Presentation is loading. Please wait.

Presentation is loading. Please wait.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP Form Handling.

Published byAlban Rice Modified over 8 years ago

Similar presentations

Presentation on theme: "Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP Form Handling."— Presentation transcript:

1 Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP Form Handling

2 Open Source Server Side Scripting 2 ECA 236 HTML Forms  field names  no spaces  will match variable names (letters, numbers, underscores)  method  GET  POST  action  the script to which data is sent

3 Open Source Server Side Scripting 3 ECA 236 accessing variables Three ways to access form data: 1. $first_name and $last_name  variable names are the same as field names  register_globals must be set to ON in php.ini  least secure of the three ways First Name: Last Name:

4 Open Source Server Side Scripting 4 ECA 236 accessing variables cont … 2. superglobals: $_GET $_POST $_REQUEST  global associative arrays  $first_name = $_GET[‘first_name’];  only accepted variables are ones submitted through form  introduced in PHP version 4 First Name: Last Name:

5 Open Source Server Side Scripting 5 ECA 236 accessing variables cont … 3. $HTTP_GET_VARS or $HTTP_POST_VARS  associative arrays  $first_name = $HTTP_GET_VARS[‘first_name’];  PHP version 3 and earlier – still works in version 4  may be unsupported by future versions First Name: Last Name:

6 Open Source Server Side Scripting 6 ECA 236 self-submission  set the action of the form to itself from a document named test.php, if we wanted to send data to a separate form handler, the form would read: to reference itself, set action to test.php :

7 Open Source Server Side Scripting 7 ECA 236 self-submission cont …  isset( ) when passed a variable, isset( ) will return TRUE if that variable is set to some value, FALSE if the variable is NULL before form is submitted, all variables have a value of NULL once submitted, variable will have one of the following values:  information entered by user  empty string  TRUE

8 Open Source Server Side Scripting 8 ECA 236 self-submission cont … First Name: Last Name:

9 Open Source Server Side Scripting 9 ECA 236 self-submission cont … ”> A more efficient way of setting the action of a form to send data to itself is to use the $PHP_SELF variable accessed through the superglobal $_SERVER $PHP_SELF will always contain the current script’s name as the value Notice that the reference to the variable must be placed between the tagset

10 Open Source Server Side Scripting 10 ECA 236 validating form data  isset( )  returns TRUE if variable holds a value  drawback: returns TRUE if it holds an empty string if( isset( $first_name ) ) { echo “Hello, $first_name.”; } else{ echo “You forgot to enter your first name.”; }

11 Open Source Server Side Scripting 11 ECA 236 validating form data  empty( )  returns TRUE if argument is  “ ” (an empty string)  0 (zero as an integer)  “0” (zero as a string)  NULL  FALSE  array( ) (an empty array)  returns FALSE if it holds a non-empty, non-zero value if( empty( $first_name ) ) { echo “Please enter your first name”; }

12 Open Source Server Side Scripting 12 ECA 236 validating form data cont …  strlen( )  returns the length of a string  can be used to test for empty strings if( strlen( $first_name ) > 0 ){ echo “Hello, $first_name.”; } else{ echo “You forgot to enter your first name.”; }

13 Open Source Server Side Scripting 13 ECA 236 validating form data cont …  trim( )  removes white space from both ends of a variable  can be used to eliminate empty strings, and remove extraneous white space at beginning and end of variables $first_name = trim( $_GET[‘first_name’] );

14 Open Source Server Side Scripting 14 ECA 236 validating form data cont … radio buttons "> Male: Female:

15 Open Source Server Side Scripting 15 ECA 236 validating form data cont …  Purpose of validation  make sure the script has all the information it needs to do what it was designed to do  ensure the data is of the right type  added level of security by reducing user error and user maliciousness

16 Open Source Server Side Scripting 16 ECA 236 sending values manually Two other ways to pass variables and values 1. HTML form hidden input type

17 Open Source Server Side Scripting 17 ECA 236 sending values manually cont … 2. Append name=value pair to anchor tags to access these variables use $_GET or $_REQUEST superglobal Click Here for author Click Here for Subject $author = $_REQUEST[‘author’];

18 Open Source Server Side Scripting 18 ECA 236 error handling  ERRORS: fatal run-time errors, such as calling a function which does not exist – cause immediate termination  WARNINGS: non-fatal run-time errors, such as trying to include( ) a file that does not exist  NOTICES: less serious warnings which may result from a bug in your code, but may actually be intentional ( such as using an uninitialized variable)

19 Open Source Server Side Scripting 19 ECA 236 error handling cont … E_ERROR1Fatal run-time errors E_WARNING2Run-time warnings ( non-fatal errors ) E_PARSE4Compile-time parse errors E_NOTICE8Notices (may or may not be a problem ) E_CORE_ERROR16Fatal start-up errors E_CORE_WARNING32Non-fatal start-up errors E_COMPILE_ERROR64Fatal compile-time errors E_COMPILE_WARNING128Non-fatal compile-time errors E_USER_ERROR256User-generated error messages E_USER_WARNING512User-generated warnings E_USER_NOTICE1024User-generated notices E_ALL All errors, warnings, and notices

20 Open Source Server Side Scripting 20 ECA 236 error handling cont …  default error handling is set to E_ALL & ~E_NOTICE or E_ALL // beginning test echo “... begin test... ”; // include a non-existent variable echo “ The variable $no_such_var is not initialized. ”; // end test echo “... end test... “;... begin test... Notice: undefined variable: no_such_var in test_error.php The variable is not initialized.... end test...

21 Open Source Server Side Scripting 21 ECA 236 error handling cont …  example of a WARNING // beginning test echo “... begin test... ”; // include a non-existent file include( ‘no_such_file.inc’ ); // print more test echo “... end test... “;... begin test... Warning: main(no_such_file.inc): failed to open stream: No such file or directory in testError.php on line 26... end test...

22 Open Source Server Side Scripting 22 ECA 236 error handling cont …  example of fatal error // beginning test echo “... begin test... ”; // call to a non-existent function no_such_function( ); // print more test echo “... end test... “;... begin test... Fatal error: Call to undefined function: no_such_function() in testError.php on line 29

23 Open Source Server Side Scripting 23 ECA 236 error handling cont …  in a live, production site  turn off error reporting  create custom error messages  during site development  use highest level of error reporting  display notices, warnings, and errors  to change level of error reporting  reconfigure php.ini  PHP functions

24 Open Source Server Side Scripting 24 ECA 236 error handling in php.ini  change level of error reporting in php.ini file  turn error display functionality on or off error_reporting = E_ALL ; or other appropriate value error_display = Off

25 Open Source Server Side Scripting 25 ECA 236 error handling functions  error_reporting( ) one argument: level of error reporting // turn off all error reporting error_reporting( 0 ); // beginning text echo “... begin text... ”; // call to a non-existent function no_such_function( ); // print more text echo “... end text... “;... begin text...

26 Open Source Server Side Scripting 26 ECA 236 error handling functions  error_reporting( ) // turn on all error reporting error_reporting( E_ALL ); // beginning text echo “... begin text... ”; // call to an undeclared variable echo $undeclared_var; // print more text echo “... end text... “;... begin text... Notice: Undefined variable: undeclared_var in testError.php on line 77... end text...

27 Open Source Server Side Scripting 27 ECA 236 error handling functions  temporarily shut off error handling with @ operator // beginning text echo “... begin text... ”; // call to a non-existent function @no_such_function( ); // print more text echo “... end text... “;... begin text...

28 Open Source Server Side Scripting 28 ECA 236 error handling functions  set_error_handler( ) one argument: name of custom function  custom error handler function takes at least 2, up to 5 arguments  error type  error message optional:  file name  line number  current PHP variables

29 Open Source Server Side Scripting 29 ECA 236 error handling functions  set_error_handler( ) // define custom error handler set_error_handler( ‘customError’ ); // create custom function to handle errors function customError( $type, $msg ) { echo " Error! "; echo " Error code: $type "; echo "Error msg: $msg "; echo " Please contact your system administrator. "; } Error! Error code: 2 Error msg: main(no_such_file.inc): failed to open stream: No such file or directory Please contact your system administrator.

30 Open Source Server Side Scripting 30 ECA 236 error handling functions  set_error_handler( ) setting all 5 arguments // define custom error handler set_error_handler( ‘customError’ ); // create custom function to handle errors function customError( $type, $msg, $file, $line, $vars ) { // statements... }

31 Open Source Server Side Scripting 31 ECA 236 error handling functions  set_error_handler( ) further customization function customError( $type, $msg) { switch( $type ){ case E_NOTICE: // do nothing break; case E_WARNING: echo “ A non-fatal error occurred: $msg ”; break; case E_ERROR: die( “ A fatal error occurred: $msg ” ); break; }

32 Open Source Server Side Scripting 32 ECA 236 error handling functions  set_error_handler( )  the default error handlers for E_ERROR and E_PARSE cannot be overwritten by a user-defined function.

Download ppt "Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP Form Handling."

Similar presentations

PHP Form and File Handling

PHP Form and File Handling
Error HandlingPHPMay-2007 : [#] PHP Error Handling.

Error HandlingPHPMay-2007 : [#] PHP Error Handling.
Detecting Bugs Using Assertions Ben Scribner. Defining the Problem  Bugs exist  Unexpected errors happen Hardware failures Loss of data Data may exist.

Detecting Bugs Using Assertions Ben Scribner. Defining the Problem  Bugs exist  Unexpected errors happen Hardware failures Loss of data Data may exist.
CHAPTER 3 MORE ON FORM HANDLING INCLUDING MULTIPLE FILES WRITING FUNCTIONS.

CHAPTER 3 MORE ON FORM HANDLING INCLUDING MULTIPLE FILES WRITING FUNCTIONS.
CSCI 215 Web Programming II Debugging & Error Handling.

CSCI 215 Web Programming II Debugging & Error Handling.
JavaScript Forms Form Validation Cookies CGI Programs.

JavaScript Forms Form Validation Cookies CGI Programs.
CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.
Email. If the PHP server is an email server or is aware of which server is the email server, then one can write code that emails information. –For example,

. If the PHP server is an server or is aware of which server is the server, then one can write code that s information. –For example,
CST 200 - JavaScript Validating Form Data with JavaScript.

CST JavaScript Validating Form Data with JavaScript.
Lecture 8 : PHP Errors & Exceptions UFCFR5-15-3 Advanced Topics in Web Development II 2014/15 SHAPE Hong Kong.

Lecture 8 : PHP Errors & Exceptions UFCFR Advanced Topics in Web Development II 2014/15 SHAPE Hong Kong.
MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.

MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.
PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.

PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.
Advance Database Management Systems Lab no. 5 PHP Web Pages.

Advance Database Management Systems Lab no. 5 PHP Web Pages.
Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.
Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.

Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.
Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition

Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition
JavaScript Form Validation

JavaScript Form Validation
PHP : Hypertext Preprocessor

PHP : Hypertext Preprocessor
1 Chapter 6 – Creating Web Forms and Validating User Input spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information.

1 Chapter 6 – Creating Web Forms and Validating User Input spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Similar presentations

Ads by Google