Video: Lecture 2 "PHP Cont." - Building Dynamic Websites (Youtube link to open in a new window)
https://youtu.be/04rWBt93NkY?t=44m
Course Web Site by CS75.tv
Course Sillabus (Opens in a PDF)
Lecture Slides for Lecture 2 (Opens in a PDF)
Lecture 2 Source Codes
Lecture 2 Source Codes in PDF
Course Assignment (Project)
Summary: This is the first lecture of the series. Building Dynamic Websites by Harvard OpenCourseWare with Great Instructor David J. Malan
Alway, always, always, escape user's entry to a field by this function;
htmlspecialchars()
================================
<? /*********************************************************************** * froshims4.php * * David J. Malan * malan@harvard.edu * * Implements a registration form for Frosh IMs. Submits to itself. **********************************************************************/ // if form was actually submitted, check for error if (isset($_POST["action"])) { if (empty($_POST["name"]) || empty($_POST["gender"]) || empty($_POST["dorm"])) $error = true; } ?> <!DOCTYPE html> <html> <head> <title>Frosh IMs</title> </head> <body> <div style="text-align: center"> <h1>Register for Frosh IMs</h1> <? if (isset($error)): ?> <div style="color: red">You must fill out the form!</div> <? endif ?> <br><br> <form action="froshims4.php" method="post"> <table style="border: 0; margin-left: auto; margin-right: auto; text-align: left"> <tr> <td>Name:</td> <td><input name="name" type="text"></td> </tr> <tr> <td>Captain:</td> <td><input name="captain" type="checkbox"></td> </tr> <tr> <td>Gender:</td> <td> <input name="gender" type="radio" value="F"> F <input name="gender" type="radio" value="M"> M </td> </tr> <tr> <td>Dorm:</td> <td> <select name="dorm"> <option value=""></option> <option value="Apley Court">Apley Court</option> <option value="Canaday">Canaday</option> <option value="Grays">Grays</option> <option value="Greenough">Greenough</option> <option value="Hollis">Hollis</option> <option value="Holworthy">Holworthy</option> <option value="Hurlbut">Hurlbut</option> <option value="Lionel">Lionel</option> <option value="Matthews">Matthews</option> <option value="Mower">Mower</option> <option value="Pennypacker">Pennypacker</option> <option value="Stoughton">Stoughton</option> <option value="Straus">Straus</option> <option value="Thayer">Thayer</option> <option value="Weld">Weld</option> <option value="Wigglesworth">Wigglesworth</option> </select> </td> </tr> </table> <br><br> <input name="action" type="submit" value="Register!"> </form> </div> </body> </html>
========================================
==============================================
<?
/***********************************************************************
* register8.php
*
* Computer Science 50
* David J. Malan
*
* Implements a registration form for Frosh IMs. Records registration
* in database. Redirects user to froshims8.php upon error.
**********************************************************************/
/***************************************************************
* 2/20/2019 by Mack Soneh
* The header location has been modified
* OLD "Location: http://xxxxxxxx~jharvard/froshims/froshims1.php"
* NEW "Location: http://xxxxxxxx/~src2/src/froshims/froshims1.php"
***************************************************************/
// validate submission
if (empty($_POST["name"]) || empty($_POST["gender"]) || empty($_POST["dorm"]))
{
header("Location: http://xxxxxxx/~src2/src/froshims/froshims8.php");
exit;
}
// connect to database
mysql_connect("localhost", "jharvard", "crimson");
mysql_select_db("jharvard_froshims");
// scrub inputs
$name = mysql_real_escape_string($_POST["name"]);
if ($_POST["captain"])
$captain = 1;
else
$captain = 0;
$gender = mysql_real_escape_string($_POST["gender"]);
$dorm = mysql_real_escape_string($_POST["dorm"]);
// prepare query
$sql = "INSERT INTO registrants (name, captain, gender, dorm)
VALUES('$name', $captain, '$gender', '$dorm')";
// execute query
mysql_query($sql);
?>
<!DOCTYPE html>
<html>
<head>
<title>Frosh IMs</title>
</head>
<body>
You are registered! (Really.)
</body>
</html>
==============================================
Course Web Site by CS75.tv
Course Sillabus (Opens in a PDF)
Lecture Slides for Lecture 2 (Opens in a PDF)
Lecture 2 Source Codes
Lecture 2 Source Codes in PDF
Course Assignment (Project)
| Lecture 0: HTTP |
| Lecture 1: PHP |
| Lecture 2: PHP, Continued |
| Lecture 3: MVC, XML |
| Lecture 4: SQL |
| Lecture 5: SQL, Continued |
| Lecture 6: JavaScript |
| Lecture 7: Ajax |
| Lecture 8: Security |
| Lecture 9: Scalability |
Summary: This is the first lecture of the series. Building Dynamic Websites by Harvard OpenCourseWare with Great Instructor David J. Malan
Alway, always, always, escape user's entry to a field by this function;
htmlspecialchars()
================================
<? /*********************************************************************** * froshims4.php * * David J. Malan * malan@harvard.edu * * Implements a registration form for Frosh IMs. Submits to itself. **********************************************************************/ // if form was actually submitted, check for error if (isset($_POST["action"])) { if (empty($_POST["name"]) || empty($_POST["gender"]) || empty($_POST["dorm"])) $error = true; } ?> <!DOCTYPE html> <html> <head> <title>Frosh IMs</title> </head> <body> <div style="text-align: center"> <h1>Register for Frosh IMs</h1> <? if (isset($error)): ?> <div style="color: red">You must fill out the form!</div> <? endif ?> <br><br> <form action="froshims4.php" method="post"> <table style="border: 0; margin-left: auto; margin-right: auto; text-align: left"> <tr> <td>Name:</td> <td><input name="name" type="text"></td> </tr> <tr> <td>Captain:</td> <td><input name="captain" type="checkbox"></td> </tr> <tr> <td>Gender:</td> <td> <input name="gender" type="radio" value="F"> F <input name="gender" type="radio" value="M"> M </td> </tr> <tr> <td>Dorm:</td> <td> <select name="dorm"> <option value=""></option> <option value="Apley Court">Apley Court</option> <option value="Canaday">Canaday</option> <option value="Grays">Grays</option> <option value="Greenough">Greenough</option> <option value="Hollis">Hollis</option> <option value="Holworthy">Holworthy</option> <option value="Hurlbut">Hurlbut</option> <option value="Lionel">Lionel</option> <option value="Matthews">Matthews</option> <option value="Mower">Mower</option> <option value="Pennypacker">Pennypacker</option> <option value="Stoughton">Stoughton</option> <option value="Straus">Straus</option> <option value="Thayer">Thayer</option> <option value="Weld">Weld</option> <option value="Wigglesworth">Wigglesworth</option> </select> </td> </tr> </table> <br><br> <input name="action" type="submit" value="Register!"> </form> </div> </body> </html>
========================================
==============================================
<?
/***********************************************************************
* register8.php
*
* Computer Science 50
* David J. Malan
*
* Implements a registration form for Frosh IMs. Records registration
* in database. Redirects user to froshims8.php upon error.
**********************************************************************/
/***************************************************************
* 2/20/2019 by Mack Soneh
* The header location has been modified
* OLD "Location: http://xxxxxxxx~jharvard/froshims/froshims1.php"
* NEW "Location: http://xxxxxxxx/~src2/src/froshims/froshims1.php"
***************************************************************/
// validate submission
if (empty($_POST["name"]) || empty($_POST["gender"]) || empty($_POST["dorm"]))
{
header("Location: http://xxxxxxx/~src2/src/froshims/froshims8.php");
exit;
}
// connect to database
mysql_connect("localhost", "jharvard", "crimson");
mysql_select_db("jharvard_froshims");
// scrub inputs
$name = mysql_real_escape_string($_POST["name"]);
if ($_POST["captain"])
$captain = 1;
else
$captain = 0;
$gender = mysql_real_escape_string($_POST["gender"]);
$dorm = mysql_real_escape_string($_POST["dorm"]);
// prepare query
$sql = "INSERT INTO registrants (name, captain, gender, dorm)
VALUES('$name', $captain, '$gender', '$dorm')";
// execute query
mysql_query($sql);
?>
<!DOCTYPE html>
<html>
<head>
<title>Frosh IMs</title>
</head>
<body>
You are registered! (Really.)
</body>
</html>
No comments:
Post a Comment