CHAPTER 9 PHP AND MYSQL. A POSSIBLE SITE CONFIGURATION Application Folder index.php includes (folder)header.phpfooter.phpstyle.cssmodel (folder)mysqli_connect.php.

Slides:

Advertisements

Similar presentations

PHP II Interacting with Database Data. The whole idea of a database-driven website is to enable the content of the site to reside in a database, and to.

Advertisements

PHP SQL. Connection code:- mysql_connect("server", "username", "password"); Connect to the Database Server with the authorised user and password. Eg $connect.

Widhy Hayuhardhika NP, S.Kom. Overview of database structure Connecting to MySQL database Selecting the database to use Using the require_once statement.

PHP and MySQL Database. Connecting to MySQL Note: you need to make sure that you have MySQL software properly installed on your computer before you attempt.

Web Database Programming Connecting Database to Web.

PHP Week 11 INFM 603. Thinking About PHP Local vs. Web-server-based display HTML as an indirect display mechanism “View Source” for debugging –But not.

Introduction The concept of “SQL Injection”

PHP (2) – Functions, Arrays, Databases, and sessions.

PHP and MySQL. Why Use a Database  Easy access to data  Simultaneous access by multiple users is handled properly  Security - easy to control access.

Manipulating MySQL Databases with PHP. PHP and mySQL2 Objectives Connect to MySQL from PHP Learn how to handle MySQL errors Execute SQL statements with.

Objectives Connect to MySQL from PHP

PHP Scripts HTML Forms Two-tier Software Architecture PHP Tools.

15. User Authentication, Form Validation, Paging. M. Udin Harun Al Rasyid, S.Kom, Ph.D

Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.

© Yanbu University College YANBU UNIVERSITY COLLEGE Management Science Department © Yanbu University College Module 6:WEB SERVER AND SERVER SIDE SCRPTING,

LIS651 lecture 7 PHP mySQL Thomas Krichel

MySQL in PHP – Page 1 of 17CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: MySQL in PHP Reading: Williams &

Create an online booking system (login/registration)

Chapter 7 PHP Interacts with Ms. Access (Open DataBase Connectivity (ODBC))

Sayed Ahmed Computer Engineering, BUET, Bangladesh MSC, Computer Science, U of Manitoba, Canada

Copyright © 2003 Pearson Education, Inc. Slide 8-1 The Web Wizard’s Guide to PHP by David Lash.

1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.

NMED 3850 A Advanced Online Design January 26, 2010 V. Mahadevan.

SHOPPING CARTS CHAPTER 19. E-COMMERCE Typically, an e-commerce site will have public pages and admin pages.

PHP meets MySQL.

_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

MySQL and PHP 3 March 2006 Adina Crainiceanu IT420: Database Management and Organization.

Creating Dynamic Web Pages Using PHP and MySQL CS 320.

Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.

Lec_6 Manipulating MySQL Databases with PHP PHP Programming with MySQL.

Chapter 6 PHP Interacts with Mysql Database. Introduction In PHP, there is no consolidated interface. Instead, a set of library functions are provided.

SYST Web Technologies SYST Web Technologies Databases & MySQL.

1. Connecting database from PHP 2. Sending query 3. Fetching data 4. Persistent connections 5. Best practices.

Chapter 9 Using PHP with MySQL. header.html Script 9.1 on page 266 des/header.html

Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.

PHP with MySQL 1.

PHP+MySQL Integration. Connecting to databases One of the most common tasks when working with dynamic webpages is connecting to a database which holds.

Intro to DatabasesClass 4 SQL REVIEW To talk to the database, you have to use SQL SQL is used by many databases, not just MySQL. SQL stands for Structured.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP & MySQL.

2010/11 : [1]PHP with MySQLBuilding Web Applications using MySQL and PHP (W1) PHP with MySQL.

PHP Database connectivity Connecting with RDBMS and editing, adding, and deleting databases therein are all done through PHP functions.

PHP Database Processing CIS 1715 Web Technologies.

PHP getting data from a MySQL database. Replacing XML as data source with MySQL Previously we obtained the data about the training session from an XML.

NMD202 Web Scripting Week5. What we will cover today PHP & MySQL Displaying Dynamic Pages Exercises Modifying Data PHP Exercises Assignment 1.

Creating a simple database This shows you how to set up a database using PHPMyAdmin (installed with WAMP)

PHP and SQL Server: Connection IST2101. Typical web application interaction (php, jsp…) database drivers 2IST210.

Form Handling IDIA 618 Fall 2014 Bridget M. Blodgett.

8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.

Chapter 8 Manipulating MySQL Databases with PHP PHP Programming with MySQL 2 nd Edition.

CHAPTER 10 PHP MySQL Database

>> PHP: MySQL & CRUD. R ecall Database Tables Records is composed of Operations (CRUD) Create Retrieve Update Delete DBMS Access Control MySQL phpMyAdmin.

CSC 2720 Building Web Applications Accessing MySQL from PHP.

Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.

MySQL MySQL and PHP – interacting with a database.

Chapter 9 Using PHP with MySQL Part 2. view_users.php Script 9.4 on page 283 iew_users.php

PHP and SQL Server: Connection IST 210: Organization of Data IST2101.

COM621: Advanced Interactive Web Development Lecture 10 PHP and MySQL.

Chapter 9 Using PHP with MySQL.

Introduction to Web programming

Objectives Connect to MySQL from PHP Learn how to handle MySQL errors

BASIC PHP and MYSQL Edward S. Flores.

ISC440: Web Programming 2 Server-side Scripting PHP 3

Chapter 13 Security Methods Part 3.

Lecture 2 - SQL Injection

Using PHP with MySQL Part 3

MySQL Web Application Connecting to a MySQL database

Introduction to Web programming

Presentation transcript:

CHAPTER 9 PHP AND MYSQL

A POSSIBLE SITE CONFIGURATION Application Folder index.php includes (folder)header.phpfooter.phpstyle.cssmodel (folder)mysqli_connect.php

CONNECTING TO A DATABASE PHP offers three different ways to connect to and interact with a MySQL database: 1.Original MySQL extension – no longer developed, not recommended 2.MySQL Improved: MySQLi – designed specifically for MySQL so is not easily portable to other databases 3.PHP Data Objects: PDO – software neutral, preferable of database flexibility is important. We will focus on MySQLi

COMMUNICATING TO MYSQL All PHP methods follow the same sequence: 1.Connect to the MySQL database using the hostname, username, password, and database name. 2.Prepare an SQL query. 3.Execute the query and save the result. 4.Extract the data from the result (usually with a loop.) 5.Close the connection to the database.

EXAMPLE <?php # Script mysqli_connect.php // This file contains the database access information. // It establishes a connection to MySQL and selects the database // Set the database access information as constants: DEFINE ('DB_USER', 'your user name'); DEFINE ('DB_PASSWORD', 'your sql password'); DEFINE ('DB_HOST', 'localhost'); DEFINE ('DB_NAME', 'your database'); // Make the connection: $dbc = mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) OR die ('Could not connect to MySQL: '. mysqli_connect_error() ); echo 'Connection successful!';

CALLING THE CONNECTION FILE Use the require() function, which will halt the script if it is unsuccessful, to connect to the database: <?php require ('model/mysqli_connect.php'); ?>

IN-CLASS EXERCISE Write a simple script that will: 1.Try to connect to your database on webdev, 2.Print a successful connection message, or error message 3.Then close the connection

EXECUTING SIMPLE QUERIES $r = mysqli_query($dbc, $query); For simple queries like, INSERT, UPDATE, DELETE, etc. (which don't return records), the function will return either TRUE or FALSE. For complex queries like SELECT, which return results of the query as a table, $r will be a pointer to the result or FALSE if it did not work.

EXECUTING SIMPLE QUERIES Write the query and assign it to a variable: $q = "DELETE from SF_products where id = 3"; Execute the query: $r = mysqli_query($dbc, $q);

EXECUTING SIMPLE QUERIES WITH VARIABLES $category_id = 1; $code = 'strat'; $name = 'Fender Stratocaster'; $price = ; Write the query and assign it to a variable: $query = "INSERT INTO products (categoryID, productCode, productName, listPrice) VALUES ($category_id, '$code', '$name', $price)"; Execute the query: $r = mysqli_query($dbc, $query);

CLOSE THE EXISTING CONNECTION mysqli_close($dbc); optional because PHP will close the connection at the end of the script makes for good programming form anyway

SENDING FORM DATA TO THE DATABASE Use the trim() function to remove white space from beginning and end of strings. Example: register.php (download from calendar)register.php Check the database to make sure the data was entered correctly. Don't rely on the 'success' of the script.

EXECUTING 'SELECT' QUERIES A MySQL SELECT query typically generates one or more rows of information that has to be handled by the script. The same command is used to execute the query: $r = mysqli_query($dbc, $q); $r is the query result variable. In the case of a SELECT query, $r is a pointer to the results table. The mysqli_fetch_array() function returns one row of the result at a time, in array format: while ($row = mysqli_fetch_array($r) ) { //Do something with $row }

EXECUTING 'SELECT' QUERIES Notes: The connection file has been moved out of the public_html directory: The organization for this example is:

EXECUTING 'SELECT' QUERIES Notes: The query must be executed first and then the results are processed. Remember that SQL variables are case-sensitive – you must reference them exactly as they are in the database. Instead of mysqli_fetch_array($r, MYSQLI_ASSOC), you could use mysqli_fetch_assoc($r) mysqli_free_result ($r); is an optional (but good practice) command to free the memory taken by $r.

EXAMPLE: header.html

EXAMPLE: RETRIEVE DATA

SQL SECURITY 1.Protect the MySQL access information Keep it outside of the Web directory so that it is never viewable though a Web browser. 2.Don't reveal too much about the database Don't allow users to the PHP error messages or SQL error messages. They are useful to display during development for debugging, but remove them when the site goes live. 3.Be especially careful with user-submitted data Never trust it!

CHECKING USER- SUBMITTED DATA 1.Validate that a value has been submitted and that is the proper type (number, string, etc.) 2.Use regular expressions to make sure that submitted data matches what you expect. (Ch. 14) 3.Typecast variables to guarantee that they are numeric. (Ch. 13) 4.Use prepared statements (Ch. 13) which is a preferable alternative to mysqli_real_escape_string() discussed in this chapter.

COUNTING RETURNED RECORDS $num = mysqli_num_rows ($r); Takes the results variable as the argument Used to: Determine how many rows are in a given result. For example, to check if a userid already exists in a database. Paginate query results (Ch. 10) $num = mysqli_affected_rows ($dbc); Takes the database connection as the argument Can be used to determine the success of UPDATE, DELETE, or INSERT queries.