When asking questions about code:- Include a description of what you want the code to do and what it actually does in the body of the message.
- Make sure the code you post is a minimal test case. The code you posted is fairly minimal, but doesn't look complete.
- format the code to make it readable. This means indent (using a variant of a standard indent style) and (for these forums) encase the code in [PHP], [HTML] or [CODE] tags to preserve the indentation. If you use an editor designed for coding, it will indent the code for you. Here's the result of indenting your code in emacs (ESC ^\) and putting it in [PHP] tags:
PHP Code:
<?php
$con = mysql_connect("***","***","***") or die('Could not connect: ' . mysql_error());
$dbconnect = mysql_select_db("***", $con) or die ("could not connect to database: " . mysql_error());
if($_SESSION['username']=="***")
{
if ($_POST['title'] && $_POST['description'])
{
$check = mysql_query("INSERT INTO links (title, description) VALUES ('$_POST[title]', '$_POST[description]')") or die("Could not add content to database: " . mysql_error());
echo "<p>Link Added Successfully.</p>";
}
elseif ($_POST['title'] || $_POST['description'])
{
$title1 = $_POST['title'];
$description1 = $_POST['description'];
}
if ($_GET[successful]==1)
{
echo "<p>Link Edited Successfully.</p>";
}
echo "<form action='links.php' method='post'>
<p><b>Link Title</b><br/>
<input type='text' style='width:690px;' id='title' value='" . $title1 . "'/><br/><br/>
<b>URL: http</b><br/>
<input type='text' style='width:690px;' id='description' value='" . $description1 . "'/></p>
</form>";
$result = mysql_query("SELECT * FROM links") or die("Could not get link data: " . mysql_error());
while($row = mysql_fetch_array($result))
{
echo "<p><a href='" . $row['description'] . "'>" . $row['title'] . "</a></p><a href='edit.php?id=" . $row['id'] . "&page=links&redirect=links.php' onclick='return editEvent();'>Edit</a> | <a href='delete.php?did=" . $row['id'] . "&page=links&redirect=links.php' onclick='return doubleCheck();'>Delete</a>";
}
}
else
{
$result = mysql_query("SELECT * FROM links") or die("Invalid Query: " . mysql_error());
while($row = mysql_fetch_array($result))
{
echo "<p><a href='" . $row['description'] . "'>" . $row['title'] . "</a></p>
}
}
mysql_close($con);
?>
Notice how the closing bracket for the last while loop isn't indented and the code is red? This is a clue that there is a syntax problem before the bracket, something that prevented emacs' auto-indent from working. The red text (here it means the text is in a string) is another clue, one that means you've got an unterminated string. Looking at the line above and you'll see it. Notice the line is also missing its line-ending semicolon. Also, there's no need for string concatenation (the "." operator) with echo as it's variadic (it supports a variable number of arguments). You can separate each string to be printed with a comma. Lastly, if you don't need variable interpolation, try single quoted strings:
PHP Code:
echo '<p><a href="', $row['description'], '">', $row['title'], '</a></p>';
Normally, you shouldn't be too concerned with this sort of micro-optimization 2) and shouldn't optimize too early, but the above tips are good when you're writing new code (except perhaps single quoting). The best (ie most readable and not slower in a big-O sense) code is probably:
PHP Code:
echo "<p><a href='$row[description]'>$row[title]</a></p>";
PHP Code:
<?php
$con = mysql_connect("***","***","***") or die('Could not connect: ' . mysql_error());
die() can be OK for test code, but not production code (2). Also, printing MySQL error information can disclose too much information. Moreover, the information will likely be useless and unintelligible for most users of your site (the ones who can understand and use it are the ones you need to worry about).
PHP Code:
if($_SESSION['username']=="***")
You need to call session_start() before you can access $_SESSION
PHP Code:
{
if ($_POST['title'] && $_POST['description'])
{
$check = mysql_query("INSERT INTO links (title, description) VALUES ('$_POST[title]', '$_POST[description]')") or die("Could not add content to database: " . mysql_error());
Placing user input directly into a query opens your script to SQL injection (2). Never do this. Instead, filter the data using PHP's filter functions or the DB driver's escape function (e.g. mysql_escape_string, mysqli_real_escape_string, pg_escape_string). Even better is to use prepared statements, if the driver supports them (e.g. mysqli_prepare, PDO::prepare).
PHP Code:
if ($_GET[successful]==1)
This looks wrong for two reasons: if "successful" is a string index, it should be quoted (it should remain unquoted only if it's a constant). The second comes mostly from intuition and is harder to put into words, but it involves the fact that $_GET is filled from the query string for the current page.
HTML Code:
<form action='links.php' method='post'>
<p><b>Link Title</b><br/>
<input type='text' style='width:690px;' id='title' value='" . $title1 . "'/><br/><br/>
<b>URL: http</b><br/>
<input type='text' style='width:690px;' id='description' value='" . $description1 . "'/></p>
</form>
Use inline style sparingly. Also, avoid using <br /> for layout. px units are mostly appropriate for images; use ems with text & text widgets. Try the following structure:
HTML Code:
<form action='links.php' id="linkEdit" method='post'>
<label for="title">Link Title</label>
<input type='text' id='title' value='" . $title1 . "'/>
<label for="description">URL: http</label>
<input type='text' id='description' value='" . $description1 . "'/>
</form>
with the following style:
Code:
form#linkEdit input {
width: 40em;
display: block;
margin-bottom: 1em;
}
form#linkEdit label {
display: block;
}
form#linkEdit input:last-child {
margin-bottom: 0;
}
LinkBack URL
About LinkBacks
Reply With Quote
icon below! (this is even better than "liking" a post)
