make backup of file, before updating it

[sd0t1]

I have a 2 field table (name, content). I created an update form that displays a text area to edit the content. The user then makes changes to the content and clicks "update" to overwrite the current content.
But I need a backup of the original content in case the user makes a mistake. I would like to re-name the original content before it's updated, name+datestamp.
can someone help me figure the best way to do this.

Thanks, I checked the knowledgebase already.

 

[jpadie]

why bother making a copy? just expand the table schema to introduce a timestamp and an ID field and then when you retrieve the content make sure you retrieve the row with the highest timestamp. this way you have an easy way to allow the user to roll back too: just display all the entries with a checkbox for the user to resubmit the version he/she wants to re-enliven?

$result= mysql_query("select id, `name`, content, date_updated from [tablename] order by date_updated desc limit 1");

if (isset ($_POST['submit'] && isset($_POST['enliven_id'])){
  mysql_query('Update [tablename] set date_updated=now() where id='".mysql_real_escape_string(trim($_POST['enliven_id']))."');
} else {
mysql_query ("
insert into [tablename]
set
`name`='".mysql_real_escape_string(trim($_POST['name']))."',
`content` = '".mysql_real_escape_string(trim($_POST['content']))."',
`date_updated` = now()";

$output = <<<EOL
<form method="post" action="{$_SERVER['PHP_SELF'}" >
<table border='1'>
  <tr>
    <th>name</th>
    <th>content</th>
    <th>time</th>
    <th>make live</th>
  </tr>
EOL;
$result = mysql_query ("select id, `name`, content, date_updated from [tablename]") or die (mysql_error());
while ($row=mysql_fetch_assoc($result)){
 $output .= <<<EOL
  <tr>
    <td>{$row['name']}</td>
    <td>{$row['content']}</td>
    <td>{$row['date_updated']</td>
    <td><input type="radio" name="enliven_id" value="{$row['id']}" /></td>
  </tr>
EOL;
} //end of while clause
$output .= <<<EOL
  <tr>
   <td colspan="4">
     <input type="reset" name="reset" value="reset"/>
     <input type="submit" name="submit" value="Change"/>
   </td
  </tr>
</table>
</form>
EOL;

echo $output;
} //end master IF conditional

 

[sd0t1]

thanks this is great. I did make the database change and now i'm able to use the timestamp to display only the last updated content.
But now I can't figure out how to modify your code to work with my existing code. I got the "retrievinglastentry" and the "else" part of the "updatedatabase", but I can't figure out how to incorporate the top part of the "updatedatabase" if statement. And I even more confused as to incorporating the "fulllisting".
Here is my current code. __ I appreciate your help __


$colname_content = "-1";
if (isset($_GET['page_name'])) {
$colname_content = (get_magic_quotes_gpc()) ? $_GET['page_name'] : addslashes($_GET['page_name']);
}
mysql_select_db($database_html_content, $html_content);
$query_content = sprintf("SELECT * FROM html_content WHERE page_name = '%s' ORDER BY date_updated DESC limit 1", $colname_content);
$content = mysql_query($query_content, $html_content) or die(mysql_error());
$row_content = mysql_fetch_assoc($content);
$totalRows_content = mysql_num_rows($content);


//I need to add the first part of the IF statement here, but I don't know how.

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form2")) {
$insertSQL = sprintf("INSERT INTO html_content (page_name, page_content, date_updated) VALUES (%s, %s, NOW())",
GetSQLValueString($_POST['page_name'], "text"),
GetSQLValueString($_POST['page_content'], "text"));

mysql_select_db($database_html_content, $html_content);
$Result1 = mysql_query($insertSQL, $html_content) or die(mysql_error());

$insertGoTo = "test.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}


Where and How do add the Fulllisting portion???

Thanks.

 

[jpadie]

the if statement in updatedb just checks whether the update script is being called to add a whole record to the database or just make an old record live once more.

this code might make things clearer. put it into a blank file and provide it with your db connection script at the start and then point your browser at it. hopefully it should exemplify what i meant.

<?
//switch board section
$action = isset($_POST['action']) ? $_POST['action'] : '';

switch($action){
	case "Edit Page":
		editPage();
	break;
	case "New Page":
		displayPage();
	break;
	case "Save Page":
		if(savePage()){
			displayAllPageNames();
		}else{
			displayPage($_POST['page_name'], $_POST['page_content'], implode("<br/>", $GLOBALS['msg']));
		}
	break;
	case "Roll Back":
		rollBackDisplay();
	break;
	case "Make Change":
		commitRollBack();
		displayAllPageNames();
	break;
	case "List Pages":
	default:
		displayAllPageNames();
}
////end of switchboard
function commitRollBack(){
	if (!isset($_POST['enliven_id'])){
		die ("error, no roll back item selected");
	}else{
		$id=mysql_real_escape_string(trim($_POST['enliven_id']));
	}
	mysql_query("
					Update
						html_content
					set
						date_updated=now()
					where
						id='$id'")
		or die(mysql_error());
}

function editPage(){
	if(isset($_POST['id'])){
		$id = mysql_real_escape_string(trim($_POST['id']));
		$result = mysql_query("select id, page_name, page_content from html_content where id='$id'");
		if (mysql_num_rows($result) == 0){
			die ("error in query. Id not found");
		}
		$row = mysql_fetch_assoc($result);
		displayPage($row['page_name'], $row['page_content'], $row['id'],null);
	} else {
	displayAllPageNames();	
	}
}

function savePage(){
	if (empty($_POST['page_name'])){
		$msg[] = "You have not provided a page name";
	}
	if (empty($_POST['page_content'])){
		$msg[] = "You have not provided any page content";
	}
	if (count($msg) > 0){
		$_GLOBAL['msg'] = $msg;
		return false;
	}
	
	
	//cleanse each item
	//nb we don't need $id as we always insert not update
	$array = array("page_content", "page_name");
	foreach ($array as $f){
		$q[] = "$f='".mysql_real_escape_string(trim($_POST[$f]))."'";
	}
	
	$qry = "
				Insert 
					into html_content
				set
					id=null,
					date_updated=now()," . implode(",", $q);
					
	$r = @mysql_query($qry);	
	if ($r){
		return true;
	}else{
		die(mysql_error());
	}
	
}



function displayPage($page_name=null, $content=null, $msg=null){
echo <<<EOL
$msg<br/>
<form action="{$_SERVER['PHP_SELF']}" method="post" enctype="multipart/form-data">
<table border="1" width="100%">
	<tr>
		<td width="15%">Page Name:</td>
		<td width="85%"><input type="text" name="page_name" value=$page_name/></td>
	</tr>
	<tr>
		<td>Content:</td>
		<td><textarea name="page_content">$content</textarea></td>
	</tr>
	<tr>
		<td colspan="2">
			<input type="reset" value="reset" />
			<input type="submit" name="action" value="Save Page" />
		</td>
	</tr>
</table>
</form>
EOL;
}

function displayAllPageNames(){
	$result=mysql_query("select distinct id, page_name from html_content")
		or die(mysql_error());
	echo <<<EOL
<table border="1">
	<tr>
		<th>Page Name</th>
		<th>			
			<form action="{$_SERVER['PHP_SELF']}" method="post">
				<input type="submit" name="action" value="New Page" />
			</form>
		</th>
	</tr>
EOL;
	while($row = mysql_fetch_assoc($result)){
		echo <<<EOL
	<tr>
		<td>{$row['page_name']}</td>
		<td>
			<form action="{$_SERVER['PHP_SELF']}" method="post">
				<input type="hidden" name="id" value="{$row['id']}" />
				<input type="hidden" name="id" value="{$row['page_name']}" />
				<input type="submit" name="action" value="Edit Page" />
				<input type="submit" name="action" value="Roll Back" />
			</form>
		</td>
	</tr>
EOL;
	}	//end of while clause
	echo "</table>";	
}

function rollBackDisplay(){
	$output = <<<EOL
<form method="post" action="{$_SERVER['PHP_SELF']}" >
<table border='1'>
  <tr>
    <th>name</th>
    <th>content</th>
    <th>time</th>
    <th>make live</th>
  </tr>
EOL;
	$result = mysql_query ("
						select 
							id, 
							page_name, 
							content, 
							date_updated 
						from 
							html_content 
						where 
							page_name='".mysql_real_escape_string(trim($_POST['page_name']))."'") 
				or die (mysql_error());

	while ($row=mysql_fetch_assoc($result)){
		$output .= <<<EOL
  <tr>
    <td>{$row['name']}</td>
    <td>{$row['content']}</td>
    <td>{$row['date_updated']}</td>
    <td><input type="radio" name="enliven_id" value="{$row['id']}" /></td>
  </tr>
EOL;
	} //end of while clause
	$output .= <<<EOL
  <tr>
   <td colspan="4">
     <input type="reset" name="reset" value="reset"/>
     <input type="submit" name="action" value="Make Change"/>
   </td
  </tr>
</table>
</form>
EOL;

	echo $output;
}



?>

 

[sd0t1]

Thanks, it's clear now. I really do appreciate you taking the time to create the example. I hope one day I can pass the favor along to someone else.

 

[jpadie]

that's what it's all about!