PHP Demo Program

Posted on July 5, 2013 by Ron Fredericks


Ron Fredericks writes: I am LectureMaker’s video platform technologist. So I thought I would demonstrate some of my sample code in building a simple website demo.

The demo consists of three pages that feature the following code

  • PHP programming with OO and model-view-controller (MVC) architecture
  • SQL file to create a new table and load some sample user data
  • PHP sessions and OO MySQL Data Manager
  • Use of CSS style sheet and tags for web page layout and forms management
  • Use of JavaScript and jQuery functions and project library
  • A RESTful API allowing users to move data between the three pages

Visit the running project’s website here:
www.lecturemaker.com/test/HP_login.php

Download a copy of the project’s source code from GitHub:
https://github.com/RonFredericks/PHP_Demo_Project

Overview

Build a 2-3 page website with a single page view concept with JavaScript mvc and REST service. The concept of the site is to choose your background. After login the user can select a file to upload and that becomes the background image of the landing page. Page 1 is login with at least 3 different users who can login. Page 2 is landing page which will show the image uploaded and page 3 is upload the background image you like. Page 2 and 3 should have a logout button.

Overview of the Project

Overview of the Project

FAQ

What is OOP?
Object Oriented Programming, or OOP, invokes the use of classes to organize the data and structure of an application:

  • Objects: instances of a class
  • Inheritance: ability to pass characteristics and behaviors from a base class
  • Access Modifiers: ability to protect data and methods
  • Interfaces: a form of abstract class that acts as a model for creating a derived class
  • PHP 5 Built-in Classes: Standard PHP Library (SPL), mysqli, PDO, SQLite, XML support, relfection, Iterator interface, magic methods, objects passed by reference
  • Design Patterns: a reusable set of solutions that solve practical problems

What is MVC?
Model–View–Controller (MVC) is an architectural pattern used in software engineering:

  • Model handles database logic. Code in the model connects to the database and provides an abstraction layer.
  • Controller represents the business (application) logic i.e. all our ifs and else.
  • View provides the presentation logic i.e our HTML/XML/JSON code.

What is REST?
Representational state transfer (REST) is a predominant web API design model for distributed systems. PHP examples include:

  • Use FORM tag with GET or POST to send data to another web page.
  • Use cURL to set the URL, create array of POST data, set options such as return XML data, and make request.
  • Create a POST request by opening a TCP connection to the host using fsockopen(), then use fwrite() on the handler returned from fsockopen().

Design Methodology

See the figure above “Overview of the Project” where each web page is shown, along with the MySQL database supporting privileged access to the main project’s feature: to upload a new background image.

To start the project code I started with a basic development environment:

  • WampServer: a Windows, Apache, MySQL, and PHP development environment. I chose this platform to run my test code because I can development the code directly within the Apache Localhost service without the delay of a repeated ftp style upload.
  • Adobe’s DreamWeaver code editor: I use this code editing tool to highlight, format, and check my CSS, HTML, PHP, and JavaScript code. Because I save my files directly into the WampServer, the workflow is fairly efficient.

With this flexible coding environment I create three documents initially: the PHP login page, the CSS file, and a sql field definitions file using a tool called phpmyadmin hosted on my WampServer. I work back and forth between the login page, the CSS file, and the SQL definitions to get the look and feel I have visualized within my wireframe design. I add user fields into my SQL table to manage login storage. And as I start to see a pattern to the JavaScript and PHP support needs for this project: I prepare to add PHP classes, PHP support functions, and JavaScript code into new files as the code is development.

Create Login Page, CSS Stylesheet and SQL file

Create Landing Page

Create Image Upload Page

Create PHP Initialize File

Create Database Class

Create User Class

Create User Manager Class

Code (php)
  1.  
  2. //////////////////////////////////  Create Login Page  ///////////////////////
  3.  
  4. < ?php
  5. // File: HP_login.php
  6. // Purpose: Initialize and start PHP session
  7. // Author: Ron Fredericks, LectureMaker LLC
  8. // Last Updated: 7/10/2013
  9.  
  10.     require_once ‘./HP_assets/HP_initialize.php’;
  11. ?>   
  12. < !doctype html>
  15. "utf-8"/>
  16. Login Page
  19. "stylesheet" type="text/css" href="./HP_assets/HP_main.css"/>
  22. < ?php
  23.     // Insure that prior users are logged out of this web service
  24.     $um->logout();
  25.     // Initiate page div layout and display heading
  26.     PutHeader(HEADING);
  27.     // Initiate login
  28.     LoginForm("HP_uploadImage.php");
  29.     SelectValidUser();
  30.     // Complete page div layout and display footer
  31.     PutFooter(FOOTER);
  32.     exit();     
  33. ?>
  36.  
  37. //////////////////////////////////  Create Landing Page  ///////////////////////
  38.  
  39. < ?php
  40. // File: HP_landingPage.php
  41. // Purpose: Initialize and start PHP session
  42. // Author: Ron Fredericks, LectureMaker LLC
  43. // Last Updated: 7/10/2013
  44.  
  45.     require_once ‘./HP_assets/HP_initialize.php’;
  46. ?>   
  47. < !doctype html>
  50. "utf-8"/>
  51. Landing Page
  54. "stylesheet" type="text/css" href="./HP_assets/HP_main.css"/>
  58. < ?php
  59.  
  60.     PutHeader(HEADING);
  61.    
  62.     if (!isset($user)) {
  63.         PutErrorMessage("You must log in to view this page: ".basename($_SERVER[‘PHP_SELF’]));
  64.         Redirect(‘HP_login.php’, 5);
  65.         exit();
  66.     }
  67. ?>
  69.     < ?php   
  70.     PutErrorMessage(ProcessUploadForm());
  71.     PutFooter(FOOTER);
  72.     ?>
  75.  
  76. //////////////////////////////////  Create Image Upload Page  ///////////////////////
  77.  
  78. < ?php
  79. // File: HP_uploadImage.php
  80. // Purpose: Initialize and start PHP session
  81. // Author: Ron Fredericks, LectureMaker LLC
  82. // Last Updated: 7/10/2013
  83.  
  84.     require_once ‘./HP_assets/HP_initialize.php’;
  85. ?>   
  86. < !doctype html>
  89. "utf-8"/>
  90. Upload Image
  93. "stylesheet" type="text/css" href="./HP_assets/HP_main.css"/>
  96. < ?php
  97.     // Attempt to process user login form $_POST 
  98.     if (ProcessLoginForm($um)) {
  99.         // update user info on successful new login
  100.         $user = $um->getSession();
  101.     }
  102.     PutHeader(HEADING);   
  103.     // Test for valid user, return to login page if user not valid
  104.     if (!isset($user)) {
  105.         PutErrorMessage("You must log in to view this page: ".basename($_SERVER[‘PHP_SELF’]));
  106.         Redirect(‘HP_login.php’, 5);
  107.         die();
  108.     }   
  109.     ?>
  110.    
  111.    
  112.    
  113.     < ?php
  114.     // Initiate image upload form   
  115.     GetImageForm("HP_landingPage.php");
  116.     DisplayValidImageTypes();
  117.     PutFooter(FOOTER);
  118. ?>
  121.  
  122. //////////////////////////////////  Create PHP Initialize File  ///////////////////////
  123.  
  124. < ?php
  125. // File: HP_initialize.php
  126. // Initialize PHP environment
  127. // Author: Ron Fredericks, LectureMaker LLC
  128. // Last Updated: 7/10/2013
  129.  
  130.     define("HEADING", "Select Background Image Project");
  132.     define("IMAGE_DIR", "./HP_images/");
  133.     define("DEBUG", false);    // set to true for more display messages
  134.     error_reporting(-1)// set to (-1) to display all errors, (0) for no errors and (E_ALL ^ E_NOTICE) for default production
  135.     global $validext;   // define valid background image types as global
  136.     $validext = array(".gif"=>"GIF image", ".jpeg"=>"JPEG image", ".jpg"=>"JPG image"".png"=>"PNG image");
  137.     // include the mySQL data management system
  138.     require_once ‘./HP_assets/HP_UserManager.php’;
  139.     require_once ‘./HP_assets/HP_miscFunctions.php’;
  140.     //
  141.     //session_start();
  142.     $um = new UserManager();
  143.     $user = $um->getSession();
  144.  
  145. //////////////////////////////////  Create Database Class ///////////////////////
  146.  
  147. < ?php
  148. // File: HP_Database.php
  149. // Purpose: Define a class to MySQL database connection class
  150. // Author: Ron Fredericks, LectureMaker LLC
  151. // Last Updated: 7/10/2013
  152. // References:
  153. //        http://forum.zonehacks.com/threads/10-PHP-User-Management-System-using-Object-Oriented-Programming-and-MySQL
  154. //        Object-Oriented PHP by Peter Lavin, No Starch Press, 2006
  155. class Database {
  156.    
  157.     private static $instances = 0// make sure db connection is made only once, RDF
  158.     /**
  159.      * =============================================================
  160.      * Change these values to work with your mysql database settings
  161.      * =============================================================
  162.      */
  163.     private $db_host = ‘localhost’;
  164.     private $db_user = ‘xxx’// fill in these values with your credentials
  165.     private $db_pass = ‘xxx’;
  166.     private $db_name = ‘xxx’// fill in your mySQL atabase name here
  167.    
  168.  
  169.     private $where = array();
  170.     private $variables = array();
  171.     private $link;
  172.  
  173.     // see __call method below for implementaiton, RDF
  174.     private $functions = array(
  175.     ‘affected_rows’ => ‘mysql_affected_rows’,
  176.     ‘client_encoding’ => ‘mysql_client_encoding’,
  177.     ‘close’    =>    ‘mysql_close’,
  178.     ‘connect’ => ‘mysql_connect’,
  179.     ‘create_db’ => ‘mysql_create_db’,
  180.     ‘data_seek’ => ‘mysql_data_seek’,
  181.     ‘db_name’    =>    ‘mysql_db_name’,
  182.     ‘db_query’    =>    ‘mysql_db_query’,
  183.     ‘drop_db’    =>    ‘mysql_drop_db’,
  184.     ‘errno’        =>    ‘mysql_errno’,
  185.     ‘error’        =>    ‘mysql_error’,
  186.     ‘escape_string’    =>    ‘mysql_escape_string’,
  187.     ‘fetch_array’    =>    ‘mysql_fetch_array’,
  188.     ‘fetch_assoc’    =>    ‘mysql_fetch_assoc’,
  189.     ‘fetch_field’    =>    ‘mysql_fetch_field’,
  190.     ‘fetch_lengths’    =>    ‘mysql_fetch_lengths’,
  191.     ‘fetch_object’    =>    ‘mysql_fetch_object’,
  192.     ‘fetch_row’        =>    ‘mysql_fetch_row’,
  193.     ‘field_flags’    =>    ‘mysql_field_flags’,
  194.     ‘field_len’        =>    ‘mysql_field_len’,
  195.     ‘field_name’    =>    ‘mysql_field_name’,
  196.     ‘field_seek’    =>    ‘mysql_field_seek’,
  197.     ‘field_table’    =>    ‘mysql_field_table’,
  198.     ‘field_type’    =>    ‘mysql_field_type’,
  199.     ‘free_result’    =>    ‘mysql_free_result’,
  200.     ‘get_client_info’    =>    ‘mysql_get_client_info’,
  201.     ‘get_host_info’        =>    ‘mysql_get_host_info’,
  202.     ‘get_proto_info’    =>    ‘mysql_get_proto_info’,
  203.     ‘get_server_info’    =>    ‘mysql_get_server_info’,
  204.     ‘info’                =>    ‘mysql_info’,
  205.     ‘insert_id’            =>    ‘mysql_insert_id’,
  206.     ‘list_dbs’            =>    ‘mysql_list_dbs’,
  207.     ‘list_fields’        =>    ‘mysql_list_fields’,
  208.     ‘list_processes’    =>    ‘mysql_list_processes’,
  209.     ‘list_tables’        =>    ‘mysql_list_tables’,
  210.     ‘num_fields’        =>    ‘mysql_num_fields’,
  211.     ‘num_rows’            =>    ‘mysql_num_rows’,
  212.     ‘pconnect’            =>    ‘mysql_pconnect’,
  213.     ‘ping’                =>    ‘mysql_ping’,
  214.     ‘query’                =>    ‘mysql_query’,
  215.     ‘real_escape_string’    =>    ‘mysql_real_escape_string’,
  216.     ‘result’            =>    ‘mysql_result’,
  217.     ‘select_db’            =>     ‘mysql_select_db’,
  218.     ‘set_charset’        =>    ‘mysql_set_charset’,
  219.     ‘stat’                =>    ‘mysql_stat’,
  220.     ‘tablename’            =>    ‘mysql_tablename’,
  221.     ‘thread_id’            =>    ‘mysql_thread_id’,
  222.     ‘unbuffered_query’    =>    ‘mysql_unbuffered_query’
  223.     );
  224.  
  225.     function __construct()
  226.     {
  227.         if (Database::$instances == 0) {
  228.             $this->link = @$this->connect($this->db_host, $this->db_user, $this->db_pass)// catch and hide error messages using "@", RDF
  229.             if(!$this->link) {
  230.                 die("Database class: ".mysql_error(). " Error no: ".mysql_errno())// Include all possible error messages in display, RDF
  231.             }
  232.            
  233.             $this->select_db($this->db_name);
  234.             Database::$instances = 1;
  235.         }
  236.     }
  237.    
  238.     function __destruct()
  239.     {
  240.         if($this->link) {
  241.             Database::$instances == 0;
  242.             mysql_close($this->link);
  243.             unset($this->link); // Clear from memory, RDF
  244.         }
  245.     }
  246.    
  247.     // Manage undeclared functions
  248.     public function __call($name, $arguments) {
  249.         if(isset($this->functions[$name])) {
  250.             return call_user_func_array($this->functions[$name], $arguments);
  251.         }
  252.         return FALSE;
  253.     }
  254.    
  255. }
  256.  
  257. //////////////////////////////////  Create User Class ///////////////////////
  258.  
  259. < ?php
  260. // File: HP_User.php
  261. // Purpose: User class to manage undefined data members
  262. // Author: Ron Fredericks, LectureMaker LLC
  263. // Last Updated: 7/10/2013
  264. // References:
  265. //        http://forum.zonehacks.com/threads/10-PHP-User-Management-System-using-Object-Oriented-Programming-and-MySQL
  266. //        Object-Oriented PHP by Peter Lavin, No Starch Press, 2006
  267. class User
  268. {
  269.    
  270.     private $userdata = array();
  271.    
  272.     public function checkPassword($pass)
  273.     {
  274.         if(isset($this->userdata[‘password’]) && $this->userdata[‘password’] == md5($pass)) {
  275.             return true;
  276.         }
  277.         return false;
  278.     }
  279.    
  280.     public function set($var, $value)
  281.     {
  282.         $this->userdata[$var] = $value;
  283.     }
  284.    
  285.     public function get($var)
  286.     {
  287.         if(isset($this->userdata[$var])) {
  288.             return $this->userdata[$var];
  289.         }
  290.         return NULL;
  291.     }
  292. }
  293.  
  294. //////////////////////////////////  Create User Manager Class ///////////////////////
  295.  
  296. < ?php
  297. // File: HP_UserManager.php
  298. // Purpose: Create a class to manage user functions using a MySQL database
  299. // Author: Ron Fredericks, LectureMaker LLC
  300. // Last Updated: 7/10/2013
  301. // References:
  302. //         http://forum.zonehacks.com/threads/10-PHP-User-Management-System-using-Object-Oriented-Programming-and-MySQL
  303. //        Object-Oriented PHP by Peter Lavin, No Starch Press, 2006
  304.  
  305. // Include the User and Database class files
  306. require_once "./HP_assets/HP_User.php";
  307. require_once "./HP_assets/HP_Database.php";
  308.  
  309. class UserManager
  310. {
  311.     private $db;
  312.    
  313.     // Create an instance of the database class and store it into a private variable
  314.     public function UserManager()
  315.     {
  316.         $this->db = new Database();
  317.     }
  318.  
  319.      public  function createUser($username, $password, $email, $is_adminFALSE)
  320.      {
  321.          if (isset($username) && isset($password) && isset($email)) { // Check for invalid function call, RDF
  322.              $stmt = sprintf("INSERT INTO users (`id`, `username`,  `password`,  `email`, `is_admin`) VALUES (NULL, ‘%s’, ‘%s’, ‘%s’,  ‘%d’)",
  323.                     $this->db->real_escape_string($username),
  324.                      md5($this->db->real_escape_string($password)),     // A  md5 hash of the user’s password will be stored in the database.
  325.                      $this->db->real_escape_string($email),             //  always escape data from public before storing in database
  326.                     $this->db->real_escape_string($is_admin));
  327.             $result = $this->db->query($stmt);
  328.    
  329.             if ($result) return true;
  330.          }
  331.         return false;
  332.     } 
  333.  
  334.     public function updateUser($user)
  335.     {
  336.         // Normally I wouldn’t store session data in the database, but
  337.         // it can be changed to track cookies if you plan to go that
  338.         // route.
  339.         $session = $user->get(‘session’);
  340.         if (!$session) $session = 0;
  341.          $stmt = sprintf("UPDATE users SET `username` = ‘%s’, `password`  =  ‘%s’, `email` = ‘%s’, `is_admin` = ‘%d’, `session` = ‘%s’ WHERE `id`  =  ‘%d’",
  342.                 $this->db->real_escape_string($user->get(‘username’)),
  343.                 $this->db->real_escape_string($user->get(‘password’)),
  344.                 $this->db->real_escape_string($user->get(’email’)),
  345.                 $this->db->real_escape_string($user->get(‘is_admin’)),
  346.                 $this->db->real_escape_string($session),
  347.                 $this->db->real_escape_string($user->get(‘id’)));
  348.         return $this->db->query($stmt);               
  349.     } 
  350.  
  351.     public function deleteUser($user)
  352.     {
  353.         $userID = $this->db->real_escape_string($user->get(‘id’));
  354.         return $this->db->query("DELETE FROM users WHERE `id` = ‘$userID’");
  355.      } 
  356.  
  357.     // Get users from the database and return a user object by id or username
  358.     public function getUserByID($id)
  359.     {
  360.         if (isset($id)) {     // Check for invalid function call, RDF
  361.        
  362.             // get the user by id from database
  363.             $stmt = sprintf("SELECT * FROM users WHERE id = ‘%s’", $this->db->real_escape_string($id));
  364.             $result = $this->db->query($stmt);
  365.             if($result) {
  366.                 $user = new User();                            // create a new user object
  367.                 $row = $this->db->fetch_assoc($result);
  368.                 foreach($row as $key => $value) {              // loop through user table values
  369.                     $user->set($key, $value);                // store them in the user object
  370.                 }
  371.                 return $user;                                // and return it
  372.             }
  373.         }
  374.         return NULL;
  375.     }
  376.    
  377.     public function getUserByName($name)
  378.     {
  379.  
  380.         if (isset($name)) {    // Check for invalid function call, RDF
  381.             $stmt = sprintf("SELECT * FROM users WHERE username = ‘%s’", $this->db->real_escape_string($name));
  382.             $result = $this->db->query($stmt) or trigger_error(mysql_error()." ".$stmt);
  383.             if ($result && $this->db->num_rows($result) > 0) {
  384.                 $user = new User();
  385.                 $row = $this->db->fetch_assoc($result);
  386.                 foreach($row as $key => $value) {
  387.                     $user->set($key, $value);
  388.                 }
  389.                 return $user;
  390.             }
  391.         }
  392.         return NULL;
  393.     }
  394.  
  395.     // Get user by name, check the password, updates session info in the database, and return the user object
  396.     public function login($username$password)
  397.     {
  398.         if (isset($username) && isset($password)) {    // Check for invalid function call, RDF
  399.             $user = $this->getUserByName($username);
  400.             if (isset($user) && $user->checkPassword($password)) {               
  401.                 // start PHP session, RDF
  402.                 if(!isset($_SESSION)) session_start();
  403.                 $_SESSION[‘zhuser’] = $user->get(‘username’);            // I normally use these for cookies
  404.                 $_SESSION[‘zhsess’] = md5($username.microtime());        // calculate md5 of username + current unix time
  405.                 $user->set(‘session’, $_SESSION[‘zhsess’]);              // set the session in user object
  406.                 $this->updateUser($user);                                // update the user
  407.                 return $user;                                            // and return the user object if we’re good
  408.             }
  409.         }
  410.         return NULL;
  411.     }
  412.        
  413.     public function logout()
  414.     {
  415.         if (isset($_SESSION)) {
  416.             unset($_SESSION);
  417.             session_destroy();
  418.         }
  419.     } 
  420.  
  421.     //  Check if a session exists and against what we have stored in the database, if they match we’re good
  422.     public  function getSession() 
  423.     {
  424.         // start PHP session, RDF
  425.         if (!isset($_SESSION)) session_start();
  426.  
  427.         if (isset($_SESSION[‘zhuser’]) && isset($_SESSION[‘zhsess’])) {
  428.             $user = $this->getUserByName($_SESSION[‘zhuser’]);
  429.             if (!$user) $this->logout();
  430.             if ($user->get(‘session’) == $_SESSION[‘zhsess’]) {
  431.                 return $user;
  432.             }
  433.         }
  434.         return NULL;
  435.     }
  436. }
  437.  

Create PHP Functions Page

Code (php)
  1. < ?php
  2. // File: HP_miscFunctions.php
  3. // Purpose: PHP Visual display and support functions
  4. // Author: Ron Fredericks, LectureMaker LLC
  5. // Last Updated: 7/11/2013
  6.  
  7.  
  8. //////////////////////////////////////////////////////////////////
  9. // Login Support Functions                                      //
  10. //////////////////////////////////////////////////////////////////
  11.  
  12. function LoginForm($url)
  13. // Present a login form
  14. {
  15.     // Reference: http://designikx.wordpress.com/2010/04/07/pure-css-div-based-form-design-form-layout/
  16.     $myArray[0] = array("test" => "", "message" => "Username must be entered");
  17.     ?>
  18.    
  19.    
  20.    
    "myform">
  21.    
    "loginForm" action="" onsubmit="return login_form(this)" method="post">
  22.    

    Login Window

  23.    

    Welcome to the background image selector website

  24.    
  25.    
  26.     Its Your Name
  27.    
  28.     "username" type="text" name="username"/>
  29.  
  30.    
  31.     Enter Your Password
  32.    
  33.     "password" type="text" name="password"/>
  34.    
  35.    
  36.    
  •     < ?php
  • }
  •  
  • function SelectValidUser()
  • // Present list of valid users for login
  • {
  • ?>
  •    
    "myformsupport">
  •    

    Login List

  •    

    Load one of these valid user credentials into login window

  •    
    •    
    • Ron Fredericks
    •    
    • Tommy Tuba
    •    
    • Admin