Xhtml code within a php script section.

• The

• All-in-One Web forms combine the data entry form page and the

• The

• URL tokens use the get method and additional data appended to

• Web page templates combine static elements and a dynamic

• Web page templates can use the

219

Comprehension Check

1.

Which of the following autoglobals can you use to access

submitted form values? (Choose all that apply.)

a. $_GET

b. $_POST

c. $_SERVER

d. $_REQUEST

2.

Which of the following separates the URL from the form data

in a get request?

a. ?

b. &

c. =

d. +

3.

Which of the following separates multiple name/value pairs

from each other in a get request?

a. ?

b. &

c. =

d. +

Handling User Input

4.

5.

What is the maximum length of a value in a get request?

Describe the difference in how data is sent to the Web server

for the get and post methods.

Contrast the two-part Web form with the All-in-One Web

form.

What are magic quotes and why are they used?

Which function removes the slashes that are added by magic

quotes?

The empty() function is used to do which of the following?

(Select all that apply.)

a. Clear the value of a variable.

b. Check if the length of a string variable is 0.

c. Check to see if the value of a variable is NULL.

d. Check to see if the value of a numeric variable is 0.

220

6.

7.

8.

9.

10. The is_*() family of functions can be used to verify that the

user entered the correct data type in a form field. True or

11. A user should fix each data entry error before being notified

of the next one. True or False?

12. A(n)form redisplays a form with the previ-

ously entered values already filled in.

a. error

b. sticky

c. prefilled

d. Web

13. Explain the purpose of advanced escaping from XHTML.

14. Explain why the isset() function is not an inverse of the

empty() function.

15. Thefunction can be used to determine if

data has been submitted to an All-in-One form.

a. is_posted()

b. submitted()

c. isset()

d. data_found()

16. URL tokens use the post method. True or False?

17. Web page templates are made of

sections.

a. form, script

b. image, text

c. static, dynamic

d. content, template

18. With Web page templates, every page needs to be modified to

change an image in the header section. True or False?

19. Describe two methods used to navigate within a Web page

template.

20. Theautoglobal contains all of the elements

of both the

a. $_REQUEST

b. $_RESPONSE

c. $_FORM

d. $_SESSION

and

221

Reinforcement Exercises

Exercise 4-1

Create a Web form to help in creating “Jumble” puzzles. Create a

form that has four input fields named Word1, Word2, Word3, and

Word4, as well as “Reset” and “Submit” buttons. Create a form pro-

cessing script that verifies that all four words are entered, that all

of them contain only letters, and that all four are between 4 and 7

Handling User Input

characters long. Once all of the words have been verified as correct,

use the strtoupper() and str_shuffle() functions to produce four

jumbled sets of letters.

To create the Jumble Maker form:

222

1.

Create a new document in your text editor. Type the

!DOCTYPE declaration, <html> element, header information,

and <body> element. Use the strict DTD and “Jumble Maker”

as the content of the <title> element.

Add the following XHTML form tags in the body of the

document:

<form action=

"process_JumbleMaker.php" method="post">

2.

3.

Save the document as JumbleMaker.html in the Projects

directory for Chapter 4.

Create a new document in your text editor. Type the

!DOCTYPE declaration, <html> element, header information,

and <body> element. Use the strict DTD and “Jumble Maker”

as the content of the <title> element.

Add the opening and closing tags for the PHP script section

in the body of the document:

<?php

?>

4.

5.

6.

Add the displayError() function to the script section. This

function displays the error message, and takes two param-

eters: $fieldName, which is the name of the field as it appears

on the Web form; and $errorMsg, which describes the error

for the user. There is no return value for this function.

function displayError($fieldName, $errorMsg) {

global $errorCount;

7.

Create a second function called validateWord() below the

displayError() function. This function takes two parame-

ters. The first parameter, $data, is a string to be validated. The

second parameter, $fieldName, is the name of the form field.

The function returns the $data parameter after it has been

cleaned up. Notice that the function uses the global variable

$errorCount.

function validateWord($data, $fieldName) {

global $errorCount;

223

8.

Immediately after the validateWord() function, declare and

initialize a new variable called $errorCount and a new array

called $words[] as follows:

$errorCount = 0;

$words = array();

9.

Add assignment statements for the $words array variable to

receive the output of the validateWord() function for each

form field:

$words[]

$words[]

$words[]

$words[]

=

=

=

=

validateWord($_POST['Word1'],

validateWord($_POST['Word2'],

validateWord($_POST['Word3'],

validateWord($_POST['Word4'],

"Word

"Word

"Word

"Word

1");

2");

3");

4");

Handling User Input

10. Add a conditional statement immediately after the values of

$words have been assigned. This statement will display the

total number of errors found or the shuffled words if there

224

if ($errorCount>0)

echo "Please use the \"Back\" button to

11. Save the document as process_JumbleMaker.php in the

Projects directory for Chapter 4.

12. Upload JumbleMaker.html and process_JumbleMaker.php to

the Web server.

13. Open the JumbleMaker.html page in the Web browser

by entering the following URL: http://<yourserver>/

14. Test the form. It should only show the jumbled results if all

four words were entered correctly.

15. Close your Web browser window.

Exercise 4-2

In this exercise, you will create an All-in-One form that is a work-

ing “Contact Me” page. This page will have inputs for the subject,

the sender’s name, the sender’s e-mail address, and the message. The

form will also send a copy of the message to the sender.

1.

Create a new document in your text editor. Type the

!DOCTYPE declaration, <html> element, header information,

and <body> element. Use the strict DTD and “Contact Me” as

the content of the <title> element.

Add the opening and closing tags for the PHP script section

in the body of the document:

<?php

?>

2.

3.

Add a function called validateInput(). This function takes

two parameters. The first parameter, $data, is a string to be

validated. The second parameter, $fieldName, is the name

of the form field. The function returns the $data parameter

after it has been cleaned up. Notice that the function uses the

global variable $errorCount.

function validateInput($data, $fieldName) {

global $errorCount;

225

4.

Add a function called validateEmail() immediately after the

validateInput() function. This function is almost exactly

like the validateInput() function, but it adds a regular

expression test to validate that the entered e-mail address is

in the correct format. Note that the regular expression used is

the same one introduced in Chapter 3.

function validateEmail($data, $fieldName) {

global $errorCount;

Handling User Input

5.

Add a function called displayForm() immediately after the

validateEmail() function. This function takes one param-

eter for each form field, and displays the form. It uses the

parameters for sticky form functionality.

function displayForm($Sender, $Email, $Subject,

$Message) {

?>

<h2 style = "text-align:center">Contact Me</h2>

<form name="contact" action="ContactForm.php"

method="post">

226

6.

Immediately after the displayForm() function, declare and

initialize a set of variables as follows:

$ShowForm = TRUE;

$errorCount = 0;

$Sender = "";

$Email = "";

$Subject = "";

$Message = "";

7.

Next, add the following code to check for and validate the

input. Note that $_POST['Email'] is checked with the

validateEmail() function instead of the validateInput()

function.

if (isset($_POST['Submit'])) {

$Sender =

if ($errorCount==0)

$ShowForm = FALSE;

}

8.

Next, add a conditional statement that checks the value

of $ShowForm. If $ShowForm is TRUE, the form is displayed.

Otherwise, an e-mail message is sent and a status message is

displayed. Note that a copy is sent to the sender.

if ($ShowForm == TRUE) {

if ($errorCount>0) // if there were errors

227

9.

Save the document as ContactForm.php in the Projects

directory for Chapter 4 and upload the document to the Web

server.

10. Open ContactForm.php by entering the following URL:

http://<yourserver>/PHP_Projects/Chapter.04/Projects/

11. Close your Web browser window.

Handling User Input

Exercise 4-3

The

228

Create an include file to assist with debugging Web forms. The

include file should create a table to display the contents of the

$_REQUEST autoglobal. The table will have two columns showing

each name/value pair. Use the advanced foreach statement syntax to

retrieve the index and value of each element of the $_REQUEST array.

Be sure to use the stripslashes() and htmlentities() functions

before displaying the text in the Web page. Save the document as inc_

requestDump.php. Create a second document to test the include

file. Save the second document as RequestDump.php.

Exercise 4-4

Create a two-part form that calculates an employee’s weekly gross

salary, based on the number of hours worked and an hourly wage

that you choose. Use an HTML document named Paycheck.html

as a Web form with two text boxes—one for the number of hours

worked and one for the hourly wage. Use a PHP document named

Paycheck.php as the form handler. Compute any hours over 40 as

time-and-a-half. Be sure to verify and validate the submitted form

data and provide appropriate error messages for invalid values.

Exercise 4-5

Create an All-in-One sticky form to solve the common “two trains

are moving toward each other” word problem. The form should

have three inputs, all numbers greater than 0: the speed of Train A

($SpeedA), the speed of Train B ($SpeedB), and the distance between

the two trains ($Distance). For this problem, you will need the fol-

lowing equations:

$DistanceA = (($SpeedA / $SpeedB) * $Distance) /

(1 + ($SpeedA / $SpeedB));

In the preceding equations, $DistanceA and $DistanceB are the dis-

tances traveled by Trains A and B, respectively; $TimeA and $TimeB

are how long Trains A and B traveled, respectively ($TimeA should

equal $TimeB). If $SpeedA or $SpeedB is allowed to be 0, PHP will

display a “division by zero not allowed” error. Save the document as

TwoTrains.php in the Projects directory for Chapter 4.

Discovery Projects

In the following projects, you will continue to design and develop

the Chinese Zodiac site that you began in Chapter 1. All files

for the Chinese Zodiac site will be saved in a directory named

ChineseZodiac in the base Web folder on the server.

229

The following projects will add interactivity to the Chinese Zodiac

Web page template by displaying alternative content in the dynamic

content section of the index.php file when the user clicks a button or

activates a hyperlink.

Discovery Project 4-1

In your text editor, create new include files with a placeholder for

page content for each of the pages identified by the buttons and text

links. (The inc_home_page.php file has already been created.) The

contents of the pages will be populated in later projects.

Target Page

site_layout

control_

structures

string_functions

web_forms

midterm_

assessment

state_information

user_templates

final_project

Table 4-3

Include Filenames

inc_site_layout.php

inc_control_structures.php

inc_string_functions.php

inc_web_forms.php

inc_midterm_assessment.php

inc_state_information.php

inc_user_templates.php

inc_final_project.php

Pages for Discovery Project 4-1

Page Content

[Insert site layout content here]

[Insert control structure content here]

[Insert string function content here]

[Insert Web forms content here]

[Insert midterm assessment content

here]

[Insert state information content here]

[Insert user template content here]

[Insert final project content here]

Save the files and upload them to the Includes folder in the

ChineseZodiac folder on the server.

Discovery Project 4-2

1.

Reopen the inc_button_nav.php file created in Discovery

Project 2-2. The file is in the Includes folder in the

ChineseZodiac folder. Insert the code to convert the first of

eight button images to hyperlinks that display the destination

Handling User Input

file in the dynamic data section of the Chinese Zodiac Web

page template (index.php).

<a href = "index.php?page=home_page">

<img class="btn" src="Images/ButtonHomePage.gif"

alt="[Home Page]" title="Home Page"style =

"border:0" /></a><br />

230

2.

Continue to add code for the other seven button images

targeting the content to the dynamic data section. Use the

appropriate “Target Page” value from Table 4-3 as the value of

each page parameter.

Save the file and upload it to the Web server.

3.

Discovery Project 4-3

1.

Reopen the inc_text_links.php file created in Discovery

Project 2-2 in your text editor. The file is stored in the

Includes folder in the ChineseZodiac folder. Modify the first

text hyperlink to display the destination file in the dynamic

data section of the Chinese Zodiac Web page template

(index.php), as shown in the following code:

<a href = "index.php?page=home_page">Home Page</a>

2.

Continue including additional code for the other seven hyper-

links in the text links bar, targeting the content to the dynamic

data section. Use the appropriate “Target Page” value from

Table 4-3 as the value of each page parameter.

Save the file and upload it to the Web server.

3.

Discovery Project 4-4

1.

Reopen the index.php file created in Discovery Project 2-2

in your text editor. The file is in the ChineseZodiac folder.

Replace the script section for the dynamic content section of

the Web page template.

if (isset($_GET['page'])) {

switch ($_GET['page']) {

case 'string_functions':

include('Includes/' .

}

231

2.

Save the file and upload it to the ChineseZodiac folder on the

Web server.

Open the index.php page in the Web browser by entering the

following URL: http://<yourserver>/ChineseZodiac/index.php.

Verify that the content of the dynamic content section

changes each time you click a button or activate a text

hyperlink.

Close your Web browser window.

3.

4.

5.

Handling User Input

Discovery Project 4-5

Reopen inc_home_links_bar.php (created in Discovery Project 3-3)

in your text editor and enclose the two labels in <a> tags. The

value for the href attribute of both <a> tags will be index.php,

but each page will have different URL tokens to specify the infor-

mation that should be displayed. You will continue to use the

page URL token to specify the home page by using the value

home_page. Additionally, you will use the section URL token

with different values to determine which of the two versions of

the home page to display: either the one with the PHP informa-

tion (section=php) or the one with the Chinese zodiac informa-

tion (section=zodiac). For the PHP text link, the href value of

the <a> tag should be index.php?page=home_page&section=php.

For the Chinese zodiac text link, the href value of the <a> tag

should be index.php?page=home_page&section=zodiac. Save

inc_home_links_bar.php and upload the file to the Includes folder in

the ChineseZodiac folder on the server.

In your text editor, reopen the inc_home.php document that you

created in Discovery Project 2-2. Replace the placeholder [Insert

home page content here] with a PHP code section that includes

inc_home_links_bar.php at the top of the file.

At the end of the PHP code section, add the following code:

if (isset($_GET['section'])) {

switch ($_GET['section']) {

232

Save the file as inc_home.php and upload it to the Includes folder in

the ChineseZodiac folder on the server.

Open http://<yourserver>/ChineseZodiac/index.php in the browser

and test each button and text hyperlink to verify that the content of

the dynamic data section changes when a button or text link is clicked.

Working with Files

and Directories

In this chapter, you will:

Understand file types and permissions

Work with directories

Upload and download files

Write data to files

Read data from files

Open and close a file stream

Manage files and directories

5

Working with Files and Directories

234

Many programming tasks for a Web site require some form of data

storage. User files need to be uploaded and downloaded. Form data

needs to be saved and retrieved. Online calendars and blogs need to

be updated. One method of performing all of these tasks is through

files stored on the Web server. In this chapter, you will study how to

read, write, and manipulate files.

Understanding File Types

and Permissions

You need to understand two important file concepts before you can

work with files in PHP. The first concept is file types, which affect

how information is stored in files and retrieved from them. The

second concept is file permissions, which determine the actions

that a specific user can and cannot perform on a file.

Understanding File Types

In PHP, you can specify a file as one of two types: binary or text. A

binary file is a series of characters or bytes for which PHP attaches no

special meaning. Any structure to the data is determined by the appli-

cation that reads from or writes to the file. A text file, in contrast, is

assumed to have only printable characters and a small set of control

or formatting characters. The formatting characters are the binary

equivalents of the escape sequences you learned in Chapter 3, and are

listed in Table 5-1.

Escape

Sequence

\t

\r

\v

\f

\n

Meaning

Horizontal tab

Line feed

Vertical tab

Form feed

Carriage return

Decimal

9

10

11

12

13

Byte Value

OctalHexadecimal

011

012

013

014

015

09

0A

0B

0C

0D

Table 5-1

Control characters in a text file

Different operating systems use different escape sequences to identify

the end of a line. UNIX/Linux platforms use the \n carriage return

escape sequence, Macintosh applications usually use the \r line feed

escape sequence, and Windows operating systems use the \n carriage

return escape sequence followed by the \r line feed escape sequence.

The following code shows examples from all three operating systems:

This is how you end a line on UNIX/Linux platforms.\n

This is how you end a line on Windows operating systems.\n\r

This is how you end a line on Macintosh operating

systems.\r

Prior to OS X,

If you do not use the correct end-of-line escape sequence, you may

have problems when working with text files on different platforms.

For example, each name in the following list ends with the \n carriage

return escape sequence, as required for UNIX/Linux operating

systems:

Blair, Dennis\n

Hernandez, Louis\n

Miller, Erica\n

Morinaga, Scott\n

Picard, Raymond\n

235

If you open a text file that contains the preceding lines in the Notepad

text editor on a Windows operating system, the \n characters are not

recognized as end-of-line markers. Instead, all of the separate strings

are displayed as one continuous string, and the font’s “nondisplayable

character” symbol (in this case, a rectangle) is displayed in place of

the \n characters, as shown in Figure 5-1.

Figure 5-1

Displaying a UNIX/Linux text file using Notepad in Windows

For the lines to display correctly in Windows, they must end with the

\n\r escape sequence pair, as follows:

Blair, Dennis\n\r

Hernandez, Louis\n\r

Miller, Erica\n\r

Morinaga, Scott\n\r

Picard, Raymond\n\r

The PHP file functions that you study in this chapter can usually

accommodate any of these escape sequences and end lines in a text

file appropriately, regardless of the operating system. Although the

examples in this book use the \n carriage return escape sequence

that is supported by UNIX/Linux operating systems, the PHP scripts

you write will function correctly on any platform. However, keep in

mind that if you attempt to open a text file that does not contain the

required characters for the current operating system, the line breaks

Working with Files and Directories

may not appear correctly in your text editor. As a general rule, you

should choose the appropriate end-of-line escape sequence for your

Web server.

Working with File Permissions

236

See your

PHP