You are previewing PHP & MySQL: The Missing Manual, 2nd Edition.
O'Reilly logo
PHP & MySQL: The Missing Manual, 2nd Edition

Book Description

If you can build websites with CSS and JavaScript, this book takes you to the next level—creating dynamic, database-driven websites with PHP and MySQL. With step-by-step tutorials, real-world examples, and jargon-free explanations, you’ll quickly discover the power of server-side programming.

Table of Contents

  1. PHP & MySQL: The Missing Manual, Second Edition
  2. The Missing Credits
    1. About the Author
    2. About the Creative Team
    3. Acknowledgments
    4. The Missing Manual Series
  3. Introduction
    1. What PHP and MySQL Can Do
    2. What Is PHP?
      1. What Is PHP Like?
      2. PHP Is All About the Web
      3. JavaScript Is Loose, PHP Is…Less So
      4. PHP Is Interpreted
      5. PHP Doesn’t Run in the Browser
    3. What Is MySQL?
    4. About This Book
      1. Macintosh and Windows
      2. FTP: It’s Critical
      3. About the Outline
    5. About the Online Resources
      1. Missing CD
      2. Registration
      3. Feedback
      4. Errata
    6. Safari® Books Online
  4. 1. PHP and MySQL Basics
    1. 1. PHP: What, Why, and Where?
      1. PHP Comes in Two Flavors: Local and Remote
        1. HTML and CSS Run Within a Web Browser
        2. JavaScript Adds Complexity, but Not Software
        3. PHP Is Not Part of Your Browser
        4. Write Anywhere, Run Where There’s PHP
      2. PHP: Going Local
        1. PHP on the Windows-Based Computers (WampServer Installation)
        2. PHP on the Mac (Default Installation)
        3. PHP on the Mac (MAMP Installation)
        4. Get Out Your Text Editor
      3. Write Your First Program
      4. Run Your First Program
      5. But Where’s That Web Server?
        1. The PHP Interpreter Is a Program You Can Run
        2. But, the HTML Is Coming…
    2. 2. PHP Meets HTML
      1. Script or HTML?
        1. Determination by Extension
        2. HTML Is Treated as HTML
        3. PHP Is Not HTML (by Extension)
        4. PHP Can Be HTML—by Response
      2. PHP Talks Back
        1. Write Another PHP Script
        2. Variables Vary
        3. Check Things Out Locally
      3. Run PHP Scripts Remotely
        1. Upload your HTML, CSS, and PHP
        2. Run Your Second Program
        3. Welcome to Programming!
    3. 3. PHP Syntax: Weird and Wonderful
      1. Get Information from a Web Form
        1. Accessing Request Parameters Directly
        2. Create Your Own Variables
      2. Working with Text in PHP
        1. Combine Text
        2. Searching Within Text
        3. Changing Text
        4. Trim and Replace Text
          1. Removing Extra Whitespace by Using Trim()
          2. Replacing Characters in Text by Using Str_replace()
      3. The $_REQUEST Variable Is an Array
        1. Arrays Can Hold Multiple Values
        2. PHP Gives You An Array of Request Information
      4. What Do You Do with User Information?
    4. 4. MySQL and SQL: Database and Language
      1. What Is a Database?
        1. Databases Are Persistent
        2. Databases Are All about Structure
        3. Good Databases Are Relational
      2. Installing MySQL
        1. The mysql Console Program: Your New Best Friend
        2. Run the mysql Tool on WampServer
          1. Find the MySQL Command-Line Program
          2. Give mysql the Right User and Password
        3. Run the mysql Tool on MAMP
          1. Set Up mysql for Your User Profile
          2. Give mysql the Right User and Password
        4. Run Your First SQL Query
      3. SQL Is a Language for Talking to Databases
        1. Logging In to Your Web Server’s Database
        2. Selecting a Database with USE
        3. Using CREATE to Make Tables
        4. Using DROP to Delete Tables
        5. INSERT a Few Rows
        6. Using SELECT for the Grand Finale
  5. 2. Dynamic Web Pages
    1. 5. Connecting PHP to MySQL
      1. Writing a Simple PHP Connection Script
        1. Connect to a MySQL Database
        2. Select the Database with PHP
        3. Viewing Your Database’s Tables by Using SHOW
          1. Handling Errors by Determining If Your Results are Not
          2. Print Out Your SQL Results
      2. Cleaning Up Your Code with Multiple Files
        1. Replacing Hand-Typed Values with Variables
        2. Abstracting Important Values into a Separate File
        3. Variables Vary, but Constants Stay Constant
      3. Building a Basic SQL Query Runner
        1. Creating an HTML Form with a Big Empty Box
        2. Connecting to Your Database (Again)
        3. Running Your User’s SQL Query (Again)
        4. Entering Your First Web-Based Query
        5. Handling Queries That Don’t SELECT Information
        6. Dealing with Humans
        7. Avoid Changing User Input Whenever Possible
    2. 6. Regular Expressions
      1. String Matching, Double-Time
        1. A Simple String Searcher
        2. Search for One String…Or Another
        3. Getting into Position
        4. Ditch trim and strtoupper
        5. Searching for Sets of Characters
        6. Regular Expressions: To Infinity and Beyond
        7. A Little Cleanup: Remove the echo Statements
    3. 7. Generating Dynamic Web Pages
      1. Revisiting a User’s Information
      2. Planning Your Database Tables
        1. Good Database Tables Have ID Columns
        2. Auto Increment Is Your Friend
          1. IDs and Primary Keys are Good Bedfellows
        3. Adding Constraints to Your Database
      3. Saving a User’s Information
        1. Building Your SQL Query
        2. Inserting a User
        3. A First Pass at Confirmation
        4. Users are Users, Not Programmers
      4. Show Me the User
        1. Creating a Mockup of a User Profile Page
        2. Changing a Table’s Structure by Using ALTER
        3. Building Your Script: First Pass
        4. Using SELECT to Retrieve a User from Your Database
        5. Pulling Values from a SQL Query Result
        6. Passing a User ID into show_user.php
      5. Revisiting (and Redirecting) the Create User Script
        1. Updating Your User Signup Form
        2. Updating Your User Creation Script
        3. Rounding Things Out by Using Regular Expressions (Again)
  6. 3. From Web Pages to Web Applications
    1. 8. When Things Go Wrong (and They Will)
      1. Planning Your Error Pages
        1. What Should Users See?
          1. Tell Your Users that a Problem has Occurred
          2. Bring Down the Panic Level in the Process
        2. Know When to Say When
      2. Finding a Middle Ground for Error Pages with PHP
        1. Creating a PHP Error Page
        2. Testing Your Solution
        3. Expect the Unexpected
        4. Welcome to Security and Phishing
          1. Phishing and Subtle Redirection
          2. The Dangers of Request Parameters
      3. Add Debugging to Your Application
        1. Who’s Using This App, Anyway?
        2. Now You See Me, Now You Don’t
        3. Moving from require to require_once
      4. Redirecting On Error
        1. Update connect.php to show_user.php
        2. Simplifying and Abstracting Your Code
        3. redirect Is Path-Insensitive
    2. 9. Handling Images and Complexity
      1. Images Are Just Files
        1. HTML Forms Can Set the Stage
        2. Uploading a User’s Image to Your Server
          1. Set Up Some Helper Variables
          2. Did the File Upload with Any Errors?
          3. Is this Really an Uploaded File?
          4. Is the Uploaded File Really an Image?
          5. Move the File to a Permanent Location
        3. Storing the Image Location in the Database
          1. Create a New Database Column
          2. Insert the Image Path Into Your Table
          3. Check Your Work
      2. Images Are for Viewing
        1. SELECTing the Image and Displaying It
        2. Converting File System Paths to URLs
        3. Displaying Your User’s Image: Take Two
      3. And Now for Something Completely Different
    3. 10. Binary Objects and Image Loading
      1. Storing Different Objects in Different Tables
      2. Inserting a Raw Image into a Table
        1. Beware: getimagesize Doesn’t Return a File Size
        2. The file_get_contents Function Does What You Think It Does
        3. INSERTing the Image
      3. Your Binary Data Isn’t Safe to Insert…Yet
        1. Printing a String to a Variable
        2. Getting the Correct ID Before Redirecting
      4. Connecting Users and Images
        1. Inserting an Image and then Inserting a User
        2. Joining Tables by Using WHERE
          1. Connect Your Tables Through Common Columns
          2. Alias Your Tables (and Columns)
      5. Show Me the Image!
        1. Displaying an Image
          1. Make a Game Plan for Your Script
          2. Get the Image ID
          3. Build and Run a Select Query
          4. Get the Results, Get the Image, and Deal with Potential Errors
          5. Tell the Browser What’s Coming
          6. Send the Image Data
        2. Handling Errors with try and catch
        3. Test, Test, Always Test
      6. Embedding an Image Is Just Viewing an Image
        1. All You Need Is an Image ID
        2. A Script Can Be an Image src
      7. So, Which Approach Is Best?
        1. OK, If You Insist on an Answer…
    4. 11. Listing, Iterating, and Administrating
      1. Thinking about What You Need as an Admin
        1. (User Interface) Brevity Is Still the Soul of Wit
        2. Wish Lists Are Good, Too
      2. Listing All Your Users
        1. SELECTing What You Need (Now)
        2. Building a Simple Admin Page
        3. Iterating Over Your Array
      3. Deleting a User
        1. Surveying the Individual Components
        2. Putting It All Together
        3. Deleting Users Shouldn’t Be Magical
          1. Start with a Little Javascript
          2. Finish with a Change in Linking
      4. Talking Back to Your Users
        1. redirect Has Some Limitations
        2. JavaScript alert Redux
          1. An All-Javascript Approach
          2. Your PHP Controls your Output
        3. alert Is Interruptive
      5. Standardizing on Messaging
        1. Building a New Utility Function for Display
        2. Duplicate Code Is a Problem Waiting to Happen
        3. View and Display Code Belongs Together
      6. Integrating Utilities, Views, and Messages
        1. Calling Repeated Code from a View Script
        2. Flexible Functions Are Better Functions
          1. Use Default Argument Values in Display_Messages
          2. Output a Standard Header with Heredoc
          3. Update Your Script(s) to Use Display_Head
        3. Standardizing and Consolidating Messaging in the View
        4. Building a Function to Call Two Functions
        5. Just Pass That Information Along
  7. 4. Security and the Real World
    1. 12. Authentication and Authorization
      1. Basic Authentication
        1. Using HTTP Headers for Basic Authentication
        2. Basic Authentication Is…Well, Basic
        3. The Worst Authentication Ever
        4. Getting Your User’s Credentials
        5. Cancel Is Not a Valid Means of Authentication
        6. Getting Your User’s Credentials
      2. Abstracting What’s the Same
        1. Another Utility Script: authorize.php
      3. Passwords Don’t Belong in PHP Scripts
        1. Updating the users Table
        2. Dealing with Newly Invalid Data
        3. Getting an Initial User Name and Password
        4. Inserting the User Name and Password
        5. Connect authorize.php to Your users Table
      4. Passwords Create Security, But Should Be Secure
        1. Encrypting Text by Using the crypt Function
        2. crypt Is One-Way Encryption
        3. Encryption Uses Salt
    2. 13. Cookies, Sign-Ins, and Ditching Crummy Pop-Ups
      1. Moving Beyond Basic Authentication
        1. Starting with a Landing Page
        2. Taking Control of User Sign Ins
        3. From HTTP Authentication to Cookies
          1. What is a Cookie?
          2. Create and Retrieve Cookies
      2. Logging In with Cookies
        1. Determining Whether the User Is Already Signed In
        2. Is the User Trying to Sign In?
        3. Displaying the Page
        4. Redirecting as Needed
        5. Logging In the User
        6. Blank Pages and Expiring Cookies
        7. Errors Aren’t Always Interruptive
        8. An Option for Repeat Attempts
      3. Adding Context-Specific Menus
        1. Putting a Menu into Place
        2. From HTML to Scripts
          1. Any HTML File Can Be Converted to PHP
          2. Challenge: Be Self-Referential with User Creation
        3. Logging Users Out
        4. Requiring the Cookie to Be Set
    3. 14. Authorization and Sessions
      1. Modeling Groups in Your Database
        1. Adding a Groups Table
        2. The Many-to-Many Relationship
          1. One-to-One, One-to-Many, Many-to-Many
          2. Joins are Best Done with IDS
          3. Use a Join Table to Connect Users with Groups
        3. Testing Group Membership
      2. Checking for Group Membership
        1. authorize.php Needs a Function
        2. Take in a List of Groups
        3. Iterating Over Each Group
        4. Allow, Deny, Redirect
      3. Group-Specific Menus
      4. Entering Browser Sessions
        1. Sessions Are Server-Side
        2. Sessions Must Be Started
        3. From $_COOKIE to $_SESSION
        4. Sessions Must Be Restarted, Too
        5. $_REQUEST Doesn’t Include $_SESSION
        6. Menu, Anyone?
        7. And Then, Sign Out…
      5. Memory Lane: Remember That Phishing Problem?
      6. Why Would You Ever Use Cookies?
  8. 5. Appendixes
    1. A. Installing PHP on Windows Without WAMP
      1. Installing PHP from www.php.net
    2. B. Installing MySQL Without MAMP or WAMP
      1. Installing MySQL
        1. MySQL on Windows
        2. MySQL on Mac OS X
  9. Index
  10. About the Author
  11. Copyright