Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Programming Week 10 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin Klein 11/02/10.

Similar presentations


Presentation on theme: "Web Programming Week 10 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin Klein 11/02/10."— Presentation transcript:

1 Web Programming Week 10 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin Klein 11/02/10

2 Protect Files - htaccess Apache syntax: place file.htaccess into directory you want to protect specify: AuthType Basic|Digest AuthUserFile /path/to/file/containing/user/credentials AuthName “MyAuthExampleName” restrictions Example: AuthType Basic AuthName “Rams Free Zone” AuthUserFile /home/mklein/cs518passwd Require valid-user htpasswd -c /home/mklein/cs518passwd mklein Default: crypt(), others: md5, sha, plain (BOOO!) See: man htpasswd http://mln-web.cs.odu.edu/~mklein/cs518/restricted

3 Protect Files – the PHP Way Sessions session_start(); associative array $_SESSION test, e.g. if(isset ($_SESSION[‘logged’]) && $_SESSION[‘logged’] == 1) { echo “you are logged in”; } else { echo “you need to login!”; } NOTE: can transport session from page to page but session is destroyed when browser closed (session_destroy()) server sided hence user is NOT able to modify session data see example, ch12 (book) ch11 (sample code on website)

4 Protect Files – the PHP Way Cookies setcookie(name, value, expiration); name: used to retrieve cookie value: value stored in cookie (username, last visit) expiration: date when cookie will expire/be deleted (if not set, cookie is treated as session cookie – removed at browser restart) setcookie(‘username’,”mklein”, time() + 60)// lasts 60s setcookie(‘username’,”mklein”, 60) // 60s after midnight 1/1/1970 - destroy associative array $_COOKIE test, e.g. if($_COOKIE[‘username’] ! =“”)) { echo “your name is: $_COOKIE[‘username’]”; } else { echo “who are you?”; } NOTE: persistent login, for example client sided hence user IS able to modify cookie data

5 File Upload with PHP HTML form based POST method Content Type (enctype) attribute: multipart/form-data (and not application/x-www-form-urlencoded) define MAX_FILE_SIZE [in B] in hidden filed, must precede: input field type: file its name is important! Example: Send this file:

6 File Upload with PHP associative array $_FILES $_FILES[‘mkfile’][‘name’] – original name from client $_FILES[‘mkfile’][‘type’] – mime type if provided $_FILES[‘mkfile’][‘size’] – size in B $_FILES[‘mkfile’][‘tmp_name’] – tmp file name on server $_FILES[‘mkfile’][‘error’] – error code

7 File Upload with PHP – Error Codes UPLOAD_ERR_OK [0] no error, file upload successful UPLOAD_ERR_INI_SIZE [1] uploaded file exceeds upload_max_filesize in php.ini UPLOAD_ERR_FORM_SIZE [2] uploaded file exceeds MAX_FILE_SIZE specified in HTML form UPLOAD_ERR_PARTIAL [3] file was only partially uploaded UPLOAD_ERR_NO_FILE [4] no file uploaded UPLOAD_ERR_NO_TMP_DIR [6] missing temporary folder UPLOAD_ERR_CANT_WRITE [7] write file to disk failed UPLOAD_ERR_EXTENSION [8] PHP extension stopped the file upload

8 File Upload with PHP Example:

9 Upload Multiple Files with PHP similar to single file upload use array of file names Example: Send these files: //file1.txt; 13KB //file2.png; 42KB //file3.pdf; 113KB $_FILES[‘mkfile’][‘name’][0] eq file1.txt $_FILES[‘mkfile’][‘name’][1] eq file2.png $_FILES[‘mkfile’][‘name’][2] eq file3.pdf $_FILES[‘mkfile’][‘size’][0] eq 13KB $_FILES[‘mkfile’][‘size’][1] eq 42KB $_FILES[‘mkfile’][‘size’][2] eq 113KB


Download ppt "Web Programming Week 10 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin Klein 11/02/10."

Similar presentations


Ads by Google