Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP & MySQL.

Slides:



Advertisements
Similar presentations
PHP II Interacting with Database Data. The whole idea of a database-driven website is to enable the content of the site to reside in a database, and to.
Advertisements

PHP and MySQL Database. Connecting to MySQL Note: you need to make sure that you have MySQL software properly installed on your computer before you attempt.
Web Database Programming Connecting Database to Web.
PHP Week 11 INFM 603. Thinking About PHP Local vs. Web-server-based display HTML as an indirect display mechanism “View Source” for debugging –But not.
Manipulating MySQL Databases with PHP. PHP and mySQL2 Objectives Connect to MySQL from PHP Learn how to handle MySQL errors Execute SQL statements with.
Objectives Connect to MySQL from PHP
MySQL and PHP By Trevor Adams.
Intermediate PHP & MySQL
PHP and MySQL Web Development tMyn1 PHP and MySQL Web Development When you install PHP, you can select from a number of extensions. The MySQL support in.
Website Development Working with MySQL. What you will achieve today! Connecting to mySql Creating tables in mySql Saving data on a server using mySql.
PHP Scripts HTML Forms Two-tier Software Architecture PHP Tools.
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
Application Development Description and exemplification of server-side scripting language for server connection, database selection, execution of SQL queries.
Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition
What is MySQL? MySQL is a database. The data in MySQL is stored in database objects called tables. A table is a collections of related data entries and.
© Yanbu University College YANBU UNIVERSITY COLLEGE Management Science Department © Yanbu University College Module 6:WEB SERVER AND SERVER SIDE SCRPTING,
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
MySQL in PHP – Page 1 of 17CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: MySQL in PHP Reading: Williams &
INTERNET APPLICATION DEVELOPMENT For More visit:
PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.
PHP – MySQL Extensions. Table used in most examples CREATE TABLE product ( rowID INT NOT NULL AUTO_INCREMENT, productid VARCHAR(8) NOT NULL, name VARCHAR(25)
INTERNET APPLICATION DEVELOPMENT PRACTICAL ON CONNECTING TO MYSQL.
1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.
NMED 3850 A Advanced Online Design January 26, 2010 V. Mahadevan.
_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.
_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.
15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.
Introduction to MySQL Lab no. 10 Advance Database Management System.
PHP MySQL Introduction. MySQL is the most popular open-source database system. What is MySQL? MySQL is a database. The data in MySQL is stored in database.
PHP MySQL. SQL: Tables CREATE TABLE tablename { fieldname type(length) extra info,... } Extra info: –NULL (allows nulls in this field) –Not NULL (null.
Creating Dynamic Web Pages Using PHP and MySQL CS 320.
School of Computing and Information Systems CS 371 Web Application Programming PHP – Forms, Cookies, Sessions and Database.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
Lec_6 Manipulating MySQL Databases with PHP PHP Programming with MySQL.
Chapter 6 PHP Interacts with Mysql Database. Introduction In PHP, there is no consolidated interface. Instead, a set of library functions are provided.
SYST Web Technologies SYST Web Technologies Databases & MySQL.
1. Connecting database from PHP 2. Sending query 3. Fetching data 4. Persistent connections 5. Best practices.
Lecture 10 – MYSQL and PHP (Part 2)
Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting MySQL – Selecting Data.
Database Access with PHP and MySQL CS356 Examples from Web Database Applications, by Hugh E. Williams & David Lane, O'Reilly, 2002.
Web-Based Database Programming with PHP. Dept. of Computing Science, University of Aberdeen2 In this lecture you will learn PHP Basics PHP functions –To.
Session 7: Getting PHP to Talk to MySQL. Objectives Connecting to the Database Building & Executing the SQL SELECT Query Fetching & Displaying the data.
CHAPTER 9 PHP AND MYSQL. A POSSIBLE SITE CONFIGURATION Application Folder index.php includes (folder)header.phpfooter.phpstyle.cssmodel (folder)mysqli_connect.php.
HTML, PHP, and MySQL: Putting It All Together. Making a Form Input tags Types: “text” “radio” “checkboxes” “submit”
CISC 3140 (CIS 20.2) Design & Implementation of Software Application II Instructor : M. Meyer Address: Course Page:
Intro to DatabasesClass 4 SQL REVIEW To talk to the database, you have to use SQL SQL is used by many databases, not just MySQL. SQL stands for Structured.
Creating PHPs to Insert, Update, and Delete Data CS 320.
PHP Week 8 INFM 603. Agenda Questions PHP Drupal Project Plan.
PHP PHP: Hypertext Preprocesor Personal Home Page Tools.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting MySQL – Inserting Data.
PHP Database connectivity Connecting with RDBMS and editing, adding, and deleting databases therein are all done through PHP functions.
PHP Database Processing CIS 1715 Web Technologies.
Controlling Web Site Access Using Logins CS 320. Basic Approach HTML form a php page that collects the username and password  Sends them to second PHP.
Module Review Basic SQL commands: Create Database, Create Table, Insert and Select 2. Connect an SQL Database to PHP 3. Execute SQL Commands in.
NMD202 Web Scripting Week5. What we will cover today PHP & MySQL Displaying Dynamic Pages Exercises Modifying Data PHP Exercises Assignment 1.
Creating a simple database This shows you how to set up a database using PHPMyAdmin (installed with WAMP)
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
Chapter 8 Manipulating MySQL Databases with PHP PHP Programming with MySQL 2 nd Edition.
CSC 2720 Building Web Applications Accessing MySQL from PHP.
1 PHP and MySQL Web Development When you install PHP, you can select from a number of extensions. The MySQL support in PHP consists of a number of functions.
Open Source Server Side Scripting Permissions & Users
PHP Functions Besides the built-in PHP functions, we can create our own functions. A function is a block of statements that can be used repeatedly in.
Chapter 19 PHP Part III Credits: Parts of the slides are based on slides created by textbook authors, P.J. Deitel and H. M. Deitel by Prentice Hall ©
Introduction to Web programming
ISC440: Web Programming 2 Server-side Scripting PHP 3
Erasmus Exchange in Ionian University
Web Programming– UFCFB Lecture
Introduction to Web programming
Presentation transcript:

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP & MySQL

Open Source Server Side Scripting 2 ECA 236 show source  show_source( ) or highlight_file( )  takes one parameter, the path to a.php filename  prints a colored, highlighted version of the code in the browser  CAUTION: do not reveal sensitive information <?php highlight_file( name_of_file ); ?>

Open Source Server Side Scripting 3 ECA 236 web database architecture  steps when a user accesses webpage/database  browser sends HTTP request to server  web server passes PHP code to PHP engine  PHP engine parses the script  PHP engine finds command to open database connection  PHP opens connection to MySQL server ( local )  MySQL receives query, checks users and privileges, processes query, returns results  PHP engine finishes parsing script  web server passes HTML to browser

Open Source Server Side Scripting 4 ECA 236 PHP & MySQL  basic steps to query a database from the web  check and filter data entered by user  connect to appropriate database  query the database  retrieve the results  present the results back to the user  we will use the sitename database

Open Source Server Side Scripting 5 ECA 236 connect to MySQL server  mysql_connect( )  connects to server  prototype  optional arguments  host  username  password $reference = mysql_connect( ‘host’, ‘user’, ‘password’ );

Open Source Server Side Scripting 6 ECA 236 connect to MySQL server cont …  mysql_connect( )  host is usually “localhost”  connection to MySQL from local server  user will have only privileges granted in mysql database  if a connection is made, a link identifier is returned, with which we can reference the open connection $dbc = mysql_connect( ‘localhost’, ‘Web_User’, ‘my1230’ );

Open Source Server Side Scripting 7 ECA 236 specify database  once a connection has been established, you must identify a particular database to use  similar to using the use keyword in the mysql monitor  mysql_select_db( )  Syntax mysql_select_db( ‘database_name’, link_identifier ); mysql_select_db( ‘sitename’, $dbc );

Open Source Server Side Scripting 8 ECA 236 security  set the host, username, password, and database name to variables or CONSTANTS, save in a separate file, include this file in the script  save with a.php extension  to include or require file define( ‘DB_USER’, ‘Web_User’ ); define( ‘DB_PW’, ‘my1230’ ); define( ‘DB_HOST’, ‘localhost’ ); define( ‘DB_NAME’, ‘sitename’ ); require( ‘db_params.php’ );

Open Source Server Side Scripting 9 ECA 236 security cont …  connect to MySQL with the following  test the connection from the server ( Xitami )  if it works a blank page will load  otherwise errors will display  the same values we used in the mysql monitor should work in the PHP scripts $dbc = mysql_connect( DB_HOST, DB_USER, DB_PW ); mysql_select_db( DB_NAME );

Open Source Server Side Scripting 10 ECA 236 error handling  even more important when connecting to a database  probability for errors increases  Common errors  failure to connect to the database server  failure to select a database  inability to run a query  no results returned

Open Source Server Side Scripting 11 ECA 236 error handling cont …  PHP functions to handle MySQL errors  mysql_errno( )  returns the error number  mysql_error( )  returns the textual version of the error  to handle errors gracefully sign to suppress error messages  die( ) function $dbc DB_HOST, DB_USER, DB_PW ) or die( 'Could not connect to MySQL: Error number '. mysql_errno( ). ': '. mysql_error( ) );

Open Source Server Side Scripting 12 ECA 236 simple query  after connection to the server, and selection of a database, we can now execute queries  Web_User has the following privileges  SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER, INDEX, FILE  mysql_query( )  function for executing queries  one parameter: the query

Open Source Server Side Scripting 13 ECA 236 simple query cont …  DO NOT place a semicolon inside your query  INSERT, UPDATE, DELETE  $result will be either TRUE or FALSE  SELECT  $result will contain the results of the query if successful  $result will be FALSE if query was unsuccessful $q = 'SELECT first_name, last_name AS n FROM users ORDER BY n'; $result = mysql_query( $q );

Open Source Server Side Scripting 14 ECA 236 close connection  mysql_close( )  one parameter, the link identifier  this function is not required, but it is good programming to do so mysql_close( $dbc );

Open Source Server Side Scripting 15 ECA 236 retrieving results  mysql_fetch_array( )  primary function for handling the rows returned from a SELECT query  returns each row as an indexed or associative array  two parameters  result of the query, $result in this example  CONSTANT identifying what kind of array to return

Open Source Server Side Scripting 16 ECA 236 retrieving results cont …  mysql_fetch_array( )  CONSTANTs CONSTANTEXAMPLE MYSQL_ASSOC$row[ ‘column_name’ ] MYSQL_NUM$row[ 0 ] MYSQL_BOTH$row[ 0 ] or $row[ ‘column_name’ ]

Open Source Server Side Scripting 17 ECA 236 retrieving results cont …  mysql_fetch_array( )  returns one row of data at a time as an array  use within a loop that will run as long as rows are returned while( $row = mysql_fetch_array( $result, MYSQL_ASSOC) ) // do something }

Open Source Server Side Scripting 18 ECA 236 retrieving results cont …  mysql_fetch_array( )  return the first name, last name, and addresses of all users in sitename  alphabetize by last name $q = 'SELECT * FROM users ORDER BY last_name'; $result = mysql_query( $q ); while( $row = mysql_fetch_array( $result, MYSQL_ASSOC ) ){ echo $row['first_name']. " ". $row['last_name']. ": ". $row[' ']. " "; }

Open Source Server Side Scripting 19 ECA 236 retrieving results cont …  mysql_fetch_row( )  equivalent to mysql_fetch_array( $result, MYSQL_NUM ).  mysql_fetch_assoc( )  equivalent to mysql_fetch_array( $result, MYSQL_ASSOC)  when using associative arrays, the keys are case sensitive

Open Source Server Side Scripting 20 ECA 236 validate user input  if we have a form asking the user to input the following  first name  last name  address  username  password  confirm password

Open Source Server Side Scripting 21 ECA 236 validate user input cont …  earlier we had used the isset( ) function to check that a form element was not empty  we can do something similar with empty( )  empty( )  returns true if the variable  is zero  is empty  is NULL

Open Source Server Side Scripting 22 ECA 236 validate user input cont …  empty( )  we can use similar code to check that other variables are not empty if (empty($_POST['last_name'])) { $ln = FALSE; } else { $ln = $_POST['last_name']; }

Open Source Server Side Scripting 23 ECA 236 validate user input cont …  if all values test TRUE we can use an if statement  then add the user to the database if( $fn && $ln && $e && $u && $pw ){ $query = "INSERT INTO users (username, first_name, last_name, , password, registration_date) VALUES ('$u', '$fn', '$ln', '$e', PASSWORD('$p'), NOW( ) )"; $result ($query);

Open Source Server Side Scripting 24 ECA 236 validate user input cont …  let the user know that the data has been added if ($result) { echo ' You have been registered! '; } else { $message = ' You could not be registered due to a system error. We apologize for any inconvenience. '. mysql_error( ). ' '; }

Open Source Server Side Scripting 25 ECA 236 security  review of ways to validate user input  user superglobals to retrieve user input  use regular expressions to validate user input  trim( ) user input  use the function strip_tags( ) to remove HTML and PHP tags  use the function mysql_real_escape_string( ) to escape potentially troublesome characters

Open Source Server Side Scripting 26 ECA 236 mysql_real_escape_string( )  mysql_real_escape_string( )  automatically escapes special character, such as single and double quotes, for use in a SQL statement  for example  a user enters data with an apostrophe, such as the last name O’Malley  without escaping the apostrophe, using O’Malley in a SQL statement will throw an error

Open Source Server Side Scripting 27 ECA 236 mysql_real_escape_string( ) cont …  rather than pulling the value from a for using escape any potentially troublesome characters  returns the value as $ln = $_POST['last_name']; $ln = mysql_real_escape_string( $_POST['last_name'] ); O\’Malley

Open Source Server Side Scripting 28 ECA 236 stripslashes( )  if necessary, remove the escaping backslashes with another function, stripslashes( ) echoes  Magic Quotes  when enabled, automatically escapes single and double quotes Is your name Shaun O’Malley? $str = “Is your name Shaun O\’Malley?”; echo stripslashes( $str );

Open Source Server Side Scripting 29 ECA 236 mysql_num_rows( )  mysql_num_rows( )  returns the number of rows retrieved by a SELECT query  takes one parameter, the result set of the SELECT query $q = 'SELECT last_name FROM users ORDER BY last_name'; $result = mysql_query( $q ); echo $n = mysql_num_rows( $result );

Open Source Server Side Scripting 30 ECA 236 mysql_num_rows( ) cont …  a simple test to see if a username already exists $q = “SELECT user_id FROM users WHERE username = ‘$u’ ”; $result = mysql_query( $q ); if( mysql_num_rows( $result ) = = 0 ) { // insert the data } else { echo “That username is already taken.”; }

Open Source Server Side Scripting 31 ECA 236 mysql_affected_rows( )  mysql_affected_rows( )  returns the number of rows affected by INSERT, UPDATE, or DELETE query  takes one OPTIONAL parameter, the result set of the query  if no parameter is specified, uses previous query $query = "INSERT INTO users (username, first_name, last_name, , password, registration_date) VALUES ('$u', '$fn', '$ln', '$e', PASSWORD('$p'), NOW( ) )"; $result ($query); echo “Records inserted: “. mysql_affected_rows( );

Open Source Server Side Scripting 32 ECA 236 UPDATE  to allow a user to change her password  the first query returns the user_id if the username and password match data stored in the users table  to compare the user’s submitted password, re-encrypt it, then compare with the stored value  if the username and password match, exactly one record is returned  assign this record to the $row variable

Open Source Server Side Scripting 33 ECA 236 UPDATE cont …  check for username / password match, return record $query = "SELECT user_id FROM users WHERE (username='$u' AND password=PASSWORD('$p') )"; $result ($query); $num = mysql_num_rows ($result); if ($num == 1) { $row = mysql_fetch_array($result, MYSQL_NUM);

Open Source Server Side Scripting 34 ECA 236 UPDATE cont …  if the username and password match, update the database with a new query  verify the results of the query $query = "UPDATE users SET password=PASSWORD('$np') WHERE user_id=$row[0]"; $result ($query); // Run the query. if (mysql_affected_rows( ) == 1) { echo ' Your password has been changed. '; } } // end outer if

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.