In this assignment we will merge our add.php and edit.php
into a single form.php which is capable of adding a new entry or
editing an existing entry. All of the form rendering will be done with
In the sample code, some off the files have been comverted to completely use
in-browser rendering for dynamic data, other files use a in-server MVC approach
similar to previous assignments, and others are hybrid:
- index.php and view.php use in-browser rendering for all data
that comes from the model. In these files, there is no need to require pdo.php
as a result.
- form.php uses in-browser rendering to pull in old data if there is a
field being edited but uses old-style MVC to handle the incoming POST data when
an entry is added or edited.
- login.php and delete.php are old-style MVC where model, controller,
and view all are handled in PHP.
You can play with a sample implementation of the code at:
You can download nearly complete implementation of this
The only part that is missing its implementation of profile.php.
Without a working profile.php the application's
add functionality will work but the editing and view functionality
will not work.
To complete the application you must add the profile.php.
The profile.php will take a profile_id as a parameter,
query the database tables, and return JSON that looks as follows:
"headline":"Having a nice day",
"summary":"A short summary"
"description":"Still being alive"
"name":"University of Cambridge"
What To Hand In
As a reminder, your code must meet all the specifications
(including the general specifications) above. Just having good screen shots
is not enough - we will look at your code to see if you made coding errors.
For this assignment you will hand in:
- A screen shot (including the URL) of your form.php showing editing an existing entry showing the retrieval of the JSON to populate the form.
- A screen shot (including the URL) of your profile.php showing the retrieved JSON.
- Source code of profile.php
Note: These are unchanged from the previous assignments.
Here are some general specifications for this assignment:
You must use the PHP PDO database layer for this assignment. If you use the
"mysql_" library routines or "mysqli" routines to access the database, you will
receive a zero on this assignment.
Your name must be in the title tag of the HTML for all of the pages
for this assignment.
All data that comes from the users must be properly escaped
using the htmlentities() function in PHP. You do not
need to escape text that is generated by your program.
You must follow the POST-Redirect-GET pattern for all POST requests.
This means when your program receives and processes a POST request,
it must not generate any HTML as the HTTP response to that request.
It must use the "header('Location: ...');" function and either "return"
or "exit();" to send the location header and redirect the browser
to the same or a different page.
All error messages must be "flash-style" messages where the message is
passed from a POST to a GET using the SESSION.
Please do not use HTML5 in-browser data
validation (i.e. type="number") for the fields
in this assignment as we want to make sure you can properly do server
side data validation. And in general, even when you do client-side
data validation, you should still validate data on the server in case
the user is using a non-HTML5 browser.
Copyright Creative Commons Attribution 3.0 - Charles R. Severance