2.6. Adding Forums
It makes sense to start writing code for the project with the file responsible for creating forums. It's important the script be only shown to users who are logged in and have permissions to create new forums. Ensuring the script is made available only to users who have logged in is done by including the 401.php file from Chapter 1. You can then decide whether to offer, show or process the form by checking the if the appropriate permission bit is set in $user->permission. If it isn't, the script terminates with a suitable error message.
include '401.php';
$user = User::getById($_SESSION['userId']);
if (~$user->permission & User::CREATE_FORUM)
{
die('<p>Sorry, you do not have sufficient privileges to create new ' .
'forums.</p>');
}
The script then goes on to collect the name and brief description from the user through a form and creates the forum record in the database.
<form action="<?php htmlspecialchars($_SERVER['PHP_SELF']); ?>" method="post"> <div> <label for="forum_name">Forum Name:</label> <input type="input" id="forum_name" name="forum_name"/><br/> <label for="forum_desc">Description:</label> <input type="input" id="forum_desc" name="forum_desc"/> <br/> <input type="hidden" name="submitted" value="true"/> <input type="submit" value="Create"/> </div> </form>
When the form is submitted, the information is validated and added to the database. If it isn't, then a message can be displayed back to the user stating the values should be corrected and resubmitted. ...
Get PHP and MySQL®: Create-Modify-Reuse now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
