only for RuBoard - do not distribute or recompile Web Database Applications with PHP & MySQL [Symbol][A][B][C][D][E][F][G][H][I][J][K][L][M][N][O][P][Q][R][S][T][U] [V][W][X][Z] T table aliases , 2nd tables creating with visual appeal displaying details of locking temporary working with tainted data TCP/IP protocol HTTP and templates temporary tables terminology for databases testing variables text files bulk loading data from vs databases thesame( ) thick clients , 2nd thin clients threads three-tier architectures reasons for using time time-outs , 2nd time string time( ) , 2nd timestamp tracking transaction management transactions commit/rollback and trigger_error( ) triggers trigonometry functions trim( ) , 2nd trimming whitespace two-component querying two-phase locking type conversion type-casting types only for RuBoard - do not distribute or recompile Copyright Table of Contents Index Full Description Reviews Reader reviews Errata Web Database Applications with PHP & MySQL Hugh E Williams David Lane Publisher: O'Reilly First Edition March 2002 ISBN: 0-596-00041-3, 582 pages Web Database Applications with PHP and MySQL offers web developers a mixture of theoretical and practical information on creating web database applications Using PHP and MySQL, two open source technologies that are often combined to develop web applications, the book offers detailed information on designing relational databases and on web application architecture, both of which will be useful to readers who have never dealt with these issues before The book also introduces Hugh and Dave's Online Wine Store, a complete (but fictional) online retail site implemented using PHP and MySQL only for RuBoard - do not distribute or recompile Web Database Applications with PHP & MySQL [Symbol][A][B][C][D][E][F][G][H][I][J][K][L][M][N][O][P][Q][R][S][T][U] [V][W][X][Z] $aCounter->increment( ) $HTTP_POST_VARS break element for client entry for database writes , 2nd for login page prefilling data and processing data and validating data and validation function element php suffix, debugging and @ operator prefixing function calls @ symbol A absolute value Access (Microsoft) addCase( ) AddSlashes( ) AddType directive, debugging and aggregation alert( ) ALTER TABLE statement alternative patterns anchors Apache server , 2nd installing to use SSL using for HTTP authentication Apache Software Foundation application logic in middle tier developing with PHP , 2nd for order receipts shipping.3 script and stored procedures and applications interface applications-layer protocols argument types arguments arithmetic operators array functions array mssql_fetch_row( ) array mysql_fetch_array( ) array mysql_fetch_row( ) array pg_fetch_row( ) array pointers array( ) array_map( ) array_reverse( ) array_search( ) array_walk( ) arrays creating maximum/minimum values and sorting splitting a string into arsort( )/asort( ) assign( ) assignment operator, vs equality operator assignments associative arrays , 2nd sorting asymmetric encryption techniques at (@) symbol in email addresses , 2nd attribute names attributes KEY clause and authenticated( ) authenticateUser( ) , 2nd authentication , 2nd for customers/users example of how it works script for using a database for web database applications and authorization, script for automated housekeeping automatic type conversion auxiliary tables, locking with only for RuBoard - do not distribute or recompile only for RuBoard - do not distribute or recompile Web Database Applications with PHP & MySQL [Symbol][A][B][C][D][E][F][G][H][I][J][K][L][M][N][O][P][Q][R][S][T][U] [V][W][X][Z] B BDB table type bold( ) reusing bookmarks, restrictions on Boolean close( ) Boolean destroy( ) Boolean gc( ) Boolean mail ( ) Boolean open( ) Boolean session_destroy( ) Boolean session_is_registered( ) Boolean session_register( ) Boolean session_start( ) Boolean values Boolean variables Boolean write( ) BottleCounter( ) branch statements browse( ) implementing producing page numbers from search1.script and browsers authentication and interacting with using JavaScript redirection and , 2nd which in use by users browsing , 2nd search.1 script for bulk loading of data only for RuBoard - do not distribute or recompile How This Book Is Organized There are 13 chapters and 5 appendixes in this book Chapter 1 to Chapter 3 introduce web database applications, PHP, MySQL, and SQL: Chapter 1 Discusses the three-tier architecture commonly used in web database applications and in those that we discuss in this book We introduce each of the three tiers and the features of each, and we introduce the software tools that we use We also briefly introduce web protocols The chapter concludes with an introduction to our case study example, Hugh and Dave's Online Wines We discuss the components of the winestore, the system requirements, and where in the book the techniques to develop each component are covered Chapter 2 Introduces the PHP scripting language It covers programming in PHP and discusses the basic programming constructs, variables, types, functions, techniques, and common sources of bugs We include many short code examples to illustrate how to program with PHP Chapter 3 Introduces the MySQL DBMS and how to interact with it using the database query language SQL Using examples from the online winestore, we introduce the SQL commands for creating, deleting, and updating data and databases We also present a longer, example-driven section on querying the online winestore The chapter concludes with discussion of advanced topics, including MySQL database tuning and configuration Chapter 4 to Chapter 9 cover the principles and practice of developing web database application logic Chapter 4 Introduces the basics of connecting to the MySQL DBMS with PHP We explain the querying process used in most interactions with the DBMS and present examples that use most of the PHP MySQL library functions We also show how results from database queries can be formatted as HTML for delivery in a web browser The chapter is supported by the online winestore case study example, which shows how to build a moderately complex querying module Chapter 5 Continues the principles and practice of querying web databases Here we focus on user-driven querying, in which the user provides parameters to the querying process We show how data is encoded, sent in requests from a web browser to a web server, and decoded for processing in PHP We discuss the security implications in processing user data and show steps to secure interactive querying systems Our discussion is supported by a user-driven querying example with results that can be browsed page by page Chapter 6 Covers writing data to web databases There are several reasons why writing data is different from reading it For example, reloading or printing a page from a web browser can cause data to be written to a database more than once Multiple users accessing the same database introduces other problems, such as data unexpectedly being changed by one user while it's being read by another We discuss how to solve problems related to the nature of the Web and multiple users We illustrate the principles with an example that adds and edits customer details in the online winestore Chapter 7 This chapter is related to Chapter 6 and presents the principles and techniques for user-input validation We introduce validation models and reporting methods that work in web database applications and show how these are implemented using PHP and supported by client-side, browser-based JavaScript Chapter 8 Covers the principles of adding session management to web database applications Session management allows the interactions between a user and the application to be related so that, for example, a user can log in and log out of an application and be guided through a series of steps in a process We show how PHP manages sessions and illustrate the techniques with a case study of managing error feedback to users who are joining as customers of the winestore Chapter 9 Presents topics in web security We show how PHP can be used for basic authentication, how databases can manage many users, and how communications can be secured with the network-level secure sockets layer Our case study is the login and logout process for the online winestore This extends our discussion of session management in Chapter 8 Chapter 10 to Chapter 13 present and outline the completed winestore case study The outlines aren't comprehensive: we assume you have completed Chapter 4 to Chapter 9 and understand the principles of developing web database applications We recommend that you view, edit, and use the winestore PHP scripts while reading Chapter 10 through Chapter 13 Chapter 10 Presents the code for customer management in the winestore, as well as the general-purpose functions that are used throughout the application The code presented is based on the examples developed throughout Chapter 4 to Chapter 8 We present the scripts for collecting, validating, and modifying customer details We also include the code for the user login and logout processes based on the material presented in Chapter 9 Chapter 11 Presents the code for the shopping cart at the winestore The shopping cart is stored in a database, and each user's cart is tracked using the session techniques from Chapter 8 The cart module allows a user to view her cart, add items to the cart, update item quantities, delete items, and empty the cart Chapter 12 Presents the code for the ordering and shipping modules of the winestore The ordering process shows how the complex databaseprocessing techniques discussed in Chapter 3 and Chapter 6 are used to convert a shopping cart into a customer order We also show how email confirmations of the order are sent to the user, and an order confirmation is presented as an HTML page Chapter 13 Concludes the case study examples and presents related web database topics We present the complete searching and browsing winestore module based on the techniques discussed in Chapter 5 We also discuss automating queries and using templates to separate script code from HTML markup There are five appendixes in this book: Appendix A A concise guide to installing the Apache web server, PHP, and MySQL under the Linux operating system; includes resource pointers to more detailed installation guides for Linux and other operating systems Appendix B Builds on Chapter 1 and describes the workings of the Web in greater detail Appendix C Contains a case study that models the system requirements for the winestore using entity-relationship database modeling It shows how this model can be converted to a design It also details the SQL commands used to create the winestore database Appendix D An extension of Chapter 8, this appendix shows how the default PHP method for session handling can be moved to the more scalable underlying database tier Appendix E Lists useful resources, including web sites and books containing more information on the topics presented throughout this book How to Use This Book This book is designed as a tutorial-style introduction to web database applications If you haven't installed the Apache web server, the PHP scripting engine, or the MySQL database management system, begin with Appendix A Appendix A lists possible methods for obtaining the software and includes instructions for those who wish to install from source code Appendix A also shows how the examples used in this book can be downloaded and installed locally We recommend obtaining the code and databases used in this book, as they will help you understand the concepts as they are presented The database configuration steps are included at the beginning of Chapter 3 Each chapter covers a different topic Chapter 1 through Chapter 3 can be read independently Chapter 1 introduces web database applications and the case study application We recommend reading Chapter 1 first Chapter 2 and Chapter 3 are designed as introductions to PHP and SQL, respectively; both can be used as references when reading the later chapters Chapter 4 through Chapter 9 are a major section with a tutorial style that follows through the principles and practice of web database applications Chapter 4, Chapter 5, and Chapter 6 begin with basic principles and components Chapter 7, Chapter 8, and Chapter 9 contain more sophisticated examples that rely on concepts from the earlier chapters These chapters are designed to be read sequentially By the conclusion of Chapter 9, you should have mastered the principles of developing web database applications Chapter 10 to Chapter 13 present and briefly discuss the completed scripts developed for the online winestore case study The scripts show how the techniques from Chapter 4 to Chapter 9 are applied in practice and, as such, are most useful after mastering the content of the earlier chapters The material in these later chapters is also particularly useful when the example application has been downloaded and installed on a local server, allowing the scripts to be modified and tested as the chapters are read Appendix B and Appendix C are also in a tutorial style We recommend Appendix B if you are interested in or are unfamiliar with the web environment and its underlying protocols Appendix C is a brief introduction to entity-relationship modeling for databases and shows the steps we took in designing the winestore database We recommend reading Appendix C after completing Chapter 3, and only if a detailed understanding of the winestore database is desired Conventions Used in This Book The following conventions are used in this book: Italic Used for program names, URLs, and database entities, and for new terms when they are defined Constant width Used for code examples, functions, statements, and attributes, and to show the output of commands Constant width italic Used to indicate variables within commands and functions This icon designates a note, which is an important aside to the nearby text This icon designates a warning relating to the nearby text How to Contact Us Please address comments and questions concerning this book to the publisher: O'Reilly & Associates, Inc 1005 Gravenstein Highway North Sebastopol, CA 95472 (800) 998-9938 (in the United States or Canada) (707) 829-0515 (international or local) (707) 829-0104 (fax) There is a web page for this book, which lists errata, examples, or any additional information You can access this page at: http://www.oreilly.com/catalog/webdbapps/ To comment or ask technical questions about this book, send email to: bookquestions@oreilly.com For more information about books, conferences, Resource Centers, and the O'Reilly Network, see the O'Reilly web site at: http://www.oreilly.com The authors can be reached at: hugh@computer.org dave@simdb.com Web Site and Code Examples Code examples from this book, data used to create the online winestore database, and the completed winestore application can be found at this book's web site, http://www.oreilly.com/catalog/webdbapps/ or at the authors' web site, http://www.webdatabasebook.com Acknowledgments We thank our technical reviewers, Justin Zobel, Harry Williams, S.M.M (Saied) Tahaghoghi, and Rasmus Lerdorf, for their expertise and diligence in helping to improve this book We also thank our editor, Lorrie LeJeune, and her editorial assistant, Sarmonica Jones We acknowledge the support of our employer, RMIT University; Hugh thanks the School of Computer Science and Information Technology, and David thanks the Multimedia Database Systems group We also thank our colleagues, who throughout this project have provided ideas, suggestions, and help In particular, we thank Abhijit Chattaraj for his help with the MySQL implementation of session support, and Derryn Grabowski and Jakub Korab for their help with an initial prototype of the winestore application Last, but most importantly, we thank our wives, Selina Williams and Louise Excell Very little of this book would exist without Selina's support of Hugh's hectic schedule; he's now looking forward to supporting her through the birth of their first child Louise has been especially patient with David throughout this project, and looks forward to his support in bringing up their second child, William David also thanks his daughter Beth; the wisdom of her advice in dealing with a troublesome PC was far beyond her three years: "now, just press one key at a time." D.1 Using a Database to Keep State HTTP is a stateless protocol that allows applications to distribute resources across more that one web server This allows an application to distribute requests across many web servers, thus dividing the load and permitting scaling of the application One of the main problems for session-based web applications is scalability Implementing session management in the middle tier of an application forces all HTTP requests to be processed by a particular web server To provide session support, all HTTP requests that belong to a session must be processed in the context of the session variables Consider an application that holds the contents of a shopping cart using session variables An HTTP request that submits an order must be processed by reading the session variables that hold the state of the cart Figure D-1 shows the three-tier architecture of a web database application, with the session store in the web server environment This is the approach described in Chapter 8 Figure D-1 Three-tier architecture using a web server to store session variables Figure D-2 Three-tier architecture using a database to store session variables Moving the session data to the database allows an application to scale horizontally at the middle tier as shown in Figure D-2 The web server doesn't have to keep session variables, so HTTP requests can be processed by different web servers The PHP scripts on each web server still implement the application logic, but session variables are retrieved from a central database In many applications, the middle tierthe layer that implements the application logicis the performance bottleneck By deploying multiple web servers, HTTP load balancing can be achieved and the database server better utilized However, there is a point at which the performance of the DBMS becomes the bottleneck Also, allowing multiple web servers to access a central database server requires strategies to control concurrent access, a topic discussed in Chapter 6 Colophon Our look is the result of reader comments, our own experimentation, and feedback from distribution channels Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects The animal on the cover of Web Database Applications with PHP and MySQL is a platypus The platypus (Ornithorhynchus anatinus) of Australia and Tasmania has been described as a living fossil Its earliest known remains date back 100,000 years, and it combines mammalian and reptilian features It is aquatic, furry, warm-blooded, and lays eggs It sports webbed feet, a beaverlike tail, and a ducklike bill The preferred plural of platypus is either "platypus" or "platypuses," and a baby platypus has been referred to as a "platapup." The platypus was first described by Dr George Shaw, a British scientist He thought the animal was a hoax and took a pair of scissors to the pelt, expecting to find stitches attaching appendages to skin The platypus is an air-breathing mammal that spends most of its day resting in an underground burrow However, it feeds only in the water and is rarely observed on land The platypus hunts mostly at night for such food as shrimp, worms, and aquatic insects Because the animal doesn't need to hear or see its intended food, a platypus protects its eyes and ears by automatically closing them underwater and relies on its bill to locate prey While diving, the platypus temporarily stores food in special cheek pouches When the animal returns to the surface to breathe, the food is ground up between rough pads located inside the bill A female platypus produces a clutch of one to three eggs in late winter or spring The mother is believed to incubate them between her lower belly and curled-up tail for about 10 days as she rests in an underground nest made of vegetation collected from the water She doesn't have nipples; her milk is instead secreted from two patches of skin midway along her belly It's believed that a platypup feeds by slurping up milk with sweeps of its stubby bill When juveniles enter the water at about four months, they are nearly as long as an adult The platypus is the only Australian mammal known to be venomous Adult males have a pointed spur located above the heel of each hind leg that can inject poison produced by a gland in the thigh Platypus venom isn't considered life-threatening to humans However, spurring is painful, because platypus spurs are sharp and can be driven in with great force; the poison itself triggers severe pain in the affected limb The platypus is officially classified as "common but vulnerable" in Australia As a species, it isn't currently considered endangered However, platypus populations are believed to have declined or disappeared, particularly in urban and agricultural settings; the specific underlying reasons for this decline is unknown Mary Anne Weeks Mayo was the production editor and copyeditor for Web Database Applications with PHP and MySQL Rachel Wheeler, Colleen Gorman, Emily Quill, and Jane Ellin provided quality control Leanne Soylemez and Phil Dangler provided production assistance Brenda Miller wrote the index Ellie Volckhausen designed the cover of this book, based on a series design by Edie Freedman The cover image is an original engraving from Johnson's Natural History Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font Melanie Wang designed the interior layout, based on a series design by David Futato Mihaela Maier converted the files from Microsoft Word to FrameMaker 5.5.6 using tools created by Mike Sierra The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's The Sans Mono Condensed The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia FreeHand 9 and Adobe Photoshop 6 The tip and warning icons were drawn by Christopher Bing This colophon was compiled by Mary Anne Weeks Mayo ... Errata Web Database Applications with PHP & MySQL Hugh E Williams David Lane Publisher: O'Reilly First Edition March 2002 ISBN: 0-596-00041-3, 582 pages Web Database Applications with PHP and MySQL offers web developers... Web Database Applications with PHP and MySQL offers web developers a mixture of theoretical and practical information on creating web database applications Using PHP and MySQL, two open source technologies that are often combined to develop web applications, the... Hugh and Dave's Online Wine Store, a complete (but fictional) online retail site implemented using PHP and MySQL only for RuBoard - do not distribute or recompile Web Database Applications with PHP & MySQL