Presentation is loading. Please wait.

Presentation is loading. Please wait.

Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett.

Published byRosa Richard Modified over 8 years ago

Similar presentations

Presentation on theme: "Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett."— Presentation transcript:

1 Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett

2 HTML Forms Forms are the primary method of gathering and transferring data using HTML You can have the form written in HTML (dropping out of PHP to do so) Or using the <<<_END and _END; commands you can embed it within the PHP

3 PHP Elements There are a couple of PHP elements specifically meant to deal with forms – $_GET and $_POST we have dealt with already – isset checks to see if the variable has been assigned a value (good for keeping undefined variable errors from appearing)

4 Hidden Fields Hidden fields are part of the HTML form which pass information to the browser but which aren’t directly viewable by the user Very useful for passing information like session ids, building information entered repeatedly into forms, etc – It’s important to remember that anything in this field is viewable within the HTML source

5 Input Name/ID Input Type Input Description emailtext A simple text field to input an e-mail address of width and size 35. pwpasswordA password field of width and size 35. levelselect Make a select box with five options: Freshman, Sophomore, Junior, Senior, and Graduate. You can set the values for each of the options any way you want to. I used 1, 2, 3, 4, and 5. concentrationradio I made three radio buttons all with the name "concentration" so as to group them. I gave them text labels of "Computer Science" (value="CS"), "Information Science" (value="IS"), and "Information Technology" (value="IT"). Five checkboxes with the names “idia617", “idia618", “idia619" CheckboxI set them so that their value was "true". commentsTextarea I made a textarea with cols=40 and rows=5 with the default text, "Enter any comments you have here." sub_btnsubmitJust a submit button with the value "Submit Data."

6 Activity Apply the information on the next slide to a simple PHP form It should: – Read the input – Display the submitted options – Contain a SQL query to “send” the options to the database (you don’t actually have to connect to a db)

7 Sanitizing Input it is a trivial matter for a hacker to use their browser’s View Source feature to extract the form and modify it to provide malicious input – never trust any variable from either the $_GET or $_POST until you have processed it Always make sure to clean up any user input to prevent SQL injection errors – There are many types of escape characters that can execute

8

9 PHP Options PHP has a number of options to clean up user input: – mysql_real_escape_string() – stripslashes() – htmlentites() If you don’t want/need any HTML entities being passed: – strip_tags()

10 Placeholders One way to make a secure code without using the real escape string Predefine a query using ? characters then pass the user generated data to it – This avoids generating queries and directly inserts the information into the database How can we alter the book example from earlier to make use of this?

11 register_globals A deprecated feature of PHP that would automatically assign the input from a get or post to variables matching the same field name Potential security risk since malicious code can be passed as a get Always make sure to initialize your variables during their declaration

Download ppt "Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett."

Similar presentations

Tutorial 6 Creating a Web Form

Tutorial 6 Creating a Web Form
PHP Workshop ‹#› Forms (Getting data from users).

PHP Workshop ‹#› Forms (Getting data from users).
Supplement Creating Forms. Objectives Show how forms are used How to create the Form element HTML elements used for creating input fields.

Supplement Creating Forms. Objectives Show how forms are used How to create the Form element HTML elements used for creating input fields.
Creating Web Page Forms. Objectives Describe how Web forms can interact with a server-based program Insert a form into a Web page Create and format a.

Creating Web Page Forms. Objectives Describe how Web forms can interact with a server-based program Insert a form into a Web page Create and format a.
Tutorial 6 Working with Web Forms

Tutorial 6 Working with Web Forms
Form Basics CS380 1. Web Data  Most interesting web pages revolve around data  examples: Google, IMDB, Digg, Facebook, YouTube, Rotten Tomatoes  can.

Form Basics CS Web Data  Most interesting web pages revolve around data  examples: Google, IMDB, Digg, Facebook, YouTube, Rotten Tomatoes  can.
Tutorial 6 Working with Web Forms. XP Objectives Explore how Web forms interact with Web servers Create form elements Create field sets and legends Create.

Tutorial 6 Working with Web Forms. XP Objectives Explore how Web forms interact with Web servers Create form elements Create field sets and legends Create.
Creating Web Page Forms

Creating Web Page Forms
Tutorial 6 Forms Section A - Working with Forms in JavaScript.

Tutorial 6 Forms Section A - Working with Forms in JavaScript.
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.

Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.
Tutorial #9 – Creating Forms. Tutorial #8 Review – Tables Borders (table, gridlines), Border-collapse: collapse; empty-cells: show; and rowspan, colspan.

Tutorial #9 – Creating Forms. Tutorial #8 Review – Tables Borders (table, gridlines), Border-collapse: collapse; empty-cells: show; and rowspan, colspan.
MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.

MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.
PHP Security.

PHP Security.
Advance Database Management Systems Lab no. 5 PHP Web Pages.

Advance Database Management Systems Lab no. 5 PHP Web Pages.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
XP Tutorial 6New Perspectives on Creating Web Pages with HTML, XHTML, and XML 1 Creating Web Page Forms Designing a Product Registration Form Tutorial.

XP Tutorial 6New Perspectives on Creating Web Pages with HTML, XHTML, and XML 1 Creating Web Page Forms Designing a Product Registration Form Tutorial.
XP Tutorial 6New Perspectives on HTML and XHTML, Comprehensive 1 Creating Web Page Forms Designing a Product Registration Form Tutorial 6.

XP Tutorial 6New Perspectives on HTML and XHTML, Comprehensive 1 Creating Web Page Forms Designing a Product Registration Form Tutorial 6.
1 Creating Web Forms in HTML Web forms collect information from customers Web forms include different control elements including: –Input boxes –Selection.

1 Creating Web Forms in HTML Web forms collect information from customers Web forms include different control elements including: –Input boxes –Selection.
Lecture 6 – Form processing (Part 1) SFDV3011 – Advanced Web Development 1.

Lecture 6 – Form processing (Part 1) SFDV3011 – Advanced Web Development 1.

Similar presentations

Ads by Google