Download to read offline
![PHP Form • To display the submitted data you could simply echo all the variables. • The "welcome.php" looks like this: <body> Welcome <?php echo $_POST["name"]; ?><br> Your email address is: <?php echo $_POST["email"]; ?> </body>](https://image.slidesharecdn.com/cn5109chapter5-210219041913/75/Web-Application-Development-using-PHP-Chapter-5-4-2048.jpg)
![PHP Form • The "welcome_get.php" looks like this: <body> Welcome <?php echo $_GET["name"]; ?><br> Your email address is: <?php echo $_GET["email"]; ?> </body>](https://image.slidesharecdn.com/cn5109chapter5-210219041913/75/Web-Application-Development-using-PHP-Chapter-5-6-2048.jpg)
![Example • Below code shows validation of URL: • Below code shows validation of Email address $website = input($_POST["site"]); if (!preg_match("/b(?:(?:https?|ftp)://|www.)[-a-z0- 9+&@#/%?=~_|!:,.;]*[-a-z0-9+&@#/%=~_|]/i",$website)) { $websiteErr = "Invalid URL"; } $email = input($_POST["email"]); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid format and please re-enter valid email"; }](https://image.slidesharecdn.com/cn5109chapter5-210219041913/75/Web-Application-Development-using-PHP-Chapter-5-11-2048.jpg)
![Example • The code below shows a simple way to check if the name field only contains letters and whitespace. • If the value of the name field is not valid, then store an error message: $name = test_input($_POST["name"]); if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Only letters and white space allowed"; } preg_match – this function is used to perform a pattern match on a string. It returns true if a match is found and false if a match is not found.](https://image.slidesharecdn.com/cn5109chapter5-210219041913/75/Web-Application-Development-using-PHP-Chapter-5-12-2048.jpg)
![Example • In the code below, if the e-mail address is not well-formed, then store an error message: $email = test_input($_POST["email"]); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; }](https://image.slidesharecdn.com/cn5109chapter5-210219041913/75/Web-Application-Development-using-PHP-Chapter-5-13-2048.jpg)
Web Application Development using PHP Chapter 5
- 1.
- 2. PHP Form • AForm is a document that containing black fields, that the user can fill the data or user can select the data. • Casually the data will store in the data base. • When the user fills out the form and clicks the submit button, the form data is sent for processing to a PHP file. • The form data is sent with the HTTP POST or GET method.
- 3. PHP Form • ExamplePHP Form using HTML POST method: <body> <form action="welcome.php" method="post"> Name: <input type="text" name="name"><br> E-mail: <input type="text" name="email"><br> <input type="submit"> </form> </body>
- 4. PHP Form • Todisplay the submitted data you could simply echo all the variables. • The "welcome.php" looks like this: <body> Welcome <?php echo $_POST["name"]; ?><br> Your email address is: <?php echo $_POST["email"]; ?> </body>
- 5. PHP Form • Thesame result could also be achieved using the HTTP GET method: <body> <form action="welcome_get.php" method="get"> Name: <input type="text" name="name"><br> E-mail: <input type="text" name="email"><br> <input type="submit"> </form> </body>
- 6. PHP Form • The"welcome_get.php" looks like this: <body> Welcome <?php echo $_GET["name"]; ?><br> Your email address is: <?php echo $_GET["email"]; ?> </body>
- 7. GET vs. POST •Both GET and POST create an array (e.g. array( key => value, key2 => value2, key3 => value3, ...)). • This array holds key/value pairs, where keys are the names of the form controls and values are the input data from the user. • $_GET is an array of variables passed to the current script via the URL parameters. • $_POST is an array of variables passed to the current script via the HTTP POST method.
- 8. GET vs. POST •Information sent from a form with the GET method is visible to everyone (all variable names and values are displayed in the URL). • GET also has limits on the amount of information to send. • The limitation is about 2000 characters. • GET may be used for sending non-sensitive data.
- 9. GET vs. POST •Information sent from a form with the POST method is invisible to others (all names/values are embedded within the body of the HTTP request) and has no limits on the amount of information to send. • POST supports advanced functionality such as support for multi-part binary input while uploading files to server.
- 10. Form Validation • Validationmeans check the input submitted by the user. • Proper validation of form data is important to protect your form from hackers and spammers! • There are two types of validation are available in PHP. • They are as follows: • Client-Side Validation − Validation is performed on the client machine web browsers. • Server Side Validation − After submitted by data, The data has sent to a server and perform validation checks in server machine.
- 11. Example • Below codeshows validation of URL: • Below code shows validation of Email address $website = input($_POST["site"]); if (!preg_match("/b(?:(?:https?|ftp)://|www.)[-a-z0- 9+&@#/%?=~_|!:,.;]*[-a-z0-9+&@#/%=~_|]/i",$website)) { $websiteErr = "Invalid URL"; } $email = input($_POST["email"]); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid format and please re-enter valid email"; }
- 12. Example • The codebelow shows a simple way to check if the name field only contains letters and whitespace. • If the value of the name field is not valid, then store an error message: $name = test_input($_POST["name"]); if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Only letters and white space allowed"; } preg_match – this function is used to perform a pattern match on a string. It returns true if a match is found and false if a match is not found.
- 13. Example • In thecode below, if the e-mail address is not well-formed, then store an error message: $email = test_input($_POST["email"]); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; }