Professional Documents
Culture Documents
!doctype HTML Body Form Input BR Input BR Input /form /body
!doctype HTML Body Form Input BR Input BR Input /form /body
!doctype HTML Body Form Input BR Input BR Input /form /body
DOCTYPE HTML>
<html>
<body>
</body>
</html>
When the user fills out the form above and clicks the submit button, the form
data is sent for processing to a PHP file named "welcome.php". The form data
is sent with the HTTP POST method.
To display the submitted data you could simply echo all the variables. The
"welcome.php" looks like this:
<html><body>
Welcome <?php echo $_POST["name"]; ?><br>
Your email address is: <?php echo $_POST["email"]; ?>
</body>
</html>
Output
Welcome John
Your email address is john.doe@example.com
The same result could also be achieved using the HTTP GET method:
<!DOCTYPE HTML>
<html>
<body>
</body>
</html>
<html>
<body>
</body>
</html>
Both GET and POST are treated as $_GET and $_POST. These are
superglobals, which means that they are always accessible, regardless of scope
- and you can access them from any function, class or file without having to do
anything special.
$_GET is an array of variables passed to the current script via the URL
parameters.
$_POST is an array of variables passed to the current script via the HTTP POST
method.
Note: GET should NEVER be used for sending passwords or other sensitive
information!
However, because the variables are not displayed in the URL, it is not possible
to bookmark the page.
Next, lets see how we can process PHP forms the secure way!
<!DOCTYPE HTML>
<html>
<head>
</head>
<body>
<?php
// define variables and set to empty values
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = test_input($_POST["name"]);
$email = test_input($_POST["email"]);
$website = test_input($_POST["website"]);
$comment = test_input($_POST["comment"]);
$gender = test_input($_POST["gender"]);
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<?php
echo "<h2>Your Input:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
?>
</body>
</html>
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
//form requried
$nameErr = $emailErr = $genderErr = $websiteErr = "";
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);//form handling
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["website"])) {
$website = "";
} else {
$website = test_input($_POST["website"]);//form handling
// check if URL address syntax is valid (this regular expression also
allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-
9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
$websiteErr = "Invalid URL";
}
}
if (empty($_POST["comment"])) {
$comment = "";
} else {
$comment = test_input($_POST["comment"]);//form handling
}
if (empty($_POST["gender"])) {
$genderErr = "Gender is required";
} else {
$gender = test_input($_POST["gender"]);//form handling
}
}
//form handling
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<?php
echo "<h2>Your Input:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $website;
echo "<br>";
echo $comment;
echo "<br>";
echo $gender;
?>
</body>
</html>
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Create database
$sql = "CREATE DATABASE myDB";
if ($conn->query($sql) === TRUE) {
echo "Database created successfully";
} else {
echo "Error creating database: " . $conn->error;
}
$conn->close();
?>
Note: When you create a new database, you must only specify the first three
arguments to the mysqli object (servername, username and password).
Tip: If you have to use a specific port, add an empty string for the database-
name argument, like this: new mysqli("localhost", "username", "password", "",
port)
// Create connection
$conn = mysqli_connect($servername, $username, $password);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
// Create database
$sql = "CREATE DATABASE myDB";
if (mysqli_query($conn, $sql)) {
echo "Database created successfully";
} else {
echo "Error creating database: " . mysqli_error($conn);
}
mysqli_close($conn);
?>
Example (PDO)
<?php
$servername = "localhost";
$username = "username";
$password = "password";
try {
$conn = new PDO("mysql:host=$servername", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "CREATE DATABASE myDBPDO";
// use exec() because no results are returned
$conn->exec($sql);
echo "Database created successfully<br>";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
Tip: A great benefit of PDO is that it has exception class to handle any
problems that may occur in our database queries. If an exception is thrown
within the try{ } block, the script stops executing and flows directly to the first
catch(){ } block. In the catch block above we echo the SQL statement and the
generated error message.
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$conn->close();
?>
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
if (mysqli_query($conn, $sql)) {
echo "Table MyGuests created successfully";
} else {
echo "Error creating table: " . mysqli_error($conn);
}
mysqli_close($conn);
?>
Program No: 1
Write a Servlet program to validate login.
1) Open an NetBeans.
<html><head>
<title>Login page</title>
<meta charset="UTF-8">
</head>
<body>
</form></body></html>
6) Servlet class is created with the methods. Replace the proccessRequest method with service
name.
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
String name=request.getParameter("uname");
String pwd=request.getParameter("pass");
out.println("<html><head><title>Login</title></head>");
out.println("<body bgcolor='pink'>"); if(name.equals("admin")&&
pwd.equals("test"))
out.println("<h2>Login successful</h2>");out.println("<form
action='http://localhost:8080/ServletDemo/NewServlet ' method='get'>");
else
out.println("<h2>Login unsuccessful</h2>");
out.println("</body></html>");
/**
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
processRequest(request, response);
/**
*/
@Override
processRequest(request, response);
/**
*/
@Override
}// </editor-fold>
Date Servlet
import java.io.*;
import javax.servlet.http.*;
import javax.servlet.*; import
java.util.*;
ServletException, IOException{
Program No: 2
<title>"Sample Page</title>
<body>
<center>
<br><br>
<br><br>
</form>
</body>
</html>
<web-app>
<servlet>
<servlet-name>DApp</servlet-name>
<servlet-class>DServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>DApp</servlet-name>
<url-pattern>/cse</url-pattern>
</servlet-mapping>
</web-app>
2) Open another editor & type the following Servlet code: ( DServlet.java)
Program No: 3
Write a Servlet program to demonstrate Color servlet
1) Edit the following code: (Save as Color.html)
<html><body>
<center>
<b>Color :</b>
</select>
<br><br>
<web-app><servlet>
<servlet-name>CServlet</servlet-name>
<servlet-class>ColorServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CServlet</servlet-name>
<url-pattern>/color</url-pattern>
</servlet-mapping></web-app>
3) Open another editor & type the following Servlet code: ( ColorServlet.java)
ServletException, IOException{
out.println(str);
out.close();
import java.io.*;
import java.util.*;
throws IOException{
if ( c != null ){
if((c[x].getValue()).equals("561")){
break;
}
if ( user == null ){
responseString = new String("Welcome to our site,we have created a session for you.");
}else{
} out.println("<html>"); out.println("<body>");
out.println(responseString); out.println("</body></html>");
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
public class HttpSessionServlet extends HttpServlet
IOException
HttpSession s = request.getSession();
if ( s != null ){
movies = (String[])s.getAttribute("Movies");
out.print("<html>");
out.print("<body>");
out.print(movies[x] + "<BR>");
out.print("</body></html>");
IOException{
if ( s != null ){
s.setAttribute("Movies", movies);
out.print("<html>");
out.println("<body>");
out.print(movies[x] + "<br>");
<web-app>
<servlet>
<servlet-name>hss</servlet-name>
<servlet-class>HttpSessionServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>hss</servlet-name>
<url-pattern>/hss</url-pattern>
</servlet-mapping>
</web-app>