1 / 11

Web Database Programming

Web Database Programming. Input Validation. User Input on the Web. Web browser built-in mechanisms HTML Forms HTTP POST method Hyperlinks HTTP GET method E.g. http://books.slashdot.org/article.pl?sid=02/06/11/2027240&tid=169&tid=6 Browser plug-ins User needs to install plug-in software

april-harrison
Download Presentation

Web Database Programming

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Database Programming Input Validation

  2. User Input on the Web • Web browser built-in mechanisms • HTML Forms • HTTP POST method • Hyperlinks • HTTP GET method • E.g. http://books.slashdot.org/article.pl?sid=02/06/11/2027240&tid=169&tid=6 • Browser plug-ins • User needs to install plug-in software • Difficult for universal deployment • E.g. flash, Java applet

  3. HTML Form • Container for UI controls • E.g. button, checkbox, etc. • Action: the URL of a program on the Web server that will receive the form data • E.g. PHP, CGI program, JSP, ASP, etc. • Method: the manner form data are sent over • “POST” or “GET” <FORM action="http://domain.name/program" method=“POST"> <!– form controls go here--> </FORM>

  4. INPUT controls • type attribute • test, password, checkbox, radio, submit, reset, button, hidden • name attribute • value attribute • onclick • Can specify some Javascript code here • E.g. for client-side validation Name: <INPUT type="text" name=“username"><BR>Email: <INPUT type="text" name="email"><BR> <INPUT type="radio" name="sex" value="Male"> Male<BR> <INPUT type="radio" name="sex" value="Female"> Female<BR> <INPUT type="submit" value="Send"> <INPUT type="reset">

  5. SELECT control • Create a menu • Must contain OPTION controls • Can select multiple items <SELECT multiple size=“2" name=“choices"> <OPTION selected value=“apple">Apple</OPTION> <OPTION selected value=“orange">Orange</OPTION> <OPTION>Banana</OPTION> <OPTION>Cherry</OPTION> <OPTION>Pear</OPTION> <OPTION>Grape</OPTION></SELECT>

  6. More Controls • More INPUT types • TEXTAREA • BUTTON • Check HTML documentation

  7. PHP form data processing • Data user entered are sent to PHP program specified by Action attribute • Method: POST, or GET (data append to URL) • In that PHP program, a data array is then automatically created • $_POST, or $_GET • Data of individual control can be accessed with the name of the control as key • E.g. $_POST[“username”]

  8. Input Validation • Validate HTML form input from users • Error: user input do not match the expected input • E.g. expect zip code, user input street name Finding Errors Report Error User correct errors

  9. Types of Input Validation • Server-side validation • Validation is done by the server • E.g. with PHP • More thorough, can check with data • E.g. credit card • Client-side validation • Validation is done by the browser • E.g. with Javascript • More interactive, reduce network load

  10. Validation Strategy • Validate field by field • Immediate stop and report error is one is found • Batch Validation • Continue to validate until all errors found • Report all errors at once

  11. Batch Validation with PHP • See http://www.albany.edu/~hy973732/courses/RISP566/Input.html

More Related