Scribd
Upload
74 views18 pages

PW-05 GET, POST, and File Upload

The document discusses HTTP methods like GET and POST used to send data in web requests. GET sends variable data in the URL query string while POST sends it in the request body. It also covers building query strings, sending form data, and uploading files. Variables sent via GET, POST, or forms are retrieved in PHP using the $_GET, $_POST, and $_FILES superglobal arrays respectively. File uploads require encoding as multipart/form-data and storing the temporary file.

Uploaded by

Andika Nugraha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
74 views18 pages

PW-05 GET, POST, and File Upload

The document discusses HTTP methods like GET and POST used to send data in web requests. GET sends variable data in the URL query string while POST sends it in the request body. It also covers building query strings, sending form data, and uploading files. Variables sent via GET, POST, or forms are retrieved in PHP using the $_GET, $_POST, and $_FILES superglobal arrays respectively. File uploads require encoding as multipart/form-data and storing the temporary file.

Uploaded by

Andika Nugraha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 18

Web Programming

HTTP Method GET, POST, and File Upload

 Aryo Pinandito, ST, M.MT


HTTP Method
HTTP Methods
 HTTP methods indicate the desired action to be
performed on the identified resource.
 What this resource represents, whether pre-
existing data or data that is generated
dynamically, depends on the implementation of
the server.
 The resource corresponds to a file or the output of
an executable residing on the server.
 The HTTP/1.0 specification defined the GET,
POST and HEAD methods
 HTTP/1.1 specification added 5 new methods:
OPTIONS, PUT, DELETE, TRACE and
CONNECT.
Sending Variables:
Request Method
 GET
 Requests data from a specified resource via URL
 However, client informations are sent in the form of
variables through URL as a Query String
 POST
 Submits data to be processed to a specified
resource
 Sending request variables through the POST body.
Variable name and it’s value will not be shown on
the URL
Query String
 In the World Wide Web, a query string is the
part of a Uniform Resource Locator (URL) that
contains data to be passed to web applications
such as a PHP or CGI programs.
 Each variables and its values are separated
with an equal sign (=)
 Each variables data name and value pair is
separated by an ampersand symbol (&)
Query String in a URL
domain requested
name resource

http://domain.com/index.php?title=Main+Page&action=raw

protocol Top Level query string


name Domain
(TLD)
Variables and its values
will be sent to the resource
requested
Building Query String
 Writing a PHP program that generates a query
string attached to a URL using the following code
<?php $name = "Djoko"; ?>
<a href="http://domain.com?name=<?php echo $name; ?>">
Click Here
</a>

 When the code runs, it produces the following


output:
<a href="http://domain.com?name=Djoko">
Click Here
</a>
Sending Variables
through HTML Form
 Uses HTML <form> tag
 Set the requested resource to the action attribute
<form action="program.php">
...
</form>
 Set method attribute to controls the way that
information is sent to the requested resource on the
server.
<form action="program.php" method="GET">
or
<form action="program.php" method="POST">
GET Method
 Browser automatically appends the information
given from the HTML form to the URL when it
sends the page request to the web server
 Example:
<form action="test.php" method="GET">
 If the form is submitted then the page will be
redirected to:
http://domain.com/test.php?color=red&speed=70
POST Method
 However, information in the form is sent in the
body of http request and doesn’t appear in the
URL using POST method

<form action="myprogram.php" method="POST">


<input name="color" value="red" />
<input name="email" value="[email protected]" />
</form>
HTML Standard Form
Input Fields
 Text Fields
<input type="text" name="text1" />

 Password Field
<input type="password" name ="pass" />

 Radio Buttons
<input type="radio" name="radio1" value="Men" />
<input type="radio" name="radio1" value="Women" />

 Checkboxes
<input type="checkbox" name="vehicle" value="Bike" />

 Submit Button
<input type="submit" value="Submit" />

 Hidden fields
<input type="hidden" name="product_id" value="122" />
POST and GET Variables
Retrieval
 Retrieved using PHP's super global arrays
 $_GET for variables sent using GET method
 $_POST for variables sent using POST method
 $_REQUEST for variables sent using GET or
POST
$color = $_GET['color'];
value will be variable
stored here name

Change $_GET to $_POST or $_REQUEST accordingly


Example
 URL
http://domain.com/process.php?name=Aryo
 In PHP
<?php
echo "Welcome, " . $_GET['name'] . ".";
?>
 Will produce:
Welcome, Aryo.
Change $_GET to $_POST or $_REQUEST accordingly
Upload File
 Use a form with POST method and encoding type
multipart/form-data
 Use input control with type: file

<form action="upload.php" method="post"


enctype="multipart/form-data">
Select image to upload:
<input type="file" name="upfile">
<input type="submit"
value="Upload Image" name="submit">
</form>
Handling File Upload
 The global $_FILES will contain all the
uploaded file information.
 Note that this assumes the use of the file
upload name upfile, as used in the example
script above. This can be any name.
 $_FILES['upfile']['name']
 The original name of the file on the client machine.

 $_FILES['upfile']['size']
 The size, in bytes, of the uploaded file.
Handling File Upload (2)
 $_FILES['upfile']['type']
 The mime type of the file, if the browser provided this
information. An example would be "image/gif". This mime
type is however not checked on the PHP side and
therefore don't take its value for granted.
 $_FILES['upfile']['tmp_name']
 The temporary filename of the file in which the uploaded
file was stored on the server.
 $_FILES['upfile']['error']
 The error code associated with this file upload.
Handling File Upload
Example
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir .
basename($_FILES['upfile']['name']);

if (move_uploaded_file($_FILES['upfile']['tmp_name'],
$uploadfile)) {
echo "File is valid,
and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}

If upload directory is the same as PHP file that handle the file upload, then
you can change the $uploaddir value to "."
Questions?

You might also like