Freat way to manage pages

[geekhut]

I know i misspelled "Great" but maybe "FREAT" means something better than great?...

to keep things tidy i like to follow a simple template i've been using for the last long time:

directory structure

/ ->
/inc -> controller.php (or other standalone included javascript, php files
/tpl -> all template files go here (forms, output data)
/class -> all classes go here
/img ->all images go here
/css -> style.css
/index.php

INDEX.PHP

code:

<?php session_start(); ?> <?php include_once("inc/controller.php"); ?> <?php echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="keywords" content="[i]Your sites keywords[/i]" /> <meta name="description" content="[i]Your sites description[/i]" /> <title>Page Title</title> <link rel="stylesheet" type="text/css" href="css/style.css" /> </head> <body>      <div class='container'>           <div class='header'><?div>           <div class='menu'><?php menu(); ?>           <div class='content'>                    <?php controller(); ?>           </div>           <div class='footer'></div>      </div> </body> </html>

/inc/controller.php

code:

<?php include_once("class/mysql.class.php"); function controller() {      $action = $_GET['action'];      $public = array("home", "login", "register", "post");      $private = array("createPost", "editPost", "deletePost", "viewPosts");            if (isset($_SESSION['private']) {           $scope = array_merge($public, $private);      } else {           $scope = $public;      }            if (! empty($action)) {      $action = mysql_real_escape_string($action);      }      if (in_array($action, $scope)) {           return $action();      } else {           return home();      } function home() {      include_once("tpl/home.inc.php"); } function menu() {      if (isset($_SESSION['private')) {     include_once("tpl/privateMenu.inc.php");      } else {           include_once("tpl/menu.inc.php");      } } function deletePost() {         $pid = $_GET['pid'];         if (is_numeric($pid)) {              $db = new mysql("localhost", "root", "hackme", "blog");              $db->connect();              $db->select();              $db->query("DELETE FROM posts WHERE pid = '$pid'");                 echo "<div class='message'>Post $pid Has Been Deleted</div>";                 return viewPosts();         } } function createPost() {           if (isset($_POST['submit'])) {                 $title = htmlentities(mysql_real_escape_string($_POST['title']));                 $body = htmlentities(mysql_real_escape_string($_POST['body']));                 $created = date("F j, Y, g:i a");                  $db = new mysql("localhost", "root", "hackme", "blog");                 $db->connect();                 $db->select();                 $db->query("INSERT INTO posts (title, body, created) VALUES ('$title', '$body', '$created') LIMIT 1");                 echo "<div class='message'>Post $pid Has Been Deleted</div>";                 return viewPosts();           } else {                include_once("tpl/createPost.inc.php");           } }      function editPost() {           $pid = $_GET['pid'];                if (is_numeric($pid)) {                     if (isset($_POST['submit']) {                           $title = $_POST['title'];                           $body = $_POST['body'];                           $created = date("F j, Y, g:i a");                           $db = new mysql("localhost", "root", "hackme", "blog");                           $db->connect();                           $db->select();                           $db->query("UPDATE posts SET (title = '$title', body = '$body', created = '$created') WHERE pid = '$pid'  ");                           echo "<div class='message'>Your Post Has Been Saved</div>";                           return viewPosts();                      } else {                           $db = new mysql("localhost", "root", "hackme", "blog");                           $db->connect();                           $db->select();                           $db->query("SELECT * FROM posts WHERE uid = '$uid' ");                           include_once("tpl/editPost.inc.php");                } else {                 return home();                }        } } function viewPosts() {      $db = new mysql("localhost", "root", "hackme", "blog");      $db->connect();      $db->select();      $db->query("SELECT * FROM posts ORDER BY created ASC");     include_once("tpl/viewPosts.inc.php"); } ?>

tpl/viewPosts.inc.php

code:

<?php while ($row = $db->fetchObject()) {      $title = $row->title;      $body = $row->body;      $created = $row->created;      $pid = $row->pid;      echo "      <div class='posts'>      <strong>$title</title>      <p>       $body      </p>      <small>$created</small>      <br />      <a href='index.php?action=deletePost&pid=$pid'>Delete Post</a>      <br />      <a href='index.php?action=editPost&pid=$pid'>Edit Post</a>      "; } ?>

tpl/createPost.inc.php

code:

<form action = "index.php?action=createPost" method="POST"> <strong>Title</strong><br /> <input type="text" name="title" /><br /> <strong>Body</strong><br /> <textarea name="body"></textarea> <br /> <input type="submit" name="submit" value="Create Post" /> </form>

tpl/editPost.inc.php

code:

<?php $pid = $_GET['pid']; if (is_numeric($pid)) { $row = $db->fetchObject(); $title = $row->title; $body = $row->body; ?> <form action = "index.php?action=editPost&pid=<?php echo $pid; ?>" method="POST"> <strong>Title</strong><br /> <input type="text" name="title"  value = '<?php echo $title; ?>' /><br /> <strong>Body</strong><br /> <textarea name="body"><?php echo $body; ?></textarea> <br /> <input type="submit" name="submit" value="Update Post Post" /> </form> <?php      } else {           return home();      } ?>

As you can see, controlling functions is very easy using this model and it keeps your source clean and easy to navigate.

It is my own twisted way of comprehending the MVC model, except it doesnt make sense to alot of other developers.

I put snippets of html (forms) in the tpl directory so i can keep my controller clear for debugging (minimize lines of html in my controller)
i didnt include my mysql class because it is quite lengthy but it can be found in the "PHP & MYSQL" tutorial on within this board.

the controller function is simple, put the functions you want everyone to be able to do in the $public array.
put priviliged functions in the $private array.
If some jerk tries to delete a post by guessing post ids ie ()index.php?action=deletePost&pid=201) it will just return him to the home page (or wherever you specify) without deleting the post because he has not initiated a session named private.

if you would like to learn more, or if this code sucks, say so.[/b]

[geekhut]

I type with only three fingers, im sorry