#CodeWithMe Part 4: Building A Good Base

Welcome back! If you're new to this series have a look at Part 1 here

Today we are going to beef things up a bit and we will focus on the backend and some key CMS functionality.

It's time to get excited, this is where you'll start to see your barebones structure morph into something extraordinary!

Tired of my intro? That's ok! Let's jump into it!

Getting the DB on board

Before we delve into this, it's imperative that we take a minute and plan things out.

The database tables that are vital to any CMS are the menu, the user table, and the content table.

Our menu table will start of as follows:

CREATE TABLE 'mydbname'.'menus' ( 'ID' INT(11) NOT NULL AUTO_INCREMENT , 'menuname' VARCHAR(100) NOT NULL , 'item' VARCHAR(50) NOT NULL , 'itemlink' VARCHAR(100) NOT NULL , PRIMARY KEY ('ID')) ENGINE = MyISAM COMMENT = 'menu table';

Let's break this down a bit.

In the SQL above, we're creating a new table called menus.

Essentially our structure looks like this:

ID | Menuname | Item | Itemlink

Our ID field is our unique identifier (our PRIMARY KEY).

Tip: Remember, you can use raw SQL or a tool like PhpMyAdmin to create your db tables/execute SQL queries.

Next up is our user table.

CREATE TABLE 'mydbname'.'users' ( 'ID' INT(11) NOT NULL AUTO_INCREMENT , 'username' VARCHAR(100) NOT NULL , 'password' VARCHAR(50) NOT NULL , 'email' VARCHAR(100) NOT NULL , PRIMARY KEY ('ID')) ENGINE = MyISAM COMMENT = 'user table';

Visually represented this structure looks like this:

ID | Username | Password | Email

Our ID field is our unique identifier.

And finally, our content table modifications. You probably remember creating a rudimentary content table in Part 1 of the series.

ALTER TABLE 'mydbname'.'content' ADD content_type VARCHAR(50);

Yep, you guessed right, in the above statement we are altering our content table and adding a new field called content type.

Our new table structure now looks like this:

ID | Title | Content | Author | Content Type

Planning to Add to the Backend

Next , we're going to add a menu section, an add user section, and we'll also modify our content section.

Let's do this! reate a file called menus.php in your backend folder.

Next, code a HTML form to save your menu data.

The form needs the following fields:

Menu Name (we called this menuname in our db table).

Menu Item Name (we called this item in our db table).

Menu Link (we called this itemlink in our db table).

Try to follow Part 1 to do this on your own.

If you get a little stuck, that's ok. You can also follow the example below:

<form method="post" action="<?php $_SERVER['PHP_SELF'];?>"/>

<input type="text" name="menuname" class="mytextbox" placeholder="Menu Name" required />

<input type="text" name="item" class="mytextbox" placeholder="Item" required />

<input type="text" name="itemlink" class="mytextbox" placeholder="Item Link" required />

<input type="submit" value="Save Menu Item" name="savemenu" class="mybutton"/>

</form>
 

Notice the use of CSS classes? The gravy!

This will come in handy in our next tutorial.

Next, let's add the form processing code as we need to save these fields to the database. Remember to use the sanitization technique you learned in Part 2.

Add this above your <form> tag.

<?php

if(isset($_POST['savemenu'])){

include('../includes/conn.php');

if ($letsconnect->connect_error) {

die("Your Connection failed: " . $letsconnect->connect_error);

}else{

$menuname = $letsconnect ->real_escape_string($_POST['menuname']);

$item = $letsconnect -> real_escape_string($_POST['item']);

$itemlink = $letsconnect->real_escape_string($_POST['itemlink']);

$sql = "INSERT INTO menus(menuname,item,itemlink) VALUES ('".$menuname."', '".$item."', '".$itemlink."')";

if (mysqli_query($letsconnect, $sql)) {

echo "Your data was saved successfully!";

} else { echo "Error: " . $sql . "" . mysqli_error($letsconnect);

} $letsconnect->close();

}

}

?>

Ok phew, the menu data capturing section is done.

Let's move on to the user data capturing section, and modify the content capturing screen.

Repeat the steps above and create these two screens. Remember to keep an eye out for our database field names that we defined earlier! If you get stuck, look at the end result below:

Create adduser.php in your backend folder.

Create your data capturing form.

<form method="post" action="<?php $_SERVER['PHP_SELF'];?>"/>

<input type="text" name="username" class="mytextbox" placeholder="Username" required/>

<input type="password" name="password" class="mytextbox" placeholder="Password" required />

<input type="email" name="email" class="mytextbox" placeholder="Email" required />

<input type="submit" value="Save Menu Item" name="saveuser" class="mybutton"/>

</form>

Add your PHP processing code, remember the security!

Add this above your <form> tag.

<?php

if(isset($_POST[‘saveuser])){

include('../includes/conn.php');

if ($letsconnect->connect_error) {

die("Your Connection failed: " . $letsconnect->connect_error);

}else{

$menuname = $letsconnect -> real_escape_string($_POST[‘username']);

$item = $letsconnect -> real_escape_string($_POST[‘password']);

$itemlink = $letsconnect -> real_escape_string($_POST[‘email']);

$sql = "INSERT INTO menus(username,password,email) VALUES ('".$username."', '".$password."', '".$email."')";

if (mysqli_query($letsconnect, $sql)) {

echo "Your data was saved successfully!";

} else { echo "Error: " . $sql . "" . mysqli_error($letsconnect);

} $letsconnect->close();

}

}

?>

Please note that I will be covering Password security in the tutorials that follow.

Make sure that you are using your localhost server to complete this tutorial series. Do not publish your work until you complete this series.

Lastly, let's move to our content capturing screen which is currently found in index.php in the backend folder.

We will be changing this to a more professional dashboard in the tutorials that follow!
Our current file looks like this:

<html>

<head><title>Backend - Capture Content</title></head>

<body>

<?php

if(isset($_POST['savedata'])){

include('../includes/conn.php');

if ($letsconnect->connect_error) {

die("Your Connection failed: " . $letsconnect->connect_error);

}else{

$title = $letsconnect -> real_escape_string($_POST['title']);

$content = $letsconnect -> real_escape_string($_POST['content']);

$author = $letsconnect -> real_escape_string($_POST['author']);

$sql = "INSERT INTO content (title,content,author) VALUES ('".$title."', '".$content."', '".$author."')";

if (mysqli_query($letsconnect, $sql)) {

echo "Your data was saved successfully!";

} else { echo "Error: " . $sql . "" . mysqli_error($letsconnect);

} $letsconnect->close();

}

}

?>

<form action="<?php $_SERVER[‘PHP_SELF'];?>" method="post">

<input type="text" name="title" placeholder="Content Title here" required/>

<textarea name="content">Content Here</textarea>

<input type="text" name="author" placeholder="Author" required/>

<input type="submit" value="Save My Data" name="savedata"/>

</form>

</body>

</html>

We need to modify this slightly to include our new field, content_type.

Add the input field in your <form> above the submit button.

<input type="text" name="content_type" placeholder="Content Type" required/>;

Next, add the content_type to the sanitization lineup.

$content_type = $letsconnect->real_escape_string($_POST['content_type']);

Lastly, store this variable to the database by modifying the $sql.

$sql = "INSERT INTO content (title,content,author,content_type) VALUES ('".$title."', '".$content."', '".$author."', '".$content_type."')";

Conclusion

Chopping and changing is not always as daunting. Find a rhythm. There are many ways to make cumbersome coding a breeze and we will delve into that in the tutorials to come.

Challenge

Think of ways to test what we just did through retrieving and echoing data from the database.

Next Up: #CodeWithMe Part 5 Building a good base Continued