PHP and MySQL PHP Written as a set of CGI binaries in C in ...


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

PHP and MySQL PHP Written as a set of CGI binaries in C in ...

  1. 1. PHP and MySQL
  2. 2. PHP <ul><li>Written as a set of CGI binaries in C in 1994 by R. Lerdorf </li></ul><ul><ul><li>Didn’t just want to post his resume </li></ul></ul><ul><ul><li>Created PHP to display resume and collect data about page traffic, e.g. dynamic web pages </li></ul></ul><ul><ul><li>Personal Home Page tools publicly released 1995 </li></ul></ul><ul><ul><li>In 1998 became PHP: Hypertext Preprocessor </li></ul></ul>
  3. 3. PHP <ul><li>Creates DYNAMIC web pages </li></ul><ul><ul><li>HTML traditionally static </li></ul></ul><ul><ul><li>Contents regenerated every time visit or reload site </li></ul></ul><ul><ul><ul><li>(e.g. can include current time) </li></ul></ul></ul><ul><li>PHP is a scripting language </li></ul><ul><ul><li>a programming language that controls a software application (program is independent of any other application) </li></ul></ul><ul><ul><li>Strong at communicating with program components written in other languages </li></ul></ul><ul><ul><ul><li>E.g. can embed PHP statements within HTML </li></ul></ul></ul><ul><ul><li>Script like a dialogue for play interpreted by actors </li></ul></ul><ul><li>PHP parser with web server and web browser, model similar to MS ASP.NET, Sun JavaServer Pages </li></ul>
  4. 4. PHP <ul><li>Takes input from a file or stream containing text and PHP instructions </li></ul><ul><li>Outputs stream of data for display </li></ul><ul><ul><li>PHP originally interpreted, not converted to binary executable files </li></ul></ul><ul><li>PHP 4 – parser compiles input to produce bytecode (semi-compiled) – Zend engine (better performance than interpreted PHP 3) </li></ul><ul><li>PHP 5 – robust support for OO programming, better support for MySQL, support for SQLite, performance enhancements </li></ul><ul><ul><li>SQLite – ACID compliant embedded relational DB contained in small C programming library. Source code in public domain. SQLite library is linked in and part of application program, uses simple function calls, reducing latency. Entire DB stored as a single file on a host machine. </li></ul></ul>
  5. 5. PHP - specifics <ul><li>Delimiters: <?php ?> or just <? ?> </li></ul><ul><li>PHP parses code within delimiters </li></ul><ul><li>Code outside delimiter sent to output, not parsed </li></ul><ul><li>Block comments /* */ </li></ul><ul><li>Inline comments // # </li></ul>
  6. 6. PHP vs. C++ <ul><li>Similarities: </li></ul><ul><ul><li>Syntax nearly the same (For/While/If) </li></ul></ul><ul><ul><li>Requires semicolons after each statement ; </li></ul></ul><ul><ul><li>Assignment is right to left ($num = 56;) </li></ul></ul><ul><ul><li>Object-Oriented (Class support, inheritance, virtuals, polymorphism) </li></ul></ul><ul><ul><li>Functions! </li></ul></ul><ul><ul><li>Types are nearly the same (booleans, integers, strings, etc.) </li></ul></ul>
  7. 7. PHP Versus C++ <ul><li>Differences: </li></ul><ul><ul><li>Variables begin with $ sign ($name = “John Doe”;) </li></ul></ul><ul><ul><li>No explicit declaration of variable types </li></ul></ul><ul><ul><li>Introduction of “lazy” functions (foreach, explode, mail) </li></ul></ul><ul><ul><li>No Function Overloading </li></ul></ul><ul><ul><li>“ Hidden” functions-within-a-function </li></ul></ul><ul><ul><li>Compiled/interpreted during every page load </li></ul></ul><ul><ul><li>Documented! </li></ul></ul><ul><ul><li>Echo for output </li></ul></ul>
  8. 8. PHP Versus C++ <ul><li>Web Specific: </li></ul><ul><ul><li>Cookies and “Sessions” </li></ul></ul><ul><ul><li>Dynamic HTML based on user-defined logic </li></ul></ul><ul><ul><li>Interact and process a form’s action </li></ul></ul><ul><ul><li>Process URL Parameters </li></ul></ul><ul><ul><li>Easy Database Integration </li></ul></ul><ul><ul><li>Cross-Site-Scripting (XSS) security hacks - taken care of by PHP 5 </li></ul></ul><ul><ul><ul><li>code injection by web users into web pages viewed by other users (e.g. phishing attacks) </li></ul></ul></ul>
  9. 9. Sample code <ul><ul><li><?php // do not put a space between ? and php </li></ul></ul><ul><ul><li>Echo “Hello World”; // can use either “ or ‘ </li></ul></ul><ul><ul><li>?> </li></ul></ul><ul><ul><li>To run this, only need to specify a link to this program </li></ul></ul><ul><ul><li> </li></ul></ul>
  10. 10. Easy Database Integration <ul><li>For example: </li></ul><ul><ul><ul><li>MySQL </li></ul></ul></ul>
  11. 11. MySQL <ul><li>MySQL is a relational DBMS </li></ul><ul><li>Has many of the same capabilities as traditional DBMSs (newest releases) </li></ul><ul><li>MySQL queries mostly the same as SQL in Oracle (subsidiary of Sun) </li></ul><ul><li>Popular for web databases </li></ul><ul><li>It’s freeware! </li></ul>
  12. 12. <ul><li>You can connect to MySQL directly </li></ul><ul><li>OR </li></ul><ul><li>You can connect to MySQL through .php </li></ul>
  13. 13. MySQL commands <ul><li>Can connect directly to MySQL: </li></ul><ul><li>mysql> SHOW databases; </li></ul><ul><li>mysql> USE db_name; // must specify this each time </li></ul><ul><li>mysql> SHOW tables; </li></ul><ul><li>mysql> DESCRIBE table_name; </li></ul><ul><li>mysql> create table … </li></ul><ul><li>mysql> insert into table values (… </li></ul><ul><li>mysql> select * from table_name; </li></ul><ul><li>mysql> delete … </li></ul><ul><li>mysql> update </li></ul>
  14. 14. MySQL commands <ul><li>mysql> LOAD DATA LOCAL INFILE “file_name” INTO TABLE table_name; </li></ul><ul><li>mysql> file_name (containing a query) </li></ul>
  15. 15. <ul><li>You can connect to MySQL directly </li></ul><ul><li>OR </li></ul><ul><li>You can connect to MySQL through .php </li></ul>
  16. 16. Some php mysql functions <ul><li>Connecting to MySQL through PHP </li></ul><ul><ul><li>Mysql_connect (“localhost”, “login”, “password”) </li></ul></ul><ul><ul><li>Mysql_select_db (‘db_name’, $link_id) </li></ul></ul><ul><ul><li>mysql_query (string [, resource $link_id]) </li></ul></ul><ul><ul><ul><li>Executes a query, place result in variable, like a cursor </li></ul></ul></ul><ul><ul><ul><li>Resource specifies a connection, otherwise last connection opened used </li></ul></ul></ul><ul><ul><li>mysql_error ( ) </li></ul></ul><ul><ul><ul><li>Returns error message from previous sql operation </li></ul></ul></ul><ul><ul><li>mysql_fetch_array ($result, how) </li></ul></ul><ul><ul><ul><li>Traverses through cursor of query result </li></ul></ul></ul><ul><ul><ul><li>How is either mysql_assoc (use col. names) or mysql_num (use index number) or mysql_both </li></ul></ul></ul><ul><ul><li>Mysql_num_fields ( $result) </li></ul></ul><ul><ul><ul><li>Returns number of columns in table (fields in recordset) </li></ul></ul></ul>
  17. 17. PHP and MySQL – ex1 <ul><li><?php </li></ul><ul><li>$link=mysql_connect (&quot;localhost&quot;, &quot;vrbsky&quot;, “password&quot;); </li></ul><ul><li>mysql_select_db('vrbsky') or die('Cannot select database'); </li></ul><ul><li>$query = 'CREATE TABLE contact( '. </li></ul><ul><li>'cid INT NOT NULL, '. </li></ul><ul><li>'cname VARCHAR(20) NOT NULL, '. </li></ul><ul><li>'cemail VARCHAR(50) NOT NULL, '. </li></ul><ul><li>'csubject VARCHAR(30) NOT NULL, '. </li></ul><ul><li>'constraint pk PRIMARY KEY (cid) )' ; </li></ul><ul><li>$result = mysql_query($query, $link); </li></ul><ul><li>if(!$result) {die( 'Error in SQL: ' . mysql_error());} </li></ul><ul><li>mysql_close($link); </li></ul><ul><li>?> </li></ul>
  18. 18. Example ex2 <ul><li><?php </li></ul><ul><li>echo &quot;Welcome to Vrbsky's DB&quot;; </li></ul><ul><li>// Connect to MySQL </li></ul><ul><li>$link = mysql_connect(&quot;localhost&quot;, &quot;vrbsky&quot;, “password&quot;); </li></ul><ul><li>if (!$link) {die('Not connected: '. mysql_error()); } // see if connected </li></ul><ul><li>// Select DB will use </li></ul><ul><li>mysql_select_db('vrbsky') or die ('Could not select database'); // see if worked </li></ul><ul><li>// Now the query </li></ul><ul><li>$query = &quot;Select * from testit&quot;; // testit has 2 columns, id and age </li></ul><ul><li>$result = mysql_query($query, $link); </li></ul><ul><li>if (!$result) {die( 'Error in SQL: ' . mysql_error());} </li></ul><ul><li>// process results using cursor </li></ul><ul><li>while ($row = mysql_fetch_array($result)) </li></ul><ul><li>{ </li></ul><ul><li>echo &quot;<hr>&quot;; //horizontal line </li></ul><ul><li>echo &quot;id: &quot;. $row[&quot;id&quot;] . &quot;<br />&quot;; </li></ul><ul><li>echo &quot;age: &quot; . $row[&quot;age&quot;] . &quot;<br />&quot;; </li></ul><ul><li>} </li></ul><ul><li>mysql_free_result ($result); </li></ul><ul><li>mysql_close($link); // disconnecting from MySQL </li></ul><ul><li>?> </li></ul>
  19. 19. <ul><li> </li></ul><ul><li> </li></ul>
  20. 20. Accessing result rows <ul><li><?php </li></ul><ul><li>$link=mysql_connect (&quot;localhost&quot;, &quot;vrbsky&quot;, “password&quot;); </li></ul><ul><li>mysql_select_db('vrbsky') or die('Cannot select database'); </li></ul><ul><li>$query = &quot;SELECT ssn, lname FROM employee&quot;; </li></ul><ul><li>$result = mysql_query($query, $link); </li></ul><ul><li>//Using column name </li></ul><ul><li>while($row = mysql_fetch_array($result, MYSQL_ASSOC)) </li></ul><ul><li>{ </li></ul><ul><li>echo &quot;SSN :{$row['ssn']} <br>&quot; . </li></ul><ul><li>&quot;Last : {$row['lname']} <br> <br>&quot;; </li></ul><ul><li>} </li></ul><ul><li>// Using an index </li></ul><ul><li>// while($row = mysql_fetch_array($result, MYSQL_NUM)) </li></ul><ul><li>// { </li></ul><ul><li>// echo &quot;SSN :{$row[0]} <br>&quot; . </li></ul><ul><li>//  &quot;Last : {$row[1]} <br><br>&quot;; </li></ul><ul><li>// } </li></ul><ul><li>mysql_close($link); </li></ul><ul><li>?> </li></ul>
  21. 21. Forms and input <ul><li>Can use HTML to create forms </li></ul><ul><li>Users can input values to use as host variables in calls to mysql </li></ul>
  22. 22. HTML code <ul><li>The following code uses a form to ask for input values to a table </li></ul><ul><li>It will execute a php file after values are input in the form </li></ul><ul><li>To use those values in php file, must use $_POST[‘var_name’] </li></ul>
  23. 23. $_POST function <ul><li>< form method=&quot;post&quot; action=&quot;example.php&quot;> </li></ul><ul><li>variables from a form will be placed into an array $_POST </li></ul><ul><li>Index into array is form data name </li></ul><ul><li>Info sent from form invisible </li></ul><ul><li>With POST no limits on the amount of info to send </li></ul><ul><li>Different from $_GET function where </li></ul><ul><ul><li>Info sent is displayed in browser’s address bar </li></ul></ul><ul><ul><li>Max 100 characters </li></ul></ul>
  24. 24. HTML and PHP and MYSQL ex3.html <ul><li><html> </li></ul><ul><li><head> </li></ul><ul><li></head> </li></ul><ul><li><center> </li></ul><ul><li><!-- The following line results in php code executed after input values in form -> </li></ul><ul><li><form method=&quot;post&quot; action=&quot;example3.php&quot;> </li></ul><ul><li><table> </li></ul><ul><li><tr><td align=&quot;left&quot;>ID</td> </li></ul><ul><li><td><input type=&quot;text&quot; name=&quot;id&quot;></td> </li></ul><ul><li></tr> </li></ul><ul><li><tr><td align=&quot;left&quot;>Age</td> </li></ul><ul><li><td><input type=&quot;text&quot; name=&quot;age&quot; size=&quot;15&quot;></td> </li></ul><ul><li></tr> </li></ul><ul><li><tr><colspan=&quot;2&quot;> </li></ul><ul><li><p align=&quot;center&quot;> </li></ul><ul><li><input type=&quot;submit&quot; value=&quot;Enter record&quot;> </li></ul><ul><li></td> </li></ul><ul><li></tr> </li></ul><ul><li></table> </li></ul><ul><li></form> </li></ul><ul><li></center> </li></ul><ul><li></html> </li></ul>
  25. 25. PHP code <ul><li>PHP code places values input from form into local variables </li></ul><ul><li>Connects to database </li></ul><ul><li>Inserts values into tables </li></ul><ul><li>Prints out values </li></ul>
  26. 26. example3.php <ul><li><?php </li></ul><ul><li>// This is example3.php used in previous .htm code </li></ul><ul><li>$link = mysql_connect(&quot;localhost&quot;, &quot;svrbsky&quot;, “cwid&quot;); </li></ul><ul><li>if (!$link) {die('Not connected: '. mysql_error()); } </li></ul><ul><li>mysql_select_db('vrbsky') or die ('Could not select database'); </li></ul><ul><li>$id= $_POST['id']; </li></ul><ul><li>$age = $_POST['age']; </li></ul><ul><li>$query = &quot;insert into testit values ('$id', '$age')&quot;; </li></ul><ul><li>$result = mysql_query($query); </li></ul><ul><li>if (!$result) {die('SQL error: ' . mysql_error());} </li></ul><ul><li>mysql_close($link); </li></ul><ul><li>print &quot;<html><body><center>&quot;; </li></ul><ul><li>print &quot;<p>You have just entered this record<p>&quot;; </li></ul><ul><li>print &quot;ID: $id<br>&quot;; </li></ul><ul><li>print &quot;Age: $age&quot;; </li></ul><ul><li>print &quot;</body></html>&quot;; </li></ul><ul><li>?> </li></ul>
  27. 27. <ul><li> </li></ul>
  28. 28. Example HTML and PHP ex4.html <ul><li><html> </li></ul><ul><li><body> </li></ul><ul><li><center> </li></ul><ul><li><form method=&quot;post&quot; action=&quot;example4.php&quot;> </li></ul><ul><li><!-- places values in associative array called $_POST --> </li></ul><ul><li><font size=&quot;18&quot;>Complete the Select Statement</font><br> Select </li></ul><ul><li><input type=&quot;text&quot; name=&quot;select&quot; size=&quot;60&quot; value=&quot; ;&quot; ><br> </li></ul><ul><li><input type=&quot;hidden&quot; name=&quot;_query_form2&quot; value=&quot;1&quot;> </li></ul><ul><li><input type=&quot;submit&quot; nvalue=&quot;Get Query&quot;></form> </li></ul><ul><li><table border=&quot;1&quot;> </li></ul><ul><li></table></center></body></html> </li></ul>
  29. 29. example4.php code segment <ul><li><?php //This is example4.php referenced in previous .html code </li></ul><ul><li>$link = mysql_connect(&quot;localhost&quot;, &quot;svrbsky&quot;, “cwid&quot;); </li></ul><ul><li>if(!$link) { die('Not connected: '.mysql_error);} </li></ul><ul><li>mysql_select_db('vrbsky'); </li></ul><ul><li>// isset tests if the value of the variable is set </li></ul><ul><li>if(isset($_POST['_query_form2']) && isset($_POST['select'])) { </li></ul><ul><li>$select = 'select'.$_POST['select']; </li></ul><ul><li>$result = mysql_query($select, $link); </li></ul><ul><li>if(!$result) { echo mysql_error(); } </li></ul><ul><li>else { </li></ul><ul><li>while($row = mysql_fetch_array($result, MYSQL_NUM)) { </li></ul><ul><li>echo &quot;<hr>&quot;; // horizontal line </li></ul><ul><li>echo &quot;<tr>&quot;; </li></ul><ul><li>for($count = 0; $count < 10; $count++) { </li></ul><ul><li>if(isset($row[$count])) echo &quot; <td>{$row[$count]}</td>&quot;; </li></ul><ul><li>if(!isset($row[$count]) && isset($row[++$count])) { </li></ul><ul><li>echo &quot;<td></td>&quot;; $count--; } </li></ul><ul><li>} </li></ul><ul><li>echo &quot;</tr>&quot;; </li></ul><ul><li>} </li></ul><ul><li>} </li></ul><ul><li>} </li></ul><ul><li>?> </li></ul>
  30. 30. <ul><li> </li></ul>
  31. 31. Our Setup <ul><li>This this link to our machine: </li></ul><ul><ul><li> </li></ul></ul><ul><ul><li> </li></ul></ul>
  32. 32. Our setup <ul><li>A machine for us to use PHP and MySQL </li></ul><ul><li>address of machine is: or </li></ul><ul><li>This is a linux machine </li></ul><ul><ul><li>Emacs, vi (I haven’t used this since the ’80s) </li></ul></ul><ul><li>username is 1 st name initial followed by last name with a password of CWID </li></ul><ul><li>Ex. John Doe username is: jdoe </li></ul><ul><li>You need to use SSH Secure Shell to directly Quick Connect to this machine </li></ul>
  33. 33. Our setup <ul><li>Use vi (or whatever) to create new PHP and HTML files </li></ul><ul><li>OR you can just edit files locally then use SSH file transfer to this machine </li></ul>
  34. 34. Our Setup <ul><li>To run MySQL directly </li></ul><ul><ul><li>To start up MySQL type in: </li></ul></ul><ul><ul><ul><li>mysql –u your_login –p </li></ul></ul></ul><ul><ul><li>It will then prompt you for your password </li></ul></ul><ul><ul><li>You must create a db created with the same name as your login using: </li></ul></ul><ul><ul><ul><li>create database your_login </li></ul></ul></ul><ul><ul><li>The next time you start up MySQL type in: </li></ul></ul><ul><ul><ul><li>mysql –u your_login –D your_login –p </li></ul></ul></ul><ul><ul><ul><li>where –D is you database </li></ul></ul></ul>
  35. 35. Our setup <ul><li>To use MySQL through PHP </li></ul><ul><li>Create/save a .php file using an editor </li></ul><ul><li>Make sure the file is on the machine in the root directory </li></ul><ul><li>Sample program: </li></ul><ul><ul><ul><li><?php </li></ul></ul></ul><ul><ul><ul><li>Echo “Hello World”; </li></ul></ul></ul><ul><ul><ul><li>?> </li></ul></ul></ul><ul><li>To run it, from IE, type in: </li></ul><ul><ul><li>ip address/ yourlogin /filename </li></ul></ul><ul><ul><li> or </li></ul></ul><ul><ul><li> </li></ul></ul>
  36. 36. <ul><li>Won’t this be fun for an assignment? </li></ul><ul><li>Lots of great links on the web to get into </li></ul><ul><li>Disadvantage: How to determine what is error? </li></ul>