SVCE TIRUPATI

COURSE MATERIAL

WEB AND INTERNET TECHNOLOGIES

SUBJECT
(15A05605)

UNIT 4

COURSE B.TECH

COMPUTER SCIENCE AND

DEPARTMENT
ENGINEERING

SEMESTER 32

PREPARED BY N.NARENDRA REDDY

(Faculty Name/s) Assistant Professor

Version V-1

PREPARED / REVISED DATE 28-05-2021

|WIT -UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI

TABLE OF CONTENTS – UNIT 4

S. NO CONTENTS PAGE NO.
1 COURSE OBJECTIVES 1
2 PREREQUISITES 1
3 SYLLABUS 1
4 COURSE OUTCOMES 1
5 CO - PO/PSO MAPPING 1
6 LESSON PLAN 2
7 ACTIVITY BASED LEARNING 2
8 LECTURE NOTES 2
4.1 CREATING AND USING FORMS UNDERSTANDING COMMON 4
FORM ISSUES
4.2 GET VS. POST, VALIDATING FORM INPUT, WORKING WITH 12
MULTIPLE FORMS,
4.3 PREVENTING MULTIPLE SUBMISSIONS OF A FORM 18

4.4 XML: BASIC XML- DOCUMENT TYPE DEFINITION 21

4.5 XML SCHEMA DOM AND PRESENTING XML 29
4.6 XML PARSERS AND VALIDATION 31
4.7 XSL AND XSLT TRANSFORMATION, 35
4.8 NEWS FEED (RSS AND ATOM). 39

9 PRACTICE QUIZ 41
10 ASSIGNMENTS 42
11 PART A QUESTIONS & ANSWERS (2 MARKS QUESTIONS) 42
12 PART B QUESTIONS 44
13 SUPPORTIVE ONLINE CERTIFICATION COURSES 44
14 REAL TIME APPLICATIONS 44
15 CONTENTS BEYOND THE SYLLABUS 44
16 PRESCRIBED TEXT BOOKS & REFERENCE BOOKS 45
17 MINI PROJECT SUGGESTION 45

|WIT -UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI

1. Course Objectives
The objectives of this course is to
• To introduce client side scripting with Javascript and DHTML
• To introduce server side programming with Java servlets, JSP and PHP.
• To learn the basic web concepts and Internet protocols

2. Prerequisites
Students should have knowledge on
1. Object Oriented Programming through Java.
2. SQL QURIES.

3. Syllabus

UNIT IV
Creating and Using Forms Understanding Common Form Issues, GET vs. POST, Validating
form input, Working with multiple forms, and Preventing Multiple Submissions of a form.
XML: Basic XML- Document Type Definition XML Schema DOM and Presenting XML, XML
Parsers and Validation, XSL and XSLT Transformation, News Feed (RSS and ATOM).

4. Course outcomes
1. Student must be able to apply a web page and identify its elements and attributes.
2. Student must be able to analyze web pages using XHTML and Cascading Styles sheets
3. Student should be able design dynamic web pages.
4. Student must be able implement web applications using PHP.

5. Co-PO / PSO Mapping

WIT
O1 O2 O3 O4 PO5 O6 O7 PO8 O9 P10 PO11 PO12 SO1 SO2

CO1 3 2 2 3

CO2 3 2 3 2

CO3 3 2 3 2 3

CO4 3 2 3 3 2

1||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI

6. Lesson Plan

Lecture No. Weeks Topics to be covered References

Creating and Using Forms
1 T1
1
Understanding Common Form Issues
2 T1, R1

2||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
GET vs. POST, Validating form input
3 T1, R1
Working with multiple forms, and Preventing Multiple Submissions of a
4 form. T1, R1

XML: Basic XML- Document Type Definition

5 T1, R2
XML Schema DOM and Presenting XML
6 T1, R3
2
XML Parsers and Validation
7 T1, R1
XSL and XSLT Transformation
8 T1, R1
News Feed (RSS and ATOM)
9 T1, R1
3
10 Discussion of Previous year university questions in question papers T1, R1

7. Activity Based Learning

1. Create dynamic and interactive web sites
2. How to parse and use XML data

8. Lecture Notes

Creating and Using Forms

To create a fully functional web application, you need to be able to interact

with your users. The common way to receive information from web users is
through a form. Web forms are only Hypertext Markup Language (HTML)
elements. PHP 5 is built so that it seamlessly integrates with form elements.
Over the past few versions of PHP, its methodology for dealing with form
information has gradually evolved and is now quite robust.
Understanding Common Form Issues
When dealing with forms, the most important aspect to remember is that you
are limited to a certain variety of fields that can be applied to a form. The
fields that have been created are non-negotiable and work in only the way
they were created to work. The < form > element bundles together all the
form widgets (also known as controls or fields).
Various Form Elements and their Description
TEXT INPUT - A simple text box
PASSWORD INPUT - A text box that hides the characters inputted
HIDDEN INPUT – A field that does not show on the form but can contain data
SELECT - A drop-down box with options
LIST - A select box that can have multiple options selected
CHECKBOX - A box that can be checked
RADIO - A radio button that can act as a choice
3||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
TEXTAREA - A larger box that can contain paragraph-style entries
FILE - An element that allows you to browse your computer for a file
SUBMIT - A button that will submit the form
RESET - A button that will reset the form to its original state
A well-designed form, divides itself into logical chunks using the < fieldset >
element. Each chunk gets a title, courtesy of the < legend > element.
The following Example demonstrate the forms
registration.html
<html>
<head>
<title>Registration form</title>
</head>
<body>
<h1>Registration Form</h1>
<form name=―registration‖ method=―‖ action=‖‖>
<fieldset>
<legend>Personal Information</legend>
Name : <input type='text' name='name' placeholder="Name As Per
SSC"><br>
Father Name: <input type=―text‖ name=―fname‖ placeholder=―Name As
Per SSC‖ ><br> Gender: <select id="gender">
<option value="female">Female</option>
<option value="male">Male</option>
</select><br>
Age: <input id="age" type="number" min="0" max="120"><br> </fieldset>
<fieldset>
<legend>Contact Details</legend> Telephone: <input id="telephone"><br>
Email: <input type='text' id="email"><br>
</fieldset>
<fieldset>
<legend>Pick Your Favorite Animals</legend>
<input id=―cow" type="checkbox"> Cow
<input id="cat" type="checkbox"> Cat
<input id=―dog" type="checkbox"> Dog
<input id="elephant" type="checkbox"> Elephant
</fieldset>
<p><input type="submit" value="Submit Application"></p>
</form>
4||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
</body>
</html>

GET vs. POST

The two ways available to a web developer that the information entered into
the form is transmitted to its destination by using method. the two methods
are GET and POST.
GET
When sending data using the GET method, all fields are appended to the
Uniform Resource Locator (URL) of the browser and sent along with the
address as data. Sending data using the GET method means that fields are
generally capped at 150 characters, which is certainly not the most effective
means of passing information. It is also not a secure means of passing data,
because many people know how to send information to a script using an
address bar. PHP's current methods for dealing with GET variable is the $_GET
superglobal. Syntax is $_GET['Variable Name'];.
The following Example demonstrate the working of the GET method File
Name: get.php
<html>
<head>
<title>Example for get</title>
</head>
<body>
<form action="get-demo.php" method="GET">
<p>GET Example:</p>
User Name: <input type="text" name="uname" maxlength="150" /><br /><br
/> Password: <input type="password" name="pwd" maxlength="150" /><br />
<input type="submit" value="Submit with GET" style="margin-top: 10px;" />
</form>
</body>
</html>

Fig: Output of get.php

File Name: get-demo.php
<html>
<head>
5||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
<title>Example for GET</title>
</head>
<body>
<?php
if (trim ($_GET['uname']) != "" && trim ($_GET['pwd']) != ""){ echo "Your User
Name (with GET): " . $_GET['uname'];
echo "<br>Your password (with GET) : ". $_GET['pwd'];
} else {
echo "You must submit a value.";
}
?><br /><a href="get.php">Try Again</a>
</body>
</html>

Fig: Output after submit get.php (see the address bar)

When using the GET method, hitting the Refresh button after submitting data
the browser will automatically send the data again.
POST
When sending data using the POST method, values are sent as standard input
(the data will be sended through body not in URL). Sending data using the
POST method is quite a bit more secure (because the method cannot be
altered by appending information to the address bar) and can contain as
much information as you choose to send. Therefore, whenever possible, use
the POST method for sending information and then adjust your script to
handle it.
PHP s current methods for dealing with POST variable is the $_POST
superglobal.
Syntax is
$_POST['Variable Name'];.
The following Example demonstrate the working of the POST method File
Name: post.php
<html>
<head>
<title>Example for POST</title>

6||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
</head>
<body>
<form action="post-demo.php" method="post">
<p>POST Example:</p>
<input type="hidden" name="submitted" value="yes" />
User Name: <input type="text" name="uname" maxlength="150" /><br /><br
/> Password: <input type="password" name="pwd" maxlength="150" /><br />
<input type="submit" value="Submit with POST" style="margin-top: 10px;" />
</form>
</body>
</html>

Fig: Output of post.php

File Name: post-demo.php
<html>
<head>
<title>Example for POST</title>
</head>
<body>
<?php
if (trim ($_POST['uname']) != "" && trim ($_POST['pwd']) != ""){ echo "Your User
Name (with POST): " . $_POST['uname'];
echo "<br> Your password(with POST) :". $_POST['pwd'] ;
} else {
echo "You must submit a value.";
}
?><br /><a href=―post.php">Try Again</a>
</body>
</html>

Fig: Output after submit post.php (see the address bar)

7||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
Hitting the Refresh button after submitting data using the POST form, the
browser will ask you if you want to resubmit the data that was passed to it
previously. If you want to resend the data, you must select Yes (Resend) to
this option.

Fig: Refresh after submitting the form it asks confirmation

GET Vs POST

Validating form input

Validation is a way to catch mistakes when they happen (or even better, to
prevent them from happening at all).
Client-side validation: These are the checks that happen in the browser, before
a form is submitted. The goal here is to make life easier for the people filling out
the form.
Examples: HTML5, JavaScript etc.
Server-side validation: These are the checks that happen after a form is sent
back to the web server. At this point, it is up to your server-side code to review
the details and make sure everything is proper before continuing. No matter
what the browser does, server-side validation is essential.
The following example shows a few examples of form
validation using PHP. Filename: validation.php
<html>

8||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVCE TIRUPATI
<head>
<title> Validation DEMO </title>
<?php
if($_SERVER["REQUEST_METHOD"]=="PO
ST"){
if($_POST["uname"]==―‖){
echo "<font color=red>Please Enter valid User name</font><br>";
}
else if(strlen($_POST["uname"])<6){
echo "<font color=red>Please Enter valid User name with more than 6
characters<br></font>";
}
if($_POST["pwd"]==―‖){
echo "<font color=red>Please Enter valid Password</font><br>";
}
else if(strlen($_POST["pwd"])<6){
echo "<font color=red>Please Enter valid Password with more than 6
characters<br></font>";
}
}
?>
</head>
<body>
<form method=POST action="<?php $_SERVER['PHP_SELF']?>" >
<table>
<tr> <td>NAME:</td> <td><input type=text name="uname" /></td> </tr>
<tr> <td>PASSWORD:</td> <td><input type=password name="pwd" /></td>
</tr>
<tr><td><input type=reset value=CLEAR /></td> <td><input type=submit
value=NEXT
/></td></tr>
</table>
</form>
<?php if($_SERVER["REQUEST_METHOD"]=="POST"){
if($_POST["uname"]!=―‖ && strlen($_POST["uname"])>=6 && $_POST["pwd"]!=―‖
&& strlen($_POST["pwd"])>=6){
echo "Name:<font color=green>".$_POST['uname']."<br></font>"; echo
"Password: <font color=green>".$_POST['pwd']."<br></font>";
}
}
?>
</body>

9||WIT-UNIT -IV

BTECH_CSE-SEM 32
SVEC TIRUPATI
</html>

Fig: Output of validation.php after submitting empty values

In the above script: $_SERVER[“PHP_SELF"] The filename of the currently
executing script, relative to the document root. The above program
demonstrates the validation in same page. It is possible to perform the
validations using GET and POST methods into the other pages.
Working with multiple forms
Sometimes you will need to collect values from more than one page. Most
developers do this for the sake of clarity. By providing forms on more than one
page, you can separate blocks of information and thus create a flexible
experience for the user. The problem, therefore, is how to GET values from
each page onto the next page and finally to the processing script.
Being the great developer that you are, you can solve this problem and use
the hidden input form type. When each page loads, you only load the values
from the previous pages into hidden form elements and submit them.
page1.php
<html>
<head>
<title>Personal information</title>
</head>
<body>
<form method=POST action="page2.php">
<table align=center>
<tr> <td>NAME</td><td><input type="text" name="name"></td> </tr>
<tr> <td>FATHER NAME</td><td><input type="text" name="fname"></td>
</tr>
<tr> <td>MOTHER NAME</td><td><input type="text" name="mname"></td>
</tr>
<tr><td>GENDER</td><td> <input type="radio" name="gen"
Value="MALE">MALE
<input type="radio" name=gen value=Female>FEMALE</td> </tr>
<tr> <td><input type=reset value=clear></td> <td><input type="submit"
value="NEXT>>"></td>
</tr>
</form>
</body>

10 | | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
</html>

Fig: Output of page1.php

page2.php
<html>
<head>
<title>Contact information</title>
</head>
<body>
<form method=POST action="page3.php">
<table align=center>
<tr> <td>E-Mail</td><td><input type="text" name="email"></td> </tr>
<tr> <td>Mobile</td><td><input type="text" name="Mobile"></td> </tr>
<tr> <td>ADDRESS</td><td><textarea name=address></textarea></td> </tr>
<input type=hidden name="name" value="<?php echo $_POST['name'];?>" />
<input type=hidden name="fname" value="<?php echo $_POST['fname'];?>"
/>
<input type=hidden name="mname" value="<?php echo
$_POST['mname'];?>" />
<input type=hidden name="gen" value="<?php echo $_POST['gen'];?>" />
<tr> <td><input type=reset value=clear></td> <td><input type="submit"
value="NEXT>>"></td>
</tr>
</table>
</form>
</body>
</html>

Fig: Output of page2.php

page3.php
<html>
<head>
<title>Educational Details</title>
</head>
<body>
<form method=POST action="page4.php">
11 | | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<table align=center>
<tr> <td>SSC Percentage</td><td><input type="text" name="ssc"></td> </tr>
<tr> <td>Intermediate/10+2</td><td><input type="text" name="inter"></td>
</tr>
<tr> <td>UG </td><td><input type=text name=ug></td> </tr>
<input type=hidden name="name" value="<?php echo $_POST['name'];?>"
/>
<input type=hidden name="fname" value="<?php echo $_POST['fname'];?>"
/>
<input type=hidden name="mname" value="<?php echo
$_POST['mname'];?>" />
<input type=hidden name="gen" value="<?php echo $_POST['gen'];?>" />
<input type=hidden name="email" value="<?php echo $_POST['email'];?>" />
<input type=hidden name="Mobile" value="<?php echo $_POST['Mobile'];?>"
/>
<input type=hidden name="address" value="<?php echo
$_POST['address'];?>" />
<tr> <td><input type=reset value=clear></td> <td><input type="submit"
value="NEXT>>"></td>
</tr>
</table>
</form>
</body>
</html>

Fig: Output of page3.php

page4.php
<html>
<head>
<title>Complete Information</title>
</head>
<body>
<table align=center width=40%>
<tr> <td colspan=2><h5>Personal Details</h5></td> </tr>
<tr> <td>NAME</td><td><?php echo $_POST["name"];?></td> </tr>
<tr> <td>FATHER NAME</td><td><?php echo $_POST["fname"];?></td> </tr>
<tr> <td>MOTHER NAME</td><td><?php echo $_POST["mname"];?></td>
</tr>
<tr> <td>GENDER</td><td><?php echo $_POST["gen"];?></td> </tr>
<tr> <td colspan=2><h5>Contact details</h5></td> </tr>
<tr> <td>E-Mail</td><td><?php echo $_POST["email"];?></td> </tr>
12 | | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<tr> <td>Mobile</td><td><?php echo $_POST["Mobile"];?></td> </tr>
<tr> <td>ADDRESS</td><td><?php echo $_POST["address"];?></td> </tr>
<tr> <td colspan=2><h5>Educational details</h5></td> </tr>
<tr> <td>SSC Percentage</td><td><?php echo $_POST["ssc"];?></td> </tr>
<tr> <td>Intermediate/10+2</td><td><?php echo $_POST["inter"];?></td>
</tr>
<tr> <td>UG </td><td><?php echo $_POST["ug"];?></td> </tr>
</table>
</body>

</html>

Fig: Output of page4.php

As you can see, by passing the values in the hidden form fields, you can
continue to collect information.
3 . Redisplaying Forms with Preserved Information and Error Messages
When receiving information submitted from a user, the information may not be
submitted in the format you need. To ensure that users do not GET frustrated,
it is important to inform them of what they did wrong and clearly tell them how
to fix the problem. It is also bad practice to force users to completely rewrite
all the proper information they may have already submitted on the form. If
users are forced to do redundant work, they may become irritated and
potentially disregard your service altogether. Therefore, to keep users happy,
it is important to validate properly and clearly while keeping matters as simple
for them as possible.
Example:
<html>
<head>
<title> Validation DEMO </title>
<?php if($_SERVER["REQUEST_METHOD"]=="POST"){
if($_POST["uname"]==―‖){
echo "<font color=red>Please Enter valid User name</font><br>";

13 | | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
}
else if(strlen($_POST["uname"])<6){
echo "<font color=red>Please Enter valid User name with more than 6
characters<br></font>";
}
if($_POST["pwd"]==―‖){
echo "<font color=red>Please Enter valid Password</font><br>";
}
else if(strlen($_POST["pwd"])<6){
echo "<font color=red>Please Enter valid Password with more than 6
characters<br></font>";
}
}
?>
</head>
<body>
<form method=POST action="<?php $_SERVER['PHP_SELF']?>" >

14 | | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

<table>
<tr><td>NAME:</td> <td><input type=text name="uname" /></td> </tr>
<tr><td>PASSWORD:</td> <td><input type=password name="pwd" /></td>
</tr>
<tr><td><input type=reset value=CLEAR /></td> <td><input type=submit
value=NEXT /></td>
</tr>
</table>
</form>
<?php if($_SERVER["REQUEST_METHOD"]=="POST"){
if($_POST["uname"]!=―‖ && strlen($_POST["uname"])>=6 &&
$_POST["pwd"]!=―‖ && strlen($_POST["pwd"])>=6){
echo "Name:<font color=green>".$_POST['uname']."<br></font>"; echo
"Password: <font color=green>".$_POST['pwd']."<br></font>";
}
}
?>
</body>
</html>

Fig: Name with less than 6 characters and with out password

Fig: With out password and with name

Fig: With valid inputs ..

Global & Super global variables
GLOBAL
$GLOBALS References all variables available in global scope. It is an
associative array containing references to all variables which are currently
defined in the global scope of the script. The variable names are the keys of
the array.
Example:

15 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

<?php function
test() {
$foo = "local content";
echo '$foo in global scope: ' .
$GLOBALS["foo"]; echo '<br>$foo in
current scope: ' . $foo . "\n";
}
$foo = "Global
content";
test();
?>
OUTPUT:
$foo in global scope: Global content
$foo in current scope: local content
Superglobal variables
Superglobals are built-in variables that are always available in all scope.
Several predefined variables in PHP are "superglobals", which means they are
available in all scopes throughout a script. Superglobals were introduced to
PHP 4.1. There is no need to do global $variable; to access them within
functions or methods. These superglobal variables are: The $_SERVER
superglobal contains information created by the web serverdetails regarding
the server and client configuration and the current request environment.
Examples:
• $_SERVER['HTTP_REFERER']: The URL of the page that referred the user to the
current location.
• $_SERVER['REMOTE_ADDR']: The clients IP address.
• The $_GET superglobal contains information pertinent to any parameters
passed using the GET method.
• The $_POST superglobal contains information pertinent to any parameters
passed using the POST method.
• The $_COOKIE superglobal stores information passed into the script through
HTTP cookies. Such cookies are typically set by a previously executed PHP script
through the PHP function setcookie().
Example:
<html>
<head>
<title> Validation DEMO </title>
<?php if($_SERVER["REQUEST_METHOD"]=="POST"){
if($_POST["uname"]==―‖){
echo "<font color=red>Please Enter valid User name</font><br>";
16 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

}
else if(strlen($_POST["uname"])<6){
echo "<font color=red>Please Enter valid User name with more than 6
characters<br></font>";
}
if($_POST["pwd"]==―‖){
echo "<font color=red>Please Enter valid Password</font><br>";
}
else if(strlen($_POST["pwd"])<6){
echo "<font color=red>Please Enter valid Password with more than 6
characters<br></font>";
}
}
?>
</head>
<body>
<form method=POST action="<?php $_SERVER['PHP_SELF']?>" >
<table>
<tr> <td>NAME:</td> <td><input type=text name="uname" /></td> </tr>
<tr> <td>PASSWORD:</td> <td><input type=password name="pwd" /></td>
</tr>
<tr><td><input type=reset value=CLEAR /></td> <td><input type=submit
value=NEXT
/></td></tr>
</table>
</form>
<?php if($_SERVER["REQUEST_METHOD"]=="POST"){
if($_POST["uname"]!=―‖ && strlen($_POST["uname"])>=6 &&
$_POST["pwd"]!=―‖ && strlen($_POST["pwd"])>=6){
echo "Name:<font color=green>".$_POST['uname']."<br></font>"; echo
"Password: <font color=green>".$_POST['pwd']."<br></font>";
}
}
?>
</body>
</html>
4.4 Preventing Multiple Submissions of a Form
One possible occurrence that happens often is that users become impatient
when waiting for your script to do what it is doing, and hence they click the
submit button on a form repeatedly. This can create confusion to your script

17 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

because, while the user may not see anything happening, your script is
probably going ahead with whatever it has been programmed to do.
Of particular danger are credit card number submittals. If a user continually
hits the submit button on a credit card submittal form, their card may be
charged multiple times if the developer has not taken the time to validate
against such an eventuality. You can deal with multiple submittal validation in
essentially two ways.
• Server side refers to a script located on the server that is receiving the data.
• Client side is mostly browser related.
Preventing Multiple Submissions on the Server Side
While you can accomplish this goal in a number of ways from a server-side
perspective, we prefer to use a session-based method. Basically, once the
submit button has been clicked; the server logs the request from the individual
user. If the user attempts to resubmit a request, the script notes a request is
already in motion from this user and denies the subsequent request. Once the
script has finished processing, the session is unset, and you have no more
worries. The following script is an example for Preventing Multiple Submissions
on the Server Side
Filename: p1.php
<html>
<body>
<form name="test" method="post" action="p2.php"> Name::<input type="text"
name="uname"><br> Password::<input type="password" name="pwd"><br>
<input type="submit" value="SUBMIT" id="submitbut"><br>
</form>
</body>
</html>
Filename: p2.php
<?php
$name=$_POST['uname'];
$pwd=$_POST['pwd']; session_start(); if(!isset($_SESSION['x'])){
$_SESSION['x']=TRUE;
} if($_SESSION['x']==TRUE){
mysql_connect("localhost","root",""); mysql_select_db("TEST");
mysql_query("INSERT INTO login(uname,pwd) VALUES('$name','$pwd')");
$_SESSION['x']=FALSE;
for($i=0;$i<=2000000;$i++);//do nothing
for($i=0;$i<=2000000;$i++);//do nothing
for($i=0;$i<=2000000;$i++);//do nothing

18 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

for($i=0;$i<=2000000;$i++);//do nothing
for($i=0;$i<=2000000;$i++);//do nothing
}
echo "Successfully added to database"; session_unset();
?>
Preventing Multiple Submissions on the Client Side
Handling multiple submittals from a client-side perspective is actually much
simpler than doing it on the server side. With well-placed JavaScript, you can
ensure that the browser will not let the submittal go through more than once.
The problem with this method, of course, is that JavaScript is not always
foolproof because of the user‘s ability to turn it off. The following example uses
JavaScript to cut off multiple submittals from a client-side (browser) level.
Filename: p1.php
<html>
<head>
<script>
function checkandsubmit() {
//Disable the submit button.
document.test.submitbut.disabled = true;
//Then submit the form.
document.test.submit();
}
</script>
</head>
<body>
<form name="test" onsubmit="return checkandsubmit ()" method="post"
action="p2.php"> Name::<input type="text" name="uname"><br>
Password::<input type="password" name="pwd"><br>
<input type="submit" value="SUBMIT" id="submitbut"><br>
</form>
</body>
</html>
After submitting, the button will be disabled as follows

Handling Special Characters

An added security feature, particularly when dealing with database submittal,
is validating against special characters being inserted into your script. Be it a
database insertion script, a contact form, or even a mailer system, you always
19 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

want to ensure that no malicious users are attempting to sabotage your script
with bad (or special) characters. PHP allots a number of functions to use in this
regard. string trim ( string str [, string charlist] )
string htmlspecialchars ( string string [, int quote_style [, string charset]] ) string
strip_tags ( string str [, string allowable_tags] )
string addslashes ( string str )
The following script demonstrates above functions
<?php
$msg1=" Welcome to PHP ";//for trim
$msg2="<b>Welcome to php</b>";
$msg3="Welcome \n to \php";
echo "With out using trim(): **".$msg1."**<br>";
echo "Using trim():**".trim($msg1)."**<br><br><br>";
echo "With out using htmlspecialchars(): ".$msg2."<br>";
echo "Using htmlspecialchars(): ".htmlspecialchars($msg2)."<br><br><br>";
echo "Using strip_tags(): ".strip_tags($msg2)."<br><br><br>";
echo "With out Using addslashes(): ".$msg3."<br>";
echo "Using addslashes(): ".addslashes($msg3)."<br><br><br>";
?>
OUTPUT:
With out using trim(): ** Welcome to PHP ** Using trim():**Welcome to PHP**
With out using htmlspecialchars(): Welcome to php Using htmlspecialchars():
<b>Welcome to php</b> Using strip_tags(): Welcome to php
With out Using addslashes(): Welcome to \php Using addslashes(): Welcome
to \\php
• The trim() function removes any blank space found at the beginning or end
of the submitted string.
• The htmlspecialchars() function turns attempted HTML into its special
character equivalent.
• The strip_tags() function completely removes any characters it sees as being
a tag.
• addslashes(), places a slash in front of any characters that could be harmful
to the database such as apostrophes. The end result is a string that is quite
squeaky clean.
7. File Uploads
Handling file uploads in PHP is not exactly difficult from a syntax point of view,
but it is important (extremely important in fact) to ensure that the file being
uploaded is within the upload constraints you lay out for it. The following are
the constrains of File:
• size: The size of the uploaded file (in bytes). You could easily find your server
20 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

under some heavy loads if you are not careful about what size of files are being
uploaded.
• type: The MIME type of the uploaded file. Ex: .jpeg, .pdf, .doc, etc,.
• name: The original file name that was uploaded. It is possible to change file
name at the time of uploading.
• tmp_name: The temporary name of the file that has been uploaded.
• error: The error code that may be generated by the file upload. The
following Example demonstrate file uploading using Form
<form action="" method="post" enctype="multipart/form-data">
<p>Upload Pictures:
<input type="file" name="pictures[]" />
<input type="file" name="pictures[]" />
<input type="file" name="pictures[]" />
<input type="submit" value="Send" name="submitbut"/>
</p>
</form>
<?php
if(isset($_POST['sub
mitbut']))
{
foreach ($_FILES["pictures"]["error"] as $key
=> $error) { if ($error == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["pictures"]["tmp_name"][$key];
$name =
$_FILES["pictures"]["name"][$key];
move_uploaded_file($tmp_name,
"data/$name");
}
}
}
?>
XML:
What is XML?
Extensible Markup Language (XML) is used to describe data. The XML standard
is a flexible way to create information formats and electronically share
structured data via the public Internet, as well as via corporate networks.
Short for Extensible Markup Language, a specification developed by the W3C.
XML is a pared- down version of SGML, designed especially for Web
documents. It allows designers to create their own customized tags, enabling
the definition, transmission, validation, and interpretation of data between
21 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

applications and between organizations.

➢ XML was designed to describe data.
➢ XML tags are not predefined in XML. You must define your own tags.
➢ XML is self describing.
➢ XML uses a DTD (Document Type Definition) to formally describe the
data.
XML BASICS
XML, or eXtensible markup language, is all about creating a universal way for
both formatting and presenting data. Once data is coded or marked up with
XML tags, data can then be used in many different ways.
Main features of XML:
➢ XML files are text files, which can be managed by any text editor.
➢ XML is very simple, because it has less than 10 syntax rules.
➢ Because of these features, XML offers following advantages
➢ XML provides a basic syntax that can be used to share information
between different kinds of computers, different applications, and different
organizations. XML data is stored in plain text format.
➢ With XML, your data can be available to all kinds of "reading
machines" (Handheld computers, voice machines, news feeds, etc), and
make it more available for blind people, or people with other disabilities.
➢ Databases can trade tables, business applications can trade
updates, and document systems can share information.
➢ It supports Unicode, allowing almost any information in any written
human language to be communicated.
➢ Its self-documenting format describes structure and field names as
well as specific values.
➢ Content-based XML markup enhances searchability, making it
possible for agents and search engines to categorize data instead of wasting
processing power on context-based full- text searches.
➢ XML is heavily used as a format for document storage and
processing, both online and offline.

22 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
➢ It is based on international standards.
➢ It is platform-independent, thus relatively immune to changes in
technology.
➢ Forward and backward compatibility are relatively easy to maintain
despite changes in DTD or Schema.
How can XML be used?
➢ XML can keep data separated from HTML
➢ XML can be used to store data inside HTML documents
➢ XML can be used as a format to exchange information
➢ XML can be used to store data in files or in databases

An example XML document:

<?xml version="1.0"?> // It defines the XML version of the document.
<note> // the first element of the document (the root element):
<to>Abhi</to> // defines 4 child elements of the root (to, from, heading, and
body)
<from>Avi</from>
<heading>Reminder</heading>
<body>Please send me the details of SAP!</body>
</note> // the end of the root element
Main points to be considered in XML
1. In XML all elements must have a closing tag like this: <p>This is a
paragraph</p>
2. XML tags are case sensitive. The tag <Letter> is different from the tag
<letter>.
3. In XML all elements must be properly nested within each other like
this:

<b><i>This text is bold and italic</i></b>

4. All XML documents must contain a single tag pair to define the root
element. All other elements must be nested within the root element. All
elements can have sub (children) elements. Sub elements must be in pairs and
correctly nested within their parent element:

<root>
<child>
<subchild>
</subchild>
</child>
</root>
5. XML elements can have attributes in name/value pairs just like in
HTML. In XML the attribute value must always be quoted.

<?xml version="1.0"?>

23 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<note date=12/11/99> // Incorrect
<note date="12/11/99"> // Correct
<to>Abhi</to>
<from>Avi</from>
<heading>Reminder</heading>
<body>Don't forget the visit!</body>
</note>
The logical structure of an XML document.

The main difference between XML and HTML

HTML is an abbreviation for HyperText Markup Language while XML stands for
eXtensible Markup Language.The differences are as follows:-
1. HTML was designed to display data with focus on how data looks while
XML was designed to be a software and hardware independent tool used to
transport and store data, with focus on what data is.
2. HTML is a markup language itself while XML provides a framework for
defining markup languages.
3. HTML is a presentation language while XML is neither a programming
language nor a presentation language.
4. HTML is case insensitive while XML is case sensitive.
5. HTML is used for designing a web-page to be rendered on the client
side while XML is used basically to transport data between the application and
the database.
6. HTML has its own predefined tags while what makes XML flexible is that
custom tags can be defined and the tags are invented by the author of the
XML document.
7. HTML is not strict if the user does not use the closing tags but XML makes
it mandatory for the user the close each tag that has been used.
8. HTML does not preserve white space while XML does.
9. HTML is about displaying data, hence static but XML is about carrying
information, hence dynamic. Thus, it can be said that HTML and XML are not
24 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
competitors but rather complement to each other and clearly serving
altogether different purposes.
Types of XML Documents
There are two kinds of XML documents:
1. Well-formed
A "Well Formed" XML document is a document that conforms to the XML syntax
rules. They contain text and XML tags. Everything is entered correctly. They do
not, however, refer to a DTD. The following is a "Well Formed" XML document:
<?xml version="1.0"?>
<note>
<to>Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
</note>
2. Valid
Valid documents not only conform to XML syntax but they also are error
checked against a
Document Type Definition (DTD) or schema
The following is the same document as above but with an added reference
to a DTD:
<?xml version="1.0"?>
<!DOCTYPE note SYSTEM "InternalNote.dtd">
<note>
<to>Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
</note>
The building blocks of XML documents
XML documents (and HTML documents) are made up by the following building
blocks:- Elements, Tags, Attributes, Entities, PCDATA, and CDATA
This is a brief explanation of each of the building blocks:
Elements
Elements are the main building blocks of both XML and HTML documents.
Examples of HTML elements are "body" and "table".
Examples of XML elements could be "note" and "message". Elements can
contain text, other elements, or be empty. Examples of empty HTML elements
are "hr", "br" and "img".
In a DTD, elements are declared with an ELEMENT declaration.
Tags
Tags are used to markup elements.
A starting tag like <element_name> mark up the beginning of an element, and
an ending tag like
25 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
</element_name> mark up the end of an element.
Examples: A body element: <body>body text in between</body>. A message
element:
<message>some message in between</message>
Attributes
Attributes provide extra information about elements.
Attributes are placed inside the start tag of an element. Attributes come in
name/value pairs. The following "img" element has an additional information
about a source file:
<img src="computer.gif" />
The name of the element is "img". The name of the attribute is "src". The value
of the attribute is "computer.gif". Since the element itself is empty it is closed by
a " /".
PCDATA
PCDATA stands for Parsed Character data. PCDATA is the text that will be
parsed by a parser. Tags inside the PCDATA will be treated as markup and
entities will be expanded.
CDATA
CDATA: (Unparsed Character data): CDATA contains the text which is not
parsed further in an XML document. Tags inside the CDATA text are not treated
as markup and entities will not be expanded.
Entities
Entities as variables used to define common text. Entity references are
references to entities.
Most of you will known the HTML entity reference: "&nbsp;" that is used to insert
an extra space in an HTML document. Entities are expanded when a
document is parsed by an XML parser.
The following entities are predefined in XML:
: Entity Character
References
&lt; <
&gt; >
&amp; &
&quot; "
&apos; '
<note>
<to>Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend</body>
</note>
Document Type Definition Introduction to DTD
The purpose of a DTD is to define the legal building blocks of an XML
document. It defines the document structure with a list of legal elements. A
26 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
DTD can be declared inline in your XML document, or as an external reference.
Internal DTD
This is an XML document with a Document Type Definition
<?xml version="1.0"?> <!DOCTYPE note [
<!ELEMENT note (to,from,heading,body)>
<!ELEMENT to (#PCDATA)>
<!ELEMENT from (#PCDATA)>
<!ELEMENT heading (#PCDATA)>
<!ELEMENT body (#PCDATA)>
]>
<note>
<to>Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
</note>
The DTD is interpreted like this:
!ELEMENT note (in line 2) defines the element "note" as having four elements:
"to,from,heading,body". !ELEMENT to (in line 3) defines the "to" element to be
of the type "CDATA". !ELEMENT from (in line 4) defines the "from" element to be
of the type "CDATA" and so on.....
External DTD
This is the same XML document with an external DTD:
<?xml version="1.0"?>
<!DOCTYPE note SYSTEM "note.dtd">
<note>
<to>Tove</to><from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
</note>
This is a copy of the file "note.dtd" containing the Document Type Definition:
<?xml version="1.0"?>
<!ELEMENT note (to,from,heading,body)>
<!ELEMENT to (#PCDATA)>
<!ELEMENT from (#PCDATA)>
<!ELEMENT heading (#PCDATA)>
<!ELEMENT body (#PCDATA)>

Example(Program) on DTD
This is an example of an XML document that used an external DTD file and
cascading style sheet (CSS) file.
The XML File
The following file is called "parts.xml".
<?xml version="1.0"?>
27 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<!DOCTYPE PARTS SYSTEM "parts.dtd">
<?xml-stylesheet type="text/css" href="xmlpartsstyle.css"?>
<PARTS>
<TITLE>Computer Parts</TITLE>
<PART>
<ITEM>Motherboard</ITEM>
<MANUFACTURER>ASUS</MANUFACTURER>
<MODEL>P3B-F</MODEL>
<COST> 123.00</COST>
</PART>
<PART>
<ITEM>Video Card</ITEM>
<MANUFACTURER>ATI</MANUFACTURER>
<MODEL>All-in-Wonder Pro</MODEL>
<COST> 160.00</COST>
</PART>
<PART>
<ITEM>Sound Card</ITEM>
<MANUFACTURER>Creative Labs</MANUFACTURER>
<MODEL>Sound Blaster Live</MODEL>
<COST> 80.00</COST>
</PART>
<PART>
<ITEMᡋ inch Monitor</ITEM>
<MANUFACTURER>LG Electronics</MANUFACTURER>
<MODEL> 995E</MODEL>
<COST> 290.00</COST>
</PART>
</PARTS>
This file specifies the use of two external files.

<!DOCTYPE PARTS SYSTEM "parts.dtd">

The Style File

The following file is used to set the style of the elements in the XML file. It is called
"xmlpartstyle.css".
PARTS
{ display: block } TITLE
{ display: block; font-family: arial; color: #008000;
font-weight: 600;
font-size: 22; margin-top: 12pt; text-align: center } PART
{ display: block } ITEM
{ display: block; font-family: arial; color: #000080;
font-weight: 400; margin-left: 15pt; margin-top: 12pt; font-size: 18 }
28 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
MANUFACTURER
{ display: block; font-family: arial; color: #600060;
font-weight: 400; margin-left: 45pt; margin-top: 5pt; font-size: 18 } MODEL
{ display: block; font-family: arial; color: #006000;
font-weight: 400; margin-left: 45pt;
margin-top: 5pt; font-size: 18 } COST
{ display: block; font-family: arial; color: #800000;
font-weight: 400; margin-left: 45pt; margin-top: 5pt; font-size: 18 }

Why use a DTD?

XML provides an application independent way of sharing data. With a DTD,
independent groups of people can agree to use a common DTD for
interchanging data. Your application can use a standard DTD to verify that
data that you receive from the outside world is valid. You can also use a DTD
to verify your own data.
A lot of forums are emerging to define standard DTDs for almost everything in
the areas of data exchange.
XML Schema
A schema formally describes what a given XML document contains, in the
same way a database schema describes the data that can be contained in
a database (table structure, data types). An XML schema describes the
coarse shape of the XML document, what fields an element can contain,
which sub elements it can contain, and so forth. It also can describe the values
that can be placed into any element or attribute.
An XML Schema is a language for expressing constraints about XML
documents. There are several different schema languages in widespread use,
but the main ones are Document Type Definitions (DTDs), Relax-NG,
Schematron and W3C XSD (XML Schema Definitions).
What is XML Schema Used For?
A Schema can be used:
o to provide a list of elements and attributes in a vocabulary;
o to associate types, such as integer, string, etc., or more specifically such as
hatsize, sock_colour, etc., with values found in documents;
o to constrain where elements and attributes can appear, and what can
appear inside those elements, such as saying that a chapter title occurs inside
a chapter, and that a chapter must consist of a chapter title followed by one
or more paragraphs of text;
o to provide documentation that is both human-readable and machine-
processable;
o to give a formal description of one or more documents.
What is the difference between XML Schema and DTD?
i) DTD is the predecessor of XML schema.
ii) While DTD provides the basic structure/grammar for defining a XML
document, in addition to that XML schema provides methods to define
29 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
constraints on the data contained in the document. Therefore XML schema is
considered to be richer and powerful than DTD.
iii)Also, XML schema provides an object oriented approach for defining the
structure of a XML document. But since XML schema is a new technology,
some XML parsers do not support it yet.
iv) XML Schema is namespace aware, while DTD is not.
v) XML Schemas are written in XML, while DTDs are not.
vi) XML Schema is strongly typed, while DTD is not.
vii) XML Schema has a wealth of derived and built-in data types that are not
available in DTD.
viii) XML Schema does not allow inline definitions, while DTD does.

DTD vs. XSD

DTD XSD
DTD stands for XSD stands for XML
Document Type Schema
Definition. Definition.
DTDs are derived XSDs are written in
from SGML syntax. XML.
DTD doesn't XSD supports
support datatypes for
datatypes. elements
and attributes.
DTD doesn't XSD supports
support namespace.
namespace.
DTD doesn't XSD defines order
define order for for child elements.
child
elements.
DTD is not XSD is extensible.
extensible.
DTD provides less XSD provides
control on XML more control on
structure. XML
structure.

Example(Program) on Schema
This example attempts to validate an XML data file (books.xml) against an XML
schema definition file (books.xsd). According to books.xsd, each <book>
element must have a <pub_date> child element. The second <book> element
in books.xml does not have this required element. Therefore, when we attempt
to validate the XML file , we should get a validation error.
XML file(books.xml)
<?xml version="1.0"?>
<x:books xmlns:x="urn:books">
<book id="bk001">
30 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<author>Writer</author>
<title>The First Book</title>
<genre>Fiction</genre>
<price>44.95</price>
<pub_date>2000-10-01</pub_date>
<review>An amazing story of nothing.</review>
</book>
<book id="bk002">
<author>Poet</author>
<title>The Poet's First Poem</title>
<genre>Poem</genre>
<price>24.95</price>
<review>Least poetic poems.</review>
</book>
</x:books>

DOM and Presenting XML Document Object Model

XML parsers can handle documents in any way that their developers choose.
There are two models commonly used for parsers i.e., SAX and DOM. SAX
parsers are used when dealing with streams of data. This type of parsers is
usually used with java. SAX-based parsers run quickly.
DOM is and application program interface (API) for XML documents. The DOM
API specifies the logical structure of XML documents and the ways in which
they can be accessed and manipulated. The DOM API is just a specification.
DOM-complaint applications include all of the functionality needed to handle
XML documents. They can build static documents, navigate and search
through them, add new elements, delete elements, and modify the content
of existing elements. The views XML document as trees. The DOM exposes the
whole of the document to applications. It is also scriptable so applications can
manipulate the individual nodes.
Presenting XML
XML documents are presented using Extensible Stylesheet which expresses
stylesheets. XSL stylesheet are not the same as HTML cascading stylesheets.
They create a style for a specific XML element, with XSL a template is created.
XSL basically transforms one data structure to another i.e., XML to HTML.

XML Parsers and Validation XMl Parsers

Parsing XML refers to going through XML document to access data or to
modify data in one or other way. Parser has the job of reading the XML,
checking it for errors, and passing it on to the intended application. If no DTD
or schema is provided, the parser simply checks that the XML is well-formed. If
a DTD is provided then the parser also determines whether the XML is valid, i.e.
that the tags, attributes, and content meet the specifications found in the DTD,

31 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
before passing it on to the application.
Why do we need XML Parsers
We need XML parser because we do not want to do everything in our
application from scratch, and we need some "helper" programs or libraries to
do something very low-level but very necessary to us.
o These low-level but necessary things include checking the well-formedness,
validating the document against its DTD or schema (just for validating parsers),
resolving character reference, understanding CDATA sections, and so on.
o XML parsers are just such "helper" programs and they will do all these jobs.
Types of parsers: SAX and DOM Simple API for XML (SAX)
Simple API for XML (SAX) parsing is different from DOM as it parses the XML files
step by step and is event based model. The SAX parser triggers an event when
they encounter an opening tag, element or attribute. Unlike in DOM parser it
is advisable to use the SAX parser for parsing large XML documents as it does
not load the complete XML file in the memory. This parser parses node by node
so it can read large XML files in smaller parts.
Difference between SAX and DOM

DOM SAX
Tree model parser (Tree of nodes) Event based parser (Sequence
of events)
DOM loads the file into the memory SAX parses the file at it reads i.e.
and then Parses node
parse the file by node
Has memory constraints since it No memory constraints as it does
loads the not store the
whole XML file before parsing XML content in the memory
DOM is read and write (can insert or SAX is read only i.e. can‘t insert or
delete the delete the
node) node
If the XML content is small then prefer Use SAX parser when memory
DOM parser content is large
Backward and forward search is SAX reads the XML file from top to
possible for searching the tags and bottom and backward navigation
evaluation of the information inside is not possible
the tags. So this gives the
ease of navigation
Slower at runtime Faster at runtime
That‘s all on difference between SAX and DOM parsers in Java, now it‘s up to
you on which XML parser you going to choose. DOM parser is recommended
over SAX parser if XML file is small enough and go with SAX parser if you don‘t
know size of xml files to be processed or they are large.
What are the usual application for a DOM parser and for a SAX parser?
In the following cases, using SAX parser is advantageous than using DOM
parser.
o The input document is too big for available memory
32 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
o You can process the document in small contiguous chunks of input. You do
not need the entire document before you can do useful work
o You just want to use the parser to extract the information of interest, and all

In the following cases, using DOM parser is advantageous than using SAX
parser.
o Your application needs to access widely separately parts of the document
at the same time.
o Your application may probably use an internal data structure which is
almost as complicated as the document itself.
o Your application has to modify the document repeatedly.
o Your application has to store the document for a significant amount of time
through many method calls.

Sample document for the example

<?xml version="1.0"?>
<!DOCTYPE shapes [
<!ELEMENT shapes (circle)*>
<!ELEMENT circle (x,y,radius)>
<!ELEMENT x (#PCDATA)>
<!ELEMENT y (#PCDATA)>
<!ELEMENT radius (#PCDATA)>
<!ATTLIST circle color CDATA #IMPLIED>
]>
<shapes>
<circle color="BLUE">
<x>20</x>
<y>20</y>
<radius>20</radius>
</circle>
<circle color="RED" >
<x>40</x>
<y>40</y>
<radius>20</radius>
</circle>
</shapes>
XML Validation
XML file can be validated by 2 ways:
1. against DTD
2. against XSD
DTD (Document Type Definition) and XSD (XML Schema Definition) are used to
define XML structure.
XML DTD
In our XML tutorial, you will learn about DTD file, creating xml with DTD, using

33 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
CSS file, CDATA vs PCDATA and difference between DTD and XML schema.
Let's see an example of XML using DTD file.
employee.xml
<?xml version="1.0"?>
<!DOCTYPE employee SYSTEM "employee.dtd">
<employee>
<firstname>vimal</firstname>
<lastname>jaiswal</lastname>
<email>[email protected]</email>
</employee> Test it Now

Document type definition It is an standard which is used to

define the legal elements in an XML
document.
XML schema definition It is an XML based alternative to dtd.
It is used to describe the structure of
an XML document.
DTD vs XSD
There are many differences between DTD (Document Type Definition) and XSD
(XML Schema Definition). In short, DTD provides less control on XML structure
whereas XSD (XML schema) provides more control.
The important differences are given below:

DTD XSD

DTD stands for Document XSD stands for XML Schema Definition.
Type Definition.

DTDs are derived from XSDs are written in XML.

SGML syntax.

DTD doesn't support XSD supports datatypes for elements and

datatypes. attributes.

DTD doesn't support XSD supports namespace.

namespace.

DTD doesn't define order XSD defines order for child elements.
for child elements.

DTD is not extensible. XSD is extensible.

34 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
DTD is not simple to learn. XSD is simple to learn because you don't
need to learn new language.

DTD provides less control XSD provides more control on XML

on XML structure. structure.

XSL and XSLT Transformation:

XSLT Introduction
XSL (eXtensible Stylesheet Language) is a styling language for XML. XSLT stands
for XSL Transformations.
This tutorial will teach you how to use XSLT to transform XML documents into
other formats (like transforming XML into HTML).
Online XSLT Editor
With our online editor, you can edit XML and XSLT code, and click on a button
to view the result. XSLT Example
<?xml version="1.0"?>

<xsl:stylesheetversion="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

<xsl:template match="/">
<html>
<body>
<h2>My CD Collection</h2>
<table border="1">
<tr bgcolor="#9acd32">
<th>Title</th>
<th>Artist</th>
</tr>
<xsl:for-each select="catalog/cd">
<tr>
<td><xsl:value-of select="title"/></td>
<td><xsl:value-of select="artist"/></td>
</tr>
</xsl:for-each>
</table>
</body>
</html>
</xsl:template>

</xsl:stylesheet>
What You Should Already Know
Before you continue you should have a basic understanding of the following:
• HTML
35 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
• XML
If you want to study these subjects first, find the tutorials on our Home page.
XSLT References
XSLT Elements
Description of all the XSLT elements from the W3C Recommendation, and
information about browser support.
XSLT, XPath, and XQuery Functions
XSLT 2.0, XPath 2.0, and XQuery 1.0, share the same functions library. There are
over 100 built-in functions. There are functions for string values, numeric values,
date and time comparison, node and QName manipulation, sequence
manipulation, and more.
XSL(T) Languages
XSLT is a language for transforming XML documents. XPath is a language for
navigating in XML documents. XQuery is a language for querying XML
documents.
It Started with XSL
XSL stands for EXtensible Stylesheet Language.
The World Wide Web Consortium (W3C) started to develop XSL because there
was a need for an XML-based Stylesheet Language.
CSS = Style Sheets for HTML
HTML uses predefined tags. The meaning of, and how to display each tag is
well understood. CSS is used to add styles to HTML elements.
XSL = Style Sheets for XML
XML does not use predefined tags, and therefore the meaning of each tag is
not well understood. A <table> element could indicate an HTML table, a piece
of furniture, or something else - and browsers do not know how to display it!
So, XSL describes how the XML elements should be displayed. XSL - More Than
a Style Sheet Language
XSL consists of four parts:
• XSLT - a language for transforming XML documents
• XPath - a language for navigating in XML documents
• XSL-FO - a language for formatting XML documents (discontinued in
2013)
• XQuery - a language for querying XML documents
With the CSS3 Paged Media Module, W3C has delivered a new standard for
document formatting. So, since 2013, CSS3 is proposed as an XSL-FO
replacement.
What is XSLT?
• XSLT stands for XSL Transformations
• XSLT is the most important part of XSL
• XSLT transforms an XML document into another XML document
• XSLT uses XPath to navigate in XML documents
• XSLT is a W3C Recommendation XSLT = XSL Transformations
XSLT is the most important part of XSL.
36 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
XSLT is used to transform an XML document into another XML document, or
another type of document that is recognized by a browser, like HTML and
XHTML. Normally XSLT does this by transforming each XML element into an
(X)HTML element.
With XSLT you can add/remove elements and attributes to or from the output
file. You can also rearrange and sort elements, perform tests and make
decisions about which elements to hide and display, and a lot more.
A common way to describe the transformation process is to say that XSLT
transforms an XML source-tree into an XML result-tree.

XSLT Uses XPath

XSLT uses XPath to find information in an XML document. XPath is used to
navigate through elements and attributes in XML documents.
If you want to study XPath first, please read our XPath Tutorial.

How Does it Work?

In the transformation process, XSLT uses XPath to define parts of the source
document that should match one or more predefined templates. When a
match is found, XSLT will transform the matching part of the source document
into the result document.

XSLT Browser Support

All major browsers support XSLT and XPath.

XSLT is a W3C Recommendation

XSLT became a W3C Recommendation 16. November 1999.
XSLT - Transformation
Example study: How to transform XML into XHTML using XSLT? The details of this
example will be explained in the next chapter.
Correct Style Sheet Declaration
The root element that declares the document to be an XSL style sheet is
<xsl:stylesheet> or
<xsl:transform>.
Note: <xsl:stylesheet> and <xsl:transform> are completely synonymous and
either can be used! The correct way to declare an XSL style sheet according
to the W3C XSLT Recommendation is:
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> or:
<xsl:transform version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
To get access to the XSLT elements, attributes and features we must declare
the XSLT namespace at the top of the document.
The xmlns:xsl="http://www.w3.org/1999/XSL/Transform" points to the official
W3C XSLT namespace. If you use this namespace, you must also include the
37 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
attribute version="1.0".
Start with a Raw XML Document
We want to transform the following XML document ("cdcatalog.xml") into
XHTML:
<?xml version="1.0" encoding="UTF-8"?>
<catalog>
<cd>
<title>Empire Burlesque</title>

<artist>Bob Dylan</artist>
<country>USA</country>
<company>Columbia</company>
<price>10.90</price>
<year>1985</year>
</cd>
.
.
</catalog>
Viewing XML Files in IE, Chrome, Firefox, Safari, and Opera: Open the XML file
(click on the link below) - The XML document will be displayed with color-
coded root and child elements (except in Safari). Often, there is a plus (+) or
minus sign (-) to the left of the elements that can be clicked to expand or
collapse the element structure. Tip: To view the raw XML source, right- click in
XML file and select "View Source"!
Create an XSL Style Sheet
Then you create an XSL Style Sheet ("cdcatalog.xsl") with a transformation
template:
<?xml version="1.0" encoding="UTF-8"?>

<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

<xsl:template match="/">
<html>
<body>
<h2>My CD Collection</h2>
<table border="1">
<tr bgcolor="#9acd32">
<th>Title</th>
<th>Artist</th>
</tr>
<xsl:for-each select="catalog/cd">
<tr>
<td><xsl:value-of select="title"/></td>
38 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<td><xsl:value-of select="artist"/></td>
</tr>
</xsl:for-each>
</table>
</body>
</html>
</xsl:template>
</xsl:stylesheet>
Link the XSL Style Sheet to the XML Document
Add the XSL style sheet reference to your XML document ("cdcatalog.xml"):
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="cdcatalog.xsl"?>
<catalog>
<cd>
<title>Empire Burlesque</title>
<artist>Bob Dylan</artist>
<country>USA</country>
<company>Columbia</company>
<price>10.90</price>
<year>1985</year>
</cd>
</catalog>
If you have an XSLT compliant browser it will nicely transform your XML into
XHTML.
News Feed (RSS and ATOM)
➢ The benefit of RSS and Atom.
➢ What is RSS about.
➢ Structure and Syntax of RSS.
➢ What is Atom about.
➢ Structure and Syntax of Atom.
➢ What is RSS and Atom all about?
They are a form of communication using XML documents to broadcast
information updates to a large group of subscribers.
• RSS stands for Really Simple Syndication. It's an easy way for you to keep up
with news and information that's important to you, and helps you avoid the
conventional methods of browsing or searching for information on websites.
Now the content you want can be delivered directly to you without cluttering
your inbox with e-mail messages. This content is called a "feed.―
• RSS is written in the Internet coding language known as XML (eXtensible
Markup Language).
➢ RSS must be the root element followed by one channel element.
➢ Required channel elements:
✓ Title: The name of the channel. It's how people refer to your service. If you

39 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
have an HTML website that contains the same information as your RSS file, the
title of your channel should be the same as the title of your website.
✓ Link: The URL to the HTML website corresponding to the channel.
✓ description : Phrase or sentence describing the channel.
RSS 2.0
Optional <channel > Elements

<item>
<title
What is ATOM 1.0 ?
• ATOM – The Atom Syndication Format is the next generation of XML-based
file formats, designed to allow information--the contents of web pages, for
example--to be syndicated between applications. Like RSS before it, Atom
places the content and metadata of an internet resource into a machine-
parsable format, perfect for displaying, filtering, remixing, and archiving.

40 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPAA
to TI

40 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI

Atom Sample
<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<link rel="self" href="http://example.org/blog/index.atom"/>
<id>http://example.org/blog/index.atom</id>
<icon>../favicon.ico</icon>
<title>An Atom Sampler</title>
<subtitle>No Splitting</subtitle>
<author>
<name>Ernie Rutherford </name>
<email>[email protected]</email>
<uri>.</uri>
</author>
<updated>2006-10-25T03:38:08-04:00</updated>
<link href="."/>
<entry>
<id>tag:example.org,2004:2417</id>
<link href="2006/10/23/moonshine"/>
<title>Moonshine</title>
<content type="text">
Anyone who expects a source of power from the transformation of the atom
is talking moonshine.
</content>
<published>2006-10-23T15:33:00-04:00</published>
41 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
<updated>2006-10-23T15:47:31-04:00</updated>
</entry>
<entry>
<id>>tag:example.org,2004:2416</id>
<link href="2006/10/21/think"/>
<title type="html">&lt;strong&gt;Think!&lt;/strong&gt;</title>
<content type="xhtml">
<div xmlns="http://www.w3.org/1999/xhtml">
<p>We haven't got the money, so we've got to
think!</p>
</div>
</content>
<updated>2006-10-21T06:02:39-04:00</updated>
</entry>
</feed>
9. Practice Quiz

1. Which of the following strings is a correct XML name?

a) my Element
b) #myElement
c) _myElement
d) None
2. What is the correct syntax of the declaration which defines the XML version?
a) <?xml version="1.0" />
b) <?xml version="1.0"/?>
c) <xml version="1.0" />
d)<?xml
version="1.0"?/>
3. Which is not a correct name for an XML element?
a)<1dollar>
b)<Note>
c)<xmldocument>
d)<FirstName>
4. The following is the syntax for NameSpaces
a)Xmlns:[location]=“[prefix ]”
b)Xmlns:[prefix]=“[location]”
c)Xmln:[prefix]=“[location]”
d) Xmln:[location]=“[prefix ]”
5. Which Statement about xml is true?
a) Elements may have multiple atrribute with the same name
b) Quoting attribute is optional.
c) Elements may nest but not overlap
d) All of the above.
6. Which syntax is used to insert comments into an XML document?
a)<comment>This is a comment</comment>
b)<?-This is a comment->
c) <!-This is a comment->

42 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
d) All of the above.
7. What does DTD stand for?
a) Dynamic Type Definition. B.
b) Document Type Definition
c) Direct Type Definition
d) DATA Type Definition
8. For the XML parser to ignore a certain section of your XML document, which syntax is
correct?
a) <CDATA> Text to be ignored </CDATA>
b) <![CDATA[ Text to be ignored ]]>
c) <PCDATA> Text to be ignored </PCDATA>
d) <xml:CDATA[ Text to be ignored ]>
9. What is a correct way of referring to a stylesheet called "mystyle.xsl" ?
a) <link type="text/xsl" href="mystyle.xsl" />
b) <?xml-stylesheet type="text/xsl" href="mystyle.xsl"?>
c) <stylesheet type="text/xsl" href="mystyle.xsl" />
d) All of the above

10. Assignments

S.No Question BL CO
List and explain the important features of XML which make it more
1 suitable than HTML for creating web related services. 2 3

How do you define the elements of an XML document in an XML

2 Schema? 1 3

Explain the various terms related to Document Type Definition.

3 2 3
Design an XML schema for hospital information management. Include
4 every feature available with schema. 3 3

Define an xml scheme to show how an XML Scheme can be created

5 2 3

11. Part A- Question & Answers

S.No Question& Answers BL CO
1 Define XML? What are the advantages of xml?

Ans. XML can be expanded as ‘Extensible Markup Language’, a

text-based language used to define markup documents to
publish on the web. It can contain data and its formatting details
as common data. XML can be used for its significant data storage 1 3
capacity, holding public standards, and being extensible
compared to another Markup language. This language was
formed from extracting the properties of SGML, that is, Standard
Generalized Markup Language.

43 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
2 Explain Types of XML Documents
Ans. There are two kinds of XML documents:
3. Well-formed
A "Well Formed" XML document is a document that conforms to
the XML syntax rules. They contain text and XML tags. Everything
is entered correctly. They do not, however, refer to a DTD. 2 3
4. Valid
Valid documents not only conform to XML syntax but they also
are error checked against a Document Type Definition (DTD) or
schema

3 Define DTD?
Ans. The purpose of a DTD is to define the legal building blocks of an
XML document. It defines the document structure with a list of legal
1 3
elements. A DTD can be declared inline in your XML document, or as
an external reference.

4 Explain the purpose of XML schema?

Ans. A schema formally describes what a given XML document
contains, in the same way a database schema describes the data that
can be contained in a database (table structure, data types). An XML
schema describes the coarse shape of the XML document, what fields 1 3
an element can contain, which sub elements it can contain, and so
forth. It also can describe the values that can be placed into any
element or attribute.

5 Explain about XML parsing done with SAX?

Ans. Simple API for XML (SAX) parsing is different from DOM as it parses
the XML files step by step and is event based model. The SAX parser 1 3
triggers an event when they encounter an opening tag, element or
attribute.
6 What are the usual application for a DOM parser and for a SAX parser?
Ans. In the following cases, using SAX parser is advantageous than using
DOM parser. The input document is too big for available memory. You
can process the document in small contiguous chunks of input. You do 1 3
not need the entire document before you can do useful work .You just
want to use the parser to extract the information of interest, and all

7 Distinguish between SAX AND DOM?

Ans. DOM-Tree model parser (Tree of nodes)
DOM loads the file into the memory and then parse the file
Has memory constraints since it loads the whole XML file before parsing
SAX- 2 3
Event based parser (Sequence of events)
SAX parses the file at it reads i.e. Parses node by node
No memory constraints as it does not store the XML content in the
memory

44 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
12. Part B- Questions
S.No Question BL CO
1 Explain and show how XML is useful in defining data for web 1 3
applications.

2 Explain how styling XML with cascading style sheets is done for the 2 3
library information domain.

3 Explain the various terms related to Document Type Definition. 2 3

4 List and explain the important features of XML which make it more 1 3
suitable than HTML for creating

5 How do you set default and fixed values for simple Elements? 2 3

13. Supportive Online Certification Courses

1. Internet Technology - Video course By Prof. Indranil Sengupta conducted by IIT
Kharagpur

14. Real Time Applications

S.No Application CO
1 Realtime web analytics 3

2 Digital Advertising 2

3 E-Commerce 3

4 Massively Multiplayer Online Games 4

5 Project Management & Collaboration 4

15. Contents Beyond the Syllabus

1. XML version is 1.1
2. HTML 5.2 –WORLD WIDE CONSTORIUM

16. Prescribed Text Books & Reference Books

Text Book
1. Beginning PHP and MySQL, 3rd Edition, Jason Gilmore, Apress Publications (Dream
tech.).
2. PHP 5 Recipes A problem Solution Approach Lee Babin, Nathan A Good, Frank
M.Kromann and Jon Stephens.

45 | W I T - U N I T - I V

BTECH_CSE-SEM 32
SVEC TIRUPATI
References:
1. Deitel and Deitel and Nieto, “Internet and World Wide Web - How to Program”, Prentice
Hall, 5 th Edition, 2011.
2. Herbert Schildt, “Java-The Complete Reference”, Eighth Edition, Mc Graw Hill
Professional, 2011.

17. Mini Project Suggestion

1. Speech Enabled Airline Reservation System
2. Shop Management System
3. Leave Application Management System
4. Blogging platform with PHP
5. Simple PHP Blog without database
6. VoiceXML-based address book access using php

46 | W I T - U N I T - I V

BTECH_CSE-SEM 32