php tutorial for content management system admin panel
Content Management System Admin Panel Tutorial
please visit php code site for more php sample code .
So when a user enters correct username and password in login.php page, that is verified by verify_user.php, which in turn transfers to admin_panel.php page.
Our admin_panel.php page performs 8 different jobs.
Creating a New Category.
Deleting a existing category.
Creating a New article
Displaying all the existing articles.
Displaying articles based on categories.
Deleting existing article.
Editing existing article.
Logging out of Administration Panel.
admin_panel.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
#hold #log {
color: #EE4902;
}
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log">
<?php
echo "Welcome ".$_SESSION['name'];
echo " ";
echo "<a href=logout.php>Logout</a>";
?>
</div>
<div id="left">
<a href=new_category.php >Create New Category</a><br/>
<a href=remove_category.php >Remove a Category</a><br/>
<a href=create_new.php >Create New Article</a><br/>
<a href=admin_panel.php?id=viewall>View all Articles</a><br/><br/>
<b>Articles by Category</b>
<?php
$qry=mysql_query("SELECT * FROM category ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
/* Fetching data from the field "title" */
while($row=mysql_fetch_array($qry))
{
echo "<li><a href=admin_panel.php?cat=".$row['category'].">".$row['category']."</a></li>";
}
?>
</div>
<div id="right">
<?php
if(isset($_GET['id'])=="viewall")
{
$qry=mysql_query("SELECT * FROM articles order by articles.id DESC ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
echo "<table>";
/* Fetching data from the field "title" */
while($row=mysql_fetch_array($qry))
{
echo "<tr>";
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
echo "</tr>";
}
echo "</table>";
}
?>
<?php
if(isset($_GET['cat']))
{
$cat=$_GET['cat'];
$qry=mysql_query("SELECT * FROM articles WHERE category='$cat' order by articles.id DESC", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
echo "<table>";
while($row=mysql_fetch_array($qry))
{
//echo $row['title'];
echo "<tr>";
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
echo "</tr>";
}
echo "</table>";
}
?>
</div>
</div>
</body>
</html>
Explanation for admin_panel.phpThe first line is to start a new session.
session_start();
And the following if condition is to verify whether the logged in user is a authorized administrator. If the session is not verified as admin, the url will be directed to login.php page with a message passed through the url variable id. The following code does that.
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then as usual php connects to mysql database using hostname, username and password with mysql_connect().
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
Then the database CMS is selected using mysql_select_db() function.
$dataselect = mysql_select_db("cms",$con);
Then administrator is welcomed in the admin_panel.php page using the session[] statement.
echo "Welcome ".$_SESSION['name'];
Then a hyperlink option to logout of the admin panel is given, which when clicked, the control will transfer to logout.php page, which in turn does the actual session logout process.
echo "<a href=logout.php>Logout</a>";
A hyperlink to create a New Category is placed, which when clicked will transfer to new new_category.php page.
<a href=new_category.php >Create New Category</a><br/>
An option to remove a category is placed, which when clicked will transfer to remove_category.php page.
<a href=remove_category.php >Remove a Category</a><br/>
Also an option to create a new article is placed, which when clicked will transfer to create_new.php page.
<a href=create_new.php >Create New Article</a><br/>
View all articles options is placed which when clicked will pass a value “viewall” through the url variable id to the admin_panel.php page itself.
<a href=admin_panel.php?id=viewall>View all Articles</a><br/><br/>
Then the CMS database table category is queried to display the names of all the available categories. And the category names are displayed as hyperlinks, which when clicked will pass the respective category name to the url variable “cat” in the admin_panel.php page itself.
$qry=mysql_query("SELECT * FROM category ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
/* Fetching data from the field "title" */
while($row=mysql_fetch_array($qry))
{
echo "<li><a href=admin_panel.php?cat=".$row['category'].">".$row['category']."</a>
</li>";
}
Next a conditional statement is used to check whether the url variable id holds the value “viewall”.
if(isset($_GET['id'])=="viewall")
If the value is set the CMS database table articles is queried to display the names of all the available articles.
$qry=mysql_query("SELECT * FROM articles order by articles.id DESC ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
And these article title’s are displayed as hyperlinks in the 1st column of each table row.
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
The 2nd column of each table row is filled with edit option, which when clicked will pass their corresponding article id to the edit_article.php page.
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
The third column of the table rows are filled with delete option, which when clicked will pass the corresponding article id to delete_article.php page.
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
A conditional statement is used to check whether the url variable is set. If it is set the CMS database table articles is queried with the particular category name received through the url variable “cat” to display all the articles belonging to that particular category.
if(isset($_GET['cat']))
{
$cat=$_GET['cat'];
$qry=mysql_query("SELECT * FROM articles WHERE category='$cat' order by articles.id DESC", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
echo "<table>";
}
And those articles are displayed in the 1st columns of the table, whereas the 2nd and 3rd columns are used for editing the articles and deleting the articles respectively.
while($row=mysql_fetch_array($qry))
{
echo "<tr>";
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
echo "</tr>";
}
admin_style.css
#hold {
float: left;
height: 500px;
width: 900px;
position: relative;
}
#top {
float: left;
height: 60px;
width: 900px;
position: relative;
background-color: #F60;
}
#log {
height: 25px;
width: 900px;
float: left;
position: relative;
}
#left {
float: left;
width: 300px;
position: relative;
padding-top: 10px;
padding-left: 20px;
}
#right {
float: left;
width: 500px;
padding-top: 10px;
padding-left: 20px;
position: relative;
left: 20px;
}
#hold #top h2 {
color: #EE4902;
}
#hold #top h2 {
color: #000;
}
#hold #top h2 {
color: #FFF;
}
#work_area {
float: left;
width: 800px;
position: relative;
padding-top: 20px;
padding-left: 50px;
}
#hold #work_area h2 {
color: #EE4902;
}
#hold #work_area #form1 p {
color: #EE4902;
}
#hold #work_area p {
color: #EE4902;
}
#hold #work_area #form1 {
color: #EE4902;
}
table
{
border:1px solid black;
border-collapse:collapse;
}
td
{
border:1px solid black;
}
Creating new Categories in cms website
We need to create new categories, so that, we can group / post the articles specific to that particular category under it.
In the admin_panel.php page, there is a hyperlink ‘Create New Category’, which when clicked will transfer to a page called new_category.php
So we will deal with new_category.php page now.
new_category.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Category
</h2>
<p>_______________________________________________________
____________________________________________</p>
<form id="form1" name="form1" method="post" action="category_created.php">
Enter a New Category Name :
<label for="cat"></label>
<input type="text" name="cat" id="cat" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
</div>
</div>
</body>
</html>
Explanation for new_category.php
As usual the first line is to start a new session.
session_start();
Then the $_SESSION[‘name’] is checked to make sure that the logged in user is the admin. If the session is not admin, the control is transferred back to login.php with a url message.
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then a html <form> is created with a input box named ‘cat’ and a submit button. When the submit button is clicked, the control will be transferred to category_created.php page. The category name entered in the input box is transferred to category_created.php page through the input box name ‘cat’ by the method of POST.
<form id="form1" name="form1" method="post" action="category_created.php">
Enter a New Category Name :
<label for="cat"></label>
<input type="text" name="cat" id="cat" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
The category name entered through <input> box in new_category.php is transferred to category_created.php through the <input> box named ‘cat’.
category_created.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Category
</h2>
<p>________________________________________________________
___________________________________________</p>
<?php
$cat=$_POST['cat'];
$qry=mysql_query("INSERT INTO category(category)VALUES('$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$cat." Added Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for category_created.php
The first step is to start a new session and make sure the logged in user is the admin.
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then connection is established with mysql using mysql_connect().
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
Then the ‘cms’ database is selected using mysql_select_db().
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
Now the category name received from new_category.php page is stored in a variable $cat.
$cat=$_POST['cat'];
Then mysql_query() is used to insert the category name into database table ‘category’.
$qry=mysql_query("INSERT INTO category(category)VALUES('$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$cat." Added Successfully";
echo "<br/>";
}
Removing a Category from cms
When the hyperlink ‘Remove Category’ is clicked in admin_panel.php page, the control is transferred to remove_category.php.
remove_category.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Category
</h2>
<p>_________________________________________________________
__________________________________________</p>
<?php
$qry=mysql_query("SELECT * FROM category", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
?>
<form id="form1" name="form1" method="post" action="category_removed.php">
Select a Category to be Removed :
<label for="category"></label>
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
<input type="submit" name="submit" id="submit" value="Remove" />
</form>
<?php
?>
</div>
</div>
</body>
</html>
Explanation for remove_category.php
First step is to start a new session and made sure that the logged in user is the admin, Else the control will be transferred back to login.php with a url message.
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then connection is established with mysql using mysql_connect().
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
Then the database ‘cms is selected using mysql_select_db().
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
Then mysql_query is used to select all the existing categories from the database table category.
$qry=mysql_query("SELECT * FROM category", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
The categories are displayed in the select box using mysql_fetch_array().
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
When the submit button is clicked the selected category in the select box is transferred to category_removed.php by the method of post.
<form id="form1" name="form1" method="post" action="category_removed.php">
category_removed.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Category
</h2>
<p>___________________________________________________________
________________________________________</p>
<?php
$cat=$_POST['category'];
$qry=mysql_query("DELETE FROM category WHERE category='$cat'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Category ".$cat." removed Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for category_removed.php
The category received is stored in the variable $cat.
$cat=$_POST['category'];
Then the received category is deleted from the database table category using DELETE statement in mysql_query().
$qry=mysql_query("DELETE FROM category WHERE category='$cat'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Category ".$cat." removed Successfully";
echo "<br/>";
}
Content Management System Tutorial on Creating New Article
When the hyperlink ‘Create new Article’ is clicked in admin_panel.php, the control is transferred to create_new.php page.
create_new.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Article
</h2>
<p>_________________________________________________________
__________________________________________</p>
<?php
$qry=mysql_query("SELECT * FROM category", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
?>
<form action="article_created.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>Category :
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
</p>
<p>Title :
<label for="title"></label>
<input type="text" name="title" id="title" />
</p>
<p>Upload Image :
<label for="image"></label>
<input type="file" name="image" id="image" />
</p>
<p>Page Contents :
<label for="contents"></label>
<textarea name="contents" cols="100" rows="12" id="contents"></textarea>
</p>
<p>
<input type="submit" name="button" id="button" value="Submit" />
<input type="reset" name="button3" id="button3" value="Reset" />
</p>
</form>
</div>
</div>
</body>
</html>
Explanation for create_new.php
create_new.php page displays a form with a select box, a text box, a file browser and a text area along with a submit button.
All the names of the categories are queried to select box from the database table category.
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
The <input> box is used to type the title of the article to be created.
<input type="text" name="title" id="title" />
A file <input> box is used to upload images, if any.
<input type="file" name="image" id="image" />
The text area is used to type the actual content of the article.
<textarea name="contents" cols="100" rows="12" id="contents"></textarea>
When the submit button is clicked the control is transferred to article_created.php .
article_created.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
$name=$_FILES['image']['name'];
$tmp=$_FILES['image']['tmp_name'];
$err=$_FILES['image']['error'];
if($err==0)
{
move_uploaded_file($tmp, $name);
}
$cat=$_POST['category'];
$tit=$_POST['title'];
$img=$_FILES["image"]["name"];
$cont=$_POST['contents'];
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
$qry=mysql_query("INSERT INTO articles(title,image,contents,category)VALUES('$tit','$img','$cont','$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article Added Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for article_created.php
All the data’s typed in the create_new.php form page is received to article_created.php page.
They are inserted into the database table ‘articles’ using mysql_query().
$qry=mysql_query("INSERT INTO articles(title,image,contents,category)VALUES('$tit','$img','$cont','$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
And a message is echoed to output.
echo "Article Added Successfully";
Content Management System Tutorial on Editing the Article
edit_article.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
if(isset($_GET['id']))
{
$id=$_GET['id'];
$qry=mysql_query("SELECT * FROM articles WHERE id=$id", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
/* Fetching data from the field "title" */
$row=mysql_fetch_array($qry);
echo $row['id'];
echo $row['category'];
echo $row['title'];
echo $row['image'];
echo $row['contents'];
}
?>
<form action="article_edited.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>Article Id :
<input type="text" name="id" id="idd" value="<?php echo $row['id']; ?>" />
</p>
<p>Category :
<label for="cat"></label>
<input type="text" name="category" id="category" value="<?php echo $row['category']; ?>" />
</p>
<p>Title :
<label for="tit"></label>
<input type="text" name="title" id="title" value="<?php echo $row['title']; ?>" />
</p>
<p>Image :
<label for="image"></label>
<input type="file" name="image" id="image" />
(Upload New Image only is there is a change in the existing image)</p>
<p>Contents :
<label for="cont"></label>
<textarea name="contents" id="contents" cols="100" rows="12" ><?php echo $row['contents']; ?></textarea>
</p>
<p align="center">
<input type="submit" name="Submit" id="Submit" value="Submit" />
</p>
</form>
</div>
</div>
</body>
</html>
Explanation for edit_article.php
When the edit link is clicked in admin_panel.php the corresponding article id is transferred to edit_article.php using the url variable id.
The received article is is used to query the corresponding article in the database table ‘articles’
$id=$_GET['id'];
$qry=mysql_query("SELECT * FROM articles WHERE id=$id", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
Then they bare displayed in the suitable html <form> elements.
<form action="article_edited.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>Article Id :
<input type="text" name="id" id="idd" value="<?php echo $row['id']; ?>" />
</p>
<p>Category :
<label for="cat"></label>
<input type="text" name="category" id="category" value="<?php echo $row['category']; ?>" />
</p>
<p>Title :
<label for="tit"></label>
<input type="text" name="title" id="title" value="<?php echo $row['title']; ?>" />
</p>
<p>Image :
<label for="image"></label>
<input type="file" name="image" id="image" />
(Upload New Image only is there is a change in the existing image)</p>
<p>Contents :
<label for="cont"></label>
<textarea name="contents" id="contents" cols="100" rows="12" ><?php echo $row['contents']; ?></textarea>
</p>
<p align="center">
<input type="submit" name="Submit" id="Submit" value="Submit" />
</p>
</form>
Administrator can now made necessary changes to the data.
When the submit button is clicked, the edited data’s are transferred to article_edited.php page through the method of POST.
article_edited.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<?php
$id=$_POST['id'];
$cat=$_POST['category'];
$tit=$_POST['title'];
$img=$_FILES["image"]["name"];
$cont=$_POST['contents'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
if($img)
{
$name=$_FILES['image']['name'];
$tmp=$_FILES['image']['tmp_name'];
$err=$_FILES['image']['error'];
if($err==0)
{
move_uploaded_file($tmp, $name);
}
$qry=mysql_query("UPDATE articles SET image='$img' WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
}
?>
<?php
$qry=mysql_query("UPDATE articles SET category='$cat',title='$tit',contents='$cont' WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article updated Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for article_edited.php
The data’s received from the edit_article.php page is updated in the database table article using UPDATE statement in mysql_query().
$qry=mysql_query("UPDATE articles SET category='$cat',title='$tit',contents='$cont' WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article updated Successfully";
echo "<br/>";
}
\Content Management System Tutorial on Deleting the Articles from Admin panel
deleting_article.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
if(isset($_GET['id']))
{
$id=$_GET['id'];
$qry=mysql_query("DELETE FROM articles WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$id." DELETED Successfully";
echo "<br/>";
}
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for deleting_article.php
When the delete link is clicked in the admin_panel.php, the corresponding article id is transferred to deleting_article.php page.
The received article id is used to delete the particular article from the database table articles using DELETE statement in mysql_query().
if(isset($_GET['id']))
{
$id=$_GET['id'];
$qry=mysql_query("DELETE FROM articles WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$id." DELETED Successfully";
echo "<br/>";
}
}
Content management System Tutorial on Session Logout
logout.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<?php
session_start();
$_SESSION=array();
setcookie(session_name(),"",time()-3600);
session_destroy();
header("Location: login.php?id=You are successfully logged out");
?>
<body>
</body>
</html>
Explanation for logout.php
Logging out is done by 3 simple steps.
Starting the session.
session_start();
Clearing the cookies.
setcookie(session_name(),"",time()-3600);
And by destroying the session.
session_destroy();
And the control is transfered back to login.php page with a url message "You are successfully loged out".
please visit php code site for more php sample code .
So when a user enters correct username and password in login.php page, that is verified by verify_user.php, which in turn transfers to admin_panel.php page.
Our admin_panel.php page performs 8 different jobs.
Creating a New Category.
Deleting a existing category.
Creating a New article
Displaying all the existing articles.
Displaying articles based on categories.
Deleting existing article.
Editing existing article.
Logging out of Administration Panel.
admin_panel.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
#hold #log {
color: #EE4902;
}
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log">
<?php
echo "Welcome ".$_SESSION['name'];
echo " ";
echo "<a href=logout.php>Logout</a>";
?>
</div>
<div id="left">
<a href=new_category.php >Create New Category</a><br/>
<a href=remove_category.php >Remove a Category</a><br/>
<a href=create_new.php >Create New Article</a><br/>
<a href=admin_panel.php?id=viewall>View all Articles</a><br/><br/>
<b>Articles by Category</b>
<?php
$qry=mysql_query("SELECT * FROM category ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
/* Fetching data from the field "title" */
while($row=mysql_fetch_array($qry))
{
echo "<li><a href=admin_panel.php?cat=".$row['category'].">".$row['category']."</a></li>";
}
?>
</div>
<div id="right">
<?php
if(isset($_GET['id'])=="viewall")
{
$qry=mysql_query("SELECT * FROM articles order by articles.id DESC ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
echo "<table>";
/* Fetching data from the field "title" */
while($row=mysql_fetch_array($qry))
{
echo "<tr>";
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
echo "</tr>";
}
echo "</table>";
}
?>
<?php
if(isset($_GET['cat']))
{
$cat=$_GET['cat'];
$qry=mysql_query("SELECT * FROM articles WHERE category='$cat' order by articles.id DESC", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
echo "<table>";
while($row=mysql_fetch_array($qry))
{
//echo $row['title'];
echo "<tr>";
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
echo "</tr>";
}
echo "</table>";
}
?>
</div>
</div>
</body>
</html>
Explanation for admin_panel.phpThe first line is to start a new session.
session_start();
And the following if condition is to verify whether the logged in user is a authorized administrator. If the session is not verified as admin, the url will be directed to login.php page with a message passed through the url variable id. The following code does that.
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then as usual php connects to mysql database using hostname, username and password with mysql_connect().
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
Then the database CMS is selected using mysql_select_db() function.
$dataselect = mysql_select_db("cms",$con);
Then administrator is welcomed in the admin_panel.php page using the session[] statement.
echo "Welcome ".$_SESSION['name'];
Then a hyperlink option to logout of the admin panel is given, which when clicked, the control will transfer to logout.php page, which in turn does the actual session logout process.
echo "<a href=logout.php>Logout</a>";
A hyperlink to create a New Category is placed, which when clicked will transfer to new new_category.php page.
<a href=new_category.php >Create New Category</a><br/>
An option to remove a category is placed, which when clicked will transfer to remove_category.php page.
<a href=remove_category.php >Remove a Category</a><br/>
Also an option to create a new article is placed, which when clicked will transfer to create_new.php page.
<a href=create_new.php >Create New Article</a><br/>
View all articles options is placed which when clicked will pass a value “viewall” through the url variable id to the admin_panel.php page itself.
<a href=admin_panel.php?id=viewall>View all Articles</a><br/><br/>
Then the CMS database table category is queried to display the names of all the available categories. And the category names are displayed as hyperlinks, which when clicked will pass the respective category name to the url variable “cat” in the admin_panel.php page itself.
$qry=mysql_query("SELECT * FROM category ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
/* Fetching data from the field "title" */
while($row=mysql_fetch_array($qry))
{
echo "<li><a href=admin_panel.php?cat=".$row['category'].">".$row['category']."</a>
</li>";
}
Next a conditional statement is used to check whether the url variable id holds the value “viewall”.
if(isset($_GET['id'])=="viewall")
If the value is set the CMS database table articles is queried to display the names of all the available articles.
$qry=mysql_query("SELECT * FROM articles order by articles.id DESC ", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
And these article title’s are displayed as hyperlinks in the 1st column of each table row.
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
The 2nd column of each table row is filled with edit option, which when clicked will pass their corresponding article id to the edit_article.php page.
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
The third column of the table rows are filled with delete option, which when clicked will pass the corresponding article id to delete_article.php page.
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
A conditional statement is used to check whether the url variable is set. If it is set the CMS database table articles is queried with the particular category name received through the url variable “cat” to display all the articles belonging to that particular category.
if(isset($_GET['cat']))
{
$cat=$_GET['cat'];
$qry=mysql_query("SELECT * FROM articles WHERE category='$cat' order by articles.id DESC", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
echo "<table>";
}
And those articles are displayed in the 1st columns of the table, whereas the 2nd and 3rd columns are used for editing the articles and deleting the articles respectively.
while($row=mysql_fetch_array($qry))
{
echo "<tr>";
echo "<td><a href=articles.php?id=".$row['id'].">".$row['title']."</a></td>";
echo "<td><a href=edit_article.php?id=".$row['id'].">edit</a></td>";
echo "<td><a href=delete_article.php?id=".$row['id'].">delete</a></td>";
echo "</tr>";
}
admin_style.css
#hold {
float: left;
height: 500px;
width: 900px;
position: relative;
}
#top {
float: left;
height: 60px;
width: 900px;
position: relative;
background-color: #F60;
}
#log {
height: 25px;
width: 900px;
float: left;
position: relative;
}
#left {
float: left;
width: 300px;
position: relative;
padding-top: 10px;
padding-left: 20px;
}
#right {
float: left;
width: 500px;
padding-top: 10px;
padding-left: 20px;
position: relative;
left: 20px;
}
#hold #top h2 {
color: #EE4902;
}
#hold #top h2 {
color: #000;
}
#hold #top h2 {
color: #FFF;
}
#work_area {
float: left;
width: 800px;
position: relative;
padding-top: 20px;
padding-left: 50px;
}
#hold #work_area h2 {
color: #EE4902;
}
#hold #work_area #form1 p {
color: #EE4902;
}
#hold #work_area p {
color: #EE4902;
}
#hold #work_area #form1 {
color: #EE4902;
}
table
{
border:1px solid black;
border-collapse:collapse;
}
td
{
border:1px solid black;
}
Creating new Categories in cms website
We need to create new categories, so that, we can group / post the articles specific to that particular category under it.
In the admin_panel.php page, there is a hyperlink ‘Create New Category’, which when clicked will transfer to a page called new_category.php
So we will deal with new_category.php page now.
new_category.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Category
</h2>
<p>_______________________________________________________
____________________________________________</p>
<form id="form1" name="form1" method="post" action="category_created.php">
Enter a New Category Name :
<label for="cat"></label>
<input type="text" name="cat" id="cat" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
</div>
</div>
</body>
</html>
Explanation for new_category.php
As usual the first line is to start a new session.
session_start();
Then the $_SESSION[‘name’] is checked to make sure that the logged in user is the admin. If the session is not admin, the control is transferred back to login.php with a url message.
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then a html <form> is created with a input box named ‘cat’ and a submit button. When the submit button is clicked, the control will be transferred to category_created.php page. The category name entered in the input box is transferred to category_created.php page through the input box name ‘cat’ by the method of POST.
<form id="form1" name="form1" method="post" action="category_created.php">
Enter a New Category Name :
<label for="cat"></label>
<input type="text" name="cat" id="cat" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
The category name entered through <input> box in new_category.php is transferred to category_created.php through the <input> box named ‘cat’.
category_created.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Category
</h2>
<p>________________________________________________________
___________________________________________</p>
<?php
$cat=$_POST['cat'];
$qry=mysql_query("INSERT INTO category(category)VALUES('$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$cat." Added Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for category_created.php
The first step is to start a new session and make sure the logged in user is the admin.
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then connection is established with mysql using mysql_connect().
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
Then the ‘cms’ database is selected using mysql_select_db().
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
Now the category name received from new_category.php page is stored in a variable $cat.
$cat=$_POST['cat'];
Then mysql_query() is used to insert the category name into database table ‘category’.
$qry=mysql_query("INSERT INTO category(category)VALUES('$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$cat." Added Successfully";
echo "<br/>";
}
Removing a Category from cms
When the hyperlink ‘Remove Category’ is clicked in admin_panel.php page, the control is transferred to remove_category.php.
remove_category.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Category
</h2>
<p>_________________________________________________________
__________________________________________</p>
<?php
$qry=mysql_query("SELECT * FROM category", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
?>
<form id="form1" name="form1" method="post" action="category_removed.php">
Select a Category to be Removed :
<label for="category"></label>
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
<input type="submit" name="submit" id="submit" value="Remove" />
</form>
<?php
?>
</div>
</div>
</body>
</html>
Explanation for remove_category.php
First step is to start a new session and made sure that the logged in user is the admin, Else the control will be transferred back to login.php with a url message.
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
Then connection is established with mysql using mysql_connect().
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
Then the database ‘cms is selected using mysql_select_db().
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
Then mysql_query is used to select all the existing categories from the database table category.
$qry=mysql_query("SELECT * FROM category", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
The categories are displayed in the select box using mysql_fetch_array().
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
When the submit button is clicked the selected category in the select box is transferred to category_removed.php by the method of post.
<form id="form1" name="form1" method="post" action="category_removed.php">
category_removed.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Category
</h2>
<p>___________________________________________________________
________________________________________</p>
<?php
$cat=$_POST['category'];
$qry=mysql_query("DELETE FROM category WHERE category='$cat'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Category ".$cat." removed Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for category_removed.php
The category received is stored in the variable $cat.
$cat=$_POST['category'];
Then the received category is deleted from the database table category using DELETE statement in mysql_query().
$qry=mysql_query("DELETE FROM category WHERE category='$cat'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Category ".$cat." removed Successfully";
echo "<br/>";
}
Content Management System Tutorial on Creating New Article
When the hyperlink ‘Create new Article’ is clicked in admin_panel.php, the control is transferred to create_new.php page.
create_new.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<h2>Creat New Article
</h2>
<p>_________________________________________________________
__________________________________________</p>
<?php
$qry=mysql_query("SELECT * FROM category", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
?>
<form action="article_created.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>Category :
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
</p>
<p>Title :
<label for="title"></label>
<input type="text" name="title" id="title" />
</p>
<p>Upload Image :
<label for="image"></label>
<input type="file" name="image" id="image" />
</p>
<p>Page Contents :
<label for="contents"></label>
<textarea name="contents" cols="100" rows="12" id="contents"></textarea>
</p>
<p>
<input type="submit" name="button" id="button" value="Submit" />
<input type="reset" name="button3" id="button3" value="Reset" />
</p>
</form>
</div>
</div>
</body>
</html>
Explanation for create_new.php
create_new.php page displays a form with a select box, a text box, a file browser and a text area along with a submit button.
All the names of the categories are queried to select box from the database table category.
<select name="category" id="category">
<?php
while($row=mysql_fetch_array($qry))
{
echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
?>
</select>
The <input> box is used to type the title of the article to be created.
<input type="text" name="title" id="title" />
A file <input> box is used to upload images, if any.
<input type="file" name="image" id="image" />
The text area is used to type the actual content of the article.
<textarea name="contents" cols="100" rows="12" id="contents"></textarea>
When the submit button is clicked the control is transferred to article_created.php .
article_created.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
$name=$_FILES['image']['name'];
$tmp=$_FILES['image']['tmp_name'];
$err=$_FILES['image']['error'];
if($err==0)
{
move_uploaded_file($tmp, $name);
}
$cat=$_POST['category'];
$tit=$_POST['title'];
$img=$_FILES["image"]["name"];
$cont=$_POST['contents'];
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
$qry=mysql_query("INSERT INTO articles(title,image,contents,category)VALUES('$tit','$img','$cont','$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article Added Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for article_created.php
All the data’s typed in the create_new.php form page is received to article_created.php page.
They are inserted into the database table ‘articles’ using mysql_query().
$qry=mysql_query("INSERT INTO articles(title,image,contents,category)VALUES('$tit','$img','$cont','$cat')", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
And a message is echoed to output.
echo "Article Added Successfully";
Content Management System Tutorial on Editing the Article
edit_article.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
if(isset($_GET['id']))
{
$id=$_GET['id'];
$qry=mysql_query("SELECT * FROM articles WHERE id=$id", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
/* Fetching data from the field "title" */
$row=mysql_fetch_array($qry);
echo $row['id'];
echo $row['category'];
echo $row['title'];
echo $row['image'];
echo $row['contents'];
}
?>
<form action="article_edited.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>Article Id :
<input type="text" name="id" id="idd" value="<?php echo $row['id']; ?>" />
</p>
<p>Category :
<label for="cat"></label>
<input type="text" name="category" id="category" value="<?php echo $row['category']; ?>" />
</p>
<p>Title :
<label for="tit"></label>
<input type="text" name="title" id="title" value="<?php echo $row['title']; ?>" />
</p>
<p>Image :
<label for="image"></label>
<input type="file" name="image" id="image" />
(Upload New Image only is there is a change in the existing image)</p>
<p>Contents :
<label for="cont"></label>
<textarea name="contents" id="contents" cols="100" rows="12" ><?php echo $row['contents']; ?></textarea>
</p>
<p align="center">
<input type="submit" name="Submit" id="Submit" value="Submit" />
</p>
</form>
</div>
</div>
</body>
</html>
Explanation for edit_article.php
When the edit link is clicked in admin_panel.php the corresponding article id is transferred to edit_article.php using the url variable id.
The received article is is used to query the corresponding article in the database table ‘articles’
$id=$_GET['id'];
$qry=mysql_query("SELECT * FROM articles WHERE id=$id", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
Then they bare displayed in the suitable html <form> elements.
<form action="article_edited.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>Article Id :
<input type="text" name="id" id="idd" value="<?php echo $row['id']; ?>" />
</p>
<p>Category :
<label for="cat"></label>
<input type="text" name="category" id="category" value="<?php echo $row['category']; ?>" />
</p>
<p>Title :
<label for="tit"></label>
<input type="text" name="title" id="title" value="<?php echo $row['title']; ?>" />
</p>
<p>Image :
<label for="image"></label>
<input type="file" name="image" id="image" />
(Upload New Image only is there is a change in the existing image)</p>
<p>Contents :
<label for="cont"></label>
<textarea name="contents" id="contents" cols="100" rows="12" ><?php echo $row['contents']; ?></textarea>
</p>
<p align="center">
<input type="submit" name="Submit" id="Submit" value="Submit" />
</p>
</form>
Administrator can now made necessary changes to the data.
When the submit button is clicked, the edited data’s are transferred to article_edited.php page through the method of POST.
article_edited.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<?php
$id=$_POST['id'];
$cat=$_POST['category'];
$tit=$_POST['title'];
$img=$_FILES["image"]["name"];
$cont=$_POST['contents'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
if($img)
{
$name=$_FILES['image']['name'];
$tmp=$_FILES['image']['tmp_name'];
$err=$_FILES['image']['error'];
if($err==0)
{
move_uploaded_file($tmp, $name);
}
$qry=mysql_query("UPDATE articles SET image='$img' WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
}
?>
<?php
$qry=mysql_query("UPDATE articles SET category='$cat',title='$tit',contents='$cont' WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article updated Successfully";
echo "<br/>";
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for article_edited.php
The data’s received from the edit_article.php page is updated in the database table article using UPDATE statement in mysql_query().
$qry=mysql_query("UPDATE articles SET category='$cat',title='$tit',contents='$cont' WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article updated Successfully";
echo "<br/>";
}
\Content Management System Tutorial on Deleting the Articles from Admin panel
deleting_article.php
<?php
session_start();
if(isset($_SESSION['name']))
{
if(!$_SESSION['name']=='admin')
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
}
else
{
header("Location:login.php?id=You are not authorised to access this page unless you are administrator of this website");
}
?>
<?php
/*
connecting to mysql database
hostname : localhost
username : root
password : 123456
*/
$con = mysql_connect("localhost","root","123456");
if(!$con)
{
die("connection to database failed".mysql_error());
}
/* selecting the database "cms" */
$dataselect = mysql_select_db("cms",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
</style>
<link href="admin_style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="hold">
<div id="top">
<h2 align="center">CONTENT MANAGEMENT SYSTEM ADMINISTRATION PANEL</h2>
</div>
<div id="log"></div>
<div id="work_area">
<?php
if(isset($_GET['id']))
{
$id=$_GET['id'];
$qry=mysql_query("DELETE FROM articles WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$id." DELETED Successfully";
echo "<br/>";
}
}
?>
<a href=admin_panel.php>Go back to Admin Panel</a>
</div>
</div>
</body>
</html>
Explanation for deleting_article.php
When the delete link is clicked in the admin_panel.php, the corresponding article id is transferred to deleting_article.php page.
The received article id is used to delete the particular article from the database table articles using DELETE statement in mysql_query().
if(isset($_GET['id']))
{
$id=$_GET['id'];
$qry=mysql_query("DELETE FROM articles WHERE id='$id'", $con);
if(!$qry)
{
die("Query Failed: ". mysql_error());
}
else
{
echo "<br/>";
echo "Article ".$id." DELETED Successfully";
echo "<br/>";
}
}
Content management System Tutorial on Session Logout
logout.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<?php
session_start();
$_SESSION=array();
setcookie(session_name(),"",time()-3600);
session_destroy();
header("Location: login.php?id=You are successfully logged out");
?>
<body>
</body>
</html>
Explanation for logout.php
Logging out is done by 3 simple steps.
Starting the session.
session_start();
Clearing the cookies.
setcookie(session_name(),"",time()-3600);
And by destroying the session.
session_destroy();
And the control is transfered back to login.php page with a url message "You are successfully loged out".
Comments
Post a Comment