U3 php 2

Writing PHP code Form Handling Passing data from one page to another Input Validation PHP and MySQL

Programacion Web- Unidad 3: Programacion del lado del servidor -

PHP 2

Mario Garza [email protected]

Universidad Politecnica de VictoriaCd. Victoria, Tamaulipas, Mexico.

http://www.tamps.cinvestav.mx/~mgarza/UPV_WP/

Enero - Abril, 2014

Programacion Web - U3: Programacion del lado del servidor - PHP 2 1/22

http://www.tamps.cinvestav.mx/~mgarza/UPV_WP/


Contents I

1 Writing PHP code

2 Form Handling

3 Passing data from one page to another

4 Input Validation

5 PHP and MySQL



Writing PHP code

<?phpecho ”<p><b> 5 + 2 = ” . (5+2) . ”</b></p>”

?>

the above code is equivalent to:

<p><b> 5 + 2 = <?php echo (5+2) ?> </b></p>



PHP - Form Handling (POST method)

Form data is sent a PHP file named “welcome.php”. The formdata is sent using the HTTP POST method.

<form act ion=” welcome . php” method=” p o s t ”>

Name : <input type=” t e x t ” name=”name”><br>

E−m a i l : <input type=” t e x t ” name=” e m a i l ”><br>

<input type=” submit ”>

</ form>



PHP - Form Handling (POST method)

$ POST is widely used to collect form data after submitting anHTML form with method=“post”.

Welcome <?php echo $ POST [ ”name” ] ; ?><br>

Your e m a i l i s : <?php echo $ POST [ ” e m a i l ” ] ; ?>



PHP - Form Handling (GET method)

Form data is sent a PHP file named “welcome.php”. The formdata is sent using the HTTP GET method.

<form act ion=” welcome . php” method=” g e t ”>

Name : <input type=” t e x t ” name=”name”><br>

E−m a i l : <input type=” t e x t ” name=” e m a i l ”><br>

<input type=” submit ”>

</ form>



PHP - Form Handling (GET method)

$ GET is widely used to collect form data after submitting anHTML form with method=“get”.

Welcome <?php echo $ GET [ ”name” ] ; ?><br>

Your e m a i l i s : <?php echo $ GET [ ” e m a i l ” ] ; ?>



PHP - POST vs GET

Both GET and POST create an associative array. This arrayholds key/value pairs, where keys are the names of the formcontrols and values are the input data from the user.

Both GET and POST are treated as $ GET and $ POST.

$ GET and $ POST are superglobals (they are alwaysaccessible).



PHP - POST vs GET

$ GET is an array of variables passed to the current script via theURL parameters.

Information sent from a form with the GET method is visible toeveryone (all variable names and values are displayed in the URL).

GET also has limits on the amount of information to send (about2000 characters).

Because the variables are displayed in the URL, it is possible tobookmark the page.

GET may be used for sending non-sensitive data (for example,should NEVER be used for sending passwords).



PHP - POST vs GET

$ POST is an array of variables passed to the current script viathe HTTP POST method.

Information sent from a form with the POST method is invisible toothers (all names/values are embedded within the body of theHTTP request).

The POST method has no limits on the amount of informationto send.

Moreover POST supports advanced functionality such as uploadingfiles to server.

However, because the variables are not displayed in the URL, it isnot possible to bookmark the page.



PHP - Passing data from one page to another

Using hidden fields:

<input type=” h i d d e n ” name=” x” value=”<?=$ GET [ ’ x ’ ] ; ? > ”>

Data from a previous page is stored in a hidden field

Hidden fields are sent to the next page together with the other formcontrols



PHP - Passing data from one page to another

Using session variables:

s e s s i o n s t a r t ( ) ;

$ SESSION [ ’ a ’ ] = $ GET [ ’ txtNombre ’ ] ;

session start() starts new or resumes existing session

$ SESSION[’a’] = 5 creates the session variable by assigning avalue to it



PHP - Input Validation

empty($var)

Evaluates whether the variable $var is empty.

i f ( empty ( $ POST [ ” txtNombre ” ] ) )

echo ”ERROR: Dato o b l i g a t o r i o ! ! ! ” ;




preg match ($pattern, $subject)

Searches $subject for a match to the regular expression given in $pattern.

i f ( ! preg match ( ” / ˆ [ a−zA−Z ]∗ $/” , $ POST [ ” txtNombre ” ] ) )

echo ”ERROR: S o l o l e t r a s y e s p a c i o s ! ! ! ” ;




[abc] A single character: a, b or c[ˆabc] Any single character but a, b, or c[a− z ] Any single character in the range a-z[a− zA− Z ] Any single character in the range a-z or A-Zˆ Start of line$ End of line\A Start of string\z End of string. Any single character\s Any whitespace character\S Any non-whitespace character




\d Any digit\D Any non-digit\w Any word character (letter, number, underscore)\W Any non-word character\b Any word boundary character(...) Capture everything enclosed(a|b) a or ba? Zero or one of aa* Zero or more of aa+ One or more of aa{3} Exactly 3 of aa{3,} 3 or more of aa{3,6} Between 3 and 6 of a



PHP - PHP and MySQL

Connecting to MySQL server

$cnn = m y s q l i c o n n e c t ( ” h o s t ” , ” u s r ” , ” p a s s ” , ”bd” ) ;

i f ( m y s q l i c o n n e c t e r r n o ( ) )echo m y s q l i c o n n e c t e r r o r ( ) ;

mysqli connect(). Opens a new connection to the MySQL server.

mysqli connect errno(). Returns the error code from last connectcall, or 0 if no error occurred.

mysqli connect error(). Returns a string description of the lastconnect error.



PHP - PHP and MySQL

Closing connection

m y s q l i c l o s e ( $cnn ) ;

mysqli close(). Closes a previously opened database connection



PHP - PHP and MySQL

Performing a query on the database

m y s q l i q u e r y ( $cnn , ”USER SQL QUERY” )

mysqli query():

Performs a query on the database (using connection $cnn).

Returns FALSE on failure.

For successful SELECT, SHOW, DESCRIBE or EXPLAIN queriesmysqli query() will return a mysqli result object.

For other successful queries mysqli query() will return TRUE.



PHP - PHP and MySQL

INSERT example

$ s q l = ”INSERT INTO t a b l e ( f i e l d ) VALUES ( ’ v a l u e ’ ) ” ;

i f ( ! m y s q l i q u e r y ( $cnn , $ s q l ) ){echo ”ERROR: ” . m y s q l i e r r o r ( $cnn ) ;

}

mysqli error(): Returns a string description of the last error.



PHP - PHP and MySQL

SELECT example

i f ( $ r s = m y s q l i q u e r y ( $cnn , ”SELECT ∗ FROM t a b l e ” ) ){

echo ”Rows : ” , m ys q l i nu m ro ws ( $ r s ) , ”<br>” ;

whi le ( $row = m y s q l i f e t c h a r r a y ( $ r s ) ){echo $row [ ’ f i e l d ’ ] , ”<br>” ;

}

m y s q l i f r e e r e s u l t ( $ r s ) ;

} e l s e echo ”ERROR: ” . m y s q l i e r r o r ( $cnn ) ;



PHP - PHP and MySQL

mysqli num rows(): Gets the number of rows in a result.

mysqli fetch array(): Returns an array that corresponds to thefetched row or NULL if there are no more rows for the resultset.

mysqli free result(): Frees the memory associated with a result.

Other useful functions:

mysqli data seek(): Seeks to an arbitrary result pointer. Forexample, mysqli data seek($rs, 399) moves to row 400...


Technology

U3 php 2