200 likes | 387 Views
CSC 2720 Building Web Applications. Server-side Scripting with PHP. Overview of Server-Side Scripting. Web Client. HTTP Request. HTTP Response. 1. 5. Web Server. Static Content (HTML, Images, etc.). 2. Runtime environments for server side scripts (PHP, Perl, JSP, etc.). 3. 4.
E N D
CSC 2720Building Web Applications Server-side Scripting with PHP
Overview of Server-Side Scripting Web Client HTTP Request HTTP Response 1 5 Web Server Static Content (HTML, Images, etc.) 2 Runtime environments for server side scripts (PHP, Perl, JSP, etc.) 3 4 PHP Scripts Perl Scripts JSP Scripts
Overview of Server-Side Scripting 1. Web client sends a HTTP request to a server • A HTTP request consists of • A request method: GET, POST, HEAD, PUT, etc. (GET and POST are the two most common used methods) • A URI that identifies the requested resource • Header fields • A body (which can be empty) 2. Web server determines how to retrieve the requested resource. • In the web server configuration file, one can specify how a particular kind of resources is to be handled. For examples, • Files with .php extension To be handled by the PHP module • Files with .html, .jpg, .gif extensions To be retrieve directly • Files in folder /xxx/yyy/ To be treated as CGI scripts • …
Overview of Server-Side Scripting 3. Runtime environment • A runtime environment typically has the following capabilities • Interpreting/executing the server-side scripts • Maintaining sessions • Parsing incoming HTTP request and generating outgoing HTTP response • Caching generated output, frequently-used scripts, etc. • Different scripting languages may require different runtime environments 4. The requested script is processed by the corresponding runtime environment and the generated output is placed in the body of a HTTP response. 5. The HTTP response is sent to the web client.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 <html> <head> <title>Basic PHP Page</title> </head> <body> <?php echo "Hello World!"; ?> <hr> <?phpecho "How are you?";?> </body> </html> PHP Script is embedded within <?php … ?> in a text file . - Typically store in a file with the extension .php - Usually inter-weaving with HTML codes A PHP Script that output "Hello World".
PHP Tutorials (The Basics) http://www.w3schools.com/PHP/default.asp • Output • Variables • Strings • Operators • Named Constants • Single vs. Double Quotation marks • Arrays
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 … <form action="form1.php" method="POST"> Name: <input type="text" name="name" /><br/> <input type="submit" /> </form> <hr /> <?php // If the user reaches this page by submitting // the name through the above form. if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!empty($_POST['name'])) echo "Hello! " . $_POST['name']; else echo "Please enter a name"; } ?> <br /> … form1.php: Retrieving and displaying form data
Retrieving Form Data • PHP made available the form data embeded in a HTTP request through several supergobal arrays: • $_POST • Contains form data sent via the POST method • $_GET • Contains form data sent via the GET method • $_REQUEST • Union of $_GET, $_POST, and $_COOKIE • Convenient to use but not secure (why?)
Other Superglobal Arrays • $_FILES • Contains data sent via the HTTP POST file upload • $_COOKIE • Contains cookies embedded in the HTTP header • $_SESSION • Stores data within a script's session • $_ENV • Contains data provided by the environment • $_SERVER • Contains data set by the web server (e.g., server's name, version, etc.)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 … <form action="form2.php" method="GET"> <select name="list1[]" multiple="true" size="3"> <option value="Value 1">List Item #1</option> <option value="Value 2">List Item #2</option> <option value="Value 3">List Item #3</option> </select> <input type="submit" /> </form> <hr /> <?php if (is_array($_GET['list1'])) { foreach ($_GET['list1'] as $value) echo $value . "<br />"; } ?> … form2.php: Retrieving multiple data from a list or check boxes
Checking for Omitted Input • If a text field, password field, or text area is blank, an empty string is assumed to be its value. • i.e., the corresponding variable name will still appear in the query string as name1=&name2= • If a user does not • Click a button • Select any item from a selectable list • Check a radio button or check box the corresponding variable is not returned • i.e., the corresponding variable name won't appear in the query string.
Checking for Omitted Input • isset($var) is false if and only if $var is NULL. • i.e., either $var does not exist or is never assigned a value. • Use this function to check if a form variable exists • Use this function to check if a check box, radio button, button, or a selectable list has a value • empty($var) is true if $var is 0, empty string, NULL, or FALSE. • Use this function to check if a text field, password field, or text area has a value that is not an empty string.
Checking the data type of a variable • is_array($var) is true if and only if $var is an array. • is_numeric($var) is true if $var is a numerical-type variable or a string containing a valid numeric value. • Use this function to check if a value entered in a form is a number or not. • Other type validating functions: • is_bool(), is_float(), is_int(), is_null(), is_resource(), is_scalar(), is_string()
Making Sticky Form • A sticky form is simply a standard HTML form that remembers how you filled it out. • Text field example: <input type="text" name="city" size="20" value="<?php echo $_POST['city']; ?>" /> • Selectable list example: echo '<select name="year">'; for ($y = 2008; $y <= 2018; $y++) { echo "<option value=\"$y\"; if ($year == $y) echo ' selected="selected"'; echo ">$y</option>\n"; } echo '</select>'; Can you give an example when you should use a sticky form?
Using External Files • include() and require() • Insert the content of a file into the script that calls the function. • e.g., include('header.ihtml'); include('C:/php/abc/file.php'); • Can be used to include header, menu, footer of a web site. • When include() fails, it output a warning message but the script will continue to run. • When require() fails, it output a warning message and the script is halted. • include_once() and require_once() • Only include/insert the content of a file once per request. • Usually used to include PHP library codes.
Forwarding the request to another PHP file 1 2 3 4 5 6 7 8 9 10 11 12 • Anything output before calling include() will remain in the output. • The URL shown in the web client will be the URL of the above file and not the URL of login.php. <?php // User has not yet logged in if (…) { // Show the login page instead include("login.php"); exit();// Return immediately } // Otherwise proceed with displaying the file content ?> <html> … </html>