PHP Lesson 12 – Common exercises

Hello viewer, You can now have our Tutorial Lessons in your android mobile device and read it offline.
Download kotlin Programming APP on PlayStore
Download Website SEO Lessons APP on PlayStore

PHP Lesson 12 - Common exercises - PHP Lesson 12 - Common exercises - PHP Lesson 12 - Common exercises - php exercises solution
php exercises solution

Here are three small exercises to deepen what you’ve just learned. First, we build a small password-protected page. Here’s an example of how to check if form fields have been filled out by the user. Finally, it seems like several websites with only one PHP file can spend.

Exercise 1: PHP Password protection

For our password protection, we first need an input form for a username and password. This looks something like this, which we can save in page1.php.

<form action="site2.php"
 method="post">
UserName:<br />
<input type="Text" name="username"><br /><br />
 
Passwort:<br />
<input type="Password" name="passwort" />
 
<input type="Submit" value="submit" />
</form>

Password queries should always be sent by post because if it was submitted with GET, anyone would later be able to see which password to use.

Now we come to the PHP part, which we save in page2.php:

<?php
$username = $_POST["username"];
$passwort = $_POST["passwort"];
$pass = sha1($passwort);
?>

First of all, we simply ask the transferring data again.

With sha1() we calculate the hash of the password. The re-conversion from the SHA-1 hash value to the password is difficult and only possible with a large amount of computation. With secure passwords, calculating back is virtually impossible. This provides some protection, for example, if an attacker has access to the file with the SHA-1 hash value, then he can not derive the plain-text passwords from this without much effort.

A word, eg the word Coding180, which was hashed with sha1, looks like this:
18a568863914f5ec56599b1ac22a93cbd7b8ce00

In order to make an if statement now, we first need to convert the password to a sha1 string (text).

For this, we can use the sha1 generator.

We have to modify our code like this.

<?php
$username = $_POST["username"];
$passwort = $_POST["passwort"];
$pass = sha1($passwort);
echo $pass;
?>

If we press Submit on the form, we get the entered word as a sha1 string reissued. We will later copy this hash value for our password into the password-protected page.

Attention: The sha1 function is case-sensitive.

b EXAMPLE looks converted like this:
89cfb96efc4c673ec04899ca63f5ae9b83af43d1

B EXAMPLE looks converted like this:
540294507309acc5c7a6fd79ea644f094d651d33

Now comes the if statement . This will check if the encrypted password is the same as the one we saved.

Our code for page2.php looks like this:

<?php
$username = $_POST["username"];
$passwort = $_POST["passwort"];
$pass = sha1($passwort);

if($username == "coding180" AND $pass=="89cfb96efc4c673ec04899ca63f5ae9b83af43d1")
   {
   echo "Robort Gabriel";
   }
else
   {
   echo "Login failed";
   }
?>

In the if statement we now write in our sha1 string.

If you press submit on the form, this data will be sent to page2.phppage2.php queries these inputs and encrypts the password text box into a sha1 string. The if statement then asks if the entered encrypted password is the same as the if statement.

What do I have of the sha1 function?
Hashing passwords, converting passwords to their sha1 hash, and storing only those hashes increases the security of the system. Suppose an attacker gains unauthorized access to your system. If the passwords are stored only in plain text, then the attacker can cause considerable further damage. However, if they are stored as a hash value, the potential damage is significantly lower. If your users have chosen a strong password (ie more than 8 characters, ideally using letters and numbers), then the attacker can not recalculate the passwords and thus do no further damage. Therefore, passwords should always be stored only as a hash value.

In addition to the SHA-1 hash function, PHP also implements some other hash functions, such as md5.

 

Exercise 2: Check if all fields have been completed

Often you want to make sure that all fields of a form have been filled out. For example, if you implement a registration function you have to make sure that all mandatory fields have been filled out.

For this we start again with a form:

<form action="site2.php" method="post">
E-Mail:<br>
<input type="Text" name="email"><br><br>
 
comment:<br>
<textarea name="comment" cols="30" rows="5">
</textarea>
 
<input type="Submit" value="Submit">
</form>

In this form, you enter your e-mail address and a comment.

This data will be sent to page2.php

<?php
$email = $_POST["email"];
$comment = $_POST["comment"];
 if ($email == "" OR $comment == "")
   {
   echo "Please fill out all fields";
   }
else
   {
   echo "Your entry has been saved";
   }
?>

As always, we first ask the submitted data. With the if statement we check if both fields have been filled out, we need OR for that.

Besides OR, you can also use the logical operator AND. Now we check that both fields are different from the empty string:

<?Php
$email = $ _POST ["email"];
$comment = $ _POST ["comment"];
 
if ($email != "" AND $comment != "")
   {
   echo "Your entry has been saved";
   }
else
   {
   echo "Please fill out all fields";
   }
?>

If one or both fields are blank, the visitor receives an error message. But if he has completed it, his entries are saved. How saving works you will learn later.

Such an if statement is needed quite often, eg for guestbooks such an if statement is almost always installed.

 

Exercise 3: Multiple HTML documents in a PHP file

A big advantage of PHP is that you can display dynamic content. If you program a page, such as an online shop or a forum system, there may even be tens of thousands of pages. Of course, you do not want to create a new HTML page for every article in the shop or for every post in the forum. Instead, the pages are generated dynamically and displayed to the user.

So that we know in the script which page we want to display, we can pass variables through  GET and produce different outputs depending on the value.

For example, we start our PHP file as follows:

<?Php
$page = $ _GET["page"];
?>

We have now used this as an input field name page. This value is stored in the variable $page. Of course, you can also use other names.

As we have already learned, data submitted using GET is appended to the URL. So we do not need a form to submit specific input, just append it to the URL and press Enter.

Then we need an if statement that checks what has been entered.

This can look like this:

<?Php
$page = $ _GET ["page"];
if ($page == "index")
   {
   echo "Welcome to the index page";
   }
?>

If we then call this file in the browser, we first get a blank page. But if we now append to the url?Page=index, we get the output that stands between our if statement.

Thus, we can now insert any number of subpages.

That looks like this:

About The Author

Related posts

Leave a Reply