Professional Documents
Culture Documents
Advanced IP-Chapter-2 - Lect-4, 5
Advanced IP-Chapter-2 - Lect-4, 5
1
Using HTML form with PHP
– One of the advantages of PHP has always been the ability to easily
manipulate information submitted by the user through an HTML
form.
– Sending data to a script via an HTML form
– The post vs. get methods
– Name value pairs
– Capturing and using data sent via an HTML form.
• What is a HTML FORM?
– A form basically contains boxes and buttons
– Provides two-way communication between web servers
and browsers.
– Demand for most of the emerging applications.
– Providing dynamic contents.
2
FORM Tags and Attributes
• Several tags are used in connection with
forms:
<form> …… </form>
<input>
<textarea> …… </textarea>
<select> …… </select>
3
<FORM> …… </FORM> Tag
4
METHOD:
◦ Indicates how the information in the form will be
sent to the web server when the form is submitted.
◦ Two possible values:
POST: causes a form’s contents to be parsed one element
at a time.
GET: concatenates all field names and values in a single
large string.
◦ POST is the preferred method because of string
size limitations in most systems.
5
• ACTION:
– Specifies the URL of a program on the origin
server that will be receiving the form’s
inputs.
– Traditionally called Common Gateway
Interface (CGI).
– The specified program is executed on the
server, when the form is submitted.
• Output sent back to the browser.
6
<INPUT> Tag
• This tag defines a basic form element.
• Several attributes are possible:
• TYPE
• NAME
• SIZE
• MAXLENGTH
• VALUE
• SRC
• ALIGN
7
TYPE:
◦ Defines the kind of element that is to be
displayed in the form.
“TEXT” – defines a text box, which provides a
single line area for entering text.
“RADIO” – radio button, used when a choice
must be made among several alternatives
(clicking on one of the buttons turns off all others
in the same group).
“CHECKBOX” – similar to the radio buttons, but
each box here can be selected independently of
the others.
8
◦ “PASSWORD” – similar to text box, but characters are
not shown as they are typed.
◦ “HIDDEN” – used for output only; cannot be
modified (mainly used to refer to choices that have
already been made earlier).
◦ “IMAGE” – used for active maps. When the user
clicks on the image, the (x,y) co-ordinates are stored
in variables, and are returned for further processing.
◦ “SUBMIT” – creates a box labeled Submit; if clicked,
the form data are passed on to the designated CGI
script.
◦ “RESET” – creates a box labeled Reset; if clicked,
clears a form’s contents.
9
NAME:
◦ Specifies a name for the input field.
◦ The input-handling program (CGI) in reality
receives a number of (name,value) pairs.
SIZE:
◦ Defines the number of characters that can be
displayed in a TEXT box without scrolling.
MAXLENGTH:
◦ Defines the maximum number of characters a TEXT
box can contain.
10
VALUE:
◦ Used to submit a default value for a TEXT or
HIDDEN field.
◦ Can also be used for specifying the label of a
button (renaming “Submit”, for example).
SRC:
◦ Provides a pointer to an image file.
◦ Used for clickable maps.
ALIGN:
◦ Used for aligning image types.
◦ ALIGN = TOP | MIDDLE | BOTTOM
11
<TEXTAREA> … </TEXTAREA> Tag
• Can be used to accommodate multiple text
lines in a box.
• Attributes are:
– NAME: name of the field.
– ROWS: number of lines of text that can fit into the
box.
– COLS: width of the text area on the screen.
12
<SELECT> …. </SELECT> Tag
Used along with the tag <OPTION>.
Used to define a selectable list of elements.
◦ The list appears as a scrollable menu or a pop-up
menu (depends on browser).
Attributes are:
◦ NAME: name of the field.
◦ SIZE: specifies the number of option elements that
will be displayed at a time on the menu. (If actual
number exceeds SIZE, a scrollbar will appear).
13
MULTIPLE: specifies that multiple
selections from the list can be made.
<FORM ………….>
……..
Languages known:
<SELECT NAME=“lang” SIZE=3 MULTIPLE>
<OPTION> English
<OPTION> Amharic
<OPTION> Afan Oromo
<OPTION> Tigrigna
</SELECT>
</FORM>
14
Example 1
<HTML>
<HEAD>
<TITLE> Using HTML Forms </TITLE>
</HEAD>
<BODY TEXT="#FFFFFF" BGCOLOR="#0000FF“
LINK="#FF9900" VLINK="#FF9900“
ALINK="#FF9900">
<CENTER><H3> Student Registration Form </H3>
</CENTER>
Please fill up the following form about the courses
you will register for this Semester.
15
<FORM METHOD="POST" ACTION="/cgi/feedback">
<P> Name: <INPUT NAME="name" TYPE="TEXT“ SIZE="30"
MAXLENGTH="50">
<P> Roll Number: <INPUT NAME="rollno“ TYPE="TEXT"
SIZE="7">
<P> Course Numbers:
<INPUT NAME="course1" TYPE="TEXT" SIZE="6">
<INPUT NAME="course2" TYPE="TEXT" SIZE="6">
<INPUT NAME="course3" TYPE="TEXT" SIZE="6">
<P> <P> Press SUBMIT when done.
<P> <INPUT TYPE="SUBMIT">
<INPUT TYPE="RESET">
</FORM> </BODY> </HTML>
16
17
The following example uses a simple information form that consists of two
text fields, two checkboxes, and a select box that permits multiple entries:
<html> <head><title>Tour Information</title></head> <body>
<h2>Mission Information</h2>
<form action="formaction.php">
<table width="100%">
<tr><td>Transport Name:</td><td><input type="text"
name="ship" /></td></tr>
<tr><td>Trip Date:</td><td><input type="text" name="tripdate"
/></td></tr>
<tr><td colspan="2">Mission Goals:</td></tr>
<tr>
<td><input type="checkbox" name="exploration" value="yes" />
Exploration</td>
<td><input type="checkbox" name="contact" value="yes" />
Contact</td>
18
</tr> <tr>
<td valign="top">Language Choice </td>
<td>
<select name=“language" multiple="multiple">
<option value=“amharic">Amharic</option>
<option value=“english">English</option>
<option value=“spanish">Spanish</option>
</select>
</td>
</tr>
<tr><td colspan="2" align="center"><input type="submit"
/></td></tr>
</table>
</form> </body> </html>
19
20
Two-tier Software Architecture
4. Browser
displays page
21
Example– simple calculation (arithmetic, for-loop)
makes HTML wrapper
22
HTML Form requests simple calculation
Calculation
HTML wrapper
23
Architecture Overview for Example
data for
program program
submits requested query-string
Form
m1.php ?NAME=abebe &M=2&N=2
retrieves m1.php
compiles m1.php
m1.html starts program
24
HTML FORM Example Code Overview
LAYOUT
PHP program requested
Form data/variables
</form >
activates Form: sends data to server
Initial HTML
<?php
?>
More HTML
<?php
?>
More HTML
26
<html><head>
<style type="text/css">
body { background-color: cyan ; font-size:18pt ; }
</style>
</head><body>
PHP code for calculations
HTML Code sends products
<?php
Form variable 1*1
Gets..data
M *MN & N from server
$M = $_GET[ "M" ]; names to browser
$N = $_GET[ "N" ]; PHP variables begin with $
print "Here come the multiples!<br><br>" ; Sends output stream
to browser
PHP for ( $i=1 ; $i <= $M; $i++ )
{ names
variable print "<br>" ; Typical for-loop
for ( $k=1 ; $k <= $N; $k++ )
{ $x = $i * $k ; Nested for-loop
print "$i * $k = $x" ; See with: dynamic HTML
Generates
print "<br>" ; View > Page Source
} Intermingled
}; HTML and text.
print "That's all folks<br><br>" ;
show_source("m1.php"); Displays PHP code.
?>
27
</body></html>
Calculator.html
<html>
<h1><center>Calculator</center></h1>
<form action="calculator.php" method="post">
<table align="center">
<th> Choose arithmetic operator<th>Enter the values </th>
<tr><td>+<input type="radio" name="arithmetic" value="add"
checked><td><input type="text" name="v1">
<tr><td>- <input type="radio" name="arithmetic"
value="minus"><td><input type="text" name="v2">
<tr><td>/ <input type="radio" name="arithmetic" value="divide">
<tr><td>*<input type="radio" name="arithmetic" value="multiply">
<tr><td><input type="submit" value="Execute" >
</table>
<h3> the Result</h3>
</form>
</html>
28
Calculator.php
<?php
$v1=$_POST['v1'];
$v2=$_POST['v2'];
$a=$_POST['arithmetic'];
require('calculator.html');
switch($a){
case 'add':
echo $v1+$v2;
break;
case 'minus':
echo $v1-$v2;
break;
case 'divide':
{if ($v2==0)echo"Cannot divide by zero";
else echo $v1/$v2;
break;}
case 'multiply':
echo $v1*$v2;
break;
}
?> 29
30
PHP GET and POST Methods
31
PHP GET and POST Methods….
• Before the browser sends the information, it
encodes it using a scheme called URL encoding. In
this scheme, name/value pairs are joined with
equal signs and different pairs are separated by
the ampersand.
name1=value1&name2=value2&name3=value3
• Spaces are removed and replaced with the +
character and any other non-alphanumeric
characters are replaced with a hexadecimal values.
• After the information is encoded it is sent to the
server.
32
What are the differences between GET and POST methods in form
submitting, give the case where we can use GET and we can use
POST?
– When you want to send short or small data, not
containing ASCII characters, then you can use GET”
Method.
– But for long data sending, say more then 100
character you can use POST method.
– Once most important difference is when you are
sending the form with GET method.
– You can see the output which you are sending in the
address bar.
– Whereas if you send the form with POST” method
then user can not see that information.
33
$_POST
• The $_POST variable is an array of variable
names and values sent by the HTTP POST
method
• The $_POST variable is used to collect values
from a form with method="post“
• Information sent from a form with the POST
method is invisible to others and has no limits
on the amount of information to send
34
Example - $_POST
35
$_GET
• The $_GET variable is an array of variable
names and values sent by the HTTP GET
method
• The $_GET variable is used to collect values
from a form with method="get“
• Information sent from a form with the GET
method is visible to everyone (it will be
displayed in the browser's address bar) and
it has limits on the amount of information
to send (max. 100 characters)
36
Example - $_GET
<html> <html>
<body> <head>
<title>Grab form values</title>
<form action=“welcome.php" </head>
method="get">
Name: <input type="text" <body>
name="name"> Welcome <?php echo
$_GET["name"];?>.<br/>
Age: <input type="text"
name="age"> You are <?php echo $_GET["age"];?>
<input type="submit"> years old
</form> </body>
</body>
</html> </html>
37
The $_REQUEST Variable
• The PHP $_REQUEST variable can be used
to get the result from form data sent with
both the GET and POST methods as well as
$_COOKIE.
Example
Welcome <?php echo $_REQUEST["name"]; ?
>.<br />
You are <?php echo $_REQUEST["age"]; ?> years
old!
38
Why use $_POST?
– Variables sent with HTTP POST are not
shown in the URL.
– The POST requests are not idempotent. This
means that they cannot be cached, and the
server is recontacted every time the page is
displayed. Because of this, it is not possible
to bookmark the page.
– Variables have no length limit
39
Form Validation
• User input should be validated whenever possible.
• You can validate the form input on two places,
client side (done with javascript)
server side (done with PHP)
42
Main PHP Validation Functions: I
The first step in validation is making sure
variables aren’t empty
Unfortunately, a field filled with spaces is not
technically empty
That’s why you need the trim() function
How it works:
Pass it a variable and
It removes white spaces before or after a field entry
(in the variable)
Do it like so…
$name = trim($name);
Main PHP Validation Functions: II
empty() – checks to see if a variable is empty or not
Pass it a variable
If the variable has no value (it’s empty), it returns True
▪ “Yes, it is empty”
If the variable does have a value (not empty), it returns False
▪ “No, it’s not empty”
The empty() function in its natural habitat
Typically, you use the empty() function to check to see if it is not empty
▪ For this, you use the special NOT code, “!”
▪ Place the exclamation mark (NOT) in front of the function
Example:
▪ if (!empty($variable)) {
echo ‘<p>It’s not empty</p>
}
else {
echo ‘<p>It is empty</p>
}
▪ In plain English, if(!empty($variable)) means “If variable is NOT empty,…”
▪ The keyword, “else” is like saying, “otherwise…”
e.g.
• The easiest way to check to see if a user has typed in a value in
the text boxes is to use the empty() function.
Example:
if (!empty($_POST['fname'])){
$msg = "fname;
$_POST[fname] ";
}
else
{
$fname = NULL;
echo "Please fill out your first name.
";
}
45
e.g.
if(!preg_match("/^[0-9]$/",$age))
?>
46
e.g.
<?php
$age=$_POST["age"];
if(!preg_match("/^[0-9]{1,3}$/",$age))
?>
47
Form Validation with PHP
• Using the preg_match function()
• preg_match() is a case sensitiv function, which
means it treats “a” and “A” differently.
• Example
function check_field1($field_name_1)
{
if(!preg_match("/[^a-zA-Z0-9]+$/”,
$field_name_1)) The slashes “/” and “/” are delimiters, “^”
return TRUE; marks the start of string or line and the Dollar
sign “$” the end of the string, or line. The plus-
else symbol “+” means required.
return FALSE;
}
48
/^[a-zA-Z0-9 _-.,:"']+$/
• We translate this regexp as:
• From the beginning to the end of the address
string check if our character is one of the
following a-z, A-Z, 0-9, space, underscore,
dash, dot, comma, semicolons, double and
sigle quotes. You can add any character that
you think may be part of an address.
49
Refer the following PHP Built-in Functions
• Trim()
• Empty()
• Preg_match()
• Preg_replace()
• html_entities()
• Htmlspecialcharacters()
• Add_slashes()
• Strip_slashes()
• Mail()