#2 create and populate a database && realistic and practical applications (PART 2)
Extends from the last chapter , This chapter takes a look at some real-world problems that can occur as you move your application
from testing to a live website, Through this chapter you will learn more important PHP and SQL code.
First Problem : Its never safe to assume a web form will be used exactly the way it was intended.
SO try and head off these kinds of problems by anticipating that some users will misuse your forms.
So the form is in need of validation, which is the process of checking to make sure form data is OK before doing anything with it.
Validation means making the data you get is the data you expect .
Just a tip here: you can also validating data on the client by JavaScript. But the server is the last line of defense for catching bad form data,
So server-side validation can't be ignored even if you have checked the data on the client-side.
Above the last project, we should add some code to sendemail.php that examines the values in the text boxes and checks to make
sure they aren't empty. If everything checks out OK, the script sends out the emails.
A form that references itself. An HTML form that is part of the PHP script that process it is known as self-referencing.(自引用表格,表格会提交到自身)
When a form is smart enough to remember data entered into it in prior submissions, its know as a sticky form, data sticks to it!
you can make the sendemail.php a self-referencing form like this :
<form action="sendemail.php" method="post">
or you can do it like this :
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
superglobal variable $_SERVER['PHP_SELF'], which stores the name of the current script. You can replace the script URL in the form action to
$_SERVER['PHP_SELF'], and not ever have to worry about updating anything if you ever need to rename the script.
To make the form Validation and Sticky , you can edit the sendemail.php like this :
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Make Me Elvis - Send Email</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />
<img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />
<p><strong>Private:</strong> For Elmer's use ONLY<br />
Write and send an email to mailing list members.</p> <?php
if (isset($_POST['submit'])) {
$from = 'elmer@makemeelvis.com';
$subject = $_POST['subject'];
$text = $_POST['elvismail'];
$output_form = false; if (empty($subject) && empty($text)) {
// We know both $subject AND $text are blank
echo 'You forgot the email subject and body text.<br />';
$output_form = true;
} if (empty($subject) && (!empty($text))) {
echo 'You forgot the email subject.<br />';
$output_form = true;
} if ((!empty($subject)) && empty($text)) {
echo 'You forgot the email body text.<br />';
$output_form = true;
}
}
else {
$output_form = true;
} if ((!empty($subject)) && (!empty($text))) {
$dbc = mysqli_connect("localhost","root","root","elvis_store")
or die("Error connectiong to MySQL");
echo "Connecting success! </br>"; $query = "SELECT * FROM email_list";
$result = mysqli_query($dbc, $query)
or die("Error querying database!");
echo "Quering success! </br>"; while( $row = mysqli_fetch_array($result) ) {
$first_name = $row['first_name'];
$last_name = $row['last_name'];
$to = $row['email']; $msg = "Dear $first_name $last_name, \n $text"; mail($to, $subject, $msg, 'From: '.$from ); echo 'Emai sent to :'.$to. "<br/>";
}
mysqli_close($dbc);
} if ($output_form) {
?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<label for="subject">Subject of email:</label><br />
<input id="subject" name="subject" type="text" value="<?php echo $subject; ?>" size="30" /><br />
<label for="elvismail">Body of email:</label><br />
<textarea id="elvismail" name="elvismail" rows="8" cols="40"><?php echo $text; ?></textarea><br />
<input type="submit" name="submit" value="Submit" />
</form> <?php
}
?> </body>
</html>
Next we should the alter the table to make table rows should be uniquely identifialbe.
SQL has a command that lets you make changes to an existing table without losing any data.
ALTER TABLE table_name ADD column_name column_type
you can use it like this :
ALTER TABLE email_list ADD id INT NOT NULL AUTO_INCREMENT FIRST,
ADD PRIMARY KEY(id) #this little chunk of code tells MySQL that new id column is the primary key for the table, you can learn more detail here
After you have changed the database, you should also add validation to the addemail.php just like what we did before:
<?
/**
* Created by IntelliJ IDEA.
* User: beyond_acm
* Date: 9/1/2015
* Time: 9:58 AM
*/
?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Make Me Elvis - Add Email</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />
<img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />
<p>Enter your first name, last name, and email to be added to the <strong>Make Me Elvis</strong> mailing list.</p> <?php
if( isset($_POST['submit']) ) {
// if submit the form
$first_name = $_POST['firstname'];
$last_name = $_POST['lastname'];
$email = $_POST['email'];
$output_form = 'no';
//TODO the validation
if (empty($first_name) || empty($last_name) || empty($email)) {
// We know at least one of the input fields is blank
echo 'Please fill out all of the email information.<br />';
$output_form = 'yes';
}
} else {
$output_form = 'yes';
}
//If the form is validate, then todo insert the data into the database
if (!empty($first_name) && !empty($last_name) && !empty($email)) {
$dbc = mysqli_connect('localhost', 'root', 'root', 'elvis_store')
or die('Error connecting to MySQL server.'); $query = "INSERT INTO email_list (first_name, last_name, email) VALUES ('$first_name', '$last_name', '$email')";
mysqli_query($dbc, $query)
or die ('Data not inserted.'); echo 'Customer added.'; mysqli_close($dbc);
}
if ($output_form == 'yes') {
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<label for="firstname">First name:</label>
<input type="text" id="firstname" name="firstname" /><br />
<label for="lastname">Last name:</label>
<input type="text" id="lastname" name="lastname" /><br />
<label for="email">Email:</label>
<input type="text" id="email" name="email" /><br />
<input type="submit" name="submit" value="Submit" />
</form> <?php
}
?> </body>
</html>
Last we should add a removeemail.php to delete users from the table, the removeemail.php is as followed :
<?
/**
* Created by IntelliJ IDEA.
* User: Administrator
* Date: 9/1/2015
* Time: 10:29 AM
*/
?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Make Me Elvis - Remove Email</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />
<img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />
<p>Please select the email addresses to delete from the email list and click Remove.</p> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<?php
$dbc = mysqli_connect('localhost', 'root', 'root', 'elvis_store')
or die('Error connecting to MySQL server'); //Delete the customer rows (only if the form has been submitted)
if( isset($_POST['submit']) ) {
foreach( $_POST['todelete'] as $delete_id ) {
$query = "DELETE FROM email_list WHERE id = $delete_id";
mysqli_query($dbc, $query)
or die('Error quering database');
}
echo 'Customer(s) removed. </br>';
} //Display the customer rows with checkboxed for deleting
$query = "SELECT * FROM email_list";
$result = mysqli_query($dbc, $query);
while( $row = mysqli_fetch_array($result) ) {
echo '<input type="checkbox" value=' .$row['id']. ' name="todelete[]" />';
echo $row['first_name'];
echo ' '.$row['last_name'];
echo ' '.$row['email'];
echo '</br>';
}
mysqli_close($dbc);
?>
<input type="submit" name="submit" value="Remove">
</form> </body>
</html>
if you get it right, you should see some pages as follows :
Now you can delete the registerd user stored in the database, Cool you have finished a real webapp.
最新文章
- php 上传文件
- 非阻塞同步算法与CAS(Compare and Swap)无锁算法
- NOIP2015跳石头[二分答案]
- HTML-学习笔记(1)
- Servlet 3.0 之@WebFilter怎么控制多个filter的执行顺序
- Fedora 20 安装后的一些事情
- jquery右下角返回顶部
- 详解SSH注解配置,bean注解、事物注解等
- JavaEE Tutorials (19) - Web应用安全入门
- Software Version --hdu1976
- IE浏览器上传文件时本地路径变成”C:\fakepath\”的问题
- 史上最全的判断android,ios还是ipad访问,附上多种语言的实现方式
- mysql常用基础操作语法(二)~~对表的增删改操作【命令行模式】
- Mysql中concat()、concat_ws()和 group_concat()的用法
- centos安装实用总结
- linux 基础笔记本
- python 判断返回结果 in用法
- Orchard之模版开发
- 如何基于TensorFlow使用LSTM和CNN实现时序分类任务
- Magento EAV模型