CSE311L: Lab Manual: Week 5
CSE311L: Lab Manual: Week 5
1. Introduction
2. Course Objectives
2.
<?php
$name = "John Doe";
$colors = ["Red", "Green", "Blue"];
echo "Name: " . $name . "<br>";
echo "Favorite color: " . $colors[1];
?>
Demonstrates PHP variables, arrays, and string concatenation.
3.
<?php
$age = 21;
if ($age >= 18) {
echo "You are an adult.";
} else {
echo "You are a minor.";
}
?>
4.
<form method="POST" action="process.php">
Name: <input type="text" name="name">
<input type="submit" value="Submit">
</form>
process.php:
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = htmlspecialchars($_POST['name']);
echo "Hello, " . $name;
}
?>
Problem: Create a contact form for your portfolio website that sends user input
(name, email, message) to the server and displays a success message.
Scope: Design a simple HTML form that submits data to a PHP script. The PHP
script will process the form input and display the result on the same or another
page.
Tasks:
1. Design a contact form with input fields for Name, Email, and Message.
2. Use PHP to validate that all fields are filled out.
3. Display the submitted data on the screen and store it in a variable for later use.
4. Ensure user input is sanitized to prevent security issues Use
`htmlspecialchars()`).
Examples:
1. Connecting to a MySQL Database:
<?php
$conn = new mysqli("localhost", "root", "",
"portfolio");
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
?>
Explanation: This script establishes a connection to a MySQL database named
portfolio. It checks for connection errors and prints a success message if
connected.
Explanation: This SQL query creates a portfolio database and a messages table to
store user-submitted messages from the contact form.
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$stmt->execute();
echo "New record created successfully";
?>
Explanation: This PHP script inserts user-submitted data into the messages table.
It uses prepared statements to prevent SQL injection attacks.
5. Updating Records:
<?php
$stmt = $conn->prepare("UPDATE messages SET message=?
WHERE id=?");
$stmt->bind_param("si", $message, $id);
Problem: Create a complete contact form system that allows users to submit
messages, stores them in a MySQL database, and provides an admin
interface to manage (view, update, delete) the messages.
Scope: Build a full back-end system for managing contact form submissions
using PHP and MySQL.
Tasks:
1. Create the messages table: Use the provided SQL query to create the
database and table.
2. Insert form data into the database: Modify your contact.php script
to insert the submitted data into the messages table.
3. Retrieve and display messages: Create an admin page (admin.php)
to retrieve and display all messages from the messages table.
4. Implement update and delete functionality: Add buttons for
updating and deleting messages directly from the admin panel.