Advance Database Management Systems Lab no. 5

PHP Web Pages

IntroductionSo far we have considered static web pages.We used PHP scripts to write simple programs

with (built-in) capability to perform computationNow, we’d like to build smarter pages which

Respond to user’s actionsRetrieve dynamic informationSupport conditional behavior

Problem: Handling user input

We still don’t have a way to get input from the user.

Note:PHP does not have its web controls as ASP has.

Getting User InputThere can be two ways of getting Input

data from user

URL Paremeters and $_GET arrayWeb Forms (HTML CONTROLS)

URL ParametersPHP has the capability to pull parameters

out of the URL query string Parameters can be passed as text after the

file name, e.g., http://localhost/test.php? name=john & age=2

Parameter names and values can be accessed as variables using specialarray named $_GET

URL Parameters Example

Browser retrieves the URL:http://local host/test.php?name=john

&age=2

in test.php

<?phpecho $_GET[“name”]; // displays johnecho $_GET[“age”]; // displays 2?>

Web Forms (HTML Controls)We need a more elegant way of passing

parameters to PHP pages HTML forms can be used to accept input

from users which contain a set of input tagsText boxes, checkboxes, etc.

Form pages can submit data to a PHP pagePass input values in query string

Creating web formsForm tag controls what is done with data

<form action="results.php" method="get” name="hello">

<!-- form input controls go here -->

</form>

action: Page to submit results tomethod: How to submit data, name: Used to refer to the form

Form ActionsThe form’s ACTION is the name of the PHP

script (points to PHP page)When the user submits the form

the web server executes the PHP script in results.php file

Form submission methodsHTTP supports two methods for submitting form

data GET

Parameters are passed in URL stringParameters visible to user in browser windowEasy to debug

POSTParameters included in body of HTTP requestNot visible to userCan handle larger data items

$_GET Function

The built-in $_GET function is used to collect values from a form sent with method="get".

Information sent from a form with the GET method is visible to everyone (it will be displayed in the browser's address bar) and has limits on the amount of information to send (max. 100 characters).

When to use method="get"?When using method="get" in HTML forms, all

variable names and values are displayed in the URL.

Note: This method should not be used when sending passwords or other sensitive information!

However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases.

Note: The get method is not suitable for large variable values; the value cannot exceed 100 characters.

Form inputsAllow users to input data Generally have a name and a value Map to parameters when form is posted

Text box Textarea (larger text box)Checkbox Radio buttonMenuSubmit button

HTML Controls RECAP

Text input/Text Box

One-line text input<input type="text" name="message“

value="Welcome" size="40“ maxlength="25“ />

name: input name value: default value size: length (in characters) maxlength: Maximum number of characters to

accept

Text areaLarger, multiline text box<textarea name=“box” cols=“25”

rows=“6”> Default text goes inside tags </textarea>

Name: input name Cols: width (in characters) Rows: number of rows

CheckboxCheckbox, allows for boolean choices<input type=“checkbox” name=“test“

value=”true" checked=“checked” />

Name: input name Value: value if checked (name=value) Checked: if included, box is checked by

default

Select (pulldown or menu)

Allows user to choose item from a dropdown menu<select name=”beverage"><option value=”coffee">I prefer coffee</option><option value=”tea">I prefer tea</option></select> Will submit variable “beverage” withvalue “coffee” or “tea”

Radio button Presents multiple options, user chooses one<input type="radio" name=”fruit" value=”apple“

checked=“checked” /><input type="radio" name=”fruit" value=”papaya” /><input type="radio" name=”fruit" value=”mango” /> Each item in a group has same name, different value Only one button can be checked by default Value of parameter fruit will be apple, papaya,mango

Hidden fieldSometimes we want to pass data to forms

without user’s input User’s password, current time<input type=“hidden” name=“key”

value=“hello” /> Won’t be shown to user Will pass parameter “key=hello” to form

Submit buttonWhen clicked, submits form data to target<input type=”submit" value=”Submit

form” /> Value: Label of submit button

Labeling form elementsThe most common way to add labels is simply to

place text beside the form input Add me to mailing list: <input type=”checkbox"

name=”addtolist"

value=”true" checked=“checked” />

<br/>

Save password: <input type=”checkbox" name=”savepw” value=”true"

checked=“checked” />

Other PHP server variables

$_POST Like $_GET, but for POST requests

$_REQUEST Searches both GET and POST for parameters

$_SERVER Stores additional information from server

User’s IP address, host URL, etc

$_POSTThe built-in $_POST function is used to collect

values from a form sent with method="post".Information sent from a form with the POST

method is invisible to others and has no limits on the amount of information to send.

Note: However, there is an 8 Mb max size for the POST method, by default (can be changed by setting the post_max_size in the php.ini file).

<form action="welcome.php" method="post">Name: <input type="text" name="fname" />Age: <input type="text" name="age" /><input type="submit" /></form>

When the user clicks the "Submit" URL will change to welcome.php.

in "welcome.php" file,we can now use the $_POST function to collect form data (the names of the form fields will automatically be the keys in the $_POST array): Welcome <?php echo $_POST["fname"]; ?>!

<br />You are <?php echo $_POST["age"]; ?> years old.

$_POST Example

Information sent from a form with the POST method is invisible to others and has no limits on the amount of information to send.

When to use method “POST”?

$_REQUEST The PHP built-in $_REQUEST function

contains the contents of both $_GET, $_POST, and $_COOKIE.

The $_REQUEST function can be used to collect form data sent with both the GET and POST methods.

ExampleWelcome <?php echo $_REQUEST["fname"]; ?>!<br />You are <?php echo $_REQUEST["age"]; ?> years old.

$_REQUEST

$_SERVERWhen the variable has been assigned from

the server

$_SERVER

Example

<html><head><title>Test page</title></head><body><!-- content goes here --><!-- these are HTML comments --><h1>Form demo</h1><form action="results.php" method="get"name="hello">Enter message:<input type="text" name="message"value="Hi“ /><input type="submit" value="Go!“ /></form></body></html>

Accessing form data//results.php<?php$user = $_GET[“username”];echo “You entered “ . $user;?>

Form validation When we process forms, we can’t be sure that the user included correct information May have left fields blank May have put in improper information Never Trust User Input! We may want to validate the form input before using it PHP provides a number of functions to help us validate form input

isset() is variable null? is_numeric() is variable a numeric type? is_string() is variable a string?

Validation example

<?php// multiply a number by two// get parameter “num” from url string$num = $_GET[“num”];// is $num a number? if not, throw an errorif (!is_numeric($num)) {echo “Error!”;}else {echo $num*2;}?>

Including librariesPlace PHP file in same directory or

subdirectory Simpler than Java, no packages or

namespaces Essentially pastes included code into file

PHP Include File Server Side Includes (SSI)

You can insert the content of one PHP file into another PHP file before the server executes it using two types of functions.

include() generates a warning in case errors in included

file, but the script will continue execution require()

generates a fatal error, and the script will stop These two functions are used to create

functions, headers, footers, or elements that will be reused on multiple pages.

Server side includes saves a lot of work. This means that you can create a standard header, footer, or menu file for all your web pages. When the header needs to be updated, you can only update the include file, or when you add a new page to your site, you can simply change the menu file (instead of updating the links on all your web pages).

Include examplein math.php:<?php

function mult($n1,$n2) { return $n1*$n2; }

?>

in index.php:<?php

include(“math.php”);echo mult(15,5);

?>