Web Systems & Technologies

Slides:



Advertisements
Similar presentations
PHP Form and File Handling
Advertisements

Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: CENG 449 Lecture 11.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.
Advance Database Management Systems Lab no. 5 PHP Web Pages.
Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh .
Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.
PHP Forms and User Input The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input.
INTERNET APPLICATION DEVELOPMENT For More visit:
1Computer Sciences Department Princess Nourah bint Abdulrahman University.
LEARN THE QUICK AND EASY WAY! VISUAL QUICKPRO GUIDE Chapter 2: Programming with PHP Copyright © 2012 by Larry Ullman Dr. Mogeeb Mosleh Saturday ( pm)
Week 7. Lecture 3 PHP Forms. PHP forms In part 2 of this course, we discussed html forms, php form is similar. Lets do a quick recap of the things we.
Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: CENG 449 Lecture 11.
CMPS 211 JavaScript Topic 1 JavaScript Syntax. 2Outline Goals and Objectives Goals and Objectives Chapter Headlines Chapter Headlines Introduction Introduction.
Open Source Software Unit – 3 Presented By Mr. R.Aravindhan.
CSC 2720 Building Web Applications Server-side Scripting with PHP.
1Computer Sciences Department Princess Nourah bint Abdulrahman University.
Global Variables - Superglobals Several predefined variables in PHP are "superglobals", which means that they are always accessible, regardless of scope.
Introduction to PHP.
Part 2 Lecture 9 PHP Superglobals and Form Handling.
הרצאה 4. עיבוד של דף אינטרנט דינמי מתוך Murach’s PHP and MySQL by Joel Murach and Ray Harris.  דף אינטרנט דינמי משתנה עפ " י הרצת קוד על השרת, יכול להשתנות.
CHAPTER 6 Introduction to PHP5 Part I อ. ยืนยง กันทะเนตร คณะเทคโนโลยีสารสนเทศและการสื่อสาร มหาวิทยาลัยพะเยา 1.
CHAPTER 7 Introduction to PHP5 Part II อ. ยืนยง กันทะเนตร คณะเทคโนโลยีสารสนเทศและการสื่อสาร มหาวิทยาลัยพะเยา 1.
PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.
Since you’ll need a place for the user to enter a search query. Every form must have these basic components: – The submission type defined with the method.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP Basics.
1 PHP Intro PHP Introduction After this lecture, you should be able to: Know the fundamental concepts of Web Scripting Languages in general, PHP in particular.
Dr. Abdullah Almutairi Spring PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used,
11 – Introduction to PHP(1) Informatics Department Parahyangan Catholic University.
PHP Tutorial. What is PHP PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages.
CGS 3066: Web Programming and Design Spring 2016 PHP.
PHP and Form Processing CS3520. Idea We have an HTML form that when user clicks on it in their browser a CGI HTTP request is created by the browser and.
Radoslav Georgiev Telerik Corporation
PHP – Hypertext Preprocessor.
A pache M ySQL P hp Robert Mudge Reference:
PHP using MySQL Database for Web Development (part II)
CGS 3066: Web Programming and Design Spring 2017
Session 2 Basics of PHP.
Pemrograman WEB I Pertemuan 6.
Introduction to Dynamic Web Programming
CHAPTER 5 SERVER SIDE SCRIPTING
เอกสารประกอบการบรรยายรายวิชา Web Technology
CIIT-Human Computer Interaction-CSC456-Fall-2015-Mr
PHP 5 Syntax.
DBW - PHP DBW2017.
Web Technologies PHP 5 Basic Language.
PHP Functions Besides the built-in PHP functions, we can create our own functions. A function is a block of statements that can be used repeatedly in.
CIIT-Human Computer Interaction-CSC456-Fall-2015-Mr
PHP Hypertext Preprocessor
Introduction to Web programming
* Lecture # 7 Instructor: Rida Noor Department of Computer Science
8th Semester, Batch 2008 Department of Computer Science SSUET.
PHP Introduction.
PHP FORM HANDLING Post Method
Intro to PHP & Variables
Introduction to Web programming
Ch. 3. PHP (이 강의 내용의 대부분 예들은 w3schools. com/php/default
PHP.
HYPERTEXT PREPROCESSOR BY : UMA KAKKAR
Lecture 5: Functions and Parameters
Web Programming Language
Intro to PHP.
Tutorial 6 PHP & MySQL Li Xu
PHP Forms and Databases.
PHP an introduction.
PHP Lecture 11 Kanida Sinmai
PHP-II.
Web Programming and Design
PHP By Prof. B.A.Khivsara Note: The material to prepare this presentation has been taken from internet and are generated only for students reference and.
SEEM 4540 Tutorial 4 Basic PHP based on w3Schools
Presentation transcript:

Web Systems & Technologies CS-3548 Prepared By: Junaid Hassan Lecturer at UOS M.B.Din Campus junaidte14@gmail.com

Topics: Introduction to PHP

Intro to PHP: PHP is a server scripting or server side programming language PHP is used to create dynamic web pages PHP is used to communicate with database and to fetch data dynamically from database

Intro to PHP: PHP is an acronym for ‘PHP: Hypertext Preprocessor’ PHP code is executed on the server PHP is powerful enough to create a blogging software as WordPress or social media networking website as Facebook PHP files have extension (.php)

Wamp Server: We will use wamp server to test our PHP scripts Download and install wamp server from following link: http://www.wampserver.com/en/ Video Tutorial to configure PHP and database in wamp server: https://youtu.be/tuDdIW1q-q4

Assignment: Download, install and configure wamp server in your laptops After successful installation, you will see a new folder in C:/wamp/ Inside wamp folder click www folder and inside www folder create a new folder and call it ‘my-website’ Inside my-website folder create a new file and call it index.php

Assignment: Inside index.php file add following code: <!DOCTYPE html> <html> <body> <h1>My first PHP page</h1> <?php echo "Hello World!"; ?> </body> </html> Save it and inside browser type http://localhost/my-website/ Make sure that wamp server is opened and its icon is green in taskbar You should get Hellow World as output of the web page

PHP Syntax: <?php echo "Hello World!"; ?> Each statement ends with a semicolon (;) Comments in PHP // example single line comment /* example multiple lines comment */

PHP Syntax: Rules for PHP variables: A variable starts with the $ sign, followed by the name of the variable A variable name must start with a letter or the underscore character A variable name cannot start with a number A variable name can only contain alpha-numeric characters and underscores (A-z, 0-9, and _ ) Variable names are case-sensitive ($age and $AGE are two different variables)

PHP Syntax: PHP variables scope: A variable declared outside a function has a GLOBAL SCOPE and can only be accessed outside a function A variable declared within a function has a LOCAL SCOPE and can only be accessed within that function The global keyword is used to access a global variable from within a function.

PHP Syntax: To do this, use the global keyword before the variables (inside the function) PHP also stores all global variables in an array called $GLOBALS[index]. The index holds the name of the variable. This array is also accessible from within functions and can be used to update global variables directly $GLOBALS['x']

PHP echo vs print: echo and print are more or less the same. They are both used to output data to the screen. The differences are small: echo has no return value while print has a return value of 1 so it can be used in expressions. echo can take multiple parameters (although such usage is rare) while print can take one argument. echo is marginally faster than print.

PHP data types: String, integers, float, boolean Arrays: $cars = array("Volvo","BMW","Toyota"); Null is a special data type which can have only one value: NULL. A variable of data type NULL is a variable that has no value assigned to it

PHP data types: PHP objects: An object is a data type which stores data and information on how to process that data. In PHP, an object must be explicitly declared. First we must declare a class of object. For this, we use the class keyword. A class is a structure that can contain properties and methods

PHP Objects Example: <?php class Car {     function Car() {         $this->model = "VW";     } } // create an object $herbie = new Car(); // show object properties echo $herbie->model; ?>

PHP Strings: echo strlen("Hello world!"); // outputs 12 echo str_word_count("Hello world!"); // outputs 2 echo strrev("Hello world!"); // outputs !dlrow olleH echo str_replace("world", "Dolly", "Hello world!"); // outputs Hello Dolly!

PHP Constants: Constants are like variables except that once they are defined they cannot be changed or undefined. define(name, value, case-insensitive) <?php define("GREETING", "Welcome to W3Schools.com!"); echo GREETING; ?> <?php define("GREETING", "Welcome to W3Schools.com!", true); echo greeting; ?> Constants are automatically global and can be used across the entire script.

PHP Operators: Operators are used to perform operations on variables and values. Arithmatic operators(+,-,*,/,%,**) Assignment operators (=, +=, -=, *=, /=, %=) Comparison operators (==, ===, !=, <>, !==, >, <, >=, <=) Increment/decrement operators (++$x, $x++, --$x, $x--) Logical operators (and, or, &&, ||, !) String operators (. , .=) Addition, subtraction, multiplication, division, modulus, exponentiation

PHP If else statements: <?php $t = date("H"); if ($t < "10") {     echo "Have a good morning!"; } elseif ($t < "20") {     echo "Have a good day!"; } else {     echo "Have a good night!"; } ?>

PHP switch statement: <?php $favcolor = "red"; switch ($favcolor) {     case "red":         echo "Your favorite color is red!";         break;     case "blue":         echo "Your favorite color is blue!";         break;     case "green":         echo "Your favorite color is green!";         break;     default:         echo "Your favorite color is neither red, blue, nor green!"; } ?>

PHP while loops: while($x <= 5) {     echo "The number is: $x <br>";     $x++; } do {     echo "The number is: $x <br>";     $x++; } while ($x <= 5);

PHP for loops: for ($x = 0; $x <= 10; $x++) {     echo "The number is: $x <br>"; } $colors = array("red", "green", "blue", "yellow");  foreach ($colors as $value) {     echo "$value <br>"; }

PHP functions: <?php function sum($x, $y) {     $z = $x + $y;     return $z; } echo "5 + 10 = " . sum(5, 10) . "<br>"; echo "7 + 13 = " . sum(7, 13) . "<br>"; echo "2 + 4 = " . sum(2, 4); ?>

PHP Arrays: An array is a special variable, which can hold more than one value at a time Indexed arrays: $cars = array("Volvo", "BMW", "Toyota"); Associative arrays: $age = array("Peter"=>"35", "Ben"=>"37", "Joe"=>"43");

PHP Sorting Arrays: sort() - sort arrays in ascending order rsort() - sort arrays in descending order asort() - sort associative arrays in ascending order, according to the value ksort() - sort associative arrays in ascending order, according to the key arsort() - sort associative arrays in descending order, according to the value krsort() - sort associative arrays in descending order, according to the key

PHP Superglobals: Several predefined variables in PHP are "superglobals", which means that they are always accessible, regardless of scope - and you can access them from any function, class or file without having to do anything special. e.g $GLOBALS $_SERVER $_POST $_GET

PHP Form Handling (POST): The PHP superglobals (GET or POST) are used to collect form-data <form action="welcome.php" method="post"> Name: <input type="text" name="name"><br> E-mail: <input type="text" name="email"><br> <input type="submit"> </form>

PHP Form Handling (POST): When the user fills out the form above and clicks the submit button, the form data is sent for processing to a PHP file named "welcome.php". The form data is sent with the HTTP POST method. <html> <body> Welcome <?php echo $_POST["name"]; ?><br> Your email address is: <?php echo $_POST["email"]; ?> </body> </html>

PHP Form Handling (GET): <html> <body> <form action="welcome_get.php" method="get"> Name: <input type="text" name="name"><br> E-mail: <input type="text" name="email"><br> <input type="submit"> </form> </body> </html>

PHP Form Handling (GET): and "welcome_get.php" looks like this: <html> <body> Welcome <?php echo $_GET["name"]; ?><br> Your email address is: <?php echo $_GET["email"]; ?> </body> </html>

GET vs POST: Both GET and POST create an array (e.g. array( key => value, key2 => value2, key3 => value3, ...)). This array holds key/value pairs, where keys are the names of the form controls and values are the input data from the user. $_GET is an array of variables passed to the current script via the URL parameters $_POST is an array of variables passed to the current script via the HTTP POST method

When to use GET: Information sent from a form with the GET method is visible to everyone (all variable names and values are displayed in the URL). GET also has limits on the amount of information to send. The limitation is about 2000 characters GET may be used for sending non-sensitive data GET should NEVER be used for sending passwords or other sensitive information!

When to use POST: Information sent from a form with the POST method is invisible to others (all names/values are embedded within the body of the HTTP request) and has no limits on the amount of information to send. Moreover POST supports advanced functionality such as support for multi-part binary input while uploading files to server. Developers prefer POST for sending form data.

PHP Form Validation: Proper validation of form data is important to protect your form from hackers and spammers! <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> The $_SERVER["PHP_SELF"] is a super global variable that returns the filename of the currently executing script. So, the $_SERVER["PHP_SELF"] sends the submitted form data to the page itself, instead of jumping to a different page. This way, the user will get error messages on the same page as the form

PHP Form Validation: Be aware of that any JavaScript code can be added inside the <script> tag! A hacker can redirect the user to a file on another server, and that file can hold malicious code that can alter the global variables or submit the form to another address to save the user data, for example. The htmlspecialchars() function converts special characters to HTML entities. This means that it will replace HTML characters like < and > with < and >. This prevents attackers from exploiting the code by injecting HTML or Javascript code (Cross-site Scripting attacks) in forms.

PHP Form Validation: To avoide that kind of attacks and to secure form data we use htmlspecialchars() function <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> <form method="post" action="test_form.php/"><script>alert('hacked')</script>"> The exploit attempt fails, and no harm is done!

PHP Form Validation: We will create a custom PHP function to secure our form input fields function test_input($data) {   $data = trim($data);   $data = stripslashes($data);   $data = htmlspecialchars($data);   return $data; } PHP trim() function strips unnecessary characters (extra space, tab, newline) from the user input data PHP stripslashes() function remove backslashes (\) from the user input data

PHP Form Validation: <?php // define variables and set to empty values $name = $email = $gender = $comment = $website = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") {   $name = test_input($_POST["name"]);   $email = test_input($_POST["email"]);   $website = test_input($_POST["website"]);   $comment = test_input($_POST["comment"]);   $gender = test_input($_POST["gender"]); } function test_input($data) {   $data = trim($data);   $data = stripslashes($data);   $data = htmlspecialchars($data);   return $data; } ?>

PHP Complete Form Code: Complete PHP Form Code.txt We can ‘required’ attribute to make form fields required We can show a message to user if user left the form field empty We can also show an error message if user entered incorrect value in form field

References: http://w3schools.com/php