Add files via upload

common.php

@@ -0,0 +1,10 @@
+<?php
+
+/**
+  * Escapes HTML for output
+  *
+  */
+
+function escape($html) {
+  return htmlspecialchars($html, ENT_QUOTES | ENT_SUBSTITUTE, "UTF-8");
+}

config.php

@@ -0,0 +1,15 @@
+<?php
+
+/**
+  * Configuration for database connection
+  *
+  */
+
+$host       = "localhost";
+$username   = "root";
+$password   = "";
+$dbname     = "test"; // will use later
+$dsn        = "mysql:host=$host;dbname=$dbname"; // will use later
+$options    = array(
+                PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
+              );

create.php

@@ -0,0 +1,59 @@
+<?php
+if (isset($_POST['submit'])) {
+  require "config.php";
+  require "common.php";
+  try {
+    $connection = new PDO($dsn, $username, $password, $options);
+    $new_user = array(
+  "firstname" => $_POST['firstname'],
+  "lastname"  => $_POST['lastname'],
+  "email"     => $_POST['email'],
+  "age"       => $_POST['age'],
+  "location"  => $_POST['location']
+);// insert new user code will go here
+
+$sql = sprintf(
+    "INSERT INTO %s (%s) values (%s)",
+    "users",
+    implode(", ", array_keys($new_user)),
+    ":" . implode(", :", array_keys($new_user))
+);
+
+    $statement = $connection->prepare($sql);
+    $statement->execute($new_user);
+
+}   catch(PDOException $error) {
+    echo $sql . "<br>" . $error->getMessage();
+  }
+
+}
+
+?>
+
+<?php require "templates/header.php"; ?>
+
+<?php if (isset($_POST['submit']) && $statement) { ?>
+  > <?php echo $_POST['firstname']; ?> successfully added.
+<?php } ?>
+
+    <h2>Add a user</h2>
+
+    <form method="post">
+        <label for="firstname">First Name</label>
+        <input type="text" name="firstname" id="firstname">
+        <label for="lastname">Last Name</label>
+        <input type="text" name="lastname" id="lastname">
+        <label for="email">Email Address</label>
+        <input type="text" name="email" id="email">
+        <label for="age">Age</label>
+        <input type="text" name="age" id="age">
+        <label for="location">Location</label>
+        <input type="text" name="location" id="location">
+        <input type="submit" name="submit" value="Submit">
+    </form>
+
+    <a href="index.php">Back to home</a>
+
+
+
+<?php include "templates/footer.php"; ?>

css/style.css

@@ -0,0 +1,15 @@
+label {
+  display: block;
+  margin: 5px 0;
+}
+
+table {
+  border-collapse: collapse;
+  border-spacing: 0;
+}
+
+td,
+th {
+  padding: 5px;
+  border-bottom: 1px solid #aaa;
+}

data/init.sql

@@ -0,0 +1,13 @@
+CREATE DATABASE test;
+
+  use test;
+
+  CREATE TABLE users (
+    id INT(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
+    firstname VARCHAR(30) NOT NULL,
+    lastname VARCHAR(30) NOT NULL,
+    email VARCHAR(50) NOT NULL,
+    age INT(3),
+    location VARCHAR(50),
+    date TIMESTAMP
+  );

index.php

@@ -0,0 +1,13 @@
+<?php include "templates/header.php"; ?>
+
+<ul>
+    <li><a href="create.php"><strong>Create</strong></a> - add a user</li>
+    <li><a href="read.php"><strong>Read</strong></a> - find a user</li>
+    <li><a href="update.php"><strong>Update</strong></a> - edit a user</li>
+</ul>
+  <!-- <li> -->
+    <!--//installs initial database// <a href="install.php"><strong>Create a New Database</strong></a> - Installs DB as per install.php  -->
+  <!-- </li> -->
+
+
+<?php include "templates/footer.php"; ?>

insert.php

@@ -0,0 +1,46 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<body>
+<?php
+
+$hostname = "localhost";
+$username = "review_site";
+$password = "JxSLRkdutW";
+$db = "reviews";
+
+$dbconnect=mysqli_connect($hostname,$username,$password,$db);
+
+if ($dbconnect->connect_error) {
+  die("Database connection failed: " . $dbconnect->connect_error);
+}
+
+?>
+
+<table border="1" align="center">
+<tr>
+  <td>Reviewer Name</td>
+  <td>Stars</td>
+  <td>Details</td>
+  <td>Notes</td>
+  <td>Reviewer Quality (will hide)</td>
+</tr>
+
+<?php
+
+$query = mysqli_query($dbconnect, "INSERT INTO `reviews`.`user_review` (`reviewer_name`)
+VALUES ('$_POST[thename]')";
+
+
+
+
+echo "1 record added";
+
+
+
+mysql_close($dbconnect)
+
+?>
+
+</body>
+
+</html>

install.php

@@ -0,0 +1,19 @@
+<?php
+
+/**
+  * Open a connection via PDO to create a
+  * new database and table with structure.
+  *
+  */
+
+require "config.php";
+
+try {
+  $connection = new PDO("mysql:host=$host", $username, $password, $options);
+  $sql = file_get_contents("data/init.sql");
+  $connection->exec($sql);
+
+  echo "Database and table users created successfully.";
+} catch(PDOException $error) {
+  echo $sql . "<br>" . $error->getMessage();
+}

read.php

@@ -0,0 +1,80 @@
+<?php
+
+/**
+  * Function to query information based on
+  * a parameter: in this case, location.
+  *
+  */
+
+if (isset($_POST['submit'])) {
+  try {
+    require "config.php";
+    require "common.php";
+
+    $connection = new PDO($dsn, $username, $password, $options);
+
+    $sql = "SELECT *
+    FROM users
+    WHERE location = :location";
+
+    $location = $_POST['location'];
+
+    $statement = $connection->prepare($sql);
+    $statement->bindParam(':location', $location, PDO::PARAM_STR);
+    $statement->execute();
+
+    $result = $statement->fetchAll();
+  } catch(PDOException $error) {
+    echo $sql . "<br>" . $error->getMessage();
+  }
+}
+?>
+<?php require "templates/header.php"; ?>
+
+<?php
+if (isset($_POST['submit'])) {
+  if ($result && $statement->rowCount() > 0) { ?>
+    <h2>Results</h2>
+
+    <table>
+      <thead>
+<tr>
+  <th>#</th>
+  <th>First Name</th>
+  <th>Last Name</th>
+  <th>Email Address</th>
+  <th>Age</th>
+  <th>Location</th>
+  <th>Date</th>
+</tr>
+      </thead>
+      <tbody>
+  <?php foreach ($result as $row) { ?>
+      <tr>
+<td><?php echo escape($row["id"]); ?></td>
+<td><?php echo escape($row["firstname"]); ?></td>
+<td><?php echo escape($row["lastname"]); ?></td>
+<td><?php echo escape($row["email"]); ?></td>
+<td><?php echo escape($row["age"]); ?></td>
+<td><?php echo escape($row["location"]); ?></td>
+<td><?php echo escape($row["date"]); ?> </td>
+      </tr>
+    <?php } ?>
+      </tbody>
+  </table>
+  <?php } else { ?>
+    > No results found for <?php echo escape($_POST['location']); ?>.
+  <?php }
+} ?>
+
+<h2>Find user based on location</h2>
+
+<form method="post">
+  <label for="location">Location</label>
+  <input type="text" id="location" name="location">
+  <input type="submit" name="submit" value="View Results">
+</form>
+
+<a href="index.php">Back to home</a>
+
+<?php require "templates/footer.php"; ?>

templates/footer.php

@@ -0,0 +1,4 @@
+</body>
+<center>Version 1.0 Beta</center>
+<center>Copyright: Carmine Bufano 2020</center>
+</html>

templates/header.php

@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta http-equiv="x-ua-compatible" content="ie=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+
+    <title>Mobiieus Database Application</title>
+
+    <link rel="stylesheet" href="css/style.css" />
+  </head>
+
+  <body>
+    <h1>Mobiieus Database Application</h1>
+  </body>
+</html>