September 28, 2004
Dr. Greg Jones
• Discussion: Open Source
• Assignment 1
• Assignment 2
• Server ?
• Problems ? Tips ?
• Thoughts so far after assignment 1 ?
• Open source doesn't just mean access
to the source code.
• Licenses (common)
– Academic Free License
– BSD License
Assignment 2: Reading
• Security Issues Related to Information
Captured via Web Pages.
• The entry page will be a form that asks for the
• First Name, Last Name, Address, etc
• The page will call itself to test the entries using PHP
• It will check for the following items
• All fields contain information, Zip is only numbers, etc
• If a field does not match the above checks, then an
indication will be provided in HTML for the fields that
are missing. Something to indicate to the user that
more information is required.
• If all the checks of the fields are correct, the page will
redirect to the next task
• Tell the user that there information has been saved.
• Note: For this program we are not doing anything with the
information captured in the earlier php program other than
testing it. In later programs, you would before the redirect save
the information to a file or into the database for later use. The
other way is not to call the redirect and make the entire PHP
file a recursive program (one that calls itself and based on
state of the task does different things).
• Present the user with the option to upload a file
using a form (they can enter a file or choose to skip
on to the next task)
• Save the file uploaded into the directory of your
• After the file is saved, proceed to the next task.
• Thank the user for their upload
• Present a new form asking them to e-mail
you any comments.
• Send the e-mail to the e-mail address
entered by the user.
– If you want, you can include yourself as well.
• When the e-mail is sent, thank them again
and provide a link back to your home page.
– Note: elm.cecs.unt.edu is not setup to send e-
mails off campus. E-mails to on-campus accounts
like firstname.lastname@example.org will work.
• <form action=“cgi or php” method=“POST”>
• Different form input elements
– Input types
• Text, checkbox, radio buttons, submit, etc
– Hidden Fields (p. 189)
• Can assign values to names that get passed
• <input type=hidden name=user value=$_POST[user]>
• <input type=“submit” value=“anything”>
• Your HTML and PHP code need to match one-to-
Common Gateway Interface
• HTML form passes variable pairs
– Separated by &
• PHP already breaks these out (next slide)
– Contacts Action Location, then sends data
– Safest Way
– Sends data to Action Location (one step)
Getting to Input in PHP
• Page 182
• $_POST superglobal
– <input type=“text” name=“user”>
– Echo “$_POST[user]”;
Recursive PHP (states)
• Page 187
• Example of how it maintains state
• This is how you call the same HTML
page with PHP to check your data
before moving ahead
• The example on page 194 works on elm
• Will only send e-mail within unt.edu
• Format is critical to sendmail
• Be suer to use the correct path
• If incorrect it will not upload