Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Systems Development (CSC-215)

Published byMelissa Minho Candal Modified over 6 years ago

Similar presentations

Presentation on theme: "Web Systems Development (CSC-215)"— Presentation transcript:

1 Web Systems Development (CSC-215)
Lecture 7: Working with Databases

2 localhost/phpMyAdmin

3 phpMyAdmin on Remote Host

4 Set up sample database

5 Set up sample database

6 Add sample entry

7 Confirmation of entry

8 Confirmation of entry

9 Process Connect to MySQL Select the database to use
Build a query string Perform the query Retrieve results and output to a web page Repeat 3-5 until all desired data has been retrieved Disconnect from MySQL

10 Standard (Deprecated) vs. MySQLi
If you’re looking up tutorials, make sure to use MySQLi as covered in the lecture The textbook includes deprecated version of the same code as well for reference

11 Creating a Login File

12 Connecting to MySQL Server

13 Building and executing a query

14 Fetch Result

15

16 fetch_array() Can return 3 types of arrays MYSQLI_NUM MYSQLI_ASSOC
Numeric, columns appear in the array in the order defined in the table MYSQLI_ASSOC Associative, each key refers to a column (by name) MYSQLI_BOTH Associative and numeric array

17 Example

18 Make connection

19 Deleting a record

20 Inserting a record

21 Create input form

22 Get all entries

23 Display all entries

24 Close

25 Sanitize

26 End of example

27 SQL Injection User verification code

28 Preventing SQL Injection
Normal usage

29 Preventing SQL Injection
Entry for user field

30 Deletion Example

31 PHP’s Magic Quotes Feature
Automatically adds back slash to characters like single and double quotes Bypass and use mysql_real_escape_string()

32 Solution Disable special characters by prepending slashes using real_escape_string()

33 Preventing HTML Injection
Example of maliciously inserted code, via, e.g., a form that displays its input XSS: Cross-Site Scripting

34 Use htmlentities() to convert

35 Embedding PHP in HTML

36 Document head

37 Setting up table

38 Set up calculation

39 Class Activity Set up a script that is similar to the Fibonacci one but instead of Fibonacci numbers, calculate the sum to n for each number S0 = 0 S1 = = 1 S2 = = 3 S4 = = 6 S5 = = 10 Print only two columns, Sn and the sum Set different colors for alternating rows

40 Lecture content adapted from chapter 10 of Learning PHP, MySQL, JavaScript, CSS & HTML5.

Download ppt "Web Systems Development (CSC-215)"

Similar presentations

PHP Hypertext Preprocessor Information Systems 337 Prof. Harry Plantinga.

PHP Hypertext Preprocessor Information Systems 337 Prof. Harry Plantinga.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.

1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.
Multiple Tiers in Action

Multiple Tiers in Action
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
1 Foundations of Software Design Lecture 27: Java Database Programming Marti Hearst Fall 2002.

1 Foundations of Software Design Lecture 27: Java Database Programming Marti Hearst Fall 2002.
Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide 26- 1.

Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide
PHP-MySQL By Jonathan Foss. PHP and MySQL Server Web Browser Apache PHP file PHP MySQL Client Recall the PHP architecture PHP can communicate with a MySQL.

PHP-MySQL By Jonathan Foss. PHP and MySQL Server Web Browser Apache PHP file PHP MySQL Client Recall the PHP architecture PHP can communicate with a MySQL.
Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.
Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io

Lecture 3 – Data Storage with XML+AJAX and MySQL+socket.io
MySQL + PHP.  Introduction Before you actually start building your database scripts, you must have a database to place information into and read it from.

MySQL + PHP.  Introduction Before you actually start building your database scripts, you must have a database to place information into and read it from.
1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.

1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.
1 Data Bound Controls II Chapter 15 - 16. 2 Objectives You will be able to Use a Data Source control to get data from a SQL database and make it available.

1 Data Bound Controls II Chapter Objectives You will be able to Use a Data Source control to get data from a SQL database and make it available.
Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.
15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.

15/10/20151 PHP & MySQL 'Slide materials are based on W3Schools PHP tutorial, 'PHP website 'MySQL website.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.

Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
Chapter 6 PHP Interacts with Mysql Database. Introduction In PHP, there is no consolidated interface. Instead, a set of library functions are provided.

Chapter 6 PHP Interacts with Mysql Database. Introduction In PHP, there is no consolidated interface. Instead, a set of library functions are provided.
MySQL Databases & PHP Integration Using PHP to write data to, and retrieve data from, a MySQL database.

MySQL Databases & PHP Integration Using PHP to write data to, and retrieve data from, a MySQL database.
SYST 28043 Web Technologies SYST 28043 Web Technologies Databases & MySQL.

SYST Web Technologies SYST Web Technologies Databases & MySQL.
PHP and MySQL CS380 1. How Web Site Architectures Work  User’s browser sends HTTP request.  The request may be a form where the action is to call PHP.

PHP and MySQL CS How Web Site Architectures Work  User’s browser sends HTTP request.  The request may be a form where the action is to call PHP.

Similar presentations

Ads by Google