Anne Lee, profile picture
Uploaded byAnne Lee
PPT, PDF6,663 views

Php forms

The document discusses PHP forms and includes the following key points: 1. Forms can submit data via GET and POST methods, with GET appending data to the URL and POST transmitting data hiddenly. Both methods store data in superglobal arrays ($_GET and $_POST). 2. Form validation ensures required fields are filled and data meets specified criteria. Common validations check for required fields, valid email addresses, URLs, and more. 3. HTML form elements like text fields, textareas, radio buttons, drop-downs are used to collect user input. PHP processes submitted data and can validate required fields are not empty.

Embed presentation

Downloaded 385 times
PHP Forms  GET and POST Method  Form Validation  Form Required Fields
*Property of STI K0032 GET and POST Method A form data can be submitted using POST and GET method Both are used for same purpose but stand apart for some specifications GET and POST create an array which holds key/value pairs, where keys are the name of the form controls and values are the input data by the user
*Property of STI K0032 GET and POST Method Both GET and POST method are treated as $_GET and $_POST in PHP These methods are superglobals, which means that they are always accessible, and they can be accessed using any function, class or file The $_GET method is an associative array of variables passed to the current script via the URL parameters
*Property of STI K0032 GET and POST Method The $_POST method is an array of variables passed to the current script via the HTTP POST method In this method the information is transferred in a hidden manner A form that submits information is appended to the URL in the form of Query String which consists of name = value pairs in URL known as URL Encoding
*Property of STI K0032 GET and POST Method This string contains user values/data, which are joined using equal (=) signs, separated by ampersand (&), and spaces are removed and replaced with plus (+) sign Name1=value1&name2=value2&name3=value3
*Property of STI K0032 Get Method  http:/.www.example.com/index.html? name=mel@email.com&contact=09176543210  The code below is a client-side HTML form using method=“get” for user to fill the information
*Property of STI K0032 Get Method  The code below is the server-side PHP script where, $_GET associative array is used to receive sent information from server end
*Property of STI K0032 Post Method <form action="#" method="post"> .... </form> Below is a server-side PHP script where $_POST associative array is used to receive sent information at server end
*Property of STI K0032 Form validation
*Property of STI K0032 Form validation The form shown in Figure 6.1 consists of the following elements:  Name (required field - must contain letters and whitespaces)  E-mail (required field - must contain valid email address)  Website (optional field - if present, must contain valid website URL)  Comments (optional field - a multi-line text field)  Gender (required field - must select a radio button )
*Property of STI K0032 Form Elements The Name, E-mail, Website are input elements Input elements, in particular, used text and submit values for its types attribute in order to create text fields and buttons The HTML code:
*Property of STI K0032 Form Elements Radio button shows several options to the users from which the user may select one HTML Code:
*Property of STI K0032 Form Elements The text area is typically a large text field with multiple rows The textarea element has three attributes – name, rows, and cols attribute HTML code:
*Property of STI K0032 Form Elements  list element offers options from which the user might choose. A list can be created using the select element, within which is nested option elements for each option to appear  The select element has a name attribute giving the name for the browser to use when identifying the selection when the form is submitted  The option element has a value attribute for specifying what value to send when that option is selected, and it has a select attribute which allows the HTML to specify which option is initially selected. The code
*Property of STI K0032 Form Elements  HTML Code:
*Property of STI K0032 Form Element  The HTML code of the form element:  when the form is submitted, the form data is sent with method=”post”  So, the $_SERVER["PHP_SELF"] sends the submitted forms data to the page itself, instead of jumping to a different page
*Property of STI K0032 Form Element  The $_SERVER["PHP_SELF"] is a super global variable that returns the filename of the currently executing script  Htmlspecialchars() function converts special characters to HTML entities  Cross-site scripting (XSS) is a type of computer security vulnerability typically found inWeb application
*Property of STI K0032 Form Element  Example: test_form.php  if a user enters the normal URL in the address bar like "http://www.example.com/test_form.php", the above code will be translated to:
*Property of STI K0032 Form Element  consider that if a user enters the following URL in the address bar: http://www.example.com/test_form.php/%22%3E %3Cscript%3Ealert('hacked')%3C/script%3E  will be translated to:
*Property of STI K0032 Form Element be aware that any JavaScript code can be added inside the <script> tag A hacker can redirect the user to a file on another server, and that file can hold malicious code that can alter the global variables or submit the form to another address to save the user’s data
*Property of STI K0032 how to avoid $_SERVER[“PHP_SELF”] exploit? The $_SERVER[“PHP_SELF”] exploit can be avoided using the htmlspecialchars() function if the user tries to exploit the PHP_SELF variable, it will result:
*Property of STI K0032 Validate Form Data with PHP  The very first thing to do to validate form data with PHP is to pass all variables through PHP’s htmlspecialchars() function  For example:  With htmlspecialchars() function it would not be executed, because it would be saved as HTML escaped code like this:
*Property of STI K0032 test_input()
*Property of STI K0032 Form Required Fields  In the previous slide, all input fields were optional, meaning no required fields to be filled in by the user  Here is a simple PHP script that checks the name for empty input and throws an error message if the input is empty:
*Property of STI K0032 Form Required Fields To display the error message in the HTML form (this will be generated if the user tries to submit the form without filling in the required fields) use the code below:

More Related Content

PPTX
Form Handling using PHP
byNisa Soomro
 
PDF
Php introduction
bykrishnapriya Tadepalli
 
PDF
Php Tutorials for Beginners
byVineet Kumar Saini
 
PDF
Chap 4 PHP.pdf
byHASENSEID
 
PPTX
Sessions in php
byMudasir Syed
 
PPTX
PHP Presentation
byJIGAR MAKHIJA
 
PPT
PHP complete reference with database concepts for beginners
byMohammed Mushtaq Ahmed
 
PPT
Class and Objects in PHP
byRamasubbu .P
 
Form Handling using PHP
byNisa Soomro
 
Php introduction
bykrishnapriya Tadepalli
 
Php Tutorials for Beginners
byVineet Kumar Saini
 
Chap 4 PHP.pdf
byHASENSEID
 
Sessions in php
byMudasir Syed
 
PHP Presentation
byJIGAR MAKHIJA
 
PHP complete reference with database concepts for beginners
byMohammed Mushtaq Ahmed
 
Class and Objects in PHP
byRamasubbu .P
 

What's hot

PPTX
Introduction to php
byTaha Malampatti
 
PPT
PHP - Introduction to PHP Forms
byVibrant Technologies & Computers
 
PPTX
Php.ppt
byNidhi mishra
 
PPT
Php mysql ppt
byKarmatechnologies Pvt. Ltd.
 
PPT
Php with MYSQL Database
byComputer Hardware & Trouble shooting
 
PPTX
Event In JavaScript
byShahDhruv21
 
PPTX
Dynamic HTML (DHTML)
byHimanshu Kumar
 
PPTX
php
byajeetjhajharia
 
PPTX
PHP Cookies and Sessions
byNisa Soomro
 
PDF
javascript objects
byVijay Kalyan
 
PPTX
PHP Form Validation Technique
byMorshedul Arefin
 
PPT
Oops concepts in php
byCPD INDIA
 
PPT
PHP - Introduction to PHP AJAX
byVibrant Technologies & Computers
 
PDF
Html text and formatting
byeShikshak
 
PPT
Active Server Page(ASP)
byKeshab Nath
 
PPTX
HTML Text formatting tags
byHimanshu Pathak
 
PDF
Operators in PHP
byVineet Kumar Saini
 
PPTX
Dhtml ppt (2)
byRai Saheb Bhanwar Singh College Nasrullaganj
 
PPT
JavaScript & Dom Manipulation
byMohammed Arif
 
PPT
Database programming
byShree M.L.Kakadiya MCA mahila college, Amreli
 
Introduction to php
byTaha Malampatti
 
PHP - Introduction to PHP Forms
byVibrant Technologies & Computers
 
Php.ppt
byNidhi mishra
 
Php mysql ppt
byKarmatechnologies Pvt. Ltd.
 
Php with MYSQL Database
byComputer Hardware & Trouble shooting
 
Event In JavaScript
byShahDhruv21
 
Dynamic HTML (DHTML)
byHimanshu Kumar
 
php
byajeetjhajharia
 
PHP Cookies and Sessions
byNisa Soomro
 
javascript objects
byVijay Kalyan
 
PHP Form Validation Technique
byMorshedul Arefin
 
Oops concepts in php
byCPD INDIA
 
PHP - Introduction to PHP AJAX
byVibrant Technologies & Computers
 
Html text and formatting
byeShikshak
 
Active Server Page(ASP)
byKeshab Nath
 
HTML Text formatting tags
byHimanshu Pathak
 
Operators in PHP
byVineet Kumar Saini
 
Dhtml ppt (2)
byRai Saheb Bhanwar Singh College Nasrullaganj
 
JavaScript & Dom Manipulation
byMohammed Arif
 
Database programming
byShree M.L.Kakadiya MCA mahila college, Amreli
 

Viewers also liked

DOCX
Php forms and validations by naveen kumar veligeti
byNaveen Kumar Veligeti
 
PPT
Chapter 07 php forms handling
byDhani Ahmad
 
PPTX
Get method and post method
bybaabtra.com - No. 1 supplier of quality freshers
 
PPT
MySql slides (ppt)
bywebhostingguy
 
PPT
Using arrays with PHP for forms and storing information
byNicole Ryan
 
PPTX
Get and post methods
bybaabtra.com - No. 1 supplier of quality freshers
 
PDF
Login and Registration form using oop in php
byherat university
 
ODP
Form Processing In Php
byHarit Kothari
 
DOC
Creating a Simple PHP and MySQL-Based Login System
byAzharul Haque Shohan
 
PPTX
Ns3
byRehmat Ullah
 
PDF
Making web forms using php
bykrishnapriya Tadepalli
 
PDF
Forms and Databases in PHP
byMike Crabb
 
PDF
03 the htm_lforms
byIIUM
 
PDF
PHP Making Web Forms
bykrishnapriya Tadepalli
 
PPTX
Php Form
bylotlot
 
DOCX
Script login form php
byHanief Rpl
 
PPTX
3 php forms
byhello8421
 
PPT
Geek Austin PHP Class - Session 4
byjimbojsb
 
PDF
Deliver Files With PHP
byThomas Weinert
 
DOC
S.G.Balaji Resume
byBalaji Sg
 
Php forms and validations by naveen kumar veligeti
byNaveen Kumar Veligeti
 
Chapter 07 php forms handling
byDhani Ahmad
 
Get method and post method
bybaabtra.com - No. 1 supplier of quality freshers
 
MySql slides (ppt)
bywebhostingguy
 
Using arrays with PHP for forms and storing information
byNicole Ryan
 
Get and post methods
bybaabtra.com - No. 1 supplier of quality freshers
 
Login and Registration form using oop in php
byherat university
 
Form Processing In Php
byHarit Kothari
 
Creating a Simple PHP and MySQL-Based Login System
byAzharul Haque Shohan
 
Ns3
byRehmat Ullah
 
Making web forms using php
bykrishnapriya Tadepalli
 
Forms and Databases in PHP
byMike Crabb
 
03 the htm_lforms
byIIUM
 
PHP Making Web Forms
bykrishnapriya Tadepalli
 
Php Form
bylotlot
 
Script login form php
byHanief Rpl
 
3 php forms
byhello8421
 
Geek Austin PHP Class - Session 4
byjimbojsb
 
Deliver Files With PHP
byThomas Weinert
 
S.G.Balaji Resume
byBalaji Sg
 

Similar to Php forms

PPT
Html forms
byM Vishnuvardhan Reddy
 
PPTX
Php and web forms
bysana mateen
 
PPTX
Working with data.pptx
bySherinRappai
 
PPTX
forms.pptx
byasmabagersh
 
PPTX
2-Chapter Edit.pptx debret tabour university
byalemunuruhak9
 
PPTX
phpinformationtechnologyphpcodingtopic.pptx
byjorossmanzano
 
PPT
Handling User Input and Processing Form Data
byNicole Ryan
 
PPTX
5. Formshcfsjhfajkjsfjsjfjksafjsfjkjfhjsafjsajkgfjskafkjas.pptx
byberihun18
 
PPTX
Web Techniques like Cookies and Sessions
bySonaliAbhang
 
PDF
web2_lec6.pdf
byssuser893014
 
PPT
Lecture7 form processing by okello erick
byokelloerick
 
PPTX
HNDIT1022 Week 03 Part 2 Theory information.pptx
byIsuriUmayangana
 
PDF
Form handling in php
byFahad Khan
 
PPTX
PHP Form Handling
byAchchuthan Yogarajah
 
PPTX
PHP Forms PHP 05
bymohamedsaad24
 
PDF
Send, pass, get variables with php, form, html & java script code
byNoushadur Shoukhin
 
PPTX
Unit - III.pptxbgffhjxfjdfjfgjnsnsnshdhsjsksjsjsjsjsjsjsjsjsldksk
bycpbloger553
 
PPT
Web forms and html lecture Number 4
byMudasir Syed
 
PPTX
Web Application Development using PHP Chapter 5
byMohd Harris Ahmad Jaal
 
PDF
Web app development_php_07
byHassen Poreya
 
Html forms
byM Vishnuvardhan Reddy
 
Php and web forms
bysana mateen
 
Working with data.pptx
bySherinRappai
 
forms.pptx
byasmabagersh
 
2-Chapter Edit.pptx debret tabour university
byalemunuruhak9
 
phpinformationtechnologyphpcodingtopic.pptx
byjorossmanzano
 
Handling User Input and Processing Form Data
byNicole Ryan
 
5. Formshcfsjhfajkjsfjsjfjksafjsfjkjfhjsafjsajkgfjskafkjas.pptx
byberihun18
 
Web Techniques like Cookies and Sessions
bySonaliAbhang
 
web2_lec6.pdf
byssuser893014
 
Lecture7 form processing by okello erick
byokelloerick
 
HNDIT1022 Week 03 Part 2 Theory information.pptx
byIsuriUmayangana
 
Form handling in php
byFahad Khan
 
PHP Form Handling
byAchchuthan Yogarajah
 
PHP Forms PHP 05
bymohamedsaad24
 
Send, pass, get variables with php, form, html & java script code
byNoushadur Shoukhin
 
Unit - III.pptxbgffhjxfjdfjfgjnsnsnshdhsjsksjsjsjsjsjsjsjsjsldksk
bycpbloger553
 
Web forms and html lecture Number 4
byMudasir Syed
 
Web Application Development using PHP Chapter 5
byMohd Harris Ahmad Jaal
 
Web app development_php_07
byHassen Poreya
 

More from Anne Lee

PDF
Database backup and recovery
byAnne Lee
 
PDF
01 laboratory exercise 1 - DESIGN A SIMPLE DATABASE APPLICATION
byAnne Lee
 
PDF
Database Security Slide Handout
byAnne Lee
 
PDF
Database monitoring and performance management
byAnne Lee
 
PDF
transportation and assignment models
byAnne Lee
 
PDF
02 laboratory exercise 1 - RETRIEVING DATA FROM SEVERAL TABLES
byAnne Lee
 
PDF
Wk 13 ses 35 37 makrong kasanayan sa pagsasalita
byAnne Lee
 
PDF
Wk 16 ses 43 45 makrong kasanayan sa pagsusulat
byAnne Lee
 
PDF
Wk 15 ses 40 42 makrong kasanayan sa pagbabasa
byAnne Lee
 
PDF
Wk 12 ses 32 34 makrong kasanayan sa pakikinig
byAnne Lee
 
PDF
Wk 11 ses 29 31 konseptong pangkomunikasyon - FILIPINO 1
byAnne Lee
 
PDF
07 ohp slides 1 - INDEXES
byAnne Lee
 
PDF
Database Security - IG
byAnne Lee
 
PDF
03 laboratory exercise 1 - WORKING WITH CTE
byAnne Lee
 
PDF
Data warehousing
byAnne Lee
 
PDF
Database Security Handout
byAnne Lee
 
PDF
Data mining
byAnne Lee
 
PDF
07 ohp slide handout 1 - INDEXES
byAnne Lee
 
PDF
Week 17 slides 1 7 multidimensional, parallel, and distributed database
byAnne Lee
 
DOCX
Indexes - INSTRUCTOR'S GUIDE
byAnne Lee
 
Database backup and recovery
byAnne Lee
 
01 laboratory exercise 1 - DESIGN A SIMPLE DATABASE APPLICATION
byAnne Lee
 
Database Security Slide Handout
byAnne Lee
 
Database monitoring and performance management
byAnne Lee
 
transportation and assignment models
byAnne Lee
 
02 laboratory exercise 1 - RETRIEVING DATA FROM SEVERAL TABLES
byAnne Lee
 
Wk 13 ses 35 37 makrong kasanayan sa pagsasalita
byAnne Lee
 
Wk 16 ses 43 45 makrong kasanayan sa pagsusulat
byAnne Lee
 
Wk 15 ses 40 42 makrong kasanayan sa pagbabasa
byAnne Lee
 
Wk 12 ses 32 34 makrong kasanayan sa pakikinig
byAnne Lee
 
Wk 11 ses 29 31 konseptong pangkomunikasyon - FILIPINO 1
byAnne Lee
 
07 ohp slides 1 - INDEXES
byAnne Lee
 
Database Security - IG
byAnne Lee
 
03 laboratory exercise 1 - WORKING WITH CTE
byAnne Lee
 
Data warehousing
byAnne Lee
 
Database Security Handout
byAnne Lee
 
Data mining
byAnne Lee
 
07 ohp slide handout 1 - INDEXES
byAnne Lee
 
Week 17 slides 1 7 multidimensional, parallel, and distributed database
byAnne Lee
 
Indexes - INSTRUCTOR'S GUIDE
byAnne Lee
 

Recently uploaded

PDF
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
PPT
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
PDF
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
PDF
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
PPTX
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
PPTX
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
PDF
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
PDF
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
PDF
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
PPTX
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
PPTX
evolution of internet (internet journey)
byyamunadevi49
 
PPTX
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
PPTX
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
PPTX
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
PPTX
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
evolution of internet (internet journey)
byyamunadevi49
 
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 

Php forms

  • 1.
    PHP Forms  GETand POST Method  Form Validation  Form Required Fields
  • 2.
    *Property of STIK0032 GET and POST Method A form data can be submitted using POST and GET method Both are used for same purpose but stand apart for some specifications GET and POST create an array which holds key/value pairs, where keys are the name of the form controls and values are the input data by the user
  • 3.
    *Property of STIK0032 GET and POST Method Both GET and POST method are treated as $_GET and $_POST in PHP These methods are superglobals, which means that they are always accessible, and they can be accessed using any function, class or file The $_GET method is an associative array of variables passed to the current script via the URL parameters
  • 4.
    *Property of STIK0032 GET and POST Method The $_POST method is an array of variables passed to the current script via the HTTP POST method In this method the information is transferred in a hidden manner A form that submits information is appended to the URL in the form of Query String which consists of name = value pairs in URL known as URL Encoding
  • 5.
    *Property of STIK0032 GET and POST Method This string contains user values/data, which are joined using equal (=) signs, separated by ampersand (&), and spaces are removed and replaced with plus (+) sign Name1=value1&name2=value2&name3=value3
  • 6.
    *Property of STIK0032 Get Method  http:/.www.example.com/index.html? name=mel@email.com&contact=09176543210  The code below is a client-side HTML form using method=“get” for user to fill the information
  • 7.
    *Property of STIK0032 Get Method  The code below is the server-side PHP script where, $_GET associative array is used to receive sent information from server end
  • 8.
    *Property of STIK0032 Post Method <form action="#" method="post"> .... </form> Below is a server-side PHP script where $_POST associative array is used to receive sent information at server end
  • 9.
    *Property of STIK0032 Form validation
  • 10.
    *Property of STIK0032 Form validation The form shown in Figure 6.1 consists of the following elements:  Name (required field - must contain letters and whitespaces)  E-mail (required field - must contain valid email address)  Website (optional field - if present, must contain valid website URL)  Comments (optional field - a multi-line text field)  Gender (required field - must select a radio button )
  • 11.
    *Property of STIK0032 Form Elements The Name, E-mail, Website are input elements Input elements, in particular, used text and submit values for its types attribute in order to create text fields and buttons The HTML code:
  • 12.
    *Property of STIK0032 Form Elements Radio button shows several options to the users from which the user may select one HTML Code:
  • 13.
    *Property of STIK0032 Form Elements The text area is typically a large text field with multiple rows The textarea element has three attributes – name, rows, and cols attribute HTML code:
  • 14.
    *Property of STIK0032 Form Elements  list element offers options from which the user might choose. A list can be created using the select element, within which is nested option elements for each option to appear  The select element has a name attribute giving the name for the browser to use when identifying the selection when the form is submitted  The option element has a value attribute for specifying what value to send when that option is selected, and it has a select attribute which allows the HTML to specify which option is initially selected. The code
  • 15.
    *Property of STIK0032 Form Elements  HTML Code:
  • 16.
    *Property of STIK0032 Form Element  The HTML code of the form element:  when the form is submitted, the form data is sent with method=”post”  So, the $_SERVER["PHP_SELF"] sends the submitted forms data to the page itself, instead of jumping to a different page
  • 17.
    *Property of STIK0032 Form Element  The $_SERVER["PHP_SELF"] is a super global variable that returns the filename of the currently executing script  Htmlspecialchars() function converts special characters to HTML entities  Cross-site scripting (XSS) is a type of computer security vulnerability typically found inWeb application
  • 18.
    *Property of STIK0032 Form Element  Example: test_form.php  if a user enters the normal URL in the address bar like "http://www.example.com/test_form.php", the above code will be translated to:
  • 19.
    *Property of STIK0032 Form Element  consider that if a user enters the following URL in the address bar: http://www.example.com/test_form.php/%22%3E %3Cscript%3Ealert('hacked')%3C/script%3E  will be translated to:
  • 20.
    *Property of STIK0032 Form Element be aware that any JavaScript code can be added inside the <script> tag A hacker can redirect the user to a file on another server, and that file can hold malicious code that can alter the global variables or submit the form to another address to save the user’s data
  • 21.
    *Property of STIK0032 how to avoid $_SERVER[“PHP_SELF”] exploit? The $_SERVER[“PHP_SELF”] exploit can be avoided using the htmlspecialchars() function if the user tries to exploit the PHP_SELF variable, it will result:
  • 22.
    *Property of STIK0032 Validate Form Data with PHP  The very first thing to do to validate form data with PHP is to pass all variables through PHP’s htmlspecialchars() function  For example:  With htmlspecialchars() function it would not be executed, because it would be saved as HTML escaped code like this:
  • 23.
    *Property of STIK0032 test_input()
  • 24.
    *Property of STIK0032 Form Required Fields  In the previous slide, all input fields were optional, meaning no required fields to be filled in by the user  Here is a simple PHP script that checks the name for empty input and throws an error message if the input is empty:
  • 25.
    *Property of STIK0032 Form Required Fields To display the error message in the HTML form (this will be generated if the user tries to submit the form without filling in the required fields) use the code below: