Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I'm having a hard time grasping how PHP/HTML/the server works and I couldn't find any info (it has to be somewhere so if you have a link I'd appreciate it). I'll try to explain best what I understand/don't understand and ask a concise question.
My Understanding
PHP code is in the same file as HTML files and needs the server to have a PHP parser? to read and execute the PHP code.
PHP code executes first on the server side, then HTML/JS execute on the client side (hence you can't see the PHP code on the browser).
What I don't understand
When a PHP code calls a $_POST request, where is the request going? Let's say I call a $_POST request to mypage2.php. How do I handle this $_POST request in my mypage2.php code? (I setup an iFrame and tried to make a $_POST request to it, but it changed to that page).
How do I use multiple .php files on a site? I always see something like authentication.php but are those pages just classes to never be used (aka I can never go to mysite.com/authentication.php)?
My end goal is to get data from an external $_POST call, and send it to my page embedded in an iFrame. I feel I don't understand the basic concepts first though and all the tutorials discuss the syntax of PHP (which I think I understand).
I am running on a windows machine and using XAMPP if that is relevant. Thank you.
Your html POST going to $_POST array on page2.php.
This array has the same index of page1.html input/form.
<input name="username"> <input name="password">
To use it in your page2.php, you can store it on a variable like this
$username = $_POST['username'];
$password = $_POST['password'];
You kind of have it right:
PHP is in the same file with your HTML/CSS/JavaScript code. It requires a PHP interpreter on the Web server. The Web server will not send a raw PHP file (with PHP code in it) to a client browser, if configured correctly.
When there is a request for a PHP file, the PHP interpreter on the Web server processes the PHP file, which removes the PHP code and replaces it with the interpreted result (HTML/CSS/JavaScript code). It sends the processed file to the client browser as the PHP file. That file only contains HTML/CSS/JavaScript code. The client browser runs the HTML/CSS/JavaScript code that the Web server sends.
There are global variables in PHP that store data that's POSTed or otherwise sent to the PHP file. Have a look at $_POST, $_GET and $_REQUEST. Note that you should never trust data that's submitted by a user and you should always "sanitize" it (see What's the best method for sanitizing user input with PHP?)
You can use more than one PHP file on a website, but no variables or other data carry automatically from file to file, so each file starts with a blank sheet. There are ways to pass values among pages by passing them in the URL or by using PHP Sessions.
Some applications that use more than one PHP file don't want a user to be able to run a PHP file on its own. They only want the PHP file to be executed by the application, from another PHP file. So what the programmer will sometimes do is to set a global variable and store it as a session variable. The first thing a PHP file does is check that variable to see if it's set. If it's not, it means the user tried to run the PHP file by itself, and it just exits. That might be why you can't run a particular PHP file you mentioned.
If you have a file mypage2.php and you post 'mydata' to that file, for example from an HTML form where name='mydata', you can retrieve the data from the global $_POST, for example, <?php $mydata = $_POST['mydata'];?>. After you sanitize it, if the IFRAME is also within mypage2.php, you can insert it into the IFRAME by echoing it, for example, <?php echo $mydata;?>
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
i don't understand why is PHP embedded in HTML when its only running on server side and HTML file is loaded in to the browser on client side.. ?
PHP is a server side language which can be, and very often is, used for pre-processing of the output from the server to the client. When the client asks the server for a particular page, for example a product detail page, a calendar or a blog article, PHP will get the data to use on that page from a database or other storage technology and send to the client.
Now if PHP is putting that data into the HTML on the server, the client receives an HTML document complete with all the data as well as the document structure, HTML tags and, unless hosted in separate files, CSS styles and Javascript code.
The most basic way for PHP to do this is inlining the HTML like so in a .php file:
<h1><?php echo "Hello World!";?></h1>
Which will produce HTML for the client that looks like:
<h1>Hello World!</h1>
Which will display as:
Hello World!
In this very simple example it might be hard to see the benefits, but as soon as you start using dynamic data, perhaps as simple as displaying the current day or showing some other piece of information that changes, you can see the benefit of using something like PHP for that task.
Once you create, say a php file that contains HTML with embedded PHP, and the browser client asks your server for that file, your entire file is still on the server and untouched.
But right before the file is delivered to the requesting user, the file is processed (if you have your server to process .php files, that is) and the embedded PHP is replaced with it's output. Usually, the embeded PHP code never reaches the browser client, only the processed file does.
Imagine reading an html file like a book. The language of the book is html. A webserver, such as apache, takes the html code and sends it to the user. It is your browser that interprets it. What your browser receives is pure text.
Now, the apache has a PHP extension. So, when the webserver reads the html code, and suddenly stumbles upon < ?php ?> tags, it does not send it to the user. Instead, it sends it to the PHP server.
The PHP server processes the code and returns back only pure html code. Then everything is sent over to the user.
PHP will only process things that are enclosed within one of its valid code blocks (such as <?php and ?>). Because of this, PHP effectively ignores everything that it was not specifically told to process and can be used to our advantage. For example, what will the output from the following be?
<?php
$var = 5;
?>
$var = 10;<br />
The variable $var has a value of: <?=$var?><br />
Is this a valid script? Yes, the output would be the following:
$var = 10;
The variable $var has a value of: 5
Notice that with the second assignment of $var, when we attempt to change the value from 5 to 10, it has no effect because it is not enclosed within valid PHP code-block syntax. So, instead of being processed, it is simply displayed to the web browser.
After realising that my web server wouldn't run php inside my html file I used an iframe which points to my php script.
It works as expected and now my site has a nice little comment form that the user can fill in and submit.
I opted for this instead of changing my hhtpd.conf because I don't think my web host allows it.
So my question is; is there any real danger of doing this? If the comment.php file were to mysteriously disappear an error would appear in my html which wouldn't affect the rest of my code. I can't think of any drawbacks unless there some server overhead I'm unaware of.
Any information would be welcomed.
Cheers!
If they (the html and php files) are located on the same server — should be no danger.
Just to clarify :
If you can 'run' the php in an iFrame, then you're able to run it in the main frame as well. the php that is generated for your iframe could as well be generated for the main frame.
So, no, there is no danger at at, but no, you don't need an iframe, I think you misunderstood somehow how php is working.
There is no php in html, php is (simplified) used in 2 scenarios :
first is to generate html that will be sent to the web browser,
the second is a script, that doesn't render any php but affects some internal files, like databases and such.
I real beginner and try to understand how things work more then to develop stuff, and now i can't move forward till someone gives me an accurate answer about a little detail of following issue.
Let's assume there's a page with php code http://example.com/blablabla and link on it like http://example.com/blablabla?file=number_1 which's used to modify some parts of this page
What i really don't know is what happens with the already loaded script from http://example.com/blablabla when there's a request from this page -http://example.com/blablabla?file=number_1
The questions actually are:
Is code from the already loaded page processed every time when requesting ?file=number_1?
For me it seems very strange, 'cause if with the first http://example.com/blablabla via php i selected for example a huge size of data from database and only want to modify small part of page with ?file=number_1 and why do i need server to process request to the database one more time.
My experience says me that server do process again already loaded code,
BUT according to this i have a very SLIGHT ASSUMPTION, that i'm not really sure about this, but it seems very logical:
The real trick is that the code in the first page has one VARIABLE and its value is changed
by the second request, so i assume that server see this change and modifies only that part of the code with this VARIABLE - for example the code in http://example.com/blablabla looks like this
<?
/* some code above */
if (empty($_GET['file'])) {
/* do smth */
} else {
/* do smth else */
}
/* some code below */
?>
with the request http://example.com/blablabla?file=number_1 the server processes only part of the original code only including changed $_GET['file'] variable.
Is it totally my imagination or it somehow make a point?
Would someone please explain it to me. Much appreciated.
HTML is a static language. There is php and other similar languages that allows you to have dynamic pages but because it still has to send everything over as html you still have to get a new page.
The ?file=number_1 just gives a get request to the page giving it more information but the page itself had to still be rerun in order to change the information and send the new static html page back.
The database query can be cached with more advanced programming in PHP or other similar languages so that the server doesnt have to requery the database but the page itself still had to be completely rerun
There are more advanced methods that allows client side manipulation of the data but from your example I believe the page is being rerun with a get request on the server side and a new page is being sent back.
i believe this is what your asking about.
Yeah, thanks you guys both. It certainly clarified the issue that every script (clean html or generated by php) runs every time with each request, and only external types of data like image files and, even as it follows from the previous answer, mysql results can be cached and be used via php to output necessary data.
The main point was that I mistakenly hoped that if the page is loaded and consequently cached in computer memory, the appended QUERY STRING to this URL will send, of course, new get request, but retrieved respond will affect this page partly without rerunning it completely.
Now i have to reconsider my building strategy – load as much data as it’s required from each requested URL.
If you are looking for a way to edit the page dynamically, use JavaScript.
If you need to run code server side, invisibly to the client, use PHP.
If you need to load content dynamically, use AJAX, an extension of JavaScript.
I hope that helps.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
If i read file upload script I see almost everywhere the following line of code to read the file contents
file_get_contents('php://input');
But unfortunately can't really understand it. Can someone please help what does it actually mean?
Although your post isn't too detailed in what you have tried to accomplish and most importantly, how, I will attempt to provide some guidelines to solving your problem.
1. How do uploads work?
The first thing you must understand, how uploads work with PHP. The file you upload is sent as the body part of the HTTP request.
This body part however may be encoded. Once such encoding may be multipart/form-data, where the body is divided into separate parts. PHP however does some special processing to this, see later on in this answer.
An other method is to send the file itself completely unencoded as the body part of a PUT request, sent by for example XMLHttpRequest. This would enable your code to actually work, but again, let's discuss this later.
2. How does PHP handle uploads?
PHP has some special magic if you use multipart/form-data. If you use this, the contents of php://input will not be available, instead you must use the $_FILES array to handle your upload.
If you on the other hand want to process the upload yourself or you used the PUT method and your upload doesn't require special processing, you can just read all contents of php://input and use them any way you like.
For more details on uploads please see the PHP manual.
3. How to submit files from the client?
There are several methods. The most basic method is to simply create a form that submits the file as a HTTP POST upload and then handle it as described above.
If you want a progress bar, you can use some Flash like the YUI uploader. This little file will still send a HTTP POST, but you will have access to how much was uploaded via JavaScript.
Finally, if your browser supports the HTML5 File API, you can get the contents of a local file and upload it via HTTP POST or HTTP PUT according to your needs. For more details see this tutorial.
4. Debugging problems
Stuff tends to break, so you'll need to be able to debug it. Your first weapon of choice would be some sort of network dump from your browser. If you have Chrome, the tools are build in, for other browsers you might have to download some extensions.
You need to look at the request and see if the data is there and it's encoded correctly. As a web developer you should posses a deep understanding of HTTP, so if you don't read up on it. There is no excuse for not knowing HTTP.
If you are sure your data arrives on the server side, you should learn to debug PHP. First of all, take a look at your superglobals. Is everything there you sent? Or is something missing?
If you don't have the file you sent, you may have hit the configured filesize limits for uploads, either in your webserver or in your PHP. As to which the culprit is, you will have to find out for yourself.
Also, be sure to set error_reporting to E_ALL & E_NOTICE so you don't miss problems with your code.
Finally, if nothing else helps, you will need to learn to debug with xdebug. Again, there is no excuse whatsoever for a web developer for not being able to debug your own code. None.
See http://www.php.net/manual/en/wrappers.php.php.
php://input is a "special file" which contains the input that was sent to the PHP script. On a web server that means the contents of the HTTP request body. file_get_contents simply reads the entire contents, like from a regular file.
In short: that line gets the content of the HTTP request body.
However: php://input is not populated when using multipart/form-data
i am using form authentication for my website which is written in ASP.Net, but i have a PHP script that i need to run. Is it possible to get the value of User.Identity.Name in PHP ?
thanks.
Yes, if you pass it on to the PHP page using POST or GET (Querystring or Form), meaning getting the value from an ASP page first and then sending it to you PHP page. You can also take a look at this question on Stack Overflow, which offers a different solution.
*Edit: Possible solutions:
Using IIS7 Forms Authentication with PHP files
How to Share Session State Between Classic ASP and ASP.NET
The second one could work for PHP as well with a bit of creativeness.
why don't you just store the User.Identity.Name from the ASP.NET page in a session, and then when you call the PHP page you can just retrieve it from that session?
As long as its the same site, it should work.
Since you mentioned loading the PHP script in an iframe, you want to do something like this:
<iframe src="myscript.php?username=<%= User.Identity.Name %>" />
This passes the Identity name along as a GET parameter, as suggested by Boekwurm.
Then, in your PHP script, grab it like so:
username = $_GET["username"];
Depending on what you're doing with it, you may need some security in place to prevent people from running the PHP script with arbitrary username parameters.