topic

Use of sessions in PHP

Very much often at a spelling of scripts on php it is necessary to store{keep} some information on the visitor during all session of his job. A typical example of such situation is necessity "to remember" a login and the password of the user at his presence{finding} in the closed part of a site (for example, at a forum). Own speaking, for this purpose also there is the mechanism of sessions realized in php, however give all under the order.

That in a script it was possible to work with sessions, it is necessary to initialize the mechanism of sessions all over again. It is done{made} with the help of function session_start (). Thus new session will be created or restored already existing. As the server learns{finds out} that to him to do{make}: to create or restore? Very simply. The matter is that when the visitor comes on a site, to him 32 digit identifier of a kind is appropriated{given}: abcd1efgh2ijkl3mnop4qrs5tuv6wxyz which "follows" it at all movings on a site. " Following " is provided or on means cookies, or if they are switched - off at the user, addition to all addresses of GET-search of a kind: PHPSESSID=identifikator, i.e. myscript.php address to turn in myscript.php? PHPSESSID=identifikator. At processing search on the server the cursor php searches for the identifier in the data transferred{handed} to him and if session finds also is not obsolete updates her . Otherwise it is created new. By the way, the identifier of session can be received with the help of function session_id ();

After the mechanism of sessions was is initialized in a script we can to save any information in an associative file $ _SESSION. This file is global variable session. Thus, having saved in him, for example, values of variables login and password on page of authorization we can use them on all other pages of the protected part of a site.

End of session occurs or automatically on the expiration of the certain time interval, or compulsorily at use of function session_destroy ().

Well, with the theory we have understood, time now has come to put her into practice. For this purpose we shall write 3 scripts: login.php - authorization of visitors, protected.php - the closed page and logout.php - end of job.

session_start (); // inicializirum the mechanism sesssij

if (! isset ($ _POST [' ok '])) {

// If the form is not filled, is deduced{removed} her

echo "

<html>

<head>

<title> Page of authorization </title>

</head>

<body>

<table>

<table>

<tr> <td> Login: </td> <td> <input type ='text '

name ='login ' size = '15'> </td> </tr>

<tr> <td> Password: </td> <td> <input

type ='password ' name ='pass' size = '15'> </td> </tr>

</table>

</td> </tr>

<tr> <td align=center> <input type ='submit ' name ='ok '

value ='Vkhod '> </td> </tr>

</table>

</td> </tr>

</form>

</table>

</body>

</html>

}

else {

// It is supposed, that the information on users you

// Store{Keep} in a database, in the table users, containing fields id, login, pass

$db=mysql_connect ('host', login ', 'password');

mysql_select_db (' db_name ', $db);

// Whether we check there is a user with such login'om and password'om

$res=mysql_query (" SELECT * FROM users WHERE login = ' ". $ _ POST ['login.'] " '

AND pass = ' ". $ _ POST [' pass']. " ' ", $db);

if (mysql_num_rows ($res)! =1) {// such user no

echo " a correct login or the password " Are entered not;

}

else {// the user is found

$ _SESSION [' login '] = $ _POST [' login ']; // it is established{installed} login and pass

$ _SESSION ['pass'] = $ _ POST [' pass];

Header (" Location: protected.php "); // erenapravljaem on protected.php

}

mysql_close ();

}

protected.php

session_start (); // inicializirum the mechanism sesssij

// We begin check of a login and the password

$db=mysql_connect (' host ',' login ',' password ');

mysql_select_db (' db_name ', $db);

$res=mysql_query (" SELECT * FROM users WHERE login = ' ". $ _ SESSION ['login.'] " '

AND pass = ' ". $ _ SESSION [' pass']. " ' ", $db);

if (mysql_num_rows ($res)! =1) {// such user no

Header (" Location: login.php "); // it is redirected on login.php

}

else {// the user is found, we can deduce{remove} all that is necessary to us

echo " the Text of the closed page <br> <a href ='logout.php '> the Output{Exit} </a> ";

}

mysql_close ();

logout.php

session_start (); // we initialize the mechanism of sessions

session_destroy (); // we delete the current session

Header (" Location: protected.php "); // it is redirected on protected.php

Well, and all. I hope, this clause{article} will help somebody.

\\\\\\\\\\\

Systems of votings on RNR

Vivat, expensive{dear} readers! Today, in this nothing significant day, and can be perfect on the contrary, I have written "it", and now you should read all "it", and the most important to understand. Today we with you shall devote time to such subject, as " Systems of votings on RNR ".

Yes, on segodneshnij day to this rather interesting subject the whole mountains of clauses{articles}, but somehow few clauses all are devoted tell precisely and in all trifles. About these trifles and is precise we now and we shall talk. Probably there is more than half from you, forumnykh pool'akh, and votings participated in other rubbish in different interactive. But how all this is constructed? On what algorithm all this "ploughs"?

And algorithms there is a great variety. Now I shall list the most popular among developers:

XML-A question and answers, khranjat`sja in one XML a file from which through parser also "get" all jobs of votings given for maintenance.

Data storage in a file - this type of storage is more popular than it XML-ij comrade. A principle such: a question pomehhaet`sja in the first line of a file, the ambassador postrochno variants of the answer, and through a certain separator quantity{amount} of voices are deduced. However as against previous the given method demands more time for a spelling, and limits opportunities a little.

The data storage in a DB (a way ?1) - this way javljaet`sja the most rational, in fact he does not demand special mental efforts, thus providing high it is productive, but for him , first, trebuet`sja, second, this method borrows{occupies} presence of a DB a lot of physical memory of a database. We shall consider it right at the beginning. The principle is those: a question and other static the data raspolagajut`sja in a certain abstract table "b", thus answers in the table "n". On each answer it is necessary a number{line} "U", the table "b" which has the link to number{room} of voting taking place in the table "b". That is between the table "b" and "n" ustanavlivaet`sja a direct communication. Why I have said, what this way demands considerable space in a DB? So because under each answer vydeljaet`sja a separate column, and it extremely is not rational in a case at job from a DB.

Data storage in a DB (a way ?2) - this way the most complex among all set forth above, however he does not take many{a lot of;much} place, thus he combines answers, a question, and quantity{amount} of answers in otnoj to the table, and in this table a number{line} to be allocated{removed} under all voting as a whole, though this compactness kompensiruet`sja povyshenoj by complexity of updating of the data, and zaschjot each new voice. A principle that all answers pomehhajut`sja in one line at what in the special order so, that to a position of each answer there corresponds{meets} a position of value of quantity{amount} of voices, people which have voted for this variant. As a field of variants of answers, and accordingly quantities{amounts} of voices will be coded in a format base64, for reduction of the size of a final line.

Everything, it were all variants of performance of algorithm of process of voting which we today shall consider.

Personally my choice the second variant of storage in a DB as I the author of the given way, and he is more pleasant to me, but that who only starts to master technologies of Web - programming, I advise to esteem about the first variant at job from a DB. Well, now it is possible to proceed{pass} to a practical part, and she nachnjot`sja from the first variant at job from a DB. But I have forgotten to say about rather important in my opinion a detail. I have forgotten to say about protection against repeated voting, it we shall do{make} in all votings by means of a DB as this way provides full integrity of the data for for access to a DB the third parties him will need to have the data for access or to crack a DB that is extremely problematic, therefore it will be rather difficult for hackers to put a script a loss in this part. And files always can be removed, even if on them there will be a blocking "666" all the same they are protected not in full.

Therefore I have chosen a DB. Therefore now you need to create the tablet for khranija the data on users which already have voted.

The structure of the tablet is those:

THE TABLE ` alredy_vote `:

id-BIGINT-AUTO_INCREMENT-PRIMARY KEY

vote_id-BIGINT-NOT NULL-UNIQUED

ip-TEXT-NOT NULL

The name I leave to you, but I shall say that I shall use "alredy_voted". Well, and now on practice:)

The first variant at job from a DB.

Well, in my opinion for those who names itself(himself) programmers at a "sufficient" level one only would suffice the description in the beginning, but anyway I shall describe the given way with all particles. So, from the beginning we shall create two tablets in your database, name them as want, but in clause{article} I shall use names "pools_answs" (for variants of the answer) and "pools" (for votings). Their structure sdedujuhhaja:

THE TABLE ` pools `:

id-BIGINT-AUTO_INCREMENT-PRIMARY KEY

question-TEXT-NOT NULL

status-ENUM (' on ',' off ') - DEFAULT ' on '-NOT NULL

THE TABLE ` pools_answs `:

id-BIGINT-AUTO_INCREMENT-PRIMARY KEY

vote_id-BIGINT-NOT NULL-UNIQUED

value-TEXT-NOT NULL

, it is structure of tables for job of our system, I bring only them srukturu as if you even do not know language SQL you to do{make} here there is obviously nothing. So, the first our function will be function for addition of votings.

As I want to mention, that the user himself can establish quantity{amount} of variants of the answer. Certainly there is a temptation to use DOM model and liked by all of us JS (in fact so?), but I shall refrain, and I shall use simple both banal parameter QUERY_STRING and old, darling $ _GET the interface. Well, let's try embody all this a disgrace on "canvas":)

$count=isset ($ _GET [' count '])? $ _GET [' count ']:5;

if (! isset ($ _POST [' add '])) {

print " <form action = " method ='post ' name ='addPool '> ";

print " <table width = '300' height = '50' align ='center '> ";

print " <tr> <td colspan = '2' style ='text-align:center; '> <input

size = ' 40 ' type ='text ' name ='question '

value ='Vvedite a question of voting ' onFocus ='this.select (); '> </td>

</tr> ";

print " <tr> <td style ='text-align:center; ' colspan = '2'> <button

onClick = " top.location = ' ". $ _ SERVER ['PHP_SELF']. "? count = ". ($ count+1). "'">

To add a variant </button> </td> </tr> ";

for ($i=0; $i <$count; $i ++) {

print " <tr> <td> the Variant of the answer ? ". $i. ": </td> <td> <input

type ='text ' name ='answs [] '> </td> </tr> ";

}

print " <tr> <Td colspan = '2' style ='text-align:center; '> <input

type ='submit ' name ='add ' value ='Dobavit` '> </td> </tr> ";

print "</table>";

print "</form>";

} else {

$question = $ _ POST ['question'];

$answs = $ _ POST ['answs'];

if (trim ($question) == ") {

die (" you have not entered a question! ");

}

$count=0;

for ($i = (count ($answs)-1); $i> =0; $i-) {

if (trim ($answs [$i]) == ") {

$count ++;

}

if ($count == count ($answs) || (count ($answs) - $count) <2) {

die (' there Should be at least 2 variants of the answer! ');

}

$conn_id = mysql_connect ("localhost", "root", " ") or die (" the Mistake of connection with

The server of a DB! ");

@mysql_select_db ("shockstudio");

$check = mysql_query (" SELECT id FROM 'pools' WHERE question = ' ". $ question. "'",

$conn_id) or die (" the Mistake of search to a DB! ");

if (@mysql_num_rows ($q)! =0) {

die (" Voting with such question already exists! ");

}

unset ($check);

$q = mysql_query (" INSERT into 'pools' VALUES (", ' ". $ question. " ','on') ", $conn_id)

or die (" the Mistake of search to a DB! ");

unset ($q);

$q = mysql_query (" SELECT id FROM 'pools' WHERE question = ' ". $ question. "'", $ conn_id)

or die (" the Mistake during search to the server! ");

$row = mysql_fetch_array ($q);

$id = $ row ['id'];

unset ($q, $row);

for ($i = (count ($answs)-1); $i> =0; $i-) {

if (trim ($answs [$i])! = ") {

$q = mysql_query (" INSERT into 'pools_answs' VALUES (", ' ". $ id. " ', ' ". $ answs [$i.] " ',

")", $ conn_id) or die (" the Mistake of search to a DB! ");

}

Well, it also is functional base for addition of voting in a database. Let's stop on it and we shall consider all more in details.

From the very beginning we receive quantity{amount} of variants of the answer which need to be deduced{removed} for editing. We declare a variable 'count', which in conformity from existence of a variable 'count' in QUERY_STRING will accept value or variable QUERY_STRING (if such suhhestuet) and a default value, namely 5. After that we work above the user interface, and thus we create an interesting button which serves for addition of a variant of the answer. By its{her} pressing value of a variable 'count' pomehhaet`sja in a line of search in a browser, and thus she uvelichivaet`sja on unit. Here is how all is simple, is direct up to horror. Further all is simple, and we went to processing the data received from the form.

In the beginning of processing there is a process validacii the data. Whether we proverjam are filled fields of the form, and after that quantity{amount} of variants of the answer. For check zapolnennosti fields of "answers", we declare a variable $count which each time will increase if $i-® the element of a file will be not filled.

The ambassador if the quantity{amount} of the blank fields ($count), will be equal to a total sum of variants of the answer, or their difference will be less than 2 will be exception which informs the user that is necessary to enter a minimum 2 variants of answers is excited. On it check of the data zavershaet`sja, and we pass to validacii the data in a DB. First we need to check up, whether exists already votings with such question and if there is that we raise a mistake. If nevertheless no, we add the data in the table.

The following step will be reception indifikatora (id) the current recording, for addition of variants of the answer in the table. After we have received ID, we again do{make} perebor, only already with other purpose. Now we shall add everyone i-® an element of a file provided that he not empty, in the table for answers, thus we as add and indifikator votings to which the answer will be adhered the data. Well and in case of success, we deduce{remove} the message that all has passed successfully. As you can see, without taking into account some moments, all is rather easy. But it only the first slice of that big mosaic of the general{common} funkcional`nostiju. Now we pass to the following part which will be a certain test previous, namely we shall embody the mechanism of voting through the interface of a site. In a context of the given variant of execution{performance}, it will borrow{occupy} almost some lines as we only navsego need to update a field in one table, and to bring the data in another.

Well, my variant of execution{performance} of the given problem :

if (! isset ($ _POST ['vote'])) {

print " <form action = " method ='post ' name ='vote '> ";

print " <table width = '400' height = '50' align ='center '> ";

$conn_id = mysql_connect ("localhost", "root", " ") or

die (" the Mistake of connection with the server of a DB! ");

@mysql_select_db ("db");

$q = mysql_query (" SELECT * FROM 'pools' WHERE status ='on ' ", $conn_id) or

die (" the Mistake of search to a DB! ");

if (@mysql_num_rows ($q) == 0) {

echo " Votings are not found! ";

} else {

$id=mt_rand (1, @mysql_num_rows ($q));

unset ($q);

$q = mysql_query (" SELECT * FROM 'pools' WHERE id = ' ". $ id. "'", $ conn_id) or

die (" the Mistake of search to a DB! ");

$row = mysql_fetch_array ($q);

print " <tr> <Td colspan = '2'> Q: ". $row ['question.'] " </td>

</tr> ";

unset ($q);

$vote_check = mysql_query (" SELECT id FROM 'alredy_vote' WHERE ip = ' ".

$ _SERVER ['REMOTE_ADDR']. "'", $conn_id) or die (" the Mistake of search to a DB! ");

$q = mysql_query (" SELECT id, value FROM 'pools_answs' WHERE vote_id = ' ".

$id. "'", $ conn_id) or die (" the Mistake of search to a DB! ");

if (@mysql_num_rows ($q) == 0) {

die (" Questions are not found! ");

} else {

while ($row = mysql_fetch_array ($q)) {

$row2 = mysql_fetch_array ($q2);

if (@mysql_num_rows ($vote_check)! =0) {

$q2 = mysql_query (" SELECT count FROM ` pools_answs ` WHERE id = ' ". $ row ['id.'] "'",

$conn_id) or die (" the Mistake of search to a DB! ");

print " <tr> <td> ". $row ['value.'] " </td> <td> ".

$row2 ['count.'] " </td> </tr> ";

} else {

print " <tr> <td> ". $row ['value']. " </td> <td> <input

type ='radio ' name ='answer ' value = ' ". $ row [' id ']. " '> </td> </tr> ";

print " <input type ='hidden ' name ='id ' value = ' ". $ id. " '> ";

print " <tr> <td colspan = '2'> <input type ='submit ' name ='vote '

value ='Progolosovat` '> </td> </tr> ";

}

print "</table>";

print "</form>";

@mysql_close ($conn_id);

} else {

$id = $ _ POST ['id'];

$answer = $ _ POST ['answer'];

$conn_id = mysql_connect ("localhost", "root", " ")

or die (" the Mistake during search to the server! ");

@mysql_select_db ("db");

$q = mysql_query (" SELECT id FROM 'aredy_vote' WHERE ip = ' ".

$ _SERVER ['REMOTE_ADDR']. " ' ", $conn_id)

or die (" the Mistake during search to the server! ");

if (@mysql_num_rows ($q)! =0) {

print " you already participated in the given voting! ";

} else {

$q = mysql_query (" INSERT into 'alredy_vote' VALUES (", ' ". $ id. " ',' ".

$ _SERVER ['REMOTE_ADDR.'] " ') ", $conn_id) or die (" the Mistake of search to a DB! ");

unset ($q);

$q = mysql_query (" UPDATE 'pools_answs' SER count=count+1 WHERE id = ' ". $ id.

" ' AND vote_id = ' ". $ _ POST ['answer']. "'", $conn_id) or die (" the Mistake of search to a DB! ");

print " your voice is taken into account{discounted}. Thanks for participation!! ";

}

@mysql_close ($conn_id);

}

I have certainly bent on the bill of several lines though it in dejstvitel`snosti indeed, in fact for updating the data in a DB is necessary only navsego 2 searches to a DB. Now let's stare at doubtful places more. Well, all over again we receive all recordings from a DB, the ambassador we do{make} randomization

(casual sample), well and the ambassador we obtain the data on a "dropped out" element. But the main thing in the user interface javljaet`sja to provide inaccessibility to the user of repeated attempt to vote. For this purpose we interpellate to the table ` aredy_vote ` where we check presence of recording at which ip-address is equal to the current value $ _SERVER [' REMOTE_ADDR '] and if such it is really found we instead of radio - boksov deduce{remove} quantity{amount} of voices, on each element and as we clean{remove} a button for sending the data of the form. After a conclusion of the user interface it is necessary for us to process the data acted{arrived} of him . But what exactly therefrom to be necessary for us?

It will be necessary for us only two variables, namely indifikator the current voting, and, certainly, a variant of the answer. After that we make search to a DB, whether with the purpose of check the given user accepted participation in voting, with the same purpose bezopastnosti.

After this check, we add the data on the user in the table "voted", well and only after that we update the data on voting.

And after all these manipulations we close connection with a DB and we thank the user for participation in our voting. We also have done already about 40 % of all job above the given project, to us still remained three mechanisms and what we shall talk further. Now I suggest you to proceed{pass} to the following step of development of the project, namely to editing already existing voting. It any more will not be new to you. However I shall say, that at editing voting, we shall null his results.

That is to not null, and to delete all elements of "answers", with the purpose peresozdanija, it delaet`sja with the purpose of increase of a practicality and reduction of a code. As check of, whether exists this or that answer entered from the form, rather long and boring employment{occupation} so I have decided to act{arrive} so.

$count=isset ($ _GET [' count '])? $ _GET [' count ']: 0;

if (! isset ($ _GET [' eid ']) ||! is_numeric ($ _GET [' eid ']) {

die (" the Mistake at check QUERY_STRING! ");

}

$ _GET [' eid '] =addslashes ($ _GET [' eid ']);

if (! isset ($ _POST [' edit '])) {

$conn_id = mysql_connect ("localhost", "root", " ")

or die (" the Mistake of connection with the server of a DB! ");

@mysql_select_db ("shockstudio");

$q = mysql_query (" SELECT * FROM ` pools ` WHERE id = ' ". $ _ GET ['eid']. "'", $conn_id)

or die (" the Mistake during search to the server! ");

if (@mysql_num_rows ($q) == 0) {

die (" the Given voting does not exist! ");

} else {

$row = mysql_fetch_array ($q);

print " <form action = " method ='post ' name ='addPool '> ";

print " <table width = '300' height = '50' align ='center '> ";

print " <tr> <td colspan = '2' style ='text-align:center; '> <input

size = '40' type ='text ' name ='question ' value = ' ". $ row [' question ']. " " onFocus ='this.select (); '> </td> </tr> ";

unset ($q);

print " <input type ='hidden ' name ='id ' value = ' ". $ _ GET [' eid ']. " '> ";

$q = mysql_query (" SELECT value FROM 'pools_answs' WHERE vote_id = ' ". $ _ GET ['eid'].

"'", $conn_id);

$i=0;

while ($row = mysql_fetch_array ($q)) {

$i ++;

print " <tr> <td> the Question ? ". $i. ": </td> <td> <input

type ='text ' value = ' ". $ row ['value']. " ' name ='answs [] '> </td> </tr> ";

}

if ($count! =0) {

for ($j=1; $j <$count; $j ++) {

print " <tr> <td> the Question ? ". ($j + $ i). ": </td> <td> <input

type ='text ' name ='answs [] '> </td> </tr> ";

}

print " <tr> <td colspan = '2'> <button

onClick = " top.location.href = '? eid = ". $ _ GET [' eid ']. " *count = ". ($ count+1). " '; ">

To add a variant of the answer </button> </td> </tr> ";

print " <tr> <Td colspan = '2' style ='text-align:center; '> <input

type ='submit ' name ='edit ' value ='Izmenit` '> </td> <tr> ";

print "</table>";

print "</form>";

} else {

$question = $ _ POST ['question'];

$id = $ _ POST ['id'];

$answs = $ _ POST ['answs'];

if (trim ($question) == ") {

die (" you have not entered a question! ");

}

$count=0;

for ($j = (count ($answs)-1); $j> =0; $j-) {

if (trim ($answs [$j]) == ") {

$count ++;

}

if ($count == count ($answs) || (count ($answs) - $count) <2) {

die (' there Should be at least 2 variants of the answer ');

}

$conn_id = mysql_connect ("localhost", "root", " ")

or die (" the Mistake of connection with the server! ");

@mysql_select_db ("shockstudio");

$q=mysql_query (" UPDATE 'pools' SET question = ' ". $ question. " ' WHERE id = ' ". $ id.

"'", $conn_id) or die (" the Mistake of search to a DB! ");

unset ($q);

$q = mysql_query (" DELETE FROM 'pools_answs' WHERE vote_id = ' ". $ id. "'")

or die (" the Mistake of search to a DB! ");

for ($i = (count ($answs)-1); $i> =0; $i-) {

$q = mysql_query (" INSERT into 'pools_answs' VALUES (", ' ". $ id. " ',' ". $ answs [$i].

" ' '',) ") or die (" the Mistake of search to a DB! ")

}

print " <hr/> <a href = ' ". $ _ SERVER ['PHP_SELF']. "? eid = ". $ id.

" '> Back </a> <hr/> ";

}

Well, in this application pieces of all were combined that we did{made} in the beginning of clause{article}. The user interface of the given application very much reminds the interface for addition of voting, however here there are some differences. First we obtain the data on transferred{handed} indifikatoru.

As for editing an element in a script it is necessary to pass it ID in a database on which the data will be processed. Whether but first of all it is necessary to check up there is a given voting at all, whether as it is not enough that the user can enter in QUERY_STRING, and by the way for this reason we make its{her} check and we shield all data in her, for prevention of SQL-injections. After all checks, we obtain the data on votings with indifikatorom $ _GET ['eid']; Now we substitute them in text fields of the form. But all and anything, but in fact in a case with answers, to us is necessary not only to substitute values for editing, but also to have an opportunity to add new elements. Therefore, we from the beginning deduce{remove} all elements available in the table with answers, and outside of a cycle while () we create one more cycle which will deduce{remove} text fields in soostvetstvii with value of a variable $count. I shall notice, that as against a script of the addition, the given variable will matter by default, equal 0, instead of five. Everything, with the user interface have understood, now smoothly we pass to procesu data processing of the form. From the beginning all is banal, we check quantity{amount} of the filled fields of "answers", and whether the user empty certainly has left a field for text value of a question. If all is normal, we are connected to a DB.

First our search will be on updating value of a question of voting, it new to you will not open anything.

After that, as I spoke earlier, we delete all current elements from the table of answers, and again we create similar to the first the cycle, only this time, we will add the data in the table. See, I spoke, what analogy between a script for addition of votings proslezhivaet`sja?

Well, and in case of success, we put a reference back, that is on a certain "main" page, and we pass the same indifikator votings, whether for check all has passed successfully and whether the data have been brought in the table. Well, and now we still had some steps which mechanisms of blocking of voting and his restoration will lead us to to desirable result, namely. What do I have in view of under "blocking"?

Well, we shall assume voting in an active already more than month, and to you khochet`sja it to hide, not deleting, and suddenly again zakhochet`sja it to publish?

Or will say, your managers can create votings, but before they should pass the review at you and while you will not unblock created pomoshnikami voting they will not be in an efficient kind. Blocking and the publication also is necessary for this purpose. Further I shall not tell about mechanisms of reviews and other, but only about a subject of given clause{article}, about votings. Now I shall show as to realize the given mechanisms.

It will be made as it is impossible simply, we will need to change value indifikatora status, in the table 'pools'. In fact you have noticed, that at randomization and sample for a conclusion in the user interface of a site, we checked value of a field status on equality to value 'on'.

Principle of blocking and the publication will be banal change of value status, therefore, if you consider to not read easily I advise you what is it further as really, many of you will find nothing new here. The mechanism of blocking, I want to take into account, that the script works under a context of that the parameter $ _GET ['eid'], which javljaet`sja indifikatorom the current voting has been transferred{handed} to him.

if (! isset ($ _GET ['eid']) ||! is_numeric ($ _GET ['eid'])) {

die (" the Mistake of check QUERY_STRING! ");

}

$ _GET ['eid'] =addslashes ($ _GET ['eid']);

$conn_id = mysql_connect ("locahost", "root", " ")

or die (" the Mistake of connection with the server! ");

@mysql_select_db (' db ");

$q = mysql_query (" SELECT * FROM 'pools' WHERE id = ' ". $ _ GET [' eid ']. " ' ", $conn_id)

or die (" the Mistake during search to the server! ");

if (@mysql_num_rows ($q) == 0) {

die (" the Given voting does not exist! ");

} else {

$q = mysql_query (" UPDATE 'pools' SET status ='off ' WHERE id = ' ". $ _ GET ['eid.'] "",

$conn_id) or die (" the Mistake during search to the server! ");

}

@mysql_close ($conn_id);

And for the publication.

if (! isset ($ _GET ['eid']) ||! is_numeric ($ _GET ['eid'])) {

die (" the Mistake of check QUERY_STRING! ");

}

$conn_id = mysql_connect ("locahost", "root", " ")

or die (" the Mistake of connection with the server! ");

@mysql_select_db (' db ");

$q = mysql_query (" SELECT * FROM 'pools' WHERE id = ' ". $ _ GET [' eid ']. " ' ", $conn_id)

or die (" the Mistake during search to the server! ");

if (@mysql_num_rows ($q) == 0) {

die (" the Given voting does not exist! ");

} else {

$q = mysql_query (" UPDATE 'pools' SET status ='on ' WHERE id = ' ". $ _ GET ['eid.'] "",

$conn_id) or die (" the Mistake during search to the server! ");

}

@mysql_close ($conn_id);

Everything, on it I finish consideration of the given mechanism of votings, as well as this release of given clause{article}. We shall meet all other technologies in the following releases, as for one clause{article} it too great volume of the information. On it I with you prohhajus`.\