COMP284 Scripting Languages – Handouts
COMP284 Scripting Languages
Lecture 12: PHP (Part 4)
Handouts
Ullrich Hustadt
Department of Computer Science
School of Electrical Engineering, Electronics, and Computer Science
University of Liverpool
Contents
1 Web applications
Overview
HTML forms
2 Available information and Input
Overview
PHP environment
Server variables
Form data
3 PHP sessions
Start a PHP session
Maintain session data
End a PHP session
Session management
Example
4 Authentication
Overview
Example
COMP284 Scripting Languages Lecture 12 Slide L12 – 1
Web applications Overview
Web applications using PHP
IBM: Build Ajax-based Web sites with PHP, 2 Sep 2008.
https://www.ibm.com/developerworks/library/wa-aj-php/ [accessed 6 Mar 2013]
COMP284 Scripting Languages Lecture 12 Slide L12 – 2
https://www.ibm.com/developerworks/library/wa-aj-php/
Web applications HTML forms
HTML forms
When considering Perl CGI programming we have used HTML forms that
generated a client request that was handled by a Perl CGI program:
Now we will use a PHP script instead:
• The PHP script file must be stored in a directory accessible by the web
server, for example $HOME/public_html, and be readable by the web
server
• The PHP script file name must have the extension .php, e.g. demo.php
COMP284 Scripting Languages Lecture 12 Slide L12 – 3
Available information and Input Overview
Information available to PHP scripts
• Information about the PHP environment
• Information about the web server and client request
• Information stored in files and datbases
• Form data
• Cookie/Session data
• Miscellaneous
• string date(format)
returns the current date/time presented according to format
for example, date(’H:i l, j F Y’)
results in 12:20 Thursday, 8 March 2012
(See http://www.php.net/manual/en/function.date.php)
• int time()
returns the current time measured in the number of seconds
since January 1 1970 00:00:00 GMT
COMP284 Scripting Languages Lecture 12 Slide L12 – 4
http://www.php.net/manual/en/function.date.php
Available information and Input PHP environment
PHP environment
• phpinfo() displays information about the PHP installation and
EGPCS data (Environment, GET, POST, Cookie, and Server data)
for the current client request
• phpinfo(part) displays selected information
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/phpinfo.php
INFO_GENERAL The configuration, php.ini location, build date,
web server
INFO_CONFIGURATION Local and master values for PHP directives
INFO_MODULES Loaded modules
INFO_VARIABLES All EGPCS data
COMP284 Scripting Languages Lecture 12 Slide L12 – 5
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/phpinfo.php
Available information and Input PHP environment
Manipulating the PHP configuration
The following functions can be used to access and change the
configuation of PHP from within a PHP script:
• array ini_get_all()
• returns all the registered configuration options
• string ini_get(option)
• returns the value of the configuration option on success
• string ini_set(option, value)
• sets the value of the given configuration option to a new value
• the configuration option will keep this new value during the script’s
execution and will be restored afterwards
• void ini_restore(option)
• restores a given configuration option to its original value
COMP284 Scripting Languages Lecture 12 Slide L12 – 6
Available information and Input Server variables
Server variables
The $_SERVER array stores information about the web server
and the client request
; Similar to %ENV for Perl CGI programs
’;
echo ’Remote address: ’,$_SERVER[’REMOTE_ADDR ’], ’
’;
echo ’Client browser: ’,$_SERVER[’HTTP_USER_AGENT ’],’
’;
echo ’Request method: ’,$_SERVER[’REQUEST_METHOD ’];
?>
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/server.php
Server software: Apache /2.2.22 (Fedora)
Remote address: 10.128.0.215
Client browser: Mozilla /5.0 … Chrome /41.0.2272.53 …
Request method:
See http://php.net/manual/en/reserved.variables.server.php
for a list of keys
COMP284 Scripting Languages Lecture 12 Slide L12 – 7
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/server.php
http://php.net/manual/en/reserved.variables.server.php
Available information and Input Form data
Form data
• Form data is passed to a PHP script via the three arrays:
$_POST Data from POST client requests
$_GET Data from GET client requests
$_REQUEST Combined data from POST and GET client requests
(derived from $_POST and $_GET)
; Accessing $_REQUEST is the equivalent in PHP to
using the param routine in Perl
$_REQUEST[’username’] Value entered into field with name ‘username’
$_REQUEST[’fullname’] Value entered into field with name ‘fullname’
COMP284 Scripting Languages Lecture 12 Slide L12 – 8
Available information and Input Form data
Forms in PHP: Example (1)
• Create a web-based system that asks the user to enter the URL of a file
containing bibliographic information
• Bibliographic informatiom will have the following form:
@entry{
name={Jonas Lehner},
name={ Andreas Schoknecht},
title={You only live twice },
}
@entry{
name={ Andreas Schoknecht},
name={Eva Eggeling},
title={No End in Sight?},
}
• The system should extract the names, count them, and create a table of
names and their frequency, ordered from most frequent to least frequent
COMP284 Scripting Languages Lecture 12 Slide L12 – 9
Available information and Input Form data
Forms in PHP: Example (1)
extract_names.php
The names occurring in
“,htmlspecialchars($_REQUEST[’url’]),
“
are
$extracted_names\n”;
} else {
echo <<
FORM;
}
?>
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/extract_names.php
COMP284 Scripting Languages Lecture 12 Slide L12 – 10
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/extract_names.php
Available information and Input Form data
Forms in PHP: Example (1)
extraction.php
$number) {
$table .= “
}
$table = “
Name | No of occur”.
“rences |
---|
return $table;
} }
?>
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/extraction.php
COMP284 Scripting Languages Lecture 12 Slide L12 – 11
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/extraction.php
Available information and Input Form data
Web Applications Revisited
Select
Item
Enter
Address
Enter
Payment
Confirm
Order
App
App
App
App
App
Request
Resp
onse
Request
Resp
onse
Request
Resp
onse
Request
Resp
onse
Request
• An interaction between a user
and a server-side web application
often requires a sequence of
requests and responses
• For each request, the application
starts from scratch
• it does not maintain a state
between consecutive requests
• it does not know whether the
requests come from the same user
or different users
;
data needs to be
transferred from one execution
of the application to the next
COMP284 Scripting Languages Lecture 12 Slide L12 – 12
Available information and Input Form data
Transfer of Data: Example
• Assume for a sequence of requests we do not care whether they come
from the same user or different users
• Then hidden inputs can be used for the transfer of data from one
request / page to the next
form1.php
form2.php
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/login.php
COMP284 Scripting Languages Lecture 12 Slide L12 – 29
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/login.php
Authentication Example
PHP Sessions and Authentication: Example
First part of login.php:
COMP284 Scripting Languages Lecture 12 Slide L12 – 30
Authentication Example
PHP Sessions and Authentication: Example
content.php:
Protected Content
Welcome
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/content.php
COMP284 Scripting Languages Lecture 12 Slide L12 – 31
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/content.php
Authentication Example
PHP Sessions and Authentication: Example
logout.php:
Logout
Goodbye
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/logout.php
COMP284 Scripting Languages Lecture 12 Slide L12 – 32
http://cgi.csc.liv.ac.uk/~ullrich/COMP284/examples/logout.php
Authentication Example
Revision
Read
• Chapter 10: Accessing MySQL Using PHP
• Chapter 11: Form Handling
• Chapter 13: Cookies, Sessions, and Authentication
of
R. Nixon:
Learning PHP, MySQL, and JavaScript.
O’Reilly, 2009.
COMP284 Scripting Languages Lecture 12 Slide L12 – 33
Lecture 12
Web applications
Overview
HTML forms
Available information and Input
Overview
PHP environment
Server variables
Form data
PHP sessions
Start a PHP session
Maintain session data
End a PHP session
Session management
Example
Authentication
Overview
Example