This document provides an overview of PHP web development. It discusses setting up a local PHP project with Apache, connecting to a MySQL database with PDO or MySQLi, handling form data with $_GET and $_POST, uploading and validating images, and sanitizing and validating form data. The key steps covered include installing PHP and a web server like MAMP, adding a virtual host, connecting to the database, using prepared statements, and processing files and user-submitted data.
8. Steps
Installation of requirements (MAMP,
XAMPP or WAMP)
Structure of the project
Adding hostname to /etc/hosts
Edit the httpd.conf in Apache
Start Apache and test it
11. Hosts in Windows
Open file in notepad
c:windowssystem32driversetchosts
insert
127.0.0.1 www.webcamp.com.local
The number to the right is your computers default ip
address. In most cases the number should be the same
as have listed here. The words are the virtual host name.
www.webcamp.com.local for my the Project directory
Save the file. Make sure notepad doesn’t append .txt to
the file.
12. Location of conf file
MAC OS (MAMP)
/Applications/MAMP/conf/apache/httpd.conf
WINDOWS OS (WAMP)
c:wampbinapacheApache2.2.11confhttpd.conf
UNIX OS (XAMPP)
xamppapacheconfextra
xamppliteapacheconfextra
13. Relocation of conf file
MAC
Open /Applications/MAMP/conf/apache/httpd.conf
Change
Listen 8888 -> Listen 80
ServerName localhost:8888 -> ServerName localhost
Insert
NameVirtualHost *:80
Include /Users/computer_name/Sites/vhost/*.conf //sample
Create a new file with an extension .conf and save it to the folder /
Users/computer_name/Sites/vhost and insert the code (next page) in
this file.
14. Virtual Host
<VirtualHost *:80>
ServerName www.webcamp.com.local
DocumentRoot "/folder/path"
DocumentIndex index.php
<Directory "/folder/path">
Allow from All
</Directory>
</VirtualHost>
21. PDO vs. MySQLi
PDO MySQLi
12 Drivers (CUBRID,
Microsoft SQL Server and
Sybase, Firebird/Interbase,
Database Support IBM, Informix, MySQL, MySQL only
Microsoft SQL Server,
Oracle, ODBC and DB2,
PostgreSQL, SQLite, 4D)
API OOP OOP + procedural
Named Parameters YES NO
Positional Parameters YES YES
Prepared Statements YES YES
22. PDO vs. MySQLi
PDO MySQLi
12 Drivers (CUBRID,
Microsoft SQL Server and
Sybase, Firebird/Interbase,
Database Support IBM, Informix, MySQL, MySQL only
Microsoft SQL Server,
Oracle, ODBC and DB2,
PostgreSQL, SQLite, 4D)
API OOP OOP + procedural
Named Parameters YES NO
Positional Parameters YES YES
Prepared Statements YES YES
23. API (Application
Programming Interface)
defines classes, methods, functions and
variables needed to call in order to carry
out a certain task
24. PDO vs. MySQLi
PDO MySQLi
12 Drivers (CUBRID,
Microsoft SQL Server and
Sybase, Firebird/Interbase,
Database Support IBM, Informix, MySQL, MySQL only
Microsoft SQL Server,
Oracle, ODBC and DB2,
PostgreSQL, SQLite, 4D)
API OOP OOP + procedural
Named Parameters YES NO
Positional Parameters YES YES
Prepared Statements YES YES
25. Named Parameters
arguments specified by name
'SELECT * FROM users WHERE name LIKE :name'
26. PDO vs. MySQLi
PDO MySQLi
12 Drivers (CUBRID,
Microsoft SQL Server and
Sybase, Firebird/Interbase,
Database Support IBM, Informix, MySQL, MySQL only
Microsoft SQL Server,
Oracle, ODBC and DB2,
PostgreSQL, SQLite, 4D)
API OOP OOP + procedural
Named Parameters YES NO
Positional Parameters YES YES
Prepared Statements YES YES
28. PDO vs. MySQLi
PDO MySQLi
12 Drivers (CUBRID,
Microsoft SQL Server and
Sybase, Firebird/Interbase,
Database Support IBM, Informix, MySQL, MySQL only
Microsoft SQL Server,
Oracle, ODBC and DB2,
PostgreSQL, SQLite, 4D)
API OOP OOP + procedural
Named Parameters YES NO
Positional Parameters YES YES
Prepared Statements YES YES
29. Prepared Statements
a compiled template for the SQL that an
application wants to run and is customizable
using variable parameters
38. Connecting via MySQLi
(Object-Oriented Way)
$conn = new mysqli('127.0.0.1','root','','dbname');
39. Querying via MySQLi
(Procedural Way)
$firstName = 'Jane';
$sql = 'SELECT * FROM users WHERE first_name LIKE ?';
if ($stmt = mysqli_prepare($db, $sql)) {
mysqli_stmt_bind_param($stmt, 's', $firstName);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $col1, $col2, $col3);
while (mysqli_stmt_fetch($stmt)) {
printf("%s %s %s n", $col1, $col2, $col3);
}
mysqli_stmt_close($stmt);
}
40. Querying via MySQLi
(Object-Oriented Way)
$firstName = 'Jane';
$sql = 'SELECT * FROM users WHERE first_name LIKE ?';
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param('s', $firstName);
$stmt->execute();
$stmt->bind_result($col1, $col2, $col3, $col4, $col5);
while ($stmt->fetch()) {
printf("%s %s %s n", $col1, $col2, $col3);
}
$stmt->close();
}
41. Error Handling via MySQLi
// procedural way
if (mysqli_connect_errno()) {
die(mysqli_connect_error());
}
// object-oriented way
if ($conn->connect_errno) {
die($conn->connect_error);
}
42. Closing Connection via
MySQLi
// procedural way
mysqli_close($conn);
// object-oriented way
if ($conn->connect_errno) {
die($conn->connect_error);
}
46. Create an HTML Form
<form ... method=”POST”>
...
input elements
...
submit button
</form>
<form ... method=”GET”>
...
input elements
...
submit button
</form>
47. GET vs. POST
GET POST
Technical body of HTTP
URL
difference Request
Recommended viewing something
changing something
Usage without changing it
48. GET vs. POST
GET POST
bookmark page sensitive information
search engines can multi-part binary (file
Advantages
index the page with upload)
passed data large quantities of data
cannot bookmark or
size limitation
direct access to the page
Disadvantages not suitable to use for
search engines cannot
sensitive information
index the page
67. Validation by Attribute
getimagesize($img)
Get the size of an image. On failure, FALSE is
returned.
From: getimagesize. http://php.net/manual/en/function.getimagesize.php (Accessed February 2013)
68. Saving
move_uploaded_file($img, $destination)
Moves an uploaded file to a new location.
Returns TRUE on success.
From: move_uploaded_file. http://php.net/manual/en/function.move-uploaded-file.php
(Accessed February 2013)
73. Sanitize with...
filter_var($data, $filter)
Filters a variable with a specified filter.
Returns the filtered data, or FALSE if the filter
fails.
From: filter_var. http://php.net/manual/en/function.filter-var.php (Accessed February 2013)
75. Validate with...
filter_var($data, $filter)
Filters a variable with a specified filter.
Returns the filtered data, or FALSE if the filter
fails.
From: filter_var. http://php.net/manual/en/function.filter-var.php (Accessed February 2013)
76. Using validate filters...
FILTER_VALIDATE_BOOLEAN
FILTER_VALIDATE_EMAIL
FILTER_VALIDATE_FLOAT
FILTER_VALIDATE_INT
FILTER_VALIDATE_IP
FILTER_VALIDATE_REGEXP
FILTER_VALIDATE_URL
From: Validate filters. http://www.php.net/manual/en/filter.filters.validate.php (Accessed
February 2013)