We have an adult-oriented content management system that specializes on member sites. We are looking to expand the CMS by offering a feedback form plugin within our system.
Our CMS uses PHP, MySQL, XML and XSL, so you will need proficiency in these areas to do the plugin.
## Deliverables
--START PRE-NDA TEXT--
We have an adult-oriented content management system that specializes on member sites.? We are looking to expand the CMS by offering a feedback form plugin within our system.
Here's how the table structure will be laid out.
-- This table will regulate which feedback form we're dealing with.? Administrators will be able to create
-- more than one form
-- Id: primary key
-- Name: name of form
-- Descr of form, accompanying text
-- ThankYou: The text to show once a user has submitted information
-- Redirect: Page to redirect the user after showing the thank you.
create table plg_feedback(
? Id integer not null auto_increment primary key,
? Name char(100) not null,
? Descr TEXT not null,
? ThankYou TEXT not null,
? Redirect TEXT not null
);
-- Within each feedback form, the customer will be presented with a list of
-- fields to fill out.
-- Id: primary key
-- feedbackid:? foreign key to [login to view URL]
-- Label: Name of the field
-- ItemType: Is this a select dropdown, a radio button, a checkbox or a text field?
-- Options: In the case of select:
? 1:x,2:y translates to:
? <option value="1">x</option>
? <option value="2">y</option>
-- Required: This dictates what kind of validation will be on the form
-- Req1: If Required='charlimit', this is the lower and upper bound
-- Sortorder: lower ids appear on top on the submission form.
create table plg_feedback_item(
? Id integer not null auto_increment primary key
? feedbackid integer not null,
? Label char(100) not null,
? ItemType ENUM('select', 'radio', 'checkbox', 'text', 'textarea'),
? Options TEXT NOT NULL,
? Required ENUM('none', 'email', 'numeric', 'charlimit'),
? Req1 TEXT NOT NULL,
? SortOrder integer not null
);
-- This stores a customer submission
-- Id: Primary key
-- feedbackid: foreign key to [login to view URL]
-- UserName: Username
-- IP: IP Address.
create table plg_feedback_input(
? Id integer not null auto_increment primary key,
? feedbackid integer not null,
? UserName char(100) not null,
? IP char(16) not null
);
-- For each customer submission
-- Id: primary key
-- feedbackid: foreign key to [login to view URL]
-- inputid: foreign key to [login to view URL]
-- itemid:? foreign key to plg_feedback_item
-- Value: The value the customer submitted.
create table plg_feedback_inputitem(
? Id integer not null auto_increment primary key,
? feedbackid integer not null,
? inputid integer not null,
? itemid integer not null,
? Value TEXT not null
);
We require the following:
1) Administration pages that will allow the administrator to list, add, edit or delete records.
For each of these tables, we generally have two pages: One for listing all the entries / deleting and entry, and one page for adding / editing an entry.? So in the case of plg_feedback, you'll create two pages called [login to view URL] and feedback_edit.php.? We'll provide the source to one of our other plugins as a reference of how to code each of these pages.
2) Create a page within the members area that populates the form.? Our system uses XML / XSL, so you'll have to first create an XML schema using DOM to list out the contents of plg_feedback and plg_feedback_item, then use XSL to display the page.
3) Create a PHP page that accepts the user information, and shows them the "thank you" message.
Coding Standards:
We require the following from any code that is submitted.
1) There are no PHP notices.? The code presented should work when error_reporting is set to E_ALL.
2) All SQL statements are properly escaped with mysql_escape_string().? Variables like $_GET and $_POST should be treated with the assumption that magic_quotes are turned off.? One of the includes you'll be using has code that does a recursive stripslashes on $_GET, $_POST, $_COOKIE, etc in the event that magic_quotes are on.
3) Code should assume register_globals is turned off.? One of the includes will unset any variables put into global scope in the event that magic_quotes are turned on.
4) Under no circumstances use the function extract() or import_request_variables() to move items into global scope.
5) Use our database class that's included in the project.
--END PRE-NDA TEXT--
Some information specific to our system:
QueryClass:
We use a specific database class called QueryClass.? It's built in-house because it does some tie-ins with memcached.
Commonly, this class has an instance within the code named $svr.? It's used as follows:
$sql = "select * from TableName";
$r = $svr->DoQuery($sql,1);
$t = $svr->DoQuery($sql,0);
These results return an associative array for all the table's retrievedrows. If the second argument is a "1", each row's keys are associative. Otherwise, they are numeric.