You are previewing PHP & MySQL: The Missing Manual.
O'Reilly logo
PHP & MySQL: The Missing Manual

Book Description

If you can build websites with CSS and JavaScript, this book takes you to the next level—creating dynamic, database-driven websites with PHP and MySQL. Learn how to build a database, manage your content, and interact with users through queries and web forms. With step-by-step tutorials, real-world examples, and jargon-free explanations, you’ll soon discover the power of server-side programming.

Table of Contents

  1. Special Upgrade Offer
  2. A Note Regarding Supplemental Files
  3. The Missing Credits
    1. About the Author
    2. About the Creative Team
    3. Acknowledgments
    4. The Missing Manual Series
  4. Introduction
    1. What Is PHP?
      1. PHP Is All About the Web
      2. JavaScript Is Loose, PHP Is…Less So
      3. PHP Is Interpreted
    2. What Is MySQL?
    3. About This Book
      1. Macintosh and Windows
      2. FTP: It’s Critical
      3. About the Outline
    4. About the Online Resources
      1. Missing CD
      2. Registration
      3. Feedback
      4. Errata
    5. Safari® Books Online
  5. 1. PHP and MySQL Basics
    1. 1. PHP: What, Why, and Where?
      1. Gathering Your Tools
        1. PHP on the PC
        2. PHP on the Mac
        3. Get Out Your Text Editor
      2. Writing Your First Program
      3. Running Your First Program
      4. Writing Your Second Program
        1. Start with an HTML Page
        2. Write a PHP Script
        3. Variables Vary
      5. Upload Your HTML, CSS, and PHP
      6. Running Your Second Program
    2. 2. PHP Syntax: Weird and Wonderful
      1. Get Information from a Web Form
        1. Access Request Parameters Directly
        2. Create Your Own Variables
      2. Working with Text in PHP
        1. Combining Text
        2. Searching Within Text
        3. Changing Text
        4. Trimming and Replacing Text
          1. Remove Extra White Space with trim()
          2. Replace Characters in Text with str_replace()
      3. The $_REQUEST Variable
        1. Arrays Can Hold Multiple Values
        2. Working with $_REQUEST as an Array
      4. What Do You Do with User Information?
    3. 3. MySQL and SQL: Database and Language
      1. What Is a Database?
        1. Databases Are Persistent
        2. Databases Are All About Structure
        3. (Good) Databases Are Relational
      2. Installing MySQL
        1. MySQL on Windows
        2. MySQL on Mac OS X
        3. Running Your First SQL Query
      3. SQL Is a Language for Talking to Databases
        1. Logging In to Your Web Server’s Database
        2. USE a Database
        3. Making Tables with CREATE
        4. Deleting Tables with DROP
        5. INSERT a Few Rows
        6. SELECT for the Grand Finale
  6. 2. Dynamic Web Pages
    1. 4. Connecting PHP to MySQL
      1. Writing a Simple PHP Connection Script
        1. Connecting to a MySQL Database
        2. Selecting the Database to USE
        3. SHOW Your Database’s Tables
          1. Handling Errors By Seeing If Your Results are Not
          2. Printing Out Your SQL Results
      2. Cleaning Up Your Code with Multiple Files
        1. Replacing Hand-Typed Values with Variables
        2. Abstracting Important Values into a Separate File
        3. Variables Vary, But Constants Stay Constant
      3. Building a Basic SQL Query Runner
        1. Creating an HTML Form with a Big Empty Box
        2. Connecting to Your Database (Again)
        3. Running Your User’s SQL Query (Again)
        4. Entering Your First Web-Based Query
        5. Handling Queries That Don’t SELECT Information
        6. Dealing with Humans
        7. Avoid Changing User Input Whenever Possible
    2. 5. Better Searching with Regular Expressions
      1. String Matching, Double-Time
        1. A Simple String Searcher
        2. Search for One String…Or Another
        3. Get into Position
        4. Ditching trim and strtoupper
        5. Searching for Sets of Characters
        6. Regular Expressions: To Infinity and Beyond
    3. 6. Generating Dynamic Web Pages
      1. Revisiting a User’s Information
      2. Planning Your Database Tables
        1. Good Database Tables Have id Columns
        2. Auto-Increment Is Your Friend
          1. IDs and Primary Keys are Good Bedfellows
        3. Adding Constraints to Your Database
      3. Saving a User’s Information
        1. Building Your SQL Query
        2. Inserting a User
        3. A First Pass at Confirmation
        4. Users Are Users, Not Programmers
      4. Show Me the User
        1. Mocking Up a User Profile Page
        2. Changing a Table’s Structure with ALTER
        3. Building Your Script: First Pass
        4. SELECT a User From Your Database
        5. Pulling Values From a SQL Query Result
        6. Getting a User ID into show_user.php
      5. Redirection and Revisitation of Creating Users
        1. Updating Your User Signup Form
        2. Updating Your User Creation Script
        3. Rounding Things Out with Regular Expressions (Again)
  7. 3. From Web Pages to Web Applications
    1. 7. When Things Go Wrong (and They Will)
      1. Planning Your Error Pages
        1. What Should Users See?
          1. Tell Your Users that a Problem has Occurred
          2. Use the Appropriate Tone for Your Error Message
        2. Know When to Say When
      2. Finding a Middle Ground for Error Pages with PHP
        1. Creating a PHP Error Page
        2. Testing out Your Faulty Solution
        3. Expect the Unexpected
        4. Welcome to Security and Phishing
          1. Phishing and Subtle Redirection
          2. The Dangers of Request Parameters
      3. Add Debugging to Your Application
        1. Turn on PHP Error Reporting
          1. Set Error Reporting Globally
          2. Turn Off Error Reporting When You Go to Production
        2. Moving from require to require_once
        3. Now You See Me, Now You Don’t
      4. Redirecting on Error
        1. Updating Your Script to Use show_error.php
        2. Simplify and Abstract
        3. redirect is Path-Insensitive
    2. 8. Handling Images and Complexity
      1. Images Are Just Files
        1. HTML Forms Can Set the Stage
        2. Uploading a User’s Image to Your Server
          1. Setting Up Some Helper Variables
          2. Did the File Upload with Any Errors?
          3. Is this Really an Uploaded File?
          4. Is the Uploaded File Really an Image?
          5. Moving the File to a Permanent Location
        3. Storing the Image Location in the Database
          1. Creating a New Database Column
          2. Inserting the Image Path into Your Table
          3. Checking Your Work
      2. Images Are For Viewing
        1. SELECT the Image and Display It
        2. Converting File System Paths to URLs
        3. Displaying Your User’s Image: Take Two
        4. A Few Quick Revisions to app_config.php
      3. And Now for Something Completely Different
    3. 9. Binary Objects and Image Loading
      1. Storing Different Objects in Different Tables
      2. Inserting a Raw Image into a Table
        1. getimagesize Doesn’t Return a File Size
        2. file_get_contents Does What You Think It Does
        3. INSERT the Image
      3. Your Binary Data Isn’t Safe to Insert…Yet
        1. Printing a String to a Variable
        2. Getting the Correct ID Before Redirecting
      4. Connecting Users and Images
        1. Inserting an Image, then Inserting a User
        2. Joining Tables with WHERE
          1. Connect Your Tables Through Common Columns
          2. Alias Your Tables (and Columns)
      5. Show Me the Image
        1. Displaying an Image
          1. Game Plan Your Script
          2. Get the Image ID
          3. Build and Run a Select Query
          4. Get the Results, Get the Image, and Deal with Potential Errors
          5. Tell the Browser What’s Coming
          6. Send the Image Data
        2. Catching and Handling Errors
        3. Test, Test, Always Test
      6. Embedding an Image Is Just Viewing an Image
        1. All You Need is an Image ID
        2. A Script Can Be an Image src
      7. So Which Approach is Best?
        1. OK, If You Insist on an Answer…
    4. 10. Listing, Iterating, and Administrating
      1. Some Things Never Change
        1. (User Interface) Brevity is Still the Soul of Wit
        2. Wish Lists are Good, Too
      2. Listing All Your Users
        1. SELECTing What You Need (Now)
        2. Building a Simple Admin Page
        3. Iterating Over Your Array
      3. Deleting a User
        1. Surveying the Individual Components
        2. Putting It All Together
        3. Deleting Users Shouldn’t Be Magical
          1. Start with a Little Javascript
          2. Finish with a Change in Linking
      4. Talking Back To Your Users
        1. redirect Has Some Limitations
        2. JavaScript alert Redux
          1. An All-Javascript Approach
          2. Your PHP Controls Your Output
        3. alert Is Interruptive
      5. Standardizing on Messaging
        1. Building a New Utility Function for Display
        2. Duplicate Code is a Problem Waiting to Happen
        3. View and Display Code Belongs Together
      6. Integrating Utilities, Views, and Messages
        1. Calling Repeated Code from a View Script
        2. Flexible Functions are Better Functions
          1. Use Default Argument Values in Display_Messages
          2. Outputting a Standard Header with Heredoc
          3. Updating Your Script(S) to Use Display_Head
        3. Standardize and Consolidate Messaging in the View
        4. Build a Function to Call Two Functions
        5. Just Pass that Information Along
  8. 4. Security and the Real World
    1. 11. Authentication and Authorization
      1. Start with Basic Authentication
        1. Basic Authentication Using HTTP Headers
        2. Basic Authentication is…Pretty Basic
        3. The Worst Authentication Ever
        4. Get Your User’s Credentials
        5. Cancel is Not a Valid Means of Authentication
        6. Get Your User’s Credentials (Really!)
      2. Abstracting What’s the Same
        1. Another Utility Script: authorize.php
      3. Passwords Don’t Belong in PHP Scripts
        1. Updating the users Table
        2. Deal with Newly Invalid Data
        3. You Need to Get an Initial Username and Password
        4. Inserting the User’s Username and Password
        5. Connect authorize.php to Your users Table
      4. Passwords Create Security, But Should Be Secure
        1. Encrypt Text with the crypt Function
        2. crypt is One-Way Encryption
        3. Encryption Uses Salt
    2. 12. Cookies, Sign-ins, and Ditching Crummy Pop-ups
      1. Going Beyond Basic Authentication
        1. Starting with a Landing Page
        2. Taking Control of User Sign-ins
        3. From HTTP Authentication to Cookies
          1. What is a Cookie?
          2. Create and Retrieve Cookies
      2. Logging In with Cookies
        1. Is the User is Already Signed In?
        2. Is the User Trying to Sign In?
        3. Displaying the page
        4. Redirecting as Needed
        5. Logging the User In
        6. Blank Pages and Expiring Cookies
        7. Errors Aren’t Always Interruptive
        8. An Option for Repeat Attempts
      3. Adding Context-Specific Menus
        1. Putting a Menu Into Place
        2. From HTML to Scripts
          1. Any HTML File Can Be Converted to PHP
          2. Challenge: Be Self-Referential with User Creation
        3. Log Users Out
        4. Require the Cookie to Be Set
    3. 13. Authorization and Sessions
      1. Modeling Groups in Your Database
        1. Adding a Groups Table
        2. The Many-to-Many Relationship
          1. One-to-One, One-to-Many, Many-to-Many
          2. Joins are Best Done with IDs
          3. Using a Join Table to Connect Users with Groups
        3. Testing Out Group Membership
      2. Checking for Group Membership
        1. authorize.php Needs a Function
        2. Taking in a List of Groups
        3. Iterating Over Each Group
        4. Allow, Deny, Redirect
      3. Group-Specific Menus
      4. Entering Browser Sessions
        1. Sessions are Server-Side
        2. Sessions Must Be Started
        3. From $_COOKIE to $_SESSION
        4. Sessions Must be Restarted, Too
        5. $_REQUEST Doesn’t Include $_SESSION
        6. Menu, Anyone?
        7. And Then Sign Out…
      5. Memory Lane: Remember that Phishing Problem?
      6. So Why Ever Use Cookies?
  9. Index
  10. About the Author
  11. Special Upgrade Offer
  12. Copyright