book

PHP & MySQL: The Missing Manual, 2nd Edition

by Brett McLaughlin

November 2012

Intermediate to advanced

546 pages

15h 24m

English

O'Reilly Media, Inc.

Read now

Unlock full access

About the AuthorAbout the Creative TeamAcknowledgmentsThe Missing Manual Series
What PHP and MySQL Can DoWhat Is PHP?What Is PHP Like?PHP Is All About the WebJavaScript Is Loose, PHP Is…Less SoPHP Is InterpretedPHP Doesn’t Run in the BrowserWhat Is MySQL?About This BookMacintosh and WindowsFTP: It’s CriticalAbout the OutlineAbout the Online ResourcesMissing CDRegistrationFeedbackErrataSafari® Books Online
PHP Comes in Two Flavors: Local and RemoteHTML and CSS Run Within a Web BrowserJavaScript Adds Complexity, but Not SoftwarePHP Is Not Part of Your BrowserWrite Anywhere, Run Where There’s PHPPHP: Going LocalPHP on the Windows-Based Computers (WampServer Installation)PHP on the Mac (Default Installation)PHP on the Mac (MAMP Installation)Get Out Your Text EditorWrite Your First ProgramRun Your First ProgramBut Where’s That Web Server?The PHP Interpreter Is a Program You Can RunBut, the HTML Is Coming…
Script or HTML?Determination by ExtensionHTML Is Treated as HTMLPHP Is Not HTML (by Extension)PHP Can Be HTML—by ResponsePHP Talks BackWrite Another PHP ScriptVariables VaryCheck Things Out LocallyRun PHP Scripts RemotelyUpload your HTML, CSS, and PHPRun Your Second ProgramWelcome to Programming!
Get Information from a Web FormAccessing Request Parameters DirectlyCreate Your Own VariablesWorking with Text in PHPCombine TextSearching Within TextChanging TextTrim and Replace TextRemoving Extra Whitespace by Using Trim()Replacing Characters in Text by Using Str_replace()The $_REQUEST Variable Is an ArrayArrays Can Hold Multiple ValuesPHP Gives You An Array of Request InformationWhat Do You Do with User Information?
What Is a Database?Databases Are PersistentDatabases Are All about StructureGood Databases Are RelationalInstalling MySQLThe mysql Console Program: Your New Best FriendRun the mysql Tool on WampServerFind the MySQL Command-Line ProgramGive mysql the Right User and PasswordRun the mysql Tool on MAMPSet Up mysql for Your User ProfileGive mysql the Right User and PasswordRun Your First SQL QuerySQL Is a Language for Talking to DatabasesLogging In to Your Web Server’s DatabaseSelecting a Database with USEUsing CREATE to Make TablesUsing DROP to Delete TablesINSERT a Few RowsUsing SELECT for the Grand Finale

Writing a Simple PHP Connection ScriptConnect to a MySQL DatabaseSelect the Database with PHPViewing Your Database’s Tables by Using SHOWHandling Errors by Determining If Your Results are NotPrint Out Your SQL ResultsCleaning Up Your Code with Multiple FilesReplacing Hand-Typed Values with VariablesAbstracting Important Values into a Separate FileVariables Vary, but Constants Stay ConstantBuilding a Basic SQL Query RunnerCreating an HTML Form with a Big Empty BoxConnecting to Your Database (Again)Running Your User’s SQL Query (Again)Entering Your First Web-Based QueryHandling Queries That Don’t SELECT InformationDealing with HumansAvoid Changing User Input Whenever Possible
String Matching, Double-TimeA Simple String SearcherSearch for One String…Or AnotherGetting into PositionDitch trim and strtoupperSearching for Sets of CharactersRegular Expressions: To Infinity and BeyondA Little Cleanup: Remove the echo Statements
Revisiting a User’s InformationPlanning Your Database TablesGood Database Tables Have ID ColumnsAuto Increment Is Your FriendIDs and Primary Keys are Good BedfellowsAdding Constraints to Your DatabaseSaving a User’s InformationBuilding Your SQL QueryInserting a UserA First Pass at ConfirmationUsers are Users, Not ProgrammersShow Me the UserCreating a Mockup of a User Profile PageChanging a Table’s Structure by Using ALTERBuilding Your Script: First PassUsing SELECT to Retrieve a User from Your DatabasePulling Values from a SQL Query ResultPassing a User ID into show_user.phpRevisiting (and Redirecting) the Create User ScriptUpdating Your User Signup FormUpdating Your User Creation ScriptRounding Things Out by Using Regular Expressions (Again)
Planning Your Error PagesWhat Should Users See?Tell Your Users that a Problem has OccurredBring Down the Panic Level in the ProcessKnow When to Say WhenFinding a Middle Ground for Error Pages with PHPCreating a PHP Error PageTesting Your SolutionExpect the UnexpectedWelcome to Security and PhishingPhishing and Subtle RedirectionThe Dangers of Request ParametersAdd Debugging to Your ApplicationWho’s Using This App, Anyway?Now You See Me, Now You Don’tMoving from require to require_onceRedirecting On ErrorUpdate connect.php to show_user.phpSimplifying and Abstracting Your Coderedirect Is Path-Insensitive
Images Are Just FilesHTML Forms Can Set the StageUploading a User’s Image to Your ServerSet Up Some Helper VariablesDid the File Upload with Any Errors?Is this Really an Uploaded File?Is the Uploaded File Really an Image?Move the File to a Permanent LocationStoring the Image Location in the DatabaseCreate a New Database ColumnInsert the Image Path Into Your TableCheck Your WorkImages Are for ViewingSELECTing the Image and Displaying ItConverting File System Paths to URLsDisplaying Your User’s Image: Take TwoAnd Now for Something Completely Different
Storing Different Objects in Different TablesInserting a Raw Image into a TableBeware: getimagesize Doesn’t Return a File SizeThe file_get_contents Function Does What You Think It DoesINSERTing the ImageYour Binary Data Isn’t Safe to Insert…YetPrinting a String to a VariableGetting the Correct ID Before RedirectingConnecting Users and ImagesInserting an Image and then Inserting a UserJoining Tables by Using WHEREConnect Your Tables Through Common ColumnsAlias Your Tables (and Columns)Show Me the Image!Displaying an ImageMake a Game Plan for Your ScriptGet the Image IDBuild and Run a Select QueryGet the Results, Get the Image, and Deal with Potential ErrorsTell the Browser What’s ComingSend the Image DataHandling Errors with try and catchTest, Test, Always TestEmbedding an Image Is Just Viewing an ImageAll You Need Is an Image IDA Script Can Be an Image srcSo, Which Approach Is Best?OK, If You Insist on an Answer…
Thinking about What You Need as an Admin(User Interface) Brevity Is Still the Soul of WitWish Lists Are Good, TooListing All Your UsersSELECTing What You Need (Now)Building a Simple Admin PageIterating Over Your ArrayDeleting a UserSurveying the Individual ComponentsPutting It All TogetherDeleting Users Shouldn’t Be MagicalStart with a Little JavascriptFinish with a Change in LinkingTalking Back to Your Usersredirect Has Some LimitationsJavaScript alert ReduxAn All-Javascript ApproachYour PHP Controls your Outputalert Is InterruptiveStandardizing on MessagingBuilding a New Utility Function for DisplayDuplicate Code Is a Problem Waiting to HappenView and Display Code Belongs TogetherIntegrating Utilities, Views, and MessagesCalling Repeated Code from a View ScriptFlexible Functions Are Better FunctionsUse Default Argument Values in Display_MessagesOutput a Standard Header with HeredocUpdate Your Script(s) to Use Display_HeadStandardizing and Consolidating Messaging in the ViewBuilding a Function to Call Two FunctionsJust Pass That Information Along
Basic AuthenticationUsing HTTP Headers for Basic AuthenticationBasic Authentication Is…Well, BasicThe Worst Authentication EverGetting Your User’s CredentialsCancel Is Not a Valid Means of AuthenticationGetting Your User’s CredentialsAbstracting What’s the SameAnother Utility Script: authorize.phpPasswords Don’t Belong in PHP ScriptsUpdating the users TableDealing with Newly Invalid DataGetting an Initial User Name and PasswordInserting the User Name and PasswordConnect authorize.php to Your users TablePasswords Create Security, But Should Be SecureEncrypting Text by Using the crypt Functioncrypt Is One-Way EncryptionEncryption Uses Salt
Moving Beyond Basic AuthenticationStarting with a Landing PageTaking Control of User Sign InsFrom HTTP Authentication to CookiesWhat is a Cookie?Create and Retrieve CookiesLogging In with CookiesDetermining Whether the User Is Already Signed InIs the User Trying to Sign In?Displaying the PageRedirecting as NeededLogging In the UserBlank Pages and Expiring CookiesErrors Aren’t Always InterruptiveAn Option for Repeat AttemptsAdding Context-Specific MenusPutting a Menu into PlaceFrom HTML to ScriptsAny HTML File Can Be Converted to PHPChallenge: Be Self-Referential with User CreationLogging Users OutRequiring the Cookie to Be Set
Modeling Groups in Your DatabaseAdding a Groups TableThe Many-to-Many RelationshipOne-to-One, One-to-Many, Many-to-ManyJoins are Best Done with IDSUse a Join Table to Connect Users with GroupsTesting Group MembershipChecking for Group Membershipauthorize.php Needs a FunctionTake in a List of GroupsIterating Over Each GroupAllow, Deny, RedirectGroup-Specific MenusEntering Browser SessionsSessions Are Server-SideSessions Must Be StartedFrom $_COOKIE to $_SESSIONSessions Must Be Restarted, Too$_REQUEST Doesn’t Include $_SESSIONMenu, Anyone?And Then, Sign Out…Memory Lane: Remember That Phishing Problem?Why Would You Ever Use Cookies?
Installing PHP from www.php.net
Installing MySQLMySQL on WindowsMySQL on Mac OS X

Overview

If you can build websites with CSS and JavaScript, this book takes you to the next level—creating dynamic, database-driven websites with PHP and MySQL. Learn how to build a database, manage your content, and interact with users. With step-by-step tutorials, this completely revised edition gets you started with expanded coverage of the basics and takes you deeper into the world of server-side programming.

The important stuff you need to know:

Get up to speed quickly. Learn how to install PHP and MySQL, and get them running on both your computer and a remote server.
Gain new techniques. Take advantage of the all-new chapter on integrating PHP with HTML web pages.
Manage your content. Use the file system to access user data, including images and other binary files.
Make it dynamic. Create pages that change with each new viewing.
Build a good database. Use MySQL to store user information and other data.
Keep your site working. Master the tools for fixing things that go wrong.
Control operations. Create an administrative interface to oversee your site.