Extends from the last chapter , This chapter takes a look at some real-world problems that can occur as you move your application

from testing to a live website, Through this chapter you will learn more important PHP and SQL code.

First Problem : Its never safe to assume a web form will be used exactly the way it was intended.

        SO try and head off these kinds of problems by anticipating that some users will misuse your forms.

So the form is in need of validation, which is the process of checking to make sure form data is OK before doing anything with it.

 Validation means making the data you get is the data you expect . 

Just a tip here: you can also validating data on the client by JavaScript. But the server is the last line of defense for catching bad form data,

So server-side validation can't be ignored even if you have checked the data on the client-side.

Above the last project, we should add some code to sendemail.php that examines the values in the text boxes and checks to make

sure they aren't empty. If everything checks out OK, the script sends out the emails.

A form that references itself. An HTML form that is part of the PHP script that process it is known as self-referencing.(自引用表格,表格会提交到自身)

When a form is smart enough to remember data entered into it in prior submissions, its know as a sticky form, data sticks to it!

you can make the sendemail.php a self-referencing form like this :

<form action="sendemail.php" method="post">

or you can do it like this :

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

superglobal variable $_SERVER['PHP_SELF'], which stores the name of the current script. You can replace the script URL in the form action to

$_SERVER['PHP_SELF'], and not ever have to worry about updating anything if you ever need to rename the script.

To make the form Validation and Sticky , you can edit the sendemail.php like this :

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

 <head>

   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

   <title>Make Me Elvis - Send Email</title>

   <link rel="stylesheet" type="text/css" href="style.css" />

 </head>

 <body>

   <img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />

   <img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />

   <p><strong>Private:</strong> For Elmer's use ONLY<br />

   Write and send an email to mailing list members.</p>

 <?php

   if (isset($_POST['submit'])) {

     $from = 'elmer@makemeelvis.com';

     $subject = $_POST['subject'];

     $text = $_POST['elvismail'];

     $output_form = false;

     if (empty($subject) && empty($text)) {

       // We know both $subject AND $text are blank

       echo 'You forgot the email subject and body text.<br />';

       $output_form = true;

     }

     if (empty($subject) && (!empty($text))) {

       echo 'You forgot the email subject.<br />';

       $output_form = true;

     }

     if ((!empty($subject)) && empty($text)) {

       echo 'You forgot the email body text.<br />';

       $output_form = true;

     }

   }

   else {

     $output_form = true;

   }

   if ((!empty($subject)) && (!empty($text))) {

     $dbc = mysqli_connect("localhost","root","root","elvis_store")

     or die("Error connectiong to MySQL");

     echo "Connecting success! </br>";

     $query = "SELECT * FROM email_list";

     $result = mysqli_query($dbc, $query)

     or die("Error querying database!");

     echo "Quering success! </br>";

     while( $row = mysqli_fetch_array($result) ) {

       $first_name = $row['first_name'];

       $last_name = $row['last_name'];

       $to = $row['email'];

       $msg = "Dear $first_name $last_name, \n $text";

       mail($to, $subject, $msg, 'From: '.$from );

       echo 'Emai sent to :'.$to. "<br/>";

     }

     mysqli_close($dbc);

   }

   if ($output_form) {

 ?>

   <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

     <label for="subject">Subject of email:</label><br />

     <input id="subject" name="subject" type="text" value="<?php echo $subject; ?>" size="30" /><br />

     <label for="elvismail">Body of email:</label><br />

     <textarea id="elvismail" name="elvismail" rows="8" cols="40"><?php echo $text; ?></textarea><br />

     <input type="submit" name="submit" value="Submit" />

   </form>

 <?php

   }

 ?>

 </body>

 </html>

Next we should the alter the table to make table rows should be uniquely identifialbe.

SQL has a command that lets you make changes to an existing table without losing any data.

ALTER TABLE table_name ADD column_name column_type

you can use it like this :

ALTER TABLE email_list ADD id INT NOT NULL AUTO_INCREMENT FIRST,

ADD PRIMARY KEY(id)  #this little chunk of code tells MySQL that new id column is the primary key for the table, you can learn more detail here

After you have changed the database, you should also add validation to the addemail.php just like what we did before:

<?

/**

 * Created by IntelliJ IDEA.

 * User: beyond_acm

 * Date: 9/1/2015

 * Time: 9:58 AM

 */

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>Make Me Elvis - Add Email</title>

    <link rel="stylesheet" type="text/css" href="style.css" />

</head>

<body>

<img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />

<img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />

<p>Enter your first name, last name, and email to be added to the <strong>Make Me Elvis</strong> mailing list.</p>

<?php

    if( isset($_POST['submit']) ) {

        // if submit the form

        $first_name = $_POST['firstname'];

        $last_name = $_POST['lastname'];

        $email = $_POST['email'];

        $output_form = 'no';

        //TODO the validation

        if (empty($first_name) || empty($last_name) || empty($email)) {

            // We know at least one of the input fields is blank

            echo 'Please fill out all of the email information.<br />';

            $output_form = 'yes';

        }

    } else {

        $output_form = 'yes';

    }

    //If the form is validate, then todo insert the data into the database

    if (!empty($first_name) && !empty($last_name) && !empty($email)) {

        $dbc = mysqli_connect('localhost', 'root', 'root', 'elvis_store')

        or die('Error connecting to MySQL server.');

        $query = "INSERT INTO email_list (first_name, last_name, email)  VALUES ('$first_name', '$last_name', '$email')";

        mysqli_query($dbc, $query)

        or die ('Data not inserted.');

        echo 'Customer added.';

        mysqli_close($dbc);

    }

    if ($output_form == 'yes') {

?>

    <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

        <label for="firstname">First name:</label>

        <input type="text" id="firstname" name="firstname" /><br />

        <label for="lastname">Last name:</label>

        <input type="text" id="lastname" name="lastname" /><br />

        <label for="email">Email:</label>

        <input type="text" id="email" name="email" /><br />

        <input type="submit" name="submit" value="Submit" />

    </form>

<?php

    }

?>

</body>

</html>

Last we should add a removeemail.php to delete users from the table, the removeemail.php is as followed :

<?

/**

 * Created by IntelliJ IDEA.

 * User: Administrator

 * Date: 9/1/2015

 * Time: 10:29 AM

 */

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>Make Me Elvis - Remove Email</title>

    <link rel="stylesheet" type="text/css" href="style.css" />

</head>

<body>

    <img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />

    <img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />

    <p>Please select the email addresses to delete from the email list and click Remove.</p>

    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

        <?php

            $dbc = mysqli_connect('localhost', 'root', 'root', 'elvis_store')

                        or die('Error connecting to MySQL server');

            //Delete the customer rows (only if the form has been submitted)

            if( isset($_POST['submit']) ) {

                foreach( $_POST['todelete'] as $delete_id ) {

                    $query = "DELETE FROM email_list WHERE id = $delete_id";

                    mysqli_query($dbc, $query)

                        or die('Error quering database');

                }

                echo 'Customer(s) removed. </br>';

            }

            //Display the customer rows with checkboxed for deleting

            $query = "SELECT * FROM email_list";

            $result = mysqli_query($dbc, $query);

            while( $row = mysqli_fetch_array($result) ) {

                echo '<input type="checkbox" value=' .$row['id']. ' name="todelete[]" />';

                echo $row['first_name'];

                echo ' '.$row['last_name'];

                echo ' '.$row['email'];

                echo '</br>';

            }

            mysqli_close($dbc);

        ?>

        <input type="submit" name="submit" value="Remove">

    </form>

</body>

</html>

if you get it right, you should see some pages as follows :

Now you can delete the registerd user stored in the database, Cool you have finished a real webapp.

#2 create and populate a database && realistic and practical applications (PART 2)的更多相关文章

  1. #2 create and populate a database && realistic and practical applications

    The Chapter3 & Chapter4 of this book tells you how to create a realistic app on the web through ...

  2. Create a SQL Server Database on a network shared drive

    (原文地址:http://blogs.msdn.com/b/varund/archive/2010/09/02/create-a-sql-server-database-on-a-network-sh ...

  3. [转]How to: Create a Report Server Database (Reporting Services Configuration)

    本文转自:https://docs.microsoft.com/en-us/previous-versions/sql/sql-server-2008-r2/ms157300%28v%3dsql.10 ...

  4. Create an Azure SQL database in the Azure portal

    Create a SQL database An Azure SQL database is created with a defined set of compute and storage res ...

  5. [Windows Azure] How to Create and Configure SQL Database

    How to Create and Configure SQL Database In this topic, you'll step through logical server creation ...

  6. HiveSQLException: Error while compiling statement: No privilege 'Create' found for outputs { database:default }

    今天用Hive的JDBC实例时出现了HiveSQLException: Error while compiling statement: No privilege 'Create' found for ...

  7. [odb-users] Create schema error (unknown database schema '')

    Boris Kolpackov boris at codesynthesis.comFri May 31 11:13:02 EDT 2013 Previous message: [odb-users] ...

  8. [置顶] How to create Oracle 11g R2 database manually in ASM?

    Step 1: Specify an Instance Identifier (SID) export ORACLE_SID=maomi Step 2: Ensure That the Require ...

  9. Create schema error (unknown database schema '')

    Andrey Devyatka 4 years ago Permalink Raw Message Hi,Please tell me, can I use the static library in ...

随机推荐

  1. Intellij IDEA 最头大的问题,如何自定义注释模板?

    想栈长我当初从 Eclipse 转用 IDEA 真是纠结,放弃然后尝试了N次,不过现在已经算是转型成功了,可以完全脱离 Eclipse 撸码了,虽然说我现在真的撸得非常少了.. 说到 IDEA 的痛点 ...

  2. Day4 HTML新增元素与CSS布局

    Day4  HTML新增元素与CSS布局 HTML新增属性: 一:常见的布局标签(都是块级元素) <header>头部</header> <nav>导航</n ...

  3. Educational Codeforces Round 51 (Rated for Div. 2)

    做了四个题.. A. Vasya And Password 直接特判即可,,为啥泥萌都说难写,,,, 这个子串实际上是忽悠人的,因为每次改一个字符就可以 我靠我居然被hack了???? %……& ...

  4. HTTPS与SSL(二)

    CA Ca介绍 电子商务认证授权机构(CA, Certificate Authority),也称为电子商务认证中心,是负责发放和管理数字证书的权威机构,并作为电子商务交易中受信任的第三方,承担公钥体系 ...

  5. centos7 源码编译nginx

    使用configure命令配置编译.它定义了系统的各个方面,包括允许使用 nginx 进行连接处理的方法.最后它创建一个Makefile.该configure命令支持以下参数: --prefix=pa ...

  6. 关于web开发中订单自动超时和自动收货的简单方法(window server)

    最近做一个订单自动超时和自动收货的功能,因为以前是用的mysql 存储过程和定时器来完成,这次的业务逻辑相对复杂用以前的方式就不太合适,本来是准备使用定时执行php脚本来实现的,后来发现业务逻辑中使用 ...

  7. 爬虫技术-httpClent+jsoup

    技术:httpClent+jsoup 任务:利用httpClent爬去网站信息,在利用jsoup解析 方法说明: parseUrl(String url):传入相应的url返回该网页内容,网页必须是h ...

  8. 在linux 下为sublime Text 2 配置c#编译环境

    各位看官别笑我,在虚拟机上跑了了xp  xp里面安装了vs2008,然后电脑性能实在是太差了,所以装sublime用来编写代码,然后再统一由vs2008来调试. 说正事. 安装好sublime 之后, ...

  9. Android(java)学习笔记96:layout_weight使用注意事项

    1. android:layout_weight使用说明: layout_weight是权重的意思,也就是各个控件所占的比重,用在LinearLayout布局中.当我们使用layout_weight的 ...

  10. 【洛谷2519】[HAOI2011] problem a(动态规划)

    点此看题面 大致题意: 一次考试共有\(n\)个人参加,第\(i\)个人说有\(a_i\)个人分数比他高,\(b_i\)个人分数比他低.求最少有几个人说谎. 动态规划 刚看完题目可以说是一头雾水. 仔 ...