www.it-ebooks.info “I’ve never purchased a better programming book… This book proved to be the most informative, easiest to follow, and had the best examples of any other computer-related book I have ever purchased.The text is very easy to follow!” —Nick Landman “This book by Welling & Thomson is the only one which I have found to be indis- pensable.The writing is clear and straightfor- ward but never wastes my time.The book is extremely well laid out.The chapters are the right length and chapter titles quickly take you where you want to go.” —Wright Sullivan, President,A&E Engineering, Inc., Greer South Carolina “I just wanted to tell you that I think the book PHP and MySQL Web Development rocks! It’s logically structured, just the right difficulty level for me (intermediate), interesting and easy to read, and, of course, full of valuable information!” —CodE-E, Austria “There are several good introductory books on PHP, but Welling & Thomson is an excellent handbook for those who wish to build up complex and reliable systems. It’s obvious that the authors have a strong back- ground in the development of professional applications and they teach not only the language itself, but also how to use it with good software engineering practices.” —Javier Garcia, senior telecom engineer, Telefonica R&D Labs, Madrid “I picked up this book two days ago and I am half way finished. I just can’t put it down.The layout and flow is perfect. Everything is presented in such a way so that the information is very palatable. I am able to immediately grasp all the concepts. The examples have also been wonderful. I just had to take some time out to express to you how pleased I have been with this book.” —Jason B. Lancaster “This book has proven a trusty companion, with an excellent crash course in PHP and superb coverage of MySQL as used for Web applications. It also features several complete applications that are great examples of how to construct modular, scalable applications with PHP.Whether you are a PHP newbie or a veteran in search of a better desk-side reference, this one is sure to please!” —WebDynamic “The true PHP/MySQL bible, PHP and MySQL Web Development by Luke Welling and Laura Thomson, made me realize that programming and databases are now available to the commoners. Again, I know 1/10000th of what there is to know, and already I’m enthralled.” —Tim Luoma,TnTLuoma.com “Welling and Thomson’s book is a good reference for those who want to get to grips with practical projects straight off the bat. It includes webmail, shopping cart, session control, and web-forum/weblog applications as a matter of course, and begins with a sturdy look at PHP first, moving to MySQL once the basics are covered.” —twilight30 on Slashdot www.it-ebooks.info “This book is absolutely excellent, to say the least…. Luke Welling and Laura Thomson give the best in-depth explana- tions I’ve come across on such things as regular expressions, classes and objects, sessions etc. I really feel this book filled in a lot of gaps for me with things I didn’t quite understand….This book jumps right into the functions and features most commonly used with PHP, and from there it continues in describing real-world projects, MySQL integration, and security issues from a proj- ect manager’s point of view. I found every bit of this book to be well organized and easy to understand.” —notepad on codewalkers.com “A top-notch reference for programmers using PHP and MySQL. Highly recommended.” —The Internet Writing Journal “This book rocks! I am an experienced programmer, so I didn’t need a lot of help with PHP syntax; after all, it’s very close to C/C++. I don’t know a thing about databases, though, so when I wanted to develop a book review engine (among other projects) I wanted a solid reference to using MySQL with PHP. I have O’Reilly’s mSQL and MySQL book, and it’s probably a better pure-SQL reference, but this book has earned a place on my reference shelf…Highly recommended.” —Paul Robichaux “One of the best programming guides I’ve ever read.” —jackofsometrades from Lahti, Finland “This is a well-written book for learn- ing how to build Internet applications with two of the most popular open-source Web development technologies….The projects are the real jewel of the book. Not only are the projects described and constructed in a logical, component-based manner, but the selection of projects represents an excellent cross-section of common components that are built into many web sites.” —Craig Cecil “The book takes an easy, step-by-step approach to introduce even the clueless programmer to the language of PHP. On top of that, I often find myself referring back to it in my Web design efforts. I’m still learning new things about PHP, but this book gave me a solid foundation from which to start and continues to help me to this day.” —Stephen Ward “This book is one of few that really touched me and made me ‘love’ it. I can’t put it in my bookshelf; I must put it in a touchable place on my working bench as I always like to refer from it. Its structure is good, wordings are simple and straight for- ward, and examples are clear and step by step. Before I read it, I knew nothing of PHP and MySQL. After reading it, I have the confidence and skill to develop any complicated Web application.” —Power Wong “This book is God…. I highly recom- mend this book to anyone who wants to jump in the deep end with database driven Web application programming. I wish more computer books were organized this way.” —Sean C Schertell www.it-ebooks.info PHP and MySQL ® Web Development Fourth Edition www.it-ebooks.info This page intentionally left blank www.it-ebooks.info PHP and MySQL ® Web Development Luke Welling Laura Thomson Fourth Edition Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Cape Town • Sydney • Tokyo • Singapore • Mexico City www.it-ebooks.info PHP and MySQL ® Web Development, Fourth Edition Copyright © 2009 by Pearson Education, Inc. All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, pho- tocopying, recording, or otherwise, without written permission from the pub- lisher. No patent liability is assumed with respect to the use of the infor- mation contained herein. Although every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibil- ity for errors or omissions. Neither is any liability assumed for damages resulting from the use of the information contained herein. Library of Congress Cataloging-in-Publication Data Welling, Luke, 1972- PHP and MySQL Web development / Luke Welling, Laura Thomson. 4th ed. p. cm. ISBN 978-0-672-32916-6 (pbk. w/cd) 1. PHP (Computer program language) 2. SQL (Computer program language) 3. MySQL (Electronic resource) 4. Web sites Design. I. Thomson, Laura. II. Title. QA76.73.P224W45 2008 005.2'762 dc22 2008036492 Printed in the United States of America First Printing: September 2008 ISBN-10: 0-672-32916-6 ISBN-13: 978-0-672-32916-6 Trademarks All terms mentioned in this book that are known to be trademarks or serv- ice marks have been appropriately capitalized. Pearson Education, Inc. cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Warning and Disclaimer Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The authors and the publisher shall have neither lia- bility nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD-ROM or programs accompanying it. Bulk Sales Pearson Education, Inc. offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more informa- tion, please contact U.S. Corporate and Government Sales 1-800-382-3419 corpsales@pearsontechgroup.com For sales outside the U.S., please contact International Sales international@pearsoned.com Acquisitions Editor Mark Taber Development Editor Michael Thurston Managing Editor Patrick Kanouse Project Editor Jennifer Gallant Copy Editor Barbara Hacha Indexer Tim Wright Proofreader Kathy Ruiz Technical Editor Tim Boronczyk Publishing Coordinator Vanessa Evans Multimedia Developer Dan Scherf Book Designer Gary Adair Composition Bronkella Publishing www.it-ebooks.info ❖ To our Mums and Dads ❖ www.it-ebooks.info Contents at a Glance Introduction 1 I Using PHP 1 PHP Crash Course 13 2 Storing and Retrieving Data 59 3 Using Arrays 81 4 String Manipulation and Regular Expressions 107 5 Reusing Code and Writing Functions 133 6 Object-Oriented PHP 159 7 Error and Exception Handling 193 II Using MySQL 8 Designing Your Web Database 207 9 Creating Your Web Database 219 10 Working with Your MySQL Database 243 11 Accessing Your MySQL Database from the Web with PHP 267 12 Advanced MySQL Administration 287 13 Advanced MySQL Programming 311 III E-commerce and Security 14 Running an E-commerce Site 327 15 E-commerce Security Issues 341 16 Web Application Security 361 17 Implementing Authentication with PHP and MySQL 391 18 Implementing Secure Transactions with PHP and MySQL 409 www.it-ebooks.info IV Advanced PHP Techniques 19 Interacting with the File System and the Server 431 20 Using Network and Protocol Functions 451 21 Managing the Date and Time 469 22 Generating Images 483 23 Using Session Control in PHP 509 24 Other Useful Features 525 V Building Practical PHP and MySQL Projects 25 Using PHP and MySQL for Large Projects 535 26 Debugging 551 27 Building User Authentication and Personalization 569 28 Building a Shopping Cart 607 29 Building a Web-Based Email Service 651 30 Building a Mailing List Manager 687 31 Building Web Forums 741 32 Generating Personalized PDF Documents 771 33 Connecting to Web Services with XML and SOAP 807 34 Building Web 2.0 Applications with Ajax 855 VI Appendixes A Installing PHP and MySQL 889 B Web Resources 907 Index 911 www.it-ebooks.info [...]... Code 530 Using PHP on the Command Line 531 Next 532 V Building Practical PHP and MySQL Projects 25 Using PHP and MySQL for Large Projects 535 Applying Software Engineering to Web Development 536 Planning and Running a Web Application Project 536 Reusing Code 537 Writing Maintainable Code 538 Coding Standards 538 Breaking Up Code 541 www.it-ebooks.info xxvii xxviii Contents Using a Standard Directory... 884 Ajax Developer Websites 885 Appendixes A Installing PHP and MySQL 889 Installing Apache, PHP, and MySQL Under Unix 890 Binary Installation 890 Source Installation 891 httpd.conf File: Snippets 896 Is PHP Support Working? 897 Is SSL Working? 898 Installing Apache, PHP, and MySQL Under Windows 899 Installing MySQL Under Windows 900 Installing Apache Under Windows 901 Installing PHP for Windows 903... been developing web- based applications since the Web first saw the light of day and remembers the excitement surrounding the first GUI web browser She has authored numerous books and articles on web- based programming languages and database topics, including the bestselling Sams Teach Yourself PHP, MySQL, and Apache All in One Adam DeFields is a consultant specializing in web application development, project... (Computer Science) degree and a Bachelor of Engineering (Computer Systems Engineering) degree with honors In her spare time she enjoys riding horses, arguing about free and open source software, and sleeping Luke Welling is a web architect at OmniTI and regularly speaks on open source and web development topics at conferences such as OSCON, ZendCon, MySQLUC, PHPCon, OSDC, and LinuxTag Prior to joining... Logging In to MySQL 221 Creating Databases and Users 222 Setting Up Users and Privileges 223 Introducing MySQL s Privilege System 223 Principle of Least Privilege 223 User Setup:The GRANT Command 223 Types and Levels of Privileges 225 The REVOKE Command 227 Examples Using GRANT and REVOKE 227 Setting Up a User for the Web 228 Using the Right Database 229 Creating Database Tables 229 Understanding What... Setting Up Other Configurations 906 B Web Resources 907 PHP Resources 907 MySQL and SQL Specific Resources 909 Apache Resources 909 Web Development 910 Index 911 www.it-ebooks.info Lead Authors Laura Thomson is a senior software engineer at Mozilla Corporation She was formerly a principal at both OmniTI and Tangled Web Design, and she has worked for RMIT University and the Boston Consulting Group She... Goes in Your Code 374 File System Considerations 375 Code Stability and Bugs 376 Execution Quotes and exec 377 Securing Your Web Server and PHP 378 Keep Software Up-to-Date 378 Browse the php. ini file 380 www.it-ebooks.info Contents Web Server Configuration 380 Commercially Hosted Web Applications 382 Database Server Security 383 Users and the Permissions System 383 Sending Data to the Server 384 Connecting... Problems with Headers 804 Extending the Project 805 Next 805 33 Connecting to Web Services with XML and SOAP 807 Project Overview:Working with XML and Web Services 807 Understanding XML 808 Understanding Web Services 811 Solution Components 813 Using Amazon’s Web Services Interfaces 813 Parsing XML: REST Responses 814 Using SOAP with PHP 814 Caching 815 www.it-ebooks.info Contents Solution Overview 815 Core... Code and Writing Functions 133 The Advantages of Reusing Code 133 Cost 134 Reliability 134 Consistency 134 Using require() and include() 134 Filename Extensions and require() 135 Using require() for Website Templates 137 www.it-ebooks.info Contents Using auto_prepend_file and auto_append_file 142 Using Functions in PHP 143 Calling Functions 143 Calling an Undefined Function 145 Understanding Case and. .. Further Reading 468 Next 468 21 Managing the Date and Time 469 Getting the Date and Time from PHP 469 Using the date() Function 469 Dealing with Unix Timestamps 471 Using the getdate() Function 473 Validating Dates with checkdate() 474 Formatting Timestamps 474 Converting Between PHP and MySQL Date Formats 476 Calculating Dates in PHP 477 Calculating Dates in MySQL 478 Using Microseconds 480 Using the Calendar . are a PHP newbie or a veteran in search of a better desk-side reference, this one is sure to please!” —WebDynamic “The true PHP/ MySQL bible, PHP and MySQL Web Development by Luke Welling and Laura. and Writing Functions 133 6 Object-Oriented PHP 159 7 Error and Exception Handling 193 II Using MySQL 8 Designing Your Web Database 207 9 Creating Your Web Database 219 10 Working with Your MySQL. Issues 341 16 Web Application Security 361 17 Implementing Authentication with PHP and MySQL 391 18 Implementing Secure Transactions with PHP and MySQL 409 www.it-ebooks.info IV Advanced PHP Techniques 19