PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Quick How-To's

Software

Books

Each book purchase gives a couple bucks back to the PHP Development Team!

Getting Started Passing Variables

A lot of beginning developers don't understand that the web is "Stateless". That means that the web server forgets who you are as soon as it sends you a page. So if you're logged in as John Doe and viewing your bank account, you need to send the web server your user ID for each page that you view. The script on the web server then needs to take that user ID and verify that it is authentic for every single page. It's a lot of work, but it has to be done. There are libraries like PHPLib that will handle a lot of it for you, but I have always done the authentication myself, rather than using a general purpose library.

Anyway, a URL might look like this:

https://www.bigbank.com/view_account.php3?ID=1511&token=aBCcdEfgh

Inside of the view_account.php3 script, you would be conveniently handed two variables: $ID and $token. You could then do a query on the database to make sure the token was legitimate and then display the information for $ID. Just do a query like what I showed on the "Get Started With Databases" page.

Passing variables with forms is very similar. You use form fields to accomplish a lot of it:


<FORM ACTION="my_page.php3" METHOD="get">
<INPUT TYPE="TEXT" NAME="name" VALUE="">
<INPUT TYPE="PASSWORD" NAME="pass" VALUE="">
<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Create Your Account">
</FORM>

Now, in the response page, my_page.php3, you are handed the variables $pass and $name. You could insert the values into a table by using someting like this:


<?php

$conn = pg_pconnect("host=db.company.com user=my_name 
	password=my_passwd dbname=db1");

if (!$conn) {
    echo "An error occured.\n";
    exit;
}

$sql="INSERT INTO my_table VALUES ($name, $pass);";

/*
	Use the @ symbol here to suppress errors. Then use your 
	error checking code to handle it your own way
*/

@$result_set = pg_Exec ($conn, $sql);

if (!$result_set) {
	//No connection or other error, so print an error
	echo "<H1>ERROR - insert failed</H1><P>";
	exit;  //exit the script
}
?>

No problem, right? I suggest fooling around with this code, extending it at first, and then start writing your own when you have the hang of it. Whenever I am starting a project, I basically take snippets of my code as building blocks and hack it to suit the current projects. What kind of developer writes code from scratch? 8-)