Presentation is loading. Please wait.

Presentation is loading. Please wait.

Part 2 Lecture 9 PHP Superglobals and Form Handling.

Published byEric Nelson Modified over 9 years ago

Similar presentations

Presentation on theme: "Part 2 Lecture 9 PHP Superglobals and Form Handling."— Presentation transcript:

1 Part 2 Lecture 9 PHP Superglobals and Form Handling

2 PHP superglobals There are several superglobal variables in PHP. $globals $_server $_request $_post $_get $_files $_env $_cookie $_session

3 $GLOBALS Is used to access global variables from anywhere in the PHP script. Example: <?php $x = 5; $y = 7; function sum(){ $GLOBALS[‘z’] = $GLOBALS[‘x’]+$GLOBALS[‘y’] } sum(); echo $z; ?>

4 $_SERVER It holds information about headers, path and script locations. It is written $_SERVER[‘ ’] The following elements can be placed within the quotes of the square brackets. $_SERVER[‘PHP_SELF’]: returns the file name of the currently executing script $_SERVER[‘GATEWAY_INTERFACE’] $_SERVER[‘SERVER_ADDR’] $_SERVER[‘SERVER_NAME’] $_SERVER[‘SERVER_SOFTWARE’] $_SERVER[‘SERVER_PROTOCOL’] $_SERVER[‘REQUEST_METHOD’] $_SERVER[‘REQUEST_TIME’] $_SERVER[‘QUERY_STRING’]

5 $_SERVER[‘HTTP_ACCEPT’] $_SERVER[‘HTTP_ACCEPT_CHARSET’] $_SERVER[‘HTTP_HOST’] $_SERVER[‘HTTP_REFERER’] $_SERVER[‘HTTPS’] $_SERVER[‘REMOTE_ADDR’] $_SERVER[‘REMOTE_HOST’] $_SERVER[‘REMOTE_PORT’] $_SERVER[‘SCRIPT_FILENAME’] $_SERVER[‘SERVER_ADMIN’] $_SERVER[‘SERVER_PORT’] $_SERVER[‘SERVER_SIGNATURE’] $_SERVER[‘PATH_ TRANSLATED’] $_SERVER[‘SCRIPT_NAME’] $_SERVER[‘SCRIPT_URI’]

6 $_REQUEST: This is used to collect data after submitting an html form. $_POST: used to collect form data after submitting an html form with http method =“post”. $_GET: used to collect form data after submitting an html form with http method =“get”.

7 PHP Form handling In the last lecture, we discussed html forms. Lets do a quick recap of the things we need to remember. The Form element takes the method and action attributes. Action specifies where the form is sent when submitted and method specifies the http method to be used to send the form. GET and POST are the two most used http methods. Use GET when the data you are sending does not contain sensitive information because all variables and values are displayed in the address bar. One advantage of using GET is that the page can be bookmarked. Use POST when the information you are sending is sensitive. unlimited number of characters can be sent via post.

8 The super global $_GET and $_POST are used to collect form data in PHP. $_GET is used when the http method used for the form is GET and $_POST is used when the http method used for the form is POST. Now let’s launch wamp server and open the www directory to do some practical. Open your school of programming folder and the welcome.php page which we created in the last lecture.

9 Welcome.php page On your welcome.php page, type the following. <?php $username =$_POST['username']; echo "WELCOME ".$username; ?> the $_post[“form element name” ] is an inbuilt function used to get post data. If the http method used on the form was GET, then we would use $_GET[“form element name”]. So php will look for the html form element with the specified name in the square bracket and return the value entered. Now lets create a new page and give it the name register.php to do some detailed explanation of how forms are handled and validated. type the following code on your register.php page.

10 .error {color: #FF0000;} <?php function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } // define variables and set to empty values $firstnameErr = $lastnameErr = $middlenameErr =$emailErr = $genderErr =""; $firstname = $lastname =$middlename = $email = $gender = ""; //check if the submit button was clicked if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["firstname"])) { $firstnameErr = "first name is required"; } else { $firstname = test_input($_POST["firstname"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$firstname)) { $firstnameErr = "Only letters and white space allowed"; }

11 if (empty($_POST["lastname"])) { $lastnameErr = "last name is required"; } else { $lastname = test_input($_POST["lastname"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$lastname)) { $lastnameErr = "Only letters and white space allowed"; } if (empty($_POST["middlename"])) { $middlenameErr = "middle name is required"; } else { $middlename = test_input($_POST["middlename"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$middlename)) { $middlenameErr = "Only letters and white space allowed"; }

12 if (empty($_POST["email"])) { $emailErr = "Email is required"; } else { $email = test_input($_POST["email"]); // check if e-mail address is well-formed if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; } if (empty($_POST["sex"])) { $genderErr = "Gender is required"; } else { $gender = test_input($_POST["sex"]); }

13 ?> Registration form * required field. <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> First Name: "> * Last Name: "> * Middle Name: "> * E-mail: "> *

14 Gender: value="female">Female value="male">Male * <?php echo " Below is the information you entered "; echo "first name: ".$firstname; echo " "; echo "last name: ".$lastname; echo " "; echo "middle name: ".$middlename; echo " "; echo "your email address is: ".$email; echo " "; echo "you are a: ".$gender; ?>

15 Explanation of the registration form. Because our form method is post, we use $_POST super global to access the form. The validation rule for the form is that all fields must be filled, the email must be valid and gender must be selected. The super global $_SERVER[“PHP_SELF”] returns the file name of the currently executing script. The form data is submitted to itself instead of a new page. this way the user will get error messages on the same page as the form. This super global can be exploited. To prevent cross site scripting attacks, the htmlspecialchars() function is used to convert special characters to html entities.

16 htmlspecialchars(): this function converts special characters to HTML entities and prevents attackers from exploiting the code by injecting scripts in forms. (prevents XSS attacks). trim(): the trim function removes extra spaces, tabs and newline from the user input data. stripslashes(): this function removes backslashes from user input. The function test_input that we have written uses the functions mentioned above to perform its functions on the input.

Download ppt "Part 2 Lecture 9 PHP Superglobals and Form Handling."

Similar presentations

PHP Form and File Handling

PHP Form and File Handling
WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
CHAPTER 3 MORE ON FORM HANDLING INCLUDING MULTIPLE FILES WRITING FUNCTIONS.

CHAPTER 3 MORE ON FORM HANDLING INCLUDING MULTIPLE FILES WRITING FUNCTIONS.
Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: E-mail: CENG 449 Lecture 11.

Slide 1 of 40 PHP Form Handling The PHP superglobals $_GET and $_POST are used to collect form-data. EX: Name: CENG 449 Lecture 11.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
1 Chapter 5 – Handling HTML Controls in Web Pages spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.

1 Chapter 5 – Handling HTML Controls in Web Pages spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
Email. If the PHP server is an email server or is aware of which server is the email server, then one can write code that emails information. –For example,

. If the PHP server is an server or is aware of which server is the server, then one can write code that s information. –For example,
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.

Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.

MS3304: Week 4 PHP & HTML Forms. Overview HTML Forms elements refresher Sending data to a script via an HTML form –The post vs. get methods –Name value.
Unit 7 – Working with Forms 1. Creating a form 2. Accessing the submitted data 3. Common operations on forms.

Unit 7 – Working with Forms 1. Creating a form 2. Accessing the submitted data 3. Common operations on forms.
PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.

PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.
PHP Security.

PHP Security.
Advance Database Management Systems Lab no. 5 PHP Web Pages.

Advance Database Management Systems Lab no. 5 PHP Web Pages.
Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh E-mail.

Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Advance web Programming Chapter 3: MySQL Date: 28 April 2014 Dr. Mogeeb A. A. Mosleh .
_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.

_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.
Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.
Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.

Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.
Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.

Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.
Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition

Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition
PHP : Hypertext Preprocessor

PHP : Hypertext Preprocessor

Similar presentations

Ads by Google