book

Learning PHP & MySQL, 2nd Edition

Name: Learning PHP & MySQL, 2nd Edition
ISBN: 9780596514013

by Michele E. Davis, Jon A. Phillips

August 2007

Beginner

428 pages

8h 59m

English

O'Reilly Media, Inc.

Read now

Unlock full access

A Note Regarding Supplemental Files
Preface
AudienceAssumptions This Book MakesOrganization of This BookSupporting BooksConventions Used in This BookUsing Code ExamplesHow to Contact UsSafari® Books OnlineAcknowledgments
1. Dynamic Content and the Web
HTTP and the InternetPHP and MySQL’s Place in Web DevelopmentAdvantages of Using PHP with MySQLThe Value of Open SourceThe Components of a PHP ApplicationPHPApacheSQL and Relational DatabasesMySQLCompatibilityIntegrating Many Sources of InformationRequesting Data from a Web Page Questions
2. Installation
Developing LocallyBundled or Full InstallationsInstalling ApacheInstalling PHPEnabling PHP on Mac OS XInstalling MySQL 5.0Installing the MySQL ConnectorMac OS X MySQL installationXAMPPWorking Remotely Questions
3. Exploring PHP
PHP and HTML TextText OutputSeparating PHP from HTMLCoding Building BlocksVariablesReading a variable’s valueVariable typesVariable scopeGlobal variablesStatic variablesSuper global variablesStringsSpecial characters in stringsComparing stringsConcatenationCombining stringsConstantsPredefined constantsDoing MathCombined assignmentAutoincrement and autodecrementPreincrement and -decrement Questions
4. PHP Decision-Making
ExpressionsOperator ConceptsNumber of OperandsTypes of OperandsOrder of precedenceAssociativityRelational OperatorsEqualityComparison operatorsLogical operatorsConditionalsThe if StatementThe else statementThe elseif statementThe ? OperatorThe switch StatementBreaking outDefaultingLoopingwhile Loopsdo ... while Loopsfor LoopsBreaking Out of a Loopcontinue Statements Questions
5. Functions
Calling FunctionsDefining FunctionsParametersParameter ReferencesIncluding and Requiring PHP FilesThe include StatementThe include_once statementrequire and require_once functionsTesting a FunctionObject-Oriented ProgrammingCreating a ClassCreating an InstanceMethods and ConstructorsVariable Scope Within ClassesInheritanceThe extends operatorThe parent operatorStatic Methods and VariablesVariable References Questions
6. Arrays
Array FundamentalsAssociative Versus Numeric Indexed ArraysCreating an ArrayAssignment via array identifiersAssignment using arrayLooping through and referencing array valuesAdding values to an arrayCounting how many elements are in an arraySorting arraysMultidimensional ArraysExtracting Variables from an ArrayUsing compact to build an array from variablesArray Functions in PHP Questions
7. Working with MySQL
MySQL DatabaseAccessing the Database from the Command LinePromptsCommandsManaging the DatabaseCreating UsersCreating a MySQL DatabaseUsing phpMyAdminDatabase ConceptsStructured Query LanguageCreating TablesAdding Data to a TableTable Definition ManipulationRenaming a tableChanging a column’s data typeAdding a columnRenaming a columnRemoving a columnDeleting an entire tableQuerying the DatabaseLimit results with WHERESpecifying the orderJoining tables togetherNatural joinsJoin onAliasesModifying Database DataDeleting Database DataSearch FunctionsLogical Operators Questions
8. Database Best Practices
Database DesignRelational DatabasesRelationship TypesOne-to-one relationshipsOne-to-many relationshipsMany-to-many relationshipsNormalizationForms of NormalizationFirst Normal FormSecond Normal FormThird Normal FormColumn Data TypesBacking Up and Restoring DataCopying Database FilesThe mysqldump CommandBacking upRestoring a MySQL backupWorking with other formatsThe mysqlimport commandBackup best practicesAdvanced SQLIndexesWhen indexes are usedWhere to specify the indexMulticolumn indexesThe EXPLAIN keywordSelecting with the LEFT JOIN ON ClauseSelecting with GROUP BYUsing Database FunctionsString functionsConcatenationConcatenation with a predefined separatorCalculate a string lengthChanging strings to upper- or lowercaseTrimming and padding stringsString location and positionCutting up stringsSearch and replaceDate and time functionsDays, weeks, months, and yearsHours, minutes, and secondsDates and times arithmeticThe NOW functionFormatting for displayUnix timestamp conversionTransactions Questions

9. Getting PHP to Talk to MySQL
The ProcessResourcesQuerying the Database with PHP FunctionsIncluding Database Login DetailsConnecting to the DatabaseTroubleshooting connection errorsSelecting the DatabaseBuilding the SQL SELECT QueryExecuting the QueryFetching and DisplayingFetch typesClosing the ConnectionPutting It All TogetherUsing PEARInstallingUnixWindowsHosted ISPAdding Additional PackagesRewriting the Books Example with PEARCreating a connect instanceConnect stringQueryingFetchingClosingPEAR error reporting Questions
10. Working with Forms
Building a FormAccessing Submitted Form ValuesDefault ValuesTypes of InputText boxesText areasCheckboxesRadio buttonsHiddenSelectsWorking with Multiple ValuesValidating DataValidating checkboxes, radio buttons, and selectsValidating text boxes and text areasBuilding a Feet-to-Meters Converter in PHPBuilding a Time Zone Conversion Utility in PHPQuerying the Database with Form DataTemplatesTemplate EngineInstallationApplication level directoriesCreating sample scriptsCreate a sample template Questions
11. Practical PHP
String FunctionsFormatting Strings for DisplayUsing printfPaddingSpecifying precisionUsing sprintfLengthChanging CaseChecking for a StringUsing String Position and Substring to Extract a Portion of a StringDate and Time FunctionsDisplay FormatsArithmeticValidating DatesUsing mktime to Create a TimestampFile ManipulationFunctions and PrecautionsPermissionsCreating filesDeleting filesMoving filesURL WrappersUploading FilesAccessing the fileValidationCalling System Calls Questions
12. XHTML
Why XHTML?XHTML and XML NamespacesXHTML VersionsDocument TypesValidation ToolsCommon Validation GotchasCompatibility with older browsersGenerating XHTML with PHP Questions
13. Modifying MySQL Objects and PHP Data
Changing Database Objects from PHPCreating a TableDropping a TableErrors HappenManipulating Table DataAdding DataDisplaying Results with Embedded LinksPresenting a Form to Add and Process in One FileSQL InjectionCross-Site Scripting AttacksUpdating DataDeleting DataGenerating Unique IdentifiersPerforming a Subquery Questions
14. Cookies, Sessions, and Access Control
CookiesSetting a CookieAccessing a CookieDestroying a CookiePHP and HTTP AuthenticationStoring a Username and Password in a DatabaseSessionsUsing SessionsExpanding Our Login ExampleEnding a SessionGarbage collectionSetting a session’s timeoutUsing the Database to Store SessionsUsing Auth_HTTP to Authenticate Questions
15. Security
Limit Access to Administrative PagesIncluding FilesStoring Passwords in the DatabaseThe Problem with Automatic Global VariablesSession SecuritySession Hijacking and Session FixationTrusting User DataShared Hosting ConcernsPreventing Access to the DatabaseBlocking Access to the Database for External HostsCreate Separate Database UsersCross-Site Scripting Questions
16. Validation and Error Handling
Validating User Input with JavaScriptPattern Matching QuantifiersAnchorsCharacter classesExecuting pattern matches in PHPpreg_matchRedisplaying a Form After PHP Validation FailsError Logging Questions
17. Sample Application
Configuration FilePage FrameworkDatabaseSample DataDisplaying a Postings SummaryDisplaying a Posting and Its CommentsAdding and Changing PostsAdding and Changing Comments Questions
18. Finishing Your Journey
PHP Coding StandardsCommentsFormattingIndentingPHP tagsTemplatingExpressionsFunction callsFunction definitionsObjectsNamingControl StructuresIncluding or requiring PHP filesPEARStructured LibrariesCode distributionPHP Extension Community Library (PECL)PDO database abstractionFrameworksPHP Zend FrameworkCakePHPAjaxWikisFinding Help on the WebPHP User Groups Questions
A. Solutions to Chapter Questions
Chapter 1Chapter 2Chapter 3Chapter 4Chapter 5Chapter 6Chapter 7Chapter 8Chapter 9Chapter 10Chapter 11Chapter 12Chapter 13Chapter 14Chapter 15Chapter 16Chapter 17Chapter 18
About the Authors
Colophon
Copyright

Content preview from Learning PHP & MySQL, 2nd Edition

Chapter 15. Security

Once your code is working, you may be tempted to think that you’re done with it. In reality, you may have some security issues that don’t affect normal usage but provide an opening for an attack. The unfortunate reality of web-accessible applications is that they’re only as secure as their weakest link. Therefore, you must be conscious of security on every level, from the database to the web server and the PHP processing itself.

Although you can’t make every system truly unbreakable, you can perform the equivalent of dead-bolting doors and locking windows. If you make your system difficult enough to compromise, it’s generally not worth a hacker’s effort, though keep in mind that some may still try. We’ve had our own server locked up from hackers trying to get in, and boatloads of spam that cause the server to belch and stop working temporarily.

We’re going to reiterate some of the security concepts that we discussed while learning the basics of PHP and MySQL security. This reduces the risk that the web sites you build will be insecure. We’ll also expand on those topics to give you some more options for making hackers’ lives difficult and your life easier.

Limit Access to Administrative Pages

When installing software packages that include a control panel or setup script, you should always either change the script’s directory or, in the case of setup scripts, remove them after you’re done installing. These scripts can provide a way for a random web surfer to mess ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Learning PHP, MySQL & JavaScript, 5th Edition

Publisher Resources

ISBN: 9780596514013Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Learning PHP & MySQL, 2nd Edition

by Michele E. Davis, Jon A. Phillips