haveRequiredData()
This method determines whether the required fields for the form are provided. It
uses the member variable $REQUIRED, which is set in the setupForm() method.
validateData()
This method validates all the fields for the form. This is how it works:
◆
It first creates an object of class DataValidator.
◆
Then the method validate() of DataValidator is called, with type, size,
and validation methods for each field of the form. If data validation fails,
the field is pushed into the $ERRORS array.
◆
The method returns TRUE if none of the fields fail during data validation.
cleanupData()
This method is responsible for cleaning up the given data as prescribed in the form
configuration file. This is how it works:
◆
It first creates an object of the DataCleanup class.
◆
For each field, the list of clean-up methods is retrieved. Those methods are
called from the DataCleanup class.
◆
All the field data is returned after cleanup.
submitData()
This method is responsible for adding the given data into the form table in the
database. This is how it works:
◆
First, the fields with type text are escaped for characters such as quotation
marks and slashes by using the $this->_DBI->quote(addslashes())
methods.
◆

The common field for all forms, SUBMIT_TS (to store the time of form sub-
mission), is prepared from the current time and added to the insert query
statement.
◆
The insert query statement is executed using the query() method of the
DBI object.
◆
The method returns TRUE or FALSE depending on the success of the inser-
tion process.
Chapter 19: Web Forms Manager 671
25 549669 ch19.qxd 4/4/03 9:27 AM Page 671
uploadFile()
This method is responsible for uploading any attachments from the user. This is
how it works:
◆
It first creates an object of the DataValidator class to validate the size of
the file(s) to be uploaded.
◆
For each upload field retrieved from the form configuration file, the
method determines whether it is a required upload. If the upload is
required but not supplied, it returns with a proper failure signal.
◆
The method moves the uploaded file to the appropriate destination direc-
tory as specified in the form configuration file.
sendMail()
This method is responsible for sending the form-specific inbound or outbound
e-mail to the user or the administrator. This is how it works:
◆
It takes the list of recipients, the message template file name, and the sub-
ject as parameters.

◆
It immediately returns FALSE if the list of recipients is empty.
◆
It determines whether a form-specific template for the message exists. If
not, it uses the default template directory of the application to instantiate
the template class.
◆
Data received from the form is sent to the message template. Then the
template is parsed and sent as the body to the recipient(s) using the
mail() API with the given subject.
Designing and implementing the FormData class
The FormData class manipulates the submitted form data. For example, it is used in
a report generation application to show the report to administrative users. The
ch19/apps/class/class.FormData.php file on the CD-ROM implements this
class, which implements the methods described in the following sections.
FormData()
This is the constructor method. It sets the member variables $DBI and $DL_TBl to
hold the DBI object and the name of the download track table, respectively. Then it
calls the setFormID() method to set the form ID.
setFormID()
This method first sets the given form ID as the member variable $fid. Then it
includes the configuration file for the form. Two more member variables —
$fieldArr (an array of form fields and their configurations) and $fields (a
672 Part V: Internet Applications
25 549669 ch19.qxd 4/4/03 9:27 AM Page 672
comma-separated list of the fields) — are set by retrieving the list of fields from the
form configuration file.
getFormData()
This method is used to retrieve form data from the database. This is how it works:
◆

The setFormID() method is called to set the given form ID.
◆
If no sort criteria are supplied, the default sort criteria is set to the ID field.
◆
If no lower bound for submission time is given, it is assumed to be zero.
Similarly, if no upper bound is supplied, it is assumed to be the current time.
◆
The SELECT query statement is prepared with the help of the member
variable $fields.
◆
The name of the table is taken from the form configuration file, which has
already been included.
◆
The SELECT query is executed using the query() method of the DBI
object, and all rows of the query result are returned as an array.
getDataAfterRecordID()
This method returns all the data of a form that has a record ID greater than the
given record ID. This is how it works:
◆
It first calls setFormID() to set the given form ID.
◆
The query statement is prepared using the member variable $fields and
the given record ID.
◆
The name of the table is taken from the form configuration file, which has
already been included.
◆
The SELECT query is executed using the query() method of the DBI
object, and all rows of the query result are returned as an array.
getLastDLRecordID()

This method returns the largest record ID number for a given form that has been
tracked in the download track table. This is how it works:
◆
First, it calls setFormID() to set the given form ID.
◆
The query statement is prepared.
◆
The name of the table is taken from the form configuration file, which has
already been included.
◆
Finally, the SELECT query is executed using the query() method of the
DBI object, and the maximum record ID is returned after retrieving it from
the query result.
Chapter 19: Web Forms Manager 673
25 549669 ch19.qxd 4/4/03 9:27 AM Page 673
updateDownloadTrack()
This method updates the download track table whenever a download is performed
by the user. It takes the form ID and the top record ID up to the time at which the
data was downloaded. Then it inserts them along with the current timestamp into
the download track table. It returns TRUE or FALSE depending on the status of the
insertion operation.
Creating the Application
Configuration Files
Like all other applications we have developed in this book, the Web Forms Manager
application also uses a standard set of configuration and error files. These files are
discussed in the following sections.
Creating the main configuration file
The primary configuration file for the entire system is called webforms.conf. Table
19-1 describes each configuration variable.
TABLE 19-1 THE WEBFORMS.CONF VARIABLES THAT NEED TO BE CHANGED

Configuration Variable Purpose
$PEAR_DIR Set to the directory containing the PEAR package;
specifically, the
DB module needed for class.DBI.php
in our application framework.
$PHPLIB_DIR Set to the PHPLIB directory, which contains the
PHPLIB packages; specifically, the template.inc
package needed for template manipulation.
$APP_FRAMEWORK_DIR Set to our application framework directory.
$PATH Set to the combined directory path consisting
of the
$PEAR_DIR, $PHPLIB_DIR, and the
$APP_FRAMEWORK_DIR. This path is used with the
ini_set() method to redefine the php.ini entry for
include_path to include $PATH ahead of the default
path. This enables PHP to find our application
framework,
PHPLIB, and PEAR-related files.
$APPLICATION_NAME Internal name of the application.
674 Part V: Internet Applications
25 549669 ch19.qxd 4/4/03 9:27 AM Page 674
Configuration Variable Purpose
$DEFAULT_LANGUAGE Set to the two-digit default characterslanguage
code.
$ROOT_PATH Set to the root path of the application.
$REL_ROOT_PATH Relative path to the root directory.
$REL_APP_PATH Relative application path as seen from a Web browser.
$TEMPLATE_DIR The fully qualified path to the template directory.
$CLASS_DIR The fully qualified path to the class directory.
$ACL_CLASS Name of the ACL class file.

$DATA_VALIDATOR_CLASS Name of the DataValidator class file.
$FORM_SUBMISSION_CLASS Name of the FormSubmission class file.
$DATA_CLEANUP_CLASS Name of the DataCleanup class file.
$FORMDATA_CLASS Name of the FormData class file.
$FORM_DB_URL The fully qualified URL for the database used to store
the form information.
$MISSING_REQUIRED_VALUES Code for identifying the signal that required data is
missing.
$BAD_DATA Code for identifying the signal that the data is invalid.
$DATABASE_FAILURE Code for identifying the signal that the form table does
not exist.
$INVALID_FILE_SIZE Code for identifying the signal that the file size is
invalid.
$KNOWN_FORMS The associative array of forms holding the form ID, along
with its configuration file name.
$FORM_CONF_FILE_DIR The directory that holds the configuration files of
different forms.
$REPORT_TEMPLATE The template used for showing the form data report.
$ODD_COLOR Color used as background in odd-numbered rows in the
report.
$EVEN_COLOR Color used as background in even-numbered rows in the
report.
Continued
Chapter 19: Web Forms Manager 675
25 549669 ch19.qxd 4/4/03 9:27 AM Page 675