Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.

Slides:



Advertisements
Similar presentations
Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizards Guide to PHP by David Lash.
Advertisements

Nic Shulver, Introduction to SQL Topics covered Structured Query Language What can it do? Advantages of SQL Why bother with SQL?
PHP (2) – Functions, Arrays, Databases, and sessions.
Manipulating MySQL Databases with PHP. PHP and mySQL2 Objectives Connect to MySQL from PHP Learn how to handle MySQL errors Execute SQL statements with.
1 CS428 Web Engineering Lecture 23 MySQL Basics (PHP - VI)
SJSU CS157B Dr. Lee1  2004 Jenny Mitchell Two Useful Tools You Can’t Live Without by Jenny Mitchell SJSU CS157B Section PHP and MySQL.
What is MySQL? MySQL is a database. The data in MySQL is stored in database objects called tables. A table is a collections of related data entries and.
PHP1-1 PHP & SQL Xingquan (Hill) Zhu
© Yanbu University College YANBU UNIVERSITY COLLEGE Management Science Department © Yanbu University College Module 6:WEB SERVER AND SERVER SIDE SCRPTING,
Advanced Web 2012 Lecture 4 Sean Costain PHP Sean Costain 2012 What is PHP? PHP is a widely-used general-purpose scripting language that is especially.
Databases with PHP A quick introduction. Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily 
INFM 603: Information Technology and Organizational Context Jimmy Lin The iSchool University of Maryland Thursday, October 18, 2012 Session 7: PHP.
Session 5: Working with MySQL iNET Academy Open Source Web Development.
1 Chapter 8 – Working with Databases spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science and Technology.
Slide 8-1 CHAPTER 8 Using Databases with PHP Scripts: Using MySQL Database with PHP.
INTERNET APPLICATION DEVELOPMENT For More visit:
Create an online booking system (login/registration)
Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.
Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data.
INTERNET APPLICATION DEVELOPMENT PRACTICAL ON CONNECTING TO MYSQL.
NMED 3850 A Advanced Online Design January 26, 2010 V. Mahadevan.
SQL pepper. Why SQL File I/O is a great deal of code Optimal file organization and indexing is critical and a great deal of code and theory implementation.
15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.
Introduction to MySQL Lab no. 10 Advance Database Management System.
PHP MySQL Introduction. MySQL is the most popular open-source database system. What is MySQL? MySQL is a database. The data in MySQL is stored in database.
SQL pepper. Why SQL File I/O is a great deal of code Optimal file organization and indexing is critical and a great deal of code and theory implementation.
PHP MySQL. SQL: Tables CREATE TABLE tablename { fieldname type(length) extra info,... } Extra info: –NULL (allows nulls in this field) –Not NULL (null.
Creating Dynamic Web Pages Using PHP and MySQL CS 320.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
MySQL Databases & PHP Integration Using PHP to write data to, and retrieve data from, a MySQL database.
PHP and MySQL CS How Web Site Architectures Work  User’s browser sends HTTP request.  The request may be a form where the action is to call PHP.
Nic Shulver, Introduction to Sessions in PHP Sessions What is a session? Example Software Software Organisation The login HTML.
PHP with MySQL 1.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
Creating PHPs to Insert, Update, and Delete Data CS 320.
Mobile App Development Mobile App Development Tools Nic Shulver, FCES, Staffordshire University A discussion and demonstration of AppInventor2 and PHP.
Nic Shulver, Introduction to SQL Topics covered Structured Query Language What can it do? Advantages of SQL Why bother with SQL?
Enterprise PHP – Reading Data from a DB Reading Data from a relational database in PHP Nic Shulver, FCES, Staffordshire University Using the SQLi interface.
Controlling Web Site Access Using Logins CS 320. Basic Approach HTML form a php page that collects the username and password  Sends them to second PHP.
Creating a simple database This shows you how to set up a database using PHPMyAdmin (installed with WAMP)
Chapter 8 Manipulating MySQL Databases with PHP PHP Programming with MySQL 2 nd Edition.
CHAPTER 10 PHP MySQL Database
CSC 2720 Building Web Applications Accessing MySQL from PHP.
Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.
CSC 405: Web Application Engineering II8.1 Web programming using PHP What have we learnt? What have we learnt? Underlying technologies of database supported.
MySQL MySQL and PHP – interacting with a database.
Chapter 1 Introduction to PHP Part 1. Textbook’s Code DOWNLOADS PHP and MySQL for Dynamic Web Sites Complete Set of Scripts.
8 th Semester, Batch 2009 Department Of Computer Science SSUET.
Nic Shulver, Storing Data on the Server Introduction We are going to look at some working code It writes fixed data into a simple.
13 – PHP MySQL Connection Informatics Department Parahyangan Catholic University.
Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.
 MySQL is a database system used on the web  MySQL is a database system that runs on a server  MySQL is ideal for both small and large applications.
Nic Shulver, Storing Data on the Server Introduction We are going to look at some working code It writes fixed data into a simple.
Web Systems & Technologies
Web Database Programming Using PHP
Introduction to Dynamic Web Programming
CS320 Web and Internet Programming SQL and MySQL
Introduction to PHP Part 1
Web Database Programming Using PHP
Unix System Administration
Web Design and Development
Introduction to Web programming
ISC440: Web Programming 2 Server-side Scripting PHP 3
Web Systems Development (CSC-215)
Tutorial 6 PHP & MySQL Li Xu
MySQL Web Application Connecting to a MySQL database
PHP Forms and Databases.
Introduction to Web programming
Presentation transcript:

Nic Shulver, Retrieving Stored Data Introduction This set of slides shows: The information source database structure The data we are expecting to deal with The output of the data reader PHP script The code to build a dynamic SQL database The code to read values from a database

Nic Shulver, Retrieving Stored Data Table: tblUsers Fields: – id, an “auto-increment” integer – userSurname, text – userForename, text – userPassword, text Note that passwords are normally stored in an encrypted form (more in later lectures) DB Structure

Nic Shulver, Retrieving Stored Data The PHP/SQL to create the table // Creates the table if it isn't already there. You may prefer to build // tables by hand using the management GUI (e.g. phpMyAdmin) $query = 'CREATE TABLE IF NOT EXISTS tblUsers ( id INT NOT NULL AUTO_INCREMENT, userSurname VARCHAR(30), userForename VARCHAR(30), userPassword VARCHAR(30), PRIMARY KEY(id) )'; $ mysqli->query ($ query) or die("Could not create table: ". $ mysqli->error);

Nic Shulver, Retrieving Stored Data The data set we are using Example data Small selection of names and passwords But no repeated surnames – not such good test data Hard to design “realistic” data

Nic Shulver, Retrieving Stored Data Simple Search Page The user can type in a surname, a forename, then specify the type of search The interface allows for a “wildcard” character, the asterisk sign % % matches any text % is built into SQL % used in PHP, * used in Access queries

Nic Shulver, Retrieving Stored Data Example Output Read A DB Example Search Results Running the SQL command: SELECT * FROM tblUsers WHERE userSurname LIKE 'suarez' OR userForename LIKE 'jason' ORDER BY id ASC; 492: Linda Suarez; pwd=[fr0d0ba991n5] 921: Jason Imtiaz; pwd=[maskmypony]

Nic Shulver, Retrieving Stored Data Example Output Read A DB Example Search Results Running the SQL command: SELECT * FROM tblUsers WHERE userSurname LIKE 's%' OR userForename LIKE 'j%' ORDER BY id ASC; 90: Luis Sanchez; pwd=[alhambra] 492: Linda Suarez; pwd=[fr0d0ba991n5] 921: Jason Imtiaz; pwd=[maskmypony]

Nic Shulver, Retrieving Stored Data Example Output Read A DB Example Search Results Running the SQL command: SELECT * FROM tblUsers WHERE userSurname LIKE ‘%i%' AND userForename LIKE ‘%i%'; 911: Toni Collins; pwd=[swissair] 901: Wilbur Harris; pwd=[wilburharris]

The Code, #1 <?php// ReadDB example code // gets data from form, may be an empty string if(isset($_REQUEST["ReadDBsearch"])) { $sUserSurname = $_REQUEST["txtUserSurname"]; $sUserForename = $_REQUEST["txtUserForename"]; $sBoolean = $_REQUEST["radioLogic"]; } else// shows the REQUEST fields and server variables {phpInfo(32);// useful when testing, NOT published site! die("We don't seem to be running the right web form..."); }

Nic Shulver, Retrieving Stored Data The Code, #2 // // // checks to see if all strings are empty, // if so we just go back to the search page if( strlen($sUserSurname) + strlen($sUserForename) == 0 ) {header("Location: ReadDB.htm"); }

The Code, #3 Read A DB Example Read A DB Example Search Results

The Code, #4 <?php //=====================================// // Database Section //=====================================// // Connects to a MySQL server $id= 'xy123456'; $mysqli = new mysqli("web.fcet.staffs.ac.uk", $id, $id, $id); $sSQL= "SELECT * FROM tblUsers WHERE userSurname LIKE '$sUserSurname' $sBoolean userForename LIKE '$sUserForename' ORDER BY id ASC;"; echo "Running the SQL command: $sSQL "; // searches the DB $rsMain = $mysqli->query( $sSQL );

The Code, #5 //=====================================// // Outputs all the selected fields in table "tblUsers", // processes each record until we reach end of recordset while($row = $rsMain->fetch_assoc()) {$sSurname = $row["userSurname"]; $sForename = $row["userForename"]; $sPassword = $row["userPassword"]; $nID = $row["id"]; // prints each of the fields print "$nID: $sForename $sSurname; pwd=[$sPassword] \n"; }

The Code, #6 //=====================================// // frees up resources $rsMain = null; $mysqli->close(); ?>

Nic Shulver, Retrieving Stored Data Search Script Steps So the search software takes the form data, Connects to the database, Reads only the interesting records, Holds data in a recordset, Reads the data from each of the fields, Writes information out to the user, Moves on to the next record.

Nic Shulver, Retrieving Stored Data Some notes and comments The user interface for searching is poor – relies on knowing the “ste%en” approach to match “Steven” or “Stephen” (or “stellar alien”!) There are serious security holes in the way the SQL is built What if this script is run from a different form? The field “radioLogic” is inserted directly into the SQL command… could contain ANY commands! More secure if we use “prepared statements”prepared statements

Nic Shulver, Retrieving Stored Data Conclusion The database, script and HTML interface page are available for download The script is only 80 lines long (so pretty short) and really needs more error trapping The SQL, database and output are all pretty simple But putting it all together in a working script isn’t so easy