I'm learning to code and encounter a problem with making a form using HTML.
In the book, it stated that "every <form> element requires an action attribute and its value is the URL for the page on the server that will receive the information in the form when it is submitted."
But I thought about it for a long time, and I couldn't figure it out. What is meant by "the URL for the page on the server". If I got a site uploaded to a web hosting company, I would need to get it there? Or I need to rent a server elsewhere so that I will get one? Or it just fine to be store on a local file? Because I saw the data need to be processed by PHP, although I don't know whats that.
Can anyone help me with this? Really appreciated.
Regards,
Ace
An HTTP(S) URL will include a hostname (which identifies a computer (acting as a server) on a network) and a path (and possibly some other components which don't matter for this question).
When you type a URL into the address bar of a browser, the browser will make a request to the server and ask for whatever is at the path.
The server will respond (typically with some data like an HTML document).
The server has to perform some logic to decide what to respond with. Typically this will either be:
Reading a file from its hard disk and returning the contents or
Executing a program and generating some content programmatically
When you submit a form, you are making a request to a URL with some data attached to it. Almost all of the time you will want the server to execute a program and do something with that data (such as put it in a database).
The program that gets executed can be written in any programming language you like (such as Perl, PHP, JavaScript, Java, or whatever).
If I got a site uploaded to a web hosting company, I would need to get it there?
Typically, if you have web hosting already then you will use that web hosting for any server-side programming you need to do.
If the hosting service doesn't provide you with any server-side hosting options (i.e. if it is just static hosting such as you might find from Github Pages). Then that isn't an option. Likewise if the server-side options they program aren't suitable for you (e.g. they only support PHP but you want to run something written in Node.js) then you'll have to find an alternative.
The two alternatives you have are:
Move everything to hosting that provides the features you want
Host something elsewhere and keep the majority of your site in the original hosting
(There is nothing wrong with the latter option, I have one site which uses Amazon S3 static hosting for most of it but has a couple of web services running in Heroku).
Or I need to rent a server elsewhere so that I will get one?
Dedicated hosting is almost certainly very expensive overkill for your purposes.
Or it just fine to be store on a local file?
It isn't possible to do server-side programming with a file: scheme URL. There's no server to execute the program.
If you are only working locally then you can install a web server on your computer. This is normal for development purposes.
It is probably worth mentioning that there are a few common server-side programs which are available prewritten with hosting services (e.g. contact forms which email you when someone fills them in). These typically come with advertising and require that the <form> and its contents are constructed with the specific fields the service expects. If you look for one of these be careful to follow their instructions precisely.
Aside: The statement that the action attribute is required is flat out wrong. It is an optional attribute and in its absence the form will be submitted to the URL of the current page.
HTML is a front-end tool that allows you to take inputs using a form from the user. once the user clicks the submit button a post request is sent to the back-end tool (PHP in this casse; PHP is a back-end programming language). the back-end tool handles the information given and deals with it to your liking. the action attribute is basically telling the front-end (HTML) where to give the information to the back-end(PHP) which is in the form of a URL.
i highly suggest trying out this example on W3schools :
https://www.w3schools.com/tags/att_form_action.asp
I see you want to send your HTML form data to a PHP script. You can use WAMP server or XAMP server to do this locally. You should use the PHP script file path as the input for the .
For instance,
Home.html
<HTML>
....
<form action="process.php">
...
</form>
</HTML>
So, when you submit the form , the form data is passed onto the PHP file which you can access using a $_[SUBMIT] super global array in your PHP script.
Check github for projects on HTML,JAVASCRIPT,PHP.
Here's one to start: https://github.com/kristej/Uniform-Database-Management.git
If you are sending the data to an online server, you need to own it to process it. Hence try it out locally first.
Related
I wanted to create a website that would be like a dropbox of sort, which just has files that me and my organization can access. I wanted to password protect the website, just a simple username and password. I have my own domain. I have been looking all over the web to find how to do this(I am a beginner) and found that using httaccess and htpasswd would be used to secure a website similar to what is shown here: http://www.htaccesstools.com/articles/password-protection/
But I cannot seem to get it to work. I am using the s3 bucket and putting the httaccess and htpasswd file in the same folder as the index.html file. Do you know how I would get my site to have a simple password protection(thats not seen in the source code or by typing in the html)? I am not sure if I am finding the directory correctly or not to implement this password protection correctly. Thank you for taking the time to read this and hopefully this makes sense!
Anyone else had this issue?
Amazon AWS alone won't do it. htaccess and htpasswd are also not the right tools for what you want to do.
Get yourself a cheap hosting account with a company like hostgator or godaddy or namecheap or any other that will host your web page and give you PHP and MySQL.
You cannot accomplish what you want just using javascript/jQuery. Those languages run on the browser, but you want to store your files on a server. Therefore, you need the language that controls the server - that is usually PHP. (The other popular solution is ASP, which is by Microsoft and runs on costly and complex Microsoft servers -- PHP is free and runs on (free) Linux and is therefore what ALL of the cheap web hosting companies provide. MySQL is the (free) database that is analogous to Microsoft SQL)
Next, watch a video tutorial on creating a PHP / MySQL login system, such as the ones over at:
phpAcademy (now called codecourse, apparently)
theNewBoston.com
You need to learn more about:
PHP sessions
Ajax
jQuery
MySQL (possibly)
On a basic website, you can stick your files into directories and control who can access those directories by whether or not they are logged in.
You can determine if a visitor is "logged-in" or not by asking for a username/password and setting a session variable. Session variables are just variables that are stored on the server, rather than on a user's own computer (of course, that wouldn't work since every visitor has his own computer and your files are stored on a central server -- so that is where the security (variables) must reside, right?)
Anyway, in a weekend of video watching and trial-and-error you can probably get something cobbled together that will do what you want.
I have a editable html5 page and I store new elements in localStorage.
I want to synchronize my page with the server.
I want to know if I can do it without a server side script or if there is some tips to do something like this in a good way.
Thank you :)
You can pull information from the server quite easily using jQuery and then just put it on Local Storage but, if you want to upload local information to the server there is no way around, you have to use some kind of script, tough it's not that difficult, there are many languages (PHP, C#, Python...) and tools you can use.
Keep in mind that when you upload information to the server you have to sanitize it very important security measure.
Basically, the way to go is:
Post the information to the server (using AJAX or a HTML form, either way will do)
Use some server-side script to capture the variables posted.
Sanitize your data (check format, discard non-valid characters, etc)
Store it on database (Do not, ever, concatenate your data with a SQL query ok? that can make you vulnerable to a SQL injection attack), compute something or do stuff.
Return some status to the client (some confirmation maybe?)
You may want to take that confirmation and show a message to the user ("Your info was saved properly" or something like that)
is a javascript timer not sufficient for this manner? or jQuery?
The question really should be more of a problem than a question. If you're updating based on a server's variables then you could use AJAX i believe but if its like increment said variable every X seconds I would focus on using a javascript timer.
Do I have a way to retrieve post data submitted via HTML form? Particularily in Firefox, on Windows XP. I suppose Firefox holds it in it's directory inside Application Data, but they are bunch of files which names do not give any clue. They don't even have extensions, some of them are text, some binary.
Just don't tell me that post data is not stored anywhere locally.
Of course it isn't stored locally.
Do you really want Firefox to store all of your passwords and credit card numbers?
Submitted form data is not stored locally or remotely unless you have software built to do something with it. With some of the new HTML5 additions (local storage) you could code up something in JavaScript to store your posted form data but this would only be on your computer. Generally you want to post data to a remote server for processing and/or storage using one of the many server-side programming languages.
Hope this helps and sorry to give you the answer you didn't want to hear. :-)
Recently I had problems with my email account (gmx.net). I have about 30 failed login attempts a day. But that is not the topic of the question (I already changed my password).
It got me thinking. Is this in automatic attack? And if so, how is it done? I took a look at the HTML code of the page and found out, that it is pretty easy to just copy the source code of the form element and do a login attempt through a local html file (copy and paste, new HTML file, open in browser, enter your credentials, submit). That means it is an easy task to automate such things (write a little script, that does a post with various values --> Brute Force attack). I was about to write an email to the mail hosted, when I found out, that the exact same process can be done on facebook.com....
I had the impression, that since we have all these new fancy web frameworks like Rails, Django and so on, we have an automatic protection against such attacks (for example the protect from forgery which Rails includes http://ruby.about.com/od/security/a/forgeryprotect.htm)
My question here is:
Is there any sane reason to allow a login attempt from another server?
Don't give me "API", the most APIs for web application require a manual login process before authorization.
I know there are many more ways to brute force attack any website login (use a framework that controls a browser etc...) and there are many ways to protect (IP-banning etc). But shouldn't disabling a remote login be one of the first security mechanisms you would take?
I want to make a status report of when my FTP server is on and when its off. HTML is the language which I prefer to use. I have never used HTML before, and I need it due to a large request of when my ftp server is off and when its on.
If I were doing this, I would write an ASPNET page (or PHP, or etc) that simply connects and authenticates to the FTP server. If this succeeds, the server is online. The ASPX logic would then generate an HTML page indicating the results.
In the simple case you connect to the FTP server with each request for the page. It should cache the result though, and only check every minute, or five minutes, or some longer interval, regardless of how often a request for the status is made.
May i suggest instead of writing your own, you just install server monitoring tools on your server instead? It might be an easier choice that writing your own.
Google search
HTML is a static markup language. You might want need to use a server-side script like PHP or Perl to query for the FTP server status.