Creating a Banking Application Deposit Script [con't]
The profile.php script
The script is responsible for showing the logged in customer their profile. This means that the customer will be able to view selected information about their accounts and personal information that is stored in the database. I've deliberately kept the information that is stored in the database short. You can of course add or remove information as you see fit. The information is presented in two parts. The first is the personal information. This part contains the customer name and physical address etc. The second part is the Account information section; this part shows the user the types of accounts that are registered in their name, the balance on those accounts the account numbers and offers options such as changing pin numbers. There are three buttons on this form. The first lets a user save changes that they make on the page. The customer can only change their address and names at this point. The second button enables a user to simply close the page. When the user presses this button, they are directed to the home page. The final button on the page enables a user to change their pin. Below is the code outline of the script as well as a screenshot of what the page actually looks like:
The code explained
The code starts by including the classes that are required by the script. These classes contain the methods that are required to execute certain parts of the page. Immediately after including the classes, we need to instantiate the class that we want to use. In our case, we need to use both, but since the customer class inherits the methods and attributes of the accounts class, we do not need to instantiate the accounts class at all. So we instantiate the customer class:
Since there are three buttons on the form, we need to test each of them. First we check if the Âsave changes' button has been pressed. This means that the user has modified either the name or address information:
If so, we start the data validation process. The only changes we expect are the name and address, both of which are of type string. Since we are going to insert this data into the database, it is important that the information is not empty. So we will check for two things, first to make sure that the form values are not empty and second to check that they are of type string:
Now, we continue to process the form data on condition that the validation process has not turned up any errors. So we test the $err variable:
If no errors were detected, we take the next step and Âready' the variables for database entry. We do this by using the mysql_real_escape_string() function that is specifically created for this purpose:
Then we call the updatecustomer() method of the customer class to make the necessary updates. We will discuss the updatecustomer() method later on in the article. If an error occurs during the update process, we show an appropriate message:
Now we test to see if the close form button has been pressed. This button simply tells the script to go to the home page:
The third button tells the script to redirect the customer to the changepin.php page:
The HTML
The HTML portion of the page also contains some dynamic code. When the customer first loads the page, it has to contain the customer name and address already. It also has to contain the customer's account information such as the account type, account number and account balance. The other dynamic part of the HTML page is the error display section. Here all the errors that are encountered during the data validation process are shown. So let's take a look at what happens where. First, the HTML page headers are created:
Then in the body section of the page, an HTML table is build that will host the information:
Then the navigation panel is built. Note that the navigation panel now includes links to the administration area and to the profile page:
Finally, we start to build the form that will take customer input:
Also included in the form is the code that displays the error messages if they exist:
The personal information section contains limited personal information about the customer:
Here we use class methods to extract the information that we require about the customer. We use three methods:
- getcustdetails(customerID) Â This method is responsible for retrieving all customer details from the database. Before we use the methods that we are going to describe below, we need to call this method. The method takes one argument, which is the customer ID. This ID will be used in a database query to extract information about the customer.
Next we want the customer's name, so we use the getcustname() method to get the customer name:
We do the same for the customer address:
Once we've retrieved the customer name and address from the database, we store them in a form input element, which will then be sent to the processing code when the form is submitted:
Next, we store and display the customer address in the text area of the form:
We get to the account information section. This section will display the customer's account details:
Here we show the customer's account details, using the accountsprofile() method. Because the method retrieves the logged-in customer details, the method requires the ID of the customer. We will look at the
Method in detail a little later:
Finally, we get to the buttons, the form has three buttons as explained before; below, the tags that host them is shown:
That's it for the HTML portion of the form. Next, we look at the methods that the script uses.
Original: November 23, 2009