Lab 3 - PHP
Objectives:
- Write php scripts
- Access psql db through php script
Take a look and try each of the following PHP scripts. (The text of the
scripts are provided in text files).
Assignment:
- Write a pair of web pages with embedded PHP scripts. The first PHP
script should generate a form which allows the user to input 10 numbers.
When the form's submit button is pressed, the 10 numbers should be sent to the
second PHP script as an array. The second script should display the
largest number in the array and the average of the 10 numbers.
- Design a form which implements a two or three question multiple choice
test (Use radio boxes to select answers --- see
The Bare Bones Guide to
HTML. The user should input their name in a text box at the top of the
form. Write a PHP script to grade the test, greet the user by name, and
print the number of correct answers. Use arrays to pass the selected answers
to the PHP script and to hold the list of correct answers. Hint: your radio
box tags will need to be similar to:
<input type=radio name='ans[0]' value='A'>
Notice how the array used to pass the answers from the form to the processing script is indexed.
|
HTTP is a stateless protocol. So, how can we retain state (persistence)?
We will use sessions.
HTTP GET: parameters passed as part of URL:
http://phoenix.goucher.edu/process.php?name=jill
Accessed through _GET
associative array in PHP:
$name = $_GET["name"];
example: Session ID (SID) passed as GET parameter:
echo "<A href=\"http://phoenix.goucher.edu/process.php?"
. SID . "\">";
HTTP POST: parameters passed into script via stdin
and accessed through _POST
associative array.
Sessions exist until browser is closed or PHP garbage collector removes the
session data file.
Establishing a session and writing session variables:
session_start();
$_SESSION["username"] = $username;
$_SESSION["password"] = $password;
Checking to see if a session variable already exists:
if (isset($_SESSION["username"])
$username = $_SESSION["username"];
else
$_SESSION["username"] = $username;
Deleting a session variable (enhanced security):
unset($_SESSION["username"]);
Example: Counting Page Accesses
This demonstrates a simple script which counts how many times the user has
accessed pages on a website. It maintains four session variables (on for
each page on the site). Note that the SID and the current selected page (whichPage)
are passed as GET parameter.
pageCount.php
pageCount.txt
Processing model:
- Establish connection, receive handle.
- Send SQL query, receive results "array."
- Process results array.
- Free results array.
- Repeat as needed.
- Close connection.
- Establishing a connection:
$handle = pg_connect("dbname=databaseName user=userName password=pwd");
Be sure to check handle status to see that the connection was made.
Handles are needed since script could have multiple DB connections open.
- Sending a query:
$result = pg_exec($handle, "query string");
Check result status!
- Determining the size of a result:
pg_numrows($result)
,
pg_numfields($result)
.
- Accessing the result:
$item = pg_result($result, $row, $field);
$item = pg_result($result, $row, "fieldName");
$row
and $field
are 0-based numeric indices.
fieldName
is an associative array-style index.
- Freeing a result, closing a connection:
pg_freeresult($result);
pg_close($handle);
login.html
login.txt
authenticate.php
authenticate.txt
query.php
query.txt
Things to note for each file:
login.html
:
- Form tag: method and action.
- Input tags: types and names.
authenticate.php
:
- Debugging notes.
- Retrieval of username, password. Associative array.
- Database connection and error checking.
- Sending a query and error checking.
- Accessing query results. Associative array.
Why the check on pg_numrows()
?
- Establishing the session and saving session variables.
- Passing
SID
back to the server as a GET parameter.
SID
will be empty when we resume the session.
- Freeing the result and closing the database.
query.php
:
- Retrieving session variables.
- Iterating through the result.
-
Assignment:
- In
~jillz/cs325/db on phoenix you'll find the three files:
login.html , authenticate.php , and
query.php . Copy them to your public_html directory
and verify that you can access the registration database via the files you
just copied.
- Modify the files so that you can access any database on the system. You'll
need to do the following:
- Note that the files, as is, use two levels of authentication. For this
extension, the second level is unnecessary. Eliminate it.
- You'll need to add a field to the login form so the user can specify
the database to which you will connect. You'll need to make use of this
information in the
pg_connect() call and store it as an
additional session variable.
- Fix-up anything else necessary to generalize these files.
- Instead of returning a table, INSERT, DELETE, and UPDATE return the number
of tuples affected. Modify
query.php to reflect this. Refer to
the description of stristr in the
online PHP documentation.
|