error);"> error);">

Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.

Published byRandell Richardson Modified over 8 years ago

Similar presentations

Presentation on theme: "Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data."— Presentation transcript:

1 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data we are expecting to deal with The output of the data reader PHP script The code to build a dynamic SQL database The code to read values from a database

2 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Table: tblUsers Fields: – id, an “auto-increment” integer – userSurname, text – userForename, text – userPassword, text Note that passwords are normally stored in an encrypted form (more in later lectures) DB Structure

3 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data The PHP/SQL to create the table // Creates the table if it isn't already there. You may prefer to build // tables by hand using the management GUI (e.g. phpMyAdmin) $query = 'CREATE TABLE IF NOT EXISTS tblUsers ( id INT NOT NULL AUTO_INCREMENT, userSurname VARCHAR(30), userForename VARCHAR(30), userPassword VARCHAR(30), PRIMARY KEY(id) )'; $ mysqli->query ($ query) or die("Could not create table: ". $ mysqli->error);

4 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data The data set we are using Example data Small selection of names and passwords But no repeated surnames – not such good test data Hard to design “realistic” data

5 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Simple Search Page The user can type in a surname, a forename, then specify the type of search The interface allows for a “wildcard” character, the asterisk sign % % matches any text % is built into SQL % used in PHP, * used in Access queries

6 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Example Output Read A DB Example Search Results Running the SQL command: SELECT * FROM tblUsers WHERE userSurname LIKE 'suarez' OR userForename LIKE 'jason' ORDER BY id ASC; 492: Linda Suarez; pwd=[fr0d0ba991n5] 921: Jason Imtiaz; pwd=[maskmypony]

7 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Example Output Read A DB Example Search Results Running the SQL command: SELECT * FROM tblUsers WHERE userSurname LIKE 's%' OR userForename LIKE 'j%' ORDER BY id ASC; 90: Luis Sanchez; pwd=[alhambra] 492: Linda Suarez; pwd=[fr0d0ba991n5] 921: Jason Imtiaz; pwd=[maskmypony]

8 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Example Output Read A DB Example Search Results Running the SQL command: SELECT * FROM tblUsers WHERE userSurname LIKE ‘%i%' AND userForename LIKE ‘%i%'; 911: Toni Collins; pwd=[swissair] 901: Wilbur Harris; pwd=[wilburharris]

9 The Code, #1 <?php// ReadDB example code // gets data from form, may be an empty string if(isset($_REQUEST["ReadDBsearch"])) { $sUserSurname = $_REQUEST["txtUserSurname"]; $sUserForename = $_REQUEST["txtUserForename"]; $sBoolean = $_REQUEST["radioLogic"]; } else// shows the REQUEST fields and server variables {phpInfo(32);// useful when testing, NOT published site! die("We don't seem to be running the right web form..."); }

10 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data The Code, #2 // --------------------------------------------------- // // checks to see if all strings are empty, // if so we just go back to the search page if( strlen($sUserSurname) + strlen($sUserForename) == 0 ) {header("Location: ReadDB.htm"); }

11 The Code, #3 Read A DB Example Read A DB Example Search Results

12 The Code, #4 <?php //=====================================// // Database Section //=====================================// // Connects to a MySQL server $id= 'xy123456'; $mysqli = new mysqli("web.fcet.staffs.ac.uk", $id, $id, $id); $sSQL= "SELECT * FROM tblUsers WHERE userSurname LIKE '$sUserSurname' $sBoolean userForename LIKE '$sUserForename' ORDER BY id ASC;"; echo "Running the SQL command: $sSQL "; // searches the DB $rsMain = $mysqli->query( $sSQL );

13 The Code, #5 //=====================================// // Outputs all the selected fields in table "tblUsers", // processes each record until we reach end of recordset while($row = $rsMain->fetch_assoc()) {$sSurname = $row["userSurname"]; $sForename = $row["userForename"]; $sPassword = $row["userPassword"]; $nID = $row["id"]; // prints each of the fields print "$nID: $sForename $sSurname; pwd=[$sPassword] \n"; }

14 The Code, #6 //=====================================// // frees up resources $rsMain = null; $mysqli->close(); ?>

15 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Search Script Steps So the search software takes the form data, Connects to the database, Reads only the interesting records, Holds data in a recordset, Reads the data from each of the fields, Writes information out to the user, Moves on to the next record.

16 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Some notes and comments The user interface for searching is poor – relies on knowing the “ste%en” approach to match “Steven” or “Stephen” (or “stellar alien”!) There are serious security holes in the way the SQL is built What if this script is run from a different form? The field “radioLogic” is inserted directly into the SQL command… could contain ANY commands! More secure if we use “prepared statements”prepared statements

17 Nic Shulver, N.A.Shulver@staffs.ac.uk Retrieving Stored Data Conclusion The database, script and HTML interface page are available for download The script is only 80 lines long (so pretty short) and really needs more error trapping The SQL, database and output are all pretty simple But putting it all together in a working script isn’t so easy

Download ppt "Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data."

Similar presentations

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizards Guide to PHP by David Lash.

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizards Guide to PHP by David Lash.
Nic Shulver, Introduction to SQL Topics covered Structured Query Language What can it do? Advantages of SQL Why bother with SQL?

Nic Shulver, Introduction to SQL Topics covered Structured Query Language What can it do? Advantages of SQL Why bother with SQL?
PHP (2) – Functions, Arrays, Databases, email and sessions.

PHP (2) – Functions, Arrays, Databases, and sessions.
Manipulating MySQL Databases with PHP. PHP and mySQL2 Objectives Connect to MySQL from PHP Learn how to handle MySQL errors Execute SQL statements with.

Manipulating MySQL Databases with PHP. PHP and mySQL2 Objectives Connect to MySQL from PHP Learn how to handle MySQL errors Execute SQL statements with.
1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)

1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)
SJSU CS157B Dr. Lee1  2004 Jenny Mitchell Two Useful Tools You Can’t Live Without by Jenny Mitchell SJSU CS157B Section 1 09-21-04 PHP and MySQL.

SJSU CS157B Dr. Lee1  2004 Jenny Mitchell Two Useful Tools You Can’t Live Without by Jenny Mitchell SJSU CS157B Section PHP and MySQL.
What is MySQL? MySQL is a database. The data in MySQL is stored in database objects called tables. A table is a collections of related data entries and.

What is MySQL? MySQL is a database. The data in MySQL is stored in database objects called tables. A table is a collections of related data entries and.
PHP1-1 PHP & SQL Xingquan (Hill) Zhu

PHP1-1 PHP & SQL Xingquan (Hill) Zhu
© Yanbu University College YANBU UNIVERSITY COLLEGE Management Science Department © Yanbu University College Module 6:WEB SERVER AND SERVER SIDE SCRPTING,

© Yanbu University College YANBU UNIVERSITY COLLEGE Management Science Department © Yanbu University College Module 6:WEB SERVER AND SERVER SIDE SCRPTING,
Advanced Web 2012 Lecture 4 Sean Costain 2012. PHP Sean Costain 2012 What is PHP? PHP is a widely-used general-purpose scripting language that is especially.

Advanced Web 2012 Lecture 4 Sean Costain PHP Sean Costain 2012 What is PHP? PHP is a widely-used general-purpose scripting language that is especially.
Databases with PHP A quick introduction. Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily 

Databases with PHP A quick introduction. Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily 
INFM 603: Information Technology and Organizational Context Jimmy Lin The iSchool University of Maryland Thursday, October 18, 2012 Session 7: PHP.

INFM 603: Information Technology and Organizational Context Jimmy Lin The iSchool University of Maryland Thursday, October 18, 2012 Session 7: PHP.
Session 5: Working with MySQL iNET Academy Open Source Web Development.

Session 5: Working with MySQL iNET Academy Open Source Web Development.
1 Chapter 8 – Working with Databases spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science and Technology.

1 Chapter 8 – Working with Databases spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science and Technology.
Slide 8-1 CHAPTER 8 Using Databases with PHP Scripts: Using MySQL Database with PHP.

Slide 8-1 CHAPTER 8 Using Databases with PHP Scripts: Using MySQL Database with PHP.
INTERNET APPLICATION DEVELOPMENT For More visit:

INTERNET APPLICATION DEVELOPMENT For More visit:
Create an online booking system (login/registration)

Create an online booking system (login/registration)
Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.
Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.

Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.
INTERNET APPLICATION DEVELOPMENT PRACTICAL ON CONNECTING TO MYSQL.

INTERNET APPLICATION DEVELOPMENT PRACTICAL ON CONNECTING TO MYSQL.

Similar presentations

Ads by Google