I would like to make a blog on a webpage that all users on my website can add blog information to. However when the user leaves the website or refreshes the page, I don't want the information that the user blogged to be lost, it must remain there. What is the best way of handling this?
-
-
It's not really a traditional "blog" if anybody can change it, but you would store the information in a database like MySQL or in a flat text file.
I suggest you checkout WordPress or similar opensource php application that take care of most things for you. From what I read you have no sense of security. Aren't you afraid that an unauthorized person log on to your site and change the content to bad content? (Assuming this is an internet facing site, and not on an intranet.)
Dan -
Hi Dan, thanks for the info. I am fairly new to PHP, but have done much research and reading on it. I know how to put text variables into a MySQL database (i.e. using the POST method), however what command or method to you using when storing a image?
Yes you are right, security is an issue, I don't want unathorized users to post or blog information on my site. Therefore I require users to log into the site and their use of the site is maintained using PHP sessions variables, is this enough security or do you think I should add something to this?Comment
-
HTML input has <file> type. PHP can read it on the server side using $_FILES, just like $_POST (see the PHP manual). You then read this file like any other text file into a variable and use a regular insert command to insert into the DB. Your DB field should be a BLOB type. This is best to store binary information. You should also store the mime type (jpg?png?gif?) in another field (look up mime-types as well). So how do you re-display the image? Create a php page that takes an argument that can identify that record in the DB, such as the username and put it in your image tag like this:
<img src="getImage.p hp?id=123" />
getImage.php should be a script that looks for the ID, queries the database for the image field and just echo's it. Ensure you set your header("Content-type: ...") to your mime type that you stored along with the image. This will ensure you redisplay the jpg image as a jpg later and not as a gif. gif format cannot display jpg image information, just like how microsoft Word cannot open .pdf
More info: http://bytes.com/topic/mysql/answers...ng-blob-fields
As far as security, it depends on your site, if you were a bank, I'd say yes you need a heck-of-alot more security measures. sessions can be used incorrectly by beginners so I'd have to see your entire code to ensure it's secure.
Learning takes time and patience,
Good luck,
DanComment
-
Thanks Dan, this is very helpful :) Have a great week...Comment
Comment