CENG 449 Lecture 11 welcome.php"> CENG 449 Lecture 11 welcome.php">

Presentation is loading. Please wait.

Presentation is loading. Please wait.

Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: E-mail: CENG 449 Lecture 11.

Published byJerry Spurling Modified over 8 years ago

Similar presentations

Presentation on theme: "Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: E-mail: CENG 449 Lecture 11."— Presentation transcript:

1 Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: E-mail: CENG 449 Lecture 11

2 Slide 2 of 40 <?php $name=$_POST["name"]; $email=$_POST["email"]; echo "Your name is ".$name." "; echo "Your email is ".$email." "; ?> CENG 449 Lecture 11 welcome.php

3 Slide 3 of 40 <?php if(isset($_POST["name"]) && isset($_POST["email"]) { $name=$_POST["name"]; $email=$_POST["email"]; echo "Your name is ".$name." "; echo "Your email is ".$email." "; } ?> CENG 449 Lecture 11 welcome.php

4 Slide 4 of 40 Name: E-mail: CENG 449 Lecture 11

5 Slide 5 of 40 <?php $name=$_GET["name"]; $email=$_GET["email"]; echo "Your name is ".$name." "; echo "Your email is ".$email." "; ?> CENG 449 Lecture 11

6 Slide 6 of 40 GET vs. POST Both GET and POST create an array (e.g. array( key => value, key2 => value2, key3 => value3,...)). This array holds key/value pairs, where keys are the names of the form controls and values are the input data from the user. Both GET and POST are treated as $_GET and $_POST. These are superglobals, which means that they are always accessible, regardless of scope - and you can access them from any function, class or file without having to do anything special. $_GET is an array of variables passed to the current script via the URL parameters. $_POST is an array of variables passed to the current script via the HTTP POST method. CENG 449 Lecture 11

7 Slide 7 of 40 When to use GET? Information sent from a form with the GET method is visible to everyone (all variable names and values are displayed in the URL). GET also has limits on the amount of information to send. The limitation is about 2000 characters. However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases. GET may be used for sending non-sensitive data. Note: GET should NEVER be used for sending passwords or other sensitive information! CENG 449 Lecture 11

8 Slide 8 of 40 When to use POST? Information sent from a form with the POST method is invisible to others (all names/values are embedded within the body of the HTTP request) and has no limits on the amount of information to send. Moreover POST supports advanced functionality such as support for multi-part binary input while uploading files to server. However, because the variables are not displayed in the URL, it is not possible to bookmark the page. NoteDevelopers prefer POST for sending form data. CENG 449 Lecture 11

9 Slide 9 of 40 What is the $_SERVER["PHP_SELF"] variable? The $_SERVER["PHP_SELF"] is a super global variable that returns the filename of the currently executing script. So, the $_SERVER["PHP_SELF"] sends the submitted form data to the page itself, instead of jumping to a different page. This way, the user will get error messages on the same page as the form. CENG 449 Lecture 11

10 Slide 10 of 40 What is the htmlspecialchars() function? The htmlspecialchars() function converts special characters to HTML entities. This means that it will replace HTML characters like with < and >. This prevents attackers from exploiting the code by injecting HTML or Javascript code (Cross-site Scripting attacks) in forms. See: http://www.w3schools.com/php/php_form_validation.asp http://www.w3schools.com/php/php_form_validation.asp for an example CENG 449 Lecture 11

11 Slide 11 of 40 "> First name: Last name: <?php if(isset($_POST['firstname']) && isset($_POST['lastname'])) { echo("First name: ". $_POST['firstname']. " \n"); echo("Last name: ". $_POST['lastname']. " \n"); } ?> CENG 449 Lecture 11

12 Slide 12 of 40 CENG 449 Lecture 11

13 Slide 13 of 40 \n"); echo("Last name: ". $_POST['lastname']. " \n"); } ?> "> First name: Last name: CENG 449 Lecture 11

14 Slide 14 of 40 Secure input data To prevent hackers entering your system, use the following approach while inputting the data from user <?php // define variables and set to empty values $name = $email = $gender = $comment = $website = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { $name = test_input($_POST["name"]); $email = test_input($_POST["email"]); $website = test_input($_POST["website"]); $comment = test_input($_POST["comment"]); $gender = test_input($_POST["gender"]); } function test_input($data) { $data = trim($data); // avoids the blank spaces at the beginning and at the end $data = stripslashes($data); // stripes slashes $data = htmlspecialchars($data); // convers special characters such as &lt return $data; } ?> CENG 449 Lecture 11

15 Slide 15 of 40 Select Forms: Art Supply Order Form Paint Brushes Erasers Quantity: CENG 449 Lecture 11

16 Slide 16 of 40 process.php "; echo "Thank you for ordering!"; ?> CENG 449 Lecture 11

17 Slide 17 of 40 CENG 449 Lecture 11

18 Slide 18 of 40 PHP HTML Form radio button Example Enter Your Full Name : You are : Male Female CENG 449 Lecture 11

19 Slide 19 of 40 example.php <?php if(isset($_POST['BtnSubmit'])) { echo " Your form data as bellow "; echo " Your Name: {$_POST['FullName']}"; echo " Your are: {$_POST['YourGender']}"; echo " "; } ?> CENG 449 Lecture 11

20 Slide 20 of 40 CENG 449 Lecture 11

21 Slide 21 of 40 Checkbox example: PHP HTML Form checkbox Example Male Female CENG 449 Lecture 11

22 Slide 22 of 40 process.php <?php if (isset($_POST['gender'])) { echo "Your gender is "; echo $_POST['gender']; // Displays value of checked checkbox. } ?> CENG 449 Lecture 11

23 Slide 23 of 40 CENG 449 Lecture 11

24 Slide 24 of 40 PHP HTML Form button Example Enter Your Name : Enter Your SurName : CENG 449 Lecture 11

25 Slide 25 of 40 process.php <?php if (isset($_POST['save'])) { echo "Save button is pressed! "; } if (isset($_POST['clear'])) { echo "Clear button is pressed! "; } if (isset($_POST['update'])) { echo "Update button is pressed! "; } ?> CENG 449 Lecture 11

26 Slide 26 of 40 CENG 449 Lecture 11

27 Slide 27 of 40 Mulltiple Selection CheckBox: Please select your book types: Drama Action and Adventure Romance Mystery Horror Guide Science History CENG 449 Lecture 11

28 Slide 28 of 40 <?php $bookArray=$_POST['book']; echo "Your selected books are "; foreach ($bookArray as $aBook) { echo "$aBook "; } ?> CENG 449 Lecture 11

29 Slide 29 of 40 CENG 449 Lecture 11

30 Slide 30 of 40 PHP and MySQL MySQL works very well in combination of various programming languages like PERL, C, C++, JAVA and PHP. Out of these languages, PHP is the most popular one because of its web application development capabilities. PHP provides various functions to access MySQL database and to manipulate data records inside MySQL database. You would require to call PHP functions in the same way you call any other PHP function. The PHP functions for use with MySQL have the following general format: mysql_function(value,value,...); CENG 449 Lecture 11

31 Slide 31 of 40 Following example shows a generic syntax of PHP to call any MySQL function. PHP with MySQL <?php $retval = mysql_function(value, [value,...]); if( !$retval ) { die ( "Error: a related error message" ); } // Otherwise MySQL or PHP Statements ?> CENG 449 Lecture 11

32 Slide 32 of 40 MySQL Connection using PHP Script: connection mysql_connect(server,user,passwd,new_link,client_flag); Connecting MySQL Server <?php $dbhost = 'localhost:3036'; $dbuser = 'guest'; $dbpass = 'guest123'; $conn = mysql_connect($dbhost, $dbuser, $dbpass); if(! $conn ) { die('Could not connect: '. mysql_error()); } echo 'Connected successfully'; mysql_close($conn); ?> CENG 449 Lecture 11

33 Slide 33 of 40 Adding data to MySQL Database PHP HTML Form radio button Example Enter Your Full Name : Enter Your Student Number : You are : Male Female CENG 449 Lecture 11

34 Slide 34 of 40 CENG 449 Lecture 11

35 Slide 35 of 40 <?php $stFullName=$_POST['Fullname']; $stNumber=$_POST['stNumber']; $stGender=$_POST['YourGender']; $dbhost = "localhost"; $dbuser = "root"; $dbpass = ""; $conn = mysql_connect($dbhost, $dbuser, $dbpass); if(! $conn ) { die('Could not connect: '. mysql_error()); } echo 'Connected successfully'; $sql = "INSERT INTO studentInfoTable (stFullName,stNumber, stGender) VALUES ('$stFullName','$stNumber','$stGender')"; mysql_select_db('studentInfo'); $retval = mysql_query( $sql, $conn ); if(! $retval ) { die('Could not enter data: '. mysql_error()); } echo "Entered data successfully\n"; mysql_close($conn); ?> CENG 449 Lecture 11

36 Slide 36 of 40 User Data Form Enter Your Name : Enter Your SurName : Enter Your Student Number : You are : Male Female CENG 449 Lecture 11

37 Slide 37 of 40 <?php $stName=$_POST['Name']; $stSurname=$_POST['Surname']; $stFullName=$Name." ".$Surname; $stNumber=$_POST['stNumber']; $stGender=$_POST['YourGender']; $dbhost = "localhost"; $dbuser = "root"; $dbpass = ""; $conn = mysql_connect($dbhost, $dbuser, $dbpass); if(! $conn ) { die('Could not connect: '. mysql_error()); } echo 'Connected successfully'; $sql = "INSERT INTO studentInfoTable (stName, stSurname,stFullName,stNumber, stGender) VALUES ('$stName','$stSurname','$stFullName','$stNumber','$stGender')"; mysql_select_db('studentInfo'); $retval = mysql_query( $sql, $conn ); if(! $retval ) { die('Could not enter data: '. mysql_error()); } echo "Entered data successfully\n"; mysql_close($conn); ?> CENG 449 Lecture 11

38 Slide 38 of 40 Search data in database User Data Form Enter Name to be Searhed : CENG 449 Lecture 11

39 Slide 39 of 40 <?php $stName=$_POST['Name']; $dbhost = "localhost"; $dbuser = "root"; $dbpass = ""; $conn = mysql_connect($dbhost, $dbuser, $dbpass); if(! $conn ) { die('Could not connect: '. mysql_error()); } echo 'Connected successfully'; mysql_select_db('studentInfo'); $sql = "SELECT * FROM studentInfoTable WHERE stName='$stName'"; $retval = mysql_query( $sql, $conn ); if(! $retval ) { die('Could not get data: '. mysql_error()); } while($row = mysql_fetch_array($retval) { echo "$row['stName'] $row['stSurname'] "; } echo "Fetched data successfully\n"; mysql_close($conn); ?> CENG 449 Lecture 11

40 Slide 40 of 40 CENG 449 Lecture 11

Download ppt "Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: E-mail: CENG 449 Lecture 11."

Similar presentations

PHP Form and File Handling

PHP Form and File Handling
24-Aug-14 HTML Forms. 2 What are forms? is just another kind of HTML tag HTML forms are used to create (rather primitive) GUIs on Web pages Usually the.

24-Aug-14 HTML Forms. 2 What are forms? is just another kind of HTML tag HTML forms are used to create (rather primitive) GUIs on Web pages Usually the.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
PHP Week 11 INFM 603. Thinking About PHP Local vs. Web-server-based display HTML as an indirect display mechanism “View Source” for debugging –But not.

PHP Week 11 INFM 603. Thinking About PHP Local vs. Web-server-based display HTML as an indirect display mechanism “View Source” for debugging –But not.
1 Chapter 5 – Handling HTML Controls in Web Pages spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.

1 Chapter 5 – Handling HTML Controls in Web Pages spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
PHP Forms. I. Using PHP with HTML Forms A very common application of PHP is to have an HTML form gather information from a website's visitor and then.

PHP Forms. I. Using PHP with HTML Forms A very common application of PHP is to have an HTML form gather information from a website's visitor and then.
Uploading Files. Why? By giving a user the option to upload a file you are creating an interactive page You can enable users have a greater web experience.

Uploading Files. Why? By giving a user the option to upload a file you are creating an interactive page You can enable users have a greater web experience.
IS1500: Introduction to Web Development

IS1500: Introduction to Web Development
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io

Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.

MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.
PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.

PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.
Advance Database Management Systems Lab no. 5 PHP Web Pages.

Advance Database Management Systems Lab no. 5 PHP Web Pages.
Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh E-mail.

Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh .
Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.
Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.

Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.
Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.

Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
PHP Forms and User Input The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input.

PHP Forms and User Input The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input.
INTERNET APPLICATION DEVELOPMENT For More visit:

INTERNET APPLICATION DEVELOPMENT For More visit:
Lecture 6 – Form processing (Part 1) SFDV3011 – Advanced Web Development 1.

Lecture 6 – Form processing (Part 1) SFDV3011 – Advanced Web Development 1.

Similar presentations

Ads by Google