2. Introduction
PHP supports wide range of relational databases, that
is why it becomes popular. Ex. Microsoft SQL Server,
MySQL, and Oracle etc.
Advantages of relational database
Read/write data
Store more data
Better organized data
Faster access to data
Easier to manipulate
Relate data to other data
Here we are going to use MySQL database
Open source, free, easy to use, popular and good
introduction to DB concepts
2
3. Database:
It is a set of tables. We should have 1 database for 1
application.
Tables: is a set of rows and columns. It represents a
single concept such as products, customers, orders
etc. We can create relationships among tables.
Columns: a set of data of single data type. Ex.
FirstName, LastName, Email, Password etc. columns
have types such as strings, integers, float, date etc.
Rows: single record of data. Ex. “Abebe”, “Kebede”,
“abe@gmail.com”, “password”
Field: is the intersection of a row and a column. Ex.
FirstName: ”Abebe”
Index: data structure on a table to increase look up
speed.
Foreign key: table columns whose values references
rows in another table. The foundation of relational
3
4. Basic database operations:
DDL
CREATE, DROP, ALTER, RENAME
DML
INSERT INTO, UPDATE, DELETE
QUERY
SELECT
Connecting to the MySQL Server
PHP provides us different APIs to deal with databases
MySQL: Original MySQL API(deprecated @v5.2,
removed @v7)
Mysqli: MySQL improved API
PDO: PHP Data Objects
4
5. PHP database APIs
PHP database interactions in five steps:
Create a database connection
Perform Database query
Use returned data if any
Release returned data
Close database connection
5
6. Functions
mysql_connect() or mysqli_connect()
mysql_select_db() or mysqli_select_db()
mysql_query() or mysqli_query()
mysql_fetch_rows() or mysql_fetch_array()
mysqli_fetch_assoc()
mysql_free_results()
mysql_error() or mysqli_error()
mysql_num_rows() or mysqli_affected_rows()
Connecting to databases
Before we do anything in MySQL using php, we should
first connect to MySQL server.
To connect use mysqli_connect(); function
Syntax:
$con=mysqli_connect(“servername”,”dbusername”,
“dbpassword”);
echo “Success fully connected!”
6
8. You can also create table this way
$connection=mysqli_connect(“localhost”,”root”,””,”sims”) ;
$sql=“create table feedback
(id int auto_increment,
fname varchar(20),
email varchar(20),
comment LONGTEXT,primary key(id))“;
if(mysqli_query($connection,$sql))
{
echo "Feedback table created";
}else
{
die(“Table not created:”.mysql_errorr());
}
8
9. Creating table using mysql
$connection=mysqli_connect(“localhost”,”root”,””);
mysqli_select_db(”sims”) ;
$sql=“create table feedback
(id int auto_increment,
fname varchar(20),
email varchar(20),
comment LONGTEXT,primary key(id))“;
if(mysql_query($sql,$connection))
{
echo "Feedback table created";
}else
{
die(“Table not created:”.mysql_errorr());
}
9
10. To insert data into a feed back table using mysql
<?php
$connection=mysqli_connect("localhost","root","");
mysqli_select_db("sims")or die("Database not
selected:".mysql_error());
$sql="insert into feedback(fname,email,comment,date) values
(‘gere',‘gere@gmail.com','Well Done','2017-04-27')";
if(mysqli_query($connection, $sql))
{
echo "Feedback inserted";
}else
{
die(“Failed to insert feedback:".mysql_error());
}
?>
10
11. Inserting data using mysqli
<?php
$connection=mysqli_connect("localhost","root","","sims
");
if($connection){
$sql="insert into feedback(fname,email,comment,date)
values (‘gere',‘gere@gmail.com','Well Done','2017-04-
27')";
if(mysqli_query($connection,$sql)){
echo "Feedback inserted";
}else
{ die(“Failed to insert
feedback:".mysqli_error($connection));}
}else{
die(“Connection failed:".mysqli_error($connection));
11
12. To retrieve data from feedback table using mysql
$connection=mysqli_connect("localhost","root","");
mysqli_select_db("sims")or die("Database not selected:".mysql_error());
$sql="select * from feedback order by date desc";
$result=mysqli_query($sql,$connection);
if($result)
{
echo "<table
border=1><tr><th>Name</th><th>Email</th><th>Comment</th></tr>";
while($row=mysqli_fetch_array($result))
{
echo
"<tr><td>".$row['fname']."</td><td>".$row['email']."</td><td>".$row['comment']."<
/d></tr>";
}
echo "</table>";
}else
{
die("Record not found:".mysql_error());
}
12
13. You can retrieve records this way (using mysqli)
$connection=mysqli_connect("localhost","root","","sims");
$sql="select * from feedback order by date desc";
$result=mysqli_query($connection,$sql);
if($result)
{
echo "<table
border=1><tr><th>Name</th><th>Email</th><th>Comment</th></tr>";
while($row=mysqli_fetch_assoc($result))
{
echo
"<tr><td>".$row['fname']."</td><td>".$row['email']."</td><td>".$row['comment']."<
/d></tr>";
}
echo "</tr></table>";
}else
{
die("Record not found:".mysqli_error($connection));
}
13
14. To update data use the same code like insert but you
should change the sql statament
To delete data retrieve the record you want to delete
using select statement and change the sql statement
Database Security
Sensitive information must be stored in a database in
encrypted format
Encryption in PHP
Md5($password)
Sha1($password)
hash(‘sha1/md5’,$password)
Crypt($password, $salt)
14
15. SQL Injection
$string=“Insert into feedback values
(‘10’,gere’,’gere@gmail.com’,’Today’s post is
good’,’2017-04-27’)”;
Use escaping string
Today’s or
addslashes($string);
mysqli_real_escape_string($connection,$string)
15