Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
PHP & MySQL: The Missing Manual, Second Edition
A Note Regarding Supplemental Files
The Missing Credits
About the Author
About the Creative Team
Acknowledgments
The Missing Manual Series
Introduction
What PHP and MySQL Can Do
What Is PHP?
What Is PHP Like?
PHP Is All About the Web
JavaScript Is Loose, PHP Is…Less So
PHP Is Interpreted
PHP Doesn’t Run in the Browser
What Is MySQL?
About This Book
Macintosh and Windows
FTP: It’s Critical
About the Outline
About the Online Resources
Missing CD
Registration
Feedback
Errata
Safari® Books Online
1. PHP and MySQL Basics
1. PHP: What, Why, and Where?
PHP Comes in Two Flavors: Local and Remote
HTML and CSS Run Within a Web Browser
JavaScript Adds Complexity, but Not Software
PHP Is Not Part of Your Browser
Write Anywhere, Run Where There’s PHP
PHP: Going Local
PHP on the Windows-Based Computers (WampServer Installation)
PHP on the Mac (Default Installation)
PHP on the Mac (MAMP Installation)
Get Out Your Text Editor
Write Your First Program
Run Your First Program
But Where’s That Web Server?
The PHP Interpreter Is a Program You Can Run
But, the HTML Is Coming…
2. PHP Meets HTML
Script or HTML?
Determination by Extension
HTML Is Treated as HTML
PHP Is Not HTML (by Extension)
PHP Can Be HTML—by Response
PHP Talks Back
Write Another PHP Script
Variables Vary
Check Things Out Locally
Run PHP Scripts Remotely
Upload your HTML, CSS, and PHP
Run Your Second Program
Welcome to Programming!
3. PHP Syntax: Weird and Wonderful
Get Information from a Web Form
Accessing Request Parameters Directly
Create Your Own Variables
Working with Text in PHP
Combine Text
Searching Within Text
Changing Text
Trim and Replace Text
Removing Extra Whitespace by Using Trim()
Replacing Characters in Text by Using Str_replace()
The $_REQUEST Variable Is an Array
Arrays Can Hold Multiple Values
PHP Gives You An Array of Request Information
What Do You Do with User Information?
4. MySQL and SQL: Database and Language
What Is a Database?
Databases Are Persistent
Databases Are All about Structure
Good Databases Are Relational
Installing MySQL
The mysql Console Program: Your New Best Friend
Run the mysql Tool on WampServer
Find the MySQL Command-Line Program
Give mysql the Right User and Password
Run the mysql Tool on MAMP
Set Up mysql for Your User Profile
Give mysql the Right User and Password
Run Your First SQL Query
SQL Is a Language for Talking to Databases
Logging In to Your Web Server’s Database
Selecting a Database with USE
Using CREATE to Make Tables
Using DROP to Delete Tables
INSERT a Few Rows
Using SELECT for the Grand Finale
2. Dynamic Web Pages
5. Connecting PHP to MySQL
Writing a Simple PHP Connection Script
Connect to a MySQL Database
Select the Database with PHP
Viewing Your Database’s Tables by Using SHOW
Handling Errors by Determining If Your Results are Not
Print Out Your SQL Results
Cleaning Up Your Code with Multiple Files
Replacing Hand-Typed Values with Variables
Abstracting Important Values into a Separate File
Variables Vary, but Constants Stay Constant
Building a Basic SQL Query Runner
Creating an HTML Form with a Big Empty Box
Connecting to Your Database (Again)
Running Your User’s SQL Query (Again)
Entering Your First Web-Based Query
Handling Queries That Don’t SELECT Information
Dealing with Humans
Avoid Changing User Input Whenever Possible
6. Regular Expressions
String Matching, Double-Time
A Simple String Searcher
Search for One String…Or Another
Getting into Position
Ditch trim and strtoupper
Searching for Sets of Characters
Regular Expressions: To Infinity and Beyond
A Little Cleanup: Remove the echo Statements
7. Generating Dynamic Web Pages
Revisiting a User’s Information
Planning Your Database Tables
Good Database Tables Have ID Columns
Auto Increment Is Your Friend
IDs and Primary Keys are Good Bedfellows
Adding Constraints to Your Database
Saving a User’s Information
Building Your SQL Query
Inserting a User
A First Pass at Confirmation
Users are Users, Not Programmers
Show Me the User
Creating a Mockup of a User Profile Page
Changing a Table’s Structure by Using ALTER
Building Your Script: First Pass
Using SELECT to Retrieve a User from Your Database
Pulling Values from a SQL Query Result
Passing a User ID into show_user.php
Revisiting (and Redirecting) the Create User Script
Updating Your User Signup Form
Updating Your User Creation Script
Rounding Things Out by Using Regular Expressions (Again)
3. From Web Pages to Web Applications
8. When Things Go Wrong (and They Will)
Planning Your Error Pages
What Should Users See?
Tell Your Users that a Problem has Occurred
Bring Down the Panic Level in the Process
Know When to Say When
Finding a Middle Ground for Error Pages with PHP
Creating a PHP Error Page
Testing Your Solution
Expect the Unexpected
Welcome to Security and Phishing
Phishing and Subtle Redirection
The Dangers of Request Parameters
Add Debugging to Your Application
Who’s Using This App, Anyway?
Now You See Me, Now You Don’t
Moving from require to require_once
Redirecting On Error
Update connect.php to show_user.php
Simplifying and Abstracting Your Code
redirect Is Path-Insensitive
9. Handling Images and Complexity
Images Are Just Files
HTML Forms Can Set the Stage
Uploading a User’s Image to Your Server
Set Up Some Helper Variables
Did the File Upload with Any Errors?
Is this Really an Uploaded File?
Is the Uploaded File Really an Image?
Move the File to a Permanent Location
Storing the Image Location in the Database
Create a New Database Column
Insert the Image Path Into Your Table
Check Your Work
Images Are for Viewing
SELECTing the Image and Displaying It
Converting File System Paths to URLs
Displaying Your User’s Image: Take Two
And Now for Something Completely Different
10. Binary Objects and Image Loading
Storing Different Objects in Different Tables
Inserting a Raw Image into a Table
Beware: getimagesize Doesn’t Return a File Size
The file_get_contents Function Does What You Think It Does
INSERTing the Image
Your Binary Data Isn’t Safe to Insert…Yet
Printing a String to a Variable
Getting the Correct ID Before Redirecting
Connecting Users and Images
Inserting an Image and then Inserting a User
Joining Tables by Using WHERE
Connect Your Tables Through Common Columns
Alias Your Tables (and Columns)
Show Me the Image!
Displaying an Image
Make a Game Plan for Your Script
Get the Image ID
Build and Run a Select Query
Get the Results, Get the Image, and Deal with Potential Errors
Tell the Browser What’s Coming
Send the Image Data
Handling Errors with try and catch
Test, Test, Always Test
Embedding an Image Is Just Viewing an Image
All You Need Is an Image ID
A Script Can Be an Image src
So, Which Approach Is Best?
OK, If You Insist on an Answer…
11. Listing, Iterating, and Administrating
Thinking about What You Need as an Admin
(User Interface) Brevity Is Still the Soul of Wit
Wish Lists Are Good, Too
Listing All Your Users
SELECTing What You Need (Now)
Building a Simple Admin Page
Iterating Over Your Array
Deleting a User
Surveying the Individual Components
Putting It All Together
Deleting Users Shouldn’t Be Magical
Start with a Little Javascript
Finish with a Change in Linking
Talking Back to Your Users
redirect Has Some Limitations
JavaScript alert Redux
An All-Javascript Approach
Your PHP Controls your Output
alert Is Interruptive
Standardizing on Messaging
Building a New Utility Function for Display
Duplicate Code Is a Problem Waiting to Happen
View and Display Code Belongs Together
Integrating Utilities, Views, and Messages
Calling Repeated Code from a View Script
Flexible Functions Are Better Functions
Use Default Argument Values in Display_Messages
Output a Standard Header with Heredoc
Update Your Script(s) to Use Display_Head
Standardizing and Consolidating Messaging in the View
Building a Function to Call Two Functions
Just Pass That Information Along
4. Security and the Real World
12. Authentication and Authorization
Basic Authentication
Using HTTP Headers for Basic Authentication
Basic Authentication Is…Well, Basic
The Worst Authentication Ever
Getting Your User’s Credentials
Cancel Is Not a Valid Means of Authentication
Getting Your User’s Credentials
Abstracting What’s the Same
Another Utility Script: authorize.php
Passwords Don’t Belong in PHP Scripts
Updating the users Table
Dealing with Newly Invalid Data
Getting an Initial User Name and Password
Inserting the User Name and Password
Connect authorize.php to Your users Table
Passwords Create Security, But Should Be Secure
Encrypting Text by Using the crypt Function
crypt Is One-Way Encryption
Encryption Uses Salt
13. Cookies, Sign-Ins, and Ditching Crummy Pop-Ups
Moving Beyond Basic Authentication
Starting with a Landing Page
Taking Control of User Sign Ins
From HTTP Authentication to Cookies
What is a Cookie?
Create and Retrieve Cookies
Logging In with Cookies
Determining Whether the User Is Already Signed In
Is the User Trying to Sign In?
Displaying the Page
Redirecting as Needed
Logging In the User
Blank Pages and Expiring Cookies
Errors Aren’t Always Interruptive
An Option for Repeat Attempts
Adding Context-Specific Menus
Putting a Menu into Place
From HTML to Scripts
Any HTML File Can Be Converted to PHP
Challenge: Be Self-Referential with User Creation
Logging Users Out
Requiring the Cookie to Be Set
14. Authorization and Sessions
Modeling Groups in Your Database
Adding a Groups Table
The Many-to-Many Relationship
One-to-One, One-to-Many, Many-to-Many
Joins are Best Done with IDS
Use a Join Table to Connect Users with Groups
Testing Group Membership
Checking for Group Membership
authorize.php Needs a Function
Take in a List of Groups
Iterating Over Each Group
Allow, Deny, Redirect
Group-Specific Menus
Entering Browser Sessions
Sessions Are Server-Side
Sessions Must Be Started
From $_COOKIE to $_SESSION
Sessions Must Be Restarted, Too
$_REQUEST Doesn’t Include $_SESSION
Menu, Anyone?
And Then, Sign Out…
Memory Lane: Remember That Phishing Problem?
Why Would You Ever Use Cookies?
5. Appendixes
A. Installing PHP on Windows Without WAMP
Installing PHP from www.php.net
B. Installing MySQL Without MAMP or WAMP
Installing MySQL
MySQL on Windows
MySQL on Mac OS X
Index
About the Author
Copyright
← Prev
Back
Next →
← Prev
Back
Next →