Lecture 2. Input

Recordings

Connect recording
Lecture code

View input and validations

Example UserPicker

Show code...

Example ColorPicker

Show code...

Input validation and filtration

Abstract: View as a layer against the user

When to use $_GET? Bookmarks, shares,

But GET is easy to manipulate

What about $_POST? Large uploads, which we do not want to resubmit. For user benefit-hidden input (you do not need to know)

What about $_COOKIE?

What about $_FILES?

Session and state on the web

Session on multiple servers?

How to send stuff that is not simple text...

General problem

Wrong input leads to erroneus states Erroneous wrong state leads to faults

Why wrong input? Swedish social security numbers may be written in many ways

  • 19801212-1234
  • 198012121234
  • 801212-1234 <- standard
  • 8012121234

But did you know that the following is a correct format

  • 011212+1234

Filters help people do the right thing.

What about Javascript validation & filters? Moving validation closer to the user results in quicker feedback and better input!

BUT client data can be manipulated, since clients can be replaced. So all input must be validated.

Deliberate attacks

Javascript injections

http://se.php.net/manual/en/function.urlencode.php

Welcome to CoursePress

en utav Linnéuniversitets lärplattformar. Som inloggad student kan du kommunicera, hålla koll på dina kurser och mycket mer. Du som är gäst kan nå de flesta kurser och dess innehåll utan att logga in.

Läs mer lärplattformar vid Linnéuniversitetet

Student account

To log in you need a student account at Linnaeus University.

Read more about collecting your account

Log in LNU