PHP Tutorial – Lesson 3: Introduction to PHP – Part III

PHP and HTML
•          At beginning of our php tutorial, we said that php can embed any language inside it such as html, and it might work like (CGI).
•          Now, we are going to work with graphical user interface (GUI).
•          Hope you’ll enjoy your time while working with something great, useful, and simple.
One of the most important things, that makes user like your site, and come back again, the design of your site. It is not a secret, when I tell you that all php web applications depends completely on html and some JavaScript, that makes your site active, and finally, some CSS styles.
<?php
echo ‘<font style=“font-size:15px; font-family:arial; color:#000066; font-weight:bold;”>Welcome to my site</font>’;
?>
•          When writing php code that embeds other scripting language, hope you follow these rules.
•          When you embed non-php script with php, we deal with non-php script as a string.
•          So we might store the code with a variable, and use it as needed, or echo it directly.
•          PHP strings are enclosed within single or double quotes. If your string enclosed within single quotes, then you can use double quotes inside your string, and vice versa. Single quotes are container for double quotes. And so double quotes are container for single quotes.
Forms
<?php
// Login form
// Programmer Anas Jaghoub
// Created on 12/oct/2009
// loginForm.php
$loginForm = ‘<form name=“login” method=“post” action=“authenticate.php”>
Username: <input type=“text” name=“username”><br>
Password: <input type=“password” name=“password”> <br>
<input type=“submit” value=“Sign in”>  <input type=“reset” value=“Reset”>
</form>’;
echo $loginForm;
?>
<?php
// authenticate username and password
// programmer Anas Jaghoub
// created on 12/oct/2009
// authenticate.php
$username = $_POST[‘username’];
$password = $_POST[‘password’];
if( ($username == “anas”) && ($password==“123456”) )
{
// authentication true
// he is a user not a guest
echo “Logged in successfully<Br>”;
$expiration = time() + 60*15 ; // make user logged for only 15 minutes.
setcookie(“user”,”$username”,$expiration);
}
else
{
// authentication false
echo “authentication failed. Please check that you entered the correct username and password”;
echo “<a href=loginForm.php>Try again</a>”;
}
?>
Notes on loginForm.php script:
•          We made a form using html form tag. Then stored it in a variable called $loginForm.
•          Please note that you can design your form as you like, but follow the same rule of single and double quotes.
•          Our form method is post. What does it mean? It means how to send our form data. In fact you can use two methods which are post and get. Each method has properties and advantages.
•          Post method: sends your form data to the destination, without propagating it with the URL, this way give it an advantage of security. So your credentials will not be seen in the history of visited sites. Another advantage it is unlimited. So by using post method, you can send as big as needed data, without facing limited size issues.
•          On the other hand, GET method, sends your form data propagated with the URL for the destination,  and has limit size.
•          We might use GET method when getting information from user, and there is no scare of showing the data to any user. For example getting an article from database.
•          When using get method then data will be sent to the destination like this: yourdomain.com/loginForm.php?username=“value of username field” & password=“value of password field”. So it should not be used with sensitive information. Nevertheless, it has an advantage of ability to bookmark.
•          When using post method data is not propagated with URL, yourdomain.com/loginForm.php
Notes on authenticate.php script:
•          This script supposes that username correct value is “anas” and password correct value is “123456”.
•          PHP offers three built-in arrays that deals with form data. $_POST[], $_GET[], and $_REQUEST[].
•          $_POST is used when form method is post.
•          $_GET is used when form method is get.
•          Finally, $_REQUEST is used in both post and get methods.
•          Enhancement for loginForm.php script:
•          As you noticed from the script. It will show login form for all users and guests. When a user enters his username and password correctly, he doesn’t have to enter it again, as long as the cookie file created in the authenticate.php has not expired. So we want to check if the visitor of the page is a user or a guest, by checking for the cookie file is set or not.
<?php
// Login form
// Programmer Anas Jaghoub
// Created on 12/oct/2009
// last modified in 12/oct/2009
// loginForm.php
$loginForm = ‘<form name=“login” method=“post” action=“authenticate.php”>
Username: <input type=“text” name=“username”><br>
Password: <input type=“password” name=“password”> <br>
<input type=“submit” value=“Sign in”>  <input type=“reset” value=“Reset”>
</form>’;
If(isset($_COOKIE[‘user’])) echo “Welcome “. $_COOKIE[‘user’].”<Br>”;
else echo $loginForm;
?>
Notes:
•          All what we did in our script, is checking for a cookie file called user, if this cookie file is set. Then he is a user and he might has more privileges, Remember that we set the cookie user after we checked that he has correct username and password.
•          Remember, function isset returns true or false depending on the parameter. In our case we’ll check that $_COOKIE[‘user’] has a value or is null, if it has a value, then expiration date has not been reached. else then maybe expiration time reached and cookie has been deleted, or given data from guest is not correct.
End of Lesson 3, To download this lesson as PDF file click here: PHP Tutorial – Lesson 3: Introduction to PHP – Part III
Best Wishes,
Anas Jaghoub
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s