Upload
angel-garcia
View
87
Download
0
Embed Size (px)
DESCRIPTION
Citation preview
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
Programacion Web- Unidad 3: Programacion del lado del servidor -
PHP 2
Mario Garza [email protected]
Universidad Politecnica de VictoriaCd. Victoria, Tamaulipas, Mexico.
http://www.tamps.cinvestav.mx/~mgarza/UPV_WP/
Enero - Abril, 2014
Programacion Web - U3: Programacion del lado del servidor - PHP 2 1/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
Contents I
1 Writing PHP code
2 Form Handling
3 Passing data from one page to another
4 Input Validation
5 PHP and MySQL
Programacion Web - U3: Programacion del lado del servidor - PHP 2 2/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
Writing PHP code
<?phpecho ”<p><b> 5 + 2 = ” . (5+2) . ”</b></p>”
?>
the above code is equivalent to:
<p><b> 5 + 2 = <?php echo (5+2) ?> </b></p>
Programacion Web - U3: Programacion del lado del servidor - PHP 2 3/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Form Handling (POST method)
Form data is sent a PHP file named “welcome.php”. The formdata is sent using the HTTP POST method.
<form act ion=” welcome . php” method=” p o s t ”>
Name : <input type=” t e x t ” name=”name”><br>
E−m a i l : <input type=” t e x t ” name=” e m a i l ”><br>
<input type=” submit ”>
</ form>
Programacion Web - U3: Programacion del lado del servidor - PHP 2 4/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Form Handling (POST method)
$ POST is widely used to collect form data after submitting anHTML form with method=“post”.
Welcome <?php echo $ POST [ ”name” ] ; ?><br>
Your e m a i l i s : <?php echo $ POST [ ” e m a i l ” ] ; ?>
Programacion Web - U3: Programacion del lado del servidor - PHP 2 5/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Form Handling (GET method)
Form data is sent a PHP file named “welcome.php”. The formdata is sent using the HTTP GET method.
<form act ion=” welcome . php” method=” g e t ”>
Name : <input type=” t e x t ” name=”name”><br>
E−m a i l : <input type=” t e x t ” name=” e m a i l ”><br>
<input type=” submit ”>
</ form>
Programacion Web - U3: Programacion del lado del servidor - PHP 2 6/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Form Handling (GET method)
$ GET is widely used to collect form data after submitting anHTML form with method=“get”.
Welcome <?php echo $ GET [ ”name” ] ; ?><br>
Your e m a i l i s : <?php echo $ GET [ ” e m a i l ” ] ; ?>
Programacion Web - U3: Programacion del lado del servidor - PHP 2 7/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - POST vs GET
Both GET and POST create an associative array. This arrayholds key/value pairs, where keys are the names of the formcontrols and values are the input data from the user.
Both GET and POST are treated as $ GET and $ POST.
$ GET and $ POST are superglobals (they are alwaysaccessible).
Programacion Web - U3: Programacion del lado del servidor - PHP 2 8/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - POST vs GET
$ GET is an array of variables passed to the current script via theURL parameters.
Information sent from a form with the GET method is visible toeveryone (all variable names and values are displayed in the URL).
GET also has limits on the amount of information to send (about2000 characters).
Because the variables are displayed in the URL, it is possible tobookmark the page.
GET may be used for sending non-sensitive data (for example,should NEVER be used for sending passwords).
Programacion Web - U3: Programacion del lado del servidor - PHP 2 9/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - POST vs GET
$ POST is an array of variables passed to the current script viathe HTTP POST method.
Information sent from a form with the POST method is invisible toothers (all names/values are embedded within the body of theHTTP request).
The POST method has no limits on the amount of informationto send.
Moreover POST supports advanced functionality such as uploadingfiles to server.
However, because the variables are not displayed in the URL, it isnot possible to bookmark the page.
Programacion Web - U3: Programacion del lado del servidor - PHP 2 10/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Passing data from one page to another
Using hidden fields:
<input type=” h i d d e n ” name=” x” value=”<?=$ GET [ ’ x ’ ] ; ? > ”>
Data from a previous page is stored in a hidden field
Hidden fields are sent to the next page together with the other formcontrols
Programacion Web - U3: Programacion del lado del servidor - PHP 2 11/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Passing data from one page to another
Using session variables:
s e s s i o n s t a r t ( ) ;
$ SESSION [ ’ a ’ ] = $ GET [ ’ txtNombre ’ ] ;
session start() starts new or resumes existing session
$ SESSION[’a’] = 5 creates the session variable by assigning avalue to it
Programacion Web - U3: Programacion del lado del servidor - PHP 2 12/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Input Validation
empty($var)
Evaluates whether the variable $var is empty.
i f ( empty ( $ POST [ ” txtNombre ” ] ) )
echo ”ERROR: Dato o b l i g a t o r i o ! ! ! ” ;
Programacion Web - U3: Programacion del lado del servidor - PHP 2 13/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Input Validation
preg match ($pattern, $subject)
Searches $subject for a match to the regular expression given in $pattern.
i f ( ! preg match ( ” / ˆ [ a−zA−Z ]∗ $/” , $ POST [ ” txtNombre ” ] ) )
echo ”ERROR: S o l o l e t r a s y e s p a c i o s ! ! ! ” ;
Programacion Web - U3: Programacion del lado del servidor - PHP 2 14/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Input Validation
[abc] A single character: a, b or c[ˆabc] Any single character but a, b, or c[a− z ] Any single character in the range a-z[a− zA− Z ] Any single character in the range a-z or A-Zˆ Start of line$ End of line\A Start of string\z End of string. Any single character\s Any whitespace character\S Any non-whitespace character
Programacion Web - U3: Programacion del lado del servidor - PHP 2 15/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - Input Validation
\d Any digit\D Any non-digit\w Any word character (letter, number, underscore)\W Any non-word character\b Any word boundary character(...) Capture everything enclosed(a|b) a or ba? Zero or one of aa* Zero or more of aa+ One or more of aa{3} Exactly 3 of aa{3,} 3 or more of aa{3,6} Between 3 and 6 of a
Programacion Web - U3: Programacion del lado del servidor - PHP 2 16/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - PHP and MySQL
Connecting to MySQL server
$cnn = m y s q l i c o n n e c t ( ” h o s t ” , ” u s r ” , ” p a s s ” , ”bd” ) ;
i f ( m y s q l i c o n n e c t e r r n o ( ) )echo m y s q l i c o n n e c t e r r o r ( ) ;
mysqli connect(). Opens a new connection to the MySQL server.
mysqli connect errno(). Returns the error code from last connectcall, or 0 if no error occurred.
mysqli connect error(). Returns a string description of the lastconnect error.
Programacion Web - U3: Programacion del lado del servidor - PHP 2 17/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - PHP and MySQL
Closing connection
m y s q l i c l o s e ( $cnn ) ;
mysqli close(). Closes a previously opened database connection
Programacion Web - U3: Programacion del lado del servidor - PHP 2 18/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - PHP and MySQL
Performing a query on the database
m y s q l i q u e r y ( $cnn , ”USER SQL QUERY” )
mysqli query():
Performs a query on the database (using connection $cnn).
Returns FALSE on failure.
For successful SELECT, SHOW, DESCRIBE or EXPLAIN queriesmysqli query() will return a mysqli result object.
For other successful queries mysqli query() will return TRUE.
Programacion Web - U3: Programacion del lado del servidor - PHP 2 19/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - PHP and MySQL
INSERT example
$ s q l = ”INSERT INTO t a b l e ( f i e l d ) VALUES ( ’ v a l u e ’ ) ” ;
i f ( ! m y s q l i q u e r y ( $cnn , $ s q l ) ){echo ”ERROR: ” . m y s q l i e r r o r ( $cnn ) ;
}
mysqli error(): Returns a string description of the last error.
Programacion Web - U3: Programacion del lado del servidor - PHP 2 20/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - PHP and MySQL
SELECT example
i f ( $ r s = m y s q l i q u e r y ( $cnn , ”SELECT ∗ FROM t a b l e ” ) ){
echo ”Rows : ” , m ys q l i nu m ro ws ( $ r s ) , ”<br>” ;
whi le ( $row = m y s q l i f e t c h a r r a y ( $ r s ) ){echo $row [ ’ f i e l d ’ ] , ”<br>” ;
}
m y s q l i f r e e r e s u l t ( $ r s ) ;
} e l s e echo ”ERROR: ” . m y s q l i e r r o r ( $cnn ) ;
Programacion Web - U3: Programacion del lado del servidor - PHP 2 21/22
Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL
PHP - PHP and MySQL
mysqli num rows(): Gets the number of rows in a result.
mysqli fetch array(): Returns an array that corresponds to thefetched row or NULL if there are no more rows for the resultset.
mysqli free result(): Frees the memory associated with a result.
Other useful functions:
mysqli data seek(): Seeks to an arbitrary result pointer. Forexample, mysqli data seek($rs, 399) moves to row 400...
Programacion Web - U3: Programacion del lado del servidor - PHP 2 22/22