set06aphp
advertisement
Server-side Programming in PHP
History of PHP
• PHP originally stood for “Personal Home Page”
• It started out, in 1994, as a simple preprocessor of HTML
files
– built by Rasmus Lerdorf (born in Greenland, grew up in Denmark
and Canada, graduated from U of Waterloo in 1993, now
prominent member of Open Source movement)
– original purpose was to log people who viewed his on-line resume
• Since then, has been developed by a growing community
of open source developers
• Name now supposed to stand for “Hypertext PreProcessor”
PHP history (contd.)
• Initially, PHP comprised a simple parser plus a
library of C functions
• The parser would scan a HTML file looking for
instances of a new non-standard tag and replace
the contents of these tag instances with the result
of executing some functions in the C library
• As a result, much PHP syntax looks like C
• Other parts of it, however, have a Perl flavour –
but, of course, Perl also borrows C syntax
Enabling PHP in HTTP servers
• PHP is available on many servers today, in
Windows and all types of Unix
environments
• It is supported by Apache, AOLServer,
Roxen and others
• Servers can be configured to enable PHP in
different ways
• We will assume that the httpd recognizes a
file who name has the suffix .php as a PHP
file
A first PHP file
<html>
<head>
<title>PHP Test</title>
</head>
<body>
<?php echo “<p>Hello World</p>"; ?>
</body>
</html>
How PHP files are processed
• The httpd demon simply copies regular HTML content in
the .php file to the message body that will be sent to a
client which requests the .php file
• The new non-standard tag is of the form
<?php … ?>
• The text inside the tag is PHP code
<?php echo “<p>Hello World</p>"; ?>
• The httpd demon executes this PHP code and copies the
output text, generated by this PHP code, to the message
body that will be sent to the client
• Thus, from the above, the client would see only
<p>Hello World</p>
Suppose we request this file
interzone.ucc.ie> telnet student.cs.ucc.ie 80
Trying 143.239.211.125...
Connected to student.cs.ucc.ie.
Escape character is '^]'.
GET /cs4400/jabowen/php/file1.php HTTP/1.1
Host: student.cs.ucc.ie
Here is the response
HTTP/1.1 200 OK
Date: Wed, 06 Feb 2002 12:34:15 GMT
Server: Apache/1.3.20 (Unix) PHP/4.0.6
X-Powered-By: PHP/4.0.6
Transfer-Encoding: chunked
Content-Type: text/html
58
<html>
<head>
<title>PHP test</title>
</head>
<body>
<p>Hello world!</p></body>
</html>
0
Connection closed by foreign host.
interzone.ucc.ie>
• cs 3314 got here on 27 oct 2005
Note following in response:
• Chunked transfer-encoding is used
– because the httpd demon does not know, before
executing the PHP content, how long the
message body will be
• PHP code has been replaced, in the message
body, by its output
PHP files are not special
• PHP files do not have to be executable
• They can be regarded as simply HTML files
with some new tags
PHP tags
• In the example just seen, the PHP tag was
<?php … ?>
• This is the best PHP tag to use – it is the one
which works best if we are also using XML,
because it avoids conflicts with XML Processing
Instructions
• However, you may occassionally see the following
tags being used in other people’s PHP code:
<? … ?>
<% … %>
<script language=“php”> … </script>
Variables in PHP
• Variables in PHP are denoted by a dollar
sign followed by the name of the variable.
• A variable name is case-sensitive.
• A valid variable name starts with a letter or
underscore, followed by any number of
letters, numbers, or underscores.
Example Usage of Variables
<html>
<head>
<title>Greetings</title>
</head>
<body>
<h1>Greetings</h1>
<p>
<?php $person = "Tom";
$Person = "Dick";
echo "Hello $person and $Person";
?>
</p>
</body>
</html>
Automatic variables in PHP
• One of the main benefits of PHP is that it
provides lots of variables automatically
• Consider, for example, the .php file on the
next slide
• It produces the output on the following two
slides when viewed by MSIE 6.0 and
Netscape 2.0
Example usage of automatic PHP variable
<html>
<head>
<title>Your browser</title>
</head>
<body>
<h1>Your Browser</h1>
<p>
You are using
<?php echo $HTTP_USER_AGENT; ?>
to view this page.
</p>
</body>
</html>
A warning about pre-defined variables
• The way in which PHP supports pre-defined
variables has changed recently.
• This will be discussed in a future lecture
Data Types in PHP
• PHP supports eight primitive data types
• There are four scalar types
–
–
–
–
boolean
integer
floating-point number
string
• There are two structured types
– array
– object
• There are two special data types
– resource
– NULL
• The programmer does not specify the type of a variable
– a variable’s type is determined from the context of its usage
Booleans
• The boolean data type admits two values
– true (case-insensitive)
– false (case-insensitive)
• Example usage
$itIsRainingToday = true;
$thePrinterIsBusy = True;
$theQueueIsEmpty = FALSE;
Integers
• Integers can be specified in decimal, hexadecimal
or octal notation, optionally preceded by a sign
– In octal notation, the number must have a leading 0
– In hexadecimal notation, the number must have a
leading 0x.
• Examples
$a = 1234;
$a = -123;
$a = 0123;
$a = 0x1B;
# decimal number
# a negative number
# octal number (equivalent to 83 decimal)
# hexadecimal number (equivalent to 27 decimal)
• The maximum size of an integer is platformdependent, but usually it’s 32 bits signed – about
2,000,000,000
• PHP does not support unsigned integers.
Floating Point Numbers
• These can be specified using any of these forms:
$a = 1.234;
$a = 1.2e3;
$a = 7E-10;
• The maximum size of a float is platformdependent, although most support a maximum of
about 1.8e308 with a precision of roughly 14
decimal digits
Strings
• A string literal can be specified in three different
ways:
–
–
–
single quoted
double quoted
heredoc syntax
• cs 3314 got here on 3 nov 2005
Single-quoted Strings
• In single-quoted strings, single-quotes and
backslashes must be escaped with a
preceding backslash
• Example usage
echo 'this is a simple string';
echo 'You can embed newlines in strings,
just like this.';
echo ‘Douglas MacArthur said "I\'ll be back” when leaving the Phillipines';
echo 'Are you sure you want to delete C:\\*.*?';
Double-quoted Strings
• In double-quoted strings,
– variables are interpreted to their values, and
– various characters can be escaped
•
•
•
•
•
•
•
•
\n linefeed
\r
carriage return
\t horizontal tab
\\ backslash
\$ dollar sign
\” double quote
\[0-7]{1,3} a character in octal notation
\x[0-9A-Fa-f]{1,2} a character in hexadecimal notation
Heredoc Strings
• Heredoc strings are like double-quoted strings without the
double quotes
• A heredoc string is delimited as follows
– The string is preceded by <<< followed by a label
– The string followed by a 2nd occurrence of the same label
• Example usage
$str = <<<EOD
Example of string
spanning multiple lines
using heredoc syntax.
EOD;
String-manipulation functions
• PHP provides huge range of stringmanipulation functions:
–
–
–
–
–
–
–
–
–
–
–
–
–
addcslashes -- Quote string with slashes in a C style
addslashes -- Quote string with slashes
bin2hex -- Convert binary data into hexadecimal representation
chop -- Alias of rtrim()
chr -- Return a specific character
chunk_split -- Split a string into smaller chunks
convert_cyr_string -- Convert from one Cyrillic character set to another
count_chars -- Return information about characters used in a string
crc32 -- Calculates the crc32 polynomial of a string
crypt -- One-way string encryption (hashing)
echo -- Output one or more strings
explode -- Split a string by string
get_html_translation_table -- Returns the translation table used by
htmlspecialchars() and htmlentities()
– get_meta_tags -- Extracts all meta tag content attributes from a file and returns an
array
– hebrev -- Convert logical Hebrew text to visual text
– hebrevc -- Convert logical Hebrew text to visual text with newline conversion
– htmlentities -- Convert all applicable characters to HTML entities
– htmlspecialchars -- Convert special characters to HTML entities
– implode -- Join array elements with a string
– join -- Join array elements with a string
– levenshtein -- Calculate Levenshtein distance between two strings
– localeconv -- Get numeric formatting information
– ltrim -- Strip whitespace from the beginning of a string
– md5 -- Calculate the md5 hash of a string
– md5_file -- Calculates the md5 hash of a given filename
– metaphone -- Calculate the metaphone key of a string
– nl2br -- Inserts HTML line breaks before all newlines in a string
– ord -- Return ASCII value of character
– parse_str -- Parses the string into variables
– print -- Output a string
– printf -- Output a formatted string
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
quoted_printable_decode -- Convert a quoted-printable string to an 8 bit string
quotemeta -- Quote meta characters
str_rot13 -- Perform the rot13 transform on a string
rtrim -- Strip whitespace from the end of a string
sscanf -- Parses input from a string according to a format
setlocale -- Set locale information
similar_text -- Calculate the similarity between two strings
soundex -- Calculate the soundex key of a string
sprintf -- Return a formatted string
strncasecmp -- Binary safe case-insensitive string comparison of the first n
characters
strcasecmp -- Binary safe case-insensitive string comparison
strchr -- Find the first occurrence of a character
strcmp -- Binary safe string comparison
strcoll -- Locale based string comparison
strcspn -- Find length of initial segment not matching mask
strip_tags -- Strip HTML and PHP tags from a string
stripcslashes -- Un-quote string quoted with addcslashes()
stripslashes -- Un-quote string quoted with addslashes()
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
stristr -- Case-insensitive strstr()
strlen -- Get string length
strnatcmp -- String comparisons using a "natural order" algorithm
strnatcasecmp -- Case insensitive string comparisons using a "natural order"
algorithm
strncmp -- Binary safe string comparison of the first n characters
str_pad -- Pad a string to a certain length with another string
strpos -- Find position of first occurrence of a string
strrchr -- Find the last occurrence of a character in a string
str_repeat -- Repeat a string
strrev -- Reverse a string
strrpos -- Find position of last occurrence of a char in a string
strspn -- Find length of initial segment matching mask
strstr -- Find first occurrence of a string
strtok -- Tokenize string
strtolower -- Make a string lowercase
strtoupper -- Make a string uppercase
str_replace -- Replace all occurrences of the search string with the replacement
string
–
–
–
–
–
–
–
–
–
–
strtr -- Translate certain characters
substr -- Return part of a string
substr_count -- Count the number of substring occurrences
substr_replace -- Replace text within a portion of a string
trim -- Strip whitespace from the beginning and end of a string
ucfirst -- Make a string's first character uppercase
ucwords -- Uppercase the first character of each word in a string
vprintf -- Output a formatted string
vsprintf -- Return a formatted string
wordwrap -- Wraps a string to a given number of characters using a string
break character.
– nl_langinfo -- Query language and locale information
Arrays
• An array in PHP is a structure which maps
keys to values
• The keys can specified explicitly or they
can be omitted
• If keys are omited, integers starting with 0
are keys
• The value mapped to a key can, itself, be an
array, so we can have nested arrays
Specifying an array
• A special function is used to specify arrays
array( )
• Format of Usage
array( [key =>] value, … )
• A key is either a string or a non-negative
integer
• A value can be anything
Specifying an array (contd.)
• Format of array specification
array( [key =>] value, ... )
• Here is a hash array:
$mothers =
array (“tom"=>“mary", “mick"=>“ann", “bill"=>“orla");
• Implicit indices are integers, starting at 0
– Here is an ordinary array (indexed by integers,
starting at 0):
$places = array (“Cork”, “Dublin”, “Galway”);
Specifying an array (contd.)
• If an explicit integer index is followed by
implicit indices, they follow on from the
highest previous index
– Here is an array indexed by integers 1, 2, 3
$places = array (1 => “Cork”, “Dublin”, “Galway”);
– Here is an array indexed by integers 1, 5, 6
$places = array (5=> “Cork”, 1 => “Dublin”, “Galway”);
Specifying an array (contd.)
• A two-dimensional hash array
$parents =
array ( “tom” => array (“father” => “bill”, “mother”=> “mary”),
“dave” => array(“father” => “tom”, “mother” => orla”)
);
• A two-dimensional ordinary array
$heights =
array ( array (10,20),
array(100,200)
);
Array Example 1
<html>
<head><title>Array Demo</title></head>
<body>
<h1>Array Demo</h1>
<p>
<?php
$capital = array ('France'=>'Paris','Ireland'=>'Dublin');
echo 'The capital of Ireland is ';
echo $capital['Ireland'];
?>
</p>
</body>
</html>
Array Example 2
<html>
<head><title>Array Demo</title></head>
<body>
<h1>Array Demo</h1>
<p>
<?php
$capital = array ('France'=>'Paris', ‘Ireland'=>'Dublin');
echo "The various capitals are\n<ul>";
foreach ($capital as $city) { echo "<li>$city</li>"; };
echo "</ul>"
?>
</p>
</body>
</html>
Array Example 3
<html>
<head><title>Array Demo</title></head>
<body>
<h1>Array Demo</h1>
<p>
<?php
$capital = array ('France'=>'Paris', 'Ireland'=>'Dublin');
echo "The various capitals are\n<ul>";
foreach ($capital as $country => $city)
{ echo "<li>The capital of $country is $city</li>"; };
echo "</ul>"
?>
</p>
</body>
</html>
Array Example 4
<html>
<head>
<title>Details about Fred</title>
</head>
<body>
<h1>Details about Fred</h1>
<?php
$ages = array ("Fred" => 2, "Tom"=> 45);
$parents = array ("Fred" => array("father" => "Tom", "mother"=>"Mary"));
print "<p> Fred's age is ";
print $ages["Fred"];
print ".</p>";
print "<p>His father is ";
print $parents["Fred"]["father"];
print ".</p>";
?>
</body>
</html>
Array-manupulation functions
• PHP provides a huge set of array-manipulation
functions
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
array -- Create an array
array_change_key_case -- Returns an array with all string keys lowercased or
uppercased
array_chunk -- Split an array into chunks
array_count_values -- Counts all the values of an array
array_diff -- Computes the difference of arrays
array_filter -- Filters elements of an array using a callback function
array_flip -- Flip all the values of an array
array_fill -- Fill an array with values
array_intersect -- Computes the intersection of arrays
array_key_exists -- Checks if the given key or index exists in the array
array_keys -- Return all the keys of an array
array_map -- Applies the callback to the elements of the given arrays
array_merge -- Merge two or more arrays
array_merge_recursive -- Merge two or more arrays recursively
array_multisort -- Sort multiple or multi-dimensional arrays
array_pad -- Pad array to the specified length with a value
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
array_pop -- Pop the element off the end of array
array_push -- Push one or more elements onto the end of array
array_rand -- Pick one or more random entries out of an array
array_reverse -- Return an array with elements in reverse order
array_reduce -- Iteratively reduce the array to a single value using a callback function
array_shift -- Shift an element off the beginning of array
array_slice -- Extract a slice of the array
array_splice -- Remove a portion of the array and replace it with something else
array_sum -- Calculate the sum of values in an array.
array_unique -- Removes duplicate values from an array
array_unshift -- Prepend one or more elements to the beginning of array
array_values -- Return all the values of an array
array_walk -- Apply a user function to every member of an array
arsort -- Sort an array in reverse order and maintain index association
asort -- Sort an array and maintain index association
compact -- Create array containing variables and their values
count -- Count elements in a variable
current -- Return the current element in an array
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
each -- Return the current key and value pair from an array and advance the
array cursor
end -- Set the internal pointer of an array to its last element
extract -- Import variables into the current symbol table from an array
in_array -- Return TRUE if a value exists in an array
array_search -- Searches the array for a given value and returns the
corresponding key if successful
key -- Fetch a key from an associative array
krsort -- Sort an array by key in reverse order
ksort -- Sort an array by key
list -- Assign variables as if they were an array
natsort -- Sort an array using a "natural order" algorithm
natcasesort -- Sort an array using a case insensitive "natural order" algorithm
next -- Advance the internal array pointer of an array
pos -- Get the current element from an array
prev -- Rewind the internal array pointer
range -- Create an array containing a range of elements
reset -- Set the internal pointer of an array to its first element
•
•
•
•
•
•
•
rsort -- Sort an array in reverse order
shuffle -- Shuffle an array
sizeof -- Get the number of elements in variable
sort -- Sort an array
uasort -- Sort an array with a user-defined comparison function and maintain
index association
uksort -- Sort an array by keys using a user-defined comparison function
usort -- Sort an array by values using a user-defined comparison function
Objects
• PHP supports object-oriented
programming
• The subject is too big to cover here
• But here’s an example
<?php
class thingAMeBob
{
function say_hello()
{ echo “Hello, World!"; }
}
$thing1 = new thingAMeBob;
$thing1->say_hello();
?>
Resources
• This data type is used for maintaining links
to external resources, such as data bases etc.
• A full treatment is beyond our scope here
The NULL data type
• This data type contains only one value
NULL
• It is case-insensitive
• This is a value which is returned when some
expression has no value
• Example
$capital = array ('France'=>'Paris', 'Ireland'=>'Dublin');
$capitalOfEngland = $capital[‘England’];
• In this case, $capitalOfEngland would get
the value NULL
Cs 3314 got here on 7/11/2005
Changing Data Type
• PHP will, in some circumstances, change
the type of a datum
– For example, it will treat a string of digits as a
number if it finds in an arithmetic expression
• PHP also supports type casting
<?php $myInteger = 12;
$myFloat = 1.3;
$result = $myFloat + (float) $myInteger;
echo $result ?>
Automatic Variables (again)
• PHP’s automatic variables come from the
following sources:
–
–
–
–
–
the Environment
query expressions in GET requests
message bodies in POST requests
cookies
the Server
CGI environment variables
• CGI environment variables are automatically
available
• Example:
<html>
<head>
<title>What I know about you</title>
</head>
<body>
<h1>I know some things about you</h1>
<?php
echo "<p>You are using $HTTP_USER_AGENT to view this page.</p>";
echo "<p>You used the $REQUEST_METHOD request method.</p>";
echo "<p>You used this request URI: $REQUEST_URI.</p>";
echo "<p>You accessed this host URI: $HTTP_HOST.</p>";
echo "<p>You used this protocol: $SERVER_PROTOCOL.</p>";
?>
</body>
</html>
Form variables (via either GET or POST)
• These are automatically available
• Example Form:
<html>
<head><title>Application Form</title></head>
<body>
<form method="POST"
action="http://student.cs.ucc.ie/cs4400/jabowen/php/file9.php">
<p>Your surname: <input type="text" name="surname“></p>
<p>Your address: <input type="text" name="address“></p>
<button type="submit">Please send me the brochure.</button>
</form>
</body></html>
• Example Response Generator:
<html>
<head><title>Thank you</title></head>
<body>
<h1>Thank you</h1>
<p>Thank you,<?php echo $surname ?>.
We will send our brochure to <?php echo $address ?>.</p>
</body>
</html>
Control Structures – if statements
• if ($a > $b)
echo "a is bigger than b";
• if ($a > $b)
{print "a is bigger than b";
$b = $a;}
• if ($a > $b)
{print "a is bigger than b";}
else {print "a is NOT bigger than b";}
• if ($a > $b)
{print
elseif ($a ==
{print
else {print
"a is bigger than b";}
$b)
"a is equal to b";}
"a is smaller than b“;}
Example usage
• Example
<html>
<head><title>Your browser</title></head>
<body>
<h1>Your Browser</h1>
<p>
<?php
if( strstr($HTTP_USER_AGENT,"MSIE") )
{ echo "You are using Internet Explorer"; }
?>
to view this page.
</p>
</body>
</html>
• strstr is a boolean function which checks if
its 2nd argument is a substring of its 1st
• CS 3314 got here on 10 nov 2005
Control constructs -- while
• These are just like their counterparts in C
•
•
$i = 1;
while ( $i <= 10 )
{ echo $i++; }
$i = 0;
do { print $i;} while ($i>0);
Control constructs -- for
• These are just like their counterparts in C
• for
($i = 1; $i <= 10; $i++)
{ print $i;}
Control constructs -- foreach
• These are similar their counterparts in Perl
• foreach(array_expression
•
as $value)
statement
foreach(array_expression as $key => $value)
statement
Jumping in and out of PHP mode
• We can can jump in and out of PHP mode even in
the middle of a PHP block:
<?php
if(strstr($HTTP_USER_AGENT,"MSIE"))
{ ?> <p>You are using Internet Explorer</p> <?php }
else { ?> <p>You are not using Internet Explorer</p> <?php }
?>
• Instead of using an echo statement to print
something, we jumped out of PHP mode.
• Note that the logical flow of the PHP remains
intact
– Only one of the HTML blocks will be sent to the user.
A FORM and its handler in one file
<html>
<head>
<title>Application Handler</title>
</head>
<body>
<?php
if (!$surname)
{ ?> <form method="POST"
action="http://student.cs.ucc.ie/cs4400/jabowen/php/file012.php">
<p>Your surname: <input type="text" name="surname"></p>
<p>Your address: <input type="text" name="address"></p>
<button type="submit">Please send me the brochure.</button>
</form>
<?php }
else { echo "<p>Thank you, $surname.</p>";
echo "<p> We will write to you at $address.</p>";} ?>
</body>
</html>
• cs 3314 got here on 13 nov 2005
One request for this resource:
no Query or Message Body
interzone.ucc.ie> telnet student.cs.ucc.ie 80
Trying 143.239.211.125...
Connected to student.cs.ucc.ie.
Escape character is '^]'.
GET http://student.cs.ucc.ie/cs4400/jabowen/php/file012.php HTTP/1.1
Host: student.cs.ucc.ie
Response to request with no query or message body
HTTP/1.1 200 OK
Date: Fri, 08 Feb 2002 11:21:40 GMT
Server: Apache/1.3.20 (Unix) PHP/4.0.6
X-Powered-By: PHP/4.0.6
Transfer-Encoding: chunked
Content-Type: text/html
160
<html>
<head><title>Application Handler</title></head>
<body>
<form method="POST"
action="http://student.cs.ucc.ie/cs4400/jabowen/php/file012.php">
<p>Your surname: <input type="text" name="surname"></p>
<p>Your address: <input type="text" name="address"></p>
<button type="submit">Please send me the brochure.</button>
</form>
</body>
</html>
0
Connection closed by foreign host.
interzone.ucc.ie>
Another request – containing a query
interzone.ucc.ie> telnet student.cs.ucc.ie 80
Trying 143.239.211.125...
Connected to student.cs.ucc.ie.
Escape character is '^]'.
GET http://student.cs.ucc.ie/cs4400/jabowen/php/file012.php?surname=doyle HTTP/1.1
Host: student.cs.ucc.ie
Response to request containing a query
HTTP/1.1 200 OK
Date: Fri, 08 Feb 2002 11:31:01 GMT
Server: Apache/1.3.20 (Unix) PHP/4.0.6
X-Powered-By: PHP/4.0.6
Transfer-Encoding: chunked
Content-Type: text/html
88
<html>
<head><title>Application Handler</title></head>
<body>
<p>Thank you, doyle.</p><p> We will write to you at .</p></body>
</html>
0
Connection closed by foreign host.
interzone.ucc.ie>
Finding out about your PHP environment
• One of the many pre-defined PHP
functions is phpinfo()
<html>
<body>
<h1>Your PHP Environment</h1>
<?php phpinfo(); ?>
</body>
</html>
• In what follows, notice that mySQL
support is enabled
A mysql database
mysql>
mysql> use cs4400db
mysql> select * from student;
+------------+------+------------+
| name
| sex | birth
|
+------------+------+------------+
| john brown | m
| 1980-01-05 |
| bill brown | m
| 1980-11-23 |
+------------+------+------------+
mysql>
A PHP program which displays this database
<html>
<head><title>The Student Database</title></head>
<body>
<h1>The Student Database</h1>
<?php
$db = mysql_connect("localhost", "root", “myRealPassword");
mysql_select_db("cs4400db",$db);
$result = mysql_query("SELECT * FROM student",$db); ?>
<table rules=all>
<thead><tr><th>Name</th><th>Sex</th><th>Position</th></tr></thead>
<tbody>
<?php
while ($myrow = mysql_fetch_row($result))
{ printf("<tr><td>%s</td><td>%s</td><td>%s</td></tr>\n",
$myrow[0], $myrow[1], $myrow[2]);
} ?>
</tbody>
</table>
</body>
</html>
• cs 3314 got here on 17 nov 2005
Cs3314 GOT TO HERE ON 9/12/2004
File upload form
<html>
<head>
<title>Upload a File</title>
</head>
<body>
<h1>Upload a File</h1>
<form enctype="multipart/form-data" method="post" action="uploadFile.php">
<p>File to Upload:
<input type="file" name=“file1" size="30"></p>
<p><button type="submit“> "Upload File“</button></p>
</form>
</body>
</html>
• cs 3314 got here on 21 nov 2005
File upload script
<?php
if ( $file1_name != "“ )
{ copy("$file1", "/full/path/to/your/target/directory/$file1_name")
or die("Could not copy the file! Are directory permissions correct?");
else { die(“You did not specify an input file"); } ?>
<html>
<head>
<title>File Received</title>
<body>
<h1>File Received</h1>
<p>The following file has been received:
<?php echo “$file1_name"; ?>, containing <?php echo “$file1_size"; ?> bytes
and of MIME type <?php echo “$file1_type"; ?>
.</p>
</body>
</html>
}
• Normally, when a browser sends HTML
form data in the message body of a POST
request, the value in the CONTENT-TYPE
header is:
application/x-www-form-urlencoded
• The new attribute, enctype, in the FORM
tag tells the browser that it should send the
following value in the CONTENT-TYPE
header:
multipart/form-data
Controlling Headers/Status lines with PHP
Sending Headers in PHP
• You have seen that, if you use the CGI protocol,
you can have complete control over the status line
and headers that are sent in a HTTP response – to
do so, you must use nph files
• PHP does not seem to provide the same level of
control
– For example, it seems to prevent one sending status
lines involving status codes that you have invented
yourself – even though HTTP allows this
• Nevertheless, PHP does enable you to have some
control over status lines and response headers
Sending Headers in PHP (contd.)
• PHP provides a built-in function, header(), which can be
used to set HTTP header lines in a response message
– The function name is mis-leading – it can also, within limits, be
used to control the HTTP status line
• Format:
header ( some-string [, some-boolean]);
• Example calls:
header('WWW-Authenticate: Negotiate');
header('WWW-Authenticate: NTLM‘,false);
• By default, a second header of the same type will replace
an earlier one of the same type
– If false is sent as the optional boolean parameter, the header will
not replace an earlier one of the same type
Sending Headers in PHP (contd.)
• PHP treats two type of call to header() in a special
way
• If you use header() to send a Location: header,
PHP will auatomatgically change the code in the
status line of the response to be 302 (REDIRECT)
• The second special case is any header that starts
with the string, "HTTP/" (case is not significant)
– this will be used, within the limits of predefined
standard values, to control the status line
– header("HTTP/1.0 404 Not Found");
• CS 607 got here on 27 Feb 2003
• Igat wanpela meri em i slip finis long displa
de
• Introduced php handling of multiple
selections in forms
User-authentication in PHP
• The header() function can be used to send headers
requiring authentication
– This will cause a browser to pop up a
username/password/realm dialog window and
– When the values have been provided, send a new
request back to the same page containing the
appropriate information
• This time, some special PHP variables will be set:
$PHP_AUTH_USER,
$PHP_AUTH_PW and
$PHP_AUTH_TYPE
User-authentication in PHP (contd.)
• The code below captures the user’s name and password
• An improved version would check this against the contents of
some file
<?php
if (!isset( $PHP_AUTH_USER ))
{header("HTTP/1.0 401 Unauthorized");
header("WWW-Authenticate: Basic realm=\“Bank
Accounts\"");
echo “You must identify yourself.";}
else { echo "<p>Hello $PHP_AUTH_USER.</p>";
echo "<p>Your password is $PHP_AUTH_PW </p>"; }
?>
• CS 607 got here on 4 March 2003
User-authentication in PHP (contd.)
• The PHP_AUTH variables will not be set if external
authentication is enabled for that particular page.
– This is to prevent a script which reveals the password for a page
that was protected through a traditional external mechanism, such
as the .htpasswd mechanism
• In this case, the $REMOTE_USER variable can be used to
identify the externally-authenticated user.
Handling Cookies in PHP
• PHP provides a function called setcookie() which can be used to
send cookies to a browser
– Since cookies are sent in HTTP headers, this function must be
called before any ordinary content (such as HTML) is sent
• Cookies sent from a broswer to a client will be converted into
automatically created variables – just like those that are created
to present data which come in GET and POST requests
Image Handling
• As well as generating dynamic HTML, PHP can generate and
manipulate images
<?php
header("Content-type: image/png");
$string=implode($argv," ");
$im = imageCreateFromPng("images/button1.png");
$orange = ImageColorAllocate($im, 220, 210, 60);
$px = (imagesx($im)-7.5*strlen($string))/2;
imageString($im,3,$px,9,$string,$orange);
imagePng($im);
imageDestroy($im);
?>
