Peachpit Press Visual QuickPro Guide PHP 6 and MySQL 5, For Dynamic WebSites (2008).pdf

VISUAL QUICKPRO GUIDE

AND M Y SQL 5

FOR DYNAMIC WEB SITES

Larry Ullman

Peachpit Press

PHP 6

Visual QuickPro Guide

PHP 6 and MySQL 5 for Dynamic Web Sites

Larry Ullman

Peachpit Press

1249 Eighth Street

Berkeley, CA 94710

510/524-2178

510/524-2221 (fax)

Find us on the Web at: www.peachpit.com

To report errors, please send a note to: errata@peachpit.com

Peachpit Press is a division of Pearson Education.

Editor: Rebecca Gulick

Copy Editor: Bob Campbell

Production Coordinator: Becky Winter

Compositors: Myrna Vladic, Jerry Ballew, and Rick Gordon

Indexer: Rebecca Plunkett

Cover Production: Louisa Adair

Technical Reviewer: Arpad Ray

Notice of rights

tronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the pub-

lisher. For information on getting permission for reprints and excerpts, contact permissions@peachpit.com.

Notice of liability

The information in this book is distributed on an “As Is” basis, without warranty. While every precaution

has been taken in the preparation of the book, neither the author nor Peachpit Press shall have any liability

to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indi-

rectly by the instructions contained in this book or by the computer software and hardware products

described in it.

Trademarks

MySQL is a registered trademark of MySQL AB in the United States and in other countries. Macintosh and

Mac OS X are registered trademarks of Apple Computer, Inc. Microsoft and Windows are registered trade-

marks of Microsoft Corporation. Other product names used in this book may be trademarks of their own

respective owners. Images of Web sites in this book are copyrighted by the original holders and are used

with their kind permission. This book is not officially endorsed by nor affiliated with any of the above com-

panies, including MySQL AB.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as

trademarks. Where those designations appear in this book, and Peachpit was aware of a trademark claim,

the designations appear as requested by the owner of the trademark. All other product names and services

identified throughout this book are used in editorial fashion only and for the benefit of such companies

with no intention of infringement of the trademark. No such use, or the use of any trade name, is intended

to convey endorsement or other affiliation with this book.

ISBN-13: 978-0-321-52599-4

ISBN-10: 0-321-52599-X

987654321

Printed and bound in the United States of America

Table of Contents

Introduction: ix

What Are Dynamic Web Sites? . . . . . . . . . . . . . . . . x

What You’ll Need . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi

About This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

Companion Web Site . . . . . . . . . . . . . . . . . . . . . . . . xix

Chapter 1: Introduction to PHP 1

Basic Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Sending Data to the

Web Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Writing Comments . . . . . . . . . . . . . . . . . . . . . . . . . . 10

What Are Variables? . . . . . . . . . . . . . . . . . . . . . . . . . 14

Introducing Strings . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Concatenating Strings . . . . . . . . . . . . . . . . . . . . . . . 21

Introducing Numbers . . . . . . . . . . . . . . . . . . . . . . . . 23

Introducing Constants . . . . . . . . . . . . . . . . . . . . . . . 27

Single vs. Double Quotation Marks . . . . . . . . . . . . 30

Chapter 2: Programming with PHP 33

Creating an HTML Form . . . . . . . . . . . . . . . . . . . . . 34

Handling an HTML Form . . . . . . . . . . . . . . . . . . . . 38

Conditionals and Operators . . . . . . . . . . . . . . . . . . 42

Validating Form Data . . . . . . . . . . . . . . . . . . . . . . . . 46

Introducing Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . 52

For and While Loops . . . . . . . . . . . . . . . . . . . . . . . . 70

Chapter 3: Creating Dynamic Web Sites 73

Including Multiple Files . . . . . . . . . . . . . . . . . . . . . . 74

Handling HTML Forms, Revisited . . . . . . . . . . . . . 84

Making Sticky Forms . . . . . . . . . . . . . . . . . . . . . . . . 89

Creating Your Own Functions . . . . . . . . . . . . . . . . 92

Chapter 4: Introduction to MySQL 107

Naming Database Elements . . . . . . . . . . . . . . . . . 108

Choosing Your Column Types . . . . . . . . . . . . . . . 110

Choosing Other Column Properties . . . . . . . . . . 114

Accessing MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Table of Contents

Chapter 5: Introduction to SQL 123

Creating Databases and Tables . . . . . . . . . . . . . . . 124

Inserting Records . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Selecting Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Using Conditionals . . . . . . . . . . . . . . . . . . . . . . . . . 133

Using LIKE and NOT LIKE . . . . . . . . . . . . . . . . . . 136

Sorting Query Results . . . . . . . . . . . . . . . . . . . . . . . 138

Limiting Query Results . . . . . . . . . . . . . . . . . . . . . 140

Updating Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Deleting Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Using Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Chapter 6: Advanced SQL and MySQL 157

Database Design . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

Performing Joins . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

Grouping Selected Results . . . . . . . . . . . . . . . . . . . 178

Creating Indexes . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

Using Different Table Types . . . . . . . . . . . . . . . . . 185

Performing FULLTEXT Searches . . . . . . . . . . . . 188

Performing Transactions . . . . . . . . . . . . . . . . . . . . 194

Chapter 7: Error Handling and Debugging 199

Error Types and Basic Debugging . . . . . . . . . . . . 200

Displaying PHP Errors . . . . . . . . . . . . . . . . . . . . . . 206

Adjusting Error Reporting in PHP . . . . . . . . . . . . 208

Creating Custom Error Handlers . . . . . . . . . . . . . 211

PHP Debugging Techniques . . . . . . . . . . . . . . . . . 216

SQL and MySQL Debugging Techniques . . . . . . 220

Chapter 8: Using PHP with MySQL 223

Modifying the Template . . . . . . . . . . . . . . . . . . . . . 224

Connecting to MySQL . . . . . . . . . . . . . . . . . . . . . . 226

Executing Simple Queries . . . . . . . . . . . . . . . . . . . 230

Retrieving Query Results . . . . . . . . . . . . . . . . . . . . 239

Ensuring Secure SQL . . . . . . . . . . . . . . . . . . . . . . . 243

Counting Returned Records . . . . . . . . . . . . . . . . . 249

Updating Records with PHP . . . . . . . . . . . . . . . . . 251

Chapter 9: Common Programming Techniques 259

Sending Values to a Script . . . . . . . . . . . . . . . . . . . 260

Using Hidden Form Inputs . . . . . . . . . . . . . . . . . . 264

Editing Existing Records . . . . . . . . . . . . . . . . . . . . 270

Paginating Query Results . . . . . . . . . . . . . . . . . . . . 277

Making Sortable Displays . . . . . . . . . . . . . . . . . . . 285

Table of Contents

Chapter 10: Web Application Development 291

Sending Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292

Date and Time Functions . . . . . . . . . . . . . . . . . . . 298

Handling File Uploads . . . . . . . . . . . . . . . . . . . . . . 302

PHP and JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . 315

Understanding HTTP Headers . . . . . . . . . . . . . . . 322

Chapter 11: Cookies and Sessions 327

Making a Login Page . . . . . . . . . . . . . . . . . . . . . . . 328

Making the Login Functions . . . . . . . . . . . . . . . . 331

Using Cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336

Using Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349

Improving Session Security . . . . . . . . . . . . . . . . . . 358

Chapter 12: Security Methods 361

Preventing Spam . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

Validating Data by Type . . . . . . . . . . . . . . . . . . . . . 369

Preventing XSS Attacks . . . . . . . . . . . . . . . . . . . . . 374

Preventing SQL Injection Attacks . . . . . . . . . . . . 377

Database Encryption . . . . . . . . . . . . . . . . . . . . . . . 383

Chapter 13: Perl-Compatible

Regular Expressions 389

Creating a Test Script . . . . . . . . . . . . . . . . . . . . . . . 390

Defining Simple Patterns . . . . . . . . . . . . . . . . . . . . 394

Using Quantifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . 397

Using Character Classes . . . . . . . . . . . . . . . . . . . . . 400

Finding All Matches . . . . . . . . . . . . . . . . . . . . . . . . 403

Using Modifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407

Matching and Replacing Patterns . . . . . . . . . . . . 409

Chapter 14: Making Universal Sites 413

Character Sets and Encoding . . . . . . . . . . . . . . . . 414

Creating Multilingual Web Pages . . . . . . . . . . . . . 416

Unicode in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420

Collation in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . 424

Transliteration in PHP . . . . . . . . . . . . . . . . . . . . . . 427

Languages and MySQL . . . . . . . . . . . . . . . . . . . . . 430

Time Zones and MySQL . . . . . . . . . . . . . . . . . . . . 434

Working with Locales . . . . . . . . . . . . . . . . . . . . . . . 437

vii

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: