ITCS373: Internet Technology Server-Side Programming PHP – Part 2 Dr. Faisal Al-Qaed.
Chapter 4-2 PHP Part 2
Transcript of Chapter 4-2 PHP Part 2
-
8/13/2019 Chapter 4-2 PHP Part 2
1/43
ITCS373/ITCS473: InternetSoftware Development
Chapter 4-2: Server-SideProgramming PHP
Dr. Faisal Al-Qaed
-
8/13/2019 Chapter 4-2 PHP Part 2
2/43
PHP and MySQL DB
MySQL is a database serverMySQL is ideal for both small and large
applications
MySQL supports standard SQL
MySQL compiles on a number of platformsMySQL is free to download and use
PHP combined with MySQL are cross-platform
(you can develop in Windows and serve on aUnix platform)
PHPMyAdmin: it is a web-based tool that allowyou to administrate your MySQL databases over
the WWW, built using a set of PHP Scripts.
-
8/13/2019 Chapter 4-2 PHP Part 2
3/43
MySQL DataBase
MySQL is a database. A database is integratedcollection of data. The data in MySQL is stored in database objects called
tables. A table is a collections of related data entries and it
consists of columns and rows. Databases are useful when storing informationcategorically. A company may have a database with thefollowing tables: "Employees", "Products", "Customers"and "Orders".
A database most often contains one or more tables.Each table is identified by a name (e.g. "Customers" or"Orders"). Tables contain records (rows) with data.
A databse query is a question or a request. With MySQL,we can query a database (using Structured QueryLanguage (SQL)) for specific information and have arecordset returned.
-
8/13/2019 Chapter 4-2 PHP Part 2
4/43
Assume we have Customer Table
-
8/13/2019 Chapter 4-2 PHP Part 2
5/43
A quick SQL TutorialTo retrieve data from the table, we use select * from
tablename: Select * from Customer Select ID, Name, Age from Customer Select * from Customer where ID=1
Select * from Customer where Age
-
8/13/2019 Chapter 4-2 PHP Part 2
6/43
SQL Insert
INSERT INTO table_nameVALUES(value1, value2, value3,...)
INSERT INTO Customer VALUES(1,'Nilsen', NN', abc123', 22, Student')
-
8/13/2019 Chapter 4-2 PHP Part 2
7/43
SQL Update
UPDATE table_name SETcolumn1=value, column2=value2,...WHERE some_column=some_value
UPDATE Customer SET Age=37,Occupation='Student' WHEREName=Noor' OR ID=2
-
8/13/2019 Chapter 4-2 PHP Part 2
8/43
SQL Delete
DELETE FROM table_name WHEREsome_column=some_value
DELETE FROM Customer WHEREName=Hesham' AND Age>30
-
8/13/2019 Chapter 4-2 PHP Part 2
9/43
Type in: localhost Click onphpMyAdmin toaccess MySQL
Enter yourusername and
password
(i.e. root andabc123)
-
8/13/2019 Chapter 4-2 PHP Part 2
10/43
First Step: Create DBEnter DBName andclick create
-
8/13/2019 Chapter 4-2 PHP Part 2
11/43
Create Table
To create table To add
more fieldsto the table
-
8/13/2019 Chapter 4-2 PHP Part 2
12/43
Insert Data
Select the table students, click on insert,then type in the values, then finally click ongo button to insert new data into your table
-
8/13/2019 Chapter 4-2 PHP Part 2
13/43
Browse/Edit/Delete
After inserting data, you can browse thetable by clicking Browse (see Top-Left),and then you will see you table, clicking on
pencil picture will allow you to edit thatrow, or clicking on the X picture will allowyou to delete that record.
-
8/13/2019 Chapter 4-2 PHP Part 2
14/43
Using SQL
You can use SQL statements to CreateTable, Insert records, browse recordsusing Select, Delete records, etc.
Enter your
SQL here
Executeyour SQL
Fields name
-
8/13/2019 Chapter 4-2 PHP Part 2
15/43
Allow you toexport DBand import itto different
machine
Allow you to editand deletedatabase
-
8/13/2019 Chapter 4-2 PHP Part 2
16/43
In the LAB you were given a quick tutorialon using MySQL with PHPMyAdmin and
SQL statements. You should now know:How to create/delete a database?
How to create/delete table?
How to insert/edit/delete a record?How to browse table contents?
How to use SQL to create table,select/update/delete/insert records?
How to import/export your database?
-
8/13/2019 Chapter 4-2 PHP Part 2
17/43
MySQL database
Connect
-
8/13/2019 Chapter 4-2 PHP Part 2
18/43
Displaying the data in the table
Select $result = mysql_query("SELECT * FROM Customer");
Display in a table echo "
IDNameAge"; while($row = mysql_fetch_array($result)) { echo ""; echo "" . $row[ID'] . ""; echo "" . $row[Name'] . "";
echo "" . $row[Age'] . ""; echo ""; } echo "";
-
8/13/2019 Chapter 4-2 PHP Part 2
19/43
Inserting into the table
mysql_query("INSERT INTO CustomerVALUES(10,Ali',un, '23,25,Student )") ordie(mysql_error());
-
8/13/2019 Chapter 4-2 PHP Part 2
20/43
More Examples
$result = mysql_query("SELECT * FROMCustomer WHERE Age>'18' " );
$result = mysql_query("SELECT * FROMCustomer WHERE Age>'18' ORDER ByName" );
mysql_query("UPDATE Customer SET Age ='36 WHERE Name = Ali' ") ordie(mysql_error());
mysql_query("DELETE FROM CustomerWHERE id='2'") or die(mysql_error());
-
8/13/2019 Chapter 4-2 PHP Part 2
21/43
ExamplesCreate a database named example
Create a table named customers with the following attributes:
IDtype= int
Nametype= varchar of size 20
Usernametype= varchar of size 20
Passwordtype= varchar of size 20
Agetype= int
Occupationtype= varchar of size 30
-
8/13/2019 Chapter 4-2 PHP Part 2
22/43
Example 1: Login Verification
Querying a MySQL Database
Username
Password -
8/13/2019 Chapter 4-2 PHP Part 2
23/43
e1_select.php
-
8/13/2019 Chapter 4-2 PHP Part 2
24/43
Example 2: User Sign-Up
-
8/13/2019 Chapter 4-2 PHP Part 2
25/43
Form.htm
ID:Name:Age:Username:PasswordConfirm Password:Occupation:StudentManager
MessengerTeacher
-
8/13/2019 Chapter 4-2 PHP Part 2
26/43
e2_insert.php
-
8/13/2019 Chapter 4-2 PHP Part 2
27/43
Example 3: Update Details Read only
-
8/13/2019 Chapter 4-2 PHP Part 2
28/43
View.php
-
8/13/2019 Chapter 4-2 PHP Part 2
29/43
e3_edit.php
-
8/13/2019 Chapter 4-2 PHP Part 2
30/43
e3_update.php
-
8/13/2019 Chapter 4-2 PHP Part 2
31/43
Example 4: Delete Users
Note: use the same code as view.php for listing all users but changethe form action to e4_delete
-
8/13/2019 Chapter 4-2 PHP Part 2
32/43
e4_delete.php
-
8/13/2019 Chapter 4-2 PHP Part 2
33/43
Required Reading and UsefulFunctions
Part 8: Databases and MySQL
Mysqli [not required]
Useful Functions:
mysql_num_rows()
md5()
mysql_fetch_object() and reading data as
objectmysql_insert_id()
Mini ProjectRead Part 14
-
8/13/2019 Chapter 4-2 PHP Part 2
34/43
PHP Upload
A very useful aspect of PHP is its ability tomanage file uploads to your server.
However, allowing users to upload a file toyour server opens a whole can of worms,so please be careful when enabling file
uploads.
-
8/13/2019 Chapter 4-2 PHP Part 2
35/43
HTML Form needed for upload
Choose a file to upload:
-
8/13/2019 Chapter 4-2 PHP Part 2
36/43
Here is a brief description of the important parts of the above code: enctype="multipart/form-data"- Necessary for our to-be-created
PHP file to function properly. action="uploader.php"- The name of our PHP page that will be
created, shortly.
method="POST"- Informs the browser that we want to sendinformation to the server using POST.
input type="hidden" name="MA...- Sets the maximum allowablefile size, in bytes, that can be uploaded. This safety mechanism iseasily bypassed and we will show a solid backup solution in PHP.We have set the max file size to 100KB in this example.
input name=myFile" - myFile is how we will access the file in our
PHP script.
-
8/13/2019 Chapter 4-2 PHP Part 2
37/43
When the uploader.phpfile is executed, the uploaded fileexists in a temporary storage area on the server. If thefile is not moved to a different location it will be
destroyed! To save our precious file we are going toneed to make use of the $_FILESassociative array.
The $_FILESarray is where PHP stores all theinformation about files. There are two elements of thisarray that we will need to understand for this example.
myFile- is the reference we assigned in our HTML form. We willneed this to tell the $_FILES array which file we want to playaround with.
$_FILES[myFile']['name']- namecontains the original path ofthe user uploaded file.
$_FILES[myFile']['tmp_name']- tmp_namecontains the pathto the temporary file that resides on the server. The file shouldexist on the server in a temporary directory with a temporaryname.
http://www.tizag.com/phpT/arrays.phphttp://www.tizag.com/phpT/arrays.php -
8/13/2019 Chapter 4-2 PHP Part 2
38/43
Simple File Upload Example
-
8/13/2019 Chapter 4-2 PHP Part 2
39/43
PHP - File Upload: Safe Practices!
Note:This script is for education purposes only.We do not recommend placing this on a webpage viewable to the public.
These few lines of code we have given you willallow anyone to upload data to your server.Because of this, we recommend that you do nothave such a simple file uploader available to the
general public. Otherwise, you might find thatyour server is filled with junk or that your server'ssecurity has been compromised.
-
8/13/2019 Chapter 4-2 PHP Part 2
40/43
Practical Upload Example
Filename:
l d fil h
-
8/13/2019 Chapter 4-2 PHP Part 2
41/43
upload_file.php
-
8/13/2019 Chapter 4-2 PHP Part 2
42/43
List of Mime Types
Pdf = application/pdf Doc = application/msword Css = text/css Bmp = image/bmp
Htm/html = text/html Mov = video/quicktime Mp3 = audio/mpeg3 Mpg = video/mpeg Ppt = application/powerpoint Txt = text/plainFor Complete Reference: check this websitehttp://www.webmaster-toolkit.com/mime-types.shtml
http://www.webmaster-toolkit.com/mime-types.shtmlhttp://www.webmaster-toolkit.com/mime-types.shtmlhttp://www.webmaster-toolkit.com/mime-types.shtmlhttp://www.webmaster-toolkit.com/mime-types.shtmlhttp://www.webmaster-toolkit.com/mime-types.shtmlhttp://www.webmaster-toolkit.com/mime-types.shtml -
8/13/2019 Chapter 4-2 PHP Part 2
43/43
PHP what else?
You can still do many many more things withPHP and SS scripts:You can create/manage/delete/rename
directories/files on the server (i.e.
mkdir($dirName,0777);)You can access and manipulate XML data easily.You can interact with networking applications such
as DNS, mail server, ftp, open network sockets etc.PHP also has a great number of functions that will
secure sensitive website data (i.e. encryptions,hash functions, etc.)
PHP regular expression is useful for complex datavalidation