home—lects—exams—hws
breeze (snow day)
ch03
PHP and forms
chapter 3
From PHP Visual Quickstart Guide by Larry Ullman
Based on notes by Jack Davis (jcdavis@radford.edu)
- Input Fields
- check boxes
<input type="checkbox" name="cb1" value="milk" id="cbOne" checked="checked" />
|
- text fields,
<input type="text" name="txt1" size="10" maxlength="8" id="txtone" />
|
- radio buttons
<input type="radio" name="age" value="over50" />
<input type="radio" name="age" value="30to50" />
<input type="radio" name="age" value="under30" />
|
The variable "age" will be set to one of the three values.
(A second set of unrelated radio buttons would share a different name attribute.)
- textareas:
<textarea name="comments" rows="3" cols="30">
Initial Contents
</textarea>
|
Note that this isn't an input tag — text areas get their own tag type.
- Select Boxes (drop-down)
<select name="title">
<option value = "mr">Mr.</option>
<option value = "ms">Ms.</option>
<option value = "mrs">Mrs.</option>
<option value = "miss">Miss</option>
</select>
|
- Submit button:
<input type="submit" value="Submit Data to Server" />
|
- Reset button:
<input type="reset" value="Clear Form" />
|
- GET & POST methods
Q: But how is information communicated from a web form (pure html) to a php program?
A: When you click 'submit', the HTML makes a page-request to the page specified by the form's "action" attribute.
(Presumably it's a php page.)
The page-request incudes extra information about what html input fields had been selected, etc..
The server gets that request and invokes the php file as normal, but it also
pre-initializes an array of values for the program — and it fills that array with
the extra information contained in the page-request.
- GET - form data is sent to the server appended to the server script URL
In the server script, data is retrieved via the super global associative array $_GET.
- POST - form data is embedded in the http request header
Server script - $_POST
When to use which?:
-
GET requests can be bookmarked;
-
GET requests can't be too long (not > 1000s of characters?; think text-submit boxes)
-
POST requests are more secure against casual looking over the shoulder
(but still vulnerable to packet sniffing etc.)
-
When refreshing a page created via POST,
browsers tend to respond: “Refreshing will cause the page to re-submit; do you really want to do this?”
-
Possible guideline (?): If the page is changing a database's contents, use POST.
-
Many people suggest using POST as default.
-
Explore: How does a newspaper handle it? nytimes.
Discuss:
When might you choose to use post/get vs. could
just have a separate URL for each result,
e.g. different xkcd strips.
- Form Example
- PHP Error Types
- Notice
- Non-fatal error that may or may not be indicative of a problem.
E.g., Referring to a variable that has no value.
- Warning
- Nonfatal error that is most likely problematic.
E.g., Misusing a function.
- Parse error
- Fatal error caused by a syntactic mistake.
E.g., Omission of a semicolon or an imbalance of quotation marks,
braces, or parentheses.
- Error
- A general fatal error.
E.g., out of memory.
- Error Reporting Constants
- E_NOTICE
- E_WARNING
- E_PARSE
- E_ERROR
- E_ALL
- E_STRICT (the only one not supported by E_ALL;
warns of things which might not be future compatible, etc.
As we saw,
we can combine values (to use as an argument to error_report( $level ))
by bitwise-ORing (“|”) various constants.
legal error flags;
It is recommended to use error_report(E_ALL|E_STRICT).
See also various error functions.
home—lects—exams—hws
breeze (snow day)
rad�ford.edu