Close this window

Visit the Interface Creator website - for latest documentation and support forums. Interface Creator is maintained as a utility for the OrderSys and LabStoRe PHP softwares.

Parts of Interface Creator
Interface Creator has two sections.
      The administration section has two parts - the front part or homepage is used to add database tables (and their fields) to the system. For every table (e.g., 'proteins') that is added, the system creates a new database table named similarly, but with a 'dadabik_' prefix (e.g., 'dadabik_proteins'; the prefix is specified in config.php). The second, Interface configurator part allows one to configure the way forms used to manipulate data for particular tables appear as well as to affect the display of fields in the record listings and details pages. E.g., a form used to enter a new entry for a 'proteins' table may have a field where one uses a pull-down menu to select the 'nature' of the protein entry being added. The Interface Creator allows one to specify the options that will appear in the pull-down menu.
      The data-browser part of the Interface Creator are the front pages. One can browse (and search) the data to obtain lists of records and their details, and can add, delete or edit them.

Installing and uninstalling tables, and refreshing the installations
Installation results in two things - first, a 'Interface Creator_' prefixed (the prefix is specified in config.php), internal table is created in the database; secondly, the table is added to a Interface Creator-installed database table that lists the tables that have been 'installed' into Interface Creator. To install a table, browse to the front part or homepage of the Interface Creator administration section. An installed table can similarly be uninstalled.
      On the administration homepage you will also see options that allow you to exclude a table. Any installed table can be excluded. Unlike for uninstallation, the internal table remains in the database in case of exclusion.
      If the structure of a database table is altered, e.g., by renaming of a field, the internal table needs to be updated. Use the provided options on the administration homepage to do so.

Affecting the display order of a table's fields
Normally, the order in which a record's information content (dictated by values in the table's fields), for example in the record details display or record edit form, is displayed depends on the order of the fields in the database's table. This ordering can however be altered by using options provided on the administration homepag.

Configure the forms and record listings and record details display
      On the configuration page, choose the field you want to configure from the pull-down menu. (The field is named the same as in the corresponding database table.) Then use the provided form. The settings that you specify are the ones that get stored in the Interface Creator_prefixed tables. A description of the options is provided below:
      A little understanding of HTML forms and database tables will ensure that you configure the form fields properly (scroll to bottom for some helpful links). Similarly, error-free filling of the forms in Interface Creator will ensure that things run as you expect.
      Also note that if a form was configured in a certain way earlier and used to add data to the database database tables, then changing a form-field's configuration may make data from the database tables appear 'strange' or not at all in the Interface Creator.

• Label: what will be displayed as label of the field in the form
• Field type, select among:
  • text: a text box; a box to input text in a single row
  • textarea: a textarea box; a box to input text in multiple rows
  • rich_editor: a rich text editor that allows to easily insert/modify HTML content; based on TinyMCE
  • password: a password text box
  • insert_date: the current date will be automatically inserted into this field when you insert a new record in your table; you should not include an insert_date field in the insert/update form, see below to understand how to include/exclude a field from a form. Note that the corresponding database database table field type must be date
  • update_date: the current date will be automatically inserted into this field when you update a record in your table; you should not include an update_date field in the insert/update form, see below to understand how to include/exclude a field from a form. Note that the corresponding database database table field type must be date
  • date: three select fields: day, month, year. Note that the corresponding database field type must be date
  • select_single: a pull down menu that will allow selection of one of the items; see below to understand how to specify the items
  • generic_file: an input field that allow the user to browse in his file system and upload a file. You need to specify the allowed file extensions in interface_creator/config.php. Unlike an image_file (see below), a generic_file will not be displayed automatically even if they are for images. One will have to click on it.
  • image_file: the same as the above, but in this case the 'Interface Creator' supposes that the file is an image and shows it when the record is displayed. Thus, these files have to be of jpg, jpeg or gif types. The type png may not work in some older browsers (meaning that the browser will not show the image). You need to specify the allowed file extensions in config.php.
  • ID_user: the ID_user of the current user will be automatically inserted into this field when you insert a new record; you should not include an ID_user field in the insert/update form, see below to understand how to include/exclude a field from a form. If you use user account-based authentication (see below), then the tables should have a field named 'ID_user' and those fields should be configured to be of this type.
  • unique_ID: a unique ID generated by using the PHP function unique_ID() in conjunction with microtime(), getmypid() and md5() will be automatically inserted in this field when you insert a new record into your table; you should not include a unique_ID field in the insert/update form, see below to understand how to include/exclude a field from a form
• Content type: the content determines what check procedure the 'Interface Creator' should use during an insert/update and how a field value is displayed; select among:
  • alphabetic: only alphabetic characters allowed
  • alphanumeric: all characters allowed; this is the default and you would, most likely, leave it like that
  • numeric: only numeric characters allowed
  • url: only URL with a correct syntax allowed, support from http/https/ftp protocols and port numbers; field displayed as a URL link
  • email: only e-mail address with a correct syntax allowed; field displayed as a mailto: link
  • html: all characters allowed; the 'Interface Creator' doesn't perform a conversion from special characters to HTML entities with htmlspecialchars for the fields having this content type. For example, this content type can be used to enter a full custom URL in the standard format used on web pages. eg: <a href="#">Link Text</a> entered in the field will produce Link Text displayed in the Interface Creator (where # is the actual link).
  • phone: only phone numbers with a correct syntax - e.g. +39025689781 - allowed
• The following parameters are used to choose if a field must be displayed and used in the data browsing section of the Interface Creator: Field present in the search form?/Field present in the results page?/Field present in the details page?/Field present in the insert/update form? Note that 'results page' are the main front pages, and not just 'search result' pages.
• Is the field a required one? Choose if the field should be required during insert and update procedures
• Check for duplicated entries during insert? Choose if the field value should be checked for possible duplication during the insert procedure
• Other choices allowed? Choose if a user can input values other than the provided options (see 'Options to include' below) in case of select_single menus. For single_select menus, if someone chooses an item from the menus and also types in a choice when other choices are allowed, the former will take precedence.
• Options to include: specify the possible options of a pull-down menu. E.g. ~~teacher~manager~student~, in this example the first option is blank. Use the parameters below if you want these options to come from another table. Instead of '~,' you can choose a separate 'separator' - see below. Note the '~' at both the beginning and the end. For select_single menus, the 'other choice' (see point above) will become part of the presented options in future.
• Primary key field: (only if using a foreign table) Instead of specifying options manually (above), you can have the options generated automatically using values from a different ('foreign') table. Specify here the key (field name) for that table from which the options will be generated.
• Primary key table: (only if using a foreign table) Specify here the name of the foreign table.
• Linked fields: (only if using a foreign table) the fields in the foreign table you want to display. Imagine you have a table albums_tab that contains information about CDs. In this table you have a field ID_author that "links" the table authors_tab. If you want to display, for each record, first_name_author and last_name_author of author_tab, you have to use ID_author as primary key, authors_tab as primary key table, first_name_author~last_name_author as linked fields
. Do not leave this empty - atleast put in the field that you used for 'Primary key field.'
• Order by: (only if using a foreign table) the linked field by which you want to order the items in the pull down menus; a table field name.
• Search operator: (applies only for seacrhes done in the data browser section of the Interface Creator) specify is_equal, contains, starts_with, ends_with, greater_than, less_than or a group of this operator separated by "/". E.g., if you specify just "contains," the Interface Creator will use always the contains operator for this field during the search; if you use "exactly/contains," the Interface Creator will create for this field a pull-down menu with the operators exactly/like, the user can then choose the preferred one during each search operation
• Prefix: for text and textarea fields you can choose a prefix default value for your field, e.g. "http://" if your field need to be filled with a Web url; the prefix will be displayed directly in the insert form, but if the user doesn't fill-in the field it will be considered as blank
• Default value: for text and textarea fields you can choose a default value for your field, the value will be displayed directly in the insert form
• Width: the width of an input box, in characters, used with text, password and textarea box
• Height: the height of an input box, in rows, used with textarea box
• Maxlength: the maximum number of characters allowed in the input box, used with text, password, textarea box and pull-down menu
• Hint: the text of a hint for the user that will appear during the insert/update procedure near the input field
• Separator: you can safely leave the default one, ~, or choose a different character. The separator should be one character in length and choosing a character that may occur as a part of data will cause problems (e.g., '@' as it occurs in e-mail addresses).

Authentication
An authorization model is available to prevent unauthorized accesses and/or to allow users to delete, modify or view only their own records. (The owner of a record is the user who entered it.) With authorization enabled, the administration pages are protected too; also, see 'security' below.
      By default, the authentication system is OFF. You must enable it in config.php by setting $enable_authentication to 1. Certain parameters regarding authentication are set there too. Users and encrypted passwords, and the rights of the user (administrator or not), are stored in the users_tab that Interface Creator installs in the database. Config.php can be altered to set another table for authentication (see config.php). With just authentication enabled, a visitor will have to log in but he can view, edit, etc., all records of all tables. You may be happy with just this. Also, by setting $enable_admin_authentication to 1 in config.php, you can restrict access to the administrative pages to admin users only (irrespective of the $enable_authentication settings.
      Authentication can be further extended so that every authenticated user can work with his or her records only. To make this work, each table you want to protect must have a field whose field type is set to ID_user, and this field must be set as 'ID_user' field type in the form configurator; you also have to set $enable_authentication = 1 in config.php. By setting the parameters $enable_delete_authorization, $enable_update_authorization and $enable_browse_authorization you can then customize your authorization model. E.g., if $enable_update_authorization is set to true (enabled), then the logged-in user can update only those records that have the 'ID_user' field set with their 'ID_user' value (i.e., their own records). Those records for which an 'ID_user' value has not been set or for which the values are different (meaning that they were created by someone else) will not be accessible. This will apply for all, but only those, tables that have the 'ID_user' field, with the field set to 'ID_user' field type in the configurator.
      The 'record ownerships' can be transferred from one user to another using the re-assignment form on the administration page.
      There are two types of users: normal users and administrator users. The Interface Creator is released with the following default administrator user - root, password - letizia (please change this after installation). The Interface Creator uses by default the table 'users_tab' (which it installs by default; this default table name is specified in config.php) to store user information; but, you can use your own users table, changing the $users_table_* parameters in config.php. User passwords are MD5-encrypted.
       Follow these steps for authentication to work. Change settings in config.php. Create (or edit) the database tables to have a field labelled 'ID_User.' Choose to use either the Interface Creator-created users_tab table or a different users table. If different, it still must have atleast the types of fields that are in users_tab (it can have other fields too) and those fields must be specified in config.php. Also, if using a different table, create atleast one admin account (the Interface Creator's users_tab comes filled with one admin account - root/letizia) and populate the table with user names, passwords (MD5 encrypted), user type (admin or normal), etc., using phpMyAdmin, Navicat application, etc. (The Interface Creator won't do so).
      Note that the field for password stores values in MD5 version. That is, the MD5-encoded password values are stored. There are many ways to create MD5 values. On UNIX-like systems (e.g. using Mac OS X, using the Terminal application), you can type 'md5 -s password' (where password is the text) to generate the MD5 value. Alternately, 'install' the users table (e.g., users_tab) into the Interface Creator (from the administration page), and start adding users after going to the data browser pages. When you do so, you can use the 'create password' link to generate the MD5 encrypted password.
      Note that the users table (as designated in config.php) can be manipulated (editing, inserting, etc.) only when logged in with an administrator account.
      Finally, configure the forms for the tables in the interface configurator, and for the 'ID_user' field, select 'ID_user' as field type, and make the field 'not shown' in insert/update forms. This is required for authentication to work.

Further configuration of the Interface Creator
Some configuration changes, such as the type of messages users see, are implemented through the config.php file. You may want to go through it to change certain parameters. You can of course modify the PHP codes to suit your needs.

Securing Interface Creator
Besides code modification and authentication (see 'authentication' above), other means to secure Interface Creator may be implemented. Using .htaccess files is a common method.

Debugging
Certain parameters in config.php can be turned on to enable debugging for fixing issues.

Some helpful links
1. Interface Creator website - for latest documentation and support forums.
2. HTML forms - a tutorial from w3schools.com

Close this window