updating add track script with transaction example

cacb5d03 · Sorrel Harriet · d75f3f87 · cacb5d03 · cacb5d03
Commit cacb5d03 authored 8 years ago by Sorrel Harriet
--- a/lab-8/music-store-app/index.php
+++ b/lab-8/music-store-app/index.php
+<?php
+// include the HTML for the page header
+include "templates/header.html";
+// include the HTML for the navigation bar
+include "templates/nav.html";
+// open a new MySQL database connection
+require "includes/db_connect.php";
+// require the helper functions script
+require "includes/functions.php";
+// check if 'page' parameter is set in query string
+if (isset($_GET['page'])) {
+	$page = $_GET['page']; // if so, set page variable to value of 'page' parameter
+} else {
+	$page = 'home'; // if not, set page variable to home
+}
+// define a variable to store content HTML
+$content = "";
+// determine which view to serve based on value of $page
+switch ($page) {
+case 'home' :
+	include 'views/home.php';
+	break;
+case 'albums' :
+	include 'views/albums.php';
+	break;
+case 'album' :
+	include 'views/album.php';
+	break;
+case 'add-track' :
+	include 'views/add-track.php';
+	break;
+default :
+	include 'views/404.php';
+}
+// close the connection to the database */
+mysqli_close($link);
+// output the HTML
+echo $content;
+//
+include "templates/footer.html";
+?>
--- a/lab-8/music-store-app/views/add-track.php
+++ b/lab-8/music-store-app/views/add-track.php
+<?php
+$content = "<h1>Add a track</h1>";
+// define a variable with path to the script which will process form
+// ->	$_SERVER["PHP_SELF"] is a path to the current script (index.php)
+$action = $_SERVER["PHP_SELF"]."?page=add-track";
+// turn autocommit off
+mysqli_autocommit($link, FALSE);
+// start a transaction
+mysqli_query($link, 'START TRANSACTION');
+// fetch the albums so that we have access to their names and upc's
+// apply LOCK IN SHARE MODE to ensure the upc's will be valid
+// at the point we COMMIT the transaction
+$sql = "SELECT upc, title 
+        FROM Album
+	    ORDER BY title LOCK IN SHARE MODE";
+$result = mysqli_query($link, $sql);
+// check query returned a result
+if ($result === false) {
+    echo mysqli_error($link);
+} else {
+    $options = "";
+    // create an option for each artist
+    while ($row = mysqli_fetch_assoc($result)) {
+        $options .= "<option value='".$row['upc']."'>";
+        $options .= $row['title'];
+        $options .= "</option>";
+    }
+}
+// define the form HTML (would ideally be in a template)
+$form_html = "<form action='".$action."' method='POST'>
+				<fieldset>
+					<label for='t_name'>Name:</label>
+					<input type='text' name='t_name' required>
+				</fieldset>
+                <fieldset>
+                    <label for='t_number'>Track number:</label>
+					<input type='number' name='t_number' min='1' max='25'>
+                </fieldset>
+                <fieldset>
+                    <label for='a_upc'>Album:</label>
+                    <select name='a_upc' required>
+						<option value='' disabled selected>Select an album</option>
+                        ".$options."
+                    </select>
+                </fieldset>
+                <button type='submit'>Submit</button>
+              </form>";
+// append form HTML to content string
+$content .= $form_html;
+// ------- START form processing code... -------
+// define variables and set to empty values
+$title = $artist_id = $price = $year = $genre = "";
+// check if there was a POST request
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+	// validate the form data
+	$a_upc = mysqli_real_escape_string($link, clean_input($_POST["a_upc"]));
+	$t_name =  mysqli_real_escape_string($link, clean_input($_POST["t_name"]));
+	$t_number =  mysqli_real_escape_string($link, clean_input($_POST["t_number"]));
+	// define the insertion query
+	$sql = sprintf("INSERT INTO Track (album_upc, name, track_number)
+		VALUES ('%s', '%s', %d)", $a_upc, $t_name, $t_number);
+	// run the query to insert the data
+	$result = mysqli_query($link, $sql);
+	// check if the query went ok
+	if ($result === false) {
+		mysqli_rollback($link); // if query returns false, rollback transaction
+		// handle specific errors based on mysli error number code
+		// (in order to output more useful message to user!)
+		$errno = mysqli_errno($link);
+		switch ($errno) {
+			case 1062 : // case for duplicate entry
+				$content .= "There is already a track with that name or number.";
+				break;
+			default :
+				echo mysqli_error($link);
+		}
+	} else {
+		mysqli_commit($link); // else, commit transaction
+		$content .= "Track successfully added.";
+	}
+    }
+    // ------- END form processing code... -------
+?>