PHP Web Hosting, Tomcat, JSP, J2EE, Servlets, Struts - PHP4, PHP5 Programming Blog

Figure 8-2 Forgot Something? Sometimes, when a user enters data in a form, he or she forgets to fill in a field. When this happens, the system has to react so that the insertion of the invalid or incomplete data will not corrupt the database. In some cases, these errors are made on purpose. In some cases, blank fields will appear first during searches and make the searching process harder than necessary; in other cases you will have erroneous statistics on your data (in your billing system, for example). In fact, these attempts to find cracks in the walls around your system are quite frequent. You need to design your system so it can react to such errors or malicious attempts to corrupt the database. Try It Out Adapting Your Script to the User Input In this exercise, you ll be making sure that the script can adapt when the user fails to enter all the fields. 1. Copy the code you made in Chapter 6 into a new directory, open the movie.php script, and modify it as shown in the highlighted lines: 229 Validating User Input
We would like to recommend you tested and proved virtual web hosting services, which you will surely find to be of great quality.

Incorporating Validation into the Movie Site To really understand the role of user input and validation, you need to see it in action. So, first you need to add a few fields to your beloved movie database. The modifications are all in the movie table. The movie application provides a lot of opportunities to check for user input. You will need to add a few features to the application, however, to provide more case studies. It will also help you to review what you learned in the previous chapters. Add a movie_release field INT(11) with default value 0 after the existing movie_year field, as shown in Figure 8-1. This allows you to store a timestamp for the movie release date. Then add a field named movie_rating at the end of the table type TINYINT (2). That information holds the movie rating you gave the movie when viewing it (see Figure 8-2). This rating goes from 0 to 10. Figure 8-1 228 Chapter 8
Check Tomcat Web Hosting services for best quality webspace to host your web application.

8 Validating User Input If you plan to accept user input on your site, you have to be prepared for mistakes. This could be simple human error, or a deliberate attempt to circumvent your Web forms. The most common human errors include basic typographical errors and format errors failing to give a year in a date, for example. Deliberate errors could be a user who doesn t want to provide his e-mail address, or it could be an attacker deliberately trying to corrupt your database with unexpected characters. No matter what the source, your script needs to be able to handle incorrect input, usually by identifying the bad data and returning the user to the form page with an appropriate error message. This chapter covers user input validation, including: . Validating simple string values . Validating integer values . Validating formatted text input Users Are Users Are Users . . . Consider an example: You work in a bank. You are developing a new system to allow the employees to manage a customer account updating process on the company intranet. You use your wellknown MM-DD-YYYY format for the date. It all works quite well when testing, but when put in production, your users say it doesn t work. Why? Because all your company systems use the ISO 8601 YYYY-MM-DD date format (a standard used in many systems because the date can be sorted alphabetically). Your users are confused between the two different formats and input wrong information in the system. If the data is in the wrong format, you can end up with a corrupted database or trigger errors in your application. You can avoid this by using well-known formats and validating the user input. When you expect an integer value, for example, you can check that it is an integer before you try to use it. It s a simple enough rule, and you ll learn how to do it later in this chapter.
If you are in need for chaep and reliable webhost to host your website, our recommendation is http web server services.

2. Have a page on your site with funny photographs or cartoons and allow your users to write the caption for them. Place the text in a speech bubble that is appropriately sized based on the length of the caption they submit. 3. Create a page for kids where they can choose different heads, bodies, and tails from animals, and put them together to make a new creation and a new image. Or create a virtual paper doll site where kids can place different outfits on a model, then save the images they create. 226 Chapter 7
In case you need quality webspace to host and run your web applications, try our personal web hosting services.

imagejpeg($thumb, $newthumbname); imagedestroy($largeimage); imagedestroy($thumb); //**END OF INSERT You first give your thumbnail its own directory, and you re using the same naming scheme for simplicity s sake. You then decide to make your thumbnails equal to 10% of the size of the original pictures. By using percentages instead of hard integers, you ensure that the proportions are kept equal and no skewing of your image occurs. Of course, you can make this smaller or larger depending on your users preferences and typical file uploads. You then create the thumbnail using the 5-step process as before: 1. Create a GD-friendly image from your source. 2. Create a blank GD-friendly image, with your smaller dimensions. 3. Copy the source image into the smaller blank image. 4. Save the newly created small image in its proper directory with its proper name. 5. Destroy the temporary images. Just like before, easy as pie, right? You may notice a broken image in the screenshot above; do you know why it is broken? If you said because we uploaded that photo before we implemented the thumbnail process, then you get 100 points and you get to take a break. Not a long one, mind you, but a break nonetheless. Summary This chapter covered a lot, and has only scratched the surface on image manipulation using the PHP/GD combination. Hopefully by now, you can upload images, resize them, change their coloring, create an automatic thumbnail, create new images, and merge two images together. In this chapter, you used a form to get the image from the user. What if the user tried to upload a file that wasn t an image at all, either by mistake or out of malicious intent? In this chapter, such a file would have been caught by the code that checked for the image type. Not all forms are so straightforward to check, though. In the next chapter, you ll learn about how to check that users enter information in your form in the proper format, and how to give them appropriate feedback when they don t. Exercises 1. Create a site called a virtual vacation. Offer different backgrounds for people to superimpose photos of themselves in, and let them send virtual postcards to their friends and family. 225 Manipulating and Creating Images with PHP
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision J2ee Web Hosting services.

Figure 7-8 How It Works The actual thumbnail itself is created in your check_image.php file, so let s take a look at that first. You added the following lines that complete that task for you: //**INSERT THESE LINES $newthumbname = $ImageThumb . $lastpicid . .jpg ; //get the dimensions for the thumbnail $thumb_width = $width * 0.10; $thumb_height = $height * 0.10; //create the thumbnail $largeimage = imagecreatefromjpeg($newfilename); $thumb = imagecreatetruecolor($thumb_width, $thumb_height); imagecopyresampled($thumb, $largeimage, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height); 224 Chapter 7
Searching for affordable and reliable webhost to host and run your web applications? Go to our java web server services and you will be pleased.

Click on any image to see it full sized.

n ; echo

n ; echo

n ; echo

n ; echo

n ; } ?>

Image	Caption	Uploaded By	Date Uploaded
; echo ; echo	. $image_caption .	. $image_username .	. $image_date .

4. Now upload some images using your upload_image.htm page. When you have a few, go to gallery.php in your browser and see what you have. Your screen should look something like Figure 7-8. Ok, so it s not pretty, and mostly utilitarian in appearance. The important thing is that it works! You can add the bells and whistles later; we just want to make sure you can make a thumbnail. 223 Manipulating and Creating Images with PHP
We recommend cheap and reliable webhost to host and run your web applications: Coldfusion Web Hosting services.

imagecopyresampled($image_jpg, $image_old, 0, 0, 0, 0, $width, $height, $width, $height); imagejpeg($image_jpg, $newfilename); imagedestroy($image_old); imagedestroy($image_jpg); } //**INSERT THESE LINES $newthumbname = $ImageThumb . $lastpicid . .jpg ; //get the dimensions for the thumbnail $thumb_width = $width * 0.10; $thumb_height = $height * 0.10; //create the thumbnail $largeimage = imagecreatefromjpeg($newfilename); $thumb = imagecreatetruecolor($thumb_width, $thumb_height); imagecopyresampled($thumb, $largeimage, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height); imagejpeg($thumb, $newthumbname); imagedestroy($largeimage); imagedestroy($thumb); //**END OF INSERT $url = location: showimage.php?id= . $lastpicid; header ($url); } } ?> 3. Now you re going to create gallery.php, which will act as your photo gallery. Type the following in your editor: 222 Chapter 7
From our experience, we are can tell you that you can find a reliable and cheap webhost service at Java Web Hosting services.

//make variables available $image_caption = $_POST[ image_caption ]; $image_username = $_POST[ image_username ]; $image_tempname = $_FILES[ image_filename ][ name ]; $today = date( Y-m-d ); //upload image and check for image type $ImageDir = c:/Program Files/Apache Group/Apache2/test/images/ ; //**INSERT THIS LINE: $ImageThumb = $ImageDir . thumbs/ ; //**END OF INSERT $ImageName = $ImageDir . $image_tempname; if (move_uploaded_file($_FILES[ image_filename ][ tmp_name ], $ImageName)) { //get info about the image being uploaded list($width, $height, $type, $attr) = getimagesize($ImageName); if ($type > 3) { echo Sorry, but the file you uploaded was not a GIF, JPG, or . PNG file.
; echo Please hit your browser s back button and try again. ; } else { //image is acceptable; ok to proceed //insert info into image table $insert = INSERT INTO images (image_caption, image_username, image_date) VALUES ( $image_caption , $image_username , $today ) ; $insertresults = mysql_query($insert) or die(mysql_error()); $lastpicid = mysql_insert_id(); $newfilename = $ImageDir . $lastpicid . .jpg ; if ($type == 2) { rename($ImageName, $newfilename); } else { if ($type == 1) { $image_old = imagecreatefromgif($ImageName); } elseif ($type == 3) { $image_old = imagecreatefrompng($ImageName); // convert the image to jpg $image_jpg = imagecreatetruecolor($width, $height); 221 Manipulating and Creating Images with PHP
Visit our web design programs services for an affordable and reliable webhost to suit all your needs.