Upload
lee-stewart
View
220
Download
0
Embed Size (px)
DESCRIPTION
3 PHP HTTP HTML Form
Citation preview
1PHP HTTPPHP HTTP
After this lecture, you should be able to After this lecture, you should be able to know:know:
How to create and process How to create and process web formsweb forms with with HTML and PHP.HTML and PHP.
How to How to persist client’s statespersist client’s states over requests. over requests. How to How to authenticate a clientauthenticate a client by using by using
cookies or PHP sessions.cookies or PHP sessions. Complete Complete Assignment 6, part 1Assignment 6, part 1.. Be ready to implement your Be ready to implement your Course ProjectCourse Project..
PHP Support for HTML and HTTPPHP Support for HTML and HTTP
2PHP HTTPPHP HTTP
Parameters submitted from an HTML Parameters submitted from an HTML form can be easily retrieved.form can be easily retrieved.
Different HTTP requests from the Different HTTP requests from the same client can be interrelated with a same client can be interrelated with a cookiecookie..
Session variablesSession variables allow data to allow data to persist during a session, which is a persist during a session, which is a succession of requests from the same succession of requests from the same client. client.
PHP Support for HTML and HTTPPHP Support for HTML and HTTP
3PHP HTTPPHP HTTP
HTML FormHTML Formhttp://web.engr.oregonstate.edu/~pham/cs275/test_form.html
4PHP HTTPPHP HTTP
HTML FormHTML Form<html><html> <head><head> <title>Sample HTML Form</title><title>Sample HTML Form</title> </head></head> <body><body> <FORM <FORM ACTION="submit_form.php" METHOD="POST"ACTION="submit_form.php" METHOD="POST" NAME = "TestForm">NAME = "TestForm"> First Name:First Name: <INPUT TYPE="TEXT" NAME = "first_name" SIZE = "30" <INPUT TYPE="TEXT" NAME = "first_name" SIZE = "30" MAXLENGTH = "30"><BR><BR>MAXLENGTH = "30"><BR><BR> Last Name:Last Name: <INPUT TYPE="TEXT" NAME = "last_name" SIZE = "30" <INPUT TYPE="TEXT" NAME = "last_name" SIZE = "30" MAXLENGTH = "30"><BR><BR>MAXLENGTH = "30"><BR><BR> <INPUT TYPE="SUBMIT" NAME = "Submit" VALUE = "Search"><INPUT TYPE="SUBMIT" NAME = "Submit" VALUE = "Search"> </FORM></FORM> </body></body></html></html>
5PHP HTTPPHP HTTP
Form AttributesForm Attributes
ACTION =ACTION = URL_of_scriptURL_of_scriptThe script specified is activated when the The script specified is activated when the
formformis submitted.is submitted.
METHOD =METHOD = method_for_passing_data method_for_passing_data "GET""GET" "POST""POST"
6PHP HTTPPHP HTTP
Passing HTML Parameters with Method Passing HTML Parameters with Method GETGET
<FORM ACTION="submit_form.php" <FORM ACTION="submit_form.php" METHOD=“GET”>METHOD=“GET”>
The form parameters are passed The form parameters are passed as part of the URLas part of the URL.. http://web.engr.oregonstate.edu/~pham/cs275/submit_form.php?first_name=Tuan&last_name=Pham
The length of the URL is limited The length of the URL is limited (imposed by web browser and server software)(imposed by web browser and server software)..
The user can see and modify The user can see and modify the parameters.the parameters.
7PHP HTTPPHP HTTP
Passing HTML Parameters with Method Passing HTML Parameters with Method POSTPOST
<FORM ACTION="submit_form.php" <FORM ACTION="submit_form.php" METHOD=“POST”>METHOD=“POST”>
The form parameters are passed as The form parameters are passed as the HTTP Request body.the HTTP Request body.
URL: URL: http://web.engr.oregonstate.edu/~pham/cs275/submit_form.php
HTTP Request Body: HTTP Request Body: first_name=tuan&last_name=pham&first_name=tuan&last_name=pham&
Submit=searchSubmit=search The size of the HTTP body can be The size of the HTTP body can be
large.large. The user cannot see the parameters.The user cannot see the parameters.
8PHP HTTPPHP HTTP
Attributes of an INPUT ElementAttributes of an INPUT Element
<INPUT … > (<INPUT … > (no closing tagno closing tag)) TYPE = TYPE = "TEXT", "PASSWORD""TEXT", "PASSWORD""RADIO", "CHECKBOX""RADIO", "CHECKBOX""SUBMIT", "RESET""SUBMIT", "RESET""IMAGE", "HIDDEN""IMAGE", "HIDDEN"
NAME = NAME = form_parameter_nameform_parameter_name VALUE = VALUE = initial_valueinitial_value SIZE, MAXLENGTH, CHECKEDSIZE, MAXLENGTH, CHECKED
9PHP HTTPPHP HTTP
Retrieving Form ParametersRetrieving Form Parameters $_GET$_GET or or $_POST$_POST arrays can be used: arrays can be used:
<?php<?php......$first_name = $_GET[‘first_name'];$first_name = $_GET[‘first_name'];$last_name = $_GET[‘last_name'];$last_name = $_GET[‘last_name'];......
?> ?>
<?php<?php......$first_name = $_POST[‘first_name'];$first_name = $_POST[‘first_name'];$last_name = $_POST[‘last_name'];$last_name = $_POST[‘last_name'];......
?> ?>
10PHP HTTPPHP HTTP
Retrieving HTTP and HTML Retrieving HTTP and HTML ParametersParameters
Six superglobal arrays in PHPSix superglobal arrays in PHP $_GET$_GET, , $_POST$_POST - GET, POST parameters - GET, POST parameters $_COOKIE$_COOKIE - cookie value - cookie value $_FILES$_FILES - information about uploaded files - information about uploaded files $_SERVER$_SERVER - information about the web server - information about the web server $_ENV$_ENV - environment variables - environment variables
11PHP HTTPPHP HTTP
ACTION FILEACTION FILE// submit_form.php // submit_form.php <HTML> <HTML> <HEAD><HEAD> <TITLE> FORM SUBMISSION </TITLE><TITLE> FORM SUBMISSION </TITLE> </HEAD></HEAD> <body><body> <h1> Result of Form Submission </h1><h1> Result of Form Submission </h1> <hr /><hr /><?php<?php $first_name = $_POST['first_name'];$first_name = $_POST['first_name']; $last_name = $_POST['last_name'];$last_name = $_POST['last_name']; $remote_addr = $_SERVER['REMOTE_ADDR'];$remote_addr = $_SERVER['REMOTE_ADDR']; echo "First Name = $first_name<br />";echo "First Name = $first_name<br />"; echo "Last Name = $last_name<br />";echo "Last Name = $last_name<br />"; echo "Client IP Address = $remote_addr<br />";echo "Client IP Address = $remote_addr<br />"; echo "BYE <br />";echo "BYE <br />";?>?> <hr /><hr /> </body></body></HTML></HTML>
12PHP HTTPPHP HTTP
ACTION FILEACTION FILE
13PHP HTTPPHP HTTP
Purpose of a CookiePurpose of a Cookie HTTP protocol is HTTP protocol is statelessstateless. That is, . That is,
each request is independent. each request is independent. One way to interrelate HTTP requests One way to interrelate HTTP requests
from the same client is to use from the same client is to use a a cookiecookie..
A cookieA cookie is a piece of information is a piece of information sent to a browser by a Web Server. sent to a browser by a Web Server. The browser then returns that The browser then returns that information to the Web server in the information to the Web server in the following requests.following requests.
14PHP HTTPPHP HTTP
Purpose of a CookiePurpose of a Cookie Cookie is one way for the web sites Cookie is one way for the web sites
to to “remember”“remember” the users the usersFor example:For example: A client ID, generated by the server, A client ID, generated by the server,
can be attached to the reply to the can be attached to the reply to the first request -> stored in a cookie first request -> stored in a cookie
The client can submit this client ID to The client can submit this client ID to the subsequent requests.the subsequent requests.
The client ID may be saved in the The client ID may be saved in the database.database.
15PHP HTTPPHP HTTP
#1234
webbrowser
webserverfirst request
first reply
subsequent request1
#1234
Passing a CookiePassing a Cookie
#1234subsequent request2
#1234
16PHP HTTPPHP HTTP
Some Details on a CookieSome Details on a Cookie A cookie contains information about a visit to A cookie contains information about a visit to
a website:a website: Cookie name and value,Cookie name and value, Expiration time in seconds,Expiration time in seconds, Server domain name and application path, Server domain name and application path,
andand Whether secure HTTP (HTTPS) should be Whether secure HTTP (HTTPS) should be
used or not.used or not. Cookies are stored on Cookies are stored on client machinesclient machines.. A cookie is normally sent A cookie is normally sent automaticallyautomatically to the to the
server when the client revisits the application.server when the client revisits the application.
17PHP HTTPPHP HTTP
Setting cookies with PHPSetting cookies with PHP<?php<?phpsetcookie(“client_id", “12345", setcookie(“client_id", “12345",
time()+ 60 * 60 * 24 * 100);time()+ 60 * 60 * 24 * 100);?>?>
setcookie()setcookie() should be executed should be executed before any HTML content is sent to before any HTML content is sent to the browser as it is stored in the HTTP the browser as it is stored in the HTTP response header.response header.
In the above example, the cookie will In the above example, the cookie will expire after 100 days.expire after 100 days.
18PHP HTTPPHP HTTP
Identifying a Client with a CookieIdentifying a Client with a Cookie A client ID is generated for each A client ID is generated for each
new client and sent to the client new client and sent to the client with a cookie.with a cookie.
A cookie is stored on the client A cookie is stored on the client machine.machine.
An existing client submits the An existing client submits the client ID with a cookie.client ID with a cookie.
19PHP HTTPPHP HTTP
Getting a Client ID from a CookieGetting a Client ID from a Cookie<?php<?php
if ($client_id = $_COOKIE[‘client_id’]) {if ($client_id = $_COOKIE[‘client_id’]) { $client_name =$client_name = get_client_name($client_id);get_client_name($client_id); print “Welcome back, $client_name";print “Welcome back, $client_name";}}else {else { print “Welcome, New Client";print “Welcome, New Client";}}
?>?>
20PHP HTTPPHP HTTP
Setting Data in a CookieSetting Data in a Cookie
<?php<?php$client_id = generate_client_id();$client_id = generate_client_id(); setcookie(‘client_id', setcookie(‘client_id', $client_id, time() + 3600);$client_id, time() + 3600);
?>?>
21PHP HTTPPHP HTTP
Removing a cookieRemoving a cookie
<?php<?phpsetcookie("cookiename", "", setcookie("cookiename", "", time()-60);time()-60);
?>?><HTML><HTML>......
</HTML></HTML>
22PHP HTTPPHP HTTP
SessionsSessions PHP has PHP has built-in supportbuilt-in support for sessions. for sessions. A session supports persistent variables A session supports persistent variables
accessible by different scripts and accessible by different scripts and across multiple visitsacross multiple visits to the site. to the site.
Sessions are Sessions are a combination of a server-a combination of a server-side cookieside cookie andand a client-side cookiea client-side cookie, , where the client-side cookie is simply a where the client-side cookie is simply a reference id to the information stored reference id to the information stored in the server-side cookie.in the server-side cookie.
A session is also closed when a A session is also closed when a browser which started the session is browser which started the session is closed.closed.
23PHP HTTPPHP HTTP
Starting and Continuing a SessionStarting and Continuing a Session Start/resume a sessionStart/resume a session
session_start();session_start(); Session variables are in array Session variables are in array $_SESSION$_SESSION..<?php<?php
session_start();session_start();........$_SESSION[‘user_id'] = $_SESSION[‘user_id'] = get_user_id($user_name, $password);get_user_id($user_name, $password);?>?><HTML><HTML> . . .. . .</HTML></HTML>
24PHP HTTPPHP HTTP
Login page using sessionLogin page using session
login.php
page_1
page_N
sessionsession
Register session global Register session global variables for each variables for each sessionsession
$$_SESSION['USER_ID']_SESSION['USER_ID']$_SESSION['USER_NAME']$_SESSION['USER_NAME']$_SESSION['USER_ROLE']$_SESSION['USER_ROLE']
calling calling session_start()session_start()
call call session_destroy()session_destroy()or close the browseror close the browser
Check sessionCheck sessionvariablesvariables
25PHP HTTPPHP HTTP
<?<?session_start();session_start();
$user_id = get_user_id($_POST['login_name],$user_id = get_user_id($_POST['login_name], $_POST['password']);$_POST['password']); if ($user_id) {if ($user_id) { // the user is registered.// the user is registered. $_SESSION[‘USER_ID'] = $user_id;$_SESSION[‘USER_ID'] = $user_id; $_SESSION['USER_NAME'] = get_name($user_id);$_SESSION['USER_NAME'] = get_name($user_id); $_SESSION['USER_ROLE'] = get_role($user_id);$_SESSION['USER_ROLE'] = get_role($user_id); echo “Welcome $_SESSION['USER_NAME']”;echo “Welcome $_SESSION['USER_NAME']”; } else {} else { // If the user is not registered,// If the user is not registered, // direct her/him to the registration page.// direct her/him to the registration page. header(“Location: register_new_user.php”);header(“Location: register_new_user.php”); }}?>?>
Login Page Using a Session Login Page Using a Session VariableVariable
26PHP HTTPPHP HTTP
<?<?session_start();session_start();
if ($_SESSION[‘USER_ID']) {if ($_SESSION[‘USER_ID']) { // the user is logged in.// the user is logged in. . . .. . .
} else {} else { // If the user is not logged in,// If the user is not logged in, // direct her/him to the login page.// direct her/him to the login page. header(“Location: login_user.php”);header(“Location: login_user.php”); }}?>?>
Checking Logged-In UserChecking Logged-In User
27PHP HTTPPHP HTTP
Additional session functionsAdditional session functions unset($_SESSIONunset($_SESSION[‘var_name’])[‘var_name’])
Unset a session variableUnset a session variable.. isset(isset($_SESSION$_SESSION[‘var_name’])[‘var_name’])
Find out whether a session variable is set.Find out whether a session variable is set. session_id()session_id()
Get and /or set current session idGet and /or set current session id session_destroy()session_destroy()
Destroy all data registered to a sessionDestroy all data registered to a session