PHP Forms and Databases.

Slides:

Advertisements

Similar presentations

Advertisements

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)

Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: CENG 449 Lecture 11.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Multiple Tiers in Action

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

PHP Forms. I. Using PHP with HTML Forms A very common application of PHP is to have an HTML form gather information from a website's visitor and then.

PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.

Advance Database Management Systems Lab no. 5 PHP Web Pages.

Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh .

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.

PHP Forms and User Input The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input.

INTERNET APPLICATION DEVELOPMENT For More visit:

1Computer Sciences Department Princess Nourah bint Abdulrahman University.

Lecture 7 Interaction. Topics Implementing data flows An internet solution Transactions in MySQL 4-tier systems – business rule/presentation separation.

Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: CENG 449 Lecture 11.

CSC 2720 Building Web Applications HTML Forms. Introduction  HTML forms are used to collect user input.  The collected input is typically sent to a.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

What is MySQLi? Since the mid-90s, Mysql extension has served as the major bridge between PHP and MySQL. Although it has performed its duty quite well,

JavaScript – Quiz #9 Lecture Code:

NMD202 Web Scripting Week3. What we will cover today Includes Exercises PHP Forms Exercises Server side validation Exercises.

Website Development with PHP and MySQL Saving Data.

1 © Netskills Quality Internet Training, University of Newcastle HTML Forms © Netskills, Quality Internet Training, University of Newcastle Netskills is.

Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.

CSC 2720 Building Web Applications Server-side Scripting with PHP.

XHTML & Forms. PHP and the WWW PHP and HTML forms – Forms are the main way users can interact with your PHP scrip Typical usage of the form tag in HTML.

PHP Open source language for server-side scripting Works well with many databases (e.g., MySQL) Files end in.php,.php3 or.phtml Runs on all major platforms.

SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.

Web Design: Basic to Advanced Techniques Fall 2010 Mondays 7-9pm 200 Sutardja-Dai Hall Introduction to PHP.

Higher Computing Science Coding the Web: HTML, JavaScript, PHP and MySQL.

Display Page (HTML/CSS)

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

COSC 2328 – Web Programming.  PHP is a server scripting language  It’s widely-used and free  It’s an alternative to Microsoft’s ASP and Ruby  PHP.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.

Unit 4 Working with data. Form Element HTML forms are used to pass data to a server. A form can contain input elements like text fields, checkboxes, radio-buttons,

PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used, free, and efficient alternative.

PHP – Hypertext Preprocessor.

A pache M ySQL P hp Robert Mudge Reference:

Web Systems & Technologies

PHP Built-In Functions

CGS 3066: Web Programming and Design Spring 2017

Introduction to Dynamic Web Programming

Section 6.3 Server-side Scripting

CIIT-Human Computer Interaction-CSC456-Fall-2015-Mr

PHP Functions Besides the built-in PHP functions, we can create our own functions. A function is a block of statements that can be used repeatedly in.

Multitier Architecture, MySQL & PHP

PHP / MySQL Introduction

PHP FORM HANDLING Post Method

Introduction to Web programming

Database Driven Websites

Introducing Forms.

ISC440: Web Programming 2 Server-side Scripting PHP 3

Web Systems Development (CSC-215)

Client side & Server side scripting

Web Browser server client 3-Tier Architecture Apache web server PHP

PHP: Security issues FdSc Module 109 Server side scripting and

Web Systems Development (CSC-215)

HYPERTEXT PREPROCESSOR BY : UMA KAKKAR

Web Programming Language

Web Programming Language

Tutorial 6 PHP & MySQL Li Xu

PHP an introduction.

Client-Server Model: Requesting a Web Page

PHP By Prof. B.A.Khivsara Note: The material to prepare this presentation has been taken from internet and are generated only for students reference and.

Web Application Development Using PHP

SQL Injection Attack.

Presentation transcript:

PHP Forms and Databases

Forms with PHP Form data is sent to the server when the user clicks “Submit”. The server can then use this data for various purposes (this is not validation). The PHP superglobals $_GET and $_POST are used to collect form-data.

GET vs. POST Both GET and POST create an array (e.g. array( key => value, key2 => value2, key3 => value3, ...)). This array holds key/value pairs, where keys are the names of the form controls and values are the input data from the user. $_GET is an array of variables passed to the current script via the URL parameters. $_POST is an array of variables passed to the current script via the HTTP POST method.

GET Information sent from a form with the GET method is visible to everyone (all variable names and values are displayed in the URL). GET also has limits on the amount of information to send. The limitation is about 2000 characters. However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases. GET may be used for sending non-sensitive data. GET should NEVER be used for sending passwords or other sensitive information!

POST Information sent from a form with the POST method is invisible to others (all names/values are embedded within the body of the HTTP request) and has no limits on the amount of information to send. Moreover POST supports advanced functionality such as support for multi-part binary input while uploading files to server. However, because the variables are not displayed in the URL, it is not possible to bookmark the page. Developers prefer POST for sending form data.

Validation PHP can be used to perform form validation as well. However, this validation is performed on the server, which might waste time and server resources. JavaScript is always preferred for client side validation.

Database Interaction with PHP PHP 5 and later can work with a MySQL database using: MySQLi extension (the "i" stands for improved) PDO (PHP Data Objects) Earlier versions of PHP used the MySQL extension. However, this extension was deprecated in 2012.

MySQL vs PDO Both MySQLi and PDO have their advantages: PDO will work on 12 different database systems, where as MySQLi will only work with MySQL databases. So, if you have to switch your project to use another database, PDO makes the process easy. You only have to change the connection string and a few queries. With MySQLi, you will need to rewrite the entire code - queries included. Both are object-oriented, but MySQLi also offers a procedural API. Both support Prepared Statements. Prepared Statements protect from SQL injection, and are very important for web application security.

PHP with MySQL The following procedure has to be used to PHP/ MySQL interaction. Open a connection. Run SQL statements and process the returns (repeat how many ever times). Close the connection.