Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
PHP and MySQL: The Missing Manual
The Missing Credits
About the Author
About the Creative Team
Acknowledgments
The Missing Manual Series
Introduction
What Is PHP?
PHP Is All About the Web
JavaScript Is Loose, PHP Is…Less So
PHP Is Interpreted
What Is MySQL?
About This Book
Macintosh and Windows
FTP: It’s Critical
About the Outline
About the Online Resources
Missing CD
Registration
Feedback
Errata
Safari® Books Online
1. PHP and MySQL Basics
1. PHP: What, Why, and Where?
Gathering Your Tools
PHP on the PC
PHP on the Mac
Get Out Your Text Editor
Writing Your First Program
Running Your First Program
Writing Your Second Program
Start with an HTML Page
Write a PHP Script
Variables Vary
Upload Your HTML, CSS, and PHP
Running Your Second Program
2. PHP Syntax: Weird and Wonderful
Get Information from a Web Form
Access Request Parameters Directly
Create Your Own Variables
Working with Text in PHP
Combining Text
Searching Within Text
Changing Text
Trimming and Replacing Text
Remove Extra White Space with trim()
Replace Characters in Text with str_replace()
The $_REQUEST Variable
Arrays Can Hold Multiple Values
Working with $_REQUEST as an Array
What Do You Do with User Information?
3. MySQL and SQL: Database and Language
What Is a Database?
Databases Are Persistent
Databases Are All About Structure
(Good) Databases Are Relational
Installing MySQL
MySQL on Windows
MySQL on Mac OS X
Running Your First SQL Query
SQL Is a Language for Talking to Databases
Logging In to Your Web Server’s Database
USE a Database
Making Tables with CREATE
Deleting Tables with DROP
INSERT a Few Rows
SELECT for the Grand Finale
2. Dynamic Web Pages
4. Connecting PHP to MySQL
Writing a Simple PHP Connection Script
Connecting to a MySQL Database
Selecting the Database to USE
SHOW Your Database’s Tables
Handling Errors By Seeing If Your Results are Not
Printing Out Your SQL Results
Cleaning Up Your Code with Multiple Files
Replacing Hand-Typed Values with Variables
Abstracting Important Values into a Separate File
Variables Vary, But Constants Stay Constant
Building a Basic SQL Query Runner
Creating an HTML Form with a Big Empty Box
Connecting to Your Database (Again)
Running Your User’s SQL Query (Again)
Entering Your First Web-Based Query
Handling Queries That Don’t SELECT Information
Dealing with Humans
Avoid Changing User Input Whenever Possible
5. Better Searching with Regular Expressions
String Matching, Double-Time
A Simple String Searcher
Search for One String…Or Another
Get into Position
Ditching trim and strtoupper
Searching for Sets of Characters
Regular Expressions: To Infinity and Beyond
6. Generating Dynamic Web Pages
Revisiting a User’s Information
Planning Your Database Tables
Good Database Tables Have id Columns
Auto-Increment Is Your Friend
IDs and Primary Keys are Good Bedfellows
Adding Constraints to Your Database
Saving a User’s Information
Building Your SQL Query
Inserting a User
A First Pass at Confirmation
Users Are Users, Not Programmers
Show Me the User
Mocking Up a User Profile Page
Changing a Table’s Structure with ALTER
Building Your Script: First Pass
SELECT a User From Your Database
Pulling Values From a SQL Query Result
Getting a User ID into show_user.php
Redirection and Revisitation of Creating Users
Updating Your User Signup Form
Updating Your User Creation Script
Rounding Things Out with Regular Expressions (Again)
3. From Web Pages to Web Applications
7. When Things Go Wrong (and They Will)
Planning Your Error Pages
What Should Users See?
Tell Your Users that a Problem has Occurred
Use the Appropriate Tone for Your Error Message
Know When to Say When
Finding a Middle Ground for Error Pages with PHP
Creating a PHP Error Page
Testing out Your Faulty Solution
Expect the Unexpected
Welcome to Security and Phishing
Phishing and Subtle Redirection
The Dangers of Request Parameters
Add Debugging to Your Application
Turn on PHP Error Reporting
Set Error Reporting Globally
Turn Off Error Reporting When You Go to Production
Moving from require to require_once
Now You See Me, Now You Don’t
Redirecting on Error
Updating Your Script to Use show_error.php
Simplify and Abstract
redirect is Path-Insensitive
8. Handling Images and Complexity
Images Are Just Files
HTML Forms Can Set the Stage
Uploading a User’s Image to Your Server
Setting Up Some Helper Variables
Did the File Upload with Any Errors?
Is this Really an Uploaded File?
Is the Uploaded File Really an Image?
Moving the File to a Permanent Location
Storing the Image Location in the Database
Creating a New Database Column
Inserting the Image Path into Your Table
Checking Your Work
Images Are For Viewing
SELECT the Image and Display It
Converting File System Paths to URLs
Displaying Your User’s Image: Take Two
A Few Quick Revisions to app_config.php
And Now for Something Completely Different
9. Binary Objects and Image Loading
Storing Different Objects in Different Tables
Inserting a Raw Image into a Table
getimagesize Doesn’t Return a File Size
file_get_contents Does What You Think It Does
INSERT the Image
Your Binary Data Isn’t Safe to Insert…Yet
Printing a String to a Variable
Getting the Correct ID Before Redirecting
Connecting Users and Images
Inserting an Image, then Inserting a User
Joining Tables with WHERE
Connect Your Tables Through Common Columns
Alias Your Tables (and Columns)
Show Me the Image
Displaying an Image
Game Plan Your Script
Get the Image ID
Build and Run a Select Query
Get the Results, Get the Image, and Deal with Potential Errors
Tell the Browser What’s Coming
Send the Image Data
Catching and Handling Errors
Test, Test, Always Test
Embedding an Image Is Just Viewing an Image
All You Need is an Image ID
A Script Can Be an Image src
So Which Approach is Best?
OK, If You Insist on an Answer…
10. Listing, Iterating, and Administrating
Some Things Never Change
(User Interface) Brevity is Still the Soul of Wit
Wish Lists are Good, Too
Listing All Your Users
SELECTing What You Need (Now)
Building a Simple Admin Page
Iterating Over Your Array
Deleting a User
Surveying the Individual Components
Putting It All Together
Deleting Users Shouldn’t Be Magical
Start with a Little Javascript
Finish with a Change in Linking
Talking Back To Your Users
redirect Has Some Limitations
JavaScript alert Redux
An All-Javascript Approach
Your PHP Controls Your Output
alert Is Interruptive
Standardizing on Messaging
Building a New Utility Function for Display
Duplicate Code is a Problem Waiting to Happen
View and Display Code Belongs Together
Integrating Utilities, Views, and Messages
Calling Repeated Code from a View Script
Flexible Functions are Better Functions
Use Default Argument Values in Display_Messages
Outputting a Standard Header with Heredoc
Updating Your Script(S) to Use Display_Head
Standardize and Consolidate Messaging in the View
Build a Function to Call Two Functions
Just Pass that Information Along
4. Security and the Real World
11. Authentication and Authorization
Start with Basic Authentication
Basic Authentication Using HTTP Headers
Basic Authentication is…Pretty Basic
The Worst Authentication Ever
Get Your User’s Credentials
Cancel is Not a Valid Means of Authentication
Get Your User’s Credentials (Really!)
Abstracting What’s the Same
Another Utility Script: authorize.php
Passwords Don’t Belong in PHP Scripts
Updating the users Table
Deal with Newly Invalid Data
You Need to Get an Initial Username and Password
Inserting the User’s Username and Password
Connect authorize.php to Your users Table
Passwords Create Security, But Should Be Secure
Encrypt Text with the crypt Function
crypt is One-Way Encryption
Encryption Uses Salt
12. Cookies, Sign-ins, and Ditching Crummy Pop-ups
Going Beyond Basic Authentication
Starting with a Landing Page
Taking Control of User Sign-ins
From HTTP Authentication to Cookies
What is a Cookie?
Create and Retrieve Cookies
Logging In with Cookies
Is the User is Already Signed In?
Is the User Trying to Sign In?
Displaying the page
Redirecting as Needed
Logging the User In
Blank Pages and Expiring Cookies
Errors Aren’t Always Interruptive
An Option for Repeat Attempts
Adding Context-Specific Menus
Putting a Menu Into Place
From HTML to Scripts
Any HTML File Can Be Converted to PHP
Challenge: Be Self-Referential with User Creation
Log Users Out
Require the Cookie to Be Set
13. Authorization and Sessions
Modeling Groups in Your Database
Adding a Groups Table
The Many-to-Many Relationship
One-to-One, One-to-Many, Many-to-Many
Joins are Best Done with IDs
Using a Join Table to Connect Users with Groups
Testing Out Group Membership
Checking for Group Membership
authorize.php Needs a Function
Taking in a List of Groups
Iterating Over Each Group
Allow, Deny, Redirect
Group-Specific Menus
Entering Browser Sessions
Sessions are Server-Side
Sessions Must Be Started
From $_COOKIE to $_SESSION
Sessions Must be Restarted, Too
$_REQUEST Doesn’t Include $_SESSION
Menu, Anyone?
And Then Sign Out…
Memory Lane: Remember that Phishing Problem?
So Why Ever Use Cookies?
Index
About the Author
← Prev
Back
Next →
← Prev
Back
Next →