On the most server, you can have a " .htaccess
" file on your application directory, where could be set the
register_global directive to on, simply by inserting line like
this:
php_flag register_globals on
This page is written for use this settings (by the way, default
on some older servers for the backward compatibility).
If it is not possible, you can use the older programs without rewriting, if you include to start of the script something like
foreach ($_POST as $int_temp_key
=> $int_temp_value)
{$int_temp_value
!= '') {$$int_temp_key =
$int_temp_value; |
Violet are local cycle variables.
Sometimes we can to have got data from user we will need on the next forms, but we don't like to write it to a database table. There are few methods, how to solve it:
Most often problem with students' applications on this course is the login information passing between forms. The only correct solution would be to use the https access, but it is not possible on server we are use. For this reason, we will introduce solution, how to send a data to next form, using hidden input fields. Disadvantage is, that user can see a password, if he/she try to show page source code, but the most typical solution with a cookies use will have the same result.
It has to be stated, that this solution is not secure, and cannot be used in serious application (in a real application, you will need to use .htaccess file and require the https data access.
The next three forms show, how it works: The first page allows to insert a login name and a password, the second will allow you to insert any two parameters, and the last will display everything. Only the second one will check a password, but not using database, it is fixed here.
The first page is a standard html page. By the way, if you like to keep it working, name it form1.htm, because this name is written in the second file. You can try a similar program on tem.wz.cz/form1.htm:
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1250">
<meta name="GENERATOR" content="Microsoft FrontPage Express 2.0">
<title>Direct data transfer...1</title>
</head>
<body bgcolor="#FFFFFF">
<p><font size="4"><strong>Please, log in using help:</strong></font></p>
<form action="form2.php" method="post">
<p>Your login name : <input type="text" size="20"
name="name1"> scott<br>
Your password: <input type="text" size="20" name="value1">
tiger<br>
<input type="submit" name="send_it" value="Send"></p>
</form>
<p><sub>version from 31.3.2010</sub> </p>
</body>
</html>
|
The next page will generate a form with the hidden input fields:
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1250">
<meta name="GENERATOR" content="Microsoft FrontPage Express 2.0">
<title>Direct data transfer...2</title></head>
<body bgcolor="#FFFFFF">
<?php
if (($send_it=="Send")and($name1=="scott")and($value1=="tiger")):
?>
<p><font size="4"><strong>Now you can insert any other parameters :</strong></font></p>
<form action="form3.php" method="post">
<p>Insert the first word : <input type="text" size="20" name="name2"><br>
Insert the second word : <input type="text" size="20" name="value2">
<br>
<?php
echo '<input type="hidden" name="name1" value="'.$name1.'">';
echo '<input type="hidden" name="password" value="'.$value1.'">';
?>
<input type="submit" name="send" value="Send"></p>
</form>
<?php
else:
?>
Wrong login or password. <a href="form1.htm">Try again</a>.
<?php
endif;
?>
<p><sub>version from 31.3.2010</sub> </p>
</body>
</html>
|
Beware of the correct apostrophe and a double quotation use -
as a result, we have to join strings use a "."
symbol (dot).
Comment: The value, used for password, cannot contain any
quotation or backslash symbol. Later we will show, how you can
check it in time of a user registration, or when a password is to
be changed.
The last script only shows the results, without any password checking. We have already did it:
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1250">
<meta name="GENERATOR" content="Microsoft FrontPage Express 2.0">
<title>Direct data transfer...3</title></head>
<body bgcolor="#FFFFFF">
<p><font size="4"><strong>List of inserted values:</strong></font></p>
<table border=1>
<?php
foreach($_POST as $n1 => $v1) {echo "<tr><td>".$n1."<td>".$v1; };
?>
</table>
<p><sub>version from 31.3.2010</sub> </p>
</body>
</html>
|
More common method for data saving is a cookies. In this case, the data are saved on a client side. Typically, the saved variable can be user for all php scripts, executed from the same directory on the server. After executing of any php script, the cookie variable will be accessible in the $_COOKIE associative array. Function is defined as follows:
setcookie(name,value,time_to_destroy,directory,domain); |
Only the first two parameters are obligatory. If you use zero value as a third, your cookie will be destroyed, when user will close an explorer window - if you insert a time, it would last up to this time. You can use current date and add for example 30 days, for example:
time()+60*60*24*30 |
Time in the Unix system is in the seconds, counted from the beginning of the year 1970 (ten years before a MS will start count a date).
The next example will call itself (note name of the script: cookie1.php ), so it can be used for the cookie behavior testing. Try, that if you set a cookie, it will be visible for the next time, not for the form, which created a cookie:
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1250">
<title>Cookie...</title>
</head>
<body bgcolor="#FFFFFF">
<?php
if ($send1=='Send') setcookie($name1,$value1,0) ;
?>
<p><font size="4"><strong>Actual cookies list:</strong></font></p>
<table border=1>
<?php
foreach($_COOKIE as $n1 => $v1) {echo "<td>".$n1."<td>".$v1; };
?>
</table>
<p><font size="4"><strong>Insert a new values for a cookie:</strong></font></p>
<form action="cookie1.php" method="get">
Insert a name for a new cookie: <input name="name1" type="text">
<br>
Insert a value for a new cookie: <input name="value1" type="text">
<br>
<input name="send1" value="Send" type="submit"></form>
<p> </p>
<sub>version from 25.3.2010</sub>
</body>
</html>
|
You can try similar program (again in the czech version only) here. It always at first write a complete list of cookies, then create the new one.
Cookie don't need to be always allowed, so you can save variables on the server, using a "session". This should to be initialized:
session_start(); |
Then you can use an associative array $_SESSION , containing saved data, and it can be simply modified:
$_SESSION["color"] = "yellow"; |
We can show this by use:
echo $_SESSION["barva"]; |
Because more people can use our script simultaneously, you should start the session with selecting an unique name. It is typically done by saving the initialization value to cookie (it will be solved automatically, if you don't use the next command), or you can set one:
session_name('alik');
session_start();
|
This should be on the beginning of every php script. Problem is, if two of user will initialize the session with the same value (they will got the same data). Note the name of a php script, mentioned inside (cookie2.php):
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1250">
<title>Session</title>
</head>
<body bgcolor="#FFFFFF">
<?php
session_name('alik');
session_start();
if ($send1=='Send') $_SESSION[$name1] = $value1;
?>
<p><font size="4"><strong>List of the session array:</strong></font></p>
<table border=1>
<?php
foreach($_SESSION as $n1 => $v1) {echo "<tr><td>".$n1."<td>".$v1; };
?>
</table>
<p><font size="4"><strong>Insert a new session variable:</strong></font></p>
<form action="cookie2.php" method="get">
The name: <input name="name1" type="text">
<br>
The value: <input name="value1" type="text">
<br>
<input name="send1" value="Send" type="submit"></form>
<p> </p>
<sub>version from 31.3.2010</sub>
</body>
</html>
|
This script calls itself (reclusively). In my case, from unknown reason, the "foreach" cycle starts the list of the session associative array with an empty pair (without name and value), but it should not be problem for an ordinary use. You can try a czech version here.
Session is independent on the client side and can be debugged to create a reliable solution. Cookies is a standard solution of this problem, and if there are banned cookies on the user computer, you can ask to allow them to work with your web pages. With cookies, the user can easily erase them, if he runs into problems.