NMD202 Web Scripting Week5
What we will cover today PHPmyAdmin Debugging – using print_r Modifying Data PHP (cont.) 4D Methodology File and IO operations Exercises
PHPmyAdmin MySQL has a lot of clients with GUI. phpMyAdmin is an open source tool written in PHP intended to handle the administration of MySQL over the web.
PHPmyAdmin Setup: Copy the phpMyAdmin (in Xampp root folder) to document folder (xampp/htdocs) Access it through the browser:
Debug Using print_r print_r - Prints human-readable information about a variable
Debug Using print_r: $a = array ('a' => 'apple', 'b' => 'banana', 'c' => array ('x', 'y', 'z')); echo “ ”; print_r ($a); echo “ ”; Array ( [a] => apple [b] => banana [c] => Array ( [0] => x [1] => y [2] => z )
Sanitize queries mysql_real_escape_string() This function must always be used to make data safe before sending a query to MySQL. $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'", mysql_real_escape_string($user), mysql_real_escape_string($password));
Redirection There are several ways to perform page redirection in PHP The most common way is to send a special header to the browser: header(‘Location:page.php’); Headers must be sent before any information is sent to the browser, this includes any white spaces, make sure you open the php script tag in the first line of your document otherwise you will get the following error: Warning: Cannot modify header information - headers already sent by
Ini Files Ini files are special files where you include configuration information for your application, if you are know *nix system you are used to this format: ; This is a sample configuration file ;Comments start with ';', as in php.ini [database] host = localhost username = root password = database = sampleDataBase $conf = parse_ini_file($filename) loads in the ini file specified in filename, and returns the settings in it in an associative array.
Modifying Data Insert Form: If form has been submitted then run the insert query (after validation) and provide feedback (optionally redirect the page to the List screen) Draw the form action attribute should be set to $_SERVER[‘PHP_SELF’]
Modifying Data Edit Form: ID of the record is passed in the querystring If form has been submitted then run the update query (after validation) and provide feedback (optionally redirect the page to the List screen) Draw the form with the values populated from query results Usually Insert and edit screen are integrated in the same PHP page
Modifying Data Deleting Data Id record to delete is passed through the querystring Query is built based on id (data should be sanitized) Query is performed Feedback is given to the user (optionally redirect to the list screen) Sometimes Delete is integrated in the list screen, using a querystring like ?task=delete&Id=25, before displaying the list record is deleted by testing if $_GET[‘task’]==“delete”
Exercise Build a complete set of screens to insert, update, display and delete the students records. On the display table insert two more columns with links to the delete and edit pages, providing the id of the record. Split the logical parts into separate php files: display.php, edit.php, insert.php, delete.php, configuration.ini Sanitize your data
Exercise Include more screens to manage student grades
4D methodology 4D Methodology is a variation of the waterfall methodology Is a methodology that allows you to understand the system you are trying to achieve, implement it and deliver it according to the needs of a client
4D methodology Define – Understand the requirement of the system Design – Design the system (ER Diagrams, page navigation diagrams, templates, page description) Develop – Implement and test the system Deploy – Deploy the system in the client infraestructure
4D methodology The most crucial steps in building any system is the Define and Design steps. Failure to do so will result in a large amount of time spent in the implementation.
4D methodology Page navigation diagram: Manage Users EditInsertList Admin Homepage Login
4D methodology Page description: General description of the page How does the user comes here, where does it go from here (include parameters in querystring, ie:edit page) Description form if any, including field labels, database field, validation rules, control type (textbox, selectbox etc) Business rules, ie: User can only be deleted if there is no records from that user.
File and IO operations PHP can handle all vulgar file operations including: Read Write Delete List files in folder Change attributes (*nix chmod) Etc
File and IO operations Read file: $filename can be a URL
File and IO operations Write file:
File and IO operations Error Handling:
Exercise Create a file in a special folder /gradeLogs (maybe accessible from the student list as a link) that generates a file (in a special folder) with the current students, and their grades ie, filename should be unique (use the date function to generate unique filenames): Luis Maths:14 Maths2: John:15 Create another screen where you can list the files in the folder and allow user to click and see the content file