360 likes | 390 Views
PHP Web Pages. Advance Database Management Systems Lab no. 5. Introduction. So far we have considered static web pages. We used PHP scripts to write simple programs with (built-in) capability to perform computation Now, we’d like to build smarter pages which Respond to user’s actions
E N D
PHP Web Pages Advance Database Management Systems Lab no. 5
Introduction • So far we have considered static web pages. • We used PHP scripts to write simple programs • with (built-in) capability to perform computation • Now, we’d like to build smarter pages which • Respond to user’s actions • Retrieve dynamic information • Support conditional behavior
Problem: Handling user input We still don’t have a way to get input from the user. Note:PHP does not have its web controls as ASP has.
Getting User Input • There can be two ways of getting Input data from user • URL Paremeters and $_GET array • Web Forms (HTML CONTROLS)
URL Parameters • PHP has the capability to pull parameters out of the URL query string • Parameters can be passed as text after the file name, e.g., http://localhost/test.php? name=john & age=2 • Parameter names and values can be accessed as variables using special • array named $_GET
URL Parameters Example Browser retrieves the URL: http://local host/test.php?name=john &age=2 in test.php <?php echo $_GET[“name”]; // displays john echo $_GET[“age”]; // displays 2 ?>
Web Forms (HTML Controls) • We need a more elegant way of passing parameters to PHP pages • HTML forms can be used to accept input from users which contain a set of input tags • Text boxes, checkboxes, etc. • Form pages can • submit data to a PHP page • Pass input values in query string
Creating web forms • Form tag controls what is done with data <form action="results.php" method="get” name="hello"> <!-- form input controls go here --> </form> • action: Page to submit results to • method: How to submit data, • name: Used to refer to the form
Form Actions • The form’s ACTION is the name of the PHP script (points to PHP page) • When the user submits the form • the web server executes the PHP script in results.php file
Form submission methods • HTTP supports two methods for submitting form data • GET • Parameters are passed in URL string • Parameters visible to user in browser window • Easy to debug • POST • Parameters included in body of HTTP request • Not visible to user • Can handle larger data items
$_GET Function • The built-in $_GET function is used to collect values from a form sent with method="get". • Information sent from a form with the GET method is visible to everyone (it will be displayed in the browser's address bar) and has limits on the amount of information to send (max. 100 characters).
When to use method="get"? • When using method="get" in HTML forms, all variable names and values are displayed in the URL. • Note: This method should not be used when sending passwords or other sensitive information! • However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases. • Note: The get method is not suitable for large variable values; the value cannot exceed 100 characters.
Form inputs • Allow users to input data • Generally have a name and a value • Map to parameters when form is posted • Text box • Textarea (larger text box) • Checkbox • Radio button • Menu • Submit button
Text input/Text Box • One-line text input • <input type="text" name="message“ value="Welcome" size="40“ maxlength="25“ /> • name: input name • value: default value • size: length (in characters) • maxlength: Maximum number of characters to accept
Text area • Larger, multiline text box <textarea name=“box” cols=“25” rows=“6”> Default text goes inside tags </textarea> • Name: input name • Cols: width (in characters) • Rows: number of rows
Checkbox • Checkbox, allows for boolean choices <input type=“checkbox” name=“test“ value=”true" checked=“checked” /> • Name: input name • Value: value if checked (name=value) • Checked: if included, box is checked by default
Select (pulldown or menu) • Allows user to choose item from a dropdown menu <select name=”beverage"> <option value=”coffee">I prefer coffee</option> <option value=”tea">I prefer tea</option> </select> • Will submit variable “beverage” with • value “coffee” or “tea”
Radio button • Presents multiple options, user chooses one <input type="radio" name=”fruit" value=”apple“ checked=“checked” /> <input type="radio" name=”fruit" value=”papaya” /> <input type="radio" name=”fruit" value=”mango” /> • Each item in a group has same name, • different value • Only one button can be checked by default • Value of parameter fruit will be apple, papaya,mango
Hidden field • Sometimes we want to pass data to forms without user’s input • User’s password, current time <input type=“hidden” name=“key” value=“hello” /> • Won’t be shown to user • Will pass parameter “key=hello” to form
Submit button • When clicked, submits form data to target <input type=”submit" value=”Submit form” /> • Value: Label of submit button
Labeling form elements • The most common way to add labels is simply to place text beside the form input • Add me to mailing list: <input type=”checkbox" name=”addtolist" value=”true" checked=“checked” /> <br/> Save password: <input type=”checkbox" name=”savepw” value=”true" checked=“checked” />
Other PHP server variables • $_POST • Like $_GET, but for POST requests • $_REQUEST • Searches both GET and POST for parameters • $_SERVER • Stores additional information from server • User’s IP address, host URL, etc
$_POST • The built-in $_POST function is used to collect values from a form sent with method="post". • Information sent from a form with the POST method is invisible to others and has no limits on the amount of information to send. • Note: However, there is an 8 Mb max size for the POST method, by default (can be changed by setting the post_max_size in the php.ini file).
$_POST Example • <form action="welcome.php" method="post">Name: <input type="text" name="fname" />Age: <input type="text" name="age" /><input type="submit" /></form> • When the user clicks the "Submit" URL will change to welcome.php. • in "welcome.php" file,we can now use the $_POST function to collect form data (the names of the form fields will automatically be the keys in the $_POST array): • Welcome <?php echo $_POST["fname"]; ?>!<br />You are <?php echo $_POST["age"]; ?> years old.
When to use method “POST”? • Information sent from a form with the POST method is invisible to others and has no limits on the amount of information to send.
$_REQUEST • $_REQUEST • The PHP built-in $_REQUEST function contains the contents of both $_GET, $_POST, and $_COOKIE. • The $_REQUEST function can be used to collect form data sent with both the GET and POST methods. • Example Welcome <?php echo $_REQUEST["fname"]; ?>!<br />You are <?php echo $_REQUEST["age"]; ?> years old.
$_SERVER • $_SERVER • When the variable has been assigned from the server
Example <html> <head> <title>Test page</title> </head> <body> <!-- content goes here --> <!-- these are HTML comments --> <h1>Form demo</h1> <form action="results.php" method="get" name="hello"> Enter message: <input type="text" name="message" value="Hi“ /> <input type="submit" value="Go!“ /> </form> </body> </html>
Accessing form data //results.php <?php $user = $_GET[“username”]; echo “You entered “ . $user; ?>
Form validation • When we process forms, we can’t be sure • that the user included correct information • May have left fields blank • May have put in improper information • Never Trust User Input! • We may want to validate the form input • before using it • PHP provides a number of functions to • help us validate form input • isset() is variable null? • is_numeric() is variable a numeric type? • is_string() is variable a string?
Validation example <?php // multiply a number by two // get parameter “num” from url string $num = $_GET[“num”]; // is $num a number? if not, throw an error if (!is_numeric($num)) { echo “Error!”; } else { echo $num*2; } ?>
Including libraries • Place PHP file in same directory or subdirectory • Simpler than Java, no packages or namespaces • Essentially pastes included code into file
PHP Include File • Server Side Includes (SSI) • You can insert the content of one PHP file into another PHP file before the server executes it using two types of functions. • include() • generates a warning in case errors in included file, but the script will continue execution • require() • generates a fatal error, and the script will stop • These two functions are used to create functions, headers, footers, or elements that will be reused on multiple pages.
Server side includes saves a lot of work. This means that you can create a standard header, footer, or menu file for all your web pages. When the header needs to be updated, you can only update the include file, or when you add a new page to your site, you can simply change the menu file (instead of updating the links on all your web pages).
Include example in math.php: <?php function mult($n1,$n2) { return $n1*$n2; } ?> in index.php: <?php include(“math.php”); echo mult(15,5); ?>