Presentation is loading. Please wait.

Presentation is loading. Please wait.

PHP and Form Processing CS3520. Idea We have an HTML form that when user clicks on it in their browser a CGI HTTP request is created by the browser and.

Published byMerilyn Lee Modified over 8 years ago

Similar presentations

Presentation on theme: "PHP and Form Processing CS3520. Idea We have an HTML form that when user clicks on it in their browser a CGI HTTP request is created by the browser and."— Presentation transcript:

1 PHP and Form Processing CS3520

2 Idea We have an HTML form that when user clicks on it in their browser a CGI HTTP request is created by the browser and sent to the server in the URL of the action statement of the form for processing --- Server o e.g. Apache gets request for a PHP file to run and then it knows where its PHP interpreter is and runs the code and Returns the results to the requesting Client http://puzzle.sci.csueastbay.edu /~netid/cart.php puzzle.sci.csueastbay.edupuzzle.sci.csueastbay.edu Server, Asking it to run cart.php

3 Recall In this class we are considering sending data from a client (like from a form) via either CGI GET or POST methods!!!

4 Slide 4 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. Example where we send to welcome.php the name and email from a POST form. Name: E-mail:

5 Slide 5 of 40 <?php $name=$_POST["name"]; //retrieve the CGI data associated with name $email=$_POST["email"]; //retrieve the CGI data associated with email echo "Your name is ".$name." "; echo "Your email is ".$email." "; ?> welcome.php What client Sees: Your name is Lynne Your email is ll@gmail.com User types into the form Name: Lynne E-mail: ll@gmail.com

6 Slide 6 of 40 <?php if(isset($_POST["name"]) && isset($_POST["email"]) { $name=$_POST["name"]; $email=$_POST["email"]; echo "Your name is ".$name." "; echo "Your email is ".$email." "; } ?> welcome.php Check first to see if the data exists in the _POST array

7 Slide 7 of 40 Name: E-mail: GET method example

8 Slide 8 of 40 <?php $name= $_GET ["name"]; $email= $_GET ["email"]; echo "Your name is ".$name." "; echo "Your email is ".$email." "; ?>

9 Another Example – with pull down (select) lists

10 Slide 10 of 40 CENG 449 Lecture 11

11 Slide 11 of 40 Select Forms: Art Supply Order Form Paint Brushes Erasers Quantity:

12 Slide 12 of 40 process.php "; echo "Thank you for ordering!"; ?>

13 Slide 13 of 40 CENG 449 Lecture 11

14 Another Example- with radio buttons

15 Slide 15 of 40

16 Slide 16 of 40 PHP HTML Form radio button Example Enter Your Full Name : You are : Male Female

17 Slide 17 of 40 example.php <?php if(isset($_POST['BtnSubmit'])) { echo " Your form data as bellow "; echo " Your Name: {$_POST['FullName']}"; echo " Your are: {$_POST['YourGender']}"; echo " "; } ?>

18 Slide 18 of 40

19 Another example with checkboxes

20 Slide 20 of 40

21 Slide 21 of 40 Checkbox example: PHP HTML Form checkbox Example Male Female

22 Slide 22 of 40 process.php <?php if (isset($_POST['gender'])) { echo "Your gender is "; echo $_POST['gender']; // Displays value of checked checkbox. } ?>

23 Slide 23 of 40

24 More Examples –with buttons

25 Slide 25 of 40

26 Slide 26 of 40 PHP HTML Form button Example Enter Your Name : Enter Your SurName :

27 Slide 27 of 40 process.php <?php if (isset($_POST['save'])) { echo "Save button is pressed! "; } if (isset($_POST['clear'])) { echo "Clear button is pressed! "; } if (isset($_POST['update'])) { echo "Update button is pressed! "; } ?>

28 Slide 28 of 40

29 Example with checkboxes

30 Slide 30 of 40

31 Slide 31 of 40 Mulltiple Selection CheckBox: Please select your book types: Drama Action and Adventure Romance Mystery Horror Guide Science History

32 Slide 32 of 40 <?php $bookArray=$_POST['book']; echo "Your selected books are "; foreach ($bookArray as $aBook) { echo "$aBook "; } ?>

33 Slide 33 of 40

34 Security???

35 Security Option1: Some SIMPLE things to do with PHP Option2: Use SSL and HTTPS

36 Option1: Some special ideas Simple ideas to avoid SOME hacking/attacks possible with forms.

37 Slide 37 of 40 Secure input data To prevent hackers entering your system, use the following approach while inputting the data from user --- strip any incoming CGI data of spaces, etc…see below <?php // define variables and set to empty values $name = $email = $gender = $comment = $website = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { $name = test_input($_POST["name"]); $email = test_input($_POST["email"]); $website = test_input($_POST["website"]); $comment = test_input($_POST["comment"]); $gender = test_input($_POST["gender"]); } function test_input($data) { $data = trim($data); // avoids the blank spaces at the beginning and at the end $data = stripslashes($data); // stripes slashes $data = htmlspecialchars($data); // convers special characters such as &lt return $data; } ?>

38 Slide 38 of 40 What is the htmlspecialchars() function? The htmlspecialchars() function converts special characters to HTML entities. This means that it will replace HTML characters like with < and >. This prevents attackers from exploiting the code by injecting HTML or Javascript code (Cross-site Scripting attacks) in forms. See: http://www.w3schools.com/php/php_form_validation.as p http://www.w3schools.com/php/php_form_validation.as p for an example

39 Slide 39 of 40 "> First name: Last name: <?php if(isset($_POST['firstname']) && isset($_POST['lastname'])) { echo("First name: ". $_POST['firstname']. " \n"); echo("Last name: ". $_POST['lastname']. " \n"); } ?> SILLY code that displays the form and then the data afterwards as text that was previously typed in --- shows using the htmlspecialchars function NOTE: $_SERVER[“PHP_SELF”] Is equal to the php you are currently processing, code you are in

40 Slide 40 of 40

41 Slide 41 of 40 \n" ); echo ( "Last name: ". $_POST[ 'lastname' ]. " \n"); } ?> "> First name: Last name:

Download ppt "PHP and Form Processing CS3520. Idea We have an HTML form that when user clicks on it in their browser a CGI HTTP request is created by the browser and."

Similar presentations

PHP Form and File Handling

PHP Form and File Handling
24-Aug-14 HTML Forms. 2 What are forms? is just another kind of HTML tag HTML forms are used to create (rather primitive) GUIs on Web pages Usually the.

24-Aug-14 HTML Forms. 2 What are forms? is just another kind of HTML tag HTML forms are used to create (rather primitive) GUIs on Web pages Usually the.
Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: E-mail: CENG 449 Lecture 11.

Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: CENG 449 Lecture 11.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
1 Chapter 5 – Handling HTML Controls in Web Pages spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.

1 Chapter 5 – Handling HTML Controls in Web Pages spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
CIS101 Introduction to Computing Week 08. Agenda Your questions JavaScript text Resume project HTML Project Six This week online Next class.

CIS101 Introduction to Computing Week 08. Agenda Your questions JavaScript text Resume project HTML Project Six This week online Next class.
Website Development Introducing PHP The PHP scripting language Syntax derives from C, Java and Perl Open Source Links to MySql database.

Website Development Introducing PHP The PHP scripting language Syntax derives from C, Java and Perl Open Source Links to MySql database.
Apache Tomcat Server – installation & use Server-side language-- use Java Server Pages Contrast Client-side languages HTML Forms Servers & Server-side.

Apache Tomcat Server – installation & use Server-side language-- use Java Server Pages Contrast Client-side languages HTML Forms Servers & Server-side.
Using Entities & Creating Forms Jill R. Sommer Institute for Applied Linguistics Kent State University.

Using Entities & Creating Forms Jill R. Sommer Institute for Applied Linguistics Kent State University.
CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.
PHP Forms. I. Using PHP with HTML Forms A very common application of PHP is to have an HTML form gather information from a website's visitor and then.

PHP Forms. I. Using PHP with HTML Forms A very common application of PHP is to have an HTML form gather information from a website's visitor and then.
Forms. Form An HTML form is a section of a document containing normal content, special elements called controls (checkboxes, radio buttons, buttons, etc.),

Forms. Form An HTML form is a section of a document containing normal content, special elements called controls (checkboxes, radio buttons, buttons, etc.),
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.

Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
1 DIG 3134 – Lecture 3 Forms Michael Moshell University of Central Florida Media Software Design.

1 DIG 3134 – Lecture 3 Forms Michael Moshell University of Central Florida Media Software Design.
MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.

MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.
Unit 7 – Working with Forms 1. Creating a form 2. Accessing the submitted data 3. Common operations on forms.

Unit 7 – Working with Forms 1. Creating a form 2. Accessing the submitted data 3. Common operations on forms.
PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.

PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.
Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh E-mail.

Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh .
Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.
Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition

Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition

Similar presentations

Ads by Google