php theo getpost

8/4/2019 Php Theo Getpost

http://slidepdf.com/reader/full/php-theo-getpost 1/7

Paper 102 - Advance Web based Application 6. Passing information with PHP

HTTP Is Stateless

The most important thing to recall about the way the Web works is that the HTTP protocol itself is

stateless. If you are a poetic soul, you might say that each HTTP request is on its own, with no

direction home, like a complete unknown . . . you know how the rest goes. For the less lyrical among

us, this means that each HTTP request— in most cases, this translates to each resource (HTML page,.jpg file, style sheet, and so on) being asked for and delivered—is independent of all the others, knows

nothing substantive about the identity of the client, and has no memory.

Each request spawns a discrete process, which goes about its humble but worthy task of serving up one

single solitary file and then is automatically killed off. (But that sounds so harsh; maybe we can say

“flits back to the pool of available processes” instead.)

Even if you design your site with very strict one-way navigation (Page1 leads only to Page 2, which

leads only to Page 3, and so on), the HTTP protocol will never know or care that someone browsing

Page 2 must have come from . You cannot set the value of a variable on Page 1 and expect it to

be imported to Page 2 by the exigencies of HTML itself. You can use HTML to display a form, and

someone can enter some information using it—but unless you employ some extra means to pass the

information to another page or program, the variable will simply vanish into the ether as soon as you

move to another page.

This is where a form-handling technology like PHP comes in. PHP will catch the variable tossed from

one page to the next and make it available for further use. PHP happens to be unusually good at this

type of data-passing function, which makes it fast and easy to employ for a wide variety of Web site

tasks.

HTML forms are mostly useful for passing a few values from a given page to one single other page of

a Web site. There are more persistent ways to maintain state over many page views, such as cookiesand sessions, which we cover in Chapter 24. This chapter will focus on the most basic techniques of

information-passing between Web pages, which utilize the GET and POST methods in HTTP to create

dynamically generated pages and to handle form data.




GET Arguments

The GET method passes arguments from one page to the next as part of the Uniform Resource

Indicator (you may be more familiar with the term Uniform Resource Locator or URL) query string.

When used for form handling, GET appends the indicated variable name(s) and value(s) to the URL

designated in the ACTION attribute with a question mark separator and submits the whole thing to the

processing agent (in this case a Web server).

This is an example HTML form using the GET method (save the file under the name get.php):

<HTML>

<HEAD>

<TITLE>A GET method example, part 1</TITLE>

</HEAD>

<BODY>

<FORM ACTION="viewname.php" METHOD="GET">

Enter Your Name :<input type="text" name="txtname">

<P><INPUT TYPE="submit" NAME="Submit" VALUE="Select"></P>

</FORM>

</BODY>

</HTML>

(save the file under the name ): viewname.php )




<?php

echo "Your name is ===".$_GET['txtname'];

?>

When the user makes a selection and clicks the Submit button, the browser agglutinates

these elements in this order, with no spaces between the elements:

The URL in quotes after the word ACTION (http://localhost/baseball.php)✦

A question mark (?) denoting that the following characters constitute a GET string.✦

A variable NAME, an equal sign, and the matching VALUE (Team=Cubbies)✦

An ampersand (&) and the next NAME-VALUE pair (Submit=Select); further name-value pairs✦

separated by ampersands can be added as many times as the server querystring- length limit allows.

The browser thus constructs the URL string:

http://localhost/bhavin/viewname.php?txtname=fd&Submit=Select






Disadvantage

The GET method is not suitable for logins because the username and password are fully visible✦

onscreen as well as potentially stored in the client browser’s memory as a visited page.

Every GET submission is recorded in the Web server log, data set included.✦

Because the GET method assigns data to a server environment variable, the length of the URL is✦

limited. You may have seen what seem like very long URLs using GET—but you really wouldn’t want

to try passing a 300-word chunk of HTML-formatted prose using this method.

POST Arguments

POST is the preferred method of form submission today, particularly in nonidempotent usages (those

that will result in permanent changes), such as adding information to a database. The form data set is

included in the body of the form when it is forwarded to the processing agent (in this case, PHP). No

visible change to the URL will result according to the different data submitted.

The POST method has these advantages:

It is more secure than GET because user-entered information is never visible in the URL query✦

string, in the server logs, or (if precautions, such as always using the password HTML input type for passwords, are taken) onscreen.

There is a much larger limit on the amount of data that can be passed (a couple of kilobytes rather ✦

than a couple of hundred characters).

POST has these disadvantages:

The results at a given moment cannot be bookmarked.✦

The results should be expired by the browser, so that an error will result if the user employs the✦

Back button to revisit the page.

This method can be incompatible with certain firewall setups, which strip the form data as a security✦

measure.

This is an example HTML form using the POST method (save the file under the name post.php):

<HTML>

<HEAD>




<TITLE>A POST method example, part 1</TITLE>

</HEAD>

<BODY>

<FORM ACTION="viewnameusingpost.php" METHOD="POST">

Enter Your Name :<input type="text" name="txtname">

<P><INPUT TYPE="submit" NAME="Submit" VALUE="Select"></P>

</FORM>

</BODY>

</HTML>

Output is

save the file under the name viewnameusingpost.php:

<?phpecho "Your name is ===".$_POST['txtname'];




?>

Formatting Form Variables

PHP is so efficient at passing data around because the developers made a very handy but (in theory)

slightly sketchy design decision. PHP automatically, but invisibly, assigns the variables for you on the

new page when you submit a data set using GET or POST. Most of PHP’s competitors make you




explicitly do this assignment yourself on each page; if you forget to do so or make a mistake, the

information will not be available to the processing agent. PHP is faster, simpler, and mostly more

goof-proof.

But because of this automatic variable assignment, you need to always use a good NAME attribute for

each INPUT. NAME attributes are not strictly necessary in HTML proper—your form will render fine

without them—but the data will be of little use because the HTML form-field NAME attribute will be

the variable name in the form handler.

In other words, in this form:

<FORM ACTION=”Hello.php” METHOD=”POST”>

<INPUT TYPE=”text” NAME=”email”>

<INPUT TYPE=”submit” NAME=”submit” VALUE=”Send”>

</FORM>

the text field named email will cause the creation of a PHP variable called $_POST[‘email’] when the

form is submitted. Similarly, the submit button will lead to the creation of a variable called

$_POST[‘submit’] on the next page. The name you use in the HTML form will be the name of your

variable in the PHP form handler.

Remember that you cannot use a variable name beginning with a number—so you should not nameyour form field something like 5 (you laugh, but we’ve seen people try to do it)—and PHP variable

names are case sensitive.

php theo getpost

Documents