chap6. using php and mysql
Post on 01-Jun-2018
234 Views
Preview:
TRANSCRIPT
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 1/52
Chap 5. Using PHP andMySQL
Week 7 (27- February 2!"2#
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 2/52
Using PHP and MySQL
". C$nne%&ing &$ MySQL and se'e%&ing&he da&abase
2. )e%u&ing Si*p'e Queries
+. ,e&rieing Query ,esu'&s
. nsuring Se%ure SQL
5.
C$un&ing ,e&urned ,e%$rds/. Upda&ing ,e%$rds 0i&h PHP
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 3/52
1. Connecting to MySQL &
Selecting the database
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 4/52
C$nne%&ing &$ MySQL
Use mysql_connect() 1un%&i$n &$ %$nne%&&$ MySQL serer
$dbc = mysql_connect ($host, $user,
$password); he argu*en&s sen& &$ &he 1un%&i$n (h$s&3userna*e 4 pass0$rd# are based up$n &heusers 4 prii'eges se& up 0i&hin &he *ys'
da&abase. C$**$n'y bu& n$& a'0ays3 &he h$s& &$spe%i1y 0i'' be localhost (na*ing adi11eren& h$s& 0i'' a''$0 y$u &$ %$nne%& &$
MySQL running $n di11eren& serer#
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 5/52
61 &he %$nne%&i$n 0as *ade3 &he $dbc ariab'e 0i'' be%$*e a re1eren%e p$in&1$r a'' $1 y$ur subseuen& da&abase
in&era%&i$ns.
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 6/52
Se'e%&ing &he a&abase
8n%e y$u hae %$nne%&ed &$ MySQL3 y$u0i'' need &$ se'e%& &he da&abase 0i&h 0hi%hy$u 0an& &$ 0$rk.
his is euia'en& $1 saying USEdatabasename 0i&hin &he *ys' %'ien& andis a%%$*p'ished 0i&h &he mysql_select_db() 1un%&i$n9
mysql_select_db($database_name); )er%ise9 $ %$nne%& 4 se'e%& a da&abase
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 7/52
C$nne%& &$ MySQL and se'e%& da&abase
he 1irs& s&ep 0hen dea'ing 0i&h MySQL isconnecting to the server. (PHPMySQL#
g 9
:db% ; mysql_connect(:h$s&3 :user3:pass0$rd#<
8n%e %$nne%&ed 3&he se%$nd s&ep is &$ choose the database 0i&h 0hi%h y$u 0an&
&$ 0$rk.
g9 mysql_select_db(:da&abase=na*e#<
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 8/52
a&abase %$nne%&ii&yin1$r*a&i$n
Se& &he da&abase h$s&3 userna*e3pass0$rd and da&abase na*e as%$ns&an&s
g 9define (‘!_"S#$% ‘'sername%)
define (‘!_*+SS,-$% ‘ass/ord%)
define (‘!_0-S% ‘localhost%)define (‘!_2+M#% ‘sitename%)
his is n$& an $b'iga&$ry bu& >us& 1$rse%uri&y reas$n.
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 9/52
rr$r Hand'ing
rr$r hand'ing is i*p$r&an& in anys%rip&.
When y$ur s%rip& dea's 0i&h
da&abase3 &he err$rs 0i'' in%reasedra*a&i%a''y.
C$**$n err$rs are 9
". Fai'ure in %$nne%&ing &$ a da&abase
2. Fai'ure in se'e%&ing a da&abase
+. 6nabi'i&y &$ run a uery
. ?$ resu'&s being re&urned by a uery
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 10/52
Use err$r hand'ing". Use &hese 1un%&i$ns in y$ur s%rip& &$ ge& in1$r*a&ie err$r rep$r& 9 mysql_error(
mysql_errno(
2. 3 surpresses any $rigina' PHP err$r *essages $r 0arnings &he 1un%&i$n *igh& in$ke.4 this revents the *0* error from being dislayed in the ,eb bro/ser (/hichis referred as the error /ill be handled by the 8, die(# cla'se
g 9
:db% ; 3 *ys'=%$nne%&(@=H8S3@=US,3@=PASSW8,# or
die (BC$u'd n$& %$nne%& &$ MySQL9 . mysql_error(#<
+. die( &er*ina&es &he e)e%u&i$n $1 a s%rip& and sends any *essage 0i&hin &he (# &$ &heWeb br$0ser.
g9
3 *ys'=se'e%&=db(@=?AM# $r die(BC$u'd n$& se'e%& a da&abase9 .*ys'=err$r(##<
Change the root to roots.Check the error in browserDelete the @ from the
scriptCheck the error in browser
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 11/525. #6ec'ting Simle Q'eries
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 12/52
)e%u&ing Si*p'e Queries
PHP 1un%&i$n 1$r e)e%u&ing a uery is mysql_query()
$result = mysql_query(query);
F$r si*p'e ueries 'ike 6?S,3 UPA3L3 e&% (/hich do not ret'rnrecords# &he $result ariab'e 0i'' be ei&her$"# $r 7+LS# depending up$n 0he&her
&he uery e)e%u&ed su%%ess1u''y
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 13/52
)e%u&ing Si*p'e Queries
F$r %$*p'e&e ueries &ha& do returnrecords (SLC3 SH8W3 SC,6@3DPLA6?#3 &he $result ariab'e 0i''
be a res$ur%e 'ink &$ &he resu'&s $1 &heuery i1 i& 0$rked $r be FALS i1 i& didn$&.
Use mysql_close() &$ %'$se &hee)is&ing MySQL %$nne%&i$n $n%ey$ue 1inished 0i&h i&.
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 14/52
)e%u&ing Si*p'e Queries
/ Mae the query!
$query = "#SE%& #&' users(rst_name, last_name, emal, password,re*straton_date) +-UES (.$n., .$ln.,
.$e., .$p., '() )";$result = 0mysql_query ($query); //
%un the query!
($result) 1 // # t ran '2!
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 15/52
$ e)e%u&e si*p'e ueries
". Crea&e ne0 PHP s%rip&
34php 5 re*ster!php
$pa*e_ttle = .%e*ster.;
nclude(.!/ncludes/header!html.);
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 16/52
$ e)e%u&e si*p'e ueries
2. Crea&e &he sub*issi$n %$ndi&i$na' andini&ia'iEe &he $errors array
// 6hec the orm has been
submtted! (sset($_7'S&8.submtted.9)) 1
$errors = array(); // #ntal:eerror array!
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 17/52
$ e)e%u&e si*p'e ueries
+. a'ida&e &he 1irs& na*e// 6hec or a rst name! (empty($_7'S&8.rst_name.9)) 1
$errors89 = .ou or*ot to enteryour rst name!.;< else 1
$n = trm($_7'S&8.rst_name.9);<
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 18/52
$ e)e%u&e si*p'e ueries
. a'ida&e &he 'as& na*e
5. a'ida&e &he e*ai' address
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 19/52
$ e)e%u&e si*p'e ueries
/. a'ida&e &he pass0$rd// 6hec or a password and match a*anst the conrmed password!
(empty($_7'S&8.password>.9)) 1 ($_7'S&8.password>.9 = $_7'S&8.password?.9) 1
$errors89 = .our password dd not match the conrmed password!.;
< else 1$p = trm($_7'S&8.password>.9);
<< else 1
$errors89 = .ou or*ot to enter your password!.;<
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 20/52
$ e)e%u&e si*p'e ueries
7. Che%k i1 i&s 8G &$ regis&er &he user
(empty($errors)) 1 // #e@erythn*.s oay!
. 61 &he sub*i&&ed da&a passed a'' $1 &he%$ndi&i$ns3 &his %$ndi&i$n 0i'' be ,U andi&s sa1e &$ pr$%eed.
. 61 n$&3 &hen &he appr$pria&e err$r *essagessh$u'd be prin&ed and &he user gienan$&her $pp$r&uni&y &$ regis&er.
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 21/52
$ e)e%u&e si*p'e ueries
. Add &he user &$ &he da&abase/ %e*ster the user n the database!
requre_once (.!!/mysql_connect!php.); //6onnect to the db!
// Mae the query!$query = "#SE%& #&' users (rst_name,last_name, emal, password, re*straton_date)
+-UES (.$n., .$ln., .$e., SA(.$p.), '() )";
$result = 0mysql_query ($query); // %un the
query!
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 22/52
$ e)e%u&e si*p'e ueries
I. ,ep$r& $n &he su%%ess $1 &heregis&ra&i$n
($result) 1 // # t ran '2!
echo .3h> d="manhead"B&hanyou3/h>B
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 23/52
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 24/52
$ e)e%u&e si*p'e ueries
"". 61 $result is FALS3 err$r *essages are prin&ed< else 1 // # t dd not run '2!
echo .3h> d="manhead"BSystem Error3/h>B 3p class="error"Bou could not be
re*stered due to a system error! e apolo*:e
or any ncon@enence!3/pB.; // 7ublc messa*e!echo .3pB. ! mysql_error() ! .3br /B3br/BDuery . ! $query ! .3/pB.; // Febu**n*
messa*e!nclude (.!/ncludes/ooter!html.);eCt();
<
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 25/52
$ e)e%u&e si*p'e ueries
"2. C'$se &he da&abase %$nne%&i$n
mysql_close(); // 6lose thedatabase connecton.
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 26/52
$ e)e%u&e si*p'e ueries
"+. Prin& $u& any err$r *essages and %'$se &he sub*i& %$ndi&i$na'.< else 1 // %eport the errors!
echo .3h> d="manhead"BError3/h>B 3p class="error"B&he ollown* error(s)
occurred3br /B.;oreach ($errors as $ms*) 1 // 7rnt each error!
echo " G $ms*3br /BHn";<echo .3/pB3pB7lease try a*an!3/pB3pB3br /B3/pB.;
<
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 27/52
)e%u&ing si*p'e ueries
8n%e %$nne%&ed &$ MySQL and se'e%&ed a da&abase3 y$u %an s&ar&per1$r*ing ueries.
PHP 1un%&i$n &$ e)e%u&e uery is mysql_q'ery( . g 9
8q'ery 9 :;2S#$ ;2- 'sers ('sername first_name
last_name email ass/ord registration_date <+L"#S(‘8'% ‘8fn% ‘8ln% ‘8e% ‘*+SS,-$(‘8%% 2-,(=) 8res'lt 9 mysql_q'ery(8q'ery)
;2S#$ "*+# #L##+L#$ > no ret'rn records(8res'lt is r'e if s'ccessf'l and 7alse if other/ise
S#L#CS0-,#SC$;!# > ret'rns records(8res'lt contains q'ery res'lts if s'ccessf'l and it is7alse if the q'ery doesn%t /or?
PHP 1un%&i$n &$ %'$se %$nne%&i$n is mysql_close( .
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 28/52
@. $etrieving Q'ery $es'lts
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 29/52
,e&rieing Query ,esu'&s
he pri*ary &$$' 1$r hand'ing S#L#Cuery resu'& is mysql_etch_array3 0hi%h &akes &he uery resu'& ariab'e
and re&urns $ne r$0 $1 da&a a& a&i*e3 in an array 1$r*a&.
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 30/52
,e&rieing Query ,esu'&s
J$u'' 0an& &$ use &his 1un%&i$n 0i&hin aloo &ha& 0i'' %$n&inue &$ a%%ess eeryre&urned r$0 as '$ng as &here are *$re &$
be read. whle ($row = mysql_etch_array ($result)) 1
// Fo somethn* wth $row
<
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 31/52
B%$n&K
he mysql_etch_array() 1un%&i$n&akes an $p&i$na' para*e&erspe%i1ying 0ha& &ype $1 array is
re&urned9 associative3 inde6ed $rboth.An associative array a''$0s y$u &$
re1er &$ %$'u*n a'ues by name3
0hereas an inde6ed array reuiresy$u &$ use $n'y n'mbers (s&ar&ing a&! 1$r &he 1irs& %$'u*n re&urned.
$etrieving Q'ery $es'lts
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 32/52
B%$n&K
$etrieving Q'ery $es'lts
mysql_etch_array()Constants
Constant Example
MYSQL_ASSOC $row8IcolumnJ9
MYSQL_NUM $row8K9
MYSQL_BOTH $row8K9 or $row8IcolumnJ9
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 33/52
B%$n&K
MSD-_UM is *argina''y 1as&er (and use'ess *e*$ry# &han $&her $p&i$ns.
C$nerse'y3 MSD-_SS'6 is *$re spe%i1i%
$row8IcolumnJ9 rather than $row8L9and 0i'' %$n&inue &$ 0$rk een i1 &he &ab'es&ru%&ure $r uery %hanges.
$etrieving Q'ery $es'lts
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 34/52
mysql_ree_result()
An $p&i$na' s&ep &$ &ake 0hen using mysql_etch_array &$ 1ree up &he ueryresu'& res$ur%es is by using
mysql_ree_result(). his 'ine re*$es &he $erhead (*e*$ry#
&aken by $result. 6&s an $p&i$na' s&ep sin%e PHP 0i''
au&$*a&i%a''y 1ree up &he res$ur%es a& &heend $1 &he s%rip&.
$etrieving Q'ery $es'lts
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 35/52
$ re&riee uery resu'&s
". Crea&e a ne0 PHP d$%u*en& (ie0=users.php#
2. C$nne%& &$ and uery &he da&abase
$query = "SE-E6& 6'6&(last_name, .,., rst_name) S name,F&E_'%M&(re*straton_date, .NMNd, N.) S dr %'M users '%FE% Ore*straton_date S6";
$result = 0mysql_query ($query); // %unthe query!
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 36/52
$ re&riee uery resu'&s
+. isp'ay &he uery resu'&secho .3table al*n="center" cellspacn*="K" cellpaddn*="P"B
3trB3td al*n="let"B3bBame3/bB3/tdB3td al*n="let"B3bBFate%e*stered3/bB3/tdB3/trB
.;
// etch and prnt all the records!
whle ($row = mysql_etch_array($result, MSD-_SS'6)) 1echo .3trB3td al*n="let"B. ! $row8.name.9 ! .3/tdB3td
al*n="let"B. ! $row8.dr.9 ! .3/tdB3/trB .;
<
echo .3/tableB.;
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 37/52
$ re&riee uery resu'&s
. Free up &he uery res$ur%es
mysql_ree_result ($result); //ree up the resources!
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 38/52
$ re&riee uery resu'&s
5. C$*p'e&e &he %$ndi&i$na'
/. C'$se &he da&abase %$nne%&i$n
7. Sae &he 1i'e as @ew_users!php3up'$ad &$ 0eb serer and &es& inbr$0ser
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 39/52
A. #ns'ring Sec're SQL
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 40/52
Se%uri&y
5 obBectives in database sec'rity (/ith resect to*0*1. *rotect database access information
5. !eing ca'tio's /hen inserting data into the database
1st obBective is accomlished by..*'t the MySQL connection scrit o'tside of the ,ebdirectory so it is never vie/able thro'gh the /ebbro/ser.
5nd
obBective is accomlished by..1. "se 8_*-S array instead of global var
5. "se reg'lar e6ression (Chat D
@. "se msql_real_escae_string(
#g 8data 9 mysql_real_escae_string(8data) EEaddslashes..
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 41/52
nsuring Se%ure SQL
*rotect the database access information req'ire_once( MySQL connection scrit
not vie/able thr' ,eb bro/serF
Ca'tio's /hen r'nning q'eries1. "se 8_*-S instead of 8$#Q"#S
5. ata validation
;s it a roer tyeG. String or n'mberGG
@. mysql_real_escae_string(
+'tomatically escae roblematiccharacters in te6t entered in forms
,0HGGG. Q'otation mar? /ill create errors in yo'r SQL
commands
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 42/52
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 43/52
*ys'=rea'=es%ape=s&ring(#<
he es%ape=da&a(# 1un%&i$n 0i'' &ake as&ring3 &ri* any e)&ra spa%es 1r$* i&
App'y &he *ys'=rea'=es%ape=s&ring(#
1un%&i$n &$ i&3 and &hen re&urn &heresu'&s
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 44/52
Crea&e a 1un%&i$n 1$r es%aping &he da&a
1un%&i$n es%ape=da&a(:da&a#
g'$ba' :db%< need a %$nne%&i$n
i1(ini=ge&(N*agi%=u$&es=gp%N##
:da&a ; s&rips'ashes(:da&a#<
Ore&urn *ys'=rea'=es%ape=s&ring(&ri*(:da&a#3
:db%#<
O
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 45/52
I. Co'nting $et'rned $ecords
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 46/52
C$un&ing ,e&urned ,e%$rds
he 1un%&i$n &ha& returns thenumber of rows retrieved by aSL!T query is9
mysql_num_rows()
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 47/52
C$un&ing ,e&urned ,e%$rds
". 8pen ie0=users.php
2. @e1$re &he i1 (:resu'&# %$ndi&i$na'3add &his 'ine
$result = 0mysql_query($query); // %un the query!
$num = mysql_num_rows($result);
($num B K) 1 // # t ran '2,dsplay the records!
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 48/52
C$un&ing ,e&urned ,e%$rds
+. Change &he $rigina' $result %$ndi&i$na' &$ ($num B K) 1
. Prin& $u& &he nu*ber $1 regis&ered
userecho "3pB&here are currently $num
re*stered users!3/pBHn";
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 49/52
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 50/52
J. "dating $ecords /ith *0*
d d h
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 51/52
Upda&ing ,e%$rds 0i&h PHP
$ upda&e da&abase re%$rds 0i&h PHP s%rip&reuires use $1 UPA uery3 and i&ssu%%ess1u' e)e%u&i$n %a be eri1ied 0i&h PHPs
mysql_aected_rows() 1un%&i$n.
Whi'e mysql_num_rows() re&urn &he nu*ber$1 r$0s genera&ed by a SLC uery3
mysql_aected_rows() re&urns &he nu*ber$1 r$0s a11e%&ed by an 6?S,3 UPA $r
L uery.$num = mysql_aected_rows($dbc)
S
8/9/2019 Chap6. Using PHP and MySQL
http://slidepdf.com/reader/full/chap6-using-php-and-mysql 52/52
Su**ary
mysql_connect()9 $ %$nne%& &$ MySQL mysql_select_db() 9 $ se'e%& da&abase mysql_query()9 )e%u&ing Si*p'e Queries mysql_close()9 $ %'$se &he e)is&ing MySQL
%$nne%&i$n
mysql_etch_array()9 $ re&riee uery resu'&s mysql_assoc9 ass$%ia&ie arrays mysql_num 9 inde)ed arrays mysql_both9 b$&h arrays3 ass$%ia&ie 4 inde)ed arrays
mysql_ree_result()9 $ 1ree up &he uery resu'&
res$ur%es mysql_num_rows()9 $ %$un& re&urn re%$rds
top related