Blog Post System using PHP

Today I would like to talk in a little bit more detail about my blog post system written in PHP.

The main page looks like this:

Screen Shot 2016-05-08 at 5.08.49 PM

First, the database structure:

Screen Shot 2016-05-08 at 5.28.27 PM

The structure is actually pretty straightforward: one table for user authentication, one for posts and one for comments. For user authentication, password hashed with md5 is stored in the database. When the users attempt to log in, their hashed input and the one in the database is compared, a traditional approach. For each post, two main pieces of information are topic and content. They form the body of a post. Author is stored simply as the username. Date is stored as a formatted string instead of UNIX timestamp because somehow I could not get that to work :(. For comment, its associated post is stored as articleId. When I present the comments of each article, I query the database for this articleId. This might be slower than other methods such as keeping references, but since I’m not storing a million blog posts, this works just fine.

Recently I finished paging and comment system. For paging, I first query the post table and get the total number of posts. Then according to articles_per_page variable set in config.php I query the table for more times with a LIMIT to present posts only for a specific page. Page index is given with a GET request. If there is not such information in $_GET, the default value is set as 1, obviously.

For now, comments can only be viewed after you click on each single article to see the details. At the bottom of the article, I query the comment table to look for the articleId. A helper method does this and returns the comments as an array of objects. I then simply use a loop to traverse the array and echo them out on the page.

Posting comment is a little bit different: the post request is handled by another php file which does not present anything. After storing the comment into the database, the script routes back to the earlier article. In the POST request, only content is passed. articleId is passed with the super global variable $_SESSION. I’m not sure if this is the best way, but it is surely easier to write than the curl method that I found online.

Several problems I encountered:

  1. For creating the post, not only do I need to verify the user is logged in when the page is presented, I also need to verify when the post request is received. Because softwares such as Postman can easily create a post request and flood the database.
  2. For frontend, I find that the CSS argument clear: both is amazingly useful. I used float a lot for my page design, so a lot of times I want to keep divs stable.
  3. Typo is a bitch, especially those inside double quotes. When coding on a server there is no nice IDE that reminds me there is a grammar mistake or a typo, so I really need to be careful about these. Sometimes one typo took me twenty minutes to debug.
  4. Security. When I gave my address to my friend to test it. He hacked the site with simple javascripts easily, which forced me to filter any input that the users are giving to the site. Now I blocked the word script completely, so evil people cannot alert me every time I get on the blog.

Things that I will be working on:

  1. Keep user input in session. In my project, when the user hit “comment” or “post” but they are not logged in, they are directed to the log in page and directed back but the input is lost. I definitely don’t want them to type all over again, so caching inputs is a good idea.
  2. Move log in/out to the main page as a small popup. Right now when the users click on login, they are directed to another page to put in their username and password. However, keeping them in the same page will save users’ attention loss.
  3. Adding styled text and images in post. Maybe I could add some buttons so the users can upload images for posts. I have to be careful though because some users such as my friend could upload bad things to my beloved server.

That’s pretty much it. I am just done with my finals yesterday and good news is I got a perfect score on the algorithm final! Yayyy. For this summer I plan to learn more about iOS and building projects with PHP, Swift and maybe a little Javascript. My friend told me modern websites are mainly written with Javascript so I want to learn about that.

13 thoughts on “Blog Post System using PHP”

  1. JUVEDERM由透明質酸Hyaluronic Acid(一種天然多醣體)製造而成,並具有幼滑及高凝聚力的配方。透明質酸(HA)是皮膚組織的主要成份之一,能自然存在於人體肌膚內 JUVEDERM所用的透明質酸非由動物身體提取,可鎖住水份保濕皮膚,從而增加皮膚密度並改善質感 Juvederm 玻尿酸 加強優化面部輪廓,可被身體完全吸引,能自然地修飾面部輪廓 功效可長達24個月以上 JUVEDERM的特點: 效果立即可見 非永久性 非手術性 安全有效 效果自然 JUVEDERM獲歐盟(CE)及美國及藥物管理局(FDA)認證 首先及唯一獲得FDA認證在首次療程後能維持長達一年2-4功效 新世代專員Hylacross科技為產品帶來獨特的物理特質,包括凝聚力、支撐力及柔順度 這是一套由全球著名醫學美容醫生Dr. Maurício de Maio,以JUVÉDERM®系列透明質酸產品為基礎而研發的面部優化療程,藉著簡單程序便達致面部優化效果,不需進行手術,減低風險。

  2. Ion Magnum 是一種最新的減脂儀器,可以快速燃燒掉你身體的脂肪 , 讓你不需要做大量的體育鍛煉 , 輕鬆方便的達到專業美體的效果。 效果: 通過將你體內的脂肪轉化成肌肉,輕鬆减掉你的體重和腰圍。25分鐘的理療比健身房幾個小時的運動效果還要好! 副作用/風險: 該設備已在美國食品藥品監督管理局注册,注册分類爲醫療器械I類,I類醫療器械就是指普通人使用安全性非常好且沒有任何風險的器械。 减脂過程: 减脂板會直接固定安放於你身體的目標减肥部位,通過特殊的信號,Ion Magnum會將該部位的脂肪燃燒轉化成肌肉。(注意:該設備與你在其他沙龍中瞭解的肌肉轉化設備是完全不同的。)療程: 要想取得而保持完美的效果,一個療程需要進行10次理療,每3-7天進行一次。維持理療可以每兩周進行一次。

  3. EXCLUSIVE BY LAURA LAMBERT: Mauricio Pochettino is the first Premier League manager to fall foul of new rules governing abusive behaviour on the touchline. The managers who have flouted new ‘abusive behaviour’ rules on touchline: Tottenham’s Mauricio Pochettino is the only Premier League boss cautioned… and Swindon’s Phil Brown has racked up two offences already!

  4. Air Jordan 12 Gym Red http://www.jordan12gymred.us.com/
    Nike Outlet satore http://www.nikefactoryoutletstoreonline.com/
    nike factory outlet store online http://www.nikefactoryoutletstoreonline.us/
    Nike Store http://www.nikestores.us.com/
    air jordan 33 http://www.jordan33.us/
    cheap jerseys http://www.cheapjerseysfromchina.us/
    custom nfl jerseys http://www.customnfljerseys.us/
    jordan 11 concord http://www.jordan11concord.us.com/
    Air Jordan 12 Gym Red http://www.jordan12gymred.us/
    Jordan 12 Gym Red 2018 http://www.redjordan12.us/
    Yeezy http://www.yeezy.com.co/
    Yeezys http://www.yeezys.us.com/
    Yeezy http://www.yeezysupply.us.com/
    Yeezys Shoes http://www.yeezy-shoes.us.com/
    Yeezy Boost 350 http://www.yeezy-boost350.com/
    Yeezy Boost http://www.yeezyboost350.us.com/
    Yeezy Boost 350 V2 Blue Tint http://www.yeezybluetint.com/
    Adidas Yeezy 500 http://www.yeezy500utilityblack.com/
    Yeezy 500 http://www.yeezy500utilityblack.us/
    Vapor Max http://www.vapor-max.org.uk/
    Salomon UK http://www.salomon-shoes.org.uk/
    Salomon UK http://www.salomons.me.uk/
    Salomon Speedcross 4 http://www.salomonspeedcross4.org.uk/
    Off White Air Jordan 1 http://www.offwhitejordan1.com/
    Nike VaporMax http://www.nikevapormax.org.uk/
    React Element 87 http://www.nikereactelement87.us.com/
    Nike React Element 87 http://www.nikereactelement87.us/
    Nike Air Vapormax Plus http://www.nikeplus.us/
    Nike Outlet Store http://www.nike–outlet.us/
    Nike Outlet Store http://www.nikeoutletstoreonlineshopping.us/
    Nike Outlet Store Online Shopping http://www.nikeoutletonlineshopping.us/
    NBA Jerseys http://www.nikenbajerseys.us/
    Air Max Nike http://www.nikeairmax.us/
    Nike Air Max 2017 http://www.max2017.us/
    Air Jordan Shoes http://www.jordan-com.com/
    Jordan 11 Concord http://www.jordan11-concord.com/
    Kanye West Yeezys Boost Shoes http://www.cs7boots1.com/
    Wholesale Cheap NBA Jerseys http://www.cheapnba-jerseys.us/
    Birkenstock UK http://www.birkenstocksandalsuk.me.uk/
    Basketball Jersey http://www.basketball-jersey.us/
    Balenciaga http://www.balenciaga.me.uk/
    Balenciaga UK http://www.balenciagauk.org.uk/
    Balenciaga http://www.balenciagatriples.org.uk/
    Balenciaga UK http://www.birkenstocks.me.uk/
    Balenciaga http://www.balenciagatrainers.org.uk/
    Nike Air Max 270 http://www.airmax270.org.uk/
    Adidas Yeezys http://www.adidasyeezyshoes.org.uk/
    Adidas Yeezy http://www.adidasyeezyshoes.org.uk/

Leave a Reply