name." WHERE auto_id={$id} LIMIT 1");
  34. $row = $mydb->loadSingleResult();
  35. $s = $row->autostart + $row->incval;
  36.  
  37. return $s;
  38. }
  39. /*---Instantiation of Object dynamically---*/
  40. static function instantiate($record) {
  41. $object = new self;
  42.  
  43. foreach($record as $attribute=>$value){
  44. if($object->has_attribute($attribute)) {
  45. $object->$attribute = $value;
  46. }
  47. }
  48. return $object;
  49. }
  50.  
  51.  
  52. /*--Cleaning the raw data before submitting to Database--*/
  53. private function has_attribute($attribute) {
  54. // We don't care about the value, we just want to know if the key exists
  55. // Will return true or false
  56. return array_key_exists($attribute, $this->attributes());
  57. }
  58.  
  59. protected function attributes() {
  60. // return an array of attribute names and their values
  61. global $mydb;
  62. $attributes = array();
  63. foreach($this->db_fields() as $field) {
  64. if(property_exists($this, $field)) {
  65. $attributes[$field] = $this->$field;
  66. }
  67. }
  68. return $attributes;
  69. }
  70.  
  71. protected function sanitized_attributes() {
  72. global $mydb;
  73. $clean_attributes = array();
  74. // sanitize the values before submitting
  75. // Note: does not alter the actual value of each attribute
  76. foreach($this->attributes() as $key => $value){
  77. $clean_attributes[$key] = $mydb->escape_value($value);
  78. }
  79. return $clean_attributes;
  80. }
  81.  
  82.  
  83. /*--Create,Update and Delete methods--*/
  84. public function save() {
  85. // A new record won't have an id yet.
  86. return isset($this->id) ? $this->update() : $this->create();
  87. }
  88.  
  89. public function create() {
  90. global $mydb;
  91. // Don't forget your SQL syntax and good habits:
  92. // - INSERT INTO table (key, key) VALUES ('value', 'value')
  93. // - single-quotes around all values
  94. // - escape all values to prevent SQL injection
  95. $attributes = $this->sanitized_attributes();
  96. $sql = "INSERT INTO ".self::$tbl_name." (";
  97. $sql .= join(", ", array_keys($attributes));
  98. $sql .= ") VALUES ('";
  99. $sql .= join("', '", array_values($attributes));
  100. $sql .= "')";
  101. echo $mydb->setQuery($sql);
  102.  
  103. if($mydb->executeQuery()) {
  104. $this->id = $mydb->insert_id();
  105. return true;
  106. } else {
  107. return false;
  108. }
  109. }
  110.  
  111. public function update($id=0) {
  112. global $mydb;
  113. $attributes = $this->sanitized_attributes();
  114. $attribute_pairs = array();
  115. foreach($attributes as $key => $value) {
  116. $attribute_pairs[] = "{$key}='{$value}'";
  117. }
  118. $sql = "UPDATE ".self::$tbl_name." SET ";
  119. $sql .= join(", ", $attribute_pairs);
  120. $sql .= " WHERE auto_id=". $id;
  121. $mydb->setQuery($sql);
  122. if(!$mydb->executeQuery()) return false;
  123.  
  124. }
  125.  
  126. public function delete($id=0) {
  127. global $mydb;
  128. $sql = "DELETE FROM ".self::$tbl_name;
  129. $sql .= " WHERE auto_id=". $id;
  130. $sql .= " LIMIT 1 ";
  131. $mydb->setQuery($sql);
  132.  
  133. if(!$mydb->executeQuery()) return false;
  134.  
  135. }
  136.  
  137. }
  138. ?>

Next, open our register.php file then the code now will look like as shown below.
The code below, will initialize our the database connection and other database objects.

  1. <?php
  2. require_once("includes/initialize.php");
  3.  
  4. $f_name = $_POST['fName'];
  5. $l_name = $_POST['lName'];
  6. $email = $_POST['email'];
  7. $password = sha1($_POST['password']);
  8. $month = $_POST['month'];
  9. $day = $_POST['day'];
  10. $yr = $_POST['yr'];
  11. $gender = $_POST['gender'];
  12.  
  13. $member = new member();
  14. $member->fName = $f_name;
  15. $member->lName = $l_name;
  16. $member->email = $email;
  17. $member->pword = $password;
  18. $member->mm = $month;
  19. $member->dd = $day;
  20. $member->yy = $yr;
  21. $member->gender = $gender;
  22. $member->create();
  23. ?>
  24. <script type="text/javascript">
  25. alert("New member added successfully.");
  26. window.location = "index.php"
  27. </script>
  28.  

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. After downloading it, you will need a program like Winzip to decompress it.

Virus note: All files are scanned once-a-day by SourceCodester.com for viruses, but new viruses come out every day, so no prevention program can catch 100% of them.

FOR YOUR OWN SAFETY, PLEASE:

1. Re-scan downloaded files using your personal virus checker before using it.
2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.

Submitted byJaro (not verified)on Tue, 05/19/2015 - 23:36

Hi, this codes are awesome! can you post the sql database please? thank you.

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.