Вы находитесь на странице: 1из 512

PHP and

MySQL

The book that should have been in the box

Brett McLaughlin

Beijing | Cambridge | Farnham | Kln | Sebastopol | Tokyo

PHP
MySQL

 ! "#

2013

32.988-02-018
004.738.5
15

15 PHP MySQL. . .: , 2013. 512 .: .


ISBN 978-5-459-01550-8
CSS JavaScript,
- - PHP MySQL. -
.
, ,
, -.
PHP- -.
PHP SQL.
.
-, .
, .
,
.
.

32.988-02-018
004.738.5

'Reilly. .

.
, , , -
. , ,

, .

ISBN 978-0596515867 .

2012 Brett McLaughlin. All rights reserved

ISBN 978-5-459-01550-8

, 2013

, 2013


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

1. PHP MySQL
1. PHP: , ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2. PHP: . . . . . . . . . . . . . 50
3. MySQL SQL: . . . . . . . . . . . . . . . . . . . . . . . . 82

2. -
4. PHP MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
5. . . . . . .157
6. - . . . . . . . . . . . . . . . . . . . . . .174

3. - -
7. - ( ) . . . . . . . .222
8. . . .260
9. . . . . . . . . . . . . . . . .294
10. , . . . . . . . . . . .337

4.
11. . . . . . . . . . . . . . . . . . . . . . . . . .392
12. Cookie-,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .428
13. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
PHP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PHP . . . . . . . . . . . . . . . . . . . . . . . .
PHP , JavaScript .
PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MySQL? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Macintosh Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
FTP: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

14
15
17
17
18
18
19
19
19
20
20
21

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

1. PHP MySQL
1. PHP: , ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
. . . . . . . . . . . . . . . . . . .
PHP (PC)
PHP Macintosh . . . . . . . . . . . .
. . . . . . .

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

26
27
32
36

. . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . .
: HTML-
PHP- . . . . . . . . . . . . . .
. . . . . . . . . . . .
HTML, CSS PHP . . . . . . . . .
. . . . . . . . . . . . .

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

39
41
42
42
43
45
46
48

2. PHP: . . . . . . . . . . . . . 50
- . . . . . . . . . . . . . .
.
. . . . . . . . . . . . . . . . .
PHP . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . .
$_REQUEST . . . . . . . . . . . . . . . . . . . . . . . . .
. . .
$_REQUEST . . . . . . . . . .
? . . .

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.

50
50
54
58
58
60
65
68
73
74
76
80

3. MySQL SQL: . . . . . . . . . . . . . . . . . . . . . . . . 82
? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . .
. . . . . .
() . . . . .
MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MySQL Windows . . . . . . . . . . . . . . . . . . . . . . . . . . .
MySQL Mac OS X . . . . . . . . . . . . . . . . . . . . . . . . . .
SQL- . . . . . . . . . . . . . . .
SQL . . . . . . . . . . . . . .
-. . . . . . . . . . . .
USE .
CREATE . . . . .
DROP . . . . . . . .
INSERT .
SELECT . . . . . . . . . . . . . . .

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

. . . . . . . 82
. . . . . . . 82
. . . . . . . 84
. . . . . . . 86
. . . . . . . 86
. . . . . . . 88
. . . . . . . 94
. . . . . . .100
. . . . . . .105
. . . . . . .107
. . . . . . .109
. . . . . . .110
. . . . . . .114
. . . . . . .115
. . . . . . .116

2. -
4. PHP MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
PHP-, . .
MySQL . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SHOW . .
.
SQL- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . .
. . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
, . . .
SQL- . . . . . . . . . .
HTML- . . . . . . . .
( ) . . . . . . . . . . . . . . . . . . . . .
SQL- ( ) . . . . . . . . . . . . .
,
- . . . . . . . . . . . . . . . . . . . . . . . .
,
SELECT . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.120
.121
.125
.127
.128
.129
.133
.134

.
.
.
.
.
.

.
.
.
.
.
.

.135
.137
.140
.140
.142
.143

. . .145
. . .148
. . .152
. . .153

5. . . . . . .157
, . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . .
... . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
trim strtoupper . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
: .

.........
.........
.........
.........
.........
.........
.........

.158
.158
.160
.164
.166
.168
.172

6. - . . . . . . . . . . . . . . . . . . . . . .174
. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
id.
. . . . . . . . . . . . . . . . . . . . . . . . .

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.174
.176
.177
.178

ID . . . . . . . . . . . . . . . . .178
. . . . . . . . . . . . . . . . . . . . . .180
. . . . . . . . . . . . . . . . . . . . . . . . . . . .182
SQL- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
. . . . . . . . . . . . . . . . . . . . . . . . .188
. . . . . . . . . . . . . .189
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
. . . . . . . . . . . . . . . .191
ALTER . . . . . . . . . . . . . . . .194
: . . . . . . . . . . . . . . . . . . . . . . . . . .196

SELECT . . . . . . . . . . . . . . . . . . . . . . . . . . .201
SQL- . . . . . . . . . . . . . . . .204
ID show_user.php . . . . . . . . . . . .207
,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
. . . . . . . . . . . . . . . . . . . . . . . . . . . .210
. . . . . . . . . . . . . . . . . .213

( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . .216

3. -
-
7. - ( ) . . . . . . . .222
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224
?. . . . . . . . . . . . . . . . . . . . . . . . . . .225
, . . . . . . . . . . . . . . . . .228
PHP . . . . . . . . . . . . . . . .230
PHP . . . . . . . . . . . . . . . . . . . . . .231
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
. . . . . . . . . . . .237
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240
,
PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241

10

require require_once . . . . . . . . . . . . . . . . . . . . . . . . . . . .247


, . . . . . . . . . . . . . . . . . . . . . . . . .249
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
show_error.php . . . .251
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
. . . . . . . . . . . . . . . . . . . . . . . .256

8.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .260
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .261
HTML . . . . . . . . . . . . . . . . . . . . . . . . . .263
. . . . . . . . . . . . .266
? . . . . . . . . . . . . . . . . . . . . . . . .270
. . . . . . . . .279
, . . . . . . . . . . . . . . . . . . . . . . .282
SELECT
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283
URL- . . . . . . . . . . .285
: . . . . . . . . . .289
app_cong.php . . . . . . . . . . . . .291
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293

9. . . . . . . . . . . . . . . . .294
. . . . . . . . . . . . . . . . . . . . .294
. . . . . . . . . . . . . . . . . . . . .297
getimagesize . . . . . . . . . . . . . .300
le_get_contents . . . . . . . . . . . .300
INSERT . . . . . . . . . . . . .300
. . . . . . . . . . . . . . . . . . .301
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302
ID . . . . . . . . . . . . .305
. . . . . . . . . . . . . . . . . . . . . . . . . .308
. . . . . . . . . . . . . . . .310
WHERE . . . . . . . . . . . . . . . . .316
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324
, . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328

11

, . . . . . . . . . .329
. . . . . . . . . . . . . . . . . .329

(src) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
, ?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
, ... . . .335

10. , . . . . . . . . . . .337
, . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
,
- . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
SELECT ( )
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
. . . . . . . . . . . . . . . .344
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .350
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .350
. . . . . . . . . . . . . . . . . . . . . . . . . . . .351

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
, . . . . . . . . . . . . . . . . . . . .358
. . . . . . . . . . . . . . . .359
,
JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362
alert . . . . . . . . . . . . . . . . . . . . . . . . . . .368
. . . . . . . . . . . . . . . . . . . . . . . . .369
. . . . . . . . . . . .372
. . . . . . . . . . .374
View Display . . . . . . . . . . . .376
, . . . . . . . . . . . . . . . . . . . . . .377
View . . . . . . . . . . . . . . . . . .377
. . . . . . . . . . . . . . . . . . . . . . . . .378

View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384
. . . . . . . . . . . . . . . . . . .386

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .387

12

4.
11. . . . . . . . . . . . . . . . . . . . . . . . . .392
. . . . . . . . . . . . . . . . . . . . . . . . . . .
HTTP- . .
... . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
( !) . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
: authorize.php . . . . . . . . . . . . . . . . . .
PHP . . . . . . . . . . . . . . . . . . . . .
users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . .
. . . . . . .
. . . . . . . . . . . . . . . . . . . . . . .
authorize.php users. . . . . . . . . . . .
,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
crypt . . . . . . . . . . . . . . . . .
crypt . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . .

.393
.394
.395
.396
.397
.398
.399
.403
.403
.407
.408
.409
.411
.415
.419
.422
.423
.424
.425

12. Cookie-,
. . . . . . . . . . . . . . . . . . . . . . . . . . . .428
. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .

HTTP- ookie- . . . . . .
cookie- . .
? . . . . . . . . . . . . . . . . . .
?. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
. . . . . . . . . . .
cookie- . . . .
. . . . . .
. . . . . . . . . . . . . . . . . . . . . . . .

.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.

.429
.430
.432
.435
.436
.438
.438
.440
.442
.444
.447
.450
.454

13

- . . .
. . . . . . . . . . . . . . . .
HTML . . . . . . . . . . .
.
cookie- .

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.455
.456
.459
.463
.465

13. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469
. . . . . . . . . . . . . . . . . . . . . . . .
groups . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
authorize.php . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
, , . . . . . . . . . . . . . . . . . .
, .
. . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
$_COOKIE $_SESSION . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . .
$_REQUEST
$_SESSION . . . . . . . . . . . . . . . . . . . . . . . . . .
? . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
? . . . . . . . . . . . . . . . . . . . . . . .
cookie-? . . . . . . . . . . . . . . . . . .

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.469
.470
.471
.475
.476
.477
.479
.481
.485
.487
.491
.494
.494
.495
.496

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.500
.502
.503
.504
.507


)5.-
t$BTDBEJOH4UZMF4IFFUT $44

+BWB4DSJQU 
+BWB4DSJQU 
 


 
+BWB4DSJQU K2VFSZ
+BWB4DSJQU K2VFSZ
+BWB4DSJQU K2VFSZ
+BWB4DSJQU K2VFSZ
K2VFSZ
K2VFSZ

+BWB4DSJQU 
$44)5.-


 
  DPPLJF 
 
1BZ1BM 
 
 )5.- $44+BWB4DSJQU
1)1.Z42-

1)1  
 
 

PHP?
1)1t+BWB4DSJQU 


)5.- t
 
 1)1
1)1

 


15

PHP?
PHP . PHP Personal Home Page
( ), -, HTML, CSS JavaScript. Personal
Home Page , , - , , .
PHP PHP: Hypertext Preprocessor (PHP:
). , , : PHP , .
, , .
, , .
, PHP , PHP.

PHP
 
1)1 
1)1 
 
  

1)1

. 0.1. PHP-
Windows

1)1      )5.-    
DPPLJF

)5.- 
 )5.-  1)1

16

1)1 )5.-  


 1)1
<?php
require '../../scripts/database_connection.php';
// ,
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;
//
$result = mysql_query($select_query);
//
?>
<html>
<!-- HTML PHP -->
</html>

  )5.- 


)5.- 

 
1)1 
)5.-
 
)5.-1)1
)5.-1)1
1)1
1)1

)5.-+BWB4DSJQU
1)1 

. 0.2. HTML

17

PHP ,
JavaScript
+BWB4DSJQU  +BWB4DSJQU
 
  
var  
 t


1)1 +BWB4DSJQU 
 
 
 +BWB4DSJQU 
1)1 
 

 
1)1 
1)1 
 

 
*OUFSOFU&YQMPSFS +BWB4DSJQU

PHP
1)1 
1)1
1)1


  
 )5.-
)5.-




 +BWB$ 
 
 
   

 1)1+BWB4DSJQU  

1)1
  


18

MySQL?
.Z42-t 
t 
 .Z42-
42-  .Z42-

42-  .Z42-

  .Z42-

.Z42-



.Z42- 
1)1
 .Z42-t  
.Z42-t  
t  
        .Z42-  
 
  

c.Z42-
  



1)1  
 
 1)1
 


t 
 1)1
1)1 

 
     1)1     



 
 
 )5.-$44
 +BWB4DSJQU
 
       

     
        


19

Macintosh Windows
1)1.Z42- .BDJOUPTI8JOEPXT 
 

 
 

  
1)1 
.BDJOUPTI8JOEPXT
 )5.-$44

FTP:
 '51
'51

1)1 
1)1 
 
viemacs

.
, ,
, ,
.

FTP-. , .

 
'51
'51

$ZCFSEVDL XXXDZCFSEVDLDI
 
 
'51 



 

 1)1.Z42-
1)1  
1)1


20

.Z42-

  


  
 
 63- 
 5XJUUFS

  

 

 
  
 
  
 

 


 
 

DPPLJF
 

.JTTJOH.BOVBM XXXNJTTJOHNBOVBMTDPNDETQIQNZTRMNN




 
  
   
  
  

XXXNJTTJOHNBOVBMTDPN

-
  
XXXNJTTJOHNBOVBMTDPNDETQIQNZTRMNN


21

  
 


  



  
 
1)1 .Z42- 
1)1 .Z42- 
.Z42- 
.Z42- 
 
XXXNJTTJOHNBOVBMTDPNGFFECBDL


  #SFUU .D-BVHIMJO
t     
 

 
 

  
 

/"4"  
 1)1
.Z42-


 /BO#BSCFS
t .JTTJOH.BOVBM

OBOCBSCFS!PSFJMMZDPN
 +BTNJOF1FSF[
t 
+BTNJOF1FSF[
t 
1FSF[
t 
1FSF[
t 

t 
t 
t 
 
8'.6  
KQFSF[!PSFJMMZDPN
 /BO3FJOIBSEU
t
/BO3FJOIBSEU
t
3FJOIBSEU
t
3FJOIBSEU
t

t
t
t


XXXOBOSFJOIBSEUDPN
SFJOIBSEU!DPNDBTUOFU
 4IFMMFZ1PXFST
t 
)5.- 
0o3FJMMZXXXCVSOJOHCJSEOFU
 4UFWF4VFISJOH
t 

 

XXXCSBJOHJBPSH

23


  
  
 
  
 

   
 #SJBO4BXZFS
  

 
 /BO#BSCFS

 
 

 4IFMMFZ1PXFST

 4UFWF4VFISJOH
 
 
  
1)1
   
 

       0o3FJMMZ
    
 
  
   c




 
IBMJDLBZB!NJOTLQJUFSDPN  


IUUQXXXQJUFSDPN


1)1.Z42-

1)1 
1)1
.Z42-42-

PHP: ,
?

1)1t 

 1)1 
1)1  
1)1 

 
1)1  
 
  
1)1 


1)1 )5.-
)5.-
)5.-


1)1 
 1)1

1)1
1)1
1)1

 
  
1)1

1)1  
1)1  
 
 

1. PHP: , ?

27

PHP (PC)

 
1)1
1)1
1)1



Macintosh, .
PHP Macintosh .

        XXXQIQOFU
1)1 
1)1 

1)1  
1)1  
 
1)11)1
t4UBCMF3FMFBTFT 


. 1.1. PHP
- www.php.net

 
  

1)1
1)1

1)1  


28

1. PHP MySQL

 


. 1.2. - PHP

1)1
8JOEPXT#JOBSJFT 8JOEPXT
 
1)18JOEPXT
IUUQXJOEPXTQIQOFUEPXOMPBE 

IUUQXJOEPXTQIQOFUEPXOMPBE

 
 /PO5ISFBE4BGF
  5ISFBE4BGF

/PO5ISFBE4BGF 

 


*OTUBMMFS

 8JOEPXT
1)1
 

1. PHP: , ?

29

. 1.3. , PHP Windows


, , .
:
, .
,
: ! ! ( )
( ).
1.0, . , 2.2 PHP 1.1
, , - . ,
- PHP,
, .
.

30

1. PHP MySQL

, http://windows.php.
net/download, : .
URL-, www.php.net. ,
Google PHP www.php.net,
, Windows- ,
PHP.

 
8JOEPXT 
"MMPX

/FYU

 
$=1SPHSBN'JMFT=1)1= 
1)1
 
1)1
 
  
 %POPUTFUVQBXFCTFSWFS



. 1.4. -

PHP Windows. : ?
PHP , Windows, 2000 . PHP :
(Thread Safe). Mac OS X Unix/Linux-
, , Windows . Windows-

1. PHP: , ?

31

, , , PHP
, .
,
. PHP Windows , PHP- Windows ,
. PHP- , -,
Windows, PHP-,
. PHP
-
PHP,
. ,
(Non Thread Safe). ,
: 10 40 %
.
, , PHP , , .
. , ( ,
,
), ,
, ,
, , .
  

8JOEPXT1)1 
  

. 1.5.

32

1. PHP MySQL

 &YUSBT

 
/FYU

 *OTUBMM
 

1)1
1)1 
cmd  
 1)1 php



. 1.6. PHP

 
 1)1


PHP Macintosh
.BDJOUPTI  
 1)1  
.BDJOUPTI 1)1
 .BDJOUPTI5FSNJOBM
5FSNJOBM  

1)1"QQMJDBUJPOT 
4IJGU "
6UJMJUJFT 
6UJMJUJFT 

1. PHP: , ?

33

.BD049 
 


. 1.7. Utilities , Mac OS X

Shift+ +A ,
. ,
, Shift+ +A.


, , Finder .
, .
Shift+ +A , . ,
.
, ,
. , "QQMJDBUJPOT
6UJMJUJFT ().

34

1. PHP MySQL

"QQMJDBUJPOT
5FSNJOBM

 
5FSNJOBM
5FSNJOBM

.BDJOUPTI
1)1 


. 1.8. Terminal

Terminal PHP-
. Terminal, dock-.

5FSNJOBM
5FSNJOBM

 
 
5FSNJOBM 
5FSNJOBM 
 
   
  


. 1.9. Terminal

1. PHP: , ?

35

 1)1  php 


 &OUFS

 
$POUSPM $  which php
 which  
 tphp
  php
VTSCJO  

. 1.10. which

 php  

PHP
, PHP
( php, ) . , Apple Software Update,
PHP. , PHP , Terminal php version.
:
Bretts-MacBook-Pro:~ bdm0509$ php version
PHP 5.3.4 (cli) (built: Dec 15 2010 12:15:07)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

, PHP, , 5.3.4. (
PHP (PC) .)
PHP, - XXX
QIQOFU PHP. ,
Macintosh-, , , unzip tar, - ,
.

36

1. PHP MySQL

, Mac Software Update ,


. .
4PGUXBSF6QEBUF (
) , Macintosh-. , .


1)1
1)1

1)1)5.- 
$44+BWB4DSJQU 
)5.-
)5.- $44t$44 +BWB4DSJQUt+4 1)1t
$44t$44 +BWB4DSJQUt+4 1)1t
t$44 +BWB4DSJQUt+4 1)1t
+BWB4DSJQUt+4 1)1t
t+4 1)1t
1)1t
t
1)1
1)1 
 
1)18JOEPXT 
.BDJOUPTI 
5FYU&EJU
5FYU&EJU

 
 1)1 

 
1)1 8JOEPXT /V4QIFSF1IQ&%
XXXOVTQIFSFDPNQSPEVDUTQIQFEIUN
 

/V4QIFSF 
 
 

1)1  
1)1  
  
)5.- $441)1
.BDJOUPTI t
##&EJU XXXCBSFCPOFTDPNQSPEVDUTCCFEJUJOEFYIUNM
5FYU.BUF XXXNBDSPNBUFT
DPN
.BDJOUPTI
  1IQ&% 
8JOEPXT  
 )5.- $44 +BWB4DSJQU 
)5.- $44 +BWB4DSJQU 
$44 +BWB4DSJQU 
$44 +BWB4DSJQU 
+BWB4DSJQU 
+BWB4DSJQU 

##&EJU
##&EJU 

37

1. PHP: , ?

. 1.11. NuSphere PhpED


JavaScript, CSS HTML, PHP.
PHP

1)1 )5.- 


 1)1


. 1.12. BBEdit

5FYU.BUF ##&EJU
 
 
'51 
5FYU.BUF

38

1. PHP MySQL

. 1.13. TextMate

:
, PhpED, BBEdit TextMate, , , . ,
, Windows Finder Mac-,
telnet Terminal, FTP-
. :
.

,
dock- Macintosh-  Windows. - PHP.
.
.
, , , , . , - .
.
FTP,
,
,
.
, ,
, -
FTP telnet. , ,
TextMate PhpED.

1. PHP: , ?

39

1)1 
1)1 

 
 
5FYU&EJU1)1 


8JOEPXT5FYU&EJU.BDJOUPTI1)1 
 
  1)1 
1)1 

 


PHP, Eclipse PHP (www.eclipse.org/projects/


project.php?id=tools.pdt). Eclipse IDE
Java-.
PHP, PHP-.
Eclipse , ,
, .
.


1)1 
1)1

<?php
echo " . , PHP-!\n";
echo " :\n";
$name = trim(fgets(STDIN));
echo "\n, " . $name . ", .\n\n";
?>

 

1)1 )5.-+BWB4DSJQU

, , TextEdit,
. ,
. PHP- .
, ,
. TextEdit FormatMake Plain Text
( ). , .
, .

40

1. PHP MySQL

1)1t 
1)1t 
t 
 
  
 )5.-
 =

 


. 1.14.


 1)1<?php
  echo
  echo
 $name
    
$name
 ?>

     
  $name =
\nsSTDIN 
<?php 
 
?>
sayHello.php
.php 
  
 1)1


Windows Macintosh, ,
, , TXT.
PHP. Windows ,
sayHello.php, - sayHello.php.txt.

1. PHP: , ?

41

1)1



, . , .
TextEdit Mac-, 1SFGFSFODFT
(). Preferences ,
, .
'PSNBU () , , 1MBJO5FYU ( ) (. 1.15). Windows
,
.

. 1.15. TextEdit Preferences ()


+,


  
 

1)1
.BD 5FSNJOBM  
EPDL5FSNJOBM

42

1. PHP MySQL

 sayHello.
php  
 dir 8JOEPXT
 ls .BDJOUPTI


php sayHello.php

php
sayHello.php 
 
&OUFS 

. 1.16.

$1)1
QIQ 


 
1)1


 1)1 1)1 
 
+BWB4DSJQU 1)1t
+BWB4DSJQU 1)1t
 1)1t
1)1t
t
   
1)1
1)1
)5.- 1)1

: HTML-
)5.-
)5.-
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />

1. PHP: , ?

43

</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 1.1</div>
<div id="content">
<h1> !</h1>
<p> . , PHP-!</p>
<p> :</p>
<form action="scripts/sayHelloWeb.php" method="POST">
<p>
<i> :</i> <input type="text" name="name" size="20" />
</p>
<p><input type="submit" value=" " /></p>
</form>
</div>
<div id="footer"></div>
</body>
</html>

, HTML, ,
, - www.missingmanuals.com/cds/phpmysqlmm.
CSS , ,
. (,
PHP), .


$44 
        
sayHello.php  

 t

<form action="scripts/sayHelloWeb.php" method="POST">

 
sayHelloWeb.phpt1)1 
 sayHelloWeb.php 


PHP-
  )5.-    
sayHelloWeb.php 1)1
1)1

 

44

1. PHP MySQL

 
 

1)1
)5.-
sayHello.php

<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 1.1</div>
<div id="content">
<h1>, <?php echo $_REQUEST['name']; ?>!</h1>
<p> .
PHP-.</p>
</form>
</div>
<div id="footer"></div>
</body>
</html>

 sayHelloWeb.php 



    
)5.-sayHello.php 
1)1 
 1)1
1)1
  
)5.-  
)5.-  
  
)5.-
  

)5.- 
  

 htmlhead
 body 
 )5.-sayHello.html
 h1 

1. PHP: , ?

45

  <?php1)1
$_REQUEST name
echo
 1)1?>
 )5.- sayHello.html

 1)1 
1)1 

  )5.-
 
1)1
 t sayHello.html

  

)5.- $_REQUEST 1)1



1)1  
1)1  
 
1)1
1)1

1)1 
$ $myHeighttNZ)FJHIU 
$_REQUESTt@3&26&45

PHP- $,
PHP- , $ . ,
$myHeight PHP- , .

t
$myHeight 
 


1)1
1)1

 

sayHelloWeb.php 
  sayHello.html 
1)1$_REQUEST1)1 
  $_REQUEST tOBNF

$_REQUEST['name'] 
 OBNF

  QIPOF/VNCFS

1)1
$_REQUEST['phoneNumber']


t

46

1. PHP MySQL

, $_REQUEST,
.
, , PHP, $_REQUEST.

1)1OBNF

 echo 
1)1)5.- 


HTML, CSS PHP


1)1
1)1

 1)1 



)5.- $44 +BWB4DSJQU

XXXZFMMPXUBHNFEJB
DPNTBZ)FMMPIUNM
)5.- 
1)11)1 
 )5.- $44
  
   
 

)5.- 63-
ZFMMPXUBHNFEJBDPN 

 $44 DTT
 $44
 +BWB4DSJQU KT
+BWB4DSJQU

TDSJQUT  1)1
 TDSJQUT

 1)1 TDSJQUT
1)1

 QIQQIQ4DSJQUT 


TDSJQUT 

  DI DI


1)1

 sayHello.html  sayHelloWeb.php DI
TBZ)FMMPIUNMDITDSJQUTTBZ)FMMP8FCQIQ

1. PHP: , ?

47

, , , -
, . -
, CSS, JavaScript PHP- HTML
PHP.

)5.-1)1 
phpMM.css
XXXNJTTJOHNBOVBMTDPNDETQIQNZTRMNN$44

         
 )5.-1)1
 DI
phpMM.css  
DTT 


. 1.17. -

48

1. PHP MySQL


)5.-$44 )5.-
)5.-$44 )5.-
$44 )5.-
$44 )5.-
 )5.-
)5.-

1)1DITDSJQUT
 sayHelloWeb.php1)1
 
ch01/sayHello.htmlsayHello.html)5.- 
)5.- 

 

. 1.18. HTML-, PHP-.


HTML- PHP-

 

sayHelloWeb.php 
 
 
 
sayHelloWeb.php

 
  
+BWB4DSJQU1)1  


1. PHP: , ?

49

. 1.19.

   
 
  
   
)5.- 
1)1   
  


PHP:

1)1 
1)1 

)5.-
1)1 
1)1 


1)1
 

  
  
 1)1  
1)1  
 

       1)1     


-
sayHelloWeb.phpname
sayHello.html
echo $_REQUEST['name'];

  $_REQUESTt1)1 

t 



  $_REQUEST 
  
 5XJUUFS 
63-'BDFCPPL


2. PHP:

51

<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 2.1</div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="scripts/getFormInfo.php" method="POST">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" /><br />
<label for="email"> :</label>
<input type="text" name="email" size="50" /><br />
<label for="facebook_url">URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

, HTML,
.

HTML
HTML
1.
<p> <i>. ,
HTML.

52

1. PHP MySQL

HTML- .
form , ,
: . ,
<i>, , , -
. HTML, CSS.
.
label for.
, ,
, , .
fieldset, : , . , .
HTML , ( HTML) , : (labels),
, , -.
fieldset.
CSS, . - , CSS . HTML, ,
,
5 .
. , , ,
CSS . , CSS
HTML-, . 2.1.

, HTML
CSS . , . ,
, .
socialEntryForm.html
 )5.- DI
 $44 
tDTT   
 t
)5.- 

 sayHelloWeb.php 
$_REQUEST 
t name 


2. PHP:

53

. 2.1. ,


getFormInfo.php
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 2.1</div>
<div id="content">
<p> , :</p>
<p>
: <?php echo $_REQUEST['first_name']; ?><br />
: <?php echo $_REQUEST['last_name']; ?><br />
: <?php echo $_REQUEST['email']; ?><br />
URL- Facebook: <?php echo $_REQUEST['facebook_url']; ?><br />
Twitter: <?php echo $_REQUEST['twitter_handle']; ?><br />
</p>
</div>
<div id="footer"></div>
</body>
</html>

54

1. PHP MySQL

, getFormIn-
getFormIn-
fo.php, - -. , socialEntryForm.html
action, .


first_namelast_name namesayHelloWeb.
php $_REQUEST 



tgetFormInfo.php 


. 2.2. PHP , - HTML,


PHP-

 $_REQUEST
1)1
echo $_REQUEST['FORM_INPUT_FIELD_NAME'];



sayHello.php  


$name = trim(fgets(STDIN));

2. PHP:

55

1)1
  
 


$numberSix = 6;
$thisIsMyName = "Brett";
$carMake = "Honda";

 getFormInfo.
phpecho


<?php
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
$facebook_url = $_REQUEST['facebook_url'];
$twitter_handle = $_REQUEST['twitter_handle'];
?>
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<!-- HTML- -->
</body>
</html>

 1)1  <?php


 ?> 
1)1)5.-1)1
)5.-1)1  

1)1
htmlheadheadbody

, - , , .
- HTML PHP,
HTML.
, HTML- . (

, . .)
, , PHP HTML, , , getFormInfo.
php, . PHP HTML, , ,
20 30 PHP-, HTML.

56

1. PHP MySQL

  
  )5.- 
 

$_REQUEST1)1 
1)1 

)5.- 
)5.- 

 )5.-


$first_name $last_name)5.-getFormInfo.php
 echo 
$_REQUEST        div  
"content"
<div id="content">
<p> , :</p>
<p>
: <?php echo $first_name; ?><br />
: <?php echo $last_name; ?><br />
: <?php echo $email; ?><br />
URL- Facebook: <?php echo $facebook_url; ?><br />
Twitter: <?php echo $twitter_handle; ?><br />
</p>
</div>
,

? !
- PHP .
PHP-, :
$x = $_REQUEST['username'];
$y = $_REQUEST['password'];

, , :
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];

, . .
, , ,
, , - ? , -
:
echo " , " . $y;

, - , $x, $y. : $x $y?

2. PHP:

57

, ,
!
, ,
, , - ,
.
socialEntryForm.html

   

 


 

,


,
, , . PHP- getFormInfo.php
, echo HTML,
.
- ,
. , , . ,
, . ,
,
. , , . (
.)
, , , .
, , ,
PHP-.
:
. , .
, (

58

1. PHP MySQL

), .
getFormInfo.php.
PHP, ,
HTML. ?
, ,
. ,
,
.
 
   
$_REQUEST
 
 1)1 
  

PHP
1)1
   
1)1DBUFSQJMMBS
 H6)B!N!
 t
2#FSU1)11)1
1)11)1
1)1
1)1

 
 TUSJOH
 
 
 



 1)1 t
  
  getFormInfo.php 

$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];


(PPHMF 2#FSU 




2. PHP:

59

$facebook_url = $_REQUEST['facebook_url'];
$twitter_handle = $_REQUEST['twitter_handle'];

$first_name$last_name 
 
 
 
 

 
 
    
 NZ
HJSMNZHJSM
1)1 .
getFormInfo.
php)5.- 
: <?php echo $first_name; ?><br />
: <?php echo $last_name; ?><br />


: <?php echo $first_name . $last_name; ?><br />

socialEntryForm.html 


. 2.3. , ,
-

60

1. PHP MySQL



 1)1
" "1)1 

tt$first_name $last_name
: <?php echo $first_name . " " . $last_name; ?><br />

 
 


. 2.4. PHP , : $_REQUEST, ,


, ;


 
1)11)1
  
 $facebook_url 
 
<p>
: <?php echo $first_name . " " . $last_name; ?><br />
: <?php echo $email; ?><br />

2. PHP:

61

<a href="<?php echo $facebook_url; ?>">URL-a Facebook:</a><br />


Twitter: <?php echo $twitter_handle; ?><br />
</p>

63-
63-

  


. 2.5. URL , ,
, HTML

63-GBDFCPPLDPN 
  
  63- GBDFCPPLDPN SZBOHFZFS
QSPGJMFQIQ JE
 
$facebook_url facebook.com   
63- 
http://www.facebook.com
1)1
1)1

 
facebook.com$facebook_url
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
$facebook_url = $_REQUEST['facebook_url'];
$position = strpos($facebook_url, "facebook.com");
$twitter_handle = $_REQUEST['twitter_handle'];

62

1. PHP MySQL

strpos() TUSJOHQPTJUJPO 


TUSJOHQPTJUJPO 


QPTJUJPO 


QPTJUJPO 


 


    
 $position 
facebook.com$facebook_url
   


 
$facebook_url   $facebook_url GBDFCPPLDPN

$facebook_urlfacebook.com  
 $position  false

 strpos() $facebook_url 


strpos(), PHP,
: , , ,
false.

$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
$facebook_url = $_REQUEST['facebook_url'];
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = $_REQUEST['twitter_handle'];

   
 

  strpos()  
$facebook_urlfacebook.com 
strpos() $position
 $position1)1
false if
if 
$positionfalse  
{ }
  { }  
  true
 $position === false 
$facebook_urlhttp://www.facebook.com 
'BDFCPPL
 $positionfalse 
{ }

2. PHP:

63


, PHP, Java, C Perl,
0.
( PHP ) , . , , Thats weird, T 0, 1.
.
, - 63-'BDFCPPL
getFormInfo.php : facebook.com/michael.greenfield.
, ,
URL:
if (strpos($facebook_url,
"facebook.com") > 0) {
$facebook_url =
"http://www.facebook.com/" .
$facebook_url;
}

PHP- : facebook.com $facebook_url, http://www.facebook.com/ $facebook_url.


, $facebook_url
, : http://www.facebook.com/facebook.com/michael.
greenfield. ?
, PHP 0, 1. 0
$facebook_url.
f. 1 a, 2 c . . , $facebook_url facebook.com,
, . strpos() 0, ,

$facebook_url.
( , , ),
, . , ,
, 1 , 0 . ,
.
 
 socialEntryForm.html'BDFCPPL 
'BDFCPPL 

63- facebook.com   profile.
php?id=100000039185327
 
1)1  

64

1. PHP MySQL

 

 profile.php?id=100000039185327
63-http://www.facebook.com/profile.php?id=100000039185327



. 2.6. -

. 2.7. URL- ,

2. PHP:

65


  
    

 5XJUUFS 
5XJUUFS 

5XJUUFS! 
!CENDMBVHIMJOXXXUXJUUFSDPN
!   5XJUUFS
!QIQ(VZ 63-5XJUUFS
IUUQXXXUXJUUFSDPNQIQ(VZ
5XJUUFS 

  $twitter_url
http://www.twitter.com/
 5XJUUFS@
 @$twitter_handle 
$twitter_url
  @ $twitter_handle  @
$twitter_url
 5XJUUFS<a>)5.-

  


63-
5XJUUFS
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";

 5XJUUFS 
5XJUUFS 

$twitter_handle @
strpos()
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");


 @ $twitter_handle if 
else
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";

66

1. PHP MySQL

$position = strpos($twitter_handle, "@");


if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
// @ Twitter
}

 @

$twitter_url@ 

 strpos() 
1)1
 substr() substr()TVCTUSJOH
TVCTUSJOH


 substr() 

 substr("Hello", 2)"llo"
    "H"      "e" t   
 "l"t substr()
 
"llo"

, PHP-, substr() strpos(),


. , , .
.

5XJUUFSsubstr()
 @ 
  $position
  substr()        
$position $position + 1

?
PHP HTML
PHP HTML, .
, getFormInfo.php:
<a href="<?php echo $facebook_url; ?>">
Facebook
</a><br />

, , :
, . , , PHP- .

2. PHP:

67

, PHP
HTML. , . PHP-
<?php ?>. ( , PHP, ?> , ,
.) , PHP - , ,
, .
, PHP ,
a . ,
PHP- .
PHP , . PHP-,
, :
<a href="<?php echo
'http://www.twitter.com/' .
$twitter_handle; ?>">
Facebook
</a><br />


:
<a href='<?php echo
"http://www.twitter.com/" .
$twitter_handle; ?>'>
Facebook
</a><br />

, -

. , .
-, PHP
, .
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}

, ,
- . -
. .

68

1. PHP MySQL

 )5.-
<p>
: <?php echo $first_name . " " . $last_name; ?><br />
: <?php echo $email; ?><br />
<a href="<?php echo $facebook_url; ?>">URL- Facebook</a><br />
<a href="<?php echo $twitter_url; ?>"> Twitter</a><br />
</p>

  



 @5XJUUFS

'BDFCPPL5XJUUFS@ 


. 2.8.

1)1
1)1

 
5XJUUFS 
1)1 



1)1
1)1


   
63-
  http://www.facebook.
com/ryan.geyer http://www.facebook.com/ryan.geyer 

2. PHP:

69

 DPNPSH63- http://www.
facebook.com/profile.php?id=534643138http://www.facebook.org/
profile.php?id=534643138

, com org. , -
_.com, _.org
_.org _.com - -
.

 1)1 
1)1 

1)1   


trim()
1)1trim()  
1)1*MPWFNZTQBDF
CBS*MPWFNZTQBDFCBS

PHP rtrim(), ,
( ), ltrim(), ( ).




$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$facebook_url = trim($_REQUEST['facebook_url']);
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}


$_REQUESTtrim()

         


70

1. PHP MySQL

trim() (, rtrim() ltrim()) ,


. trim()
, , . ,
, , .


str_replace()
 str_
replace() 
 facebook.org "facebook.
org"
 facebook.orgfacebook.com 
t"facebook.com"
 t 



( !)
, , PHP
. PHP-:
$facebook_url =
str_replace(
"facebook.org",
"facebook.com",
trim($_REQUEST['facebook_url']));

.
, :
$facebook_url = $_REQUEST['facebook_url'];
$facebook_url = trim($facebook_url);
$facebook_url =
str_replace(
"facebook.org", "facebook.com",
$facebook_url);

, . ,
. ?
. , : - ,
, ? ,

2. PHP:

71

.
, .
, .
, - , . ,
,
.
, - .
. ,
, .
,
( ) .
, ,
. , getFormInfo.php , .
6, 7 10 ,
.
         

$facebook_url = str_replace("facebook.org", "facebook.com",
trim($_REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}

, str_replace() ,
.

 
1)1
1)1

t63-GBDFCPPLPSH 

   
 getFormInfo.php
63-
7JFX4PVSDF 




72

1. PHP MySQL

. 2.9.

. 2.10.

 
  
 


2. PHP:

73

. 2.11. View Source ( )

$_REQUEST
1)1t 
 
 1)1
1)1

  

 
 
 


PHP
, PHP . XXXQIQOFUNBOVBMFOSFGTUSJOHT
QIQ, , PHP.
. : . PHP XXXQIQOFUNBOVBM , . ,
, PHP
. . (, , ,
PHP , .
.)

74

1. PHP MySQL

, PHP, PHP. ,
, ,
.
. PHP, , .


 
 

  
  $file_cabinet
 
$file_cabinet63-  

1)1 
  
<?php
$file_cabinet[0]
$file_cabinet[1]
$file_cabinet[2]
$file_cabinet[3]
$file_cabinet[4]

=
=
=
=
=

"Derek";
"Trucks";
"derek@DerekTrucks.com";
"http://www.facebook.com/DerekTrucks";
"@derekandsusan";

?>

  
 

, , -
( PHP) php.

.

 $file_cabinet 



$first_name = $file_cabinet[0];
$last_name = $file_cabinet[1];
$email = $file_cabinet[2];
$facebook_url = $file_cabinet[3];
$twitter_handle = $file_cabinet[4];

2. PHP:

75

, , , PHP
(. .
). .
$le_cabinet $le_cabinet[0], $le_cabinet[1].

  
   
  
 
<?php
$file_cabinet[0]
$file_cabinet[1]
$file_cabinet[2]
$file_cabinet[3]
$file_cabinet[4]

=
=
=
=
=

"Derek";
"Trucks";
"derek@DerekTrucks.com";
"http://www.facebook.com/DerekTrucks";
"@derekandsusan";

$first_name = $file_cabinet[0];
$last_name = $file_cabinet[1];
$email = $file_cabinet[2];
$facebook_url = $file_cabinet[3];
$twitter_handle = $file_cabinet[4];
echo
echo
echo
echo
?>

$first_name . " " . $last_name;


"\n : " . $email;
"\nURL- Facebook: " . $facebook_url;
"\n Twitter: " . $twitter_url;

 
  
 
 t63-'BDFCPPL 

  1)1 
1)1  
 
  

 
 

<?php
$file_cabinet['first_name'] = "Derek";$file_cabinet['last_name'] = "Trucks";
$file_cabinet['email'] = "derek@DerekTrucks.com";

76

1. PHP MySQL

$file_cabinet['facebook_url'] = "http://www.facebook.com/DerekTrucks";
$file_cabinet['twitter_handle'] = "@derekandsusan";
$first_name = $file_cabinet['first_name'];
$last_name = $file_cabinet['last_name'];
$email = $file_cabinet['email'];
$facebook_url = $file_cabinet['facebook_url'];
$twitter_handle = $file_cabinet['twitter_handle'];
echo
echo
echo
echo

$first_name . " " . $last_name;


"\n : " . $email;
"\nURL- Facebook: " . $facebook_url;
"\n Twitter: " . $twitter_url;

?>

 $file_cabinet


$_REQUEST
1)1  
$_REQUEST
$_REQUEST['first_name'] 

 
 
 
  
1)1
  
 
$file_cabinet['first_name']$file_cabinet[0]
 $_REQUEST  
$_REQUEST[0]1)1
$_REQUEST  

<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 2.2</div>
<div id="content">

2. PHP:

77

<p> , $_REQUEST:</p>
<?php
foreach($_REQUEST as $value) {
echo "<p>" . $value . "</p>";
}
?>
</div>
<div id="footer"></div>
</body>
</html>

  
  
foreach 

 1)1
foreach($_REQUEST as $value) {
foreach1)1 
foreacht$_REQUEST 
 
$value
 $value  foreach
foreach$value 
if  
{ }1)1 
foreach($_REQUEST as $value) {
echo "<p>" . $value . "</p>";
}

{ } 
  $_REQUEST 

echo "<p>" . $value . "</p>";

 $value
)5.-
$value  $_REQUEST 
 $_REQUEST
  $_REQUEST Derek  Trucks
@DerekAndSusan1)1 

echo "<p>" . "Derek" . "</p>";
echo "<p>" . "Trucks" . "</p>";
echo "<p>" . "@DerekAndSusan" . "</p>";

78

1. PHP MySQL

 showRequestInfo.php
  socialEntryForm.php

<form action="scripts/showRequestInfo.php" method="POST">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" /><br />
<label for="email"> :</label>
<input type="text" name="email" size="50" /><br />
<label for="facebook_url">URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>

socialEntryForm.html - -,
socialEntryForm-2.html enterInformation.html.
: , showRequestInfo.php, ,
getFormInfo.php.

 

 showRequestInfo.php 
 

  
 
  

 first_name last_name email
  1)1 
1)1 



$value = $file_cabinet[$key];

  
 $key $key first_name  
 
$value = $file_cabinet['first_name'];

2. PHP:

79

. 2.12. -:

 showRequestInfo.php
 $_REQUEST
 1)1foreach

<div id="content">
<p> , $_REQUEST:</p>
<?php
foreach($_REQUEST as $key => $value) {
echo "<p> " . $key . ", '" . $value . "'.</p>";
}
?>
</div>

foreach$key
$value=>1)1 
$key $value  
            


1)1 
 
__utmz 
__utma__utmcfirst_name 
last_name

80

1. PHP MySQL

. 2.13. PHP

, $_REQUEST: __utmz
__utmc, - -. HTTP-
, . .

?
 
 socialEntryForm.html
   
 
  
  
 getFormInfo.php


1)1
1)1

1)1
1)1

 
1)1 
1)1

  
   

2. PHP:

81


  
  

  


 

t 
  
  


, - . -
. ,
- .

 
 



MySQL SQL:

 
   
  


 
1)1  t
  
t   
1)1 

?
t  


  




 1)1 
1)1 
 

@3&26&45
 
 

1)1



3. MySQL SQL:

83


 
       
 
 
   




 
   




,
. : -
, , , . : ,
, .
- , .
, , .
, , , , .
. ,
-
(
).
, ,
-.

. , , .
,
. , , .

84

1. PHP MySQL

 

      t   
        




 
 1)1
 
  
  


PHP , 4.


 
 
 

 

 
 
   


.BD0494QPUMJHIU 

2VJDL4JMWFS IUUQRVJDLTJMWFSFOTPGUPOJDDPNNBD
4QPUMJHIU.BD049
4QPUMJHIU.BD049
.BD049
.BD049
049
049
9
9

  
 4QPUMJHIU

8JOEPXT%FTLUPQ4FBSDI(PPHMF XXXHPPHMF
DPNRVJDLTFBSDICPY
 
(PPHMF%FTLUPQ4FBSDI8JOEPXT 
.BDJOUPTI
 (PPHMF%PDVNFOUT(NBJM




3. MySQL SQL:

85

. 3.1. Spotlight

. 3.2. Google Desktop Search

 



86

1. PHP MySQL

4QPUMJHIU(PPHMF4FBSDI  
(PPHMF4FBSDI  
(PPHMF4FBSDI  
4FBSDI  
4FBSDI  
  

 


()

 

  



 
 
   

 

 
.Z42-  
  tSFMBUJPO


 1)1 



  
 

 
 
 


MySQL
 
  .Z42- 
 
 


3. MySQL SQL:

87

, .
, Oracle.
, , MySQL:

, , MySQL.
. , ,
MySQL, . ,
, Oracle ( IBM, PostgreSQL
- ), PHP
, MySQL, .


- , , :
. RDBMS (Relational
Database Management Systems, ),
RDBMS-.
. RDBMS, ,
.
.
- (Object-Oriented
Database Management Systems, OODBMS). OODBMS 70-
, 10 .
RDBMS , . ,
,
. , RDBMS,
, PHP-
. , , ,
$_REQUEST['first_name'] Users, first_name. ,
.
OODBMS , .
User ,
$_REQUEST['first_name']. ,
, OODBMS User .
, , ,
, .
, OODBMS
, RDBMS, OODBMS
. RDBMS, MySQL,
-, OODBMS,
.

88

1. PHP MySQL

MySQL Windows
.Z42-8JOEPXT
8JOEPXT
  
 
 


. 3.3.

Macintosh, .


 
 
  
8JOEPXT1SPGFTTJPOBM  
8JOEPXT1SPGFTTJPOBM  
1SPGFTTJPOBM  
1SPGFTTJPOBM  
  
8JOEPXT  
.Z42- 

NZTRMDPN 

.Z42-  

3. MySQL SQL:

89

.Z42-
 
 .Z42-

NZTRMDPN


. 3.4. , MySQL

%PXOMPBET ("


.Z42-
t.Z42-$PNNVOJUZ4FSWFS %PXOMPBE

 8JOEPXT 
 
 
.4**OTUBMMFS ;JQ
BSDIJWF  .4*
CJUCJU
.Z42-
 
.Z42- 

 
.Z42-  




90

1. PHP MySQL

. 3.5. MySQL

. 3.6. MySQL

 
mysql-5.5.13-win32.exe 
 
5ZQJDBM


 

3. MySQL SQL:

91

.Z42-4FSWFS*OTUBODF$POGJHVSBUJPO
8J[BSE.Z42-
.Z42-
.Z42-

 


 
.Z42-

4UBOEBSE$POGJHVSBUJPO
 
.Z42-
8JOEPXT 
8JOEPXT.Z42-
-BVODIUIF.Z42-4FSWFSBVUPNBUJDBMMZ
.Z42-
.Z42-
.Z42-CJO
8JOEPXT *ODMVEF#JO%JSFDUPSZJO8JOEPXT1"5)
 

.Z42-
 .Z42- 
.Z42- 
 
 
CJO.Z42-
 PATH


. 3.7.

 3PPU1BTTXPSE
  
 
XXXBNB[PODPNXXX[BQQPTDPN 
 

92

1. PHP MySQL

. 3.8. MySQL

.Z42- 
 myqsl_root 
.Z42-&YFDVUF



, , ,
, . -
, ,
, , -
, .

.Z42-
.Z42-

  
.Z42-$PNNBOE-JOF$MJFOU 
.Z42-$PNNBOE-JOF$MJFOU
 mysql
   
.Z42-CJO8JOEPXT PATH
.Z42- 

.Z42-$PNNBOE-JOF$MJFOU

 

.Z42-.Z42-  
1)1 


3. MySQL SQL:

93

. 3.9. MySQL Command Line Client

 


. 3.10. MySQL Command Line Client

94

1. PHP MySQL

.Z42-  



MySQL Mac OS X
.Z42-.BD0498JOEPXT
.Z42-.BD0498JOEPXT
.BD0498JOEPXT
.BD0498JOEPXT
0498JOEPXT
0498JOEPXT
98JOEPXT
98JOEPXT
8JOEPXT
8JOEPXT

XXXNZTRMDPN%PXOMPBET ("


.Z42-$PNNVOJUZ4FSWFS
.BD049 


Windows, MySQL Windows.

Windows, MySQL Macintosh


. , MySQL, Compressed TAR Archive,
MySQL.
MySQL, .

%.(.Z42-



 "CPVU5IJT.BD .BD

.PSF*OGP 
 
1SPDFTTPS/BNF 


. 3.11.

95

3. MySQL SQL:

.BDJOUPTI 

 
  
.BDJOUPTI
 

3.1. Macintosh

Intel Core Solo

32

Intel Core Duo

32

Intel Core 2 Duo

64

Intel Quad-Core Xeon

64

Dual-Core Intel Xeon

64

Quad-Core Intel Xeon

64

Core i3

64

Core i5

64

Core i7

64

Apple Macintosh.
. 3.1, - http://support.apple.com/kb/HT3696.
.

 %.(      
 
 
 
%.(
 
%.(
 .Z42-
.Z42-

 


ReadMe.txt

. 3.12. DMG- MySQL

96

1. PHP MySQL

  mysql5.5.13-osx10.6-x86_64.pkg

 


, , , ,
. Macintosh, ,
. ,
, PHP MySQL.

.Z42- 
 
.BDJOUPTI 
.BDJOUPTI 

 

 
%.( 
 
%.( 
 
 
 
 

. 3.13. MySQL

 1SFGFSFODFT1BOF

1SFGFSFODFT1BOF

1BOF

1BOF



 
t 

3. MySQL SQL:

97




. 3.14. MySQL Mac OS X

.Z42- "VUPNBUJDBMMZ4UBSU.Z42-
4FSWFSPO4UBSUVQ
 
.Z42- 
 .BDJOUPTI
 "QQMJDBUJPOT
6UJMJUJFT5FSNJOBM

5FSNJOBM 

5FSNJOBM
$ /usr/local/mysql/bin/mysql

  

.Z42-  .Z42-
  
tmysql



.Z42- 
.BDJOUPTI 
 
 
.Z42-1)1  
.Z42-1)1  
1)1  
1)1  
 
.Z42- 


98

1. PHP MySQL

. 3.15. MySQL Macintosh

, MySQL
, MySQL Macintosh , Preferences Pane,
mysql Terminal. , .
Terminal
PATH. ( ,
PHP), , ,
. mysql, PATH /usr/local/mysql/bin, ,
mysql . !
, PATH ?
PATH, , . Terminal :
$ defaults write com.apple.finder AppleShowAllFiles TRUE
$ killall Finder

Finder,
Macintosh, , , . Finder,
. Finder .
(. 3.16).
, , .

3. MySQL SQL:

99

, . ,
, ,
. , git, , .gitconfig,
DropBox, ,
.dropbox .

. 3.16.

, .profile. , TextEdit, Mac OS X.


PATH, ,
. TextEdit .
:
MYSQL_HOME=/usr/local/mysql
export PATH=$MYSQL_HOME/bin:$PATH

, .
.profile,
.
MYSQL_HOME, , MySQL. , MySQL, , , $facebook_url PHP-

100

1. PHP MySQL

(. str_replace() 2).
PATH , CJO,
.:42-@)0.&. export Mac OS X
PATH .
. ,
, (.), ,
. ( , Finder.)
,
.profile. , .
Terminal mysql. MySQL.
, , Finder
:
$ defaults write com.apple.finder AppleShowAllFiles TRUE
$ killall Finder

,
.

  
.Z42-

SQL-
 .Z42-.BD049
1SFGFSFODFT1BOF 

8JOEPXT 
 
.Z42-  
 


-, MySQL, , ,
.

.Z42-
show databases;

,
. MySQL PHP.

3. MySQL SQL:

101

. 3.17. MySQL

.Z42- 
.Z42- 


mysql> show databases;
+--------------------+
| Database
|
+--------------------+
| information_schema |
| development
|
| eiat_testbed
|
| mysql
|
| nagios
|
| ops_dashboard
|
| performance_schema |
| test
|
+--------------------+
8 rows in set (0.25 sec)


 .Z42-
.Z42-

 
show 
  
tdatabases.Z42-
 

102

1. PHP MySQL

.Z42-
  
show databases; 
 
 .Z42-
.Z42- mysql 
 .Z42-
.Z42-

use
use mysql;

 mysql 
.Z42-mysql
.Z42- 
.Z42- 
 

show tables;


mysql> show tables;
+---------------------------+
| Tables_in_mysql
|
+---------------------------+
| columns_priv
|
| db
|
| event
|
| func
|
| general_log
|
| help_category
|
| help_keyword
|
| help_relation
|
| help_topic
|
| host
|
| ndb_binlog_index
|
| plugin
|
| proc
|
| procs_priv
|
| proxies_priv
|
| servers
|
| slow_log
|
| tables_priv
|
| time_zone
|
| time_zone_leap_second
|
| time_zone_name
|
| time_zone_transition
|
| time_zone_transition_type |
| user
|
+---------------------------+
24 rows in set (0.00 sec)

 
 .Z42-

3. MySQL SQL:

103


mysql
 
 user
.Z42-
mysql> select * from user;

 select
 *
from.Z42- 
user 

 

 
.Z42-1)1 
        

. 3.18. select

104

1. PHP MySQL

.Z42-
.Z42-

 
.Z42-1)1 
.Z42-1)1 
1)1 
1)1 


  
.Z42- user 
 
 

 
* 

mysql> select Host, User, Password from user;


mysql> select Host, User, Password from user;
+------------------------+-------+------------------------------------------+
| Host
| User | Password
|
+------------------------+-------+------------------------------------------+
| localhost
| root | *62425DC34224DAABF6995B46CDCC63D92B03D7E9
|
+------------------------+-------+------------------------------------------+
1 row in set (0.00 sec)

  localhost



 root 
  .Z42-
 

 
   
tfirst_nametlast_name

. PHP-
, MySQL .
MySQL .

.Z42- 
.Z42- 

 


3. MySQL SQL:

105

SQL

  .Z42-
t42-
4USVDUVSFE2VFSZ-BOHVBHF
42-
mysql> select * from user;
...
mysql> select Host, User, Password from user;
...

42- 42-
42- 42-
42-
42-

 42-
 
 42-
42-

   
 
mysql> select
from
where
and

User, Password
users
first_name = 'Dirk'
country = 'Germany';

where 
 users User Password
  first_name
Dirk  country
t
Germany

MySQL ?
, PHP,
-.
, jino.ru,
, ,
, ,
-. - .
( ),
PHP MySQL ? ,
PHP-, , PHP (
MySQL) . telnet ssh,
, - .

106

1. PHP MySQL

,
.
-, , .
, -
, MacBook
Pro. , PHP MySQL,
,
.
-, , ,
- ( ).
, , .
, .
, ,
,

. ,
.
, -, ,
. ,
, . - , , ,
Windows, MySQL ,
Mac OS X, .
,
.
, , , -. , ,
-. ,
.

SQL ,
. - , - --,
. (
), , .

42- 

 
1)1

3. MySQL SQL:

107

-
.Z42-  
.Z42-  
 
  
 UFMOFUTTI

telnet ssh, Google


, .
, .
- ssh,
. -
,
.


.Z42-tmysql 1)1 
.Z42-  
mysql
  

bmclaugh@akila:~$ mysql
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/
mysql.sock' (2)

 .Z42-
 

.Z42-   
 IUUQNZTRMLBUUBSFDPN
 .Z42- 
 


mysql ,
mysql hostname=localhost. MySQL
localhost, , .
MySQL, . ,
mysql .

 .Z42-
.Z42-

 mysql
  --hostname=
mysql.Z42- 

108

1. PHP MySQL

--user=mysql


MySQL, ,
admin root. ,
telnet ssh. ,
, ,
-. :
, , -.

 
bmclaugh@akila:~$ mysql --host=dc2-mysql-02.kattare.com
--user=bmclaugh --password
Enter password:

--password.Z42-
  --password=__ 

.Z42-
.Z42- 

42-

. 3.19. MySQL

3. MySQL SQL:

109


USE
.Z42- 
 
.Z42-   
42-
myqsl> show databases;

 

myqsl> show databases;
+----------+
| Database |
+----------+
| bmclaugh |
+----------+
1 row in set (0.09 sec)

 
  
mysql
user 
   
 MKVCFS 
ljuber db-ljuber

.Z42-  
.Z42-  
 

mysql> use bmclaugh;
Database changed

MySQL
. ,
MySQL- use [___].

 .Z42-42-
 
 
mysql> SELECT * FROM user;
...
mysql> SELECT Host, User, Password FROM user;
...

110
mysql> SELECT
FROM
WHERE
AND

1. PHP MySQL

User, Password
users
first_name = 'Dirk'
country = 'Germany';

SELECT FROM WHEREAND


  .Z42-
 

MySQL, SELECT
WHERE, , -
.

.


CREATE
 mysql USE
 
SELECT users

 SELECT 

 
42-tCREATE 
 

.Z42-
CREATE TABLE users (

&OUFS 

mysql> CREATE TABLE users (
->

  .Z42-
.Z42-
.Z42-

  
42-

&OUFS .Z42-

3. MySQL SQL:

111

 ->

 .Z42-

mysql>
->
->
->
->
->
->
->

CREATE TABLE users (


user_id int,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);

&OUFS

mysql> CREATE TABLE users (
-> user_id int,
-> first_name varchar(20),
-> last_name varchar(30),
-> email varchar(50),
-> facebook_url varchar(100),
-> twitter_handle varchar(20)
-> );
Query OK, 0 rows affected (0.18 sec)

 
 CREATE
 CREATE.Z42- 


 TABLE.Z42- 


 users
 (.Z42- 


   user_id   int
varchar(20)
       
) .Z42- 


 
 t int 
JOUFHFS 
 
int   

112

1. PHP MySQL

MySQL int, integer. MySQL


.

  varchar 
varchar WBSJBCMFDIBSBDUFS


 
varchar(20)
 .Z42-
.Z42-

  int user_id

tvarchar
 CREATE 
SHOW
mysql> SHOW tables;
+------------------------------------+
| Tables_in_bmclaugh
|
+------------------------------------+
| users
|
+------------------------------------+
1 row in set (0.06 sec)

?
PHP MySQL . ,
, MySQL
. MySQL
:
mysql> use
ERROR:
USE must be followed by a database name
mysql>

. , , &OUFS:
mysql> SELECT *,
-> FROM
->
->

SELECT * . MySQL
&OUFS
->.
, MySQL SQL.
, ,
.

3. MySQL SQL:

113

, (;),
&OUFS. , , MySQL .
, , .
.
 
 DESCRIBE

users
mysql> DESCRIBE users;
+----------------+--------------+------+-----+---------+-------+
| Field
| Type
| Null | Key | Default | Extra |
+----------------+--------------+------+-----+---------+-------+
| user_id
| int(11)
| YES |
| NULL
|
|
| first_name
| varchar(20) | YES |
| NULL
|
|
| last_name
| varchar(30) | YES |
| NULL
|
|
| email
| varchar(50) | YES |
| NULL
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+-------+
6 rows in set (0.04 sec)

DESCRIBE DESC ( desc). DESCRIBE users;


SQL.

 .Z42- 


users 




,
, ,
varchar. ,
10 20 varchar(100), .
.
, . , .
, .

114

1. PHP MySQL

, , , URL- Facebook.
15 ( !). , XXXGBDFCPPLDPN 20
.
.

. , ,
-
,
varchar .
, , , .
, .
varchar , ,
. ,
.


DROP
 .Z42-42- 
.Z42-42- 
42- 
42- 

 
EFMFUF
DROP
 users
 CREATE 
users42-
mysql> DROP TABLE users;
Query OK, 0 rows affected (0.10 sec)


mysql> SHOW tables;
+------------------------------------+
| Tables_in_bmclaugh
|
+------------------------------------+
0 rows in set (0.06 sec)


 SELECT
.Z42-
.Z42-

CREATEusers

3. MySQL SQL:

115


. , -
. -
.


INSERT
 users
 
INSERT


mysql> INSERT INTO users
-> VALUES (1, "Mike", "Greenfield", "mike@greenfieldguitars.com",
-> "http://www.facebook.com/profile.php?id=699186223",
-> "@greenfieldguitars");
Query OK, 1 row affected (0.00 sec)

42- 
users 



DESCRIBE
mysql> DESCRIBE users;
+----------------+--------------+------+-----+---------+-------+
| Field
| Type
| Null | Key | Default | Extra |
+----------------+--------------+------+-----+---------+-------+
| user_id
| int(11)
| YES |
| NULL
|
|
| first_name
| varchar(20) | YES |
| NULL
|
|
| last_name
| varchar(30) | YES |
| NULL
|
|
| email
| varchar(50) | YES |
| NULL
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+-------+
6 rows in set (0.29 sec)

  1  user_id  "Mike" t


first_name

 

 INSERT  
INSERT1)1

116

1. PHP MySQL

SELECT
 
SELECT 
 SELECT * FROM user
DROP CREATEINSERT  

mysql> SELECT * FROM users;
+---------+------------+------------+----------------------------+-------------------------------------------------+-------------------+
| user_Id | first_name | last_name | email
|
facebook_url
| twitter_handle
|
+---------+------------+------------+----------------------------+-------------------------------------------------+-------------------+
|
1 | Mike
| Greenfield | mike@greenfieldguitars.com |
http://www.facebook.com/profile.php?id=699186223 | @greenfieldguitars
|
+---------+------------+------------+----------------------------+-------------------------------------------------+-------------------+
1 row in set (0.00 sec)

  
 
42-.Z42-


 

mysql> SELECT first_name, last_name, twitter_handle FROM users;
+------------+------------+--------------------+
| first_name | last_name | twitter_handle
|
+------------+------------+--------------------+
| Mike
| Greenfield | @greenfieldguitars |
+------------+------------+--------------------+
1 row in set (0.00 sec)

.Z42-
.Z42-

1)1 1)1




 SELECT
 WHERE

3. MySQL SQL:

117

mysql> SELECT facebook_url


->
FROM users
-> WHERE first_name = 'Mike';
+--------------------------------------------------+
| facebook_url
|
+--------------------------------------------------+
| http://www.facebook.com/profile.php?id=699186223 |
+--------------------------------------------------+
1 row in set (0.00 sec)

WHERE 
 
 
42-

SQL MySQL?
, SQL MySQL.
, SQL MySQL. , ,
SQL
MySQL.
SQL . MySQL , PostgreSQL Oracle.
, SQL
. , SQL ,
. , SQL
, .
MySQL .
,
SQL. ,
SQL,
SQL. MySQL
SQL (
).
SQL MySQL, . , PHP
MySQL, SQL.
, SQL- ,
SQL. SQL , MySQL. , PostgreSQL
Oracle, .

118

1. PHP MySQL

, ,
SQL .
SQL.
. (
, .)
.
, SQL, . .
SQL, MySQL ,
, SQL.

1)1.Z42


PHP
MySQL

 1)1.Z42- 


1)1.Z42- 
.Z42- 
.Z42- 


 
 
1)1
 .Z42-t
 php
1)1  

 
 
42-
.Z42- 1)1 
 1)1 
1)1 

mysql
1)1.Z42-
 
  


PHP-,

 
 
 .Z42-
 USE.Z42-
 42-
 
 

4. PHP MySQL

121

 
   

t.Z42-
t 

MySQL
1)1 
  1)1  
  .Z42-
   

bmclaugh@akila:~$ mysql --host=dc2-mysql-02.kattare.com
--user=bmclaugh --password

 1)1
 
 
connect.php 
 USE
42-  


<?php
mysql_connect("___",
"__", "_")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
?>

, PHP
, - , , localhost,
.

  
 
mysql_connect
 
 mysql


122

2. -

.._, -_ -
.

 
die  EJF

die
 die
  
 die
 
die 
 mysql_connect
mysql_connect  
1)1
1)1.Z42- 
mysql_connect 

mysql_connectfalse


<?php
// ,
if (____mysql_(".._",
"-_", "-")
_______();
else
_____die
?>

 1)1

<?php
mysql_connect(".._",
"-_", "-")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";

?>

 
  
 mysql_connect
 true
 or
 tdie die
  
 mysql_connectfalse
die 

4. PHP MySQL

123

.Z42- 
  
 die



mysql_connect
 
 tmysql_error
 mysql_error die 


mysql_connect, mysql_error die .


,
, .
, ,
.
. PHP-
. , ,
.

mysql_connect 
1)1die 

echo "<p> MySQL!</p>";

 )5.-
connect.html
)5.-
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 4.1</div>
<div id="content">
<h1> SQL</h1>
<form action="scripts/connect.php" method="POST">
<fieldset class="center">
<input type="submit" value=" MySQL" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

124

2. -

 
  connect.php
 
.Z42-
 connect.html
$44
 
$44
 


. 4.1. MySQL

 
 
 

. 4.2. MySQL

4. PHP MySQL

125

 1)1
 
.Z42-  
1)1 


 
mysql_

 false 
 nullnil

.Z42- 
.Z42- 

1)1mysql_select_db

mysql_ . -
: www.php.net/manual/ru/ref.mysql.php. -
, ,
.

-
, die PHP-,
. PHP
, :
mysql_connect("___",
"_", "");

, , ,
die.
: die - ,
,
, ,
. ,
die , , ,
:
Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

, , , , die.
, - .

126

2. -

,
-, ,
CSS-
. die.
PHP , , . ,
die , . , -
, , .
, die ( ) ,
.
,
.
die. ,
, , 7. die
.
mysql_select_db   
 USE
false 
connect.php
<?php
mysql_connect("___",
"__", "_")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db("___")
or die("<p> bmclaugh: " .
mysql_error() . "</p>");
echo "<p> MySQL bmclaugh.</p>";

?>

die 
  
  


4. PHP MySQL

127

 DPOOFDUIUNM
 
USE

42-

. 4.3. MySQL,


SHOW
 
 
.Z42-  

)5.-
)5.-



 
connect.php
<?php
//
$result = mysql_query("SHOW TABLES;");

?>

1)1.Z42-
mysql_query 

42-
42-

42- 42-
SHOW TABLES;

    42-   


128

2. -



 die  
  
 
mysql_query $result 
 
 SHOW TABLES 
 $resultfalse  
 mysql_false
 false 

<?php
//
$result = mysql_query("SHOW TABLES;");
if ($result === false) {
die("<p> : " . mysql_error() . "</p>");
}

?>

 1)1
 ===1)1 
  false1)1
  
!  
$some-variablefalse 
if (!$some-variable)! 
$some-variablefalse
 !OPU
 
JGOPUSFTVMU UIFOEJF 
$result true 

 
<?php
//
$result = mysql_query("SHOW TABLES;");
if (!$result) {
die("<p> : " . mysql_error() . "</p>");
}

?>

1)1 


4. PHP MySQL

129

PHP . , ,
, ? , ... , ,
? ,
,
.
.
, , .
. PHP-,
PHP, .

  42-



<?php
//
$result = mysql_query("SHOWN TABLES;");
if (!$result) {
die("<p> : " . mysql_error() . "</p>");
}

?>

connect.html

  
  


. 4.4.

SQL-
  
t 
 $result  

130

2. -

$result
1)1
 
 1)1
1)1

  1)1

mysql_query42- SHOW TABLES
 1)1.Z42- 
42- 
$result 
   
mysql_query
  mysql_query  $result
 
63-'BDFCPPL 
CREATE TABLE
1)1
 1)1 1)1
 .Z42-
$result
.Z42-tmysql_fetch_row 
mysql_query 
 42-

 42-
 mysql_query1)1
 mysql_fetch_row 

 

 

, .

 $result 


mysql_fetch_row
<?php
//
$result = mysql_query("SHOW TABLES;");
if (!$result) {

4. PHP MySQL

131

die("<p> : " . mysql_error() . "</p>");

echo "<p>, :</p>";


echo "<ul>";
while ($row = mysql_fetch_row($result)) {
// - $row
}
echo "</ul>";
?>

SHOW TABLES SHOWN TABLES,


, SQL.

  1)1        
mysql_query  mysql_fetch_row $result


 while  
while 
 true 
$row  42-
 mysql_fetch_row($result)
  mysql_fetch_row 
$row while 

 ul

 

<?php
//
$result = mysql_query("SHOW TABLES;");
if (!$result) {
die("<p> :" . mysql_error() . "</p>");
}
echo "<p>, :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>: {$row[0]}</li>";
}
echo "</ul>";
?>

132

2. -


 $row mysql_fetch_row
  

@3&26&45
3&26&45

42-SHOW
TABLES
$row[0] 
 $row[1] $row[2]
$row[10]
 $row
0 
 echo
 echo

while ($row = mysql_fetch_row($result)) {
echo "<li>: " . $row[0] . "</li>";
}

  


, (. -
PHP 2).

1)1 
1)1 
 
   
 
 
 { } 1)1 
"$row[0]"

 connect.php  connect.html
 
 connect.php  

 


SHOW TABLES.
, ,
20, 30 100 . -
20, 30 100 . -
, PHP-
MySQL.

4. PHP MySQL

133

. 4.5. connect.php



 connect.php
.Z42-
<?php
mysql_connect("___",
"__", "_")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db("___")
or die("<p> bmclaugh: " .
mysql_error() . "</p>");
echo "<p> MySQL bmclaugh.</p>";
// ...

?>

134

2. -

 
 


  
 
 
  
1)1
1)1

 


 
 

 
 
 

  

 
 


  


<?php
mysql_connect($database_host, $username, $password)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db($database_name)
or die("<p> bmclaugh: " .
mysql_error() . "</p>");
echo "<p> MySQL bmclaugh. </p>";
// ...
?>

4. PHP MySQL

135




<?php
$database_host = ".._";
$username = "-_";
$password = "-";
$database_name = "---";
//
?>

  

 




 connect.php
 
1)1

app_config.php
<?php
//
$database_host = ".._";
$username = "-_";
$password = "-";
$database_name = "---";
?>

app_cong.php , ,
. , , app_cong.php
scripts/. ,
ch04/scripts/, , ../../scripts/app_cong.php
[__]/scripts/app_cong.php. ,
PHP-, .

 


 

136

2. -

 
 
 1)1
app_config.php 
1)1 
1)1 


  connect.php
 
 connect.php connect.html 
 


. 4.6.

  connect.php 


$username$password1)1 
connect.php
app_config.php
<?php
require '../../scripts/app_config.php';
//
?>

1)1../../scripts/app_config.php 
mysql_connect require 1)1 
  


, require ,
app_cong.php. ,
require.


 


4. PHP MySQL

137

Require Include?
PHP require include.
, require, PHP . , , include
PHP ,
. , require
, include .
. ,
? , , .
, , (require) .

require, include. - , . , , ,
, .

,


 
  
 1)1connect.php

mysql_connect($database_host, $username, $password)
or die("<p> : " . mysql_error() . "</p>");
//
$password = "hijinks";

  
app_config.php mysql_
connect  $password 
 "hijinks" 

  app_config.php

defineapp_config.php
<?php
//
define("DATABASE_HOST", "___");

138

2. -

define("DATABASE_USERNAME", "__");
define("DATABASE_PASSWORD", "_");
define("DATABASE_NAME", "___");
?>

 1)1
 DATABASE_HOST 1)1
"___" 


 1)1
1)1

  

$ 

connect.php 
 
<?php
require '../../scripts/app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db(DATABASE_NAME)
or die("<p> " . DATABASE_NAME .
mysql_error() . "</p>");
echo "<p> MySQL " . DATABASE_NAME .
"</p>";
// , SQL-...

?>

. PHP
, (
$).
(.),
PHP 2.

    connect.php     

  
connect.php

4. PHP MySQL

139

app_cong.php ,
.
, PHP-,
-. , ,
.

, ,

, app_config.php
connect.php.
connect.php,
?
?
, . . 10, 20, 50 , .
,
. .
.
. , ( ),
.
{ } ,
$row[0], die, HTML, ,
.

. , . - , . ,
, , , .
, ,
.
.
? :
, !
, ,
, -
.

140

2. -

,
: , , . , , - .
- . ,
. ,
, .
.
, .
, , ,
, .


SQL-
42- 

.Z42- t1)1 
.Z42- t1)1 
 t1)1 
t1)1 
t1)1 
1)1 
 

 


)5.- 
42-  .Z42- 
 
1)1  mysql_query 


HTML-

mysql_query 
)5.- 
)5.- 
 
 
 
queryRunner.html
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>

4. PHP MySQL

141

<div id="example"> 4.2</div>


<div id="content">
<h1> SQL-</h1>
<p> SQL- :</p>
<form action="scripts/run_query.php" method="POST">
<fieldset>
<textarea id="query_text" name="query"
cols="65" rows="8"></textarea>
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

  

. 4.7. queryRunner.html

142

2. -

( )
 .Z42-

run_query.php
<?php
require '../../scripts/app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db(DATABASE_NAME)
or die("<p> " . DATABASE_NAME .
mysql_error() . "</p>");
echo "<p> MySQL " .
DATABASE_NAME . "</p>";

?>

 
 
.Z42- 

app_config.php

 require




 database_connection.php 
app_config.php 
<?php
require 'app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db(DATABASE_NAME)
or die("<p> " .
DATABASE_NAME . mysql_error() . "</p>");

?>

echo "<p> MySQL " .


DATABASE_NAME . ".</p>";

4. PHP MySQL

143

, app_cong.php ,
. database_connection.php , app_cong.php,
.


        
run_query.php
<?php
require '../../scripts/database_connection.php';
?>

  
 app_config.php  database_
connection.php database_connection.php 
 app_config.php

 queryRunner.
html 
 
 
 
require

. 4.8. require

  
 
  
 


 


SQL- ( )
1)1 
42- $_REQUEST   
 @3&26&45


144

2. -

         
 
mysql_query

<?php
require '../../scripts/database_connection.php';
$query_text = $_REQUEST['query'];
$result = mysql_query($query_text);
if (!$result) {
die("<p> SQL-" . $query_text . ": " .
mysql_error() . "</p>");
}
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";

?>

)5.- 
mysql_queryt
1)1t $resultt if 
 mysql_fetch_row


mysql_query?
, , MySQL,
,
( ),
mysql_query. ,
require?
: , mysql_query,
. , connect.php (. MySQL PHP-,
) SHOW TABLES,
queryRunner.html.
, mysql_query ,
, , , - .

4. PHP MySQL

145

mysql_query
SQL-.
,
mysql_query. , mysql_query
,
mysql_query .
- .
,
( 8), . ? -
. ,
mysql_query,
- .
, ,
, . .
? ? !
, , , .
,
.
:
, .
 


,
-
   
urls
42-
CREATE TABLE urls (id int, url varchar(100), description varchar(100));



CREATE TABLE urls (
id int,
url varchar(100),
description varchar(100)
)

 

42- 

146

2. -

 


42- 


. 4.9. SQL-

  
 
 
 



. 4.10. -

4. PHP MySQL

147

  

CREATE 

. 4.11.

CREATE TABLE
.Z42- urls
  

mysql> describe urls;
+-------------+--------------+------+-----+---------+-------+
| Field
| Type
| Null | Key | Default | Extra |
+-------------+--------------+------+-----+---------+-------+
| id
| int(11)
| YES |
| NULL
|
|
| url
| varchar(100) | YES |
| NULL
|
|
| description | varchar(100) | YES |
| NULL
|
|
+-------------+--------------+------+-----+---------+-------+
3 rows in set (0.00 sec)


<?php
require '../../scripts/database_connection.php';
$query_text = $_REQUEST['query'];
$result = mysql_query($query_text);
if (!$result) {
die("<p> SQL- " . $query_text . ": " .
mysql_error() . "</p>");
}

?>

echo "<p> :</p>";


echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";

148

2. -

if (!$result)  


$resultfalsewhile

 tCREATE
 
 .Z42-
 

,
SELECT
mysql_query
CREATE  
.Z42-  
 urls mysql_query
CREATE false 
  true 

$resulttrue

 mysql_query42- 
42- 

  CREATE  INSERT  UPDATE  DELETE  DROP
  true 

false 


SQL-, UPDATE DELETE, .


. : UPDATE
, DELETE .
,
.

  
 42-




 )5.-
 mysql_query
 false 
42-

4. PHP MySQL

149

  false  


CREATE INSERT UPDATE DELETEDROP 
 


   


true 

   

 if
 if

$return_rows = false;
$location = strpos($query_text, "CREATE");
if ($location === false) {
$location = strpos($query_text, "INSERT");
if ($location === false) {
$location = strpos($query_text, "UPDATE");
if ($location === false) {
$location = strpos($query_text, "DELETE");
if ($location === false) {
$location = strpos($query_text, "DROP");
if ($location === false) {
// ,
// CREATE, INSERT, UPDATE, DELETE
// DROP. .
$return_rows = true;
}
}
}
}
}

if $location false
(= = =).

  
 if 
  
if
$location = strpos($query_text, "SEARCH_STRING");
if ($location === false) {
// SEARCH_STRING
}

150

2. -

  if  


CREATE INSERT UPDATE DELETEDROP
// if
if ($location === false) {
// , ,
// CREATE, INSERT, UPDATE, DELETE DROP.
// .
$return_rows = true;
}

  



  CREATE INSERT 
 
strpos

, . . -
PHP- .
, .

 
 42- 
 $return_rows false 
true
 if
$returns_rowstrue 
  false 

$returns_rows
<?php
// require
//
//
// ,
if ($return_rows) {
//
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {

4. PHP MySQL

151

// . ,
// .
if ($result) {
echo "<p> :</p>"
echo "<p>{$query_text}</p>";
}

?>

, if ($return_rows) , if ($return_rows = = = true).


if ($result).

 
 
if($return_rows)  
 SELECT 


elseif 

if  


if($result)
 $result false
   $result true 

if ($return_rows) {
//
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
// . ,
// .
echo "<p> :</p>"
echo "<p>{$query_text}</p>";
}

  



 urls 1)1
1)1

 42-
DROP TABLE urls; 

152

2. -

  
 


. 4.12.

run_query.php 
 

  
 



   


DROP TABLE urls;

  DROP 


  
 

  
drop table urls;

 
$location = strpos($query_text, "DROP");
if ($location === false) {
// true, ,
// .
}

DROP ESPQ
 strpos   
E%
%301 ESPQE3P1

4. PHP MySQL

153

  


   42-

 42- 

 
 
  

 



$query_string

$return_rows = false;
$query_text = strtoupper($query_text);
$location = strpos($query_text, "CREATE");
// if

drop table urlsDROP table UrLS 


DROP TABLE URLS%301
 


, .
, -
. ,
iPhone .



 
  
  DROPINSERT
// . , .
echo "<p> :</p>"
echo "<p>{$query_text}</p>";

  

, ,
CREATE DROP TABLE
urls;. , DROP,
CREATE.

154

2. -

. 4.13. SQL- ( . 4.12)

  


 

$query_text = strtoupper($query_text);

$query_text
   

$query_text

SELECT *
FROM users
WHERE last_name = "MacLachlan";

 

SELECT *
FROM USERS
WHERE LAST_NAME = "MACLACHLAN";

SELECT 
42- .BD-BDIMBO
.BD-BDIMBO
.BD-BDIMBO

."$-"$)-"/

 mysql_query$query_text


 
 
  

 



4. PHP MySQL

155

$return_rows = false;
$uppercase_query_text = strtoupper($query_text);
$location = strpos($uppercase_query_text, "CREATE");


$return_rows = false;
$uppercase_query_text = strtoupper($query_text);
$location = strpos($uppercase_query_text, "CREATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "INSERT");
if ($location === false) {
$location = strpos($uppercase_query_text, "UPDATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DELETE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DROP");
if ($location === false) {
// ,
// , CREATE, INSERT, UPDATE,
// DELETE DROP. .
$return_rows = true;
}
}
}
}
}

 

  
42-
 
 

1)1


, , run_query.php,
. , -
:
SELECT
FROM
WHERE
OR

*
registrar_activities
name = 'Update GPA'
name = 'Drop a class'

156

2. -

SELECT, , run_query.php
SQL , .
.
, update drop, , , ,
. - !
SQL.
CREATE, INSERT . , , .
if PHP or ():
if ($location = = = false ||
$location > 0) {

PHP . ,
: ($location = = = false)
( 0),
. , if,
. , ,
.
! ,
. , -
SQL:
CREATE TABLE urls (
id int,
url varch*ar(100),
description varchar(100)
);

: ( SELECT),
. : .
, : trim. ,
, :
$uppercase_query_text =
trim(strtoupper($query_text));

, , ,
, .
,
. -
. ,
,
-.

 
  
 
 

 
 
  


 
 
 
 
 
run_query.php
if  
 CREATE  UPDATE  INSERT  SELECT 

 
 
   
 
strpos

 



 run_query.php 

158

2. -

if 
 $query_text t
  


, ,
.
, .
, , , -
, .

,
strpos 
  
 strpos
 
UPDATEDROP 

       
   
"abcdefghijklmnopqrstuvwxyz" 
"abc" 

 
 
 "<a"
  
 



 
 "a" "m" "a"
"a" 
1)1  
1)1  
 
 preg_match QSFH1)1SFHVMBS FYQSFTTJPOT



<?php
$string_to_search = "Martin OMC-28LJ";
$regex = "/OM/";
$num_matches = preg_match($regex, $string_to_search);

5.

159

if ($num_matches > 0) {
echo " !";
} else {
echo " . .";
}
?>

preg_match , ,
. ,
, preg_match
, , , .

 regex.php

--(08:25 $)-> php regex.php
!

 
 
 

 t 
 "

 '
FTDBQF 
1)1
1)1


 
  
"/OM/" 
OM
  "/OM/" OM
PN 0N0I. O
M  

preg_match 
  
  
         
preg_match 
 t 

       
preg_match_allpreg_match("/Mr/", "Mr. Mranity")
 preg_match_all("/Mr/", "Mr. Mranity")

160

2. -

, preg_match preg_match_all,
, .
, www.php.net/manual/en/function.preg-match.php.

...
 
strpos
 
 
|

?

(My name is Bob) (I am a carpenter) . , .
.
? Im going to the bank. , Im going to the bank. PHP
, Im
I, m going to the bank - .
, , ,
:
, .
- , - -
. (\) .
Im going to the bank.
I\m going to the bank. \ PHP , , .
? ,
, MS-DOS 286 ?
\del C:\*.*\ Enter! ,
, PHP
, , : \*.
PHP , ,
.
.

5.

161

escape- , ,
: .
\del C:\\*.*\ Enter!
() (\), PHP
,
. , : (\n), (\t)

{$variable} $variable.
, .
, .
. :
?
: 99 % .
, escape-
,
. , ,
.
 


/(Mr|Dr)\. Smith/

 \

 
   
 \.
 
/Mr. Smith/.S4NJUI %S4NJUI
 /(Mr|Dr). Smith/.S4NJUI
%S4NJUI


//
echo " : " . preg_match("/(Mr|Dr). Smith/", "Mr. Smith");
//
echo " : " . preg_match("/(Mr|Dr). Smith/", "Dr. Smith");

162

2. -

 
 run_query.php

<?php
require '../../scripts/database_connection.php';
$query_text = $_REQUEST['query'];
$result = mysql_query($query_text);
if (!$result) {
die("<p> SQL-: " . $query_text . ": " .
mysql_error() . "</p>");
}
$return_rows = false;
$uppercase_query_text = strtoupper($query_text);
$location = strpos($uppercase_query_text, "CREATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "INSERT");
if ($location === false) {
$location = strpos($uppercase_query_text, "UPDATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DELETE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DROP");
if ($location === false) {
// ,
// CREATE, INSERT, UPDATE, DELETE DROP.
// .
$return_rows = true;
}
}
}
}
}

?>

if ($return_rows) {
//
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
// . ,
// .
echo "<p> :</p>";
echo "<p>{$query_text}</p>";
}

5.

163

if
 
<?php
// require
$return_rows = true;
if (preg_match("/(CREATE|INSERT|UPDATE|DELETE|DROP)/",
strtoupper($query_text))) {
$return_rows = false;
}
if ($return_rows) {
//
}
?>

, , -
.
run_query.php 4,
5.

 
if
 $return_rowsfalse
true  


$return_rowstrue
 ifpreg_match
preg_match_all  
  
 
42- 
 
 CREATE INSERT 
UPDATE DELETE DROP
 $query_
text 
$query_text 

 
strtoupper
   preg_match 1)1
false preg_match
 1)1 true

164

2. -

preg_matchif
 if

 if$return_rowsfalse 
 
   


.
, .
, -
.


run_query.
php  
  
  
  

 
if (preg_match("/(CREATE|INSERT|UPDATE|DELETE|DROP)/",
trim(strtoupper($query_text)))) {
$return_rows = false;
}



 
SELECT
FROM
WHERE
OR

*
registrar_activities
name = 'Update GPA'
name = 'Drop a class'


UPDATE DROP SELECT
  UPDATE DROP 


 
if 
1)1
1)1

          

 ^



5.

165

//
echo " : " . preg_match("/^(Mr|Dr). Smith/",
"Dr. Smith") . "\n";
//
echo " : " . preg_match("/^(Mr|Dr). Smith/",
" Dr. Smith") . "\n";

 /^(Mr|Dr). Smith/%S4NJUI 


"Dr. Smith" .S4NJUI

 ^

 
if (preg_match("/^(CREATE|INSERT|UPDATE|DELETE|DROP)/",
trim(strtoupper($query_text)))) {
$return_rows = false;
}

 
$
  
//
echo " : " . preg_match("/^(Mr|Dr). Smith$/",
,
"Dr. Smith ") . "\n";
//
echo " : " . preg_match("/^(Mr|Dr). Smith$/",
"Dr. Smith") . "\n";

^ $ (/).
, , /^(Mr|Dr). Smith/$, PHP $,
. ,
, , .

  
$ %S4NJUI
 
 
^(Mr|Dr)
 
Smith$

 ^  $t 
  
 
  
 
1)1  == ===

or | 
 

166

2. -

trim strtoupper
 

$query_text CREATE INSERT
         

 
  


J
//
echo " : " . preg_match("/^(MR|DR). sMiTH$/i",
,
"Dr. Smith") . "\n";

  


  
 run_query.php 

$return_rows = true;
if (preg_match("/^(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
trim($query_text))) {
$return_rows = false;
}

strtoupper 
J  
J  
  
DROP 


$query_text 
 

  
 trim $query_string

  
 
  

 
(CREATE|INSERT|UPDATE|DELETE|DROP)

5.

167

t
t
t
 CREATE  UPDATE  t


. 5.1. ,

 
 /^ Mr. Smith/
.S4NJUI .S4NJUIt

 
 + 
 
//
echo " : " . preg_match("/^ (MR|DR). sMiTH$/i",
,
" Dr. Smith") . "\n";
//
echo " : " . preg_match("/^ (MR|DR). sMiTH$/i",
"
Dr. Smith") . "\n";

168

2. -

//
echo " : " . preg_match("/^ +(MR|DR). sMiTH$/i",
"
Dr. Smith") . "\n";

 
   
 


//
echo " : " . preg_match("/^ +(MR|DR). sMiTH$/i",
"Dr. Smith") . "\n";

  +



 
*
//
echo " : " . preg_match("/^ *(MR|DR). sMiTH$/i",
"Dr. Smith") . "\n";

 $query_text
 run_query.php 

$return_rows = true;
if (preg_match("/^ *(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
$query_text)) {
$return_rows = false;
}


run_query.php

  

 
 
42-&OUFS

DROP 
          
&OUFS\n 
 \r\n   
\r

5.

169

. 5.2.

: \n ,
\r . , Windows \r\n, Unix Linux \n,
Mac ( , , OS X) \r.
, - ,
. -
\n, .

 
\n*
\r*t
\r\n \r*\n*
 \r*\n* *
&OUFS 
 
&OUFS 



170

2. -



 \r \n
 

?
,
, : CREATE, INSERT UPDATE
$query_text. ,
, $location = strpos($query_text, "CREATE");
if ?
,
if. -, , -.
,
, .
-, . ,
. . : ,
- , .
,
run_query.php.
: SQL - $query_
text. , , .
:
SELECT
FROM
WHERE
OR

*
registrar_activities
name = 'Update GPA'
name = 'Drop a class'

SELECT , , DROP.
, , .
 (\r|\n| )* 
| or

*
|
  []

$return_rows = true;
if (preg_match("/^[ \t\r\n]*(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
$query_text)) {
$return_rows = false;
}

5.

171

 
 \t 
 
 

 
[ \t\r\n]\s

$return_rows = true;
if (preg_match("/^\s*(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
$query_text)) {
$return_rows = false;
}

 42- 


  
 


. 5.3. ,
,


 mysql_query
 
\r\n
 
run_query.php 

SELECT *
FROM urls
WHERE description = 'home page'

 
 urls 

172

2. -

 

42- 
 
  
1)1.Z42-

. 5.4.

  
42-
42-

 

42-
t
  
 
.Z42-

:

  
t
t
t
^$ preg_match 
+ *

1)1.Z42-
1)1.Z42-
.Z42-
.Z42-

 
(PPHMF  
(PPHMF  
 
 
 
1)1
1)1 )5.-
 

5.

173

PHP
, , , . ,
, .
.
,
. , JavaScript . JavaScript
, replace(), match(),
. , PHP,
.
HTML5.
HTML5 ,
. ,
PHP -.
- , . Ruby Ruby on Rails
( ), ,
, Cucumber, Capybara TestUnit.
, !
, ,
.
? , SQL, MySQL, , , PHP. ,
.

1)1
)5.- .Z42-


1)1 iffor  


1)1.Z42-
1)1.Z42-
.Z42-
.Z42-


 
 42-
 

  



 
   
 


    5XJUUFS  63- 'BDFCPPL
 
 
 1)1

6. -

175

 
 )5.-$44
 
 1)1
.Z42-

 
 
  


, - HTML
. , create_user.html.

 
   
 

 
)5.-
)5.-

 getFormInfo.php        
 
 

. 6.1. getFormInfo.php

176

2. -



  

 


  
 
  
 
 
 
 

 
 
 
 63-'BDFCPPL
 5XJUUFS



 
   63-
'BDFCPPL5XJUUFS
42-CREATE 

CREATE TABLE users (
user_id int,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);

, MySQL -
. ,
.

42- 

 


6. -

177


, .
, .
, , ,
. , ,
, , , , .
, first_name last_name,
. ( ) , , , , . , .
, , . , .
; .
, , , . , ,
, , . . ,
, users , . ,
, .


id
user_id

 
  

5XJUUFS 
  
 
5XJUUFS 
NGTT

 
  


 
 
*% 

178

2. -

 user_id
 




 42- 
user_id
*% 
 

 
user_idusers 
  
 


  .Z42-
 
 
 
 
.Z42-user_id1029 
 .Z42- 
1030*%
CREATE
CREATE TABLE users (
user_id int AUTO_INCREMENT,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);

*%
 .Z42-
user_id .Z42-
user_id

ID
 user_id.Z42-
users
user_idt
t
 

6. -

179

,
.

 
 t

 user_id 
user_id 2048  
user_id  user_id
 

 
  
  

.Z42-user_idtAUTO_INCREMENT
user_id t
.Z42-AUTO_INCREMENT 
  

 .Z42-
 .Z42- 
.Z42- 

user_id
CREATE TABLE users (
user_id int AUTO_INCREMENT PRIMARY KEY,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);

  AUTO_


INCREMENT user_id
 .Z42-
 42-PRIMARY KEY
CREATE TABLE users (
user_id int AUTO_INCREMENT,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);

 .Z42- 
 .Z42- 
 .Z42- 
 .Z42- 
 .Z42- 
 .Z42- 
 .Z42- 
 .Z42- 
.Z42- 
.Z42- 
 
 
 
 





QIQ.Z"ENJO

180

2. -

. 6.2. phpMyAdmin

phpMyAdmin .
, ,
. , - MySQL
, phpMyAdmin. , ,
, , , .

  


.Z42-   
AUTO_INCREMENT PRIMARY KEY 
.Z42-   
PRIMARY KEY 



    user_id     
AUTO_INCREMENT 

 AUTO_INCREMENT
 
 .Z42-

  
 
5XJUUFS'BDFCPPL
  


6. -

181

1)1
 
  
 
 
.Z42- 
 .Z42- 
 NULL 

CREATE TABLE users (
user_id int NOT NULL AUTO_INCREMENT PRIMARY KEY,
first_name varchar(20) NOT NULL,
last_name varchar(30) NOT NULL,
email varchar(50) NOT NULL,
facebook_url varchar(100),
twitter_handle varchar(20)
);

, MySQL
user_id, NOT NULL.
, , MySQL
.

 AUTO_INCREMENT  


 
 


NULL NOT NULL


users , NOT NULL,
, . users
: ,
? , - ( ,
, , ).
.
, ?
NOT NULL , . ,
NOT NULL.
NULL, : ,
, ,
, .

182

2. -

NOT NULL.
, ,
, , .
28 ,
. , Facebook Twitter,
: , , .
, :
, , . .
, .
. ,
, , .
: NOT NULL , . , :
null, ( ) . , , , ,
. ,
, ,
, -
NOT NULL.
42- 
 users.Z42-

QIQ.Z"ENJO 

DROP .
, DROP TABLE
users;. .
CREATE , .


 users 
 AUTO_INCREMENT
  

1)1 

 getFormInfo.php

 

6. -

183

<?php
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
?>

create_user.phpTDSJQUT 
 
DIFYBNQMFT
create_user.html 

  
 
users

create_user.php,
strpos
.

SQL-

 
<?php
require '../../scripts/database_connection.php';
//
?>

184

2. -

database_connection.php echo ( ).
, ,
.

 
INSERT 

 
 
42-

INSERT INTO users (first_name,
last_name,
email,
facebook_url,
twitter_handle)
VALUES ("Brett",
"McLaughlin",
"brett.m@me.com",
"http://www.facebook.com/bdmclaughlin",
"@bdmclaughlin");

SQL-
MySQL.


  


$insert_sql = "INSERT INTO users (first_name, last_name, " .
"email, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$facebook_url}', '{$twitter_handle}');";

, ,
, . ,
.

 42-
mysql_query
 
 
users 
  
{ }


6. -

185


   
 
1)1 
1)1 

42-
<?php
//
$insert_sql = "INSERT INTO users (first_name, last_name, email,
facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
?>


 users 
users facebook_url 

 
 

<?php
//
$insert_sql = "INSERT INTO users (first_name, last_name, email,
facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql)
or die(mysql_error());
?>

 die 

  
  

 
42-  
 mysql_query  die


186

2. -

. 6.3.

  
  
 

- HTML- getFormInfo.php, -
create_user.php, -
.

  
42-
SELECT user_id, first_name, last_name
FROM users;


+---------+------------+-----------+
| user_id | first_name | last_name |
+---------+------------+-----------+
|
1 | C. J.
| Wilson
|
+---------+------------+-----------+
1 row in set (0.00 sec)

6. -

187

QIQ.Z"ENJO users
  


. 6.4. users

  users 


 



 



, -,
. , getFormInfo.html
create_user.html, , .
FTP-.
-
. ,
. , .
, , .

,
users.

188

2. -

,
,
. ,
, , create_user.php ,
.
, CRUD , , . (CReate), (Update) (Delete) .
HTML- (create_user, update_user
. .) , .


  


 
   


getFormInfo.php
<?php
// request
//
?>
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 6.1</div>
<div id="content">
<p> , :</p>
<p>
: <?php echo $first_name . " " . $last_name; ?><br />
: <?php echo $email; ?><br />
<a href="<?php echo $facebook_url; ?>"> Facebook</a>
<br />
<a href="<?php echo $twitter_url; ?>"> Twitter-</a>

6. -

189

<br />
</p>
</div>
<div id="footer"></div>
</body>
</html>

   
5XJUUFS 
5XJUUFS 

63- 
  

   
$twitter_handle  

  

 63-  

 
 


5XJUUFS

 
Name: <?php echo $first_name . " " . $last_name; ?><br />


  
  




 
 
 
 5XJUUFSt @
  

 
          

190

2. -

 



   
 
 
  

  
 
  

 
 
42-SELECT
 
  
 




<?php
// request
//
$get_user_query = "SELECT * FROM USERS WHERE ..."
mysql_query($get_user_query);
// HTML
?>
<!-- HTML- -->

$get_user_query .
,
WHERE, .

 

  


6. -

191

  


 
   
 

 create_user.php
 show_user.php 

 database_connection.php 

 

create_user.php  
 
 create_user.php 



 
 
users 
 


1)1 
 
1)1
)5.-
 
 .php )5.- 
)5.- 

)5.- 
)5.- 

 .php 1)1 
)5.-  
  
)5.-


 
 


192

2. -

. 6.5.

)5.- $44


<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1>. . </h1>
<p>
<img src="images/cj_wilson.jpg" class="user_pic" />
- -
.
-, 2010
, 2011
. , ,

6. -

193

. </p>
<p> , ,
.
</p>
<p class="contact_info"> . .:</p>
<ul>
<li>...
<a href="wilson@texasrangers.com"> </a></li>
<li>...
<a href="http://www.facebook.com/pages/CJ-Wilson/127083957307281">
Facebook</a></li>
<li>... <a href="http://www.twitter.com/str8edgeracer">
Twitter </a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

, users.
.
Twitter .
, ,
, .

 

  
 $first_name  
$last_name $email
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1>$first_name $last_name</h1>
<p><img src="$user_image" class="user_pic" />
$bio</p>
<p class="contact_info"> $first_name:</p>
<ul>
<li>...
<a href="$email"> </a></li>
<li>...

194

2. -

<a href="$facebook_url">
Facebook</a></li>
<li>... <a href="$twitter_url">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

, HTML PHP.
, . ,
, PHP. ,
, ,
.

 
)5.- 1)1
  
   $bio
 $user_image

 users

 users 

 

 create_user.html
 create_user.php 


  

 
  
users

ALTER



 

 
42-ALTER
ALTER TABLE users
ADD bio varchar(1000);

6. -

195

 42-
 ALTER
 
 
ADD 

 bio NOT NULL  
  NOT NULL

  
)5.-create_user 


   



?
ALTER
( , show_user)
: , ?
users , - ,
.

. , , - bio NULL.
NULL .
, , -,
,
, . ,
.

. -, ,

. , , username,
NOT NULL. , , ?
?

196

2. -

, .
?
username ,
.
.
, ,
?
, ,
- , NEEDS_USERNAME (
),
, . , , ,
.
ALTER : - , , ,
. ,
. ( .)

. -
, . -
- .

:
biousers)5.- 
1)1  show_user.php


create_user.php 
 
  delete_user.php

update_user.php 

1)1
1)1

)5.-  
)5.-  
  
   
1)1

<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />

6. -

197

</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1>$first_name $last_name</h1>
<p><img src="$user_image" class="user_pic" />
$bio</p>
<p class="contact_info"> $first_name:</p>
<ul>
<li>...
<a href="$email"> </a></li>
<li>...
<a href="$facebook_url">
Facebook</a></li>
<li>... <a href="$twitter_url">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

PHP scripts/.
ch06/scripts/, , scripts/
-, PHP- .


 1)1 <?php?>  
  $
1)1 

)5.-)5.- 
  42- 
SELECT
   



   
1)1
  <?php ?>
1)1 )5.-63-
 


198

2. -

. 6.6.

HTML.
- ,
. PHP

. ,
, ,
.

, ,
link head . scripts/ CSS
HTML- -
ch06/.

show_user.php )5.- 


)5.-
 
  


6. -

199


 <?php ?> 
1)1 echo 

<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"> </a></li>
<li>...
<a href="<?php echo $facebook_url; ?>">
Facebook</a></li>
<li>... <a href="<?php echo $twitter_url; ?>">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

 
 $
 

 
 1)1 echo
1)1
 
1)1 



 
 
1)1  
 
 

200

2. -

. 6.7. -


1)1)5.-
<?php 

<?php
$first_name = ". .";
$last_name = "";
$user_image = "///.jpg";
$bio = " - -
.
-, 2010
, 2011
. , ,

. </p>
<p> , ,
.";
$email = "wilson@texasrangers.com";
$facebook_url = "http://www.facebook.com/pages/CJ-Wilson/127083957307281";

6. -

201

$twitter_url = http://www.twitter.com/str8edgeracer;
?>
<html>
<!-- HTML PHP -->
</html>


 
 
 $
  


. 6.8. - .
:
,


SELECT
)5.-
  
SELECT
SELECT *
FROM users;

202

2. -



+---------+------------+-----------+----------------+--------------------------------------------------------+----------------+------+
| user_id | first_name | last_name | email
|
facebook_url
|
twitter_handle | bio |
+---------+------------+-----------+----------------+--------------------------------------------------------+----------------+------+
|
1 | . .
| | wilson@texasrangers.com | http://www.facebook.com/
pages/CJ-Wilson/127083957307281 |
@str8edgeracer | NULL |
+---------+------------+-----------+----------------+--------------------------------------------------------+----------------+------+
1 row in set (0.03 sec)

, , , -
. SELECT ,
,
.

 
first_namelast_name email
 $first_name  $last_name

 
  
 
  
 show_user.php 
  

   show_
user.php
 
create_user.htmlcreate_user.php
 

        
  
  'BDFCPPL
5XJUUFS
 show_user.php
63-
 
show_user.php

6. -

203


show_user.php  
 show_user.php 
  *%
*%

 show_user.php


 create_user.php *%


show_user.php
 
show_user.php
   
show_user.php

*%
show_user.php
*% *%
*%
*%


 

show_user.php 
*% 
 $_REQUEST
show_user.php
<?php
$user_id = $_REQUEST['user_id'];
//
?>
<html>
<!-- HTML PHP -->
</html>

 
         
user_id
SELECTWHERE
SELECT *
FROM users
WHERE user_id = $user_id;

 WHERE 


64&42-t
64&42-t
42-t
42-t
t



204

2. -


 *

 users 
 user_id
 $user_id
 user_id 1
$user_id1 
user_id 1 
SELECTuser_id
 PRIMARY KEY 
*%t

 
 
 
 
 
 show_user

1)1
<?php
require '../../scripts/database_connection.php';
// ID
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;
//
$result = mysql_query($select_query);
//
?>
<html>
<!-- HTML PHP -->
</html>

 
SELECTuser_id



SQL-
 $result   
  
 

6. -

205

1)1

 SELECT 
 
  
show_user.php
  $result
$resultfalse 
42-
//
$result = mysql_query($select_query);
if ($result) {
// $result
} else {
die(" ID {$user_id}");
}

if 

$resultfalse    
 $user_id 


 
 
if
1)1 mysql_fetch_array
42- 
42- 
 
$result
if ($result) {
$row = mysql_fetch_array($result);
//
//
} else {
die(" ID {$user_id}");
}

 
 
mysql_fetch_array$row mysql_fetch_array
42- 
42- 
 
 
mysql_fetch_array 
 



"SSBZtt

206

2. -

mysql_fetch_array($result)
 


. , , ,
, .
mysql_fetch_array , .
mysql_fetch_array false, ,
.
mysql_fetch_array ,
. ,
( false, )
.

 $row
 $row 
$_REQUEST @3&26&45
3&26&45


 $_REQUEST 
 
  "first_name" 
$_REQUEST['first_
name']$row
42- 
42- 


 $row 

//
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= $row['bio'];
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
//
$user_image = "///_.jpg";
} else {
die(" ID {$user_id}");
}

6. -

207

if , URL
Twitter. , URL
trim()
2,
Twitter .
, $user_image -
.
:
$user_image = ../../images/missing_user.png;
,
.

 
$result
mysql_fetch_array 


ID
show_user.php
*% 
*% 
*% 
 
 
 show_user.php
 
show_user.php 
 
 $_REQUEST 
  
63- 
show_user.php show_user.php

create_user.php  

63- ZFMMPXUBHNFEJBDPNQIQ..
DITDSJQUTTIPX@VTFSQIQ 
63-
63- ?

[]://[_]/[_]?[_]

63-NZTJUFDPNTDSJQUTTIPX@VTFSQIQ GJSTU@OBNF-BODF
$_REQUEST['first_name']"Lance"
 

208

2. -

& 63-
NZTJUFDPNTDSJQUTTIPX@VTFSQIQ GJSTU@OBNF-BODFMBTU@OBNF.D$PMMVN

C (show_user.php) ,
(?rst_name=Lance&last_name=McCollum) .

  *%
  

show_user.php63- 
ZFMMPXUBHNFEJBDPNQIQ..DITDSJQUTTIPX@VTFSQIQ VTFS@JE
  
 42-show_
user.php

. 6.9.

, PHP, . $_REQUEST[user_id]
USER_ID user_Id.
.

 
 show_user.php

6. -

209

 
 
create_user.php 
show_user.php 


, : INSERT
users,
show_user.php. , ,
show_user.php .
create_user.php, -
.

scripts/?
( ) TDSJQUT ,
, Perl CGI ( Common Gateway Interface, ,
,
).
, , . , -, ,
.
PHP .
show_user.php HTML, PHP,
, . ,
PHP , . ,
PHP-, HTML
URL PHP- .
,
HTML PHP. ,
Wordpress (wordpress.org wordpress.com) PHP. index.php,
index.html.
, TDSJQUT? . , , , HTML-
PHP-. TDSJQUT , -
.

210

2. -

7 ,
TDSJQUT, . , , - HTML,
CSS JavaScript, , , PHP. , PHP,
PHP- HTML.

   
bio 
create_user.php 
 
 show_user.php
*% 
 



create_
user.html  
  
'BDFCPPL
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="scripts/create_user.php" method="POST">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" /><br />

6. -

211

<label for="email"> :</label>


<input type="text" name="email" size="50" /><br />
<label for="facebook_url">URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
<label for="bio">:</label>
<textarea name="bio" cols="40" rows="10"></textarea>
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

 

create_user.php 
 
create_user.html 
<html>
<!-- -->
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="scripts/create_user.php" method="POST"
enctype="multipart/form-data">
<fieldset>
<!-- -->
<label for="user_pic"> :</label>
<input type="file" name="user_pic" size="30" />
</fieldset>
<!-- -->
</body>
</html>

 
)5.-

212

2. -

form 
enctypemultipart/formdata  
 
 
 
 file 
 
 



, :
? ,
. ,
, users?
? ,
.


  

. 6.10. ,
, ,

6. -

213



   
   

 
create_user.php 



    create_user.php
bio 
INSERT 
<?php
require '../../scripts/database_connection.php';
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
// ...
$insert_sql =
"INSERT INTO users (first_name, last_name, email, bio,
facebook_url, twitter_handle)
" .
"VALUES ('{$first_name}', '{$last_name}',
'{$email}', '{$bio}' " .
"'{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
?>


tbio 

, , ALTER TABLE,
bio users.

  create_user.html









SELECT
SELECT first_name, last_name, bio
FROM users;

214

2. -


| first_name | last_name | bio
|
|
| , 1966
Genesis. 7 .
1975, , 11
. , , (1984),
(1989), (2002).

, ,
. .
C. J. Wilson bio NULL,
, bio.

show_user.php 
*%


<?php
// ,
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php");
exit();
?>

 header)551 )551t
)ZQFS5FYU5SBOTGFS1SPUPDPM 

 )551  
  )551
http:// 63-

 


show_user.php 
  header
echo 
<html> header

 
63-   IUUQXXX
HPPHMFDPNTDSJQUTEBUBCBTF@DPOOFDUJPOQIQ
 tshow_user.php

6. -

215

 
header
*% 
 mysql_query  INSERT  
*%
SELECT  
show_user.php
show_user.php*%  
1)11)1
mysql_insert_id 
  *%
*%

INSERT 
AUTO_INCREMENT
 mysql_insert_id
 *%
SELECT
 mysql_insert_id 
  
 INSERT 
 myql_query  

*%
63-  63-
<?php
// ,
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
?>

 create_user.php 


:
("Location: show_user.php?user_id={mysql_insert_id()}");
, . PHP
, :
("Location: show_user.php?user_id={$user_id}");
.


 

216

2. -

create_user.php show_
user.php 


. 6.11.

  
 

 
 

)5.- $44+BWB4DSJQU
)5.- $44+BWB4DSJQU
$44+BWB4DSJQU
$44+BWB4DSJQU
+BWB4DSJQU
+BWB4DSJQU




( )

  



6. -

217

  
&OUFS )5.-
)5.-

&OUFS)5.-<p></p>
  
 
 &OUFS
\r\n

 show_user.php&OUFS)5.-
<p> preg_replace
<?php
//
// SELECT
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
// URL Twitter

}
?>

// HTML-

[\r\n]+, [\r\n]*. *
, , ,
</p><p> . + ,
\r \n ( ) ,
</p><p>.


 
 
t\r \n\r\n

 show_user.php
<?php
require '../../scripts/app_config.php';

218

2. -

require '../../scripts/database_connection.php';
// ID
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;
//
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
//
$user_image = "../../images/missing_user.png";
} else {
die(" ID {$user_id}");
}
?>
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"><?php echo $email; ?></a></li>
<li>...

6. -

219

<a href="<?php echo $facebook_url; ?>">


Facebook</a></li>
<li>... <a href="<?php echo $twitter_url; ?>">
Twitter </a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

   


 


. 6.12.

 

 

)5.-
  
  
 

220

2. -

,
?
HTML create_user.html,
create_user.php,
show_user.php . , first_name
HTML, PHP MySQL ( , SQL). - , firstName,
user_firstName first_name.
, . , ,
.
: HTML, PHP MySQL?
. : ,
PHP, ?
:
. Java
.
Java firstName, first_name.
C++, PHP , Ruby,
, .
SQL .
:
, , ,
. ,
HTML- .
PHP , ,
.





 



 

-

( )


  $44
 )5.-  )5.- 
 
 


die  
  
 
63-
'BDFCPPL 

 

 
 
  
 


: JavaScript,
.
.

 
          

 
 

7. - ( )

223


  
  
 
 


. 7.1.

63-show_user.php 
*% 

. 7.2.
, ,

224

3. - -


   
*%




  
)5.- 
1)1
1)1

   
 1)1

)5.-show_error.html
 

<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p></p>
</div>
<div id="footer"></div>
</body>
</html>

 








  
 

 

7. - ( )

225

. 7.3.

?
 

 
 


 

 
.Z42-
#1054 - Unknown column 'firstname' in 'field list'

.Z42-
1)1 

, .

  

   
  

226

3. - -

? , -
, .

  

, .

 
 



 
  
 
   

 


  
  


. 7.4. ,

7. - ( )

227


 

t

  
 

 
 

 
 

<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<p><img src="../images/error.jpg" class="error" />...
. ,
.
- ,
<a href="mailto:info@yellowtagmedia.com"></a>,
.</p>
<p> , ,
, <a href="javascript:history.go(-1);"> .</a>
,
. , . ...
.
.</p>
</div>
<div id="footer"></div>
</body>
</html>

  

  

228

3. - -

 

 
 

. 7.5.


 
  

 
 

,
1)1 
 
  

 
  


7. - ( )

229

  





 

  


   



. , , .
, (
) ,
.
,
,
,
. ,
, .
, , , ,
24 36 - ,
.
, !
,
, . .
, ,
, ,
.
, ,
:
! , ,
.
, .
,
, .

230

3. - -


PHP
 
 
 
 

  
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<p><img src="../images/error.jpg" class="error" />...
. , <span class="error_message">
.</span></p>
<p> ,
.
- ,
<a href="mailto:info@yellowtagmedia.com"></a>,
.</p>
<p> , ,
, <a href="javascript:history.go(-1);"> .</a>
,
. , . ...
.
.</p>
</div>
<div id="footer"></div>
</body>
</html>

 
 
 

7. - ( )

231


  
 

   
$44 


. 7.6.




PHP

)5.-   
   

t
t
t
 )5.-

232

3. - -

1)1  


 

<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<p><img src="../images/error.jpg" class="error" />
<?php echo $error_message; ?>
<span></p>
<p> ,
.
- ,
<a href="mailto:info@yellowtagmedia.com"></a>,
.</p>
<p> , ,
, <a href="javascript:history.go(-1);"> .</a>
,
. , . ...
.
.</p>
</div>
<div id="footer"></div>
</body>
</html>

     show_error.php    
)5.-
          
 TDSJQUT


,
phpMM/scripts/, phpMM/ .

 
 
$_REQUEST

7. - ( )

233

<?php
$error_message = $_REQUEST['error_message'];
?>
<html>
<!-- HTML PHP -->
</html>

  
1)1
1)1

  
 
1)1  show_error.php



63-63-

http://www.yellowtagmedia.com/phpMM/scripts/
show_error.php?error_message=There's%20been%20a%20problem
%20connecting%20to%20the%20database.

URL . ,
,
%20. , .

 
 


,
$_REQUEST,
. ,
?,
&.

  
 
 
show_error.php
 
 
 


$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);

234

3. - -

. 7.7.

1)1 
1)1 
 
  
\\\\\ 
1)1 
1)1 
 



   


  

 
error_message
  


7. - ( )

235

. 7.8. ,

show_error.php scripts/?

TDSJQUT . , , - create_user.html
create_user.php show_user.php. , HTML- PHP-
, .
show_error.php scripts/. ?
, show_error.php HTML-.
, .
database_connection.php,
TDSJQUT. () , ,
HTML-.

236

3. - -

: ? PHP- HTML...
? JavaScript, CSS?
.
. ,
.
VTFST, ,
: show_user.php, create_user.php create_user.html.
, HSPVQT TPDJBM . .
, . , , ,
(CSS, PHP - ). , ,
, ,
. , .
, , PHP-.
TDSJQUT. , ,
, TDSJQUT VUJMJUJFT.
, 50 100 ,
.
 
 
<?php
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
if (!isset($error_message)) {
$error_message = " - .";
}
?>
<html>
<!-- HTML PHP -->
</html>

isset 
$error_message  
!
$error_message
isset
 true  null
 $ererror_message $_REQUEST['error_message']
null isset


7. - ( )

237

 63- 


 


. 7.9.

  
 
 
TQBO  
 



 
 
        
error_message
 
 

238

3. - -


63-  
63-  
  
 
t 
t 
63- 
 
 
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E %F9%E5%EB%EA%ED%E8%F2
%E5%20%E7%E4%E5%F1%FC%2C%20%F7%F2%EE%E1%FB%20%EF%EE%EB%F3%F7%E8%F2%FC%20
%EE%EF%E8%F1%E0%ED%E8%E5%20%EE%F8%E8%E1%EA%E8%3C/a%3E


  
ZFMMPXUBHNFEJBDPNZFMMPXUBHNFEJBDPN
  
 


. 7.10. ,

7. - ( )

239

 
  
 
 



. 7.11. :
( , ),

4Z'Z #FJOH
)VNBO

  
  

  



$44 ZFMMPXUBHNFEJBDPN 
  


240

3. - -

,
        
63- 
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E %F9%E5%EB%EA%ED%E8%F2
%E5%20%E7%E4%E5%F1%FC%2C%20%F7%F2%EE%E1%FB%20%EF%EE%EB%F3%F7%E8%F2%FC%20
%EE%EF%E8%F1%E0%ED%E8%E5%20%EE%F8%E8%E1%EA%E8%3C/a%3E

 error_message
 
 63-
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=<a
href="http://www.syfy.com/beinghuman"> ,
</a>

 
 

 1)1

  
 
  
 

, .
, . ,
: , -
. , , ,
. 13, -
, -
.


 
 
 
 

 
 


7. - ( )

241


 

  


,
PHP
 

  
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";

 
 $first_name

  
isset  
 
 


1)1

1)1  


- , -, -
- PHP, .
.

 
display_error.php
<?php
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
echo "{$query}\n\n";
?>

242

3. - -

 
$first_name
  

 
$ php display_error.php
,
SELECT * FROM users WHERE first_name =

  1)1 
 
 

  

 
$first_name
    1)1 error_reporting  
display_error.php
<?php
error_reporting(E_ALL);
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
echo "{$query}\n\n";
?>

 E_ALL      E_ALL   
E_ERROR 
E_WARNING  E_PARSE E_NOTICE 
 

XXXQIQOFUNBOVBMFOGVODUJPOFSSPSSFQPSUJOH
QIQ E_ALL

 
$ php display_error.php
PHP Notice: Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/
display_error.php on line 5
Notice: Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/display_error.php on line 5
,
PHP Notice:

Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/

7. - ( )

243

display_error.php on line 6
Notice: Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/display_error.php on line 6
SELECT * FROM users WHERE first_name =

1)1

 
 

, , ,
.
PHP .
, .




  


 database_connection.php 
          
 
 app_config.php 
database_connection.php 


, , -
app_cong.php . -
.
.

app_config.php 
TDSJQUTshow_error.phpdatabase_
connection.phperror_reporting 

<?php
//
//
error_reporting(E_ALL);
?>

244

3. - -


<?php
require '../scripts/app_config.php';
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
echo "{$query}\n\n";
?>

, , error_reporting
display_error.php, app_cong.php.



 

,
( - )
, , ,
, , , ... app_config.php. , ,
?
,
- .
, ,
, , -
... , . app_config.php.
( )
, .
app_config.php,
. (
app_config.php.) , , .



 


app_config.phpshow_error.php

7. - ( )

245

<?php
require 'app_config.php';
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
if (!isset($error_message)) {
$error_message = " - .";
}

?>

<html>
<!-- HTML PHP -->
</html>

show_error.php 
 show_error.php

 

. 7.12. :
!

  


  $error_
message($_REQUEST['error_message'])  null


246

3. - -


 
 null

<?php
require 'app_config.php';
if (isset($_REQUEST['error_message'])) {
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
} else {
$error_message =
" - .";
}

?>

<html>
<!-- HTML PHP -->
</html>

1)1
1)1

nullissetisset 
 null

  
 

 
  
 
t
t
   

  
 
  

 


: , -
, -
.


 app_config.php


7. - ( )

247

<?php
//
define("DEBUG_MODE", true);
//
//
if (DEBUG_MODE) {
error_reporting(E_ALL);
} else {
//
error_reporting(0);
}
?>

DEBUG_MODE
 


require require_once

 database_connection.php

require 'app_config.php';

 

require '../../scripts/database_connection.php';

app_config.php 
 app_config.php 
database_connection.php app_config.php

 

  app_config.php 
  app_config.php


database_connection.php
  database_connection.php
 app_config.php
  




248

3. - -

app_config.php database_connection.php 
 app_config.php  
  app_config.php


1)1
//
define("DATABASE_HOST", "db.host.com");
define("DATABASE_USERNAME", "username");
define("DATABASE_PASSWORD", "super.secret.password");
define("DATABASE_NAME", "db-name");

  


require
Notice: Constant DATABASE_HOST already defined in yellowtagmedia_com/phpMM/
scripts/app_config.php on line 4
Notice: Constant DATABASE_USERNAME already defined in yellowtagmedia_com/
phpMM/scripts/app_config.php on line 5
Notice: Constant DATABASE_PASSWORD already defined in yellowtagmedia_com/
phpMM/scripts/app_config.php on line 6

 
 require require_once
   
require
// ,
require '../scripts/app_config.php';

 app_config.php 
require_once
// database_connection.php
require_once '../scripts/app_config.php';

require_once 
includerequire

 
app_config.php
  create_
user.php  show_user.php
   
require  

app_config.php 
database_connection.php

require_once 

7. - ( )

249

app_config.php
 
require
require_once 



, require_once,
, require.
, ,
PHP- require_once.

,
  
 


app_config.phpDEBUG_MODE 


 
  1)1


 
 

debug_print 

function debug_print($message) {
if (DEBUG_MODE) {
echo $message;
}
}

 app_config.php 



   $message


  



250

3. - -

show_error.php

<?php
require 'app_config.php';
if (isset($_REQUEST['error_message'])) {
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
} else {
$error_message = " - .";
}
if (isset($_REQUEST['system_error_message'])) {
$system_error_message = preg_replace("/\\\\/", '',
$_REQUEST['system_error_message']); } else {
$system_error_message = " .";
}

?>

. error_reporting,
- .

)5.-

<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<!--
-->
<?php
debug_print("<hr />");
debug_print("<p>
:
<b>{$system_error_message}</b></p>");
?>
</div>
<div id="footer"></div>
</body>
</html>

7. - ( )

251

 

app_config.php



 
1)1 error_reporting

 debug_print



connect.htmlconnect.php

, .
connect.html connect.php
scripts/ connect.php connect.html.
require_once app_cong.php app_cong.
php connect.php. , ,
PHP, , .


show_error.php
 
<?php
require '../scripts/app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
// . ...

?>

mysql_connect 


if (!mysql_connect(DATABASE_HOST,
DATABASE_USERNAME, DATABASE_PASSWORD)) {
$user_error_message = " , " .
" , " .
" .";
$system_error_message = mysql_error();
header("Location: ../scripts/show_error.php?" .

252

3. - -

"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");

exit();

, ,
. , , ,
. $user_
error_message, header URL- .

1)1
1)1

 


if (!mysql_connect(DATABASE_HOST, DATABASE_USERNAME, "foo")) {
//
}

 connect.html  connect.


php 


. 7.13. , ,

7. - ( )

253

, , DEBUG_MODE app_cong.php
true, ,
, .

 

DEBUG_MODEapp_config.phpfalse
//
define("DEBUG_MODE", false);

connect.htmlconnect.php 
  


. 7.14. ,


 
  
 
 


254

3. - -


  
connect.php
if (!mysql_connect(DATABASE_HOST,
DATABASE_USERNAME, DATABASE_PASSWORD)) {
$user_error_message = " , " .
" , " .
" .";
$system_error_message = mysql_error();
header("Location: ../scripts/show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
exit();
}

 
  
 

mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p>Error connecting to database: " . mysql_error() . "</p>");

t  

  

         

 


if (!mysql_connect(DATABASE_HOST,
DATABASE_USERNAME, DATABASE_PASSWORD)) {
$user_error_message = " , " .
" , " .
" .";
$system_error_message = mysql_error();
header("Location: ../scripts/show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
exit();

  t
t header63-t
 
debug_print

7. - ( )

255

 app_config.php 



<?php
//
//
//
function debug_print($message) {
if (DEBUG_MODE) {
echo $message;
}
}
function ($user_error_message, $system_error_message) {
header("Location: show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
exit();
}
?>

 debug_print
 
 
exit
 
 header
  1)1
 
connect.php
if (!mysql_connect(DATABASE_HOST, DATABASE_USERNAME, "foo")) {
handle_error(" , , " .
" .",
mysql_error());
}

  

mysql_connect(DATABASE_HOST, DATABASE_USERNAME, "foo")
or handle_error(" , , " .
" .",
mysql_error());

if
or die        t  
handle_error

256

3. - -


 

. 7.15. PHP

connect.php
   
show_error.php 
 1)1
 63- 
63- 

 .php 1)1 
1)1
1)1

 63-  .php 
63-1)1
63-1)1
63-1)1
1)1
1)1

 /PJOQVUGJMFTQFDJGJFE 

 
app_config.php
function handle_error($user_error_message, $system_error_message) {
header("Location: show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
}

show_error.phpapp_config.php
app_config.php show_error.php 

connect.php  

DI 
show_error.phpTDSJQUTTIPX@FSSPSQIQ 
handle_errorapp_config.php 
connect.php show_error.php

app_config.phpconnect.php 
   
handle_error
  t
 show_error.php 
 

7. - ( )

257


, . , ,
show_error.php, (..). show_error.php
../scripts/show_error.php. ,
.
, ,
.
/, , ,
-. /scripts/show_error.php.
 app_config.php

//
define("SITE_ROOT", "/phpMM/");

 handle_error
 app_config.php 
handle_errordebug_print
<?php
//
define("DEBUG_MODE", false);
//
define("SITE_ROOT", "/phpMM/");
//
define("DATABASE_HOST", "database.host.com");
define("DATABASE_USERNAME", "username");
define("DATABASE_PASSWORD", "super.secret.password");
define("DATABASE_NAME", "database-name");
//
if ($debug_mode) {
error_reporting(E_ALL);
} else {
//
error_reporting(0);
}
function debug_print($message) {
if (DEBUG_MODE) {

258

3. - -

echo $message;

function handle_error($user_error_message, $system_error_message) {


header("Location: " . SITE_ROOT . "scripts/show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
}
?>

,
SITE_ROOT URL header
(.).


show_error.phpconnect.php
 

diehandle_error
 database_connection.php 
handle_error
<?php
require 'app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or handle_error(" , , " .
" .",
mysql_error());
mysql_select_db(DATABASE_NAME)
or handle_error(" .",
mysql_error());

?>


?
, ? - . , - , ,
, require require_once
PHP-
.

7. - ( )

259

- .
, . , , , ?
, , ,
.
,
.


. , ,
- , .


1)1 if
 
.Z42- 1)1
.Z42- 1)1
1)1
1)1

  


 

  
 
 


  
 
 
 


 

'BDFCPPL5XJUUFS 
 


   

users 
 
t debug_print handle_error 


8.

261


   

 



 

 
  



. 8.1.

 

 'BDFCPPL5XJUUFS
'BDFCPPL5XJUUFS
5XJUUFS
5XJUUFS 


  img)5.-
<img src="images/cj_wilson.jpg" class="user_pic" />

262

3. - -

. 8.2. ,

 src 
 users
  
 
 3ZBO(FZFS!USFOTQPU  


  


,

, ,
, , .
, : , . HTML, CSS JavaScript

8.

263

: , - PHP-. PHP - PHP, HTML, CSS JavaScript ,


. HTML, CSS JavaScript
, , -, PHP-, .
. ,
, . . , - , JPEG, GIF PNG, .
. URL - , ,
- - . , -, ,
. , , , -. , , - . ,
-.
, , , FTP-. . , .
. , -.
, ,
. .
- .
. PHP
, , .

HTML
)5.-
1)1 )5.-
 )5.-
)5.-



 

 create_user.html 
   
   
   
  

264

3. - -




<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="create_user.php" method="POST"
enctype="multipart/form-data">
<fieldset>
<label
<input
<label
<input
<label
<input
<label
<input
<label
<input
<label
<input
<label

for="first_name">:</label>
type="text" name="first_name" size="20" /><br />
for="last_name">:</label>
type="text" name="last_name" size="20" /><br />
for="email"> :</label>
type="text" name="email" size="50" /><br />
for="facebook_url">URL- Facebook:</label>
type="text" name="facebook_url" size="50" /><br />
for="twitter_handle"> Twitter:</label>
type="text" name="twitter_handle" size="20" /><br />
for="user_pic"> :</label>
type="file" name="user_pic" size="30" />
for="bio">:</label>

<textarea name="bio" cols="40" rows=10"></textarea>


</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

8.

265

(form action), ,
scripts/. HTML ch08/
.

 enctype form


 JOQVUUZQF
"file"user_pic
 
 


 
 





. 8.3. , ,

, .
: 1 000 000 -. , , , 20
30 Word 1 . 20 .
,
, Flickr (www.ickr.com), -
. .

266

3. - -


 "MAX_FILE_SIZE"

 
)5.- 
)5.- 
)5.- 
)5.- 
)5.- 
)5.- 

 
<input type="hidden" name="MAX_FILE_SIZE" value="2000000" />
<label for="user_pic"> :</label>
<input type="file" name="user_pic" size="30" />

, le.
. -
. ( , , ,
.)

 
 
 

 
1)1  

$ISPNF

. 8.4.

 

  

1)1




create_user.php$

<?php
require_once '../scripts/app_config.php';

8.

267

require_once '../scripts/database_connection.php';
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>

, .
app_cong.php database_connection.php,
require require_once.


 


<?php
require_once '../scripts/app_config.php';

268

3. - -

require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
$image_fieldname = "user_pic";
$first_name = trim($_REQUEST['first_name']);
//
//
// MySQL
?>

SITE_ROOT 
 app_config.php
 
 5FSNJOBM 
'51 SITE_ROOT
 VQMPBETQSPGJMF@QJDTSITE_ROOT
ZFMMPXUBHNFEJB@DPNQIQ.. ZFMMPXUBHNFEJB@DPNQIQ..
VQMPBETQSPGJMF@QJDT

$upload_dir = SITE_ROOT . "uploads/";
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');

 
 array  

 

// PHP-
$php_errors = array(' . , php.ini',
' . , HTML',
' ',
' .');

 
 $php_errors[0]  '
. , php.ini'

8.

269

, ,
, (. . -
2).

 =>
 1)1
  
 $_REQUEST['user_pic']$_REQUEST
  
)5.-
 
 user_pic
  profile_pic.jpg 

$_REQUEST = array('user_pic' => 'profile_pic.jpg');

PHP , .

, PHP .
, , ,
, , .

1)1
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');

 1)1
1)1

 $php_errors[1]
' . , php.ini' 1)1

$php_errors[0]
1)1
1)1

  1)1
1)1


1)1$_REQUEST
  $_FILES
  $_REQUEST  
$_FILES[$image_fieldname]
  $image_fieldname
create_user.php

270

3. - -

$_FILES[$image_fieldname]
 

$_FILES[$image_fieldname]['error']
   
 
1
2
3
4

=>
=>
=>
=>

' . , php.ini'
' . , HTML'
' '
' .'

$php_errors
 $_FILES[$image_fieldname]['error'] 




?
 $_FILES 
 
 
handle_error
<?php
//
//
//
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors($_FILES[$image_fieldname]['error']));
// MySQL
// show_error.php
?>

($_FILES[$image_fieldname]['error'])  

  
 
$php_errors 


app_cong.php , DEBUG_
MODE true.

8.

271

   
ifif
1)1
($_FILES[$image_fieldname]['error'] == 0)

 true 


true 1)1or
 
handle_error

if ($_FILES[$image_fieldname]['error'] != 0) {
handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
}

. -
, .

 if
 
         
1)1
create_user.html
 
J1IPUP 
J1IPUP 
 
 
 
  

1)1 
 handle_error

 
 handle_error 
 
1)1

, , , -
, ,
. ,
, .
PHP, .

 
 $php_errors 
)5.-

272

3. - -

. 8.5.

?

1)1  
  
 
  
 
 
 
 
FUDQBTTXE

 

1)1
1)1

is_uploaded_file  
)551 
)551 
 
  )5.-
      
  false 


8.

273


// ,
// ?
is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// MySQL


,
. ,
, .
,
, .
.
PHP-. . , ,
- , , .
.
, , -
PHP . , .
 ($_FILES[$image_fieldname])

 
is_uploaded_file 
  
            
is_uploaded_file 

1)1 
 @ 


// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");

274

3. - -

 
handle_error

 




, PHP , @. , , SQL- ,
URL.
, , -
, , .
@ , ,
.
.
, : ,
, .
, , @, , . : @
( ) or
. .
. ( !) ,
-. @, .
.
, @, or ,
, , 7. ,
(, , ).
,
, .

?
 
 

 
8PSE 
+BWB4DSJQU

8.

275

 1)1
getimagesize 

t 

// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");



)551 
)551 

 
 

$upload_dir = SITE_ROOT . "uploads/profile_pics/";

, .

  


  
  

 

  
 

 
$upload_dir

  


t


, Flickr Facebook.
, ,
.

276

3. - -

 

 

//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}

  
 $now
1)1time
 while
true  
true 
 while$upload_filename
$upload_dir 
 -


 
$_FILES[$image_fieldname]['name']

  while
 file_exists 
while  
 

 
 while 
  $now

1)1
 



// ,
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'], $upload_filename)
or handle_error(" " .
" .",
", " .
" {$upload_filename}");

8.

277

 
 
  create_user.php 
  

 
    
 
 
 

       
 


. 8.6. -

 
 
  
create_user.php
echo
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
echo $upload_filename;
echo "<br />";
echo $_FILES[$image_fieldname]['tmp_name'];

278

3. - -

 
echo
// ,
//
//header("Location: show_user.php?user_id=" . mysql_insert_id());

  
echo   

. 8.7. echo

 

 
 


. 8.8.

8.

279



 


$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
" '{$bio}', " . '{$facebook_url}', " .
"'{$twitter_handle}');";
//
mysql_query($insert_sql);


 
ALTER 
ALTER TABLE users
ADD user_pic_path varchar(200);

 
 users
DESCRIBE
mysql> describe users;
+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
|
| PRI | NULL
| auto_increment |
| first_name
| varchar(20) |
|
|
|
|
| last_name
| varchar(30) |
|
|
|
|
| email
| varchar(50) |
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | varchar(200) | YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
8 rows in set (0.00 sec)

user_pic_patht 
 

, ,
, , -
.

280

3. - -


INSERT
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, " .
"user_profile_pic) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
" '{$bio}', " . '{$facebook_url}', " .
"'{$twitter_handle}', '{$upload_filename}');";
//
mysql_query($insert_sql);

 

)5.-


  
1)1 
 
users show_user.php
 42-.Z42-

 42-
SELECT
 

SELECT user_pic_path
FROM users
WHERE last_name = 'Roday';


mysql> select user_pic_path from users where last_name = 'Roday';
+------------------------------------+
| user_pic_path
|
+------------------------------------+
| /yellowtagmedia_com/phpMM/uploads/profile_pics/1312127661-City_2_0_by_pince-l3d.jpg |
+------------------------------------+
1 row in set (0.00 sec)

 
 
 

 


8.

281

 
 create_user.php 
 
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url .
substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",

282

3. - -

" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
// ,
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'],
$upload_filename)
or handle_error(" " .
" .",
", " .
" {$upload_filename}");
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, user_pic_path) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}', " .
"'{$upload_filename}');";
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>

,

  
   

  


8.

283

show_user.phpcreate_user.htmlcreate_
user.phpshow_user.php
users

require
require_once, app_cong.php , ,
scripts/, . , HTML,
show_user.php, CSS JavaScript.

SELECT

 
SELECT 
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;

 
 
42-INSERT
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url = $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
$user_image
= $row['user_pic_path'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
} else {
handle_error(" " .
" .",
" ID {$user_id}");
}

die else if
handle_error.

 
//
$user_image = "../../images/missing_user.png";

284

3. - -

 )5.- 
)5.- 
 
$user_image
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<!-- . ... -->

show_user.php
*%
*%

create_user.php





. 8.9.

  
  


'JSFCVH
'JSFCVH


8.

285




    


. 8.10.

)5.-img

)5.-
)5.-
 


 



URL-
  
 
 


HTML ,
public_html/.

 show_user.php test.php
      1)1 

<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
?>

286

3. - -

$_SERVERt 
1)1DOCUMENT_ROOT


, $_SERVER, www.php.net/manual/
ru/reserved.variables.server.php.


 
IPNFCCNDMBVHIZFMMPXUBHNFEJB@DPN 
IPNFCCNDMBVHI
ZFMMPXUBHNFEJB@DPN

. 8.11.

 
 

 ZFMMPXUBHNFEJB@DPN  



 
test.php
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
$image_sample_path =
"/home1/b/bmclaugh/yellowtagmedia_com/phpMM/" .
"uploads/profile_pics/1312128274-james_roday.jpg";
?>

str_replace 
 
  
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";

8.

287

$image_sample_path =
"/home1/b/bmclaugh/yellowtagmedia_com/phpMM/" .
"uploads/profile_pics/1312128274-james_roday.jpg";
$web_image_path = str_replace($_SERVER['DOCUMENT_ROOT'],
'', $image_sample_path);
?>

 echo
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
$image_sample_path =
"/home1/b/bmclaugh/yellowtagmedia_com/phpMM/" .
"uploads/profile_pics/1312128274-james_roday.jpg";
$web_image_path = str_replace($_SERVER['DOCUMENT_ROOT'],
'', $image_sample_path);
echo "<br /><br /> : {$web_image_path}";
?>

test.php 
  

. 8.12. , :
, ,

 
&OUFS  
  

 test.php
 app_config.php
test.php
function get_web_path($file_system_path) {
return str_replace($_SERVER['DOCUMENT_ROOT'], '', $file_system_path);
}

288

3. - -

. 8.13. ,
,

   

 function 
 app_config.php
 get_web_path
  
$file_system_path
 

 $file_system_path 
 ''

    return     
str_replace
treturn1)1
1)1

  
VTSCCFOUMFZXFC
JNBHFTQSPGJMFKQHVTSCCFOUMFZXFC 
get_web_path/images/profile.jpg

8.

289


, , , Ruby on Rails,
. ,
-, .
, PHP . ,
test.php ,
.
, ,
- -
, CSS,
.
, HTML .
,
.

. , -
, . , , ../../../web/images/prole.jpg,
. , ,
, . ,
.


:
show_
user.php
  

if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url = $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];

290
$user_image

3. - -

= get_web_path($row['user_pic_path']);

// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
} else {
handle_error(" " .
" .",
" ID {$user_id}");
}


  create_user.php
 show_user.php
 user_id63-
 show_user.php



. 8.14. , , , ,
, ,

8.

291


app_cong.php
$_SERVER['DOCUMENT_ROOT'] 
 get_web_path
 
app_config.php

//
define("SITE_ROOT", "/phpMM/");

SITE_ROOT , , . ,
- ,
. , /,
.

 
 

 IPNFCCNDMBVHI
ZFMMPXUBHNFEJB@DPN QIQ.. 
  

   $_SERVER['DOCUMENT_ROOT']
  get_web_path
 
 SITE_ROOT/phpMM 

//
define("SITE_ROOT", $_SERVER['DOCUMENT_ROOT'] . "/phpMM/");



   IPNFCCNDMBVHI
ZFMMPXUBHNFEJB@DPNQIQ.. 
  
 
get_web_path
  handle_error

function handle_error($user_error_message, $system_error_message) {
header("Location: " . SITE_ROOT . "scripts/show_error.php" .
"?error_message={$user_error_message}" .
"&system_error_message={$system_error_message}");
}

292

3. - -

?
get_web_path ,
, . -, :
? ,

.
.
. ,
, PHP Ruby, Perl PHP, ,
,
. ,
, .
?
. , , , !
,
. .
, ,
/. ,
. . ,
,
.
, .
,
.
SITE_ROOT 
 
 
 SITE_ROOT

function handle_error($user_error_message, $system_error_message) {
header("Location: " . get_web_path(SITE_ROOT) .
"scripts/show_error.php" .

"?error_message={$user_error_message}" .
"&system_error_message={$system_error_message}");

8.

293


  
  
 



 


63- 
 
 
show_user.php

 


 


 
 
  
 
 
 
 
 

 

 





  
   


  
1)1
 

 1)1
 
 
  



 

users  
 SELECT INSERT 
 


tusers

t  63-'BDFCPPL
t  63-'BDFCPPL
t  63-'BDFCPPL
63-'BDFCPPL
'BDFCPPL
'BDFCPPL

5XJUUFSt
users

9.

295


  


 
 

 
images 
  

, users.
( ),
, Twitter.
, ,
.

 *% 
user_idusers
users
 

 

 .*.&

+1( (*' 1/(


 
  


42-CREATE
CREATE TABLE images (
image_id
int
filename
varchar(200)
mime_type
varchar(50)
file_size
int
image_data mediumblob
);

AUTO_INCREMENT PRIMARY KEY,


NOT NULL,
NOT NULL,
NOT NULL,
NOT NULL


mediumblob
 tinyblobt
 blobtblob


 #MPC #JOBSZ-BSHF0CKFDU
 
#JOBSZ-BSHF0CKFDU
 
-BSHF0CKFDU
 
-BSHF0CKFDU
 
0CKFDU
 
0CKFDU
 

 
 
 

296

3. - -

 mediumblobt
 longblobtlongblob


, -
. ,
longblob. ,
, ,
.
longblob
. ,
, longblob, 2 ,
, mediumblob, 2 . longblob ,

.
,
2 , mediumblob.
, ,
.
,
varchar(255), . - .
longblob, ( ) ,
, mediumblob.
 
users
mysql> USE bmclaugh;
Database changed
mysql> SHOW tables;
+------------------------------------+
| Tables_in_bmclaugh
|
+------------------------------------+
| images
|
| users
|
+------------------------------------+
2 rows in set (0.00 sec)

9.

297

create_user.php
  
  
 1)1
 getimagesize

 

images  
 create_user.php 


create_user.php.
create_user.php.bak - ,
.

<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
// , ,
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");

298

3. - -

if ($position === false) {


$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url .
substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
// , move_uploaded_file
//
//
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>

9.

299


  INSERT 
users images

 images
 $_FILES 


$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
// images
$image = $_FILES[$image_fieldname];
$image_filename = $image['name'];
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];
$image_data = file_get_contents($image['tmp_name']);
$insert_image_sql = "INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('{$image_filename}', '{$image_mime_type}', " .
"'{$image_size}', '{$image_data}');";
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
?>

  

$image
$image = $_FILES[$image_fieldname];


$_FILES[$image_fieldname]


$image_filename = $image['name'];

300

3. - -

getimagesize

getimagesize
 
 .*.& 

.*.& 

 

 
)5.- 

 
$image_size = getimagesize($image['tmp_name']);

getimagesize  
   

.*.&
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];


 
$image_size = $image['size'];

le_get_contents

 getimagesize
  
file_get_contents
   image_data
images
$image_data = file_get_contents($image['tmp_name']);


INSERT
  t
INSERT
$insert_image_sql = "INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('{$image_filename}', '{$image_mime_type}', " .
"'{$image_size}', '{$image_data}');";
mysql_query($insert_image_sql);

9.

301

! , -
.
MySQL. ,
- .



  

 1)1.Z42-
 



, , , - -
PHP. . 4 5 PHP
,
getimagesize, mysql_real_escape_string,
.

 mysql_real_escape_string
  
$image_data mysql_real_escape_string
mysql_queryINSERT
 .Z42-
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{mysql_real_escape_string($first_name)}', " .
"'{mysql_real_escape_string($last_name)}', " .
"'{mysql_real_escape_string($email)}', " .
"'{mysql_real_escape_string($bio)}', " .
"'{mysql_real_escape_string($facebook_url)}', " .
"'{mysql_real_escape_string($twitter_handle)}');";
//
mysql_query($insert_sql);
// images
$image = $_FILES[$image_fieldname];
$image_filename = $image['name'];
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];

302

3. - -

$image_data = file_get_contents($image['tmp_name']);
$insert_image_sql = "INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('{mysql_real_escape_string($image_filename)}', ".
"'{mysql_real_escape_string($image_mime_type)}', " .
"'{ mysql_real_escape_string($image_size)}', " .
"'{mysql_real_escape_string($image_data)}');";
mysql_query($insert_image_sql);

$image_size ,
mysql_real_escape_string. ,
,
.
.
, . ,
PHP ,
, ,
.



  
  "{$variable}"
 $variable
1)1

mysql_real_escape_string

 mysql_real_escape_string

// images
$image = $_FILES[$image_fieldname];
$image_filename = mysql_real_escape_string($image['name']);
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = mysql_real_escape_string($image_info['mime']);
// . ...

 

.Z42-$image_filename
 
 .Z42 t
mysql_real_escape_string

9.

303

42-INSERT
.*.&  
 
.Z42-
 
 42- 
1)1
sprintf  
         
sprintf 
 
mysql_query
 
 
  
 










%s
$hello = sprintf("Hello there, %s %s", $first_name, $last_name);
echo $hello;

 $first_name
+PIO $last_name
t
8BZOF

Hello there, John Wayne

sprintf%s 
 $first_name
%s  
$last_name 
$hello
sprintf
sprintf

$hello = sprintf("Hello there, %s", $first_name . ' ' . $last_name);
echo $hello;

sprintf 
mysql_real_escape_string
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),

304

3. - -

mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);


   

images
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);

 %dsprintf
  
 INSERT
 

sprintf
PHP- sprintf
, ,
mysql_real_escape_string
. ,
: sprintf
.
,


. ,
(, , ,
- ), ,
, , SQL-.
sprintf . - SQL-, .

9.

305

create_user.php 
 
create_user.php
show_user.php
 
 images

mysql> SELECT image_id, filename FROM images;
+----------+----------------------------+
| image_id | filename
|
+----------+----------------------------+
|
4 | 220px-William_Shatner.jpeg |
+----------+----------------------------+
1 row in set (0.00 sec)

SELECT * 
.Z42-
.Z42-


 

1IQ.Z"ENJO 
1IQ.Z"ENJO 

 
images 
1IQ.Z"ENJO

1IQ.Z"ENJO

1IQ.Z"ENJO
1IQ.Z"ENJO

#-0#
  
  



. 9.1. PhpMyAdmin

ID

 
 

306

3. - -

. 9.2. -

 


 
create_
user.php
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .

9.

307

"file_size, image_data) " .


"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());

  mysql_insert_id
*% INSERT 
INSERT users  INSERT
images  show_user.php 
*% 

// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
$user_id = mysql_insert_id();
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . $user_id);
exit();

308

3. - -

 
 show_user.php 
 


. 9.3.

  


 
 
 INSERT
  



t users images 

 show_user.php 
imagesusers

*%users user_id

images image_id



9.

309

 
    
  
 

  s

 
users image_id


mysql> ALTER TABLE users
->
ADD profile_pic_id int;
Query OK, 6 rows affected (0.11 sec)
Records: 6 Duplicates: 0 Warnings: 0


, . ALTER -
. -
. .
, .
, , , ,
. ,
, .
PHP MySQL
. ,
.


profile_pic_id , .
,
images.
,
, ,
FOREIGN KEY .
, profile_pic_id ID, image_id images. MySQL .
MySQL ,
MySQL InnoDB.
, - InnoDB.
, MySQL ,

310

3. - -

. InnoDB
, :
ALTER TABLE [table-name]
ENGINE = InnoDB;

Google MySQL foreign keys, .


, InnoDB, .
[----]_id. ,
, users images, , image
images _id. image_id.
users profile_pic_id?
images . ,
. ,
, , ,
.
image_id users
. , , , , , . ,
profile_pic_id users, , , company_logo_id companies, , ? profile_pic_id,
, ( pic - ) (
profile ).


 
images *%
 profile_pic_id users
usersimages
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),

9.

311

mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
$user_id = mysql_insert_id();
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . $user_id);
exit();

*% mysql_insert_id 
*% 
*% 
 
 mysql_insert_id 
profile_pic_idusers 


 INSERTusers
 INSERTimages
 UPDATE*%users



 
 


.Z42-
 INSERTimages 
*%

 INSERT users
*% 
INSERT

312

3. - -

 .Z42-
 
 

INSERT
//
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . $user_id);
exit();

- .
mysql_query, ,
, , .
. , users
, mysql_insert_id.

*%INSERT 
 INSERT 
 users 
mysql_insert_id*% 

9.

313

images INSERT
users
//
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, " .
"profile_pic_id) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s', %d);",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_insert_id());
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();

, , ID , prole_pic_id,
, , sprintf %d
.

create_user.php

<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";

314

3. - -

$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//

9.

$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
// images
$image = $_FILES[$image_fieldname];
$image_filename = $image['name'];
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];
$image_data = file_get_contents($image['tmp_name']);
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, " .
"profile_pic_id) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s', %d);",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_insert_id());
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>

315

316

3. - -


*%
images
mysql> select image_id from images;
+----------+
| image_id |
+----------+
|
4 |
|
5 |
|
6 |
+----------+
3 rows in set (0.00 sec)

 *% 


users
mysql> select user_id, first_name, last_name, profile_pic_id from users;
+---------+------------+-----------+----------------+
| user_id | first_name | last_name | profile_pic_id |
+---------+------------+-----------+----------------+
|
1 | C. J.
| Wilson
|
NULL |
|
5 | Peter
| Gabriel
|
NULL |
|
7 | Bob
| Jones
|
NULL |
|
22 | James
| Roday
|
NULL |
|
30 | William
| Shatner
|
6 |
+---------+------------+-----------+----------------+
7 rows in set (0.01 sec)

  *%


users


WHERE
  *%


$select_query = sprintf("SELECT * FROM users WHERE user_id = %d",
$user_id);

 sprintf show_user.php
show_user.php
 profile_
pic_id        

if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];

9.

$bio
$email
$facebook_url
$twitter_handle
$profile_pic_id

=
=
=
=
=

317

preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);


$row['email'];
$row['facebook_url'];
$row['twitter_handle'];
$row['profile_pic_id'];

$image_query = sprintf("SELECT * FROM images WHERE image_id = %d",


$profile_pic_id);
$image_result = mysql_query($image_query);
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
}

show_user.php ,
, -
.

  

tprofile_pic_idusersimage_idimages



WHERE
  users
 images  profile_pic_id
image_id
SELECT first_name, last_name, filename
FROM users, images
WHERE profile_pic_id = image_id;

.Z42-

mysql> SELECT first_name, last_name, filename
->
FROM users, images
-> WHERE profile_pic_id = image_id;
+------------+-----------+----------------------------+
| first_name | last_name | filename
|
+------------+-----------+----------------------------+
| William
| Shatner
| 220px-William_Shatner.jpeg |
+------------+-----------+----------------------------+
1 row in set (0.02 sec)

William Shatner,
.

318

3. - -





( )
 

SELECT first_name, last_name, filename
FROM users, images
WHERE profile_pic_id = image_id;

 first_namelast_nameusers
  
 filename  
 filenameimages

profile_pic_idimage_id 

 

SELECT users.first_name, users.last_name, images.filename
FROM users, images
WHERE users.profile_pic_id = images.image_id;

 
 
       
 
42-
42-

 


SELECT u.first_name, u.last_name, i.filename
FROM users u, images i
WHERE u.profile_pic_id = i.image_id;

 
 







9.

319

  


 
  



 
show_user.php
 

show_image.php
 

<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
?>


 

 *%
 SELECTimages *%
 SELECT
  
  
  
 
   
 
 

  *%
  *%images
  


320

3. - -




ID
*%
*%


*% 
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
if (!isset($_REQUEST['image_id'])) {
handle_error(" .");
}
$image_id = $_REQUEST['image_id'];
?>

 show_
user.phphandle_error


SELECT-
42-
42-

sprintf tmysql_query
<?php
// require
// ID
// SELECT
$select_query = sprintf("SELECT * FROM images WHERE image_id = %d",
$image_id);
//
$result = mysql_query($select_query);
?>

 

,

$result
 


9.

321

if ($return_rows) {
// ,
echo "<p>, :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
// . , .
echo "<p> :</p>";
echo "<p>{$query_text}</p>";
}

5. ,
.

if 
if ($result) {
$row = mysql_fetch_array($result);
//
} else {
handle_error(" " .
" .",
" ID {$user_id}");
}

  $result


 true 
  42-
42-


 show_image.php

if
<?php
// require
// ID
//
if (mysql_num_rows($result) == 0) {
handle_error(" .",
" ID" . $image_id . ".");
}
$image = mysql_fetch_array($result);
?>

322

3. - -

 
 




.
. , , ,
. , ,
.
,
.
( if-), , , . -
. ,
-
.
show_
user.php:
if ($result) {
$row = mysql_fetch_array($result);
//
} else {
handle_error(
" " .
" .",
" ID
{$user_id}");
}

, . ?
- . , .
, . ?
?
, , , , . , ,
. ,
, , . ,
.
show_image.php,
, ,
. .

9.

323


  
   
)5.- 
)5.- 



 
.*.&text/htmltext/xml 
image/jpeg image/
gifimage/png
  

 

 
 
header("Location: " . SITE_ROOT . "scripts/show_error.php?" .
error_message={$user_error_message}&" .
system_error_message={$system_error_message}");

 
 Location 
63-   Location
63- 
header1)1 
1)1 
 

 


 Content-typet .*.&

 Content-lengtht 


images mime_typefile_size
  
show_image.php
<?php
//
//
//
//

require
ID

header('Content-type: ' . $image['mime_type']);


header('Content-length: ' . $image['file_size']);
?>

324

3. - -

 
image/jpegtimage/gif
 




 
<?php
//
//
//
//
//

require
ID


echo $image['image_data'];
?>

 
 images
 

 




 *%
 SELECTimages*%
 SELECT
  
  
  
 
         


 *%
 *%images
  


9.

325


    
Content-type 
 Content-length  
 
 
  


  
 

 
         
handle_error
1)1trycatch
 try trycatch  

 catch trycatch
try
 catch
 catchException
   
  handle_error
show_image.php  
 try
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
if (!isset($_REQUEST['image_id'])) {
handle_error(" .");
}
$image_id = $_REQUEST['image_id'];
// SELECT
$select_query = sprintf("SELECT * FROM images WHERE image_id = %d",
$image_id);
//
$result = mysql_query($select_query);
if (mysql_num_rows($result) == 0) {

326

3. - -

handle_error(" .",
" ID " . $image_id . ".");

$image = mysql_fetch_array($result);
header('Content-type: ' . $image['mime_type']);
header('Content-length: ' . $image['file_size']);
echo $image['image_data'];

}
?>

 1)1
Exception
 
catch
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
// ,
} catch (Exception exc) {
}
?>

 
 catch Exception exc
  


exc $, PHP $
. PHP ,
, exc , ,
.

 catch
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
// ,
} catch (Exception exc) {
handle_error(" .",
" : " . $exc->getMessage());
}
?>

9.

327

  
-> 
handle_error handle_error
  

excgetMessage1)1 
->

, .
, ,
.

 
1)1try
show_image.php
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
if (!isset($_REQUEST['image_id'])) {
handle_error(" .");
}
$image_id = $_REQUEST['image_id'];
// SELECT
$select_query = sprintf("SELECT * FROM images WHERE image_id = %d",
$image_id);
//
$result = mysql_query($select_query);
if (mysql_num_rows($result) == 0) {
handle_error(" .",
" ID " . $image_id . ".");
}
$image = mysql_fetch_array($result);
header('Content-type: ' . $image['mime_type']);
header('Content-length: ' . $image['file_size']);
echo $image['image_data'];
} catch (Exception $exc) {
handle_error(" .",
" : " . $exc->getMessage());
}
?>

328

3. - -

  


,
.Z42-
*%
mysql> select image_id, filename from images;
+----------+----------------------------+
| image_id | filename
|
+----------+----------------------------+
|
6 | 220px-William_Shatner.jpeg |
+----------+----------------------------+
1 row in set (0.03 sec)

63-show_image.php
&OUFS    
 *%

. 9.4. ID

63-show_image.php?image_id=6
 

 

9.

329

. 9.5.









,

     show_user.php     
show_image.php 
  
  
 
  show_user.php


 t42- 
imagesusers
SELECT u.first_name, u.last_name, i.filename
FROM users u, images i
WHERE u.profile_pic_id = i.image_id;

330

3. - -

     show_


image.php t*% users
profile_pic_idusersimages
42-
*%
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
// ID
// SELECT
//
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
$image_id
= $row['profile_pic_id'];
// $twitter_handle URL
} else {
handle_error(" .",
" ID {$user_id}");
}
?>
<!-- HTML -->

, URL ,
users .


(src)
 
   

)5.-img
<img src="/images/roday.jpg" />

img 
src 

9.

331

t
JNBHFTSPEBZKQH
  roday.jpg
 roday.jpg63- 
  
 
src  
   


<img src="show_image.php?image_id=6" />

show_image.php*% 
*% 
 
 
img
)5.- 

<?php
// PHP-
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="show_image.php?image_id=<?php echo $image_id; ?>"
class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<!-- -->
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

332

3. - -

srcimg*%
show_user.php 

<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
// ID
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = sprintf("SELECT * FROM users WHERE user_id = %d",
$user_id);
//
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
$image_id
= $row['profile_pic_id'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
} else {
handle_error(" .",
" ID {$user_id}");
}
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>

9.

<p><img src="show_image.php?image_id=<?php echo $image_id; ?>"


class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"><?php echo $email; ?></a></li>
<li>...
<a href="<?php echo $facebook_url; ?>">
Facebook </a></li>
<li>... <a href="<?php echo $twitter_url; ?>">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>



. 9.6.

333

334

3. - -

  


 


-
?
, , , ,
Google. , 20 30
PHP, , .
, !
PHP,
, ? ,
,
.
-, , , . , ,
, , , , , .
, , , , .
, ,
, . ,
,
.
-, -
, . ,
, . , JPG, GIF, , , HTML,
.
,
? , -
, , .
,
.

9.

335

, ?

  

 
  
1)1

 
  
 
  

  
 
 
 
 
 

 
c
   
 
 
 


,
...
  
 
  
SELECT
images
 image_data
 
 


 
  

336

3. - -

   




?
,
, . (, ,
!) , ,
. ?
-, .
, -
- ,
.
-, profile_pic_id
users. SQL, :
ALTER TABLE users
DROP COLUMN profile_pic_id;

images:
DROP TABLE images;

. .

10

 
 
1)1.Z42- 
 
1)1 
 



  
 
 

.Z42-    
 

.Z42-

 




 
 'BDFCPPL 5XJUUFS
(PPHMF  

42- 
1)1.Z42-)5.- 
.Z42-)5.- 
.Z42-)5.- 
)5.- 
)5.- 


tDELETEWHERE

338

3. - -

 

 

.Z42- 
 


,
  
 
 
 )5.- 
 1IPUPTIPQ
 

 
 
 
 
 

  
 
  



,
-
 
show_user.php 
 
 
   
  
  
 

 

10. ,

339



 

 
 
 
 

 


. 10.1.

)5.- 
)5.- 
 
1)1
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>

340

3. - -

<li>
<a href="show_user.php?user_id=30"> </a>
(<a href="mailto:bill@williamshatner.com">bill@williamshatner.com</a>)
<a href="delete_user.php?user_id=30">
<img class="delete_user" src="../images/delete.png" width="15" />
</a>
</li>
<li>
<a href="show_user.php?user_id=22"> </a>
(<a href="mailto:james@roday.net">james@roday.net</a>)
<a href="delete_user.php?user_id=22">
<img class="delete_user" src="../images/delete.png" width="15" />
</a>
</li>
<li>
<a href="show_user.php?user_id=1">. . </a>
(<a href="mailto:cj@texasrangers.com">cj@texasrangers.com</a>)
<a href="delete_user.php?user_id=1">
<img class="delete_user" src="../images/delete.png" width="15" />
</a>
</li>
</ul>
</div>
<div id="footer"></div>
</body>
</html>


  
  
  
 



 1IPUPTIPQ
1IPUPTIPQ

 )5.-
$44 1IPUPTIPQ 

 
  
  
 

 
 

10. ,

341

  

J1BEJ1IPOF 
 

        
  
  
 



  

  

  



 


  


 
 
 
  


, ,
,
, . .
.



 
 42-
 
  
SELECT *
FROM users;

342

3. - -

 
 
1)1.Z42-


SELECT (
)
SELECT * 
  
  users 
 
SELECT *
mysql> describe users;
+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
|
| PRI | NULL
| auto_increment |
| first_name
| varchar(20) |
|
|
|
|
| last_name
| varchar(30) |
|
|
|
|
| email
| varchar(50) |
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | varchar(200) | YES |
| NULL
|
|
| profile_pic_id | int(11)
| YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
9 rows in set (0.10 sec)

, ,
user_pic_path prole_pic_id. ,
,
images, .
:
ALTER TABLE users
DROP COLUMN prole_pic_id;

 
first_name last_nameuser_idshow_user.php email
 SELECT *
facebook_url twitter_handle biouser_pic_path
 


10. ,

343

users
 
 
   
  
*  
bio
users 

 
SELECT user_id, first_name, last_name, email
FROM users;

SELECT

, ?
. , user_pic_path
users . , ,
SELECT?
, SELECT, , . ,
, ,
- ? , .
,
.
, , ,
. , , . , . ,
-
. .
SELECT * , , .
, , , .
SELECT. .
.

344

3. - -

: -

. , ( )
.
,
, .
, .
, , ,
,
.



SELECT
 
   admin.
php 

 create_user.phpt
 show_user.phpt
 app_config.phpt
 database_connection.phpt

 
         
    create_user.php
   
show_user.php
 admin.php 
 
 
admin.php
 

 
  
show_users.php
  show_users.php
 

10. ,

345

<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
//
$result = mysql_query($select_users);
?>

SELECT , sprintf.
.

)5.- 

<?php
//
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>
<!-- <li>- -->
</ul>
</div>
<div id="footer"></div>
</body>
</html>

 
1)1)5.-
 
 show_users.php

346

3. - -

 


. 10.2. ,
SELECT


 <li>
)5.- sprintf
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='delete_user.php?user_id=%d'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
//
);

sprintf
. sprintf,
,
.
.

 

<li><a href='show_user.php?user_id=1'>.. </a>
(<a href='mailto:cj@texasrangers.com'>cj@texasrangers.com</a>)

10. ,

347

<a href='delete_user.php?user_id=1'><img class='delete_user'


src='../images/delete.png' width='15' /></a></li>


  
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}

  

while ($row = mysql_fetch_row($result)) {
echo "<li>{$row['col_name']}</li>";
}

 $row 
col_name
 users 
 )5.- 
<?php
//
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='delete_user.php?user_id=%d'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
</ul>
</div>
<div id="footer"></div>
</body>
</html>

348

3. - -

HTML , : delete_user.php. ,
. ,
.

sprintf

 )5.- 
)5.- 

 


HTML

- .
PHP, , ,
echo . , PHP- , -
PHP- . , , PHP- HTML,
.
show_users.php. PHP-,
HTML... - PHP,
HTML.
, , , HTML,
PHP, ,
, . , , HTML PHP.
, PHP:
.
, (, - )
, . -
HTML PHP . .

PHP , .
  
show_users.php   
 
 

  show_user.php 
 


10. ,

349

. 10.3.

. 10.4. show_user.php,

   
  
1)1 

350

3. - -

 
1)1 )5.-
)5.-
)5.-

 8PSEQSFTT1)1


 
 
   
 
 
 




 

DELETE FROM users;

 
WHERE
DELETE FROM users
WHERE user_id = [id__];

user_id
 
show_users.php
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='delete_user.php?user_id=%d'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>

10. ,

351

)5.- 

<a href='delete_user.php?user_id=22'>...</a>

  
user_idshow_user.php
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());

create_user.php.
, .

 user_id 
 show_users.php 
 SELECT 




 delete_user.php 

<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
//
$user_id = $_REQUEST['user_id'];
// DELETE
$delete_query = sprintf("DELETE FROM users WHERE user_id = %d",
$user_id);
//
mysql_query($delete_query);
// show_users
// ( )
header("Location: show_users.php");
exit();
?>

352

3. - -


, . app_config.php. ,
- ,
.
,
, , :
! ,
, , . ? .
, . ,
. , , , ,
, , , .
, , , , ,
emacs vi ,
- . .
? ,
, .
, .
$insert_sql, $insert_query.
, PHP , . ,
.
(, )
.
, . , .
,
.
.
(. 10.5)
(. 10.6) , ,
, .
.
. , ,
.

10. ,

353

. 10.5. ,
,

. 10.6.
,
( Terminal Mac)

!
. .

354

3. - -

show_users.php

  
  


. 10.7.




   delete_user.php 
show_users.php

 
 

 


   
 

 


10. ,

355

 

delete_user.php
show_users.php

JavaScript
  
  
1)1 
 1)1 
)5.- 
)5.- 
 
 0,
 

"KBY 

 +BWB4DSJQU
+BWB4DSJQU

 

 show_users.php
+BWB4DSJQU
<?php
// SELECT
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
</script>
</head>
<body>
<!-- HTML -->
</body>
</html>

 
 
 delete_user.php 

356

3. - -

  user_id


 delete_user.php+BWB4DSJQU
window.location

, JavaScript.
- ,
, JavaScript, .

, ?
, , , . .
, , , ,
. (, , - ?)
? :
<head>
<link href="../css/phpMM.css"
rel="stylesheet" type="text/css"
/>
<script type="text/javascript">
function delete_user(user_id) {
//
}
</script>
</head>

, , JavaScript
head- .
.
1. JavaScript-.
2. JavaScript-.
3. , JavaScript
!
4. , JavaScript, .
, . , XXXBNB[PODPN, XXXHPPHMFDPN XXXBQQMFDPN.
- <script>- head-
!

10. ,

357

, , , Apple, Amazon Google?


, . , ,
JavaScript. , .
,
jQuery ( )
,
. ,
CSS-,
app_config.php database_connection.php.
JavaScript- delete_user
! , , , . ,
, ,
!
JavaScript head-
, . ,
JavaScript- p-
td-. JavaScript . ,
.


+BWB4DSJQU
 delete_user.php 
+BWB4DSJQU
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>

358

3. - -

 
  
 

. 10.8.





 
 
 

SELECT  delete_user.php
  
show_users.php

 
  
  

10. ,

359

        

 
show_users.php
 
 delete_user.php
  
  
 show_users.php 

 




  
delete_user.php

show_users.php 

   

delete_user.php
header("Location: show_users.php");

1)1)551
1)1)551
)551
)551

Location
)551
63- 
 header
1)1
1)1

echo )5.- 
  
header 
 header  
   
 Location exit() 

   delete_user.php 
1)1 

360

3. - -

  
show_users.php 
show_users.php


-- ( - )
-.
MVC, Model-View-Controller (--).
: , . MVC,
.
, . , , .
delete_user.php MySQL .
MVC- PHP-, User.php, ,
delete() remove(). :
User user_to_delete =
User.find_by_id($user_id);
user_to_delete.delete();

, MVC , . , ,

.
, .
show_user.php show_users.php . HTML . ,
, , .
MVC- .
.
, , . delete_user.php. , ,
, , , show_users.php.
-, PHP,
MVC-. , PHP, MVC-,
. ,
, delete_user.php ( ), show_users.php ().

10. ,

361

delete_user.php (
). show_users.php

, , ,
.
PHP MVC-, ? . -,
MVC,
- MVC , ,
. -,
, ,
, .
delete_user.php, , .
, , show_users.php, .
 delete_user.php 
  


 success_message
// show_users,
// ( )
$msg = " .";
header("Location: show_users.php?success_message={$msg}");

, error_message,
.

 
show_users.php 
show_users.php  
 show_users.
phpsuccess_message 
 

  
delete_user.php63-  
63-  
 
 

 

362

3. - -

. 10.9.

,
JavaScript
show_users.php 


. show_users.php
, .
( - ) .

  
+BWB4DSJQU
   


, JavaScript
+BWB4DSJQU 
show_users.php+BWB4DSJQU
 
 
window.location.href 63-

function get_request_param_value(param_name) {
param_name = param_name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexS = "[\\?&]" + param_name + "=([^&#]*)";
var regex = new RegExp(regexS);

10. ,

363

var results = regex.exec(unescape(window.location.href));


if (results == null)
return "";
else
return results[1];

.
, JavaScript.
, ,
, .
, ,
PHP, JavaScript.

 
success_message +BWB4DSJQU

msg = get_request_param_value("success_message");
if (msg.length > 0) {
//
}


get_request_param_value 

msg = get_request_param_value("success_message")
if (msg.length > 0) {
alert(msg);
}

 
headshow_users.phpscript 
 

. 10.10.

364

3. - -

. 10.10 , alert. ,
, alert
, . window.onload,
onload, body, jQuery
,
.

 
 

PHP
 +BWB4DSJQU 
   
  )5.- 
$44+BWB4DSJQU 
+BWB4DSJQU  success_message
63- 

  show_users.php 
         )5.-
+BWB4DSJQU   
    

show_users.php 
$msg = $_REQUEST['success_message'];

+BWB4DSJQU
function get_request_param_value(param_name) {
param_name = param_name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexS = "[\\?&]" + param_name + "=([^&#]*)";
var regex = new RegExp(regexS);
var results = regex.exec(unescape(window.location.href));
if (results == null)
return "";
else
return results[1];
}



, , get_request_param_value
JavaScript PHP,
.

 
 


10. ,

365

1)1
// ,
if (isset($_REQUEST['success_message'])) {
$msg = $_REQUEST['success_message'];
}


 

+BWB4DSJQU)5.-
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
<?php if (isset($msg)) { ?>
window.onload = function() {
alert("<?php echo $msg ?>");
}
<?php } ?>
</script>

  show_

users.php
<?php

require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
//
$result = mysql_query($select_users);
// ,
if (isset($_REQUEST['success_message'])) {
$msg = $_REQUEST['success_message'];
}
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {

366

3. - -

window.location = "delete_user.php?user_id=" + user_id;

<?php if (isset($msg)) { ?>


window.onload = function() {
alert("<?php echo $msg ?>");
}
<?php } ?>
</script>
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
</ul>
</div>
<div id="footer"></div>
</body>
</html>

, show_user.php
show_users.php, app_cong.php. , -
, -,
,
. ,
, .

 
1)1
1)1

1)1 
1)1 

   


63- ZFMMPXUBHNFEJBDPNQIQ..
DITIPX@VTFSTQIQ TVDDFTT@NFTTBHF 

10. ,

367

 
show_users.php 63-



. 10.11.

  
 
 
 

63-  )5.-

. 10.12.

368

3. - -

show_users.php63-
 
+BWB4DSJQU)5.- show_users.php
 window.onload


. 10.13.

 
63- 
63-

63-



63- 
  
  


alert
 
0,
  


 
  
t



10. ,

369

, UX ( user
experience, ) UI (user interface, ).
, UX
, UI.
: .
, , ,
- -.

 
K2VFSZ 
  
 

 



jQuery, jQuery
- www.jqueryui.com/demos/dialog. ,
Modal-. jQuery UI 10 ,
5 ,
jQuery.

   
  
0,  
 
  

 

 


   
 
  
handle_error  
  


?
11, ? .

370

3. - -

 

  
+BWB4DSJQU 

 
 
<body>
<?php display_messages($_REQUEST); ?>
<!-- , HTML- -->
</body>

 
 
  


. 10.14. ,
- -

)5.-

<div id="messages">
<div class="success">

10. ,

371

<p> </p>
</div>
</div>

 


. 10.15.

, , create_user.html.
c HTML , ,
. ,
. , ,
.

)5.-
 
classdiv
<div id="messages">
<div class="error">
<p> </p>
</div>
</div>

372

3. - -



 
delete_user.php
 show_users.php  


<div id="messages">
<div class="success">
<p>$msg</p>
</div>
</div>

  1)1

<div id="messages">
<div class="success">
<p><?php echo $msg; ?></p>
</div>
</div>



function display_success_message($msg) {
echo "<div id='messages'>\n";
echo " <div class='success'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
echo "</div>\n\n";
}

sprintf? , \n?
, display_success_message ,
.
sprintf. echo ( echo sprintf). HTML, PHP <?php ?>.
.
\n. ,
. :
<div id='messages'> <div class='success'>
<p>{$msg}</p> </div></div>

10. ,

373

HTML. . HTML .
HTML:
<div id='messages'>
<div class='success'>
<p>{$msg}</p>
</div>
</div>

, \n? - . ?
. . ? echo, sprintf ?
PHP- , - , . sprintf
. echo
sprintf . , , , .
\n . , HTML- ,
. ,
, , . ( - ,
, .)
 

function display_error_message($msg) {
echo "<div id='messages'>\n";
echo " <div class=error>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
echo "</div>\n\n";
}

 div messages


         

       

function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
display_success_message($success_msg);

374

3. - -

display_error_message($error_msg);
echo "</div>\n\n";
}
function display_success_message($msg) {
echo " <div class='success'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
function display_error_message($msg) {
echo " <div class='error'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}

 
 

 
 

function display_success_message($msg) {
echo " <div class='success'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
function display_error_message($msg) {
echo " <div class='error'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}

  t


classdiv
 

function display_message($msg, $msg_type) {
echo " <div class='{#msg_type}'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}

10. ,

375

  
 %3:

define("SUCCESS_MESSAGE", "success");
define("ERROR_MESSAGE", "error");
function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
display_message($success_msg, SUCCESS_MESSAGE);
display_message($error_msg, ERROR_MESSAGE);
echo "</div>\n\n";
}
function display_message($msg, $msg_type) {
echo " <div class='{#msg_type}'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}

DRY-
, , DRY- , (Drying up your code,
). DRY, Dont Repeat Yourself, : .
. 4, , ,
app_config.php?
( ) . ,
.
database_connection.php.

.
DRY-: DRY- , .
display_success_message display_error_message,
.
, ?
, . ,
, .
, DRY-
, .

376

3. - -

 
&3303 FSSPS FSSPST


view.php
require_onceapp_config.php
<?php
require_once 'app_config.php';
define("SUCCESS_MESSAGE", "success");
define("ERROR_MESSAGE", "error");
function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
display_message($success_msg, SUCCESS_MESSAGE);
display_message($error_msg, ERROR_MESSAGE);
echo "</div>\n\n";
}
function display_message($msg, $msg_type) {
echo " <div class='{$msg_type}'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
?>

app_cong.php view.php . ,
, ,
, . ,
require_once , .

View Display

tview.php
 TDSJQUT      app_config.php  database_
connection.php 

display_messagesdisplay_message app_config.php 

 
 
 show_users.php 
   view.
php 

10. ,

377

 delete_user.php  
view.php

, database_connection.php.
, require_once database_connection.php .
- , . ,
.

,

  show_
users.php 
view.php
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
<?php if (isset($msg)) { ?>
window.onload = function() {
alert("<?php echo $msg ?>");
}
<?php } ?>
</script>
</head>

View
 
 require_once 

<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// . ...
?>

378

3. - -

. , . ?
? , !
, show_users.php PHP-,
head- HTML- .

display_messages)5.-
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<?php display_messages($msg); ?>

display_messages

 
 display_messages 

 
)5.- )5.-
 
 
 )5.-
+BWB4DSJQU 
+BWB4DSJQU 

show_users.php
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
</script>
</head>

body  




  

view.php


 
view.php
  display_messages
 

10. ,

379

 div 
 
   display_header

head)5.-
+BWB4DSJQU head 
 
+BWB4DSJQU
  display_title

  
 

 



display_messages
 view.php   display_messages
1)1
 NULL 


NULL , .
Ruby nil. Java null. PHP NULL, C++.
: .

  NULL      
1)1

if ($value == NULL) // -


is_nullis_null 1)1 

 display_messages
 NULL
 display_message

function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
if (!is_null($success_msg)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}

380

3. - -


  show_users.php  
 $error_msg  $success_msg 
 display_messages
 


function do_something(this_value = "default value") {
// - this_value
}

display_messagesNULL

function display_messages($success_msg = NULL, $error_msg = NULL) {
echo "<div id='messages'>\n";
if (!is_null($success_msg)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}

 display_messages
 view.php


heredoc
 )5.-
)5.-

 html  title  head
+BWB4DSJQU 
view.php  
  
 
+BWB4DSJQUhead  

function display_head($page_title = "", $embedded_javascript = NULL) {

$page_title
 
   
)5.-
echo
+BWB4DSJQU
function display_head($page_title = "", $embedded_javascript = NULL) {
echo "<html>";

10. ,

381

echo " <head>";


echo " <title>{$page_title}</title>";
echo ' <link href="../css/phpMM.css" rel="stylesheet" type="text/css" />';
if (!is_null($embedded_javascript)) {
echo "<script type='text/javascript'>" .
$embedded_javascript .
"</script>";
}
echo " </head>";

  link
)5.- href 
reltype  
 \"\'
 

 
  
 
1)1
1)1 
 IFSFEPD 

IFSFEPD 
 
  

IFSFEPD 
 

$some_text = <<<EOD

  
EOD

. -
EOD EOT, ,
.

 
  
{$var_name}
<html>
<head>
<title>{$page_title}</title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>

382

3. - -

 
EOD;

 
$some_text = <<<EOD
<html>
<head>
<title>{$page_title}</title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
EOD;

.
, .
.
,
.
unex-
pected T_SL. , , PHP
, :
.

  display_head



function display_head($page_title = "", $embedded_javascript = NULL) {
echo <<<EOD
<html>
<head>
<title>{$page_title}</title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
EOD;
if (!is_null($embedded_javascript)) {
echo "<script type='text/javascript'>" .
$embedded_javascript .
"</script>";
}
echo " </head>";
}

   display_head
 IFSFEPD
IFSFEPD

 
echo 
IFSFEPD +BWB4DSJQU
 

10. ,

383

()
display_head

 show_users.php 
show_user.php
)5.-)5.- 
)5.-)5.- 
)5.- 
)5.- 

  display_head
 
IFSFEPD show_users.php 
+BWB4DSJQU
<?php
//
?>
<?php
$delete_user_script = <<<EOD
function delete_user(user_id) {
if (confirm(" , ?" +
" !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
EOD;
display_head("", $delete_user_script);
?>


<!-- HTML- -->
</html>

PHP, , <?php/?> (
, display_head). .
, , , ,
<?php. .

IFSFEPD 
+BWB4DSJQU display_head 
 IFSFEPD
 sprintf
)5.-
)5.-



show_users.php
 
  
  

384

3. - -

. 10.16. show_users.php

view.php )5.-
 

display_head


View
 display_
messages )5.- 
 display_head)5.-
+BWB4DSJQU 
+BWB4DSJQU 

)5.-  

)5.-  

 

 
 
<html>
<head>
<title></title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type='text/javascript'>function delete_user(user_id) {
if (confirm(" , ?" +
" !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}</script>

10. ,

385

</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id='messages'>
<div class='success'>
<p> .</p>
</div>
</div>
<div id="content">
<!-- HTML- -->
</div>
</body>
</html>

 view.php display_


title
function display_title($title, $success_msg = NULL, $error_msg = NULL) {
echo <<<EOD
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
EOD;
display_messages($success_msg, $error_msg); ?>
}

    show_users.php

display_title("", $msg);

 
 $_REQUEST
  
 
NULL
display_title("",
$_REQUEST['success_message'], $_REQUEST['error_message']);

show_users.php , success_message
$_REQUEST,
display_title.

display_headdisplay_title
 display_head
display_title


386

3. - -

$_REQUEST display_title?
,
$_REQUEST display_title. display_title
$_REQUEST['success_message'] $_REQUEST['error_message']. .
,
, , ,
.
, (
view.php, HTML) . ,
,
.
, MVC- PHP .
,
.
view.php
$_REQUEST.


 t display_
title       body 
)5.-  

 )5.-display_title
)5.-display_head
  display_head   
 display_title

)5.-)5.-display_head
  

<?php
// -
?>
<?php display_head($title, $javascript);
<?php display_title($title,

?>

10. ,

387

$_REQUEST['success_message'], $_REQUEST['error_message']);

?>

<!-- HTML -->


</html>

  


<?php
// -
?>
<?php page_start($title, $javascript,
$_REQUEST['success_message'], $_REQUEST['error_message']) ?>
<!-- HTML -->
</html>

 
$title
)5.-
 display_title  display_head display_
messages 

function page_start($title, $javascript = NULL,
$success_message = NULL, $error_message = NULL) {

display_head($title, $javascript);
display_title($title, $success_message, $error_message);

view.php , -
.






 display_head 
display_title


. 380 PHP
.

388

3. - -


show_users.php

 IFSFEPD 
IFSFEPD 


<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
//
$result = mysql_query($select_users);
//
$delete_user_script = <<<EOD
function delete_user(user_id) {
if (confirm(" , ?" +
" !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
EOD;
page_start("Current Users", $delete_user_script,
$_REQUEST['success_message'], $_REQUEST['error_message']);
?>
<div id="content">
<ul>
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
</ul>
</div>
<div id="footer"></div>
</body>
</html>

10. ,

389

         

 page_start
 view.php 
page_end div
footer 
 
 c



-

.
HTML view.php, database_
connection.php, . ,
,
require_once. : -
, .
,
. .
, . , 20 30
?
, .
,
.
, . :
display_page($title, $javascript, $content);

:
display_head($title, $javascript);
display_messages($msg);
display_content($content);
display_footer();

,
. ,
, .

390

3. - -

- , , .
, display_page,
? display_head,
display_messages, display_content, ...
? , .
,
- .
,
,
.
. , , ,
.





$PPLJF 



11


  

   

 
 
 
 
 

, , delete_user.php admin.php.

   
  

 delete_user.php

 create_user.html 


 show_users.php  
 

 


  
 
 


11.

393

  

   



  
create_user.html 

  


  

 

 

 

 
  
 
 


 


 




. , ,
. ,
, , , .

 

 :PV5VCF(PPHMF 
  5XJUUFS'BDFCPPL
5XJUUFS'BDFCPPL
'BDFCPPL
'BDFCPPL

  



 
 


394

4.


 
create_user.html


HTTP-
 )551 
)551 

 )551


function handle_error($user_error_message, $system_error_message) {
header("Location: " . get_web_path(SITE_ROOT) .
"scripts/show_error.php" .
"?error_message={$user_error_message}" .
"&system_error_message={$system_error_message}");
}

handle_error scripts/app_cong.php.

 )551 Location



Content-typeContent-length
header('Content-type: ' . $image['mime_type']);
header('Content-length: ' . $image['file_size']);

show_image.php 9,
, .

)551
)551

Content-typeLocation

HTTP/1.1 401 Unauthorized

  
t 
  
   
)551

HTTP www.w3.org/Protocols/rfc2616/rfc2616-
sec10.html.

11.

395

  


 

WWW-Authenticate: Basic realm="The Social Site"

 

 WWW-Authenticate  
tbasic realm

"The Social Site"
  



...

  
 show_users.php

<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
// PHP
?>

,
ch11. ,
, , - .

show_users.php 
 
 
   


396

4.

. 11.1.

- -
.htpasswd ( - Apache), .
.htpasswd PHP.
.htpasswd
, .



show_users.php  
t 
$BODFM
  
 
           
  
show_users.php 
  


         

show_users.php

11.

397

. 11.2. show_users.php

  

 
 
 show_users.php 

)551 
)551 
 
1)1 

1)1
 
 $_SERVER 

 $_SERVER['PHP_AUTH_USER']t
 $_SERVER['PHP_AUTH_PW']t

$_SERVER SITE_ROOT app_cong.php,


get_web_path.

398

4.

 

 )551 
)551 


 
$_SERVER['PHP_AUTH_USER']$_SERVER['PHP_AUTH_PW']

  

   

 
    


  

 
 
 
 
 isset

if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
}

 


  




  


 

if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {

11.

399

header('HTTP/1.1 401 Unauthorized');


header('WWW-Authenticate: Basic realm="The Social Site"');

header
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');

 1)1
1)1

 header
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
// ,
//


if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}

 
 exit  die 
 


. 11.3.
,


( !)
  
 
 
  
while 
while (_____) {
______();
}

400

4.

, PHP. ,
. .

 
  t

if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}


- ,

,
. ,
, - .
. ,
, .
if, while, else, , PHP, .
:
while (_____) {
______();
}

,
PHP. , $_SERVER, ,
. , , ,
, :
while (_____) {

- :
if (($_SERVER['PHP_AUTH_USER'] !=
VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] !=
VALID_PASSWORD)) {

? -... ,
. , , . :
______();

11.

401

, . .
. , ,
- ,
. ,
, , .
  

  
 show_users.php 
 

if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
} else {
if (($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
}

if exit .
exit , ,
. , ,
.
.


 
)551
  
 

if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}

402

4.

show_users.php.

show_users.php 
if 
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}

show_users.php
adminsuper_secret 

 show_users.php 

 


. 11.4.
PHP $_SERVER

11.

403

. 11.5. , ;


 show_users.php 
  
show_users.php 
  
 delete_user.php
  
 app_config.phpdatabase_connection.php
 


: authorize.php
 authorize.php

<?php
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
?>

404

4.

   authorize 


get_credentials
 require_
onceauthorize.php 
  

require_once "../scripts/authorize.php;"




?
, . show_users.php : . , ,
, ,
show_users.php.
, ,
, .
, ,
... . .
, , ( ).
,
,
.
 
1)1  authorize.php
authorize.php 


+BWB4DSJQU
<script>
<script type="text/javascript">
dashboard_alert("#hits_count_dialog");
$("#hits_count_dialog").dialog("open");
query_results_tables();
</script>

+BWB4DSJQU 
1)1 
authorize.php

11.

405

<?php
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
?>

     require_once   
authorize.php authorize.php 
 
 

 show_users.php
require_onceauthorize.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/authorize.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
//
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
// . ...
?>

  show_users.


php 
delete_user.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/authorize.php';
require_once '../scripts/database_connection.php';
// . ...

406

4.

 
 
delete_user.php 
 
1)1

. 11.6. ,

  


 show_users.php 

delete_
user.php 1)1 authorize.php
  The Social Site 
 

header('WWW-Authenticate: Basic realm="The Social Site"');

  
 
show_users.php  
delete_user.php 
 

 
 

 
 


11.

407

. 11.7.


PHP
 

1)1 
 
app_config.phpauthorize.php
t

  


 42-
 

 
 authorize.php

- , , -
, . , ,
, . , -
, ,
, .

408

4.


 

 
 .Z42-


users
 users

mysql> describe users;
+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
| NO
| PRI | NULL
| auto_increment |
| first_name
| varchar(20) | NO
|
|
|
|
| last_name
| varchar(30) | NO
|
|
|
|
| email
| varchar(50) | NO
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | text
| YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
8 rows in set (0.02 sec)

  username



 password



mysql> ALTER TABLE users
->
ADD username VARCHAR(32) NOT NULL
->
AFTER user_id,
->
ADD password VARCHAR(16) NOT NULL
->
AFTER username;

AFTER MySQL .
AFTER , ( username password,
, ) .
, ,
DESCRIBE.

 


11.

409

mysql> describe users;


+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
| NO
| PRI | NULL
| auto_increment |
| username
| varchar(32) | NO
|
| NULL
|
|
| password
| varchar(16) | NO
|
| NULL
|
|
| first_name
| varchar(20) | NO
|
|
|
|
| last_name
| varchar(30) | NO
|
|
|
|
| email
| varchar(50) | NO
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | text
| YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
10 rows in set (0.03 sec)



  
 username
 password

 NOT NULL

 


42-  

mysql> UPDATE users
->
SET username = "jroday",
->
password = "psych_rules"
-> WHERE user_id = 45;

 
mysql> SELECT user_id, username, password, first_name, last_name
->
FROM users
-> WHERE user_id = 45;
+---------+----------+-------------+------------+-----------+
| user_id | username | password
| first_name | last_name |
+---------+----------+-------------+------------+-----------+
|
45 | jroday
| psych_rules | James
| Roday
|
+---------+----------+-------------+------------+-----------+
1 row in set (0.00 sec)

users 


410

4.


?
, , . -
. .

, ,
50 .

, UPNNZO!ECDPSH, ( ), , UOB.

.

users username? ?
-, , . , ,
, Gmail, iCloud
, , - .
-,
. - , - . , , - ,
, .

.
-, , .
?
. , ?

, . , 1Password
(XXXBHJMFCJUTDPNQSPEVDUT1BTTXPSE), . ,
1Password ( $59,99 ) .

11.

411



 create_user.html 
)5.- 
)5.- 



create_user.html 
 

<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<link href="../css/jquery.validate.password.css" rel="stylesheet"
type="text/css" />
<script type="text/javascript" src="../js/jquery.js"></script>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript" src="../js/jquery.validate.password.js">
</script>
<script type="text/javascript">
$(document).ready(function() {
$("#signup_form").validate({
rules: {
password: {
minlength: 6
},
confirm_password: {
minlength: 6,
equalTo: "#password"
}
},
messages: {
password: {
minlength: " 6 "
},
confirm_password: {
minlength: " 6 ",
equalTo: " ."
}
}
});
});
</script>

412

4.

</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form id="signup_form" action="create_user.php"
method="POST" enctype="multipart/form-data">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" class="required" />
<br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" class="required" />
<br />
<label for="username"> :</label>
<input type="text" name="username" size="20" class="required" />
<br />
<label for="password">:</label>
<input type="password" id="password" name="password"
size="20" class="required password" />
<div class="password-meter">
<div class="password-meter-message"> </div>
<div class="password-meter-bg">
<div class="password-meter-bar"></div>
</div>
</div>
<br />
<label for="confirm_password"> :</label>
<input type="password" id="confirm_password" name="confirm_password"
size="20" class="required" /><br />
<label for="email"> :</label>
<input type="text" name="email" size="30" class="required email" />
<br />
<label for="facebook_url"> URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" class="url" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
<input type="hidden" name="MAX_FILE_SIZE" value="2000000" />
<label for="user_pic"> :</label>
<input type="file" name="user_pic" size="30" /><br />
<label for="bio">:</label>
<textarea name="bio" cols="40" rows="10"></textarea>
</fieldset>
<br />
<fieldset class="center">

11.

413

<input type="submit" value=" " />


<input type="reset" value=" " />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

 K2VFSZ 
XXXKRVFSZDPNK2VFSZ
K2VFSZ

+BWB4DSJQU
K2VFSZK2VFSZ
 
XXXKRVFSZCBTTJTUBODFEF
create_user.html
 
 


. 11.8.

414

4.

create_user.html 

  

  
typepassword
K2VFSZK2VFSZ 
  

  
 

+BWB4DSJQU

. 11.9.

K2VFSZ
K2VFSZ

 
 
 

11.

415

 
1)1

. 11.10.


1)1 


 create_user.php


<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";

416

4.

$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$username = trim($_REQUEST['username']);
$password = trim($_REQUEST['password']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {

11.

417

$now++;

// ,
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'],
$upload_filename)
or handle_error(" " .
" .",
", " .
" {$upload_filename}");
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, username, " .
"password, email, " .
"bio, facebook_url, twitter_handle, " .
"user_pic_path) " .
"VALUES ('%s', '%s', '%s', '%s', '%s',
'%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_real_escape_string($upload_filename));
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
?>

, , -
create_user.php ( create_user.html). ,
, 9 10,
. , ,
-, .

 
  
   
 require_once
authorize.php
 


418

4.

. 11.11.

create_user.php
?
, . , create_user.php
, . , , .
SELECT . - ,
, handle_error. . ,
, , ,
.
create_user.html create_user.php. , - ,
, , , .
, , , Ajax, .
, ?
. PHP . , , , ,
, , 12,
.
.

11.

419

authorize.php
users

authorize.php
 
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");

 authorize.php users 



 authorize.phpusers
       
authorize.php 
require_once 
database_connection.php 
users
<?php
require_once 'database_connection.php';
// define(VALID_USERNAME, "admin");

// define(VALID_PASSWORD, "super_secret");
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
?>


 if
$_SERVERPHP_AUTH_USERPHP_AUTH_PW 
 
VALID_USERNAMEVALID_PASSWORD 
 
if
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');

420

4.

header('WWW-Authenticate: Basic realm="The Social Site"');


exit(" ." .
" . .");
}

, if (), else ( ),
else . if ,
exit, .
, PHP_AUTH_USER PHP_AUTH_PW
$_SERVER.

 
  


 sprintf mysql_real_escape_string 

<?php
require_once 'database_connection.php';
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_PW'])));
$results = mysql_query($query);
?>

 

 
   



11.

421

 
   


if (mysql_num_rows($results) == 1) {
// ! .
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}

, , , ,
, , , -
, exit,
authorize.php.


  authorize.php 

if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$current_user_id = $result['user_id'];
$current_username = $result['username'];
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}

    

<?php
require_once 'database_connection.php';
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .

422

4.

" . .");
}
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_PW'])));
$results = mysql_query($query);
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$current_user_id = $result['user_id'];
$current_username = $result['username'];
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
?>

 
 


  show_users.php 
authorize.php
  
 

,

  



     show_users.php  
   
admin

11.

423

 
42-
mysql> SELECT user_id, username, password, first_name, last_name
->
FROM users
-> WHERE user_id = 45;
+---------+----------+-------------+------------+-----------+
| user_id | username | password
| first_name | last_name |
+---------+----------+-------------+------------+-----------+
|
45 | jroday
| psych_rules | James
| Roday
|
+---------+----------+-------------+------------+-----------+
1 row in set (0.00 sec)

    
+BNFT3PEBZ Psycht 
 


 
  

  
 
 


 1)1 


crypt

1)1crypt 

 

$encrypted_password = crypt($password);

  create_user.php



$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, username, " .
"password, email, " .
"bio, facebook_url, twitter_handle, " .
"user_pic_path) " .
"VALUES ('%s', '%s', '%s', '%s', '%s',
'%s', '%s', '%s', '%s');",

424

4.

mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($username),
mysql_real_escape_string(crypt($password)),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_real_escape_string($upload_filename));

  create_user.php


 users
mysql> SELECT user_id, username, password, last_name
->
FROM users
-> WHERE user_id = 51;
+---------+----------+------------------+-----------+
| user_id | username | password
| last_name |
+---------+----------+------------------+-----------+
|
51 | traugott | $1$qzifqLu4$0C88 | Traugott |
+---------+----------+------------------+-----------+
1 row in set (0.00 sec)

   
 crypt

ALTER TABLE users
CHANGE password
password VARCHAR(50) NOT NULL;

password . ,
. ,
( NOT NULL). ,
, password.

 


crypt
crypt
 
 
  



 

11.

425

 
 
  
 



  

authorize.php 


//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(
crypt(trim($_SERVER['PHP_AUTH_PW']))));

. -
, , -
.


  

  
  
crypt



 crypt 
t  
 
 crypt

          crypt

 crypt 
  crypt



426

4.

test_salt.php
<?php
$input = "secret_string";
$first_output = crypt($input);
$second_output = crypt($input);
echo " : {$first_output}\n\n";
echo " : {$second_output}\n\n";
?>


yellowta@yellowtagmedia.com [~/www/phpMM/ch11]# php test_salt.php
X-Powered-By: PHP/5.2.17
Content-type: text/html
: $1$ciU1qEcc$XFT9G7FD/4K/L1Kl.bd.q/
: $1$7cLtF/bc$Js6rEk5RHg4PujAkVOOSG1

 


<?php
$input = "secret_string";
$salt = "salt";
$first_output = crypt($input, $salt);
$second_output = crypt($input, $salt);
echo " : {$first_output}\n\n";
echo " : {$second_output}\n\n";
?>


yellowta@yellowtagmedia.com [~/www/phpMM/ch11]# php test_salt.php
X-Powered-By: PHP/5.2.17
Content-type: text/html
: sazmIw2D3KJ/M
: sazmIw2D3KJ/M

 crypt

 


11.

427

  

    


create_user.php 


$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, username, " .
"password, email, " .
"bio, facebook_url, twitter_handle, " .
"user_pic_path) " .
"VALUES ('%s', '%s', '%s', '%s', '%s',
'%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($username),
mysql_real_escape_string(crypt($password, $username)),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_real_escape_string($upload_filename));

 authorize.php

$_SERVER
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(
crypt(trim($_SERVER['PHP_AUTH_PW']),
$_SERVER['PHP_AUTH_USER'])));

   

 

 show_users.php
 
  
 


12

Cookie-,



1)1 
1)1 
 

 .Z42- 
.Z42- 


   
5XJUUFS63-'BDFCPPL
5XJUUFS63-'BDFCPPL
63-'BDFCPPL
63-'BDFCPPL
'BDFCPPL
'BDFCPPL

(PPHMF
 1)1
1)1


 
 

 

  

  


 
  

 
show_users.phpdelete_user.php

12. Cookie-,

429

  

 
 

t
 

 
         
 

  
 
 


)551 
)551
)551

 

  
 

 
 


. 12.1.

430

4.


  
  
$44
$44

)5.-47( 
)5.-47( 
47( 
47( 
 
 
          


 



   
 



index.html 


<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="content">
<div id="home_banner"></div>
<div id="signup">
<a href="create_user.html"><img src="../images/sign_me_up.png" /></a>
<a href="signin.html"><img src="../images/sign_me_in.png" /></a>
</div>
</div>
<div id="footer"></div>
</body>
</html>

   
  
  
 


12. Cookie-,

431

 
  
  1)1
1)1

 )551
)551

. 12.2.


 create_user.html
 signin.html
 


432

4.



  
 
 
 
 
authorize.php 

 

authorize.php  
$_SERVER 
           
  

 

, , -
, , -
.
.


  )5.-


  1)1

1)1



 
 
show_user.php
 
 
 )5.-

)5.-
 

)5.-
  
1)1

12. Cookie-,

433


1)1 

  1)1

1)1




 1)1

  1)1

1)1



 
 
show_user.php
 
 
 1)1

  1)1


 
 
 

    
 1)1
1)1



 

  
1)1 
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="content">
<div id="home_banner"></div>
<div id="signup">
<a href="create_user.html"><img src="../images/sign_me_up.png" /></a>
<a href="signin.php"><img src="../images/sign_me_in.png" /></a>
</div>
</div>
<div id="footer"></div>
</body>
</html>

434

4.

PHP
, HTML, , ,
PHP. , -
, , HTML-.
?
...
. , . ,
, . , if, .
if ,
, , .
, , ,
, , . .

.
PHP,
, . , , , , PHP, ,
PHP, . , ,
...
, PHP,
.
, - (Model-View-Controller, MVC), .
HTML , ,
( - ) , . , ,
MVC-, PHP.
.
, , Ruby
Java ( , ).
, PHP
MVC,
. .

12. Cookie-,

435

HTTP-
ookie-
 signin.php


 
 
 
 
signin.php
)551 
 

show_users.php 
delete_user.php

PPLJF

,
(cookie . , , , , ).
, (magic cookies).
Unix -
, - .
, ookie-
, ,
.

ookie-?
DPPLJF 
DPPLJF 
 
DPPLJF 
 
 DPPLJF 

DPPLJFusername
my_username  DPPLJFuser_id52
DPPLJFusername 
 
DPPLJFusername
 DPPLJF
  
DPPLJF 

436

4.

  


DPPLJF

cookie- , ,
cookie-.
, :
.
13. ,
cookie-. , ,
. , cookie-
,
.

cookie-

  

DPPLJF 
1)1DPPLJF 
1)1DPPLJF 
DPPLJF 
DPPLJF 
 
$_SERVER$_REQUEST 
DPPLJFsetcookie
DPPLJF
setcookie("username", "my_username");

DPPLJF
$_COOKIE
echo " " . $_COOKIE['username'] . ".";

  
DPPLJF
setcookie$_COOKIE 


cookie- , ,
. setcookie , -
-
.


cookie-
 DPPLJF

signin.php

12. Cookie-,

<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// , cookie- user_id
if (!isset($_COOKIE['user_id'])) {
// username
if (isset($_REQUEST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
}

// ,

// if,
// .
// . ,
// ,
// .
page_start("");

?>

<html>
<div id="content">
<h1> </h1>
<form id="signin_form" action="signin.php" method="POST">
<fieldset>
<label for="username"> :</label>
<input type="text" name="username" id="username" size="20" />
<br />
<label for="password">:</label>
<input type="password" name="password" id="password" size="20" />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value="" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>
<?php
} else {

437

438

4.

// ,
// , , show_user.php
}
?>

, database_connection.php ,
app_cong.php ? app_cong.php, ,
- , . , -
database_connection.php app_cong.php. ,
database_connection.php, app_con-
g.php.

  




?

 
  require_once
t 
DPPLJF user_id  

<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {

  DPPLJF
  
isset DPPLJF


?
DPPLJF user_id  
  

)5.- 





12. Cookie-,

439

)5.-  


 $_REQUEST
username 

//
if (isset($_REQUEST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
// ,
}





$_REQUEST(&5 
63- 1045 
 
t
 1045
$_REQUEST
 $_POST  
1045

, , , $_POST GET-:
$_GET.

$_POST
1045
1045

63-

. POST- , GET-,
. , , POST-
, . .


//
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));

440

4.

$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
// ,
}

, : $_REQUEST $_POST?
, ,
. , ,
$_REQUEST, $_GET $_POST . $_REQUEST , $_GET, $_POST. ,
POST-, ,
$_REQUEST, $_POST.
$_REQUEST $_GET
$_POST. $_COOKIE (
). , signin.php
:
// , cookie- user_id
if (!isset($_REQUEST['user_id'])) {

, $_REQUEST $_GET,
$_REQUEST $_COOKIE. , : , ,
, , .
, , $_REQUEST,
$_GET, $_POST $_COOKIE.
signin.php, , POST-.
, , , $_POST.
GET-, $_GET.
cookie-,
$_COOKIE. ... ,
.



 
)5.-

12. Cookie-,

441

, -
. , ,
.

// if,
// .
// . ,
// ,
// .
page_start("");
?>
<html>
<div id="content">
<h1> </h1>
<form id="signin_form" action="signin.php" method="POST">
<fieldset>
<label for="username"> :</label>
<input type="text" name="username" id="username" size="20" />
<br />
<label for="password">:</label>
<input type="password" name="password" id="password" size="20" />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value="" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>

 
 )5.- 
if
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {

 )5.- 
)5.- 
 

 
$_POST$_REQUEST
<form id="signin_form" action="signin.php" method="POST">

442

4.

 
 
 signin.php   
          
admin.phpdelete_user.php
show_users.php

 1)1
1)1

 
$_SERVER 
  
 signin.php
$_SERVER['PHP_SELF']
<form id="signin_form"
action="<?php echo $_SERVER['PHP_SELF']; ?>"
method="POST">

 
 


  

<?php
} else {
// ,
// , , show_user.php
}
?>






, signin.php
, . , ,
. , , . , ,
.

12. Cookie-,

443

, .

check_the_user_credentials(). :
//
// ,

.
, .
 
 
  )5.- 1)1  
1045 
 
1)1  
1)1  
 
)5.- 
DPPLJFuser_id1045
1045



. 12.3. ,


 



444

4.




authorize.php
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(
crypt(trim($_SERVER['PHP_AUTH_PW']),
$_SERVER['PHP_AUTH_USER'])));
$results = mysql_query($query);
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$current_user_id = $result['user_id'];
$current_username = $result['username'];
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}

)551
signin.php  
DPPLJF 

<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
//
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
$query = sprintf("SELECT user_id, username FROM users " .

12. Cookie-,

445

" WHERE username = '%s' AND " .


"
password = '%s';",
$username, crypt($password, $username));
$results = mysql_query($query);

if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
setcookie('user_id', $user_id);
setcookie('username', $result['username']);
header("Location: show_user.php");
} else {
// ,
}

// if,
// .
// . ,
// ,
//
page_start("");
?>

 signin.php 
   
)5.-

)5.-



        
DPPLJF 
DPPLJF 

show_user.php 

 
 
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
setcookie('user_id', $user_id);
setcookie('username', $result['username']);
header("Location: show_user.php");
} else {
// ,
}

  create_


user.php
show_user.php
header("Location: show_user.php?user_id=" . mysql_insert_id());

446

4.

. 12.4. show_user.php
,

 (&563-
(&563-
63-
63-

user_id
signin.phpuser_id 
 
 

show_user.php
// ID
$user_id = $_REQUEST['user_id'];

 show_user.php
 signin.php
if
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {

else if 



} else {
// ,

12. Cookie-,

447

// , , show_user.php
header("Location: show_user.php");

 
show_user.phpuser_id 
show_user.php 
  

 signin.php 
 $_REQUEST 
 
 @3&26&45@1045 

signin.phpDPPLJF 
DPPLJF 

 $_COOKIE $_REQUEST 
 $_COOKIE  
$_POST$_GET
$user_id = $_REQUEST['user_id'];

 
$user_id = $_COOKIE['user_id'];

 DPPLJF

: : $_COOKIE $_REQUEST?
. , $_COOKIE,
create_user.php. , - $_REQUEST,
show_user.php .
cookie-, . ,
cookie-, show_user.php, $_COOKIE,
.


cookie-

signin.php &OUFS
 

  
  
signin.php 

  
DPPLJF
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {

448

4.

. 12.5.

DPPLJF  

<?php
} else {
// ,
// , , show_user.php
}
?>




signin.php
  
show_user.php
} else {
// ,
// , , show_user.php
header("Location: show_user.php");
}

 show_user.phpDPPLJF
user_id

 show_user.php 
 
 
)551 DPPLJF
DPPLJF 


setcookie , 0,
, cookie- ,
.

12. Cookie-,

449

 
  
DPPLJF

     DPPLJF    

setcookie
 
6OJY-JOVY 
 
   
 time() + 10 

setcookie
DPPLJF
// (60 seconds * 60 minutes = 3600)
setcookie('user_id', $user_id, time() + 3600);
// cookie-,
//
setcookie('user_id', $user_id, time() - 3600);
// :
setcookie('user_id', $user_id, 0);

 mktime 


     

setcookie('user_id', $user_id, mktime(0, 0, 0, 2, 1, 2021);

DPPLJF 
DPPLJF 
 
   
       

 


, Facebook Twitter,
.
, 10 .

 DPPLJF 
signin.php

450

4.



 
else  

if (mysql_num_rows($results) == 1) {
// cookie- show_user.php
} else {
// ,
}

handle_error
 
 


  
 
handle_error
 
handle_error
page_start
view.phpsignin.php 
 
page_start("");

view.php 

function page_start($title, $javascript = NULL,
$success_message = NULL, $error_message = NULL) {


$success_message$error_message
 $error_message 
 page_start 

)5.-

<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = "";
// ,

12. Cookie-,

451

// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
//
if (isset($_POST['username'])) {
//
//

if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
setcookie('user_id', $user_id);
setcookie('username', $result['username']);
header("Location: show_user.php");
} else {
// ,
$error_message = " -.";
}

// if,
// .
// ,
// .
page_start("", NULL, NULL, $error_message);

?>

<!-- HTML- -->


<?php
} else {
// ,
// , , show_user.php
header("Location: show_user.php");
}
?>

, cookie- -
, .
, ID , -
cookie- .
, ! cookie-
, .
, cookie-.

 signin.php  index.html



  
 

452

4.

. 12.6.


  view.php 


  page_start
 $error_message 
  "" 
view.phpdisplay_message
function display_messages($success_msg = NULL, $error_msg = NULL) {
echo "<div id='messages'>\n";
if (!is_null($success_msg)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}

12. Cookie-,

453

$error_message

 

        
$error_message  null 


function display_messages($success_msg = NULL, $error_msg = NULL) {
echo "<div id='messages'>\n";
if (!is_null($success_msg) && (strlen($error_msg) > 0)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg) && (strlen($error_msg) > 0)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}

 

 
 
 
 

. 12.7.

454

4.

. 12.8. ,



 

 
  
 

 
signin.php
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
}

// . ...

12. Cookie-,

455

 
$username
)5.-
)5.-

value$username
 
<label for="username"> :</label>
<input type="text" name="username" id="username" size="20"
value="<?php if (isset($username)) echo $username; ?>" />

   

 


. 12.9.

-


  
1)1

456

4.

1)1
1)1

 

  
DPPLJFuser_id
if (isset($_COOKIE['user_id'])) {
//
} else {
//
}




view.php  

 

display_title
  if
DPPLJFuser_id 
 show_user.php signout.php 

 
   

function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
EOD;
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'> </a>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
}

12. Cookie-,

457

 
 view.php 
)5.-
 if 
  display_title 
  display_title 

  $_REQUEST
 $_COOKIE
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'> </a>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}

*%show_user.php 
DPPLJF show_user.php
$_REQUEST['user_id'] 
 *%


-
?
, - , ,
. -
, - ,
. , ?
,
. -,

, ,
, - . -, ,
, ,
. - . , .
, , , .
, cookie-. ,
. ,
.

458

4.

  
)5.- show_user.php  show_users.php signin.php
page_start )5.-
)5.-

 
 display_title  page_start
view.php   show_user.php
<?php
require '../scripts/database_connection.php';
require '../scripts/view.php';
// PHP ID
// cookie-,
//
page_start("");
?>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"><?php echo $email; ?></a></li>
<li>...
<a href="<?php echo $facebook_url; ?>">
Facebook</a></li>
<li>... <a href="<?php echo $twitter_url; ?>">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>

show_user.php

- show_user.php
. !


start_page display_title view.phpDPPLJF 

12. Cookie-,

459

signin.php 
 

 
  
 if display_title DPPLJF 


. 12.10.

HTML
 show_user.php show_users.php
signin.php index.html 
 create_user.html  
start_pageview.php 
)5.- 1)1 index.html

 

create_user.html 
  

460

4.

    

 


HTML PHP
create_user.htmlcreate_user.php 
 create_user.php 
create_user.html signup.php 
index.html 
 TJHOVQ

[~/www/phpMM/ch12]# cp create_user.html create_user.html.orig
[~/www/phpMM/ch12]# mv create_user.html signup.php

,
.
, ,
, ,
.

)5.-
)5.-

1)1page_start
+BWB4DSJQU  
IFSFEPD
<?php
require_once "../scripts/view.php";
$inline_javascript = <<<EOD
$(document).ready(function() {
$("#signup_form").validate({
rules: {
password: {
minlength: 6
},
confirm_password: {
minlength: 6,
equalTo: "#password"
}
},
messages: {
password: {
minlength: " 6 "
},
confirm_password: {

12. Cookie-,

}
});
});

461

minlength: " 6 ",


equalTo: " ."

EOD;
page_start(" ", $inline_javascript);
?>
<div id="content">
<h1> </h1>
<p>, :</p>
<form id="signup_form" action="create_user.php"
method="POST" enctype="multipart/form-data">
<!-- -->
</form>
</div>
<div id="footer"></div>
</body>
</html>

 view.php 


K2VFSZ $44 
signin.php

function display_head($page_title = "", $embedded_javascript = NULL) {
echo <<<EOD
<html>
<head>
<title>{$page_title}</title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<link href="../css/jquery.validate.password.css" rel="stylesheet"
type="text/css" />
<script type="text/javascript" src="../js/jquery.js"></script>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript"
src="../js/jquery.validate.password.js"></script>
EOD;
if (!is_null($embedded_javascript)) {
echo "<script type='text/javascript'>" .
$embedded_javascript .
"</script>";
}
echo " </head>";
}

462

4.

index.html signup.php 
create_user.html
<div id="content">
<div id="home_banner"></div>
<div id="signup">
<a href="signup.php"><img src="../images/sign_me_up.png" /></a>
<a href="signin.php"><img src="../images/sign_me_in.png" /></a>
</div>
</div>

 



 


. 12.11.

:

  
 


12. Cookie-,

463

K2VFSZ
+BWB4DSJQU 




signin.phpcreate_user.php


 
DPPLJF 
 



DPPLJF  

setcookie('user_id', $user_id);
//
setcookie('username', $result['username']); //
//


DPPLJF
DPPLJF


// cookie- user_id
setcookie('user_id', '', time()-(60*60*24*365));

DPPLJFuser_id 


. ,
, .
, .


DPPLJF 
DPPLJF 

tuser_idusername t

<?php
setcookie('user_id', '', time()-(365*24*60*60));
setcookie('username', '', time()-(365*24*60*60));
header('Location: signin.php');
?>

464

4.

  
DPPLJF


show_user.php show_users.php


.
, .


        
*% 
    


. 12.12. ,

  
 
 

 

12. Cookie-,

465

cookie-
 show_user.php

authorize.php
  
)551

authorize.php
 signin.php
 
 signin.php

 authorize.php 
DPPLJF
<?php
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
}
?>

DPPLJF 
DPPLJF 
 
 

<?php
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message=You must login to see this page.');
//
exit;
}
?>

exit . ,
show_user.php, delete_user.php, -
, ,
. -
.

require_once
show_user.php show_users.phpdelete_user.php

 
  signout.php

466

4.



show_user.php 
  

  
63- 

. 12.13.

 signin.php 
 63-

signin.php
require_once '../scripts/view.php';
$error_message = "";
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {


$error_message

12. Cookie-,

467

// if,
// .
// ,
// .
page_start("", NULL, NULL, $error_message);

 

<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';

$error_message = $_REQUEST['error_message'];
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {


show_user.phpDPPLJF 
 

. 12.14. ,

468

4.

 
 

  


  

 

  

  

 
 show_users.php delete_user.php 


        

 


  

 DPPLJF   
DPPLJF   
  


13

 

  

 
show_users.phpdelete_user.php
  

 
  
authorize.php
 authorize.php  

 
 
 
 
 
 
show_users.php 
show_user.php

  DPPLJF  
 
 
DPPLJF 


 
  
 



470

4.


 
  
 1)1
 



groups
 1)1.Z42- t
  
 .Z42-        
tNOT NULL 

mysql> CREATE TABLE groups (
->
id
INT
NOT NULL AUTO_INCREMENT PRIMARY KEY,
->
name
VARCHAR(30) NOT NULL,
->
description VARCHAR(200)
-> );
Query OK, 0 rows affected (0.03 sec)


mysql> DESCRIBE groups;
+-------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+-------------+--------------+------+-----+---------+----------------+
| id
| int(11)
| NO
| PRI | NULL
| auto_increment |
| name
| varchar(30) | NO
|
| NULL
|
|
| description | varchar(200) | YES |
| NULL
|
|
+-------------+--------------+------+-----+---------+----------------+
3 rows in set (0.03 sec)

 description
 NOT NULL 
 
groups
mysql> INSERT INTO groups
->
(name, description)
-> VALUES ("Administrators",
->
"- .");
Query OK, 1 row affected (0.04 sec)
mysql> INSERT INTO groups

13.

471

->
(name, description)
-> VALUES ("Luthiers",
->
" . .");
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO groups
->
(name, description)
-> VALUES ("Musicians",
->
", , .
.");
Query OK, 1 row affected (0.00 sec)

, . ,
Administrators. - -,
, Administrators ,
.

  
mysql> SELECT id, name FROM groups;
+----+----------------+
| id | name
|
+----+----------------+
| 1 | Administrators |
| 2 | Luthiers
|
| 3 | Musicians
|
+----+----------------+
3 rows in set (0.01 sec)


 
42-  
 


, ,

  users 
images usersimages

 
  
 
Luthier MusicianAdministrator 


472

4.

 

   
  



 Administrators   
 
 

 
 

 


 


,
. , -
. --
() ().


:
, , , - .
,
.
(1--1 1:1).
.
1--N. N ,
n, N. N
. , N ,
- .
, , 1:N.
1:N .
, .
1:N, , .

13.

473

, , N:N, ,
. N:N (
, ) . ,
N:N
.



 
 *%
*% 
*%
*% 

*% 
*% 


t user_id 
 users


SELECT *
FROM images
WHERE user_id = $user_id;


SELECT u.username, u.first_name, u.last_name, i.filename, i.image_data
FROM users u, images i
WHERE u.id = i.user_id;



 

user_id   
 users

 users groups



users groups
 *%
 

 *%
*%

*%*%


474

4.


 
  users groups
 users
 
 groups


          users   
 user_groups
  user_id group_id 
 user_id*%
Administrators*%Musicians
usersgroups
 groups
 users*% Administrators user_groups
  


mysql> CREATE TABLE user_groups (
->
user_id INT NOT NULL,
->
group_id INT NOT NULL
-> );
Query OK, 0 rows affected (0.03 sec)


         
   Luthiers 
  user_groups

mysql> INSERT INTO user_groups
->
(user_id, group_id)
-> VALUES (51, 2);
Query OK, 1 row affected (0.02 sec)


mysql> select * from user_groups;
+---------+----------+
| user_id | group_id |
+---------+----------+
|
51 |
2 |
+---------+----------+
1 row in set (0.00 sec)
 users groups



13.

475


  
user_groups *%
*%


mysql> SELECT COUNT(*)
->
FROM users u, groups g, user_groups ug
-> WHERE u.username = "traugott"
->
AND g.name = "Luthiers"
->
AND u.user_id = ug.user_id
->
AND g.id = ug.group_id;
+----------+
| COUNT(*) |
+----------+
|
1 |
+----------+
1 row in set (0.00 sec)

 
 
COUNT(*) 
 
users groupsuser_groups
SELECT COUNT(*)
FROM users u, groups g, user_groups ug

 
 

 

usersgroups
SELECT
FROM
WHERE
AND

COUNT(*)
users u, groups g, user_groups ug
u.username = "traugott"
g.name = "Luthiers"

 *%

 user_groups 
*%
user_groups
SELECT
FROM
WHERE
AND
AND
AND

COUNT(*)
users u, groups g, user_groups ug
u.username = "traugott"
g.name = "Luthiers"
u.user_id = ug.user_id
g.id = ug.group_id;

476

4.

 users
user_groups 
groups 
 COUNT  
users
+----------+
| COUNT(*) |
+----------+
|
1 |
+----------+

COUNT  


mysql> SELECT COUNT(*)
->
FROM users u, groups g, user_groups ug
-> WHERE u.username = "traugott"
->
AND g.name = "Administrators"
->
AND u.user_id = ug.user_id
->
AND g.id = ug.group_id;
+----------+
| COUNT(*) |
+----------+
|
0 |
+----------+
1 row in set (0.05 sec)

! , COUNT,
. , ,
.

1)1



 
  
 
  


 
authorize.php 

 
 

13.

477

 
 authorize.php



authorize.php
 authorize.php
 authorize.php
 1)1
<?php
if ((!isset($_COOKIE['user_id'])) || (!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
//
exit;
}
?>



 authorize.php         
  
         
          
  


authorize.php
 



<?php
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit;
}
}
?>

478

4.

show_user.php
show_user.php

<?php
require '../scripts/authorize.php';
require '../scripts/database_connection.php';
require '../scripts/view.php';
//
authorize_user();
// ID ,
$user_id = $_REQUEST['user_id'];
// SELECT
// . ...


  
 
show_user.php63-
 

. 13.1.

13.

479



authorize_user1)1
show_users.phpdelete_user.php 
Administrators
<?php
require_once
require_once
require_once
require_once

'../scripts/app_config.php';
'../scripts/authorize.php';
'../scripts/database_connection.php';
'../scripts/view.php';

//
// Administrators
authorize_user(array("Administrators"));
// PHP HTML-

, , show_users.php.
delete_user.php, .


authorize.php ,
. .
: , , ,
.
:
<?php
$message = "hello\n\n";
require_once "print.php";
?>

, test.php. ,
print.php, , :
<?php
echo $message;
?>

print.php, ,
print.php, ,

480

4.

require_once. , PHP

:
<?php
$message = "hello\n\n";
echo $message;
?>

test.php :
yellowta@yellowtagmedia.com [~/www/phpMM/ch13]# php test.php
X-Powered-By: PHP/5.2.17
Content-type: text/html
hello

,
.
, -
. , .
:
$allowed_groups = array("Musicians", "Luthiers");
require_once "../scripts/authorize.php";

. , $allowed_groups
require_once, authorize.
php, authorize.php .
authorize_user . ,
, , , , .
  1)1
 authorize.php
 

 authorize_user 
 NULL

<?php
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit;
}
// ,

13.

481

if ((is_null($groups)) || (empty($groups))) {
return;
}

}
?>

empty PHP. ,
(empty), true, false. ,
empty true, .

return1)1
1)1





  
show_users.phpdelete_user.phpauthorize.
php
42-
 $groups
 for  foreach
foreach 


$my_array = array("first", "second", "third");
foreach ($my_array as $item) {
echo $item;
}

$groups
foreach ($groups as $group) {
// SQL- $group
}

 
42- users
groups
SELECT
FROM
WHERE
AND
AND
AND

COUNT(*)
users u, groups g, user_groups ug
u.username = "traugott"
g.name = "Luthiers"
u.user_id = ug.user_id
g.id = ug.group_id;

authorize.php 
userst 

482

4.

user_id
user_id

SELECT
FROM
WHERE
AND
AND

COUNT(*)
user_groups ug, groups g
g.name = mysql_real_escape_string($group)
g.id = ug.group_id
ug.user_id = mysql_real_escape_string($_COOKIE['user_id']);

, mysql_real_escape_string,
. mysql_real_
escape_string ,
MySQL.


 
 
 

 
  
 
SELECT
FROM
WHERE
AND
AND

ug.user_id
user_groups ug, groups g
g.name = mysql_real_escape_string($group)
g.id = ug.group_id
ug.user_id = mysql_real_escape_string($_COOKIE['user_id']);

user_groups  
ug.group_id 
 

  foreach

foreach ($groups as $group) {
// SQL- $group
$query = "SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '" . mysql_real_escape_string($group) . "'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " .
mysql_real_escape_string($COOKIE['user_id']) . "';";
mysql_query($query);
//
}

13.

483

 users


sprintf 
 

 

         
foreach
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
foreach ($groups as $group) {
// SQL- $group
//
}

foreachsprintf
 
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
foreach ($groups as $group) {
// SQL- $group
$query = sprintf($query_string, mysql_real_escape_string($group));
$result = mysql_query($query);
//
}

 sprintf
 $_COOKIE  
sprintf 


484

4.

,
?
, . , ,
.
, ,
.

:
SELECT COUNT(*)
FROM users u, groups g, user_groups ug
WHERE u.username =
mysql_real_escape_string($_COOKIE['username'])
AND g.name = mysql_real_escape_string($group)
AND u.user_id = ug.user_id
AND g.id = ug.group_id;

.
(users), , cookie-.
,
COUNT SELECT, user_groups. , -
.
.
,
sprintf .
,
.
. .
, .
.
,
.
,
.
,
, , ,
.

13.

485

, ,
 
 
  
$group  
$group $groups
   
  authorize_user

$groups  
 1)1)5.- 

 
foreach 
 
  



 
handle_error
 
 
 
  
 

authorize.php  
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) || (!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit;
}
// ,

486

4.

if ((is_null($groups)) || (empty($groups))) {
return;
}
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);

//
foreach ($groups as $group) {
$query = sprintf($query_string, mysql_real_escape_string($group));
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
// , .
// , .
return;
}
}
// , .
// .
handle_error(" .");
exit;

}
?>

         
 users 
  Administrators    user_groups
   
 
     show_users.php   
 

 
 
  
  
 
  


13.

487

. 13.2. ,

,

authorize_user
  
 
 
 

view.php
function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="page_start">
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>

488

4.

EOD;
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'></a></li>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
echo "</div> <!-- , id="page_start" -->";
}

 authorize_user 
 


truefalse

function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="page_start">
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
EOD;
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'></a></li>";
if (user_in_group($_COOKIE['user_id'], "Administrators")) {
echo "<li><a href='show_users.php'></a></li>";
}
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
echo "</div> <!-- , id="page_start -->";
}

13.

489

, view.php require_once
authorize.php.

 
 Administrators 
authorize_user.php
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
//
foreach ($groups as $group) {
$query = sprintf($query_string, mysql_real_escape_string($group));
$result = mysql_query($query);

if (mysql_num_rows($result) == 1) {
// , .
// , .
return;
}

 
 
function user_in_group($user_id, $group) {
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = %d";
$query = sprintf($query_string, mysql_real_escape_string($group),
mysql_real_escape_string($user_id));
$result = mysql_query($query);

if (mysql_num_rows($result) == 1) {
return true;
} else {
return false;
}

490

4.

 
authorize.phpauthorize_user

  Administrators  
show_user.php
 


. 13.3. Administrators,

 
 
 1)1 


 
Administrators
         
is_admin  Administrators

13.

491

. 13.4. Administrators




DPPLJF 
DPPLJF
DPPLJF 
  DPPLJF 
DPPLJF 


 
 
DPPLJF 
DPPLJF .P[JMMB'JSFGPY
    DPPLJF
$PPLJF  

492

4.

. 13.5. cookie- user_id username, ,


, cookie-

Safari cookie- . -
, . Google Chrome
cookie
. Internet Explorer ,
.
.
, -.

13.

493

authorize_user
user_in_group?
, , user_in_group
, . , user_in_group $groups authorize_user .
user_in_group
foreach authorize_
user:
//
//
foreach ($groups as $group) {
if (user_in_group($_COOKIE['user_id'],
$group) {
// ,
return;
}
}

. , , ,
. , , authorize_user,
. , ( user_in_group). ,
, $groups.
, ( )
authorize_user.
. ,
? , authorize_user , ,
.
, , ... .
t 
DPPLJF
 
 


494

4.

*%
 
 DPPLJF 
DPPLJF 

 
DPPLJF 
DPPLJF 
 

DPPLJF
 


 DPPLJF
  


DPPLJF
DPPLJF 
DPPLJF 
 

  

         
 

  

 DPPLJF
        



 




 
DPPLJF 
DPPLJF 

         session_
start
// ()
session_start();
//

13.

495

session_start
signin.php 
session_start
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = $_REQUEST['error_message'];
session_start();
// PHP HTML...

 session_start1)1 


$_COOKIE $_SESSION
$_COOKIE
$_SESSION
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = $_REQUEST['error_message'];
session_start();
// ,
// user_id
if (!isset($_SESSION['user_id'])) {
// . ...


setcookie
$_SESSION 
if (!isset($_SESSION['user_id'])) {
//
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//

496

4.

$query = sprintf("SELECT user_id, username FROM users " .


" WHERE username = '%s' AND " .
"
password = '%s';",
$username, crypt($password, $username));
$results = mysql_query($query);
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
// setcookie
$_SESSION['user_id'] = $user_id;
$_SESSION['username'] = $username;
header("Location: show_user.php");
exit();
} else {
// ,
$error_message = " -.";
}


$_SESSION 
 
 



 
 
 
 

 signin.php
  
show_user.php  signin.php
authorize_user authorize.php
show_user.php
<?php
require '../scripts/authorize.php';
require '../scripts/database_connection.php';
require '../scripts/view.php';
//
authorize_user();

13.

497

 authorize_user
$_COOKIE 
$_REQUEST
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) || (!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit();
}
// . ...

$_COOKIE
$_SESSION
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
function authorize_user($groups = NULL) {
// ,
if ((!isset($_SESSION['user_id'])) || (!strlen($_SESSION['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit();
}
// . ...



//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_SESSION['user_id']);

  
 



498

4.

. 13.6. $_COOKIE $_SESSION,

. -
.
.

session_start

   signin.php1)1
 
show_user.php 
signin.php
 

8J'J&UIFSOFU
 
start_session
DPPLJF DPPLJF
DPPLJF 

 

 

13.

499

. 13.7. cookie- ,
-

 
DPPLJF  
 
  $_SESSION 
session_start
  show_user.php
      session_start   
authorize.php authorize_
userauthorize.php
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
session_start();
function authorize_user($groups = NULL) {
// . ...
}
?>

500

4.

  
  


. 13.8.

 
  
 


$_REQUEST
$_SESSION
show_user.php 
// ID ,
$user_id = $_REQUEST['user_id'];

  
$_REQUEST $_GET $_POST$_COOKIE
$_REQUEST

13.

501

 
$_REQUEST t$_SESSION
 show_users.php 

$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;

- show_users.php. while, -
HTML.

 $_REQUEST $_SESSION


   
$_SESSION $_REQUEST
<?php
require '../scripts/authorize.php';
require '../scripts/database_connection.php';
require '../scripts/view.php';
//
authorize_user();
// ID ,
$user_id = $_REQUEST['user_id'];
if (!isset($user_id)) {
$user_id = $_SESSION['user_id'];
}
// $user_id

 $_REQUEST 
$_SESSION
session_start
<?php
require '../scripts/authorize.php';

502

4.

require '../scripts/database_connection.php';
require '../scripts/view.php';
session_start();
//
authorize_user();
// ID ,
$user_id = $_REQUEST['user_id'];
if (!isset($user_id)) {
$user_id = $_SESSION['user_id'];
}
// $user_id

 


show_user.php session_start :
authorize.php, require_once,
show_user.php.
, PHP
, , ,
authorize.php, session_start. ,
, show_user.php, . -
. session_start ,
- .

?

$_COOKIE  
session_start
<?php
require_once 'app_config.php';
require_once 'authorize.php';
define("SUCCESS_MESSAGE", "success");
define("ERROR_MESSAGE", "error");
session_start();
// ...
?>

13.

503

display_title$_COOKIE$_SESSION
function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="page_start">
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
EOD;
if (isset($_SESSION['user_id'])) {
if (user_in_group($_COOKIE['user_id'], "Administrators")) {
echo "<li><a href='show_users.php'></a></li>";
}
echo "<li><a href='show_user.php'></a></li>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
echo "</div> <!-- , id="page_start -->";
}

 




        
DPPLJF
$_SESSION 
unset
$_SESSION 
session_start 
unset
signout.php

<?php
session_start();
unset($_SESSION['user_id']);

504

4.

unset($_SESSION['username']);
header('Location: signin.php');
exit();
?>

DPPLJF 
signout.php 
  DPPLJF



?
 
 

1)1


 error_message show_error.php


if (isset($_REQUEST['error_message'])) {
$error_message = preg_replace("/\\\\/", '', $_REQUEST['error_message']);
} else {
$error_message = " - .";
}

scripts/show_error.php.

 63-
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E%20,
%20%20%20%20%3C/a%3E

  
 
  
 
  
 
 


13.

505

. 13.9. - CSS-,
,

 scripts/app_config.php handle_


error
function handle_error($user_error_message, $system_error_message) {
header("Location: " . get_web_path(SITE_ROOT) .
"scripts/show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
header("Location: " . get_web_path(SITE_ROOT) . "scripts/show_error.php");
exit();
}

1)1


function handle_error($user_error_message, $system_error_message) {
session_start();

506

4.

$_SESSION['error_message'] = $user_error_message;
$_SESSION['system_error_message'] = $system_error_message;
header("Location: " . get_web_path(SITE_ROOT) . "scripts/show_error.php");
exit();
}

 handle_error

show_error.php

<?php
require 'app_config.php';
session_start();
if (isset($_SESSION['error_message'])) {
$error_message = preg_replace("/\\\\/", '', $_SESSION['error_message']);
} else {
$error_message = " - .";
}
if (isset($_SESSION['system_error_message'])) {
$system_error_message = preg_replace("/\\\\/", '',
$_SESSION['system_error_message']);
} else {
$system_error_message =" .";
}
?>

HTML, PHP, .

63- 
 show_error.php TDSJQUT
63-

http://www.yellowtagmedia.com/phpMM/scripts/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E%20,
%20%20%20%20%3C/a%3E

,
.

 
 

13.

507

. 13.10.


 
63-



cookie-?
 
 
 
 
 
DPPLJF
 DPPLJF
DPPLJF



508

4.

DPPLJF


 

 

 
 


.
PHP MySQL.
.

.
.
.
.
.
.

, 198206, -, , 73, . 29.


005-93, 2; 95 3005 .
24.07.12. 70100/16. . . . 41,280. 2000. 0000.
.
180004, , . , 34.

'(+3-,3(0#%(##
"+-1$-!'!,-!,('#
!0&0180#-(0!(1
7#&%&1&"*-$
&$2*:/,--"6!&1&08,!3-/2+!4,1&/&02&1&08*'1&/!12/-(
*9"'1&/&)-+&,%-#!184-/-5'&),'$''4-1&*'"701!18,!5'+
.!/1,&/-+


,-(2-!./,-(#%)'
*+-(!+,%)$*+)+''1#" -!&2,-*#-!+



  $    !         


  
  





   $# $#  






#
     
   " 
 &    
  
 
' # % 
   
  

(#'(#!  &#
  
$  $#
 $#  
,KFB7B@B@9AF4CB?GH4=F9BFEFB<@BEF<>4:8B=CB>GC><>BFBDGL
EB69DI<F>?<9AFCD<8M6<AF9DA9F@474;<A*<F9DCBEEJ?>94I<@
C4DFA9DE><@AB@9DB@$.:41873<8);.4A8917*9.46.;74A37B;<361,<67
1-9<,1.10-)61C%@874<>).;.-787461;.4A6787 7;:;7157:;13)/-72
361,1
&.6A,1:+19;<)4A67,7:>.;)%@57/.;.87;9);1;A6)873<83<361,+16;.96.;"
5),)016.10-);.4A:;+)!'1;.9#);)3/..:41:<55)*<-.;*74A?. 9<*4.2
8.9.+.:;11=6)37?.4.3+:1:;.5.(6-.3:&.6A,1141
*D<@9DC4DFA9DE>B=EEJ?>< 
 
   7*@>6)C::@43)
 
  
 8)9;6.9:3)C
::@43),-. B;7+)?<613)4A6@28)9;6.9:312675.9
*B8DB5ABB*4DFA9DE>B=CDB7D4@@9
# *<F9DH<F4=F9A4E4=F9
  

Оценить