Tài liệu Web Database Applications with PHP & MySQL, 2nd Edition ppt

Web Database Applications

with PHP and MySQL

Download from Wow! eBook <www.wowebook.com>

Other resources from O’Reilly

Related titles Programming PHP

PHP Pocket Reference

PHP Cookbook

JavaScript and DHTML

Cookbook

Cascading Style Sheets

Learning PHP 5

MySQL Pocket Reference

Managing and Using MySQL

MySQL Cookbook

High Performance MySQL

Upgrading to PHP 5

oreilly.com oreilly.com is more than a complete catalog of O’Reilly books.

You’ll also find links to news, events, articles, weblogs, sample

chapters, and code examples.

oreillynet.com is the essential portal for developers interested in

open and emerging technologies, including new platforms, pro￾gramming languages, and operating systems.

Conferences O’Reilly brings diverse innovators together to nurture the ideas

that spark revolutionary industries. We specialize in document￾ing the latest tools and systems, translating the innovator’s

knowledge into useful skills for those in the trenches. Visit con￾ferences.oreilly.com for our upcoming events.

Safari Bookshelf (safari.oreilly.com) is the premier online refer￾ence library for programmers and IT professionals. Conduct

searches across more than 1,000 books. Subscribers can zero in

on answers to time-critical questions in a matter of seconds.

Read the books on your Bookshelf from cover to cover or sim￾ply flip to the page you need. Try it today with a free trial.

Web Database Applications

with PHP and MySQL

SECOND EDITION

Hugh E. Williams and David Lane

Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo

Web Database Applications with PHP and MySQL, Second Edition

by Hugh E. Williams and David Lane

Copyright © 2004, 2002 O’Reilly Media, Inc. All rights reserved.

Printed in the United States of America.

Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.

O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions

are also available for most titles (safari.oreilly.com). For more information, contact our corporate/insti￾tutional sales department: (800) 998-9938 or [email protected].

Editor: Andy Oram

Production Editor: Darren Kelly

Cover Designers: Ellie Volckhausen and Emma Colby

Interior Designer: Melanie Wang

Printing History:

March 2002: First Edition.

May 2004: Second Edition.

Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of

O’Reilly Media, Inc. Web Database Applications with PHP and MySQL, the image of a platypus, and

related trade dress are trademarks of O’Reilly Media, Inc.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as

trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a

trademark claim, the designations have been printed in caps or initial caps.

While every precaution has been taken in the preparation of this book, the publisher and authors

assume no responsibility for errors or omissions, or for damages resulting from the use of the

information contained herein.

This book uses RepKover™

, a durable and flexible lay-flat binding.

ISBN-10: 0-596-00543-1

ISBN-13: 978-0-596-00543-6

[M] [05/07]

v

Table of Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix

1. Database Applications and the Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

The Web 2

Three-Tier Architectures 3

2. The PHP Scripting Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Introducing PHP 16

Conditions and Branches 28

Loops 33

Functions 36

Working with Types 37

User-Defined Functions 43

A Working Example 53

3. Arrays, Strings, and Advanced Data Manipulation in PHP . . . . . . . . . . . . . . . 57

Arrays 57

Strings 76

Regular Expressions 87

Dates and Times 97

Integers and Floats 103

4. Introduction to Object-Oriented Programming with PHP 5 . . . . . . . . . . . . . 108

Classes and Objects 108

Inheritance 124

Throwing and Catching Exceptions 131

vi | Table of Contents

5. SQL and MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Database Basics 135

MySQL Command Interpreter 140

Managing Databases and Tables 142

Inserting, Updating, and Deleting Data 148

Querying with SQL SELECT 152

Join Queries 160

Case Study: Adding a New Wine 168

6. Querying Web Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

Querying a MySQL Database Using PHP 172

Processing User Input 188

MySQL Function Reference 208

7. PEAR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

Overview 219

Core Components 220

Packages 230

8. Writing to Web Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251

Database Inserts, Updates, and Deletes 251

Issues in Writing Data to Databases 270

9. Validation with PHP and JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

Validation and Error Reporting Principles 285

Server-Side Validation with PHP 287

JavaScript and Client-Side Validation 307

10. Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338

Introducing Session Management 339

PHP Session Management 340

Case Study: Using Sessions in Validation 347

When to Use Sessions 357

PHP Session API and Configuration 360

11. Authentication and Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

HTTP Authentication 369

HTTP Authentication with PHP 373

Form-Based Authentication 385

Protecting Data on the Web 397

Table of Contents | vii

12. Errors, Debugging, and Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402

Errors 402

Common Programming Errors 407

Custom Error Handlers 412

13. Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422

Creating a Report 422

Producing PDF 427

PDF-PHP Reference 440

14. Advanced Features of Object-Oriented Programming in PHP 5 . . . . . . . . . . 457

Working with Class Hierarchies 457

Class Type Hints 462

Abstract Classes and Interfaces 462

Freight Calculator Example 469

15. Advanced SQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

Exploring with SHOW 480

Advanced Querying 481

Manipulating Data and Databases 497

Functions 505

Automating Querying 513

Table Types 516

Backup and Recovery 522

Managing Users and Privileges 527

Tuning MySQL 532

16. Hugh and Dave’s Online Wines: A Case Study . . . . . . . . . . . . . . . . . . . . . . . . . 541

Functional and System Requirements 542

Application Overview 544

Common Components 551

17. Managing Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583

Code Overview 584

Customer Validation 587

The Customer Form 591

18. The Shopping Cart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596

Code Overview 597

The Winestore Home Page 598

The Shopping Cart Implementation 604

viii | Table of Contents

19. Ordering and Shipping at the Online Winestore. . . . . . . . . . . . . . . . . . . . . . . 618

Code Overview 618

Credit Card and Shipping Instructions 620

Finalizing Orders 624

HTML and Email Receipts 630

20. Searching and Authentication in the Online Winestore . . . . . . . . . . . . . . . . 642

Code Overview 643

Searching and Browsing 648

Authentication 658

A. Linux Installation Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 667

B. Microsoft Windows Installation Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 688

C. Mac OS X Installation Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 698

D. Web Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 714

E. Modeling and Designing Relational Databases . . . . . . . . . . . . . . . . . . . . . . . 726

F. Managing Sessions in the Database Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746

G. Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761

H. The Improved MySQL Library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 766

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 779

This is the Title of the Book, eMatter Edition

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

ix

Preface

There are lots of PHP and MySQL resources. So why did we decide to add this book

to the market? We made the decision after we started teaching graduate students

how to program with PHP in 1999. We found that the PHP and MySQL manuals, as

well as most books, train people to use particular tools. But almost no resources

explained the principles of programming for the Web. We realized that Web admin￾istrators and programmers needed to know more than what PHP functions to use

and how to write SQL queries. That’s where this book comes in: it’ll help you learn

about web database development, as well as understand the principles.

This book explains what to do and why, along with how it’s done in PHP and

MySQL. You’ll find information here that you won’t find elsewhere. Hopefully,

you’ll use this knowledge with whatever web tools you choose in the future. But

you’ll also learn about the breadth and depth of PHP and MySQL. When you finish

this book, you’ll be able to build an online store, a portal, or a content management

system.

What This Book Is About

This book is for developers who want to build database applications that are inte￾grated with the Web. We show you the principles and techniques for developing

small- to medium-scale web database applications that store, manage, and retrieve

data. The architecture we describe is a successful framework for applications that

can run on modest hardware and process more than a million hits per day.

We show you all of the critical tasks you need to know to build successful web soft￾ware. We cover programming fundamentals for the Web. We show you the princi￾ples and practice of working with databases using the SQL query language. We teach

you about tracking users with sessions, securing an application, separating presenta￾tion from code, writing database-independent code, writing reports, adding error

handling, and advanced object-oriented and database topics.

This is the Title of the Book, eMatter Edition

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

x | Preface

An important feature of this book is our case study, Hugh and Dave’s Online Wines.

It’s a complete but fictional online retail store that illustrates how most of the tech￾niques described in the book can be put together to build a real application. The

winestore application allows users to browse and search a database of wines, add

items to a shopping cart, manage their membership, and purchase wines. It has all

the basic security, user-tracking, and error-handling features of a real-world applica￾tion. It features a medium-size database that we use in querying examples through￾out the book.

We use Open Source software, and we show you how to use it on Unix-based plat￾forms such as Linux and Mac OS X, and under Microsoft Windows 2000, 2003, and

XP. Our database server is MySQL, a system known for its suitability to applications

that require speed but low resource overheads. Our scripting language is PHP, which

is best known for its function libraries that interact with more than 15relational

database systems, the web environment, and many other services. Apache is our web

server of choice, but most other web servers can be used successfully with MySQL,

PHP, and this book.

What You Need to Know

This book is about understanding and developing application logic that brings data￾bases and the Web together. We introduce database systems over the course of the

book, but our discussions don’t replace a book or class dedicated to relational data￾base theory, or a book about a specific relational database system such as MySQL.

Likewise, we assume you’re already familiar with the Web. We don’t delve deeply

into the three key web protocols, HTML, HTTP, and TCP/IP.

You don’t need to know how to program to use this book, but you do need to under￾stand basic HTML. Our introduction to PHP doesn’t assume you are familiar with

web scripting or are a programmer, but we do assume you understand the basic

HTML constructs and are familiar with the popular web browsers. If you can use a

text editor to author an HTML document that contains a form and a table, you have

sufficient HTML skills to use this book. It’s the principles of structure in the markup

process that are important, not the attractiveness or usability of the presentation in

the web browser.

You don’t need a detailed understanding of relational databases to use this book, but

a working knowledge is helpful. We present the relational database theory needed

for developing simple applications, and we cover many other basic concepts, includ￾ing how to tell when a database is the method of choice to store data, the database

query language SQL, and a case study that models system requirements and con￾verts the model to a database design. This book isn’t a substitute for the many good

resources on database theory. However, it’s enough to begin developing the underly￾ing databases for many web database applications.

This is the Title of the Book, eMatter Edition

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Preface | xi

We briefly introduce web servers and networking in Chapter 1 and provide addi￾tional material in Appendix B. Both web servers and networking are important to a

web database application but aren’t the focus of this book. We present enough infor￾mation to set up a web server and to understand how it fits in the architecture of a

web database application. For many applications, this is sufficient. Likewise, we

present sufficient detail so that you will understand what networking and network

protocol issues impact web database application design.

How This Book Is Organized

There are 20 chapters and 8 appendixes in this book. Chapters 1 to 5introduce web

database applications, PHP, MySQL, and SQL:

Chapter 1, Database Applications and the Web

Discusses the three-tier architecture commonly used in web database applica￾tions, and how data is exchanged between browsers and servers. It introduces

PHP and MySQL, and discusses when and why databases are used on the Web.

The features of MySQL 4.1 and PHP5 are introduced.

Chapter 2, The PHP Scripting Language

Introduces the PHP scripting language. It covers programming in PHP and dis￾cusses the basic programming constructs, variables, types, functions, and tech￾niques.

Chapter 3, Arrays, Strings, and Advanced Data Manipulation in PHP

Explains the intermediate level features of PHP, including how to work with

arrays, strings, and times and dates. The chapter is illustrated with many short

examples that show how each technique is used in practice.

Chapter 4, Introduction to Object-Oriented Programming with PHP 5

Shows you how to use the basic object-oriented (OO) features of PHP4 and

PHP5, and explains why OO programming is popular and becoming important

in PHP. A more advanced discussion of the new OO features in PHP5is pre￾sented in Chapter 14, but this chapter gives you all the knowledge you need to

work with the PEAR packages that are discussed in Chapter 7.

Chapter 5, SQL and MySQL

Introduces MySQL and how to interact with it using the SQL query language.

The focus of the chapter is an example-driven section on querying, and we illus￾trate it using examples from the online winestore’s database. We also introduce

you to the basics of creating, deleting, and updating data and databases. A more

advanced discussion of the features of MySQL 4.1 is presented in Chapter 15,

but the basics discussed in this chapter are sufficient for you to work with all of

the material up to Chapter 13 and with the online wines case study in Chapters

17 to 20.

This is the Title of the Book, eMatter Edition

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

xii | Preface

Chapters 6 to 11 cover the principles and practice of developing web database appli￾cation logic.

Chapter 6, Querying Web Databases

Introduces connecting to MySQL with PHP. We explain the querying process

used in most interactions with MySQL and present examples that use the PHP

MySQL library functions. We show how user data is encoded, sent in requests

from a web browser to a web server, and decoded for processing in PHP. We dis￾cuss the security implications in processing user data and show steps to secure

interactive querying systems. Our discussions are supported by short examples

that show you how to build simple query modules.

Chapter 7, PEAR

Discusses the PEAR package repository. Packages are source code modules that

can be used in your code and save you from reinventing widely used concepts.

PEAR includes over 100 packages for tasks as diverse as date and time manipula￾tion, security, networking, and database access, and this chapter shows you how

to install and upgrade them. The chapter focuses on a templates package—a

useful tool for separating HTML from code—and another for database abstrac￾tion. Both packages are used in later chapters to develop robust, reusable code.

Chapter 8, Writing to Web Databases

Covers writing data to web databases. There are several reasons why writing

data is different from reading it and that’s why it isn’t discussed in Chapter 6.

For example, reloading or printing a page from a web browser can cause data to

be written to a database more than once. Multiple users accessing the same data￾base introduces other problems, such as data unexpectedly being changed by

one user while it’s being read by another. We discuss how to solve problems

related to the nature of the Web and multiple users. We illustrate the principles

with a case study example of collecting form data from a user and saving it in a

database.

Chapter 9, Validation with PHP and JavaScript

This chapter is related to Chapter 8 and presents the principles and techniques

for user input validation. We show you techniques such as how to validate

dates, credit card numbers, and phone numbers, and explain how to use these in

error-checking modules that are scalable and practical for web database applica￾tions. We also introduce client-side, browser-based JavaScript and show you

how to use it for common tasks including user input validation in the web

browser.

Chapter 10, Sessions

Covers the principles of adding session management to web database applica￾tions. Session management allows the interactions between a user and the appli￾cation to be related so that, for example, a user can log in and log out of an

application and be guided through a series of steps in a process. We show how

PHP manages sessions and illustrate the techniques with a case study of manag-

This is the Title of the Book, eMatter Edition

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Preface | xiii

ing error feedback to users. We also discuss when and when not to use sessions,

and how to configure PHP’s session handler so it’s secure and scalable.

Chapter 11, Authentication and Security

Discusses web security and authentication. We show how PHP can be used for

basic authentication, how databases can be used to manage users, and why you

might need to secure communications with the secure sockets layer (SSL). The

case study is a reusable authentication module with login, logout, and password

change features.

Chapters 12 to 15discuss tasks and techniques you’ll need when you’re building a

real-world application or deploying an application to users.

Chapter 12, Errors, Debugging, and Deployment

Error handling and debugging are the focus of this chapter. We discuss the types

of errors that can occur in PHP and show you how to identify the source of com￾mon programming errors that cause these problems. We then show you how to

write your own error handler that can be integrated into an application, and how

to trigger your own errors when you need them. Adding a custom error handler

gives a professional finish to an application.

Chapter 13, Reporting

Discusses reporting for the Web and what solutions work in PHP. The focus is

producing PDF (Adobe Portable Document Format) reports using a popular

PHP PDF library, and we illustrate the techniques with several examples. The

chapter concludes with a function reference for the class we use.

Chapter 14, Advanced Features of Object-Oriented Programming in PHP 5

This chapter shows you the advanced features of PHP5’s object-oriented pro￾gramming model. We extend the discussion in Chapter 4, and show you how to

build and reuse classes, and how to write powerful OO applications. The chap￾ter concludes with a case study that shows how all of the features can be used

together to build a complex and powerful class hierarchy.

Chapter 15, Advanced SQL

This chapter shows you the advanced features of MySQL 4.1. It extends the dis￾cussion in Chapter 5, and shows you how to write complex queries, manipulate

data in complex ways, manage users, and tune your database and MySQL server.

Chapters 16 to 20 present and outline the winestore case study that shows how most

of the techniques discussed in the book are put together to build an application. The

outlines aren’t comprehensive: we assume you’ve read the book and understand the

principles of developing web database applications.

Chapter 16, Hugh and Dave’s Online Wines: A Case Study

Explains the structure of the winestore application and discusses how the princi￾ples shown in earlier chapters are put together to build a real-world application

that is flexible, robust, secure, and scalable. It also shows how the scripts work