regeneration, session, 295 register_globals function (PHP), 254 regular expressions, 361–370 breakdown of typical regular expression, 365 breakdown of validateUsername regular expression (example), 366 character classes, 363 examples of, 368 general modifiers, 369 grouping through parentheses, 363 metacharacters, 361 summary of, 367 negation of character class, 364 ranges in, 364 using in JavaScript, 369 using in PHP, 369 using to validate username in a form, 360 using with ereg_replace function in PHP, 149 relational databases, 158 (see also MySQL) normalization, 203 relational operators in JavaScript, 323–325 in PHP, 67–70 relationships in database data, 211–214 many-to-many, 213 one-to-many, 212 one-to-one, 211 privacy and, 214 remote server, accessing MySQL on, 162 RENAME command, 175 rename function (PHP), 140 replace method (JavaScript), 369 request/response process, 2 for dynamic web pages, 3 require statements (PHP), 97 require_once (PHP), 97, 227 reset function, using with PHP arrays, 127 results from PHP query of MySQL database, 229 fetching a row, 231 return statements, 92 reverse method (JavaScript), 352 Robin’s Nest project (see social networking site, creating) ROLLBACK command, 216 rows defined, 158 deleting from table, 184 preventing duplicates, using AUTO_INCREMENT type, 172 S \S (nonwhitespace character) in regular expressions, 367 \s (whitespace character) in regular characters, 367 Safari, accessing JavaScript error messages, 303 salting passwords, 285 sanitizeString and sanitizeMySQL functions (PHP), 263 sanitizing user input, PHP authentication using MySQL, 288 scope of variables global and local variables in JavaScript, 312 PHP, 53–58, 96 scope resolution operator (::), 106 <script> </script> tags, 300 scripting languages, VBScript and Tcl, 302 security register_globals function in PHP, 254 sessions, 293–296 superglobal variables in PHP, 57 SELECT command, 7, 183 grouping results with GROUP BY, 191 issuing SELECT * FROM statement using PHP, 241 joining two tables in single SELECT, 193 SELECT COUNT, 183 SELECT DISTINCT, 184 sorting results with ORDER BY, 191 using LIKE qualifier, 186 using LIMIT qualifier, 187 WHERE keyword, 185 select tags in forms, 260 using with multiple parameter, 261 self keyword (PHP), referencing constants, 107 servers, 1 Apache web server, 8 basic request/response procedure, 2 dynamic request/response procedure, 3 shared, session security and, 296 sessions, 289–296 ending, 292 Index | 501 setting timeout, 293 security, 293–296 forcing cookie-only sessions, 296 preventing session fixation, 294 preventing session hijacking, 293 using shared server, 296 starting, 289–291 retrieving session variables, 290 session_regenerate_id function (PHP), 295 shuffle function, using with PHP arrays, 124 sign-up page, social networking site project, 412–417 checking username availability, 412 YUI version, 415–417 signed or unsigned data types, 171 sizeof function (PHP), testing, 482 SMALLINT data type, 171 changing column type from CHAR to, 175 Smarty templating system, 269–277 benefits of, 270 creating scripts, 271 creating templates, 272 installation, 270 rewriting sqltest.php program to use Smarty (example), 272–277 social networking site, creating, 405–433 checking username for availability and notifying user, 417 code examples on website, 406 designing the site, 405 friends module, 427–430 home page, index.php file for, 411 include file of main functions, 407–409 log out page, 433 login page, 418 members module, 424–427 messaging module, 430–433 MySQL tables setup file, 410 page design and layout include file, 409 profiles, 419–424 sign-up module for users, 412–417 checking username availability, 412 YUI version, 415–417 sorting sort function in PHP, 124 sort method in JavaScript arrays, 352 sprintf function (PHP), 133 SQL (Structured Query Language), 7, 157 SQL injection, preventing in MySQL, 245– 248 SSH, using for remote access, 27 SSL (Secure Socket Layer), 293 START TRANSACTION command, 216 statements defined, 320 PHP, 63 static modifier static methods and properties in JavaScript, 345 static methods in PHP 5, 105 static properties and methods in PHP 5, 108 static variables in PHP, 56, 96 stopwords, 182, 457–459 in MySQL search strings, 189 storage engines, transaction, 215 string functions (MySQL), 461–465 string variables JavaScript, 306 multiline string variable assignment in PHP, 48 PHP, 38 strings JavaScript arrays of, 307 concatenating, 310 converting to and from numbers, 311 escaping characters, 310 PHP, 46 concatenating, 46 converting to and from numbers, 49 escaping characters, 47 exploding into arrays, 125 functions for, 90 padding in printf results, 132 printf conversion specifier components, 133 types, 46 strrev function, 91 strtolower function, 92 strtoupper function, 91 Structured Query Language (see SQL) str_repeat function, 91 subclass constructors (PHP), 111 submit button in forms, changing label text, 262 superglobal variables (PHP), 56 502 | Index security and, 57 switch statements in JavaScript, 329 break command, 330 default action, 330 in PHP, 74–77 alternative syntax, 77 breaking out, 76 default action, 76 system calls in PHP, 149 T \t (tab character) in JavaScript strings, 310 in PHP strings, 47 in regular expressions, 367 use with echo statement to print out array data, 122 tables adding new column, 175 checking whether new table has been created, 167 creating for MySQL database, 166 creating in MySQL using PHP, 238 creating, viewing, and deleting, 177 defined, 158 describing in MySQL using PHP, 239 dropping in MySQL using PHP, 240 indexing, 177–183 intermediary table for many-to-many relationships, 213 joining, 192–194 linking through insert ID, 244 populating using INSERT command, 174 relationships among, 212 renaming, 175 Tcl scripting language, 302 Telnet, using for remote access, 27 templating, 269 ternary operator (?), 77 ternary operators, 64 test function (JavaScript), 360 test method (JavaScript), 360, 369 text areas in forms, 256 controlling text wrapping, 257 text boxes in forms, 256 TEXT data type listing of TEXT types, 170 VARCHAR versus, 170 <textarea> </textarea> tags, 256 this keyword (JavaScript), 342 $this variable (PHP), 105 TIME data type, 172 time function (PHP), 53, 133 time functions (MySQL), 471 timeout, setting for sessions, 293 TIMESTAMP data type, 172 TINYINT data type, 171 transactions, 214–217 beginning with BEGIN or START TRANSACTION, 216 canceling using ROLLBACK, 216 committing using COMMIT command, 216 storage engines for, 215 triggers, 211 try . . . catch (JavaScript), 327 two-dimensional arrays (PHP), 40 type of a variable (in JavaScript), 311 typeof operator (JavaScript), 311, 313 U ucfirst function, 92 unary operators, 64 Unauthorized error, 283 unit testing with PHPUnit, 481–484 Unix installing MDB2 package, 477 installing other PEAR packages, 481 installing PHPUnit, 482 system calls from PHP, 149 unlink function (PHP), 140 UNSIGNED qualifier, MySQL numeric data types, 171 UPDATE . . . SET queries, 190 updates, database triggers for, 211 URLs encoding question mark (?) in URL for GET request, 399 links object in JavaScript, 317 user agent string (browsers), 294 user profiles (see profiles, social networking site project) usernames and passwords checking validity in PHP authentication, 284 Index | 503 sign-up page for social networking site project, 412–417 checking username availability, 412 YUI version, 415–417, 415 social networking site project checking username against database for availability, 417 login page, 418 storing, 285 salting, 285 validating form input using JavaScript, 359 users, creating in MySQL, 165 V validate function (JavaScript), 357 validateUsername function (JavaScript example) breakdown of regular expression, 366 validation form data, 147 JavaScript, 355–361 redisplaying form after PHP validation, 370– 375 XHTML, 154 VARBINARY data type, 169 VARCHAR data type, 168, 169 TEXT versus, 170 variable assignment in PHP, 45–47 incrementing and decrementing variables, 45 string concatenation, 46 string types, 46 variable substitution, 46 variables JavaScript, 306–307 arrays, 307 checking scope of, 313 global variables, 312 incrementing and decrementing, 310 local variables, 312 numeric variables, 307 string variables, 306 typing, 311 passing by reference, 94 PHP, 37–42 arrays, 39 as expressions, 62 assigning ? conditional result to, 77 functions returning global variables, 95 naming rules, 42 numeric variables, 39 scope of, 53–58, 96 string variables, 38 syntax of, 37 typing, 49 VBScript, 302 W \W (nonword character) in regular expressions, 367 \w (word character) in regular expressions, 367 WAMPs (Windows, Apache, MySQL, and PHP), 13 alternatives to EasyPHP, 18 installing on Windows, 14–18 WAMPServer, 18 Web 1.0, 1 Web 2.0, 5 web browsers (see browsers) web page for this book, xvi web servers (see servers) websites and online resources, 453 WHERE keyword (MySQL), 185 using logical operators with, 194 while loops, 78 in JavaScript, 331 removing controls from loop body, 80 when to use, for loops versus, 83 whitespace matching a space in regular expressions, 363 use in PHP programs, 37 Windows accessing MySQL via command line, 159 accessing MySQL via phpMyAdmin, 195 installing a WAMP, 14–18 installing other PEAR packages, 481 installing PEAR, 473 installing PHPUnit, 482 likely location for mysqldump, 219 system calls from PHP, 149 working remotely on development server, 27 Windows, Apache, MySQL, and PHP (see WAMPs) with statement (JavaScript), 325 504 | Index word (\w) character in regular expressions, 368 WordPress blogging platform, 86 World Wide Web, 1 X XAMPP, 18 downloading for Mac OS X, 25 installing on Linux, 25 XHTML, 151 benefits of, 151 document types in XHTML 1.0, 153 HTML 4.01 document types, 153 rules differentiating it from HTML, 152 validation, 154 versions, 151 XML Ajax XML example using YUI, 399–400 example XHTML 1.0 document, 152 example XML document and DOM tree, 389 fetching Yahoo! XML news feed via Ajax, 390 reasons to use with Ajax, 391 sending XML requests with XMLHttpRequest, 387 XMLHttpRequest object, 378–391 cross-browser function for, 378 example program (urlpost.html), 380–385 readyState property, 382 server half of Ajax process, 383 example program using GET, 385–387 properties and methods, 379 sending XML requests, 387–391 xor (exclusive or) operator, 44 precedence in PHP, 65 XOR operator, 69 XSS injections, 248 Y Yahoo! User Interface (see YUI) yahoo-min.js file, 396 YEAR data type, 172 YUI (Yahoo! User Interface), 394–403 compressed versions, 396 installing, 394 other uses for, 400 sign-up page for social networking site project, 415–417 simple calendar, 400–403 using for Ajax, 396–400 Ajax GET example using YUI, 397 Ajax XML example using YUI, 399–400 asyncRequest method, 397 including framework files, 396 Z Zend Server CE, 25 ZEROFILL qualifier, using with INT type, 171 Index | 505 About the Author Robin Nixon has worked with and written about computers since the early 1980s (his first computer was a Tandy TRS 80 Model 1 with a massive 4 KB of RAM!). During this time he has written in excess of 500 articles for many of the UK’s top computer magazines. Learning PHP, MySQL, and JavaScript is his third book. Robin started his computing career in the Cheshire homes for disabled people, where he was responsible for setting up computer rooms in a number of residential homes, and for evaluating and tailoring hardware and software so that disabled people could use the new technology—sometimes by means of only a single switch operated by mouth or finger. After writing articles for computer magazines about his work with disabled people, he eventually worked full time for one of the country’s main IT magazine publishers, where he held several roles including editorial, promotions, and cover disc editing. With the dawn of the Internet in the 1990s, Robin branched out into developing web- sites. One of these presented the world’s first radio station licensed by the music copy- right holders, and was featured in several news reports on TV and radio networks in the United Kingdom. In order to enable people to continue to surf while listening, Robin also developed the first known pop-up windows. Robin lives on the southeast coast of England with his wife Julie, a trained nurse, and five children, where he also finds time to foster three disabled children, as well as working full time from home as a technical author. Colophon The animals on the cover of Learning PHP, MySQL, and JavaScript are sugar gliders (Petaurus breviceps). Sugar gliders are small, gray-furred creatures that grow to an adult length of six to seven-and-a-half inches. Their tails, which are distinguished by a black tip, are usually as long as their bodies. Membranes extend between their wrists and ankles and provide an aerodynamic surface that helps them glide between trees. Sugar gliders are native to Australia and Tasmania. They prefer to live in the hollow parts of eucalyptus and other types of large trees with several other adult sugar gliders and their own children. Though sugar gliders reside in groups and defend their territory together, they don’t always live in harmony. One male will assert his dominance by marking the group’s territory with his saliva and then by marking all group members with a distinctive scent produced from his forehead and chest glands. This ensures that members of the group will know when an outsider approaches; group members will fight off any sugar glider not bearing their scent. However, a sugar glider group will welcome and mark an out- sider if one of their adult males dies (the group will typically replace a deceased adult female with their one of their own female offspring). Sugar gliders make popular pets because of their inquisitive, playful natures, and be- cause many think they are cute. But there are disadvantages to keeping sugar gliders as pets: as they are exotic animals, sugar gliders need specialized, complicated diets con- sisting of items such as crickets, a variety of fruits and vegetables, and mealworms; healthy housing requires a cage or space no less than the size of an aviary; their dis- tinctive scents can be bothersome to humans; as they are nocturnal creatures, they will bark, hiss, run, and glide all night long; it’s not uncommon for them to extricate their bowels while playing or eating; and in some states and countries, it is illegal to own sugar gliders as household pets. The cover image is from Dover’s Animals. The cover font is Adobe ITC Garamond. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont’s TheSansMonoCondensed. . 216 statements defined, 320 PHP, 63 static modifier static methods and properties in JavaScript, 345 static methods in PHP 5, 105 static properties and methods in PHP 5, 108 static variables in PHP, 56, 96 stopwords,. sanitizeMySQL functions (PHP), 263 sanitizing user input, PHP authentication using MySQL, 288 scope of variables global and local variables in JavaScript, 312 PHP, 53 58, 96 scope resolution operator. 158 describing in MySQL using PHP, 239 dropping in MySQL using PHP, 240 indexing, 177–183 intermediary table for many-to-many relationships, 213 joining, 192–194 linking through insert ID, 244 populating