Ex5 - PHP Page

"); echo ("Info Tech Tool 2 = " . $_POST['tool2']); echo ("
"); // use function displayPostArray to be able to display contents of $_POST // in a way that is flexible in terms of items stored in $_POST displayPostArray($_POST); // ADDED in Step 7 // want to connect to MySQL database // first load into memory the database credentials defined in login file require_once 'login_lastname.php'; // remember to change to your lastname // use database credentials to connect to MySQL $db_connect = mysqli_connect($db_hostname, $db_username, $db_password); // test if successful in connecting to MySQL if (!$db_connect) die("Unable to connect to MySQL: " . mysqli_error($db_connect)); // test if successful in connecting to your database mysqli_select_db($db_connect, $db_database) or die("Unable to select database: " . mysqli_error($db_connect)); // // test to make sure that each tool is non-empty ... // just to make sure in case JavaScript validation gets by passed if (isset($_POST['tool1']) && isset($_POST['tool2']) ) { // assign to variables after "cleansing" data by using function mysqli_fix_string (defined further down) $tool1 = mysqli_fix_string($db_connect, $_POST['tool1']); $tool2 = mysqli_fix_string($db_connect, $_POST['tool2']); // create query for entering data in to MySQL table = tools // need to specify which attributes we are providing since we don't provide all attributes $query = "INSERT INTO tools (tool1, tool2) VALUES" . "('$tool1', '$tool2')"; // testing if successful inserting data in table if (!mysqli_query($db_connect, $query)) echo "INSERT failed: $query
" . mysqli_error($db_connect) . "

"; } // ADDED in Step 8 echo "Display contents of table = 'tools'

"; $query = "SELECT * FROM tools"; $result = mysqli_query($db_connect, $query); if (!$result) die ("Database access failed: " . mysqli_error($db_connect)); $rows = mysqli_num_rows($result); for ($j = 0 ; $j < $rows ; ++$j){ $row = mysqli_fetch_row($result); // need to consult table to identify correct index for field echo ' Tool 1: ' . $row[0] . '
'; echo ' Tool 2: ' . $row[1] . '

'; } // ADDED in Step 9 echo "Display AVERAGE SCORES for table = 'tools'

"; // create query that returns SUM of scores for each tool $query = "SELECT SUM(tool1), SUM(tool2) FROM tools"; // $result will return a single row of SUMs $result = mysqli_query($db_connect, $query); if (!$result) die ("Database access failed: " . mysqli_error($db_connect)); // fetch first (and only row) and this will be regular array $firstrow = mysqli_fetch_row($result); // add div tag with class .results applied using \ to escape " quotation marks // Note: don't mix singe and double quotation marks echo '

'; // display SUM values and Average with is SUM / $rows (the latter computed further up) echo ' SUM for Info Tool 1: ' . $firstrow[0] . ' and AVE = ' . number_format($firstrow[0] / $rows, 2) . '
'; echo ' SUM for Info Tool 2: ' . $firstrow[1] . ' and AVE = ' . number_format($firstrow[1] / $rows, 2) . '

'; // add closing div tag echo '

'; // define functions ... it is okay that they are defined after they are being called // function displayPostArray ($postarray) { // echo ("displayPostArray.
"); // want to loop through each item of associative array // Use of => is similar to the regular = assignment operator, // except that you are assigning a value to an index and not to a variable. // "as" is used to assign a specific element of array to variable $tool // and => is used to assign value associated with $tool to the variable $score foreach ($postarray as $tool => $score) { echo "$tool" . " = " . "$score
"; } // } // create function to make sure date sent to database is safe // passes each retrieved item through the mysqli_real_escape_string function to strip out any characters // that a hacker may have inserted in order to break into or alter your database function mysqli_fix_string($db_connect, $string) { // if (get_magic_quotes_gpc()) $string = stripslashes($string); return mysqli_real_escape_string($db_connect, $string); } ?>