CMS Addon - Feedback Form

We have an adult-oriented content management system that specializes on member sites. We are looking to expand the CMS by offering a feedback form plugin within our system. Our CMS uses PHP, MySQL, XML and XSL, so you will need proficiency in these areas to do the plugin. ## Deliverables --START PRE-NDA TEXT-- We have an adult-oriented content management system that specializes on member sites.? We are looking to expand the CMS by offering a feedback form plugin within our system. Here's how the table structure will be laid out. -- This table will regulate which feedback form we're dealing with.? Administrators will be able to create -- more than one form -- Id: primary key -- Name: name of form -- Descr of form, accompanying text -- ThankYou: The text to show once a user has submitted information -- Redirect: Page to redirect the user after showing the thank you. create table plg_feedback( ? Id integer not null auto_increment primary key, ? Name char(100) not null, ? Descr TEXT not null, ? ThankYou TEXT not null, ? Redirect TEXT not null ); -- Within each feedback form, the customer will be presented with a list of -- fields to fill out. -- Id: primary key -- feedbackid:? foreign key to [login to view URL] -- Label: Name of the field -- ItemType: Is this a select dropdown, a radio button, a checkbox or a text field? -- Options: In the case of select: ? 1:x,2:y translates to: ? <option value="1">x</option> ? <option value="2">y</option> -- Required: This dictates what kind of validation will be on the form -- Req1: If Required='charlimit', this is the lower and upper bound -- Sortorder: lower ids appear on top on the submission form. create table plg_feedback_item( ? Id integer not null auto_increment primary key ? feedbackid integer not null, ? Label char(100) not null, ? ItemType ENUM('select', 'radio', 'checkbox', 'text', 'textarea'), ? Options TEXT NOT NULL, ? Required ENUM('none', 'email', 'numeric', 'charlimit'), ? Req1 TEXT NOT NULL, ? SortOrder integer not null ); -- This stores a customer submission -- Id: Primary key -- feedbackid: foreign key to [login to view URL] -- UserName: Username -- IP: IP Address. create table plg_feedback_input( ? Id integer not null auto_increment primary key, ? feedbackid integer not null, ? UserName char(100) not null, ? IP char(16) not null ); -- For each customer submission -- Id: primary key -- feedbackid: foreign key to [login to view URL] -- inputid: foreign key to [login to view URL] -- itemid:? foreign key to plg_feedback_item -- Value: The value the customer submitted. create table plg_feedback_inputitem( ? Id integer not null auto_increment primary key, ? feedbackid integer not null, ? inputid integer not null, ? itemid integer not null, ? Value TEXT not null ); We require the following: 1) Administration pages that will allow the administrator to list, add, edit or delete records. For each of these tables, we generally have two pages: One for listing all the entries / deleting and entry, and one page for adding / editing an entry.? So in the case of plg_feedback, you'll create two pages called [login to view URL] and feedback_edit.php.? We'll provide the source to one of our other plugins as a reference of how to code each of these pages. 2) Create a page within the members area that populates the form.? Our system uses XML / XSL, so you'll have to first create an XML schema using DOM to list out the contents of plg_feedback and plg_feedback_item, then use XSL to display the page. 3) Create a PHP page that accepts the user information, and shows them the "thank you" message. Coding Standards: We require the following from any code that is submitted. 1) There are no PHP notices.? The code presented should work when error_reporting is set to E_ALL. 2) All SQL statements are properly escaped with mysql_escape_string().? Variables like $_GET and $_POST should be treated with the assumption that magic_quotes are turned off.? One of the includes you'll be using has code that does a recursive stripslashes on $_GET, $_POST, $_COOKIE, etc in the event that magic_quotes are on. 3) Code should assume register_globals is turned off.? One of the includes will unset any variables put into global scope in the event that magic_quotes are turned on. 4) Under no circumstances use the function extract() or import_request_variables() to move items into global scope. 5) Use our database class that's included in the project. --END PRE-NDA TEXT-- Some information specific to our system: QueryClass: We use a specific database class called QueryClass.? It's built in-house because it does some tie-ins with memcached. Commonly, this class has an instance within the code named $svr.? It's used as follows: $sql = "select * from TableName"; $r = $svr->DoQuery($sql,1); $t = $svr->DoQuery($sql,0); These results return an associative array for all the table's retrievedrows. If the second argument is a "1", each row's keys are associative. Otherwise, they are numeric.