functions.php

Let’s jump right into the project, starting with Example 21-1, functions.php, the include file of main functions. This file contains a little more than just the functions, though, because I have added the database login details here instead of using yet another separate file.

The first half-dozen lines of code define the host, database name, username, and password of the database to use. It doesn’t matter what you call the database, as long as it already exists (see Chapter 8 for how to create a new database). Also make sure to correctly assign a MySQL username and password to $dbuser and $dbpass. With correct values, the subsequent two lines will open a connection to MySQL and select the database. The last of the initial instructions sets the name of the social networking site by assigning the value “Robin’s Nest” to the variable $appname. If you want to change the name, here’s the place to do so.

The Functions

The project uses five main functions:

createTable: Checks whether a table already exists and, if not, creates it.
queryMysql: Issues a query to MySQL, outputting an error message if it fails.
destroySession: Destroys a PHP session and clears its data to log users out.
sanitizeString: Removes potentially malicious code or tags from user input.
showProfile: Displays a user’s image and “about me” message, if he has one.

All of these should be obvious in their action to you by now, with the possible exception of showProfile, which looks for an image of the name <user>.jpg (where <user> is the username of the current user) and, if found, displays it. It also displays any “about me” text the user may have saved.

I have ensured that error handling is in place for all the functions that need it, so that they can catch any typographical or other errors you may introduce and generate error messages. However, if you use any of this code on a production server, you will probably want to provide your own error-handling routines to make the code more user friendly.

Type in Example 21-1 and save it as functions.php (or download it from the companion website), and you’ll be ready to move on to the next section.

Example 21-1. functions.php

<?php // functions.php
$dbhost  = 'localhost';    // Unlikely to require changing
$dbname  = 'anexistingdb'; // Modify these...
$dbuser  = 'robinsnest';   // ...variables according
$dbpass  = 'apassword';    // ...to your installation
$appname = "Robin's Nest"; // ...and preference

mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());

function createTable($name, $query)
{
    queryMysql("CREATE TABLE IF NOT EXISTS $name($query)");
    echo "Table '$name' created or already exists.<br />";
}

function queryMysql($query)
{
    $result = mysql_query($query) or die(mysql_error());
     return $result;
}

function destroySession()
{
    $_SESSION=array();

    if (session_id() != "" || isset($_COOKIE[session_name()]))
        setcookie(session_name(), '', time()-2592000, '/');

    session_destroy();
}

function sanitizeString($var)
{
    $var = strip_tags($var);
    $var = htmlentities($var);
    $var = stripslashes($var);
    return mysql_real_escape_string($var);
}

function showProfile($user)
{
    if (file_exists("$user.jpg"))
        echo "<img src='$user.jpg' align='left' />";

    $result = queryMysql("SELECT * FROM profiles WHERE user='$user'");

    if (mysql_num_rows($result))
    {
        $row = mysql_fetch_row($result);
        echo stripslashes($row[1]) . "<br clear='left' /><br/>";
    }
}
?>