Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy

Agenda Presentations Presentations Overview of existing pages and functionality Overview of existing pages and functionality SQL sort SQL sort Creating mysql tables Creating mysql tables PHP security infrastructure PHP security infrastructure Mid-term Project Mid-term Project In class work: Sessions In class work: Sessions

Lab 3 Create folder “class5” Create folder “class5” Copy week4 files into week5 Copy week4 files into week5 Update index.php to display all the information. The information should be displayed in an format. Update index.php to display all the information. The information should be displayed in an format. Update update.php to allow age to be updated Update update.php to allow age to be updated Send to with URL to input form file before 6pm on October 10. Send to with URL to input form file before 6pm on October

Sort DB records SELECT * FROM persons ORDER BY fname ASC; SELECT * FROM persons ORDER BY fname ASC; SELECT * FROM persons ORDER BY fname DESC; SELECT * FROM persons ORDER BY fname DESC; The ORDER BY keyword is used to sort the result-set by a specified column. The ORDER BY keyword is used to sort the result-set by a specified column. The ORDER BY keyword sort the records in ascending order by default. The ORDER BY keyword sort the records in ascending order by default. If you want to sort the records in a descending order, you can use the DESC keyword. If you want to sort the records in a descending order, you can use the DESC keyword.

phpMyAdmin

mySQL Data Types Numeric Numeric Float Float Integer Integer String String Char Char Varchar Varchar Text Text Date Date

Create mySQL Table Structure Name each field Name each field Select a Type Select a Type Assign a length for VARCHAR or CHAR types Assign a length for VARCHAR or CHAR types Design default values Design default values Determine if NULL values allowed by using NULL checkbox Determine if NULL values allowed by using NULL checkbox Pick one field as ID and select INT type and A_I checkbox Pick one field as ID and select INT type and A_I checkbox

PHP Global Variables $_POST $_POST $_GET $_GET $_SESSION $_SESSION $_COOKIES $_COOKIES

Cookies A cookie is a small file that is stored on the client computer when visiting a website. Stored on the client computer Stored on the client computer Lifespan set when created Lifespan set when created Work well with large sites that use several Web servers Work well with large sites that use several Web servers No good if the client has disabled cookies No good if the client has disabled cookies Can be edited since they reside on the client system Can be edited since they reside on the client system

How to use Cookies // Set a cookie for one hour setcookie("TestCookie", “YAY", time()+3600); // Get cookie information echo $_COOKIE["TestCookie"];echo $HTTP_COOKIE_VARS["TestCookie"]; // Delete cookies setcookie ("TestCookie", "", time() );setcookie ("TestCookie", "");

Sessions Sessions are a combination of a server-side cookie and a client-side cookie, where the client-side cookie is simply a reference id to the information stored in the server-side cookie. Server-size cookie can store large amounts Server-size cookie can store large amounts Data is stored on the server Data is stored on the server Only last until the user closes their browser Only last until the user closes their browser

How to use Sessions // Have to start session before any output session_start(); // Set the variable for page session $_SESSION['favcolor'] = 'green'; // Get the session variable information echo $_SESSION[‘favcolor’]; // Finally, destroy the session.unset($_SESSION[“favcolor”]);session_destroy();

IMPORTANT NOTE To use cookie-based sessions, session_start() must be called before outputting anything to the browser.

Security model LOGIN PAGE SECURED PAGE If username and password combination are in DB then “TRUE” else “FALSE” TRUEFALSE SELECT * FROM users WHERE username=‘bob’ AND password =‘mypass’; Not logged in

Security test if ($_SESSION[“status”] !== “Active”) {header(“Location:login.php”);} if (mysql_num_rows($object) == 1) { $_SESSION[“status”] = “Active”; } login.php secure.php

Questions?

Lab 4 Make sure clas files are working for : Make sure clas files are working for : index.php index.php signin.php signin.php signout.php signout.php Username (rob) and Password (.rob) Username (rob) and Password (.rob) Send to with URL to input form file before 6pm on October 17. Send to with URL to input form file before 6pm on October 17.

Mid-term Project Create folder called project1 Create folder called project1 Create mySQL table that has at least 5 fields Create mySQL table that has at least 5 fields SELECT all records from the table SELECT all records from the table Create a web form that has INSERT and UPDATE functionality for the table Create a web form that has INSERT and UPDATE functionality for the table Add a two-way sort functionality Add a two-way sort functionality At least TWO fields have to be required and display error messages At least TWO fields have to be required and display error messages Send to with URL to file before 6pm on October 24. Send to with URL to file before 6pm on October 24.