setting up 855 Send button, 704 send() function, 704 sending messages, online newsletters, 704-708 sending mail, 371 Warm Mail application, 649-652 forwarding messages, 651-652 new messages, 649-651 replying to messages, 651-652 send_message() function, 650-651 sensitive data, storing, 336-337 credit card numbers, 338 serialization, 450-451 serialize() function, 450-451 server logs, 271 servers Apache. See Apache Web server authentication, 292-293 database servers, Web database architecture, 181 Equifax Secure Server, connecting with HTTPS, 388 FTP servers downloading files, 384-385 logging in to (mirroring files), 382 IIS (Internet Information Server) basic authentication, 319-321 configuring with Internet Services Manager, 319-321 remote FTP servers, connecting to (mirroring files), 382...
40 7842 index 3/6/01 4:22 PM Page 855 setting up Send button, 704 send() function, 704 sending messages, online newsletters, 704-708 sending mail, 371 Warm Mail application, 649-652 forwarding messages, 651-652 new messages, 649-651 replying to messages, 651-652 send_message() function, 650-651 sensitive data, storing, 336-337 credit card numbers, 338 serialization, 450-451 serialize() function, 450-451 server logs, 271 servers Apache See Apache Web server authentication, 292-293 database servers, Web database architecture, 181 Equifax Secure Server, connecting with HTTPS, 388 FTP servers downloading files, 384-385 logging in to (mirroring files), 382 IIS (Internet Information Server) basic authentication, 319-321 configuring with Internet Services Manager, 319-321 remote FTP servers, connecting to (mirroring files), 382 secure storage, 336-337 credit card numbers, 338 Secure Web servers, 298-299 Web servers, Web database architecture, 180-181 servers, 365 See also Web servers services adding to Web pages, 371-374 running Apache from, 797-798 services (commercial Web sites) adding value to, 276 providing, 275-276 taking orders for, 271-275 obstacles to potential customers, 273-275 ServicesPage class (object-oriented development), 166-167 session control, 430-433, 438-445 authentication, 438-445 authmain.php script, 438-443 logout.php script, 444-445 members_only.php script, 443-444 cookies, 431-433 setting, 431-432 storing session IDs, 432-433 session IDs, 430-431 storing in cookies, 432-433 session IDs, 430-431 storing in cookies, 432-433 session variables (Shopping Cart application), 541, 557 sessions, 433-437 configuring, 437-438 destroying, 435 example session, 435-437 starting, 433 variables, 434 deregistering, 434-436 registering, 433-436 session_get_cookie_ params() function, 432 session_is_registered() function, 434 session_register() function, 433 session_start() function, 433-436 session_unregister() function, 434-436 set error handler() function, 492 SET type, 205 setcookie() function, 431-432 setting passwords, user authentication, 519-521 setting up base canvases, 414-415 Book-O-Rama, 208 databases, 660-663 databases of lists, 657 OpenSSL, 788 poll database, code, 420-421 855 40 7842 index 856 3/6/01 4:22 PM Page 856 settype() function settype() function, 36 set_magic_quotes_ runtime() function, 449 set_time_limit() function, 386 Shopping Cart application, 540 administration interface, 575-584 administration menu (admin.php), 575-577 edit_book_form.php script, 580 insert_book.php script, 578-579 insert_book_form.php script, 578 show_book.php script, 579 administrator interface, 542 administrator view, 542-543 book_sc database, 546-548 catalog scripts, 548-556 index.php, 549-553 show_book.php, 549, 555-556, 579 show_cat.php, 549, 553-555 code modules, 543 database, 547-548 extensions, 584 files, 544-545 payment module, 572-575 process.php script, 572-575 payment systems, 541-542 process.php script, 574 session variables, 541, 557 shopping cart module adding items, 563-565 checkout.php script, 566-568 header bar summary, printing, 566 purchase.php script, 568-572 show_cart.php script, 557-560 updates, saving, 565-566 viewing contents of, 560-563 solution components, 540-542 solution overview, 542-545 tracking user’s purchases, 541 user view, 542-543 shopping carts, 540 short style (PHP tags), 15 SHOW COLUMNS statement, 255 SHOW command, 198-199 SHOW GRANTS statement, 255 output, 255 SHOW statement, 254-257 syntax, 255-257 SHOW TABLES statement, 254 showpoll.php file, 422-426 show_book.php script (Shopping Cart application), 549, 555-556, 579 show_cart.php script (Shopping Cart application), 557-560 adding items to cart, 563-565 header bar summary, printing, 566 updated carts, saving, 565-566 viewing contents of cart, 560-563 show_cat.php script (Shopping Cart application), 549, 553-555 show_source() function, 454 shuffle() function, 83-84 SHUTDOWN privilege, 191 signature.tif, 753 Simple Mail Transfer Protocol (SMTP), 371, 618 simplegraph.php file, 405 sin() function, 777 sites, Web, 402 See also FTP sites size of images, 593 Slashdot Web site, 304, 712 slashes, backslash (\), 112, 263 Smart Form Mail application, 94-96 regular expressions, 113-114 SMTP (Simple Mail Transfer Protocol), 371, 618 Snoopy class (PHP), 389 40 7842 index 3/6/01 4:22 PM Page 857 statements software, errors (security threats), 288-289 software engineering, 460-462 defined, 460-462 software errors (commercial Web sites), 279 solution components, user personalization, 499-500 sort() function, 79 sorting associative arrays, 79-80 asort() function, 79-80 ksort() function, 79-80 reverse sort functions, 80 sort() function, 79 multidimensional arrays, 80 reverse sorts, 82 user defined sorts, 80-82 Source Forge Web site, 806 SourceForge Web site, 389, 470 spam, reverse spam, 287 special characters literal special characters, 112 regular expressions, 113 special privileges, 191 specifications (CGI), 368 split() function, 115-116, 614 splitting strings explode() function, 102 strtok() function, 102-103 substr() function, 103-104 with regular expressions, 115-116 sprintf() function, 98 SQL (Structured Query Language), 208 ANSI standard, Web site, 226 Book-O-Rama database setting up, 208 tables, code to populate, 210 data, inserting into databases, 209-211 databases, 208 data, aggregating, 220-222 data, grouping, 220-222 data, inserting, 209-211 data, retrieving, 211-212 data, retrieving from multiple tables, 214-219 data, retrieving in a particular order, 219-220 data, retrieving with specific criteria, 212-214 dropping, 226 joins, 219 records, deleting, 225 records, updating, 223 rows unmatched, 217-218 rows, returning, 222-223 tables, aliases, 218-219 tables, altering, 223-225 tables, dropping, 226 tables, joining, 216-217 two-table joins, 214-216 MySQL aggregate functions, 221 join types, 219 RDBMSs (relational database management systems), 208 resources, 806 SQL commands, CREATE TABLE command, 194-195 SQL Course Web site, 806 SQL Pro Web site, 806 SQL tutorial Web site, 806 SSL (Secure Sockets Layer), 285, 331-335, 782 compression, 335 encryption, 346-347 handshaking, 334 installing, 783-787 protocol stacks, 333 sending data, 334-335 testing, 792-793 standards, code, 463 starting sessions, 433 startup parameters, 794 stat() function, 364 statements ALTER TABLE, 223 syntaxes, 224 break statement, 47 continue statement, 47 DELETE, 225 DESCRIBE, 257 syntax, 257 describe user [edit, OK], 247 DROP DATABASE, 226 DROP TABLE, 226 857 40 7842 index 858 3/6/01 4:22 PM Page 858 statements echo statements, 20-21 else statements, 39-40 elseif statements, 40 exit statement, 47 EXPLAIN, 257-260 column values, 259 join types, 258 output, 257-260 GRANT, 246, 255 if statements, 38 include() statement, 127-129 INSERT, 209 LOAD DATA INFILE, 263 PHP statements, 15-16 require() statement, 119-129 auto_append_file (php.ini file), 126-127 auto_prepend_file (php.ini file), 126-127 filename extensions, 120-121 PHP tags, 121 Web site templates, 121-126 return statement, 140 SELECT, 211 LIMIT clause, 222 ORDER BY clause, 219 SHOW, 254-257 syntax, 255-257 SHOW COLUMNS, 255 SHOW GRANTS, 255 output, 255 SHOW TABLES, 254 switch statements, 41-42 UPDATE, 223 status, variable status, 37 STD (column) function, 221 STDDEV (column) function, 221 stock quotes, retrieving for Web pages, 371-373 storage of files, content management systems, 590 store account() function, 674 store list() function, 694 store_account_settings() function, 634-635 store_new_post() function, 739, 741 stories.php, 596 stories.php files, 602-611 storing bookmarks, 500 passwords, 252 passwords (authentication), 308-310 redundant data (Web databases), 176-178 strings, formatting for storage, 100-101 session IDs in cookies, 432-433 storing data, files See files storing sensitive data, secure storage, 336-337 credit card numbers, 338 story submit.php, 596 story.php, 596 strcasecmp() function, 105 strcmp() function, 104 str replace() function, 108, 761 strategies, commercial Web sites, 280 string column types, 204-205 ENUM type, 205 regular string data types, 204 SET type, 205 TEXT types, 205 string concatenation operator, 20-21 string operators, 27 strings comparing, 104-105 length of strings, testing, 105 strcasecmp() function, 105 strcmp() function, 104 strnatcmp() function, 105 evaluating, 449 formatting, 96-101 AddSlashes() function, 101 case, changing, 99-100 chop() function, 97 conversion specifications, 98-99 for printing, 97-99 for storage, 100-101 HTML formatting, 97 ltrim() function, 97 nl2br() function, 97 StripSlashes() function, 101 trim() function, 96 trimming excess whitespace, 96-97 joining implode() function, 102 join() function, 102 length, testing, 105 40 7842 index 3/6/01 4:22 PM Page 859 syntax ordering strcasecmp() function, 105 strcmp() function, 104 strnatcmp() function, 105 printing formatting strings for printing, 97-99 print() function, 97 printf() function, 98-99 sprintf() function, 98 splitting explode() function, 102 strtok() function, 102-103 substr() function, 103-104 with regular expressions, 115-116 storing, formatting strings for storage, 100-101 substrings accessing, 103-104 finding, 105-107, 114-115 numerical position of, finding, 107-108 replacing, 108-109, 115 tokens, 102 stripslashes() function, 101, 233, 254, 336 strip_tags() function, 336 stristr() function, 107 strlen() function, 105 strnatcmp() function, 105 str_replace() function, 108 Stronghold, 298 Strpos() function, 107-108 Strrpos() function, 107 strstr() function, 106-107, 528 strtok() function, 102-103 strtolower() function, 100 strtoupper() function, 100 structure, content management systems, 592 Structured Query Language See SQL structures component, 467 directory, 467 component structures, 467 subclasses (object-oriented development), 150, 156-157 subexpressions, 111-112 submit button, users (votes), 421 subscribe() function, 688 subscribers, databases, 657 subscribing (MLM), 687-689 substr() function, 103-104 substrings accessing, substr() function, 103-104 finding, 105-107 numerical position, 107-108 strpos() function, 107-108 strrpos() function, 106-107 strstr() function, 106-107 with regular expressions, 114-115 replacing, with regular expressions, 115 substr_replace() function, 108-109 subtraction operator, 26 SUM(column) function, 221 Summary Web site, 271 superclasses (object-oriented development), 150, 156-157 supporting images in PHP, 402 switch statements, 41-42 switches, mysql command -h switch, 186 -p switch, 186 -u switch, 186 syntactic sugar, 462 syntax, 478 ADD INDEX [index] (column, ), 224 ADD PRIMARY KEY (column, ), 224 ADD UNIQUE [index] (column, ), 224 ADD [COLUMN] (column_description, column_description, ), 224 ADD [COLUMN] column_description [FIRST | AFTER column ], 224 ALTER [COLUMN] column {SET DEFAULT value | DROP DEFAULT}, 224 CHANGE [COLUMN] column new_column description, 224 DESCRIBE statement, 257 DROP INDEX index, 224 DROP PRIMARY KEY, 224 DROP [COLUMN] column, 224 extended, 222 859 40 7842 index 860 3/6/01 4:22 PM Page 860 syntax MODIFY [COLUMN] column_description, 224 RENAME [AS] new_table_name, 224 SHOW statement, 255-257 syntax errors, 478-480 syntax highlighter, 454-455 syntaxes, ALTER TABLE statement, 224 system capacity limits (commercial Web sites), 279 system requirements, user personalization, 498 system() function, 366 systems, database security, 246, 252 See also privilege system SYSTRAN Web site, 804 t1lib, downloading, 402 T tab control sequence (\t), 58 tables aliases, 218-219 altering, 223-225 BDB, 263 Book-O-Rama database (SQL code), 210 Cartesian product, 215 column types, 196-198 columns, 173 atomic column values, 178 DESCRIBE statement, 257 columns_priv, 247-250 mysql database, 250 creating in MySQL, 194-199 keywords, 196 viewing tables, 198-199 data, retrieving, 214-219 database optimization, 261-262 db, 247-249 mysql database, 248-249 dropping, 226 equi-joins, 215 grant, 247-251 HEAP, 262 host, 247-249 mysql database, 249 joining, 216-217 joins, 214, 219 keys, 173-175 creating for Web databases, 179 left joins, 217-218 MyISAM, 262 rows, 173 returning, 222-223 unmatched, 217-218 values, 173 schemas, 175 scope fields, 248 tables_priv, 247-250 mysql database, 250 two-table joins, 214-216 types, 262-263 user, 247-248 mysql database, 247 tables (databases), 173 types, 180 tables_priv table, 247-250 mysql database, 250 tags HTML tags, meta tags, 160 , 594 PHP tags, 14-15 ASP style, 15 require() statement, 121 SCRIPT style, 15 short style, 15 XML style, 15 TCP (Transmission Control Protocol), 333 TCP/IP networks, security, 284 templates, Web site templates (require() statement), 121-126 terminating execution (scripts), 450 ternary operator, 32 testing code, 474-475 GPG (Gnu Privacy Guard), 342-347 PHP support, 791 Windows environment, 800 SSL, 792-793 string length, 105 variable status, 37 text anti-aliasing, 408 buttons, colors and fonts, 411 ciphertext (encryption), 293 fitting onto buttons, 415-418 images creating, 410-419 drawing or printing on, 406-408 40 7842 index 3/6/01 4:22 PM Page 861 tracking user’s purchases (Shopping Cart application) plain text (encryption), 293 positioning onto buttons, 418 writing onto buttons, 419 text files, 50-51 checking existence of, 63 checking size of, 63 closing, 58-59 deleting, 63 disadvantages, 66 formats, 58 locking, 65-66 navigating inside files, 64 opening, 52 file modes, 52 fopen() function, 53-54 FTP (File Transfer Protocol), 54-55 HTTP (Hypertext Transfer Protocol), 55 potential problems, 55-56 reading, 52 feof() function, 60 fgetc() function, 62-63 fgetcsv() function, 61 fgets() function, 60 fgetss() function, 61 file() function, 62 fopen() function, 60 fpassthru() function, 62 fread() function, 63 readfile() function, 61 vieworders.php interface, 59-60 writing to, 52 file formats, 58 fwrite() function, 57 TEXT type, 204-205 Thawte, 297 Thawte Web site, 289 threaded discussion group application, 712 article list, 718-731 collapsing threads, 719, 723 displaying articles, 724 expanding threads, 719-723 individual articles, viewing, 731-734 new articles, adding, 734-741 plus symbols, 719 treenode class, 725-731 database design, 716-718 extensions, 741 files, 715 posters, 716 solution components, 712-714 solution overview, 714-715 tree of articles, 729 tree structure, 713-714 tree_node class, 713 threaded discussion groups, threads, 712 threads (Web forum application) collapsing, 719, 723 expanding, 719-724 threats to security, 283-290 Denial of Service (DoS), 287 errors in software, 288-289 exposure of confidential data, 283-285 loss or destruction of data, 285-286 modification of data, 286 repudiation, 289-290 three-dimensional arrays, 77-79 TIFF library Web site, 751 time and date converting between PHP and MySQL formats, 396-398 in MySQL DATE_FORMAT() function, 396-397 MySQL Web site, 400 UNIX_TIMESTAMP function, 397-398 in PHP, 392-396 calendar functions, 399 checkdate() function, 396 date calculations, 398-399 date() function, 392395 floor() function, 399 getdate() function, 395 mktime() function, 394-395, 398 PHP Web site, 400 timeouts, avoiding (FTP), 386 TIMESTAMP display types, 203 TLS (Transport Layer Security), 335 tokens (strings), 102 totaling forms with operators, 33-34 touch() function, 365 traceroute command (UNIX), 285 tracking success of Web sites, 270-271 tracking user’s purchases (Shopping Cart application), 541 861 40 7842 index 862 3/6/01 4:22 PM Page 862 transactions, secure transactions, secure, 328-332 Internet, 330-331 screening user input, 336 Secure Sockets Layer (SSL), 332-335 secure storage, 336-337 user information, 328 user machines, 329-330 your system, 331-332 Transmission Control Protocol (TCP), 333 Transport Layer Security (TLS), 335 tree of articles (Web forum application), 729 tree structure (Web forum application), 713-714 tree node class (Web forum application), 725-731 tree_node class, 713 triggering errors, 492 trim() function, 96, 232 Tripwire, 286 troubleshooting opening files, 55-56 TrueType fonts, 411 tuples (tables), 173 two-dimensional arrays, 75-77 contents, accessing, 76 two-table joins, 214-216 type codes, conversion specification type codes, 99 types of tables, 262-263 types (variables), 22-24 casts, 23 data types, 22 variable variables, 23-24 U u switch (mysql command), 186 uasort() function, 82 ucfirst() function, 100 ucwords() function, 100 uksort() function, 82 umask() function, 361 undefined functions, calling, 131 uninterruptible power supply (UPS), 302 UNISYS, LZW (Lempel Ziv Welch), 404 UNISYS Web site, 404 UNIX, 787-789 Apache for, 798-799 installing Apache, 787-789 mod_SSL, 787-789 MySQL, 783-787 PHP, 783-787 traceroute command, 285 UNIX time stamps, date() function, 394-395 UNIX_TIMESTAMP function, 397-398 unlink() function, 63, 365 unmatched rows, 217-218 unpublish story.php, 596 unserialize() function, 451 unset() function, 37 UNSIGNED keyword, 196 unsubscribe() function, 688 unsubscribing (MLM), 687-689 update anomalies (Web databases), avoiding, 177-178 UPDATE privilege, 190 UPDATE statement, 223 updating privileges, 251 records, 223 vote database, code, 422-423 upload.html file, 353 upload.php, 660 upload.php file, 354 uploaded file listing, code, 358-359 uploading files, 352-353 displaying, 357 FTP functions, 385 HTML, 353-354 HTML forms, 352 PHP, writing, 354-357 problems, 358 online newsletters, 695, 697-698 multiple files, 698-702 UPS (uninterruptible power supply), 302 UPS Web site, 276 url_encode() function, 374 url_fns.php, 502 USAGE privilege, 191 user auth fns.php, 595 user authentication, 506 input data, validating, 510 logging in, 513-517 logging out, 518 passwords, resetting, 521-526 passwords, setting, 519-521 registering, 507-511 user declared variables, 22 user defined sorts, multidimensional arrays, 80-82 40 7842 index 3/6/01 4:22 PM Page 863 variable variables user feedback (commercial Web sites), 271 user input, screening, 336 user interface design (commercial Web sites), 274 user personalization bookmarks, adding, 526529 bookmarks, deleting, 530532 bookmarks, displaying, 529-530 bookmarks, recommending, 500 bookmarks, storing, 500 defined, 498 recommendations, implementing, 532-536 solution components, 499500 system requirements, 498 usernames, 499 user privileges, database security, 253 user table, 247-248 mysql database, 247 user view (Shopping Cart application), 542-543 userfile field (HTML form), 354 usernames, 499 users administrative users privileges, 191 setting up, 192 authentication, 304-325 access control, implementing, 305-312 basic authentication See basic authentication digest authentication, 313 encrypting passwords, 310-311 identifying users, 304-305 mod_auth_mysql module, 322-324 multiple pages, protecting, 312 storing passwords, 308-310 Web sites, 324 privileges, 188-193 global privileges, 189 GRANT command, 188-189, 192-193 principle of least privilege, 188 REVOKE command, 192-193 types, 190-191 secure transactions, 329-330 setting up in MySQL, 187-188, 192-193 GRANT command, 188-189, 192-193 votes casting, 421 code to cast, 420-421 results, drawing, 421 user_auth_fns.php, 502, 660 user_auth_fns.php library, check_auth_user() function, 630 Using mkdir() function, 361 usort() function, 80-82 utilities myisamchk, 260 EXPLAIN statement output, 260 PHP Web application projects, 470 V valid email() function, 510-511 validating user authentication input data, 510 values array elements, 71 assigning to variables, 22 atomic column values (databases), 178 columns, EXPLAIN statement, 259 default, database optimization, 262 null values, avoiding (Web databases), 179-180 returning, 81 assignment operator, 27 returning from functions, 141-142 values (tables), 173 variable functions, 36-38 re-interpreting variables, 37 type testing functions, 36 variable status, testing, 37 variable names, code, 463-464 variable scope, 136-138 variable status, testing, 37 variable variables, 23-24 863 40 7842 index 864 3/6/01 4:22 PM Page 864 variables variables arrays, 70-71 applying functions to elements, 89-90 associative arrays, 73-75 converting to scalar variables, 91-92 counting elements, 90-91 elements, 71 indexes, 71 loading from files, 85-87 multidimensional arrays, 75-79 navigating within an array, 88-89 numerically indexed arrays, 71-73 reordering, 83-85 sorting, 79-80 two-dimensional arrays, 77 debugging, 486-489 drawing, code, 423 environment, functions, 367-368 file, 354 form variables, accessing, 19-21 global variables, 136 identifiers, 21 local variables, 136 scalar variables, 70 converting arrays to, 91-92 scope, 25 session variables, 434 deregistering, 434-436 registering, 433-436 Shopping Cart application, 557 types, 22-24 casts, 23 data types, 22 variable variables, 23-24 user declared variables, 22 values, assigning, 22 verifications (MySQL database) connection, 250 request, 251 VeriSign, 297 VeriSign Web site, 289 version control (code), 467-468 CVS (Concurrent Versions System), 468 multiple programmers, 468 repository, 467-468 versions Windows 2000, 794 Windows 95/98, 794 Windows NT, 794 View Mail button, 703 viewing databases in MySQL, 198-199 list archives, 686-687 lists, 679, 681-686 action buttons, 681-682 message headers (Warm Mail application), 647 tables in MySQL, 198-199 vieworders.php interface, 59-60 views, File Details, 363 vote database results, code to retrieve, 422-423 updating, code, 422-423 vote.html file, 420 votes of users, code to cast, 420-421 users casting, 421 results, drawing, 421 W-Z w file mode, 54 w+ file mode, 54 W3C (World Wide Web Consortium) Web site, protocols, 389 Warm Mail application (email client), 618 accounts creating, 634-636 deleting, 636-637 modifying existing accounts, 636 selecting (reading email), 637-640 setting up, 632-637 application architecture, 621 database, setting up, 622-623 deleting email, 648 extensions, 652-653 files, 621 IMAP function library, 619-620 interface, 620-621 logging in, 629-631 logging out, 632 reading mail, 637-647 mailbox contents, viewing, 640-643 message headers, viewing, 647 ... syntax, 25 5-2 57 SHOW TABLES statement, 254 showpoll .php file, 42 2-4 26 show_book .php script (Shopping Cart application), 549, 55 5-5 56, 579 show_cart .php script (Shopping Cart application), 55 7-5 60 adding... module, 57 2-5 75 process .php script, 57 2-5 75 payment systems, 54 1-5 42 process .php script, 574 session variables, 541, 557 shopping cart module adding items, 56 3-5 65 checkout .php script, 56 6-5 68 header... (admin .php) , 57 5-5 77 edit_book_form .php script, 580 insert_book .php script, 57 8-5 79 insert_book_form .php script, 578 show_book .php script, 579 administrator interface, 542 administrator view, 54 2-5 43