Web Programming

Web ProgrammingHenry Osborne

Internet Authoring 2

Forms and URLs• Scripts will interact with their clients using one of two

HTTP methods: GET and POST.

• GET: only allows you to send data as part of the query string• POST: allows the client to send along a data payload


<form action="index.php" method="GET">

List: <input type="text" name="list" /><br />Order by:<select name="orderby">

<option value="name">Name</option><option value="city">City</option><option value="zip">ZIP Code</option>

</select><br />Sort order:<select name="direction">

<option value="asc">Ascending</option><option value="desc">Descending</option>

</select></form>


<form action="index.php" method="POST">

<input type="hidden" name="login" value="1" /><input type="text" name="user" /><input type="password" name="pass" />

</form>


GET and URLs• http://

example.org/index.php?list=user&orderby=name&direction=asc

• In order to access the data, we must now use the $_GET superglobal array. Each argument is accessible through an array key of the same name:• echo $_GET[’list’];

http://example.org/index.php?list=user&orderby=name&direction=asc




GET and URLsYou can create arrays by using array notation...

http://example.org/index.php?list=user&order[by]=column&order[dir]=asc

..and then access them using the following syntax:echo $_GET[’order’][’by’];echo $_GET[’order’][’dir’];

http://example.org/index.php?list=user&order%5Bby%5D=column&order%5Bdir%5D=asc




Using POSTJust like $_GET, $_POST contains one array element named after each input name.

if ($_POST[’login’]) {if ($_POST[’user’] == "admin" &&$_POST[’pass’] == "secretpassword") {// Handle login}

}


Managing File Uploads

<form enctype="multipart/form-data" action="index.php" method="post">

<input type="hidden" name="MAX_FILE_SIZE" value="50000" />

<input name="filedata" type="file" /><input type="submit" value="Send file" />

</form>


Managing File Uploadsname The original name of the file

type The MIME type of the file provided by the browser

size The size (in bytes) of the file

tmp_name The name of the file’s temporary location

error The error code associated with this file. A value of UPLOAD_ERR_OK indicates a successful transfer, while any other error indicates that something went wrong (for example, the file was bigger than the maximum allowed size).


GET or POST?• PHP makes it very easy to handle data sent using

either POST or GET. However, this doesn’t mean that you should choose one or the other at random.

• From a design perspective, a POST transaction indicates that you intend to modify data (i.e.: you are sending information over to the server). A GET transaction, on the other hand, indicates that you intend to retrieve data instead.


HTTP Headers• Contain various tidbits of information about the data

that is to follow, as well as other details of the transaction.

• The most common use of headers is to redirect the user to another page. To do this the Location header is used:• header("Location: http://cis.ncu.edu.jm");• exit();

http://cis.ncu.edu.jm/

http://cis.ncu.edu.jm/


Cookies• Cookies allow your applications to store a small

amount of textual data (typically,4-6kB) on a Web client.

• Cookies are typically set by the server using a response header, and subsequently made available by the client as a request header.

• To set a cookie on the client, you can use the setcookie() function:• setcookie("hide_menu", "1");


Cookies• To set an expiration date:

• setcookie("hide_menu", "1", time() + 86400);

• There are three more arguments you can pass to setcookie(). They are, in order:• path - allows you to specify a path (relative to your website’s root)

where the cookie will be accessible; the browser will only send a cookie to pages within this path.

• domain - allows you to limit access to the cookie to pages within a specific domain or hostname; note that you cannot set this value to a domain other than the one of the page setting the cookie.

• secure - this requests that the browser only send this cookie as part of its request headers when communicating under HTTPS.


Accessing Cookie DataCookie data is usually sent to the server using a single request header. The PHP interpreter takes care of automatically separating the individual cookies from the header and places them in the $_COOKIE superglobal array:

if ($_COOKIE[’hide_menu’] == 1) {

// hide menu

}


There is no way to “delete” a cookie primarily because you really have no control over how cookies are stored and managed on the client side. You can, however, call setcookie() with an empty string and a negative timestamp, which will effectively empty the cookie and in most cases the browser will remove it:

setcookie("hide_menu", false, -3600);


Sessions• HTTP is a stateless protocol; this means that the web

server does not know (or care) whether two requests comes from the same user; each request is instead handled without regard to the context in which it happens.

• Sessions are used to create a measure of state in between requests—even when they occur at large time intervals from each other.


Starting a Session• You can either set PHP to start a new session

automatically whenever a request is received by changing the session.auto_start configuration setting in your php.ini file, or• explicitly call session_start() at the beginning of

each script


Accessing Session DataOnce the session has been started, you can access its data in the $_SESSION superglobal array:

// Set a session variable

$_SESSION[’hide_menu’] = true;

// From here on, we can access hide_menu in $_SESSION

if ($_SESSION[’hide_menu’]) {

// Hide menu

}

Web ProgrammingHenry Osborne

Education

Web Programming