");
echo ("Info Tech Tool 2 = " . $_POST['tool2']);
echo ("
");
// use function displayPostArray to be able to display contents of $_POST
// in a way that is flexible in terms of items stored in $_POST
displayPostArray($_POST);
// ADDED in Step 8
// want to connect to MySQL database
// first load into memory the database credentials defined in login file
require_once 'login_spoerri.php'; // remember to change to your lastname
// use database credentials to connect to MySQL
$db_server = mysql_connect($db_hostname, $db_username, $db_password);
// test if successful in connecting to MySQL
if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
// test if successful in connecting to your database
mysql_select_db($db_database) or die("Unable to select database: " . mysql_error());
//
// test to make sure that each tool is non-empty ...
// just to make sure in case JavaScript validation gets by passed
if (isset($_POST['tool1']) &&
isset($_POST['tool2'])
)
{
// assign to variables after "cleansing" data by using function mysql_fix_string (defined further down)
$tool1 = mysql_fix_string($_POST['tool1']);
$tool2 = mysql_fix_string($_POST['tool2']);
// create query for entering data in to MySQL table = tools
// need to specify which attributes we are providing since we don't provide all attributes
$query = "INSERT INTO tools (tool1, tool2) VALUES" .
"('$tool1', '$tool2')";
// testing if successful inserting data in table
if (!mysql_query($query, $db_server))
echo "INSERT failed: $query
" .
mysql_error() . "
";
}
//
echo "Display contents of table = 'tools'.
";
$query = "SELECT * FROM tools";
$result = mysql_query($query, $db_server);
if (!$result) die ("Database access failed: " . mysql_error());
$rows = mysql_num_rows($result);
for ($j = 0 ; $j < $rows ; ++$j){
$row = mysql_fetch_row($result);
// need to consult table to identify correct index for field
echo ' Tool 1: ' . $row[0] . '
';
echo ' Tool 2: ' . $row[1] . '
';
}
//
echo "Display AVERAGE SCORES for table = 'tools'.
";
// create query that returns SUM of scores for each tool
$query = "SELECT SUM(tool1), SUM(tool2) FROM tools";
// $result will return a single row of SUMs
$result = mysql_query($query, $db_server);
if (!$result) die ("Database access failed: " . mysql_error());
// fetch first (and only row) and this will be regular array
$firstrow = mysql_fetch_row($result);
// add div tag with class .results applied using \ to escape " quotation marks
// Note: don't mix singe and double quotation marks
echo '';
// display SUM values and Average with is SUM / $rows (the latter computed further up)
echo ' SUM for Info Tool 1: ' . $firstrow[0] . ' and AVE = ' . number_format($firstrow[0] / $rows, 2) . '
';
echo ' SUM for Info Tool 2: ' . $firstrow[1] . ' and AVE = ' . number_format($firstrow[1] / $rows, 2) . '
';
// add closing div tag
echo '';
// define functions ... it is okay that they are defined after they are being called
//
function displayPostArray ($postarray) {
// echo ("displayPostArray.
");
// want to loop through each item of associative array
// Use of => is similar to the regular = assignment operator,
// except that you are assigning a value to an index and not to a variable.
// "as" is used to assign a specific element of array to variable $tool
// and => is used to assign value associated with $tool to the variable $score
foreach ($postarray as $tool => $score)
{
echo "$tool" . " = " . "$score
";
}
//
}
// create function to make sure date sent to database is safe
// passes each retrieved item through the mysql_real_escape_string function to strip out any characters
// that a hacker may have inserted in order to break into or alter your database
function mysql_fix_string($string)
{
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return mysql_real_escape_string($string);
}
?>