Extends from the last chapter , This chapter takes a look at some real-world problems that can occur as you move your application

from testing to a live website, Through this chapter you will learn more important PHP and SQL code.

First Problem : Its never safe to assume a web form will be used exactly the way it was intended.

        SO try and head off these kinds of problems by anticipating that some users will misuse your forms.

So the form is in need of validation, which is the process of checking to make sure form data is OK before doing anything with it.

 Validation means making the data you get is the data you expect . 

Just a tip here: you can also validating data on the client by JavaScript. But the server is the last line of defense for catching bad form data,

So server-side validation can't be ignored even if you have checked the data on the client-side.

Above the last project, we should add some code to sendemail.php that examines the values in the text boxes and checks to make

sure they aren't empty. If everything checks out OK, the script sends out the emails.

A form that references itself. An HTML form that is part of the PHP script that process it is known as self-referencing.(自引用表格,表格会提交到自身)

When a form is smart enough to remember data entered into it in prior submissions, its know as a sticky form, data sticks to it!

you can make the sendemail.php a self-referencing form like this :

<form action="sendemail.php" method="post">

or you can do it like this :

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

superglobal variable $_SERVER['PHP_SELF'], which stores the name of the current script. You can replace the script URL in the form action to

$_SERVER['PHP_SELF'], and not ever have to worry about updating anything if you ever need to rename the script.

To make the form Validation and Sticky , you can edit the sendemail.php like this :

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

 <head>

   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

   <title>Make Me Elvis - Send Email</title>

   <link rel="stylesheet" type="text/css" href="style.css" />

 </head>

 <body>

   <img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />

   <img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />

   <p><strong>Private:</strong> For Elmer's use ONLY<br />

   Write and send an email to mailing list members.</p>

 <?php

   if (isset($_POST['submit'])) {

     $from = 'elmer@makemeelvis.com';

     $subject = $_POST['subject'];

     $text = $_POST['elvismail'];

     $output_form = false;

     if (empty($subject) && empty($text)) {

       // We know both $subject AND $text are blank

       echo 'You forgot the email subject and body text.<br />';

       $output_form = true;

     }

     if (empty($subject) && (!empty($text))) {

       echo 'You forgot the email subject.<br />';

       $output_form = true;

     }

     if ((!empty($subject)) && empty($text)) {

       echo 'You forgot the email body text.<br />';

       $output_form = true;

     }

   }

   else {

     $output_form = true;

   }

   if ((!empty($subject)) && (!empty($text))) {

     $dbc = mysqli_connect("localhost","root","root","elvis_store")

     or die("Error connectiong to MySQL");

     echo "Connecting success! </br>";

     $query = "SELECT * FROM email_list";

     $result = mysqli_query($dbc, $query)

     or die("Error querying database!");

     echo "Quering success! </br>";

     while( $row = mysqli_fetch_array($result) ) {

       $first_name = $row['first_name'];

       $last_name = $row['last_name'];

       $to = $row['email'];

       $msg = "Dear $first_name $last_name, \n $text";

       mail($to, $subject, $msg, 'From: '.$from );

       echo 'Emai sent to :'.$to. "<br/>";

     }

     mysqli_close($dbc);

   }

   if ($output_form) {

 ?>

   <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

     <label for="subject">Subject of email:</label><br />

     <input id="subject" name="subject" type="text" value="<?php echo $subject; ?>" size="30" /><br />

     <label for="elvismail">Body of email:</label><br />

     <textarea id="elvismail" name="elvismail" rows="8" cols="40"><?php echo $text; ?></textarea><br />

     <input type="submit" name="submit" value="Submit" />

   </form>

 <?php

   }

 ?>

 </body>

 </html>

Next we should the alter the table to make table rows should be uniquely identifialbe.

SQL has a command that lets you make changes to an existing table without losing any data.

ALTER TABLE table_name ADD column_name column_type

you can use it like this :

ALTER TABLE email_list ADD id INT NOT NULL AUTO_INCREMENT FIRST,

ADD PRIMARY KEY(id)  #this little chunk of code tells MySQL that new id column is the primary key for the table, you can learn more detail here

After you have changed the database, you should also add validation to the addemail.php just like what we did before:

<?

/**

 * Created by IntelliJ IDEA.

 * User: beyond_acm

 * Date: 9/1/2015

 * Time: 9:58 AM

 */

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>Make Me Elvis - Add Email</title>

    <link rel="stylesheet" type="text/css" href="style.css" />

</head>

<body>

<img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />

<img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />

<p>Enter your first name, last name, and email to be added to the <strong>Make Me Elvis</strong> mailing list.</p>

<?php

    if( isset($_POST['submit']) ) {

        // if submit the form

        $first_name = $_POST['firstname'];

        $last_name = $_POST['lastname'];

        $email = $_POST['email'];

        $output_form = 'no';

        //TODO the validation

        if (empty($first_name) || empty($last_name) || empty($email)) {

            // We know at least one of the input fields is blank

            echo 'Please fill out all of the email information.<br />';

            $output_form = 'yes';

        }

    } else {

        $output_form = 'yes';

    }

    //If the form is validate, then todo insert the data into the database

    if (!empty($first_name) && !empty($last_name) && !empty($email)) {

        $dbc = mysqli_connect('localhost', 'root', 'root', 'elvis_store')

        or die('Error connecting to MySQL server.');

        $query = "INSERT INTO email_list (first_name, last_name, email)  VALUES ('$first_name', '$last_name', '$email')";

        mysqli_query($dbc, $query)

        or die ('Data not inserted.');

        echo 'Customer added.';

        mysqli_close($dbc);

    }

    if ($output_form == 'yes') {

?>

    <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

        <label for="firstname">First name:</label>

        <input type="text" id="firstname" name="firstname" /><br />

        <label for="lastname">Last name:</label>

        <input type="text" id="lastname" name="lastname" /><br />

        <label for="email">Email:</label>

        <input type="text" id="email" name="email" /><br />

        <input type="submit" name="submit" value="Submit" />

    </form>

<?php

    }

?>

</body>

</html>

Last we should add a removeemail.php to delete users from the table, the removeemail.php is as followed :

<?

/**

 * Created by IntelliJ IDEA.

 * User: Administrator

 * Date: 9/1/2015

 * Time: 10:29 AM

 */

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>Make Me Elvis - Remove Email</title>

    <link rel="stylesheet" type="text/css" href="style.css" />

</head>

<body>

    <img src="blankface.jpg" width="161" height="350" alt="" style="float:right" />

    <img name="elvislogo" src="elvislogo.gif" width="229" height="32" border="0" alt="Make Me Elvis" />

    <p>Please select the email addresses to delete from the email list and click Remove.</p>

    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

        <?php

            $dbc = mysqli_connect('localhost', 'root', 'root', 'elvis_store')

                        or die('Error connecting to MySQL server');

            //Delete the customer rows (only if the form has been submitted)

            if( isset($_POST['submit']) ) {

                foreach( $_POST['todelete'] as $delete_id ) {

                    $query = "DELETE FROM email_list WHERE id = $delete_id";

                    mysqli_query($dbc, $query)

                        or die('Error quering database');

                }

                echo 'Customer(s) removed. </br>';

            }

            //Display the customer rows with checkboxed for deleting

            $query = "SELECT * FROM email_list";

            $result = mysqli_query($dbc, $query);

            while( $row = mysqli_fetch_array($result) ) {

                echo '<input type="checkbox" value=' .$row['id']. ' name="todelete[]" />';

                echo $row['first_name'];

                echo ' '.$row['last_name'];

                echo ' '.$row['email'];

                echo '</br>';

            }

            mysqli_close($dbc);

        ?>

        <input type="submit" name="submit" value="Remove">

    </form>

</body>

</html>

if you get it right, you should see some pages as follows :

Now you can delete the registerd user stored in the database, Cool you have finished a real webapp.

#2 create and populate a database && realistic and practical applications (PART 2)的更多相关文章

  1. #2 create and populate a database && realistic and practical applications

    The Chapter3 & Chapter4 of this book tells you how to create a realistic app on the web through ...

  2. Create a SQL Server Database on a network shared drive

    (原文地址:http://blogs.msdn.com/b/varund/archive/2010/09/02/create-a-sql-server-database-on-a-network-sh ...

  3. [转]How to: Create a Report Server Database (Reporting Services Configuration)

    本文转自:https://docs.microsoft.com/en-us/previous-versions/sql/sql-server-2008-r2/ms157300%28v%3dsql.10 ...

  4. Create an Azure SQL database in the Azure portal

    Create a SQL database An Azure SQL database is created with a defined set of compute and storage res ...

  5. [Windows Azure] How to Create and Configure SQL Database

    How to Create and Configure SQL Database In this topic, you'll step through logical server creation ...

  6. HiveSQLException: Error while compiling statement: No privilege 'Create' found for outputs { database:default }

    今天用Hive的JDBC实例时出现了HiveSQLException: Error while compiling statement: No privilege 'Create' found for ...

  7. [odb-users] Create schema error (unknown database schema '')

    Boris Kolpackov boris at codesynthesis.comFri May 31 11:13:02 EDT 2013 Previous message: [odb-users] ...

  8. [置顶] How to create Oracle 11g R2 database manually in ASM?

    Step 1: Specify an Instance Identifier (SID) export ORACLE_SID=maomi Step 2: Ensure That the Require ...

  9. Create schema error (unknown database schema '')

    Andrey Devyatka 4 years ago Permalink Raw Message Hi,Please tell me, can I use the static library in ...

随机推荐

  1. Oracle同义词。。。

    同义词 --私有同义词--私有同义词权限grant create synonym to scott;--创建私有同义词create synonym dp for scott.dept;--将查询dep ...

  2. Struts2 源码分析-----Hello world

    今天第一天学习struts2,没学过怎么办,那当然是helloworld.感觉嘛,学习的基本流程都差不多,就是helloworld,开发环境,然后就是逐个按照知识点打demo,打着打着你就会发现str ...

  3. 海海DRM视频保护解密流程分析

    环境及工具 手机    :小米手机 MI 2A 系统版本: Android 4.1.1 工具    : IDA pro 6.6 .C32Asm .VS2005 一:第一次打开加密视频会出现如下验证: ...

  4. Keymob带你玩转新广告法下的移动营销

    2015年9月1日新广告法正式实施,对广告代言人.广告类别.广告语等都做了一系列新规定,堪称有史以来最严广告法.随着新广告法的实施,以往一些庸俗.夸张的广告也逐渐和大众说再见了. 2015年 “互联网 ...

  5. JSON.parse() 和 JSON.stringify()的简单介绍

    参考地址: https://developer.mozilla.org/zh-CN/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse ht ...

  6. python之__init__使用方法

    定义类的时候,若是添加__init__方法,那么在创建类的实例的时候,实例会自动调用这个方法,一般用来对实例的属性进行初使化.比如:class testClass: def __init__(self ...

  7. LeetCode Valid Parentheses 有效括号

    class Solution { public: void push(char c){ //插入结点 struct node *n=new struct node; n->nex=; n-> ...

  8. linux 命令——6 rmdir(转)

    今天学习一下linux中命令: rmdir命令.rmdir是常用的命令,该命令的功能是删除空目录,一个目录被删除之前必须是空的.(注意,rm - r dir命令可代替rmdir,但是有很大危险性.)删 ...

  9. IOS plist的数据 存 取(沙河目录)

    应用沙盒目录的常见获取方式 沙盒根目录:NSString *home = NSHomeDirectory(); Documents:(2种方式) 1.利用沙盒根目录拼接”Documents”字符串 N ...

  10. 如何修改集群的公网信息(包括 VIP) (文档 ID 1674442.1)

    适用于: Oracle Database - Enterprise Edition - 版本 11.2.0.3 到 12.1.0.2 [发行版 11.2 到 12.1]本文档所含信息适用于所有平台 用 ...