column types (tables) 815 script to make HTTPS connections, 388 script to verify URL and email address, 376 scripts list of extensions and functions in PHP, 452 PHP script to call GPG and send encrypted email, 343 resetting variables from the php.ini file, 453 sessions ending, 437 starting and registering variables, 435 variables, accessing and deregistering, 436 Shopping Cart application admin.php script, 577 book_sc database, creating, 546 calculate_items() function, 564 calculate_price() function, 564 checkout.php script, 567 db_result_to_array() function, 552 display_book_form() function, 581 display_cart() function, 561 display_categories() function, 553 get_categories() function, 552 get_category_name() function, 554 index.php script, 551 insert_book.php script, 579 insert_order() function, 570 process.php script, 573 purchase.php script, 568 show_book.php script, 555 show_cart.php script, 559 show_cat.php script, 553 SQL to create tables for Book-O-Rama applica- tion, 195 Warm Mail application database, creating, 622 delete_account() func- tion, 636 delete_message() func- tion, 648 display_account_setup( ) function, 633 display_list() function, 640 get_accounts() func- tion, 634 index script, 623 number_of_accounts() function, 637 open_mailbox() func- tion, 642 retrieve_message() function, 645 send_message() function, 650 store_account_ settings() function, 635 Web forum application add_quoting() function, 737 article view, 721 discussion database, 717 display_tree() function, 724 expand_all() function, 723 get_post() function, 733 get_post_title() function, 736 individual articles, displaying, 732 new articles, adding, 735 posts, adding to data- base, 738 store_new_post() function, 739 treenode class, 725 code modules (Shopping Cart application), 543 collapsing threads (Web forum application), 719, 723 colors buttons, 414 text, colors and fonts, 411 RGB (red, green, and blue), 406 column types (tables), 196-205 date and time types, 203 TIMESTAMP display types, 203 numeric types, 201-202 floating point data types, 201-202 integral data types, 201 string types, 204-205 ENUM type, 205 regular string data types, 204 SET type, 205 TEXT types, 205 40 7842 index 3/6/01 4:22 PM Page 815 columns 816 columns DESCRIBE statement, 257 values, EXPLAIN state- ment, 259 columns (tables), 173 keys, 173-175 creating for Web databases, 179 foreign keys, 175 values, atomic column val- ues, 178 columns_priv table, 247-250 mysql database, 250 combination assignment operators, 28 comma operator, 32 commands configure, 785 DESCRIBE command, 198-199 GRANT, 188-189, 192-193, 246 mysql command, 186 NET START MySQL, 794 phpinfo() command, 25 REVOKE command, 192-193 running on Web servers, functions, 365-367 SHOW command, 198-199 SQL commands, CREATE TABLE command, 194-195 traceroute (UNIX), 285 commenting code, 465 comments, 16-17 commercial Web sites, 268-280 adding value to goods or services, 276 authentication, 284 cutting costs, 276-277 firewalls, 300 importance of stored infor- mation, 282-283 online brochures, 269-271 common pitfalls, 269-271 tracking success of sites, 270-271 orders for goods or services, 271-275 obstacles to potential customers, 273-275 privacy policies, 273 providing services and digital goods, 275-276 risks, 277-280 competition, 278 computer hardware failure, 278 crackers, 277-278 failure to attract business, 278 legislation and taxes, 279 service provider failures, 278 software errors, 279 system capacity limits, 279 Secure Electronic Transaction standard, 290 security, 282-291 authentication, 291-293 backing up data, 301 Certificate Signing Request (CSR), 299 Certifying Authorities (CAs), 297 compromises, 290 Denial of Service (DoS), 287 digital certificates, 297-298 digital signatures, 296-297 encryption, 293-296 errors in software, 288-289 exposure of confidential data, 283-285 hash function, 296 log files, 299-300 loss or destruction of data, 285-286 modification of data, 286 passwords, 291-292 physical security, 302 repudiation, 289-290 Secure Web servers, 298-299 security policies, creat- ing, 291 threats, 283-290 strategies, selecting, 280 user interface design, 274 comparing Apache for Windows and UNIX, 798-799 Strings, 104-105 Length, testing, 105 Strcasecmp() function, 105 Strcmp() function, 104 Strnatcmp() function, 105 comparison operators, 29-30 equals operator, 29-30 WHERE clauses, 212-213 40 7842 index 3/6/01 4:22 PM Page 816 control characters 817 component structures, 467 components online newsletters, 657 user personalization, 499-500 compression GIF, LZW (Lempel Ziv Welch), 404 GIFs, 404 SSL (Secure Sockets Layer), 335 computer hardware failure (commercial Web sites), 278 Concurrent Versions System (CVS), 468 conditionals, 38-42 code blocks, 38-39 comparing, 42 else statements, 39-40 elseif statements, 40 if statements, 38 indenting code, 39 switch statements, 41-42 configure command, 785 configuring IIS (Internet Information Server), 319, 321 mod_SSL, 788 MySQL, 785 PHP, 786 sessions, 437-438 connecting MySQL, errors, 482-484 network services, 484-485 connection verification (MySQL database), 250 connections FTP connections, closing, 385 HTTPS connections, 388 persistent, database optimization, 262 remote FTP servers, mirroring files, 382 Web databases, 234-235 closing nonpersistent connections, 238 persistent connections, 234 console window, running Apache from, 797 constants, 24-25 constructors (object- oriented development), 151-152 content (code), 471 separating from logic, 472 content management sys- tems, 588 building, 588 content, editing, 589 databases create database.sql, 597-598 versus file storage, 590 document structure, 591 files, 595 create database.sql, 595-596 db fns.php, 595 delete story.php, 596 footer.php, 595 header.php, 595 headlines.php, 596 include fns.php, 595 keyword add.php, 596 keyword delete.php, 596 keywords.php, 596 login.php, 596 logo.gif, 596 page.php, 596 publish story.php, 596 publish.php, 596 resize image.php, 596 search form.php, 596 search.php, 596 select fns.php, 595 stories.php, 596 story submit.php, 596 story.php, 596 unpublish story.php, 596 user auth fns.php, 595 FTP access, 589 editing online, 589 file upload method, 589 images, manipulating, 593-595 implementing, 598 editor screen, 614-616 headlines.php, 598-602 keywords, 611-614 stories, adding, 602-611 metadata, 591 output, formatting, 592-593 contents, bounding box arrays, 416-417 continuation symbol (MySQL), 185 continue statement, 47 control, version (code), 467-468 CVS (Concurrent Versions System), 468 multiple programmers, 468 repository, 467-468 control characters \n (newline), 58 \t (tab), 58 40 7842 index 3/6/01 4:22 PM Page 817 control structures 818 control structures, 38-47 breaking out of, 47 conditionals, 38-42 code blocks, 38-39 comparing, 42 else statements, 39-40 elseif statements, 40 if statements, 38 indenting code, 39 switch statements, 41-42 loops, 43-47 break statement, 47 do while loops, 47 for loops, 45-46 while loops, 44-45 conventions, naming (code), 463-464 conversion specifications format strings, 98-99 printf() function, 99 type codes, 99 converting arrays to scalar variables, 91-92 cookies, 431-433 setting, 431-432 storing session IDs, 432-433 coordinates bounding boxes, 416 images, 407 copy() function, 365 cos() function, 777 COUNT(items) function, 221 counting array elements, 90-91 crackers, 277-278 create database.sql, 595-598 Create Mail button, 695 CREATE privilege, 190 CREATE TABLE command (SQL), 194-195 creating accounts, 673-675 canvas images, 405-406 directories, 361 files, 364-365 images, 404-405 outputting, 409 text, printing or drawing on, 406-408 with fonts, 410-419 with text, 410-419 lists, 693-695 PDF templates, 749-751 programmatically, 751 software, 749-751 personalized documents (PDF), 744 PHPBookmark application, 498 database schema, 502 diagrams, 500 front page, 504-506 function libraries, 501 RTF templates, 749 software, 749 credit card numbers, storing, 338 criteria, retrieving specific data from databases, 212-214 cross join, 219 crypt() function, 310-311 cryptography, 294 CSR (Certificate Signing Request), 299 CSS (cascading style sheets), 472 cURL (Client URL) functions, 387-389 curl_init() function, 388 curl_setopt() function, 388 cURL Web site, 390 curl_init() function, 388 curl_setopt() function, 388 curly braces ({}), regular expressions, 112 current directory symbol (.), 359 current() function, 88 curved lines, ImageArc() function, 428 cutting costs (commercial Web sites), 276-277 CVS (Concurrent Versions System), 468 CVS (Concurrent Versions System) Web site, 468 D data aggregating, 220-222 drawing, code, 424-427 encrypting, 337 graphing, 419-428 grouping, 220-222 input checking, 485 user authentication validation, 510 inserting into databases, 209-211 joins, 219 loading from files, 263 metadata, 591 redundant data, avoiding (Web databases), 176-178 retrieving from databases, 211-212 from multiple tables, 214-219 40 7842 index 3/6/01 4:22 PM Page 818 databases 819 in a particular order, 219-220 with specific criteria, 212, 214 rows, returning, 222-223 sensitive data credit card numbers, storing, 338 storing, 336-337 tables aliases, 218-219 joining, 216-217 rows unmatched, 217- 218 two-table joins, 214-216 Data Encryption Standard (DES), 295 data storage, files. See files data types, 22 BLOB types (binary large objects), 204-205 date and time data types, 203 ENUM type, 205 floating point data types (numeric column types), 201-202 integral data types (numeric column types), 201 regular string data types, 204 SET type, 205 TEXT types, 204-205 database schema (PHPBookmark application), 502 front page, 504-506 database servers, Web database architecture, 181 DatabaseCentral.com Web site, 806 databases, 172-175 advantages, 67 Book-O-Rama setting up, 208 tables, SQL code, 210 book_sc database (Shopping Cart applica- tion), 546-548 columns, DESCRIBE statement, 257 content management systems, 590 create database.sql, 597-598 creating from PHP scripts, 242 with MySQL, 187 data aggregating, 220-222 grouping, 220-222 inserting, 209-211 joins, 219 loading from files, 263 retrieving, 211-212 retrieving from multiple tables, 214-219 retrieving in a particu- lar order, 219-220 retrieving with specific criteria, 212-214 rows unmatched, 217-218 tables, aliases, 218-219 tables, joining, 216-217 two-table joins, 214-216 deleting, 242 dropping, 226 information gathering, 254 SHOW statement, 254-257 keys, 173-175 foreign keys, 175 lists, 657 mysql, 246 columns_priv table, 250 db table, 248-249 host table, 249 tables_priv table, 250 user table, 247 MySQL aggregate functions, 221 connection verification, 250 join types, 219 request verification, 251 MySQL databases creating from PHP scripts, 242 deleting, 242 results.php script, 230-231 Web database architec- ture, 228-231 optimizing, 261-262 default values, 262 designs, 261 indexes, 262 permissions, 261 persistent connections, 262 tables, 261-262 passwords encrypting, 252 encrypting (authentica- tion), 310-311 storing, 252 storing (authentica- tion), 308-310 poll, code to set up, 420-421 40 7842 index 3/6/01 4:22 PM Page 819 databases 820 privilege system, 246-247 columns_priv table, 249-250 db table, 248-249 grant table, 250-251 host table, 248-249 privileges, updating, 251 tables_priv table, 249-250 user table, 247-248 queries EXPLAIN statement, 257-260 indexes, 261 records deleting, 225 updating, 223 relational databases. See relational databases relationships, 175 many-to-many relation- ships, 175 one-to-many relation- ships, 175 one-to-one relation- ships, 175 rows, returning, 222-223 schemas, 175 security, 251 operating system, 252 passwords, 252-253 user privileges, 253 Web issues, 253-254 selecting in MySQL, 193-194 setting up, 660-663 Shopping Cart application, 547-548 SQL (Structured Query Language), 208 subscribers, 657 tables, 173 altering, 223-225 Cartesian product, 215 column types, 196-205 columns, 173 creating in MySQL, 194-199 dropping, 226 equi-joins, 215 joins, 214 keywords, 196 left joins, 217-218 rows, 173 types, 180, 262-263 values, 173 viewing, 198-199 viewing in MySQL, 198-199 vote code to update, 422-423 results, code to retrieve, 422-423 Warm Mail application (email client), 622-623 Web databases architecture, 180-181 designing, 176-180 Web databases. See Web databases Web forum application, 716-718 data_valid_fns.php, 501, 660 date and time converting between PHP and MySQL formats, 396-398 in MySQL DATE_FORMAT() function, 396-397 MySQL Web site, 400 UNIX_TIMESTAMP function, 397-398 in PHP, 392-396 calendar functions, 399 checkdate() function, 396 date calculations, 398-399 date() function, 392-395 floor() function, 399 getdate() function, 395 mktime() function, 394-395, 398 PHP Web site, 400 date and time column types, 203 TIMESTAMP display types, 203 date and time data types, 203 date() function, 17-18, 363, 392-395 format codes, 392-394 UNIX time stamps, 394-395 DATE_FORMAT() function, 396-397 db fns.php, 597, 605 db table, 247-249 mysql database, 248-249 db_connect() function, 513 db_fns.php, 502, 660 db_result_to_array() func- tion, 552 DDoS (Distributed Denial of Service), 287 debugging, remote, 494 debugging variables, 486-489 declaring functions, 132-133 decoct() function, 363 40 7842 index 3/6/01 4:22 PM Page 820 discussion board application 821 decrement operators, 28-29 decryption, 294 default values, database optimization, 262 delete bm() function, 531 DELETE privilege, 190 DELETE statement, 225 delete story.php, 596 delete_account() function, 636 delete_fns.php, 611 delete_bms.php, 501 delete_message() function, 648 deleting accounts (Warm Mail application), 636-637 bookmarks, 530-532 databases, 242 directories, 361 email (Warm Mail applica- tion), 648 files, 63, 364-365 records, 225 deletion anomalies, avoiding (Web data- bases), 178 Denial of Service (DoS), 287 deregistering variables, 434-436 DES (Data Encryption Standard), 295 DESC keyword, 220 descenders (letters), 417 DESCRIBE command, 198-199 DESCRIBE statement, 257 syntax, 257 describe user, [edit, OK] statement, 247 designing databases, 597-598 Web databases, 176-180 atomic column values, 178 keys, creating, 179 null values, avoiding, 179-180 real-world objects, modeling, 176 redundant data, avoiding, 176-178 table types, 180 update anomalies, avoiding, 177-178 designing classes, 158-159 designs, database opti- mization, 261 design_button.html file, 411-412 destroying sessions, 435 Developer Shed Web site, 116 developing function libraries, 467 development environ- ments, 469 Devshed Web site, 428 DevShed.com Web site, 804 diagrams, online newslet- ters, 658-660 die() language construct, 450 digest authentication (HTTP), 313 digital certificates, 297-298 digital goods (commercial Web sites), providing, 275-276 digital signatures, 296-297 directives magic_quotes_gpc, 336 magic_quotes_runtime, 336 php.ini file, 453-454 directories browsing, 358 creating, 361 current symbol (.), 359 deleting, 361 file listings, 359 file paths, 360 functions, 358 one level up symbol ( ), 359 reading from, 358-360 uploaded file listing, code, 358-359 directory sites, verifying URLs and email addresses, 374-378 directory structures, 467 component structures, 467 dirname($path) function, 360 dirname() function, 363 disconnecting from Web databases, 238 discussion board application, 712-741 article list, 718-731 collapsing threads, 719, 723 displaying articles, 724 expanding threads, 719-723 individual articles, viewing, 731-734 new articles, adding, 734-741 40 7842 index 3/6/01 4:22 PM Page 821 discussion board application 822 plus symbols, 719 treenode class, 725-731 database design, 716-718 extensions, 741 files, 715 posters, 716 solution components, 712-714 solution overview, 714-715 tree of articles, 729 tree structure, 713-714 tree_node class, 713 discussion boards, threads, 712 diskfreespace($path) function, 360 display account form() function, 673, 689 display button() function, 682, 703 display information() function, 684 display items() function, 679 display list form() function, 693 display mail form() function, 696 display password form() function, 689 display preview button() function, 703 display registration form() function, 508 display user menu() function, 515 display() function, 730 displaying bookmarks, 529-530 files, uploaded, 357 displaying articles (Web forum application), 724 display_account_form() function, 633 display_account_select() function, 639 display_account_setup() function, 633-636 display_book_form() function, 581-583 display_cart() function, 560-563 display_categories() function, 553 display_list() function, 640-641 display_post() function, 734 display_tree() function, 724, 733-734 Distributed Denial of Service (DDoS), 287 division operator, 26 dl() function, 453 do html header() function, 669 do while loops, 47 documentation, gd, Web site, 428 Web application projects, 470 documents personalized, 744 creating, 744 formats, 745-748 structure, content manage- ment systems, 591 DoS (Denial of Service), 287 doubleval() function, 254 downloading files (FTP servers), 384-385 FreeType library Web site, 402 GIF (Graphics Interchange Format) Web site, 404 jpeg-6b (FTP site), 402 PostScript Type 1 fonts (FTP site), 402 t1lib, 402 do_html_header() func- tion, 566, 639 draw star() function, 777 drawing data, code, 424-427 figures, 419-428 images with scripts, 405 text on images, 406-408 variables, code, 423 drawing functions, parameters, 407 DROP DATABASE statement, 226 DROP INDEX index syntax, 224 DROP PRIMARY KEY syntax, 224 DROP privilege, 190 DROP TABLE statement, 226 DROP [COLUMN] column syntax, 224 dropping databases, 226 tables, 226 Dubois, Paul, 263 dynamic content, 17-18 date() function, 17-18 dynamically loading extensions, 453 dynamically produced inline images, 410 40 7842 index 3/6/01 4:22 PM Page 822 email client application (Warm Mail) 823 E e-commerce Web sites, 268-280 adding value to goods or services, 276 authentication, 284 cutting costs, 276-277 online brochures, 269-271 common pitfalls, 269-271 taking success of sites, 270-271 orders for goods or services, 271-275 obstacles to potential customers, 273-275 privacy policies, 273 providing services and digital goods, 275-276 risks, 277-280 competition, 278 computer hardware failure, 278 crackers, 277-278 failure to attract business, 278 legislation and taxes, 279 service provider failures, 278 software errors, 279 system capacity limits, 279 Secure Electronic Transaction standard, 290 security, 282-291 authentication, 291-293 backing up data, 301 Certificate Signing Request (CSR), 299 Certifying Authorities (CAs), 297 compromises, 290 Denial of Service (DoS), 287 digital certificates, 297-298 digital signatures, 296-297 encryption, 293-296 errors in software, 288-289 exposure of confidential data, 283-285 firewalls, 300 hash function, 296 importance of stored information, 282-283 log files, 299-300 loss or destruction of data, 285-286 modification of data, 286 passwords, 291-292 physical security, 302 repudiation, 289-290 Secure Web servers, 298-299 security policies, creating, 291 threats, 283-290 strategies, selecting, 280 user interface design, 274 e-gineer Web site, 806 each() function, 74-75, 88 echo statements, 20-21 editing content manage- ment systems, 589 editor screen, 614-616 online, 589 edit_book_form.php script (Shopping Cart application), 580 elements (arrays), 71 applying functions, 89-90 counting, 90-91 else statements, 39-40 elseif statements, 40 email reading, 371 sending, 371 email, encryption, 338-347 GPG (Gnu Privacy Guard), 339-347 PGP (Pretty Good Privacy), 338-339 email client application (Warm Mail), 618-653 accounts creating, 634-636 deleting, 636-637 modifying existing accounts, 636 selecting (reading email), 637-640 setting up, 632-637 application architecture, 621 database, setting up, 622-623 deleting email, 648 extensions, 652-653 files, 621 IMAP function library, 619-620 interface, 620-621 logging in, 629-631 logging out, 632 reading mail, 637-647 mailbox contents, viewing, 640-643 message headers, viewing, 647 messages, 643-647 selecting accounts, 637-640 40 7842 index 3/6/01 4:22 PM Page 823 email client application (Warm Mail) 824 script architecture, 623-629 sending mail, 649-652 forwarding messages, 651-652 new messages, 649-651 replying to messages, 651-652 solution components, 619-620 solution overview, 620-621 embedding PHP in HTML, 13-14 comments, 16-17 PHP statements, 15-16 PHP tags, 14-15 whitespace, 16 empty() function, 37 encapsulation (object- oriented development), 148 encrypting data, 337 passwords (authentication), 252, 310-311 encryption, 293-296, 338-347 ciphertext, 293 Data Encryption Standard (DES), 295 decryption, 294 digital certificates, 297-298 digital signatures, 296-297 encryption algorithm, 293 GPG (Gnu Privacy Guard), 339-347 installing, 339-342 key pairs, 340 testing, 342-347 hash functions, 296 PGP (Pretty Good Privacy), 338-339 plain text, 293 private key encryption, 294-295 public key encryption, 295-296 RSA, 296 SSL (Secure Sockets Layer), 346-347 end of file, finding, 60 end() function, 88 engineering software, 460 ENUM type, 205 environment variables (PHP functions), 367-368 environments, develop- ment, 469 EPA Web site, 302 equals operator, 29-30 equi-joins, 215, 219 Equifax Secure, 297 connecting with HTTPS, 388 ereg() function, 114 eregi() function, 114, 373 ereg_replace() function, 115 eregi_replace() function, 115 error checking, exit statement, 47 error messages, calling undefined functions, 131 error reporting levels, 489-490 settings, 490-491 error suppression operator, 32 errors 401 errors (HTTP), 317 error reporting levels, 489-490 settings, 490-491 exception handling, 492-494 logic, 485-486 programming, 478-486 logic errors, 485-486 runtime errors, 480-481 syntax errors, 478-480 runtime, 480-481 database interaction, 482-484 functions that don’t exist, 481-482 input data, 485 network connections, 484-485 reading/writing files, 482 syntax, 478-480 triggering, 492 errors in software (secu- rity threats), 288-289 escaping characters, 100-101 escapeshellcmd() function, 336, 367 eval() function, 449 evaluating strings, 449 Evil Walrus Web site, 805 exception handling, 492-494 exec() function, 366 executable content (stored data), 336 execution operator, 32-33 exit language construct, 450 exit statement, 47 expanding threads (Web forum application), 719-723 expand_all() function, 722-723 40 7842 index 3/6/01 4:22 PM Page 824 . fns .php, 595 keyword add .php, 596 keyword delete .php, 596 keywords .php, 596 login .php, 596 logo.gif, 596 page .php, 596 publish story .php, 596 publish .php, 596 resize image .php, 596 search form .php, . 554 index .php script, 551 insert_book .php script, 579 insert_order() function, 570 process .php script, 573 purchase .php script, 568 show_book .php script, 555 show_cart .php script, 559 show_cat .php script, 553 SQL. form .php, 596 search .php, 596 select fns .php, 595 stories .php, 596 story submit .php, 596 story .php, 596 unpublish story .php, 596 user auth fns .php, 595 FTP access, 589 editing online, 589 file upload