Databases with PHP A quick introduction. Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily 

Slides:



Advertisements
Similar presentations
JQuery MessageBoard. Lets use jQuery and AJAX in combination with a database to update and retrieve information without refreshing the page. Here we will.
Advertisements

PHP II Interacting with Database Data. The whole idea of a database-driven website is to enable the content of the site to reside in a database, and to.
PHP Hypertext Preprocessor Information Systems 337 Prof. Harry Plantinga.
Keys, Referential Integrity and PHP One to Many on the Web.
Introduction The concept of “SQL Injection”
PHP and MySQL. Why Use a Database  Easy access to data  Simultaneous access by multiple users is handled properly  Security - easy to control access.
PHP and MySQL Web Development tMyn1 PHP and MySQL Web Development When you install PHP, you can select from a number of extensions. The MySQL support in.
Website Development Working with MySQL. What you will achieve today! Connecting to mySql Creating tables in mySql Saving data on a server using mySql.
PHP & MySQL Mahak Arora Vivek Bangera. Outline How PHP works Basic scripting in PHP Forms in PHP(GET & POST Variables) SQL basics PHP and MySQL connection.
1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)
SJSU CS157B Dr. Lee1  2004 Jenny Mitchell Two Useful Tools You Can’t Live Without by Jenny Mitchell SJSU CS157B Section PHP and MySQL.
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
1 Introduction to PHP. 2 What is this “PHP” thing? Official description: “PHP, which stands for "PHP: Hypertext Preprocessor" is a widely-used Open Source.
SQL | PHP Tutorial at 8am. god, it’s early.. SQL intro There are many different versions of SQL available for usage. Oracle MySQL SQLite DB2 Mimer The.
Advanced Web 2012 Lecture 4 Sean Costain PHP Sean Costain 2012 What is PHP? PHP is a widely-used general-purpose scripting language that is especially.
MySQL in PHP – Page 1 of 17CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: MySQL in PHP Reading: Williams &
INTERNET APPLICATION DEVELOPMENT For More visit:
Introduction to InfoSec – Recitation 7 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.
PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.
INTERNET APPLICATION DEVELOPMENT For More visit:
In the next lectures you will learn  What is SQL  How to access mySQL database  How to create a basic mySQL database  How to use some basic queries.
MySQL + PHP.  Introduction Before you actually start building your database scripts, you must have a database to place information into and read it from.
NMED 3850 A Advanced Online Design January 26, 2010 V. Mahadevan.
Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.
Nael Alian Introduction to PHP
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
PHP meets MySQL.
Chapter 7 Working with Databases and MySQL PHP Programming with MySQL 2 nd Edition.
_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.
SQL pepper. Why SQL File I/O is a great deal of code Optimal file organization and indexing is critical and a great deal of code and theory implementation.
Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.
Introduction to MySQL Lab no. 10 Advance Database Management System.
PHP MySQL Introduction. MySQL is the most popular open-source database system. What is MySQL? MySQL is a database. The data in MySQL is stored in database.
SQL pepper. Why SQL File I/O is a great deal of code Optimal file organization and indexing is critical and a great deal of code and theory implementation.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
PHP Part 2.
1. Connecting database from PHP 2. Sending query 3. Fetching data 4. Persistent connections 5. Best practices.
(Chapter 10 continued) Our examples feature MySQL as the database engine. It's open source and free. It's fully featured. And it's platform independent.
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
Forms and Server Side Includes. What are Forms? Forms are used to get user input We’ve all used them before. For example, ever had to sign up for courses.
M1G Introduction to Database Development 2. Creating a Database.
1.  Writing snippets of code that try to use methods (functions) from your program.  Each snippet should test one (and only one) function......by calling.
Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.
Most information comes from Chapter 3, MySQL Tutorial: 1 MySQL: Part.
M1G Introduction to Database Development 5. Doing more with queries.
Just a Little PHP Programming PHP on the Server. Common Programming Language Features Comments Data Types Variable Declarations Expressions Flow of Control.
Enterprise PHP – Reading Data from a DB Reading Data from a relational database in PHP Nic Shulver, FCES, Staffordshire University Using the SQLi interface.
NMD202 Web Scripting Week5. What we will cover today PHP & MySQL Displaying Dynamic Pages Exercises Modifying Data PHP Exercises Assignment 1.
Creating a simple database This shows you how to set up a database using PHPMyAdmin (installed with WAMP)
Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett.
Chapter 8 Manipulating MySQL Databases with PHP PHP Programming with MySQL 2 nd Edition.
Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.
Secure Authentication. SQL Injection Many web developers are unaware of how SQL queries can be tampered with SQL queries are able to circumvent access.
BIT 115: Introduction To Programming Professor: Dr. Baba Kofi Weusijana (say Doc-tor Way-oo-see-jah-nah, Doc-tor, or Bah-bah)
1 CSC160 Chapter 1: Introduction to JavaScript Chapter 2: Placing JavaScript in an HTML File.
SQL pepper. Why SQL File I/O is a great deal of code Optimal file organization and indexing is critical and a great deal of code and theory implementation.
Radoslav Georgiev Telerik Corporation
Databases.
Unix System Administration
Introduction to MySQL.
Unix System Administration
Storing Images Connect to the server using the correct username and password. $conn = mysql_connect(“yourserver”, “joeuser”, “yourpass”); Create the database.
Web Systems Development (CSC-215)
Chapter 8 Working with Databases and MySQL
Conditions and Ifs BIS1523 – Lecture 8.
PHP: Security issues FdSc Module 109 Server side scripting and
Tutorial 6 PHP & MySQL Li Xu
Presentation transcript:

Databases with PHP A quick introduction

Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily  LIMIT, ORDER, WHERE, GROUP BY  It has a nice Structured Query Language  You’ve learned all of this before You’ve done PostgreSQL  MySQL doesn’t differ in SQL syntax  Slight differences when creating new users and selecting active databases

What is this lecture then?  How to convert your existing SQL knowledge into PHP  How to use that to make something interesting

Here’s stuff I prepared earlier  There is some PHP/HTML relating to the visual parts of the page. I will not cover that, unless there is time at the end  There is some CSS, again I’ll leave that to the end  The PHP relating to the logic is in a separate file, I will show you how to create that. Roadmap  Make a database  When people type into the box and hit enter we need to  Connect to the database  Insert the data into the table  When people view the page we need to  Connect to the database  Grab the last 25 comments, ordered by the time they are posted

How to create the database date Wed Mar 16 13:58:58 UTC 2011 mysql -uroot -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 45 Server version: ubuntu12 (Ubuntu) Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database gw; Query OK, 1 row affected (0.01 sec) mysql> use gw; Database changed mysql> create table comments (id INT AUTO_INCREMENT PRIMARY KEY, time TIMESTAMP, val TEXT (255)); Query OK, 0 rows affected (0.03 sec) mysql> grant all on gw.* to identified by 'somepassword'; Query OK, 0 rows affected (0.12 sec) mysql> quit; Bye date Wed Mar 16 13:59:34 UTC 2011 Delivery in 39 seconds or its free

Connect to the database from PHP  When we execute queries later, PHP needs to know where the database server is and how to log into it  If you only have one database connection (normal) you can forget about the returned connection handle  resource mysql_connect(“servername”,”username”,”password”);  This makes PHP remember that mysql calls must go through that connection  Automatically flushed and closed cleanly Select the correct database  You are now connected to the database server but not yet to your actual database  Need to choose the database (like “use gw;” when creating the database)  bool mysql_select_db(“databasename”);  Returns true on success, false otherwise

Execute arbitrary SQL  You know how to do everything else in SQL, reuse that knowledge!  resource mysql_query(“SQL query string”);  The returned value might be a boolean  If an error then false, if success but not a fetching type of query then true  Or it might be a handle to the result set  Which could be empty  You can then fetch individual rows  array mysql_fetch_assoc($myResultSet);  mysql_fetch_assoc will return false if there are no more rows  while($row = mysql_fetch_assoc($resultSet)) { //Per row code }  The ‘assoc’ part is for ‘associative array’. You access a column by its name like $row[“columnA”]

That’s all we need Any questions on SQL syntax? You should know how to do the following:  SELECT rows from a table WHERE they meet certain criteria  ORDER the returned rows  LIMIT the number of rows returned  GROUP BY is cool, but you probably won’t really need it for the project Are we missing anything?

YES! SECURITY  Barry and other people like him will have his way with your ponies if you are not careful  w3schools puts up a really insecure example in their tutorial, NEVER EVER DO THIS:

Yeah but all that protection stuff kills the mood  Not so, its quick and easy. You have one function which will magically create a locale specific super ultra protection filter and run it on your input:  $input = “Barry says \”;DROP DATABASE ponies;--”; $safe = mysql_real_escape_string($input);  It doesn’t even matter if your database server is CHINESE, it will connect to it and ask it which characters are dangerous  This is why its called _real_ (it doesn’t play around)  Always use it! Keep it in your wallet  Don’t use the old mysql_escape_string(); it has expired and will break when you need it most

OK, so back to the chat thing… index.php

And the part that talks to MySQL logic.php

Tada!  Head over to ten.xd-bx.net and abuse it  Did you know you can embed HTML and JavaScript into your post? You could actually do some pretty cool/nasty things  The annoying refresh every 30 seconds can only be fixed with a splash of AJAX, someone else is lecturing that

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.