PX : code

Yahoo Maps - bike accidents (real estate) by Nick
Download this code


<?php
/* 04/12/2006. By Nick Meyer
 Get map help at
 http://developer.yahoo.com/maps/flash/asGettingStarted.html

 table looks like
CREATE TABLE `bike_accidents` (
  `uid` int(4) NOT NULL auto_increment,
  `pub` varchar(255) NOT NULL default 'yes',
  `name` varchar(255) default NULL,
  `email` varchar(255) default NULL,
  `okcontact` varchar(255) default NULL,
  `date` varchar(255) default NULL,
  `lawful` varchar(255) default NULL,
  `reported` varchar(255) default NULL,
  `helmet` varchar(255) default NULL,
  `severity` varchar(255) default NULL,
  `address` varchar(255) default NULL,
  `desc` mediumtext,
  `note` tinytext,
  `lastedit` timestamp NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  PRIMARY KEY  (`uid`)
)

 here's the code
*/
header("Cache-control: private"); // IE 6 Fix
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Tue, 30 March 1976 08:00:00 GMT"); // Date in the past
session_start(); // creates or resumes session id

// Some simple security
if($_GET['action'] == "logout") {
        
$_SESSION = array();
        
session_destroy();
        exit(
'You have been logged out. Please close your browser for best security.');

elseif(!isset(
$_SESSION['login']) && !isset($_POST['password'])) {
        echo 
"<html>\n<body>\n<form method=\"post\" action\""$_SERVER['REQUEST_URI'] ."\">"// use request uri to get next page
        
echo "Web access key: <input type=\"password\" name=\"password\" />";
        echo 
"<input type=\"submit\" name=\"submit\"></form></body></html>";
        exit ();

elseif(
sha1($_POST['password']) == "d0be2dc421be4fcd0172e5afceea3970e2f3d940") { // "apple" encrypted
        
$_SESSION['login'] = "d0be2dc421be4fcd0172e5afceea3970e2f3d940";

elseif(!isset(
$_SESSION['login'])) {
        exit(
'Pass Key Error');
}

// Connect to the server and database
$connection = @mysql_connect("db-host""username""password");
$db = @mysql_select_db ("database"); 
if (!
$connection || !$db) {
        exit(
mysql_error());

// if register globals is on, allow simple name for variables
foreach($_POST AS $key => $value) { ${$key} = sanitize($value); }
foreach(
$_GET AS $key => $value) { ${$key} = sanitize($value); } 

// Handle some db requests 
if (isset($action)) 
{
        
// INSERT NEW LISTING
        
if ($action == "insert") {
                
$sql "INSERT INTO `bike_accidents` (`pub`, `name`, `email`, `okcontact`, `date`, `lawful`, `reported`, `helmet`, `severity`, `address`, `desc`, `note`)
                        VALUES ('$pub', '$name', '$email', '$okcontact', '$date', '$lawful', '$reported', '$helmet', '$severity', '$address', '$desc', '$note')"
;
                if (
mysql_query($sql)) {
                        exit(
header("Location: ./"));  // use redirect to deal with refresh problems
                

                else {
                        exit(
mysql_error());
                }
        }
        
// UPDATE EXISTING LISTING
        
elseif ($action == "update") {
                
$sql "UPDATE `bike_accidents` SET 
                        `uid`='$uid',`pub`='$pub', `name`='$name', `email`='$email', `okcontact`='$okcontact', `date`='$date', `lawful`='$lawful', `reported`='$reported', `helmet`='$helmet', `severity`='$severity', `address`='$address', `desc`='$desc', `note`='$note'
                        WHERE `uid`='$uid' LIMIT 1"
;
                if (
mysql_query($sql)) {
                        exit(
header("Location: ./"));
                } 
                else {
                        exit(
mysql_error());
                }
        }
        
// EXPIRE LISTINGSS
        
elseif ($action == "expireall") {
                
$sql "UPDATE `bike_accidents` SET `pub`='no'";
                if (
mysql_query($sql)) {
                        exit(
header("Location: ./"));
                } 
                else {
                        exit(
mysql_error());
                }
        }
        
// DELETE LISTING
        
elseif ($action == "delete") {
                
$sql "DELETE FROM `bike_accidents` WHERE `uid`='$uid' LIMIT 1";
                if (
mysql_query($sql)) {
                        exit(
header("Location: ./"));
                } 
                else {
                        exit(
mysql_error());
                }
        }
        
// EXPORT TABLE
        
elseif ($action == "export") {
                
header("Content-type: text/plain");
                
$result mysql_query("SELECT * FROM `bike_accidents`");
                if (
$result) {
                        echo 
"\t(Don't Worry.)\n\tDatabase Entries "date("r") ."\n\n";
                        foreach (
mysql_fetch_assoc($result) as $var => $val) {
                                echo 
"$var |"
                        }
                        while (
$row mysql_fetch_assoc($result)) {
                                echo 
"\n";
                                foreach (
$row as $var => $val) {
                                        echo 
str_replace(array("\n""\r"), " <br>"$val) ." |"
                                }
                        }
                        echo 
"\n\n\t...END";
                        exit();
                }
                else {
                        exit(
mysql_error());
                }
        }
// From here onto the HTML
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1" />
<script type="text/javascript" 
                src="http://api.maps.yahoo.com/v3.0/fl/javascript/apiloader.js?appid=YOURYAHOOID"></script>
        <title>BIKE ACCIDENTS</title>
        <link href="./styles.css" rel="stylesheet" type="text/css" />
        <style type="text/css">
<!--
.a_hotlistsub {
        display: hidden;
        background: #f8f8ff;
        border-bottom: 1px solid gray;
        }
-->
        </style>
</head>
<body onload="javascript:hideAll();">
<table summary="layout" border="0" cellspacing="0" cellpadding="1" width="100%" height="100%">
                <tr>
                                <td class="style"><strong>BIKE ACCIDENTS</strong></td>
                                <td align="right" class="style"><a href="./">View Listings</a> / <a href="./?action=addform">Add New Listing</a> / <a href="./?action=logout">Logout</a></td>
                </tr>
                <?
// ADD or EDIT form
if ($action == "addform" || $action == "editform" && isset($uid)) { // if editing, populate the array
        echo '<tr>';
        echo '<td>';
        doform("$action","$uid");
        echo '</td>';
        echo '<td align="right" valign="top">';
        domap("350px","350px","$uid","3"); //height, width, id, zoom
        echo '</td>';
        echo '</tr>';
} else {
        echo '<tr>';
        echo '<td colspan="2" align="center">';
        domap("100%","380px","","5");
        echo '</td>';
        echo '</tr>';
}
?>
                <tr>
                                <td colspan="2"><?
if (!isset($action)) {
// SHOW LISTINGS 
        $sql = "SELECT * FROM `bike_accidents`";
        $sql .= (isset($_GET['viewhidden'])) ? " WHERE `pub`='no'" : " WHERE `pub`='yes'";
        $sql .= (isset($_GET['sort'])) ? " ORDER BY '$sort'" : "";
        $result = mysql_query($sql) or die('There was a database error: ' . mysql_error());
        if ($result) 
        {
                $hidden = "";
                $numrows = mysql_num_rows($result);

?>
                                <strong>Listings: <em><?= $numrows; ?></em></strong>
                                <table id="listings" width="100%" border="0">
                                        <tr>
                                                <td width="10">&nbsp;</td>
                                                <td width="10"><a href="./?sort=uid"><em>ID</em></a></td>
                                                <td width="10"><a href="./?sort=pub"><em>Public</em></a></td>
                                                <td><a href="./?sort=name"><em>Name</em></a></td>
                                                <td><a href="./?sort=date"><em>Date</em></a></td>
                                                <td><a href="./?sort=severity"><em>Severity</em></a></td>
                                                <td><a href="./?sort=address"><em>Location</em></a></td>
                                                <td><a href="./?sort=notes"><em>Notes</em></a></td>
                                                <td width="10"></td>
                                                <td width="10"></td>
                                        </tr>
<?
                while ($row = mysql_fetch_assoc($result)) {
                                        $hidden .= "\nhideLevel('hs". $row['uid'] ."');";
?>
                                        <tr class="a_holist">
                                                <td nowrap="nowrap"><a href="javascript:showLevel('hs<?= $row['uid']; ?>')" longdesc="Toggle">+/-</a></td>
                                                <td nowrap="nowrap"><em><a href="javascript:moveMap('<?= $row['uid']; ?>','<?= $row['address']; ?>')" longdesc="Map"><?= $row['uid']; ?></a></em></td>
                                                <td nowrap="nowrap"><?= $row['pub']; ?></td>
                                                <td nowrap="nowrap"><a href="mailto:<?= $row['email']; ?>" longdesc="email">
                                                        <?= substr($row['name'], 0, 12); ?></a></td>
                                                <td nowrap="nowrap"><?= substr($row['date'], 0, 12); ?></td>
                                                <td nowrap="nowrap"><?= $row['severity']; ?></td>
                                                <td nowrap="nowrap"><?= substr($row['address'], 0, 25); ?>...</td>
                                                <td nowrap="nowrap"><?= substr($row['note'], 0, 25); ?>...</td>
                                                <td class="edit">[<a href="./?action=editform&uid=<?= $row['uid']; ?>">EDIT</a>]</td>
                                                <td class="delete">[<a href="./?action=delete&uid=<?= $row['uid']; ?>" onclick="return confirm('Really delete this record? This cannot be undone.')">DELETE</a>]</td></tr>
                                        <tr><td colspan="10" heigth="1"><div class="a_hotlistsub" id="hs<?= $row['uid']; ?>">
<?
foreach($row as $k=>$v) {
        echo "\n<strong>$k:</strong> \n\t";
        echo str_replace("\n", "<br />", $v) ."<br />";
}
?>
                                        </div></td></tr>
<?
                } //end row loops
?>
                                                </table>
                                                <script type="text/javascript"><!-- /* hide hs sub text */
                                                        function hideAll() { <?= $hidden; ?> }
                                                --></script>
<?
        } //end if result
} // close if no action
?>
                                </td>
                </tr>
                <tr>
                                <td class="style">Questions? <a href="mailto:mist@strans.org">mist@strans.org</a></td>
                                <td class="style" align="right"><a href="./">Show Public Listings</a> / <a href="./?viewhidden=true&sort=<?= $_GET['sort']; ?>">Show Hidden Listings</a> / <a onclick="return confirm('Really Export? This may take a minute')" href="./?action=export">Export Listings</a></td>
                </tr>
</table>
</body>
</html>
<?

/////////////////////////////////////// function for adding or editing items
function doform($action="addform", $uid="")
{
        $row = array(); // create an array for the form 
        if ($uid!="") {
                $sql = "SELECT * FROM `bike_accidents` WHERE `uid`='$uid' LIMIT 1";
                $result = mysql_query($sql);
                if ($result) {
                         $row = mysql_fetch_assoc($result);
                } else {
                         exit(mysql_error());
                }
        }
// print the form
?>
<h2>
                <?= ($action=="editform") ? "Update a Listing" : "Add a Listing"; ?>
</h2>
<form id="form" action="<?= $_SERVER['PHP_SELF']; ?>" method="post" name="form">
                <input type="hidden" name="action" value="<?= ($action=="editform") ? "update" : "insert"; ?>" id="action"  />
                <input type="hidden" name="uid" value="<?= $row['uid'];?>" id="uid" />
                <p>UID: <em><?= ($row['uid'] < 1)? "<strong>No Id Found!</strong>" : $row['uid']; ?></em></p>
                <p>Your Name:
                                <input type="text" name="name"id="name" value="<?= $row['name'];?>" />
                                (Not made public)</p>
                <p>Email:
                                <input type="text" name="email" id="email" value="<?= $row['email']; ?>" />
                                (Not made public)</p>
                <p>OK to contact:
                                <input name="okcontact" type="radio" value="yes" <?= ($row['okcontact']=="yes")? "checked=\"checked\"" : ""; ?> />
                                yes
                                <input name="okcontact" type="radio" value="no" <?= ($row['okcontact']=="no")? "checked=\"checked\"" : ""; ?> />
                                no</p>
                <p style="color:red;"><strong>Show listing:
                                <input type="radio" name="pub" value="yes" <?= ($row['pub']=="yes" || !isset($row['pub']))? "checked=\"checked\"" : ""; ?> />
                                yes
                                <input type="radio" name="pub" value="no" <?= ($row['pub']=="no")? "checked=\"checked\"" : ""; ?> />
                                no</strong></p>
                <p>Location:
                                <input  type="text" name="address"id="address" value="<?= $row['address']; ?>" />
                                <br />
                                ("Higgins and Broadway, Missoula, MT" or "200 N Higgins AV, Missoula, MT, 59802")</p>
                <p>Date:
                                <input type="text" name="date" id="date" value="<?= $row['date']; ?>" />
                                <br />
                                (yyyy-mm-dd hh:mm)</p>
                <p>Description:<br />
                                <textarea name="desc" cols="40" rows="5" id="desc"><?= $row['desc'];?>
</textarea>
                </p>
                <p>Wearing a helmet:
                                <input type="radio" name="helmet" value="yes" <?= ($row['helmet']=="yes" || !isset($row['helmet']))? "checked=\"checked\"" : ""; ?> />
                                yes
                                <input type="radio" name="helmet" value="no" <?= ($row['helmet']=="no")? "checked=\"checked\"" : ""; ?> />
                                no<br />
                                Obeying traffic laws:
                                <input type="radio" name="lawful" value="yes" <?= ($row['lawful']=="yes" || !isset($row['lawful']))? "checked=\"checked\"" : ""; ?> />
                                yes
                                <input type="radio" name="lawful" value="no" <?= ($row['lawful']=="no")? "checked=\"checked\"" : ""; ?> />
                                no<br />
                                Reported to police:
                                <input type="radio" name="reported" value="yes" <?= ($row['reported']=="yes" || !isset($row['reported']))? "checked=\"checked\"" : ""; ?> />
                                yes
                                <input type="radio" name="reported" value="no" <?= ($row['reported']=="no")? "checked=\"checked\"" : ""; ?> />
                                no<br />
                                Severity:
                                <select name="severity">
                                                <option value="">Choose one</option>
                                                <option value="1" <?= ($row['severity']=="1")? "selected=\"selected\"" : ""; ?>>1- no crash, but a minor close call</option>
                                                <option value="2" <?= ($row['severity']=="2")? "selected=\"selected\"" : ""; ?>>2- no crash, but a moderate close call</option>
                                                <option value="3" <?= ($row['severity']=="3")? "selected=\"selected\"" : ""; ?>>3- no crash, but a major close call</option>
                                                <option value="4" <?= ($row['severity']=="4")? "selected=\"selected\"" : ""; ?>>4- crashed, no injury and no bike damage</option>
                                                <option value="5" <?= ($row['severity']=="5")? "selected=\"selected\"" : ""; ?>>5- crashed, no injury but bike damaged</option>
                                                <option value="6" <?= ($row['severity']=="6")? "selected=\"selected\"" : ""; ?>>6- crashed, minor injury (bruise, sprain, etc.)</option>
                                                <option value="7" <?= ($row['severity']=="7")? "selected=\"selected\"" : ""; ?>>7- crashed, moderate injury (broke something)</option>
                                                <option value="8" <?= ($row['severity']=="8")? "selected=\"selected\"" : ""; ?>>8- crashed, severe injury (hospitalized for 3 days or more)</option>
                                                <option value="9" <?= ($row['severity']=="9")? "selected=\"selected\"" : ""; ?>>9- crashed, fatality</option>
                                </select>
                </p>
                <p>Notes:<br />
                                <textarea name="note" cols="40" rows="5" id="note"><?= $row['note']; ?>
</textarea>
                </p>
                <p>
                                <input id="submit" type="submit" name="submit" value="<?= ($action=="editform") ? "Update Listing" : "Add Listing"; ?>" />
                </p>
</form>
<?
}
/////////////////////////////////////// function for showing map
function domap($width="100%", $height="450px", $uid, $zoom="5")
{
?>
<strong>Area Map</strong>
<div id="mapContainer" style="border:1px solid burgandy;width:<?= $width; ?>;height:<?= $height; ?>;"></div>
<script type="text/javascript">
        // Create and display Map object at the address and with zoom level 
        //Include your application ID.
var map = new Map("mapContainer", "YAHOOID", "Missoula, MT", <?= $zoom; ?>); 
        // Wait for the map to initialize and then call addMarkers
map.addEventListener(Map.EVENT_INITIALIZE, addMarkers); 

map.addTool(new PanTool(), true); // Make the map draggable 
map.addWidget(new NavigatorWidget()); // Add Widgets to the map and display them
map.addWidget(new SatelliteControlWidget());

// Recenter map if an address link is clicked on webpage
function moveMap(id, location) {
        map.setCenterByAddress(location);
        marker[id].open();
}

// Show or hide HTML DIVs
// http://www.oreillynet.com/pub/a/javascript/2002/02/22/hierarchical_menus.html 
function hideLevel( _levelId ) {
        var thisLevel = document.getElementById( _levelId );
        thisLevel.style.display = "none";
        }

function showLevel( _levelId ) {
        //marker[_levelId].open();
        var thisLevel = document.getElementById( _levelId );
        if (thisLevel.style.display == "none") {
                hideAll();
                thisLevel.style.display = "block";
        }
        else {
                hideLevel( _levelId );
        }
}

var marker = new Array();
var marker;
// Create a marker object, then add the POI marker to the map 
marker[001]= new CustomPOIMarker('Free Cycles', '', '732 S. 1st St W. <br />Missoula, MT 59801 <br /><br />Free Cycles Missoula is a volunteer <br />effort providing bikes, parts and help for <br />those in need. (406) 541-PATH', '0xFF0000', '0xFFFFFF');
map.addMarkerByAddress(marker[001], '732 S. 1st St. W., Missoula, MT 59801');
<?
        // SHOW LISTINGS 
        if (isset($_GET['viewall'])) { 
                $sql = "SELECT * FROM `bike_accidents`"; 
        } elseif (isset($uid) && $uid!="") {
                $sql = "SELECT * FROM `bike_accidents` WHERE `uid`='$uid' LIMIT 1";
        } else {
                $sql = "SELECT * FROM `bike_accidents` WHERE `pub`='yes'"; 
        } 

        $result = @mysql_query($sql);
        if ($result) 
        {
                echo "\n\n\tfunction addMarkers( oEvent ) { \n";
                while ($row = mysql_fetch_assoc($result)) {
                        $description = substr($row['desc'], 0, 250);
                        $description = wordwrap($description, 60, "<br />");
                        $description = str_replace(array("\n", "\r"), "<br />", $description);
                        $description = addslashes($description);

                        echo "\nmarker[". $row['uid'] ."]";
                        echo " = new CustomPOIMarker('No. ". $row['uid'] ." ', '". $row['address'] ."', '";
                        echo "<br />&#8226; Date: ". $row['date'];
                        echo "<br />&#8226; Lgl: ". $row['lawful'] ." Rpt: ". $row['reported'] ." Hmt: ". $row['helmet'];
                        echo "<br />&#8226; Severity: ". $row['severity'];
                        echo "<br /><br />$description ";
                        echo "[<a href=\"./?action=editform&uid=". $row['uid'] ."\">EDIT</a>]";
                        echo "', '', '');";
                        echo "\nmap.addMarkerByAddress(marker[". $row['uid'] ."], '". $row['address'] ."');\n";
                        if ($uid!="") { 
                                echo "map.setCenterByAddress('". $row['address'] ."')\n";
                        }
                }
                echo "\n\t} \n</script>\n\n";
        }
} //close function

// function for cleaning spam and user input
function sanitize($input) {
                $cleaned = trim($input);
                $cleaned = htmlentities($cleaned);
                $cleaned = mysql_real_escape_string($cleaned);
                return $cleaned;
}
?>

Comments or questions?
PX is running PHP 5.2.17
Thanks to Miranda Productions for hosting and bandwidth.
Use of any code from PX is at your own risk.