Download presentation
Presentation is loading. Please wait.
1
ITM 352 - © Port, Kazman1 ITM 352 More on Forms Processing
2
ITM 352 - © Port, Kazman2 Different input types Here are the HTML form element input types you can use Text Password Hidden Radio Checkbox Submit Button Reset In addition, the compound types:
3
ITM 352 - © Port, Kazman3 Login program with Functions $usernames = array ( // Define valid user names and passwords 'Moe' =>'stooge1', 'Larry' => 'stooge2', 'Curly' => 'stooge3' ); // Process the login if (array_key_exists('submit_button', $_POST)) { if(process_login($usernames) == TRUE) { print "logged in ". $_POST['username']; } else { print 'Incorrect password for '.$_POST['username'].' '; display_login($usernames); } } else { display_login($usernames); }
4
ITM 352 - © Port, Kazman4 Display Login Function // Display a login form with a select box of usernames function display_login($users) { ?> " method = 'post'> <?php foreach ($users as $user => $pass) { printf(' %s ', $user); } ?> <input type = 'submit' name = 'submit_button' value = 'login'> <?php } ?>
5
ITM 352 - © Port, Kazman5 Process Login Function /* checks the posted form to see if password * entered matches the password for the username *(info in $users) selected in the form. Returns * TRUE if there is a match, FALSE otherwise */ function process_login($users) { if($users[$_POST['username']] == $_POST['password']) return TRUE; else return FALSE; } Do functions simplify or complicate? Why? What are the additional benefits of using functions?
6
ITM 352 - © Port, Kazman6 Recap: Tips and Hints Use single ' ' on the inside, " " around the outside or vice versa Take advantage of PHP by using for/while/foreach to generate multiple form elements and compound types Quotes must be used around anything with spaces
7
ITM 352 - © Port, Kazman7 Validating Form Data First check that form data was submitted, usually by using array_key_exists() to check for the submit button name Creating functions can be helpful for validation, especially when the validation needs to be done in different places or on forms: <?php function validate_price($value) { // Ensure that $value is a valid price if( !isset($errors)) $errors = array(); // init array if not defined already if( !is_numeric($value) ) $errors['not_number'] = "not numeric"; if( $value - round($value, 2) != 0 ) $errors['not_dollar'] = "not a dollar amount"; if( $value < 0 ) $errors['not_non-negative'] = "price cannot be negative"; return $errors; } ?>
![ITM © Port, Kazman7 Validating Form Data First check that form data was submitted, usually by using array_key_exists() to check for the submit button name Creating functions can be helpful for validation, especially when the validation needs to be done in different places or on forms: < php function validate_price($value) { // Ensure that $value is a valid price if( !isset($errors)) $errors = array(); // init array if not defined already if( !is_numeric($value) ) $errors[ not_number ] = not numeric ; if( $value - round($value, 2) != 0 ) $errors[ not_dollar ] = not a dollar amount ; if( $value < 0 ) $errors[ not_non-negative ] = price cannot be negative ; return $errors; } >](http://images.slideplayer.com./25/8067926/slides/slide_7.jpg "ITM © Port, Kazman7 Validating Form Data First check that form data was submitted, usually by using array_key_exists() to check for the submit button name Creating functions can be helpful for validation, especially when the validation needs to be done in different places or on forms: < php function validate_price($value) { // Ensure that $value is a valid price if( !isset($errors)) $errors = array(); // init array if not defined already if( !is_numeric($value) ) $errors[ not_number ] = not numeric ; if( $value - round($value, 2) != 0 ) $errors[ not_dollar ] = not a dollar amount ; if( $value < 0 ) $errors[ not_non-negative ] = price cannot be negative ; return $errors; } >")
8
ITM 352 - © Port, Kazman8 Validating Form Data Often it is convenient to make an error array global so that it is accessible inside and outside of functions. Note how no return values are needed here. function validate_price($value) { // Ensure that $value is a valid price global $errors; // init array if not defined already if(!isset($errors)) $errors = array(); if( !is_numeric($value) ) $errors['not_number'] = "not numeric"; if( $value - round($value, 2) != 0 ) $errors['not_dollar'] = "not a dollar amount"; if( $value < 0 ) $errors['not_non-negative'] = "price cannot be negative"; } Do Exercise 1
9
ITM 352 - © Port, Kazman9 Validating Form Data Validation can be a bit subtle at times given that values from forms are always passed as strings. Here's how you would test that a number input as a string is actually numeric: ctype_digit($a) Why won't is_int($a) work here? Do Exercise 1
10
ITM 352 - © Port, Kazman10 Different input types Text Password Hidden Radio Checkbox Submit Button Reset In addition, the compound types:
11
ITM 352 - © Port, Kazman11 Passing Hidden Post values To pass a value from one page to another you can use the hidden input type o Only string values can be passed => must convert everything to a string o The urlencode(), serialize() functions may be useful for converting compound values such as arrays into stings. o Use urldecode(), unserialize() to recover the original value from the string passed into the $_POST or $_GET array
12
ITM 352 - © Port, Kazman12 Hidden Input Type " method='POST'> ' > After submitting… $_POST['secret'] = ??? $_POST['stuff'] = ?? $purchase = unserialize(urldecode($_POST['purchase'] )); Do Exercise 2
![ITM © Port, Kazman12 Hidden Input Type method= POST > > After submitting… $_POST[ secret ] = .](http://images.slideplayer.com./25/8067926/slides/slide_12.jpg "$_POST[ stuff ] = . $purchase = unserialize(urldecode($_POST[ purchase ] )); Do Exercise 2.")
13
ITM 352 - © Port, Kazman13 Variables Information from a web server is made available through EGPCS Environment, GET, POST, Cookies, Server PHP will create arrays with EGPCS information $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, etc. The ' HTTP ' and ' _VARS ' can be dropped if desired These arrays are 'global' even inside functions PHP also will define $_SERVER['PHP_SELF'] that refers to the current script file which is useful for self-processing forms
14
ITM 352 - © Port, Kazman14 Server Info A ton of information about the server and current browser is made available in the $_SERVER array SERVER_NAME REQUEST_METHOD QUERY_STRING REMOTE_ADDR PHP_SELF ….
15
ITM 352 - © Port, Kazman15 Review: Request Methods There are two basic methods for getting data from an HTML form into PHP GET and POST What's the difference? GET will encode all data into a query string that is passed with the URL to the action page. This allows data to be bookmarked by the user. POST will pass data via the server’s environment variables. Data is not seen directly by the user
16
ITM 352 - © Port, Kazman16 HTTP Basics Web pages are requested by a browser by sending HTTP request messages Includes a header and a body Uses a method such as GET or POST Asks for an address of a file (usually a path) Sample HTTP request: GET /index.html HTTP/1.1
17
ITM 352 - © Port, Kazman17 Header Modification Sometimes you will need to intercept and modify the GET HTTP request before it is processed. Use the header() function to do this Be sure no output is displayed before sending headers or you'll get a message something like this : Warning: Cannot modify header information - headers already sent by (output started at D:\Program Files\nusphere\phpED\Projects\oldpage.php:3)
18
ITM 352 - © Port, Kazman18 Example: Header Forwarding You can forward (redirect) users to a different page using the header() function. header('Location: http://mysite.com/myfile.php'); This will substitute the current header with 'Location: http://mysite.com/myfile.php' Effect is that the page myfile.php will be loaded Tip: always include the protocol such as http:// or file:// to be sure you specify exactly what you want
19
ITM 352 - © Port, Kazman19 More Header Examples Passing values into the $_GET array during a redirect header('Location:myfile.php?name=Frankie& score=98&grade=A'); To deny access to a page if not authorized (more on this in later classes) header('WWW-Authenticate:Basic realm="My Website"'); header('HTTP/1.0 401 Unauthorized'); Do Exercise 3
20
ITM 352 - © Port, Kazman20 Implementing Back Buttons Also notice the different ways of using back buttons Hyperlink ">BACK Submit Button '> Java script history action on button
21
ITM 352 - © Port, Kazman21 Opening New Window Sometimes you want to have the Action of a form open a new window rather than replace the existing one./action_process.php What do you think would happen if you used " method="POST" target="_blank">
22
ITM 352 - © Port, Kazman22 Arrays in HTML forms Naming form elements within the same form with the same names and []'s will make an array (any input type). Elements are only those values that are non-empty. " method='post'> <? var_dump($_POST); ?>
![ITM © Port, Kazman22 Arrays in HTML forms Naming form elements within the same form with the same names and [] s will make an array (any input type).](http://images.slideplayer.com./25/8067926/slides/slide_22.jpg "Elements are only those values that are non-empty. method= post > <. var_dump($_POST); >.")
23
ITM 352 - © Port, Kazman23 Associative Array of Input Types Even better: specifying index values inside the []'s will be keys for the array (useful for directly associating selection with array data ) " method='post'> <? var_dump($_POST); ?>
![ITM © Port, Kazman23 Associative Array of Input Types Even better: specifying index values inside the [] s will be keys for the array (useful for directly associating selection with array data ) method= post > <.](http://images.slideplayer.com./25/8067926/slides/slide_23.jpg "var_dump($_POST); >.")
24
ITM 352 - © Port, Kazman24 Using Indexed Arrays to Generate Form Elements Using particular integer values inside the []'s will explicitly associate an index with the value in the array (this is really the same as an associative array) ” method='post'> <?php var_dump($_POST); $size = 10; for($i=0; $i<$size; $i++){ echo " checkbox $i "; } ?> Useful for when you want to know exactly which input items are non- empty (in the above example, which checkboxes were checked)
![ITM © Port, Kazman24 Using Indexed Arrays to Generate Form Elements Using particular integer values inside the [] s will explicitly associate an index with the value in the array (this is really the same as an associative array) method= post > < php var_dump($_POST); $size = 10; for($i=0; $i<$size; $i++){ echo checkbox $i ; } > Useful for when you want to know exactly which input items are non- empty (in the above example, which checkboxes were checked)](http://images.slideplayer.com./25/8067926/slides/slide_24.jpg "ITM © Port, Kazman24 Using Indexed Arrays to Generate Form Elements Using particular integer values inside the [] s will explicitly associate an index with the value in the array (this is really the same as an associative array) method= post > < php var_dump($_POST); $size = 10; for($i=0; $i<$size; $i++){ echo checkbox $i ; } > Useful for when you want to know exactly which input items are non- empty (in the above example, which checkboxes were checked)")
25
ITM 352 - © Port, Kazman25 Making HTML Forms 'Sticky' Whenever a is processed, the values of its elements are initially empty Sometimes you want to keep a form element value around after a submit (e.g. for fixing a user-entry error or for remembering a user’s preferences) To make a form value 'sticky' you must get the information submitted and set it as the value for the form element: ” method='post'> <input type='TEXT' name='textbox' value= “ ”>
26
ITM 352 - © Port, Kazman26 Example: Using HIDDEN to pass data through a page Select_quantities.php login.php <?php $login_successful = array_key_exists('login_submit_button', $_POST); if ($login_successful == TRUE) { $query_string = "quantity1={$_POST['quantity1']}&quantity2={$_POST['quantity2']}"; header("Location: invoice.php?$query_string"); }?> ' method=POST> Username: Password: ' > invoice.php print "quantity1 is {$_REQUEST['quantity1']} and quantity2 is {$_REQUEST ['quantity2']}";
![ITM © Port, Kazman26 Example: Using HIDDEN to pass data through a page Select_quantities.php login.php < php $login_successful = array_key_exists( login_submit_button , $_POST); if ($login_successful == TRUE) { $query_string = quantity1={$_POST[ quantity1 ]}&quantity2={$_POST[ quantity2 ]} ; header( Location: invoice.php $query_string ); } > method=POST> Username: Password: > invoice.php print quantity1 is {$_REQUEST[ quantity1 ]} and quantity2 is {$_REQUEST [ quantity2 ]} ;](http://images.slideplayer.com./25/8067926/slides/slide_26.jpg "ITM © Port, Kazman26 Example: Using HIDDEN to pass data through a page Select_quantities.php login.php < php $login_successful = array_key_exists( login_submit_button , $_POST); if ($login_successful == TRUE) { $query_string = quantity1={$_POST[ quantity1 ]}&quantity2={$_POST[ quantity2 ]} ; header( Location: invoice.php $query_string ); } > method=POST> Username: Password: > invoice.php print quantity1 is {$_REQUEST[ quantity1 ]} and quantity2 is {$_REQUEST [ quantity2 ]} ;")
27
ITM 352 - © Port, Kazman27 Example: passing a query string while using POST <form action='<?php print $_POST['PHP_SELF']. "?". $_SERVER['QUERY_STRING']; ?>' method=POST> Username:
![ITM © Port, Kazman27 Example: passing a query string while using POST <form action= < php print $_POST[ PHP_SELF ].](http://images.slideplayer.com./25/8067926/slides/slide_27.jpg ". $_SERVER[ QUERY_STRING ]; > method=POST> Username:.")
28
ITM 352 - © Port, Kazman28 Example Advanced HTML Form Processing: Checkbox Array <?php if (array_key_exists('a', $_POST)) { $selections = $_POST['a']; foreach ($selections as $key => $value) if ($selections[$key] == 'on') echo " you selected box $key"; exit; } ?> " method='post'> <?php // Create an array of checkboxes for ($i = 0; $i < 5; $i++) { echo " checkbox $i "; } ?>
![ITM © Port, Kazman28 Example Advanced HTML Form Processing: Checkbox Array < php if (array_key_exists( a , $_POST)) { $selections = $_POST[ a ]; foreach ($selections as $key => $value) if ($selections[$key] == on ) echo you selected box $key ; exit; } > method= post > < php // Create an array of checkboxes for ($i = 0; $i < 5; $i++) { echo checkbox $i ; } >](http://images.slideplayer.com./25/8067926/slides/slide_28.jpg "ITM © Port, Kazman28 Example Advanced HTML Form Processing: Checkbox Array < php if (array_key_exists( a , $_POST)) { $selections = $_POST[ a ]; foreach ($selections as $key => $value) if ($selections[$key] == on ) echo you selected box $key ; exit; } > method= post > < php // Create an array of checkboxes for ($i = 0; $i < 5; $i++) { echo checkbox $i ; } >")
29
ITM 352 - © Port, Kazman29 Putting Errors in Their Place <?php define('MIN_PASS_LEN', 3); define('MAX_PASS_LEN', 10); function check_pass($pword) { // Ensure that the password is the right size global $errors; if (strlen($pword) < MIN_PASS_LEN) $errors['password_short'] = 'Enter a longer password'; if (strlen($pword) > MAX_PASS_LEN) $errors['password_long'] = 'Enter a shorter password'; } $username = 'user'; $password = 'pass'; $errors = array(); if (array_key_exists('form_data', $_POST)) { // The user entered a password; check it check_pass($_POST['password']); if (count($errors) == 0 && $_POST['username'] == $username && $_POST['password'] == $password) { die('correct!!'); } else { echo 'wrong user or password!'; } ?>
![ITM © Port, Kazman29 Putting Errors in Their Place < php define( MIN_PASS_LEN , 3); define( MAX_PASS_LEN , 10); function check_pass($pword) { // Ensure that the password is the right size global $errors; if (strlen($pword) < MIN_PASS_LEN) $errors[ password_short ] = Enter a longer password ; if (strlen($pword) > MAX_PASS_LEN) $errors[ password_long ] = Enter a shorter password ; } $username = user ; $password = pass ; $errors = array(); if (array_key_exists( form_data , $_POST)) { // The user entered a password; check it check_pass($_POST[ password ]); if (count($errors) == 0 && $_POST[ username ] == $username && $_POST[ password ] == $password) { die( correct!! ); } else { echo wrong user or password! ; } >](http://images.slideplayer.com./25/8067926/slides/slide_29.jpg "ITM © Port, Kazman29 Putting Errors in Their Place < php define( MIN_PASS_LEN , 3); define( MAX_PASS_LEN , 10); function check_pass($pword) { // Ensure that the password is the right size global $errors; if (strlen($pword) < MIN_PASS_LEN) $errors[ password_short ] = Enter a longer password ; if (strlen($pword) > MAX_PASS_LEN) $errors[ password_long ] = Enter a shorter password ; } $username = user ; $password = pass ; $errors = array(); if (array_key_exists( form_data , $_POST)) { // The user entered a password; check it check_pass($_POST[ password ]); if (count($errors) == 0 && $_POST[ username ] == $username && $_POST[ password ] == $password) { die( correct!! ); } else { echo wrong user or password! ; } >")
30
ITM 352 - © Port, Kazman30 Putting Errors in Their Place ' method= 'POST'> Username: <INPUT TYPE="TEXT" name="username" value = " "> Password: <?php // Put an error message by the offending password field if (isset($errors['password_short'])) echo " {$errors['password_short']} "; if (isset($errors['password_long'])) echo " {$errors['password_long']} "; ?>
![ITM © Port, Kazman30 Putting Errors in Their Place method= POST > Username: <INPUT TYPE= TEXT name= username value = > Password: < php // Put an error message by the offending password field if (isset($errors[ password_short ])) echo {$errors[ password_short ]} ; if (isset($errors[ password_long ])) echo {$errors[ password_long ]} ; >](http://images.slideplayer.com./25/8067926/slides/slide_30.jpg "ITM © Port, Kazman30 Putting Errors in Their Place method= POST > Username: <INPUT TYPE= TEXT name= username value = > Password: < php // Put an error message by the offending password field if (isset($errors[ password_short ])) echo {$errors[ password_short ]} ; if (isset($errors[ password_long ])) echo {$errors[ password_long ]} ; >")
Similar presentations
