Phát triển web với PHP và MySQL - p 88 pdf

PHP 845 payment module (Shopping Cart application), 572-575 payment systems (Shopping Cart application), 541-542 PDF (Portable Document Format), 744, 748 function libraries, 751 Web sites, 751 generating certificates, 762-765 headers, 777-778 PDFlib, 765-777 personalized documents, creating, 744 software, 749-751 creating PDF program- matically, 751 pdf add outline() function, 768 pdf begin page() function, 767 pdf close() function, 770 pdf fill() function, 777 pdf open() function, 767 pdf rect() function, 775 pdf replace() function, 763 pdf set info() function, 767 pdf setlinewidth() function, 775 pdf show xy() function, 776 pdf show() function, 769 pdf stringwidth() function, 776 pdf stroke() function, 775 PDF Web site, 748 pdf.php, 752 PDFlib generating a PDF document, 765-770 generating certificates, 770-777 PDFlib library Web site, 751 pdflib.php, 753 permissions, database optimization, 261 persistent connections, database optimization, 262 persistent connections (Web databases), 234 personalization, user bookmarks, adding, 526-529 bookmarks, deleting, 530-532 bookmarks, displaying, 529-530 bookmarks, recommending, 500 bookmarks, storing, 500 defined, 498 recommendation, implementing, 532-536 solution components, 499-500 system requirements, 498 usernames, 499 personalized documents, 744 certification project, 752 files, 752 headers, 777-778 index.html, 753-754 PDF, 762-770 PDFlib, 770-777 RTF, 758-762 score.php, 755-757 creating, 744 formats, 745-748 ASCII, 745 HTML, 745 paper, 745 PDF, 748 PostScript, 747-748 RTF, 746-747 word processors, 746 requirements, 749 software, 749-751 PGP (Pretty Good Privacy), 338-339 PGP Security Web site, 338 Philip and Alex’s Guide to Web Publishing Web site, 806 phorum, 741 PHP basic authentication (HTTP), 314-315 calling functions, 18 canvas images, creating, 405-406 configuring, 786 constants, 24-25 control structures, 38-47 breaking out of, 47 conditionals, 38-42 loops, 43-47 date and time, 392-396 calendar functions, 399 checkdate() function, 396 converting between PHP and MySQL formats, 396-398 date calculations, 398-399 date() function, 392-395 40 7842 index 3/6/01 4:22 PM Page 845 PHP 846 floor() function, 399 getdate() function, 395 mktime() function, 394-398 PHP Web site, 400 date() function, 17-18 development environments, IDE (integrated development environments), 469 embedding in HTML, 13-14 comments, 16-17 PHP statements, 15-16 PHP tags, 14-15 whitespace, 16 environment variables, functions, 367-368 evaluating strings, 449 extensions, loading dynamically, 453 function names in code, 464 functions dl() function, 453 eval() function, 449 getlastmod() function, 452-453 get_current_user() function, 452 get_extension_funcs(), 451-452 get_loaded_exten- sions() function, 451-452 get_magic_quotes_ gpc() function, 449 highlight_file(), 454 highlight_string() function, 454 ini_get() function, 453-454 ini_set() function, 453-454 serialize() function, 450-451 set_magic_quotes_run- time() function, 449 show_source() functions, 454 unserialize() function, 451 gd documentation, Web site, 428 IDE Web sites, 469 images base canvas, setting up, 414-415 creating, 404-405 creating with fonts, 410-419 creating with text, 410-419 formats, 403 generating automati- cally, 410 GIF (Graphics Interchange Format), 404 JPEG (Joint Photographic Experts Group), 403 outputting, 409 PNG (Portable Network Graphics), 403 supporting, 402 text, drawing or printing on, 406-408 text, fitting onto buttons, 415-418 text, positioning onto buttons, 418 text, writing onto buttons, 419 WBMP (Wireless Bitmap), 403 Web site support, 402 installing, 783 UNIX environment, 783-787 Windows environment, 799-800 jpeg-6b, downloading (FTP site), 402 language constructs die(), 450 exit, 450 libraries, 783 Web sites, 783 magic quotes, 448-449 modular names in code, 464 myErrorHandler() function, 492 mysql connect() function, 482 mysql errno() function, 483 mysql error() function, 483 mysql pconnect() function, 483 mysql query() function, 483 mysql select db() function, 483 network lookup functions, 374-378 checkdnsrr(), 378 explode(), 377 gethostbyaddr(), 377 gethostbyname(), 376-377 getmxrr(), 376-378 parse_url(), 377 operators, 25-33 arithmetic operators, 26 assignment operator, 22 assignment operators, 27-29 40 7842 index 3/6/01 4:22 PM Page 846 php4win Web site 847 associativity, 34-35 bitwise operators, 31 comma operator, 32 comparison operators, 29-30 error suppression operator, 32 execution operator, 32-33 logical operators, 30-31 precedence, 34-36 string operators, 27 ternary operator, 32 totaling forms, 33-34 optimizations, 472-473 Zend Optimizer, 473 resources, 804-806 rewriting code, 462-463 running, 782 as CGI Interpreter, 782-783 as modules, 782-783 scripts modification dates, 452 owners, identifying, 452 terminating execution, 450 serialization, 450-451 session control, 433, 438-445 cookies, 433 session control. See session control sessions. See sessions set error handler() function, 492 Snoopy class, 389 support, testing, 791 syntax highlighter, 454-455 testing (Windows environment), 800 variable functions, 36-38 re-interpreting variables, 37 type testing functions, 36 variable status, testing, 37 variable names in code, 463-464 variables form variables, accessing, 19-21 identifiers, 21 scope, 25 types, 22-24 user declared variables, 22 values, assigning, 22 Web application projects, documentation, 470 writing for file upload, 354-357 PHP Base Library Web site, 805 PHPBuilder.com Web site, 116 PHP Center Web site, 805 PHP Classes Repository Web site, 805 Metabase, 243 PHP Club Web site, 805 PHP database interfaces, 242 PHP Developer Web site, 805 PHP Homepage Web site, 805 PHP online manual, Filesystem section, 67 PHP Resource Web site, 805 PHP scripts, 478 debugging variables, 486-489 error reporting levels, 489-490 settings, 490-491 errors exception handling, 492-494 triggering, 492 programming errors, 478-486 logic errors, 485-486 runtime errors, 480-481 syntax errors, 478-480 remote debugging, 494 PHP statements, 15-16 PHP tags, 14-15 ASP style, 15 require() statement, 121 SCRIPT style, 15 short style, 15 XML style, 15 PHP Web site, 462, 766, 784, 802 calendar functions, 400 date and time functions, 400 PHP(colon)Hypertext Preprocessor Web site, 92 php.ini, 799 php.ini file auto_append_file, 126-127 auto_prepend_file, 126-127 directives, editing, 453-454 PHP.Net Web site, 804 PHP4 Resource Web site, 804 php4win Web site, 619 40 7842 index 3/6/01 4:22 PM Page 847 phpautodoc Web site 848 phpautodoc Web site, 470 PHPBookmark application creating, 498 database schema, 502 diagrams, 500 front page, 504-506 function libraries, 501 files, 501 add_bms.php, 501 add_bm_form.php, 501 bookmark.gif, 502 bookmarks.sql, 501 bookmark_fns.php, 501 change_passwd.php, 501 change_passwd_ form.php, 501 data_valid_fns.php, 501 db_fns.php, 502 delete_bms.php, 501 forgot_form.php, 501 forgot_passwd.php, 501 login.php, 501 logout.php, 501 member.php, 501 output_fns.php, 502 recommend.php, 501 register_form.php, 501 register_new.php, 501 url_fns.php, 502 user_auth_fns.php, 502 PHPBuilder.com Web site, 804 PHPCertification.pdf, 753 PHPCertification.rtf, 753 PHPCoder Web site, 469 phpDoc Web site, 470 phpDocumentor Web site, 470 PHPEdit Web site, 469 PHPGem Web site, 469 PHPIndex.com Web site, 805 phpinfo() command, 25 phpinfo() function, 368, 751 PHPInfo.net Web site, 805 PHPLib Web site, 430 phpslash, 741 PHPSlash Web site, 741 PHPWizard.net Web site, 804 plain text encryption, 293 online newsletters, 658 planning software engi- neering, 461-462 plus symbol (+), regular expressions, 111 plus symbols (Web forum articles), 719 PNG (Portable Network Graphics), 403 Web site, 403 poll database, setting up, 420-421 polls, users (votes) casting, 421 results, 421 pollsetup.sql file, 420 polygons, ImagePolygon() function, 428 polymorphism (object- oriented development), 149-150 POP (Post Office Protocol), 371 POP3 (Post Office Protocol version 3), 618 Portable Document Format. See PDF Portable Network Graphics. See PNG positioning text onto buttons, 418 POSIX regular expressions. See regular expressions posix_getgrgid() function, 363 posix_getpwuid() function, 363 Post Office Protocol (POP), 371 Post Office Protocol version 3 (POP3), 618 post-increment operator, 28-29 posters (Web forum application), 716 PostScript, 747-748 PostScript Type 1 fonts, downloading (FTP site), 402 power failures, 302 pre-increment operator, 28 precedence, operators, 34-36 preprocessing script architecture, 663 Pretty Good Privacy (PGP), 338-339 pretty() function, 685 prev() function, 88 previewing online newsletters, 702-703 PRIMARY KEY keyword, 196 primary keys (databases), 173-175 principle of least privilege, 188 print() function, 97 printf() function, 98-99 40 7842 index 3/6/01 4:22 PM Page 848 prototypes (functions) 849 printing strings formatting strings for printing, 97-99 print() function, 97 printf() function, 98-99 sprintf() function, 98 text on images, 406-408 privacy policies, 273 private key encryption, 294-295 private keys, Gnu Privacy Guard (GPG), 340 privilege system, 246-247 columns_priv table, 249-250 db table, 248-249 grant table, 250-251 host table, 248-249 privileges, updating, 251 tables_priv table, 249-250 user table, 247-248 privileges FILE, 253 GRANT, 253 PROCESS, 253 updating, 251 user, database security, 253 privileges (MySQL), 188- 193 global privileges, 189 GRANT command, 188-189, 192-193 principle of least privilege, 188 REVOKE command, 192-193 types, 190-191 problems, file uploads, 358 PROCESS privilege, 191, 253 process.php script (Shopping Cart application), 572-575 processing HTML forms, 11-13 Bob’s Auto Parts application, 11-13 progex.php file, 366 programming errors, 478-486 logic errors, 485-486 runtime errors, 480-481 database interaction, 482-484 functions that don’t exist, 481-482 input data, 485 network connections, 484-485 reading/writing files, 482 syntax errors, 478-480 properties of files, changing, 364 protocol stacks, 333 protocols, 370 application layer protocols, 333 File Transfer Protocol (FTP), 378-387 anonymous login, 381 filetime() function, 383 file_exists() function, 383 ftp_connect() function, 382 ftp_fget() function, 384 ftp_fput() function, 385 ftp_get() function, 385 ftp_login() function, 382 ftp_mdtm() function, 383 ftp_nlist() function, 386 ftp_put() function, 385 ftp_quit() function, 385 ftp_size() function, 386 mirroring files, 379-385 set_time_limit() function, 386 timeouts, avoiding, 386 uploading files, 385 FTP (File Transfer Protocol), opening files, 54-55 HTTP (Hypertext Transfer Protocol), opening files, 55 HTTP protocol, 333 handshaking, 334 Secure Sockets Layer (SSL), 334 IMAP (Internet Message Access Protocol), 371, 618 IP (Internet Protocol), 333 POP (Post Office Protocol), 371 POP3 (Post Office Protocol version 3), 618 RFCs (Requests for Comments), 370 SMTP (Simple Mail Transfer Protocol), 371, 618 TCP (Transmission Control Protocol), 333 World Wide Web Consortium (W3C) Web site, 389 prototypes (code), 471 prototypes (functions), 130 40 7842 index 3/6/01 4:22 PM Page 849 public key encryption 850 public key encryption, 295-296 public keys, Gnu Privacy Guard (GPG), 340 exporting, 340 importing, 341 publish story.php, 596 publish.php, 596 purchase.php script (Shopping Cart application), 568-572 putenv() function, 367- 368 PX-PHP Code Exchange Web site, 804 Q queries, EXPLAIN statement, 257-260 query select() function, 609 querying, Web databases, 232 connections, setting up, 234-235 disconnecting from databases, 238 input data, 232-233 inserting new information into databases, 238-241 mysql_db_query() function, 236 mysql_query() function, 235-236 retrieving results, 236-237 selecting databases, 235 quotes, magic quotes, 448-449 enabling, 546 R r+ file mode, 54 RAID (Redundant Array of Inexpensive Disks), 301 range() function, 71 RDBMSs (relational database management systems), 208 advantages, 67 readdir($dir) function, 359 readdir() function, 359 readfile() function, 61 reading files, 52, 361-364 feof() function, 60 fgetc() function, 62-63 fgetcsv() function, 61 fgets() function, 60 fgetss() function, 61 file() function, 62 fopen() function, 60 fpassthru() function, 62 fread() function, 63 readfile() function, 61 runtime errors, 482 vieworders.php interface, 59-60 from directories, 358-360 reading email, 371 Warm Mail application, 637-647 mailbox contents, viewing, 640-643 message headers, viewing, 647 messages, 643-647 selecting accounts, 637-640 real-world objects, model- ing (Web databases), 176 recommend urls() function, 534 recommend.php, 501 recommendations, implementing, 532-536 recommending bookmarks, 500 records deleting, 225 updating, 223 records (tables), 173 recursive functions, 143-144 red, green, and blue (RGB), 406 red-button.png file, 414 Redundant Array of Inexpensive Disks (RAID), 301 redundant data, avoiding (Web databases), 176-178 reference operator, 29 REGEXP keyword, 214 register() function, 511 registering session variables, 433-436 user authentication, 507-511 register_form.php, 501 register_new.php, 501 regular expressions, 109-114 * symbol, 111 + symbol, 111 branching, 112 caret symbol (^), 112 character classes, 110-111 40 7842 index 3/6/01 4:22 PM Page 850 retrieving 851 character sets, 109-110 curly braces ({}), 112 slash (\), 112 Smart Form Mail application, 113-114 special characters, 113 literal special chracters, 112 splitting strings, 115-116 subexpressions, 111-112 substrings finding, 114-115 replacing, 115 Web references, 116 regular string data types, 204 relational database management systems. See RDBMSs relational databases, 172-175 keys, 173-175 foreign keys, 175 relationships, 175 many-to-many relationships, 175 one-to-many relationships, 175 one-to-one relationships, 175 schemas, 175 tables, 173 columns, 173 rows, 173 values, 173 relationships (databases), 175 many-to-many relationships, 175 one-to-many relationships, 175 one-to-one relationships, 175 RELOAD privilege, 191 remote debugging, 494 remote FTP servers, connecting to (mirroring files), 382 RENAME [AS] new_table_name syntax, 224 rename() function, 365 reordering arrays, 83-85 array_reverse() function, 84-85 shuffle() function, 83-84 repetition structures. See loops replacing substrings, 108-109 with regular expressions, 115 replying to email (Warm Mail application), 651-652 repository (version control, code), 467 repudiation, 289-290 request verification (MySQL database), 251 Requests for Comments (RFCs), 370 require() statement, 119-129 auto_append_file (php.ini file), 126-127 auto_prepend_file (php.ini file), 126-127 filename extensions, 120-121 PHP tags, 121 Web site templates, 121-126 requirements online newsletters, 656 components, 657 personalized documents, 749 software, 749-751 system, user personalization, 498 reset password() function, 523 reset() function, 88 resetting passwords, user authentication, 521-526 resize image.php, 596 resources, 804-806 Apache, 806 MySQL and SQL, 806 PHP, 804-806 Web development, 806 result identifier, retrieving query results (Web databases), 236-237 results file status functions, code, 362, 366-367 vote database, code to retrieve, 422-423 results.php script, 230-231 retrieve_message() function, 645-647 retrieving data aggregating, 220-222 from databases, 211-212 from multiple tables, 214-219 grouping, 220-222 in a particular order, 219-220 joins, 219 tables, aliases, 218-219 40 7842 index 3/6/01 4:22 PM Page 851 retrieving 852 tables, joining, 216-217 tables, rows unmatched, 217-218 two-table joins, 214-216 with specific criteria, 212-214 vote database results, code, 422-423 return keyword, 140 return statement, 140 returning from functions, 140 values from functions, 141-142 returning rows, 222-223 returning values, 81 assignment operator, 27 reusing code, 118-119 advantages of, 118-119 include() statement, 127-129 require() statement, 119-129 auto_append_file (php.ini file), 126-127 auto_prepend_file (php.ini file), 126-127 filename extensions, 120-121 PHP tags, 121 Web site templates, 121-126 reverse sort functions, 80 reverse sorts associative arrays, 80 multidimensional arrays, 82 reverse spam, 287 REVOKE command, 192-193 rewind() function, 64 rewinddir($dir) function, 360 rewriting code, 462-463 RFC Editor Web site, 370, 389 RFCs (Requests for Comments), 370 RGB (red, green, and blue), 406 Rich Text Format. See RTF risks for commercial Web sites, 277-280 competition, 278 computer hardware failure, 278 crackers, 277-278 failure to attract business, 278 legislation and taxes, 279 service provider failures, 278 software errors, 279 system capacity limits, 279 rmdir() function, 361 root nodes (Web forum tree structure), 714 rows returning, 222-223 unmatched, 217-218 rows (tables), 173 values, 173 RSA, 296 RSARef Web site, 784 rsort() function, 80 RTF (Rich Text Format), 744-747 generating certificates, 758-762 software, 749 rtf.php, 752, 759 running Apache, 790, 796 as services, 797-798 from console window, 797 Windows environment, 796 PHP, 782 as CGI Interpreter, 782-783 as modules, 782-783 runtime errors, 480-481 database interaction, 482-484 functions that don’t exist, 481-482 input data, 485 network connections, 484-485 reading/writing files, 482 S S-HTTP (Secure Hypertext Transfer Protocol), 331 scalar variables, 70 converting arrays to, 91-92 schemas Book-O-Rama application, 194 database (PHPBookmark application), 502 front page, 504-506 schemas (databases), 175 Book-O-Rama application, 184 scope function scope, 136 global scope, 136 variable scope, 136-138 40 7842 index 3/6/01 4:22 PM Page 852 Secure Sockets Layer (SSL) 853 scope (variables), 25 scope fields, 248 score.php, 752-757 screening user input, 336 script architecture, 663- 672 footers, 663 headers, 663 performing actions, 663 preprocessing, 663 SCRIPT style (PHP tags), 15 scripting engines, Web database architecture, 181 scripts admin.php script (Shopping Cart application), 575-577 authmain.php (authentication), 438-443 breaking out of, 47 catalog scripts (Shopping Cart application), 548-556 index.php, 549-553 show_book.php, 549, 555-556, 579 show_cat.php, 549, 553-555 checkout.php script (Shopping Cart application), 566-568 creating databases, 242 deleting databases, 242 edit_book_form.php (Shopping Cart application), 580 for buttons, code to call, 412 images, drawing, 405 insert_book.php, 239-240 insert_book.php (Shopping Cart application), 578-579 insert_book_form.php script (Shopping Cart application), 578 line graphs, code to output, 405 logout.php (authentication), 444-445 make_button.php, buttons, 411 members_only.php (authentication), 443-444 modification dates, 452 owners, identifying, 452 process.php script (Shopping Cart application), 572-575 purchase.php script (Shopping Cart application), 568-572 querying Web databases, 232 connections, setting up, 234-235 disconnecting from databases, 238 input data, 232-233 inserting new information into databases, 238-241 mysql_db_query() function, 236 mysql_query() function, 235-236 retrieving results, 236-237 selecting databases, 235 results.php, 230-231 show_book.php (Shopping Cart application), 579 show_cart.php script (Shopping Cart application), 557-560 adding items to cart, 563-565 header bar summary, printing, 566 updated carts, saving, 565-566 viewing contents of cart, 560-563 stock quotes, retrieving for Web pages, 371-373 terminating execution, 450 Warm Mail application (email client), 623-629 search form.php, 596 search.php, 596 searching keywords, 611-614 substrings, 105-107 find and replace, 108-109 numeric position, 107-108 strpos() function, 107-108 strrpos() function, 107 strstr() function, 106-107 with regular expressions, 114-115 Secure Electronic Transaction standard, 290 Secure Hypertext Transfer Protocol (S-HTTP), 331 Secure Sockets Layer (SSL), 285, 331-335 compression, 335 encryption, 346-347 40 7842 index 3/6/01 4:22 PM Page 853 Secure Sockets Layer (SSL) 854 handshaking, 334 protocol stacks, 333 sending data, 334-335 secure storage, 336-337 credit card numbers, 338 secure transactions, 328-332 Internet, 330-331 screening user input, 336 Secure Sockets Layer (SSL), 332-335 compression, 335 handshaking, 334 protocol stacks, 333 sending data, 334-335 secure storage, 336-337 credit card numbers, 338 user information, 328 user machines, 329-330 your system, 331-332 Secure Web servers, 298-299 security, 282-291 authentication, 284, 291-293, 304-325 access control, implementing, 305-312 basic authentication. See basic authentication digest authentication, 313 encrypting passwords, 310-311 identifying users, 304-305 mod_auth_mysql module, 322-324 multiple pages, protecting, 312 passwords, 291-292 storing passwords, 308-310 Web sites, 324 backing up data, 301 Certificate Signing Request (CSR), 299 Certifying Authorities (CAs), 297 commercial Web sites, crackers, 277-278 compromises, 290 databases, 251 operating system, 252 passwords, 252-253 user privileges, 253 Web issues, 253-254 digital certificates, 297-298 digital signatures, 296-297 encryption, 293-296, 338-347 Data Encryption Standard (DES), 295 GPG (Gnu Privacy Guard), 339-347 PGP (Pretty Good Privacy), 338-339 private key encryption, 294-295 public key encryption, 295-296 RSA, 296 SSL (Secure Sockets Layer), 346-347 firewalls, 300 hash function, 296 importance of stored information, 282-283 log files, 299-300 passwords, 291-292 physical security, 302 Secure Electronic Transaction standard, 290 Secure Socket Layer (SSL), 285 Secure Web servers, 298-299 security policies, creating, 291 TCP/IP networks, 284 threats, 283-290 Denial of Service (DoS), 287 errors in software, 288-289 exposure of confidential data, 283-285 loss or destruction of data, 285-286 modification of data, 286 repudiation, 289-290 transactions, 328-332 Internet, 330-331 screening user input, 336 Secure Sockets Layer (SSL), 332-335 secure storage, 336-337 user information, 328 user machines, 329-330 your system, 331-332 SELECT clause, 222 select fns.php, 597 select_fns.php files, 609 SELECT privilege, 190 SELECT statement, 211 LIMIT clause, 222 ORDER BY clause, 219 selecting databases in MySQL, 193-194 semicolons (;) (MySQL), 185 40 7842 index 3/6/01 4:22 PM Page 854 . 501 data_valid_fns .php, 501 db_fns .php, 502 delete_bms .php, 501 forgot_form .php, 501 forgot_passwd .php, 501 login .php, 501 logout .php, 501 member .php, 501 output_fns .php, 502 recommend .php, 501 register_form .php, . 501 register_form .php, 501 register_new .php, 501 url_fns .php, 502 user_auth_fns .php, 502 PHPBuilder.com Web site, 804 PHPCertification .pdf, 753 PHPCertification.rtf, 753 PHPCoder Web site, 469 phpDoc Web site,. 470 phpDocumentor Web site, 470 PHPEdit Web site, 469 PHPGem Web site, 469 PHPIndex.com Web site, 805 phpinfo() command, 25 phpinfo() function, 368, 751 PHPInfo.net Web site, 805 PHPLib Web site,