Академический Документы
Профессиональный Документы
Культура Документы
MySQL
Brett McLaughlin
PHP
MySQL
! "#
2013
32.988-02-018
004.738.5
15
ISBN 978-5-459-01550-8
CSS JavaScript,
- - PHP MySQL. -
.
, ,
, -.
PHP- -.
PHP SQL.
.
-, .
, .
,
.
.
32.988-02-018
004.738.5
'Reilly. .
.
, , , -
. , ,
, .
ISBN 978-0596515867 .
ISBN 978-5-459-01550-8
, 2013
, 2013
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
1. PHP MySQL
1. PHP: , ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2. PHP: . . . . . . . . . . . . . 50
3. MySQL SQL: . . . . . . . . . . . . . . . . . . . . . . . . 82
2. -
4. PHP MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
5. . . . . . .157
6. - . . . . . . . . . . . . . . . . . . . . . .174
3. - -
7. - ( ) . . . . . . . .222
8. . . .260
9. . . . . . . . . . . . . . . . .294
10. , . . . . . . . . . . .337
4.
11. . . . . . . . . . . . . . . . . . . . . . . . . .392
12. Cookie-,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .428
13. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
PHP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PHP . . . . . . . . . . . . . . . . . . . . . . . .
PHP , JavaScript .
PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MySQL? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Macintosh Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
FTP: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
14
15
17
17
18
18
19
19
19
20
20
21
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
1. PHP MySQL
1. PHP: , ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
. . . . . . . . . . . . . . . . . . .
PHP (PC)
PHP Macintosh . . . . . . . . . . . .
. . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
26
27
32
36
. . . . . . . . . . .
. . . . . . . . . . . . .
. . . . . . . . . . .
: HTML-
PHP- . . . . . . . . . . . . . .
. . . . . . . . . . . .
HTML, CSS PHP . . . . . . . . .
. . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
39
41
42
42
43
45
46
48
2. PHP: . . . . . . . . . . . . . 50
- . . . . . . . . . . . . . .
.
. . . . . . . . . . . . . . . . .
PHP . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . .
$_REQUEST . . . . . . . . . . . . . . . . . . . . . . . . .
. . .
$_REQUEST . . . . . . . . . .
? . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
50
50
54
58
58
60
65
68
73
74
76
80
3. MySQL SQL: . . . . . . . . . . . . . . . . . . . . . . . . 82
? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . .
. . . . . .
() . . . . .
MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MySQL Windows . . . . . . . . . . . . . . . . . . . . . . . . . . .
MySQL Mac OS X . . . . . . . . . . . . . . . . . . . . . . . . . .
SQL- . . . . . . . . . . . . . . .
SQL . . . . . . . . . . . . . .
-. . . . . . . . . . . .
USE .
CREATE . . . . .
DROP . . . . . . . .
INSERT .
SELECT . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . 82
. . . . . . . 82
. . . . . . . 84
. . . . . . . 86
. . . . . . . 86
. . . . . . . 88
. . . . . . . 94
. . . . . . .100
. . . . . . .105
. . . . . . .107
. . . . . . .109
. . . . . . .110
. . . . . . .114
. . . . . . .115
. . . . . . .116
2. -
4. PHP MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
PHP-, . .
MySQL . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SHOW . .
.
SQL- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
, . . .
SQL- . . . . . . . . . .
HTML- . . . . . . . .
( ) . . . . . . . . . . . . . . . . . . . . .
SQL- ( ) . . . . . . . . . . . . .
,
- . . . . . . . . . . . . . . . . . . . . . . . .
,
SELECT . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.120
.121
.125
.127
.128
.129
.133
.134
.
.
.
.
.
.
.
.
.
.
.
.
.135
.137
.140
.140
.142
.143
. . .145
. . .148
. . .152
. . .153
5. . . . . . .157
, . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . .
... . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
trim strtoupper . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
: .
.........
.........
.........
.........
.........
.........
.........
.158
.158
.160
.164
.166
.168
.172
6. - . . . . . . . . . . . . . . . . . . . . . .174
. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
id.
. . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.174
.176
.177
.178
ID . . . . . . . . . . . . . . . . .178
. . . . . . . . . . . . . . . . . . . . . .180
. . . . . . . . . . . . . . . . . . . . . . . . . . . .182
SQL- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
. . . . . . . . . . . . . . . . . . . . . . . . .188
. . . . . . . . . . . . . .189
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
. . . . . . . . . . . . . . . .191
ALTER . . . . . . . . . . . . . . . .194
: . . . . . . . . . . . . . . . . . . . . . . . . . .196
SELECT . . . . . . . . . . . . . . . . . . . . . . . . . . .201
SQL- . . . . . . . . . . . . . . . .204
ID show_user.php . . . . . . . . . . . .207
,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
. . . . . . . . . . . . . . . . . . . . . . . . . . . .210
. . . . . . . . . . . . . . . . . .213
( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . .216
3. -
-
7. - ( ) . . . . . . . .222
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224
?. . . . . . . . . . . . . . . . . . . . . . . . . . .225
, . . . . . . . . . . . . . . . . .228
PHP . . . . . . . . . . . . . . . .230
PHP . . . . . . . . . . . . . . . . . . . . . .231
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
. . . . . . . . . . . .237
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240
,
PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241
10
8.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .260
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .261
HTML . . . . . . . . . . . . . . . . . . . . . . . . . .263
. . . . . . . . . . . . .266
? . . . . . . . . . . . . . . . . . . . . . . . .270
. . . . . . . . .279
, . . . . . . . . . . . . . . . . . . . . . . .282
SELECT
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283
URL- . . . . . . . . . . .285
: . . . . . . . . . .289
app_cong.php . . . . . . . . . . . . .291
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
9. . . . . . . . . . . . . . . . .294
. . . . . . . . . . . . . . . . . . . . .294
. . . . . . . . . . . . . . . . . . . . .297
getimagesize . . . . . . . . . . . . . .300
le_get_contents . . . . . . . . . . . .300
INSERT . . . . . . . . . . . . .300
. . . . . . . . . . . . . . . . . . .301
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302
ID . . . . . . . . . . . . .305
. . . . . . . . . . . . . . . . . . . . . . . . . .308
. . . . . . . . . . . . . . . .310
WHERE . . . . . . . . . . . . . . . . .316
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324
, . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328
11
, . . . . . . . . . .329
. . . . . . . . . . . . . . . . . .329
(src) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
, ?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
, ... . . .335
10. , . . . . . . . . . . .337
, . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
,
- . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
SELECT ( )
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
. . . . . . . . . . . . . . . .344
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .350
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .350
. . . . . . . . . . . . . . . . . . . . . . . . . . . .351
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
, . . . . . . . . . . . . . . . . . . . .358
. . . . . . . . . . . . . . . .359
,
JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362
alert . . . . . . . . . . . . . . . . . . . . . . . . . . .368
. . . . . . . . . . . . . . . . . . . . . . . . .369
. . . . . . . . . . . .372
. . . . . . . . . . .374
View Display . . . . . . . . . . . .376
, . . . . . . . . . . . . . . . . . . . . . .377
View . . . . . . . . . . . . . . . . . .377
. . . . . . . . . . . . . . . . . . . . . . . . .378
View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384
. . . . . . . . . . . . . . . . . . .386
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .387
12
4.
11. . . . . . . . . . . . . . . . . . . . . . . . . .392
. . . . . . . . . . . . . . . . . . . . . . . . . . .
HTTP- . .
... . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
( !) . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
: authorize.php . . . . . . . . . . . . . . . . . .
PHP . . . . . . . . . . . . . . . . . . . . .
users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . .
. . . . . . .
. . . . . . . . . . . . . . . . . . . . . . .
authorize.php users. . . . . . . . . . . .
,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
crypt . . . . . . . . . . . . . . . . .
crypt . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . .
.393
.394
.395
.396
.397
.398
.399
.403
.403
.407
.408
.409
.411
.415
.419
.422
.423
.424
.425
12. Cookie-,
. . . . . . . . . . . . . . . . . . . . . . . . . . . .428
. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
HTTP- ookie- . . . . . .
cookie- . .
? . . . . . . . . . . . . . . . . . .
?. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
. . . . . . . . . . .
cookie- . . . .
. . . . . .
. . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.429
.430
.432
.435
.436
.438
.438
.440
.442
.444
.447
.450
.454
13
- . . .
. . . . . . . . . . . . . . . .
HTML . . . . . . . . . . .
.
cookie- .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.455
.456
.459
.463
.465
13. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469
. . . . . . . . . . . . . . . . . . . . . . . .
groups . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
authorize.php . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
, , . . . . . . . . . . . . . . . . . .
, .
. . . . . . . . . . .
. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
$_COOKIE $_SESSION . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . .
$_REQUEST
$_SESSION . . . . . . . . . . . . . . . . . . . . . . . . . .
? . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
? . . . . . . . . . . . . . . . . . . . . . . .
cookie-? . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.469
.470
.471
.475
.476
.477
.479
.481
.485
.487
.491
.494
.494
.495
.496
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.500
.502
.503
.504
.507
)5.-
t$BTDBEJOH4UZMF4IFFUT $44
+BWB4DSJQU
+BWB4DSJQU
+BWB4DSJQU
K2VFSZ
+BWB4DSJQU
K2VFSZ
+BWB4DSJQU
K2VFSZ
+BWB4DSJQU
K2VFSZ
K2VFSZ
K2VFSZ
+BWB4DSJQU
$44)5.-
DPPLJF
1BZ1BM
)5.-
$44+BWB4DSJQU
1)1.Z42-
1)1
PHP?
1)1t+BWB4DSJQU
)5.-
t
1)1
1)1
15
PHP?
PHP . PHP Personal Home Page
( ), -, HTML, CSS JavaScript. Personal
Home Page , , - , , .
PHP PHP: Hypertext Preprocessor (PHP:
). , , : PHP , .
, , .
, , .
, PHP , PHP.
PHP
1)1
1)1
1)1
. 0.1. PHP-
Windows
1)1 )5.-
DPPLJF
)5.-
)5.-
1)1
16
. 0.2. HTML
17
PHP ,
JavaScript
+BWB4DSJQU
+BWB4DSJQU
var
t
1)1
+BWB4DSJQU
+BWB4DSJQU
1)1
1)1
1)1
*OUFSOFU&YQMPSFS
+BWB4DSJQU
PHP
1)1
1)1
1)1
)5.-
)5.-
+BWB$
1)1+BWB4DSJQU
1)1
18
MySQL?
.Z42-t
t
.Z42-
42-
.Z42-
42-
.Z42-
.Z42-
.Z42-
.Z42-
1)1
.Z42-t
.Z42-t
t
.Z42-
c.Z42-
1)1
1)1
t
1)1
1)1
1)1
)5.-$44
+BWB4DSJQU
19
Macintosh Windows
1)1.Z42-
.BDJOUPTI8JOEPXT
1)1
.BDJOUPTI8JOEPXT
)5.-$44
FTP:
'51
'51
1)1
1)1
viemacs
.
, ,
, ,
.
FTP-. , .
'51
'51
$ZCFSEVDL XXXDZCFSEVDLDI
'51
1)1.Z42-
1)1
1)1
20
.Z42-
63-
5XJUUFS
DPPLJF
.JTTJOH.BOVBM XXXNJTTJOHNBOVBMTDPNDETQIQNZTRMNN
XXXNJTTJOHNBOVBMTDPN
-
XXXNJTTJOHNBOVBMTDPNDETQIQNZTRMNN
21
#SFUU .D-BVHIMJO
t
/"4"
1)1
.Z42-
/BO#BSCFS
t
.JTTJOH.BOVBM
OBOCBSCFS!PSFJMMZDPN
+BTNJOF1FSF[
t
+BTNJOF1FSF[
t
1FSF[
t
1FSF[
t
t
t
t
8'.6
KQFSF[!PSFJMMZDPN
/BO3FJOIBSEU
t
/BO3FJOIBSEU
t
3FJOIBSEU
t
3FJOIBSEU
t
t
t
t
XXXOBOSFJOIBSEUDPN
SFJOIBSEU!DPNDBTUOFU
4IFMMFZ1PXFST
t
)5.-
0o3FJMMZXXXCVSOJOHCJSEOFU
4UFWF4VFISJOH
t
XXXCSBJOHJBPSH
23
#SJBO4BXZFS
/BO#BSCFS
4IFMMFZ1PXFST
4UFWF4VFISJOH
1)1
0o3FJMMZ
c
IBMJDLBZB!NJOTLQJUFSDPN
IUUQXXXQJUFSDPN
1)1.Z42-
1)1
1)1
.Z42-42-
PHP: ,
?
1)1t
1)1
1)1
1)1
1)1
1)1
1)1
)5.-
)5.-
)5.-
1)1
1)1
1)1
1)1
1)1
1)1
1)1
1)1
1. PHP: , ?
27
PHP (PC)
1)1
1)1
1)1
Macintosh, .
PHP Macintosh .
XXXQIQOFU
1)1
1)1
1)1
1)1
1)11)1
t4UBCMF3FMFBTFT
. 1.1. PHP
- www.php.net
1)1
1)1
1)1
28
1. PHP MySQL
. 1.2. - PHP
1)1
8JOEPXT#JOBSJFT 8JOEPXT
1)18JOEPXT
IUUQXJOEPXTQIQOFUEPXOMPBE
IUUQXJOEPXTQIQOFUEPXOMPBE
/PO5ISFBE4BGF
5ISFBE4BGF
/PO5ISFBE4BGF
*OTUBMMFS
8JOEPXT
1)1
1. PHP: , ?
29
, , .
:
, .
,
: ! ! ( )
( ).
1.0, . , 2.2 PHP 1.1
, , - . ,
- PHP,
, .
.
30
1. PHP MySQL
, http://windows.php.
net/download, : .
URL-, www.php.net. ,
Google PHP www.php.net,
, Windows- ,
PHP.
8JOEPXT
"MMPX
/FYU
$=1SPHSBN'JMFT=1)1=
1)1
1)1
%POPUTFUVQBXFCTFSWFS
. 1.4. -
PHP Windows. : ?
PHP , Windows, 2000 . PHP :
(Thread Safe). Mac OS X Unix/Linux-
, , Windows . Windows-
1. PHP: , ?
31
, , , PHP
, .
,
. PHP Windows , PHP- Windows ,
. PHP- , -,
Windows, PHP-,
. PHP
-
PHP,
. ,
(Non Thread Safe). ,
: 10 40 %
.
, , PHP , , .
. , ( ,
,
), ,
, ,
, , .
8JOEPXT1)1
. 1.5.
32
1. PHP MySQL
&YUSBT
/FYU
*OTUBMM
1)1
1)1
cmd
1)1 php
. 1.6. PHP
1)1
PHP Macintosh
.BDJOUPTI
1)1
.BDJOUPTI
1)1
.BDJOUPTI5FSNJOBM
5FSNJOBM
1)1"QQMJDBUJPOT
4IJGU "
6UJMJUJFT
6UJMJUJFT
1. PHP: , ?
33
.BD049
Shift+ +A ,
. ,
, Shift+ +A.
, , Finder .
, .
Shift+ +A , . ,
.
, ,
. , "QQMJDBUJPOT
6UJMJUJFT ().
34
1. PHP MySQL
"QQMJDBUJPOT
5FSNJOBM
5FSNJOBM
5FSNJOBM
.BDJOUPTI
1)1
. 1.8. Terminal
Terminal PHP-
. Terminal, dock-.
5FSNJOBM
5FSNJOBM
5FSNJOBM
5FSNJOBM
. 1.9. Terminal
1. PHP: , ?
35
. 1.10. which
php
PHP
, PHP
( php, ) . , Apple Software Update,
PHP. , PHP , Terminal php version.
:
Bretts-MacBook-Pro:~ bdm0509$ php version
PHP 5.3.4 (cli) (built: Dec 15 2010 12:15:07)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
, PHP, , 5.3.4. (
PHP (PC) .)
PHP, - XXX
QIQOFU PHP. ,
Macintosh-, , , unzip tar, - ,
.
36
1. PHP MySQL
1)1
1)1
1)1)5.-
$44+BWB4DSJQU
)5.-
)5.-
$44t$44
+BWB4DSJQUt+4
1)1t
$44t$44
+BWB4DSJQUt+4
1)1t
t$44
+BWB4DSJQUt+4
1)1t
+BWB4DSJQUt+4
1)1t
t+4
1)1t
1)1t
t
1)1
1)1
1)18JOEPXT
.BDJOUPTI
5FYU&EJU
5FYU&EJU
1)1
1)1
8JOEPXT /V4QIFSF1IQ&%
XXXOVTQIFSFDPNQSPEVDUTQIQFEIUN
/V4QIFSF
1)1
1)1
)5.-
$441)1
.BDJOUPTI
t
##&EJU XXXCBSFCPOFTDPNQSPEVDUTCCFEJUJOEFYIUNM
5FYU.BUF XXXNBDSPNBUFT
DPN
.BDJOUPTI
1IQ&%
8JOEPXT
)5.-
$44
+BWB4DSJQU
)5.-
$44
+BWB4DSJQU
$44
+BWB4DSJQU
$44
+BWB4DSJQU
+BWB4DSJQU
+BWB4DSJQU
##&EJU
##&EJU
37
1. PHP: , ?
. 1.12. BBEdit
5FYU.BUF
##&EJU
'51
5FYU.BUF
38
1. PHP MySQL
. 1.13. TextMate
:
, PhpED, BBEdit TextMate, , , . ,
, Windows Finder Mac-,
telnet Terminal, FTP-
. :
.
,
dock- Macintosh- Windows. - PHP.
.
.
, , , , . , - .
.
FTP,
,
,
.
, ,
, -
FTP telnet. , ,
TextMate PhpED.
1. PHP: , ?
39
1)1
1)1
5FYU&EJU1)1
8JOEPXT5FYU&EJU.BDJOUPTI1)1
1)1
1)1
1)1
1)1
<?php
echo " . , PHP-!\n";
echo " :\n";
$name = trim(fgets(STDIN));
echo "\n, " . $name . ", .\n\n";
?>
1)1
)5.-+BWB4DSJQU
, , TextEdit,
. ,
. PHP- .
, ,
. TextEdit FormatMake Plain Text
( ). , .
, .
40
1. PHP MySQL
1)1t
1)1t
t
)5.-
=
. 1.14.
1)1<?php
echo
echo
$name
$name
?>
$name =
\nsSTDIN
<?php
?>
sayHello.php
.php
1)1
Windows Macintosh, ,
, , TXT.
PHP. Windows ,
sayHello.php, - sayHello.php.txt.
1. PHP: , ?
41
1)1
, . , .
TextEdit Mac-, 1SFGFSFODFT
(). Preferences ,
, .
'PSNBU () , , 1MBJO5FYU ( ) (. 1.15). Windows
,
.
1)1
.BD
5FSNJOBM
EPDL5FSNJOBM
42
1. PHP MySQL
sayHello.
php
dir 8JOEPXT
ls .BDJOUPTI
php sayHello.php
php
sayHello.php
&OUFS
. 1.16.
$1)1
QIQ
1)1
1)1 1)1
+BWB4DSJQU
1)1t
+BWB4DSJQU
1)1t
1)1t
1)1t
t
1)1
1)1
)5.-
1)1
: HTML-
)5.-
)5.-
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
1. PHP: , ?
43
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 1.1</div>
<div id="content">
<h1> !</h1>
<p> . , PHP-!</p>
<p> :</p>
<form action="scripts/sayHelloWeb.php" method="POST">
<p>
<i> :</i> <input type="text" name="name" size="20" />
</p>
<p><input type="submit" value=" " /></p>
</form>
</div>
<div id="footer"></div>
</body>
</html>
, HTML, ,
, - www.missingmanuals.com/cds/phpmysqlmm.
CSS , ,
. (,
PHP), .
$44
sayHello.php
t
<form action="scripts/sayHelloWeb.php" method="POST">
sayHelloWeb.phpt1)1
sayHelloWeb.php
PHP-
)5.-
sayHelloWeb.php
1)1
1)1
44
1. PHP MySQL
1)1
)5.-
sayHello.php
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 1.1</div>
<div id="content">
<h1>, <?php echo $_REQUEST['name']; ?>!</h1>
<p> .
PHP-.</p>
</form>
</div>
<div id="footer"></div>
</body>
</html>
1. PHP: , ?
45
<?php1)1
$_REQUEST
name
echo
1)1?>
)5.-
sayHello.html
1)1
1)1
)5.-
1)1
t sayHello.html
)5.- $_REQUEST
1)1
1)1
1)1
1)1
1)1
1)1
$
$myHeighttNZ)FJHIU
$_REQUESTt@3&26&45
PHP- $,
PHP- , $ . ,
$myHeight PHP- , .
t
$myHeight
1)1
1)1
sayHelloWeb.php
sayHello.html
1)1$_REQUEST1)1
$_REQUEST
tOBNF
$_REQUEST['name']
OBNF
QIPOF/VNCFS
1)1
$_REQUEST['phoneNumber']
t
46
1. PHP MySQL
, $_REQUEST,
.
, , PHP, $_REQUEST.
1)1OBNF
echo
1)1)5.-
)5.-
63-
ZFMMPXUBHNFEJBDPN
$44 DTT
$44
+BWB4DSJQU KT
+BWB4DSJQU
TDSJQUT
1)1
TDSJQUT
1)1 TDSJQUT
1)1
1)1
sayHello.html sayHelloWeb.php DI
TBZ)FMMPIUNMDITDSJQUTTBZ)FMMP8FCQIQ
1. PHP: , ?
47
, , , -
, . -
, CSS, JavaScript PHP- HTML
PHP.
)5.-1)1
phpMM.css
XXXNJTTJOHNBOVBMTDPNDETQIQNZTRMNN$44
)5.-1)1
DI
phpMM.css
DTT
. 1.17. -
48
1. PHP MySQL
)5.-$44
)5.-
)5.-$44
)5.-
$44
)5.-
$44
)5.-
)5.-
)5.-
1)1DITDSJQUT
sayHelloWeb.php1)1
ch01/sayHello.htmlsayHello.html)5.-
)5.-
sayHelloWeb.php
sayHelloWeb.php
+BWB4DSJQU1)1
1. PHP: , ?
49
. 1.19.
)5.-
1)1
PHP:
1)1
1)1
)5.-
1)1
1)1
1)1
1)1
1)1
1)1
-
sayHelloWeb.phpname
sayHello.html
echo $_REQUEST['name'];
$_REQUESTt1)1
t
$_REQUEST
5XJUUFS
63-'BDFCPPL
2. PHP:
51
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 2.1</div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="scripts/getFormInfo.php" method="POST">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" /><br />
<label for="email"> :</label>
<input type="text" name="email" size="50" /><br />
<label for="facebook_url">URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>
, HTML,
.
HTML
HTML
1.
<p> <i>. ,
HTML.
52
1. PHP MySQL
HTML- .
form , ,
: . ,
<i>, , , -
. HTML, CSS.
.
label for.
, ,
, , .
fieldset, : , . , .
HTML , ( HTML) , : (labels),
, , -.
fieldset.
CSS, . - , CSS . HTML, ,
,
5 .
. , , ,
CSS . , CSS
HTML-, . 2.1.
, HTML
CSS . , . ,
, .
socialEntryForm.html
)5.-
DI
$44
tDTT
t
)5.-
sayHelloWeb.php
$_REQUEST
t name
2. PHP:
53
. 2.1. ,
getFormInfo.php
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 2.1</div>
<div id="content">
<p> , :</p>
<p>
: <?php echo $_REQUEST['first_name']; ?><br />
: <?php echo $_REQUEST['last_name']; ?><br />
: <?php echo $_REQUEST['email']; ?><br />
URL- Facebook: <?php echo $_REQUEST['facebook_url']; ?><br />
Twitter: <?php echo $_REQUEST['twitter_handle']; ?><br />
</p>
</div>
<div id="footer"></div>
</body>
</html>
54
1. PHP MySQL
, getFormIn-
getFormIn-
fo.php, - -. , socialEntryForm.html
action, .
first_namelast_name
namesayHelloWeb.
php
$_REQUEST
tgetFormInfo.php
$_REQUEST
1)1
echo $_REQUEST['FORM_INPUT_FIELD_NAME'];
sayHello.php
$name = trim(fgets(STDIN));
2. PHP:
55
1)1
$numberSix = 6;
$thisIsMyName = "Brett";
$carMake = "Honda";
getFormInfo.
phpecho
<?php
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
$facebook_url = $_REQUEST['facebook_url'];
$twitter_handle = $_REQUEST['twitter_handle'];
?>
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<!-- HTML- -->
</body>
</html>
, - , , .
- HTML PHP,
HTML.
, HTML- . (
, . .)
, , PHP HTML, , , getFormInfo.
php, . PHP HTML, , ,
20 30 PHP-, HTML.
56
1. PHP MySQL
)5.-
$_REQUEST1)1
1)1
)5.-
)5.-
)5.-
$first_name
$last_name)5.-getFormInfo.php
echo
$_REQUEST div
"content"
<div id="content">
<p> , :</p>
<p>
: <?php echo $first_name; ?><br />
: <?php echo $last_name; ?><br />
: <?php echo $email; ?><br />
URL- Facebook: <?php echo $facebook_url; ?><br />
Twitter: <?php echo $twitter_handle; ?><br />
</p>
</div>
,
? !
- PHP .
PHP-, :
$x = $_REQUEST['username'];
$y = $_REQUEST['password'];
, , :
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
, . .
, , ,
, , - ? , -
:
echo " , " . $y;
2. PHP:
57
, ,
!
, ,
, , - ,
.
socialEntryForm.html
,
,
, , . PHP- getFormInfo.php
, echo HTML,
.
- ,
. , , . ,
, . ,
,
. , , . (
.)
, , , .
, , ,
PHP-.
:
. , .
, (
58
1. PHP MySQL
), .
getFormInfo.php.
PHP, ,
HTML. ?
, ,
. ,
,
.
$_REQUEST
1)1
PHP
1)1
1)1DBUFSQJMMBS
H6)B!N!
t
2#FSU1)11)1
1)11)1
1)1
1)1
TUSJOH
1)1
t
getFormInfo.php
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
2. PHP:
59
$facebook_url = $_REQUEST['facebook_url'];
$twitter_handle = $_REQUEST['twitter_handle'];
$first_name$last_name
NZ
HJSMNZHJSM
1)1 .
getFormInfo.
php)5.-
: <?php echo $first_name; ?><br />
: <?php echo $last_name; ?><br />
: <?php echo $first_name . $last_name; ?><br />
socialEntryForm.html
. 2.3. , ,
-
60
1. PHP MySQL
1)1
" "1)1
tt$first_name
$last_name
: <?php echo $first_name . " " . $last_name; ?><br />
1)11)1
$facebook_url
<p>
: <?php echo $first_name . " " . $last_name; ?><br />
: <?php echo $email; ?><br />
2. PHP:
61
63-
63-
. 2.5. URL , ,
, HTML
63-GBDFCPPLDPN
63-
GBDFCPPLDPN
SZBOHFZFS
QSPGJMFQIQ JE
$facebook_url facebook.com
63-
http://www.facebook.com
1)1
1)1
facebook.com$facebook_url
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
$facebook_url = $_REQUEST['facebook_url'];
$position = strpos($facebook_url, "facebook.com");
$twitter_handle = $_REQUEST['twitter_handle'];
62
1. PHP MySQL
strpos() TUSJOHQPTJUJPO
TUSJOHQPTJUJPO
QPTJUJPO
QPTJUJPO
$position
facebook.com$facebook_url
$facebook_url $facebook_url GBDFCPPLDPN
$facebook_urlfacebook.com
$position false
strpos() $facebook_url
strpos(), PHP,
: , , ,
false.
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$email = $_REQUEST['email'];
$facebook_url = $_REQUEST['facebook_url'];
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = $_REQUEST['twitter_handle'];
strpos()
$facebook_urlfacebook.com
strpos()
$position
$position1)1
false
if
if
$positionfalse
{ }
{ }
true
$position === false
$facebook_urlhttp://www.facebook.com
'BDFCPPL
$positionfalse
{ }
2. PHP:
63
, PHP, Java, C Perl,
0.
( PHP ) , . , , Thats weird, T 0, 1.
.
, - 63-'BDFCPPL
getFormInfo.php : facebook.com/michael.greenfield.
, ,
URL:
if (strpos($facebook_url,
"facebook.com") > 0) {
$facebook_url =
"http://www.facebook.com/" .
$facebook_url;
}
64
1. PHP MySQL
profile.php?id=100000039185327
63-http://www.facebook.com/profile.php?id=100000039185327
. 2.6. -
. 2.7. URL- ,
2. PHP:
65
5XJUUFS
5XJUUFS
5XJUUFS!
!CENDMBVHIMJOXXXUXJUUFSDPN
!
5XJUUFS
!QIQ(VZ
63-5XJUUFS
IUUQXXXUXJUUFSDPNQIQ(VZ
5XJUUFS
$twitter_url
http://www.twitter.com/
5XJUUFS@
@$twitter_handle
$twitter_url
@ $twitter_handle
@
$twitter_url
5XJUUFS<a>)5.-
63-
5XJUUFS
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";
5XJUUFS
5XJUUFS
$twitter_handle
@
strpos()
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
@ $twitter_handle if
else
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";
66
1. PHP MySQL
@
$twitter_url@
strpos()
1)1
substr() substr()TVCTUSJOH
TVCTUSJOH
substr()
substr("Hello", 2)"llo"
"H"
"e" t
"l"t substr()
"llo"
5XJUUFSsubstr()
@
$position
substr()
$position
$position + 1
?
PHP HTML
PHP HTML, .
, getFormInfo.php:
<a href="<?php echo $facebook_url; ?>">
Facebook
</a><br />
, , :
, . , , PHP- .
2. PHP:
67
, PHP
HTML. , . PHP-
<?php ?>. ( , PHP, ?> , ,
.) , PHP - , ,
, .
, PHP ,
a . ,
PHP- .
PHP , . PHP-,
, :
<a href="<?php echo
'http://www.twitter.com/' .
$twitter_handle; ?>">
Facebook
</a><br />
:
<a href='<?php echo
"http://www.twitter.com/" .
$twitter_handle; ?>'>
Facebook
</a><br />
, -
. , .
-, PHP
, .
$twitter_handle = $_REQUEST['twitter_handle'];
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
, ,
- . -
. .
68
1. PHP MySQL
)5.-
<p>
: <?php echo $first_name . " " . $last_name; ?><br />
: <?php echo $email; ?><br />
<a href="<?php echo $facebook_url; ?>">URL- Facebook</a><br />
<a href="<?php echo $twitter_url; ?>"> Twitter</a><br />
</p>
. 2.8.
1)1
1)1
5XJUUFS
1)1
1)1
1)1
63-
http://www.facebook.
com/ryan.geyer http://www.facebook.com/ryan.geyer
2. PHP:
69
DPNPSH63-
http://www.
facebook.com/profile.php?id=534643138http://www.facebook.org/
profile.php?id=534643138
, com org. , -
_.com, _.org
_.org _.com - -
.
1)1
1)1
1)1
trim()
1)1trim()
1)1*MPWFNZTQBDF
CBS*MPWFNZTQBDFCBS
PHP rtrim(), ,
( ), ltrim(), ( ).
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$facebook_url = trim($_REQUEST['facebook_url']);
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
$_REQUESTtrim()
70
1. PHP MySQL
str_replace()
str_
replace()
facebook.org
"facebook.
org"
facebook.orgfacebook.com
t"facebook.com"
t
( !)
, , PHP
. PHP-:
$facebook_url =
str_replace(
"facebook.org",
"facebook.com",
trim($_REQUEST['facebook_url']));
.
, :
$facebook_url = $_REQUEST['facebook_url'];
$facebook_url = trim($facebook_url);
$facebook_url =
str_replace(
"facebook.org", "facebook.com",
$facebook_url);
, . ,
. ?
. , : - ,
, ? ,
2. PHP:
71
.
, .
, .
, - , . ,
,
.
, - .
. ,
, .
,
( ) .
, ,
. , getFormInfo.php , .
6, 7 10 ,
.
$facebook_url = str_replace("facebook.org", "facebook.com",
trim($_REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
, str_replace() ,
.
1)1
1)1
t63-GBDFCPPLPSH
getFormInfo.php
63-
7JFX4PVSDF
72
1. PHP MySQL
. 2.9.
. 2.10.
2. PHP:
73
$_REQUEST
1)1t
1)1
1)1
PHP
, PHP . XXXQIQOFUNBOVBMFOSFGTUSJOHT
QIQ, , PHP.
. : . PHP XXXQIQOFUNBOVBM , . ,
, PHP
. . (, , ,
PHP , .
.)
74
1. PHP MySQL
, PHP, PHP. ,
, ,
.
. PHP, , .
$file_cabinet
$file_cabinet63-
1)1
<?php
$file_cabinet[0]
$file_cabinet[1]
$file_cabinet[2]
$file_cabinet[3]
$file_cabinet[4]
=
=
=
=
=
"Derek";
"Trucks";
"derek@DerekTrucks.com";
"http://www.facebook.com/DerekTrucks";
"@derekandsusan";
?>
, , -
( PHP) php.
.
2. PHP:
75
, , , PHP
(. .
). .
$le_cabinet $le_cabinet[0], $le_cabinet[1].
<?php
$file_cabinet[0]
$file_cabinet[1]
$file_cabinet[2]
$file_cabinet[3]
$file_cabinet[4]
=
=
=
=
=
"Derek";
"Trucks";
"derek@DerekTrucks.com";
"http://www.facebook.com/DerekTrucks";
"@derekandsusan";
$first_name = $file_cabinet[0];
$last_name = $file_cabinet[1];
$email = $file_cabinet[2];
$facebook_url = $file_cabinet[3];
$twitter_handle = $file_cabinet[4];
echo
echo
echo
echo
?>
t63-'BDFCPPL
1)1
1)1
<?php
$file_cabinet['first_name'] = "Derek";$file_cabinet['last_name'] = "Trucks";
$file_cabinet['email'] = "derek@DerekTrucks.com";
76
1. PHP MySQL
$file_cabinet['facebook_url'] = "http://www.facebook.com/DerekTrucks";
$file_cabinet['twitter_handle'] = "@derekandsusan";
$first_name = $file_cabinet['first_name'];
$last_name = $file_cabinet['last_name'];
$email = $file_cabinet['email'];
$facebook_url = $file_cabinet['facebook_url'];
$twitter_handle = $file_cabinet['twitter_handle'];
echo
echo
echo
echo
?>
$file_cabinet
$_REQUEST
1)1
$_REQUEST
$_REQUEST['first_name']
1)1
$file_cabinet['first_name']$file_cabinet[0]
$_REQUEST
$_REQUEST[0]1)1
$_REQUEST
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 2.2</div>
<div id="content">
2. PHP:
77
<p> , $_REQUEST:</p>
<?php
foreach($_REQUEST as $value) {
echo "<p>" . $value . "</p>";
}
?>
</div>
<div id="footer"></div>
</body>
</html>
foreach
1)1
foreach($_REQUEST as $value) {
foreach1)1
foreacht$_REQUEST
$value
$value
foreach
foreach$value
if
{ }1)1
foreach($_REQUEST as $value) {
echo "<p>" . $value . "</p>";
}
{ }
$_REQUEST
echo "<p>" . $value . "</p>";
$value
)5.-
$value
$_REQUEST
$_REQUEST
$_REQUEST Derek
Trucks
@DerekAndSusan1)1
echo "<p>" . "Derek" . "</p>";
echo "<p>" . "Trucks" . "</p>";
echo "<p>" . "@DerekAndSusan" . "</p>";
78
1. PHP MySQL
showRequestInfo.php
socialEntryForm.php
<form action="scripts/showRequestInfo.php" method="POST">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" /><br />
<label for="email"> :</label>
<input type="text" name="email" size="50" /><br />
<label for="facebook_url">URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value=" " />
<input type="reset" value=" " />
</fieldset>
</form>
socialEntryForm.html - -,
socialEntryForm-2.html enterInformation.html.
: , showRequestInfo.php, ,
getFormInfo.php.
showRequestInfo.php
first_name
last_name
email
1)1
1)1
$value = $file_cabinet[$key];
$key $key first_name
$value = $file_cabinet['first_name'];
2. PHP:
79
. 2.12. -:
showRequestInfo.php
$_REQUEST
1)1foreach
<div id="content">
<p> , $_REQUEST:</p>
<?php
foreach($_REQUEST as $key => $value) {
echo "<p> " . $key . ", '" . $value . "'.</p>";
}
?>
</div>
foreach$key
$value=>1)1
$key
$value
1)1
__utmz
__utma__utmcfirst_name
last_name
80
1. PHP MySQL
. 2.13. PHP
, $_REQUEST: __utmz
__utmc, - -. HTTP-
, . .
?
socialEntryForm.html
getFormInfo.php
1)1
1)1
1)1
1)1
1)1
1)1
2. PHP:
81
t
, - . -
. ,
- .
MySQL SQL:
1)1
t
t
1)1
?
t
1)1
1)1
@3&26&45
1)1
3. MySQL SQL:
83
,
. : -
, , , . : ,
, .
- , .
, , .
, , , , .
. ,
-
(
).
, ,
-.
. , , .
,
. , , .
84
1. PHP MySQL
t
1)1
PHP , 4.
.BD0494QPUMJHIU
2VJDL4JMWFS IUUQRVJDLTJMWFSFOTPGUPOJDDPNNBD
4QPUMJHIU.BD049
4QPUMJHIU.BD049
.BD049
.BD049
049
049
9
9
4QPUMJHIU
8JOEPXT%FTLUPQ4FBSDI(PPHMF XXXHPPHMF
DPNRVJDLTFBSDICPY
(PPHMF%FTLUPQ4FBSDI8JOEPXT
.BDJOUPTI
(PPHMF%PDVNFOUT(NBJM
3. MySQL SQL:
85
. 3.1. Spotlight
86
1. PHP MySQL
4QPUMJHIU(PPHMF4FBSDI
(PPHMF4FBSDI
(PPHMF4FBSDI
4FBSDI
4FBSDI
()
.Z42-
tSFMBUJPO
1)1
MySQL
.Z42-
3. MySQL SQL:
87
, .
, Oracle.
, , MySQL:
, , MySQL.
. , ,
MySQL, . ,
, Oracle ( IBM, PostgreSQL
- ), PHP
, MySQL, .
- , , :
. RDBMS (Relational
Database Management Systems, ),
RDBMS-.
. RDBMS, ,
.
.
- (Object-Oriented
Database Management Systems, OODBMS). OODBMS 70-
, 10 .
RDBMS , . ,
,
. , RDBMS,
, PHP-
. , , ,
$_REQUEST['first_name'] Users, first_name. ,
.
OODBMS , .
User ,
$_REQUEST['first_name']. ,
, OODBMS User .
, , ,
, .
, OODBMS
, RDBMS, OODBMS
. RDBMS, MySQL,
-, OODBMS,
.
88
1. PHP MySQL
MySQL Windows
.Z42-8JOEPXT
8JOEPXT
. 3.3.
Macintosh, .
8JOEPXT1SPGFTTJPOBM
8JOEPXT1SPGFTTJPOBM
1SPGFTTJPOBM
1SPGFTTJPOBM
8JOEPXT
.Z42-
NZTRMDPN
.Z42-
3. MySQL SQL:
89
.Z42-
.Z42-
NZTRMDPN
. 3.4. , MySQL
%PXOMPBET ("
.Z42-
t.Z42-$PNNVOJUZ4FSWFS
%PXOMPBE
8JOEPXT
.4**OTUBMMFS
;JQ
BSDIJWF
.4*
CJUCJU
.Z42-
.Z42-
.Z42-
90
1. PHP MySQL
. 3.5. MySQL
. 3.6. MySQL
mysql-5.5.13-win32.exe
5ZQJDBM
3. MySQL SQL:
91
.Z42-4FSWFS*OTUBODF$POGJHVSBUJPO
8J[BSE.Z42-
.Z42-
.Z42-
.Z42-
4UBOEBSE$POGJHVSBUJPO
.Z42-
8JOEPXT
8JOEPXT.Z42-
-BVODIUIF.Z42-4FSWFSBVUPNBUJDBMMZ
.Z42-
.Z42-
.Z42-CJO
8JOEPXT *ODMVEF#JO%JSFDUPSZJO8JOEPXT1"5)
.Z42-
.Z42-
.Z42-
CJO.Z42-
PATH
. 3.7.
3PPU1BTTXPSE
XXXBNB[PODPNXXX[BQQPTDPN
92
1. PHP MySQL
. 3.8. MySQL
.Z42-
myqsl_root
.Z42-&YFDVUF
, , ,
, . -
, ,
, , -
, .
.Z42-
.Z42-
.Z42-$PNNBOE-JOF$MJFOU
.Z42-$PNNBOE-JOF$MJFOU
mysql
.Z42-CJO8JOEPXT PATH
.Z42-
.Z42-$PNNBOE-JOF$MJFOU
.Z42-.Z42-
1)1
3. MySQL SQL:
93
94
1. PHP MySQL
.Z42-
MySQL Mac OS X
.Z42-.BD0498JOEPXT
.Z42-.BD0498JOEPXT
.BD0498JOEPXT
.BD0498JOEPXT
0498JOEPXT
0498JOEPXT
98JOEPXT
98JOEPXT
8JOEPXT
8JOEPXT
XXXNZTRMDPN%PXOMPBET ("
.Z42-$PNNVOJUZ4FSWFS
.BD049
%.(.Z42-
"CPVU5IJT.BD .BD
.PSF*OGP
1SPDFTTPS/BNF
. 3.11.
95
3. MySQL SQL:
.BDJOUPTI
.BDJOUPTI
3.1. Macintosh
32
32
64
64
64
64
Core i3
64
Core i5
64
Core i7
64
Apple Macintosh.
. 3.1, - http://support.apple.com/kb/HT3696.
.
%.(
%.(
%.(
.Z42-
.Z42-
ReadMe.txt
96
1. PHP MySQL
mysql5.5.13-osx10.6-x86_64.pkg
, , , ,
. Macintosh, ,
. ,
, PHP MySQL.
.Z42-
.BDJOUPTI
.BDJOUPTI
%.(
%.(
. 3.13. MySQL
1SFGFSFODFT1BOF
1SFGFSFODFT1BOF
1BOF
1BOF
t
3. MySQL SQL:
97
.Z42- "VUPNBUJDBMMZ4UBSU.Z42-
4FSWFSPO4UBSUVQ
.Z42-
.BDJOUPTI
"QQMJDBUJPOT
6UJMJUJFT5FSNJOBM
5FSNJOBM
5FSNJOBM
$ /usr/local/mysql/bin/mysql
.Z42-
.Z42-
tmysql
.Z42-
.BDJOUPTI
.Z42-1)1
.Z42-1)1
1)1
1)1
.Z42-
98
1. PHP MySQL
, MySQL
, MySQL Macintosh , Preferences Pane,
mysql Terminal. , .
Terminal
PATH. ( ,
PHP), , ,
. mysql, PATH /usr/local/mysql/bin, ,
mysql . !
, PATH ?
PATH, , . Terminal :
$ defaults write com.apple.finder AppleShowAllFiles TRUE
$ killall Finder
Finder,
Macintosh, , , . Finder,
. Finder .
(. 3.16).
, , .
3. MySQL SQL:
99
, . ,
, ,
. , git, , .gitconfig,
DropBox, ,
.dropbox .
. 3.16.
, .
.profile,
.
MYSQL_HOME, , MySQL. , MySQL, , , $facebook_url PHP-
100
1. PHP MySQL
(. str_replace() 2).
PATH , CJO,
.:42-@)0.&. export Mac OS X
PATH .
. ,
, (.), ,
. ( , Finder.)
,
.profile. , .
Terminal mysql. MySQL.
, , Finder
:
$ defaults write com.apple.finder AppleShowAllFiles TRUE
$ killall Finder
,
.
.Z42-
SQL-
.Z42-.BD049
1SFGFSFODFT1BOF
8JOEPXT
.Z42-
-, MySQL, , ,
.
.Z42-
show databases;
,
. MySQL PHP.
3. MySQL SQL:
101
. 3.17. MySQL
.Z42-
.Z42-
mysql> show databases;
+--------------------+
| Database
|
+--------------------+
| information_schema |
| development
|
| eiat_testbed
|
| mysql
|
| nagios
|
| ops_dashboard
|
| performance_schema |
| test
|
+--------------------+
8 rows in set (0.25 sec)
.Z42-
.Z42-
show
tdatabases.Z42-
102
1. PHP MySQL
.Z42-
show databases;
.Z42-
.Z42-
mysql
.Z42-
.Z42-
use
use mysql;
mysql
.Z42-mysql
.Z42-
.Z42-
show tables;
mysql> show tables;
+---------------------------+
| Tables_in_mysql
|
+---------------------------+
| columns_priv
|
| db
|
| event
|
| func
|
| general_log
|
| help_category
|
| help_keyword
|
| help_relation
|
| help_topic
|
| host
|
| ndb_binlog_index
|
| plugin
|
| proc
|
| procs_priv
|
| proxies_priv
|
| servers
|
| slow_log
|
| tables_priv
|
| time_zone
|
| time_zone_leap_second
|
| time_zone_name
|
| time_zone_transition
|
| time_zone_transition_type |
| user
|
+---------------------------+
24 rows in set (0.00 sec)
.Z42-
3. MySQL SQL:
103
mysql
user
.Z42-
mysql> select * from user;
select
*
from.Z42-
user
.Z42-1)1
. 3.18. select
104
1. PHP MySQL
.Z42-
.Z42-
.Z42-1)1
.Z42-1)1
1)1
1)1
.Z42- user
*
mysql> select Host, User, Password from user;
mysql> select Host, User, Password from user;
+------------------------+-------+------------------------------------------+
| Host
| User | Password
|
+------------------------+-------+------------------------------------------+
| localhost
| root | *62425DC34224DAABF6995B46CDCC63D92B03D7E9
|
+------------------------+-------+------------------------------------------+
1 row in set (0.00 sec)
. PHP-
, MySQL .
MySQL .
.Z42-
.Z42-
3. MySQL SQL:
105
SQL
.Z42-
t42-
4USVDUVSFE2VFSZ-BOHVBHF
42-
mysql> select * from user;
...
mysql> select Host, User, Password from user;
...
42-
42-
42-
42-
42-
42-
42-
42-
42-
mysql> select
from
where
and
User, Password
users
first_name = 'Dirk'
country = 'Germany';
where
users User Password
first_name
Dirk
country
t
Germany
MySQL ?
, PHP,
-.
, jino.ru,
, ,
, ,
-. - .
( ),
PHP MySQL ? ,
PHP-, , PHP (
MySQL) . telnet ssh,
, - .
106
1. PHP MySQL
,
.
-, , .
, -
, MacBook
Pro. , PHP MySQL,
,
.
-, , ,
- ( ).
, , .
, .
, ,
,
. ,
.
, -, ,
. ,
, . - , , ,
Windows, MySQL ,
Mac OS X, .
,
.
, , , -. , ,
-. ,
.
SQL ,
. - , - --,
. (
), , .
42-
1)1
3. MySQL SQL:
107
-
.Z42-
.Z42-
UFMOFUTTI
.Z42-tmysql
1)1
.Z42-
mysql
bmclaugh@akila:~$ mysql
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/
mysql.sock' (2)
.Z42-
.Z42-
IUUQNZTRMLBUUBSFDPN
.Z42-
mysql ,
mysql hostname=localhost. MySQL
localhost, , .
MySQL, . ,
mysql .
.Z42-
.Z42-
mysql
--hostname=
mysql.Z42-
108
1. PHP MySQL
--user=mysql
MySQL, ,
admin root. ,
telnet ssh. ,
, ,
-. :
, , -.
bmclaugh@akila:~$ mysql --host=dc2-mysql-02.kattare.com
--user=bmclaugh --password
Enter password:
--password.Z42-
--password=__
.Z42-
.Z42-
42-
. 3.19. MySQL
3. MySQL SQL:
109
USE
.Z42-
.Z42-
42-
myqsl> show databases;
myqsl> show databases;
+----------+
| Database |
+----------+
| bmclaugh |
+----------+
1 row in set (0.09 sec)
mysql
user
MKVCFS
ljuber
db-ljuber
.Z42-
.Z42-
mysql> use bmclaugh;
Database changed
MySQL
. ,
MySQL- use [___].
.Z42-42-
mysql> SELECT * FROM user;
...
mysql> SELECT Host, User, Password FROM user;
...
110
mysql> SELECT
FROM
WHERE
AND
1. PHP MySQL
User, Password
users
first_name = 'Dirk'
country = 'Germany';
MySQL, SELECT
WHERE, , -
.
.
CREATE
mysql USE
SELECT
users
SELECT
42-tCREATE
.Z42-
CREATE TABLE users (
&OUFS
mysql> CREATE TABLE users (
->
.Z42-
.Z42-
.Z42-
42-
&OUFS
.Z42-
3. MySQL SQL:
111
->
.Z42-
mysql>
->
->
->
->
->
->
->
&OUFS
mysql> CREATE TABLE users (
-> user_id int,
-> first_name varchar(20),
-> last_name varchar(30),
-> email varchar(50),
-> facebook_url varchar(100),
-> twitter_handle varchar(20)
-> );
Query OK, 0 rows affected (0.18 sec)
CREATE
CREATE.Z42-
TABLE.Z42-
users
(.Z42-
user_id
int
varchar(20)
)
.Z42-
t int
JOUFHFS
int
112
1. PHP MySQL
varchar
varchar WBSJBCMFDIBSBDUFS
varchar(20)
.Z42-
.Z42-
int user_id
tvarchar
CREATE
SHOW
mysql> SHOW tables;
+------------------------------------+
| Tables_in_bmclaugh
|
+------------------------------------+
| users
|
+------------------------------------+
1 row in set (0.06 sec)
?
PHP MySQL . ,
, MySQL
. MySQL
:
mysql> use
ERROR:
USE must be followed by a database name
mysql>
. , , &OUFS:
mysql> SELECT *,
-> FROM
->
->
SELECT * . MySQL
&OUFS
->.
, MySQL SQL.
, ,
.
3. MySQL SQL:
113
, (;),
&OUFS. , , MySQL .
, , .
.
DESCRIBE
users
mysql> DESCRIBE users;
+----------------+--------------+------+-----+---------+-------+
| Field
| Type
| Null | Key | Default | Extra |
+----------------+--------------+------+-----+---------+-------+
| user_id
| int(11)
| YES |
| NULL
|
|
| first_name
| varchar(20) | YES |
| NULL
|
|
| last_name
| varchar(30) | YES |
| NULL
|
|
| email
| varchar(50) | YES |
| NULL
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+-------+
6 rows in set (0.04 sec)
,
, ,
varchar. ,
10 20 varchar(100), .
.
, . , .
, .
114
1. PHP MySQL
, , , URL- Facebook.
15 ( !). , XXXGBDFCPPLDPN 20
.
.
. , ,
-
,
varchar .
, , , .
, .
varchar , ,
. ,
.
DROP
.Z42-42-
.Z42-42-
42-
42-
EFMFUF
DROP
users
CREATE
users42-
mysql> DROP TABLE users;
Query OK, 0 rows affected (0.10 sec)
mysql> SHOW tables;
+------------------------------------+
| Tables_in_bmclaugh
|
+------------------------------------+
0 rows in set (0.06 sec)
SELECT
.Z42-
.Z42-
CREATEusers
3. MySQL SQL:
115
. , -
. -
.
INSERT
users
INSERT
mysql> INSERT INTO users
-> VALUES (1, "Mike", "Greenfield", "mike@greenfieldguitars.com",
-> "http://www.facebook.com/profile.php?id=699186223",
-> "@greenfieldguitars");
Query OK, 1 row affected (0.00 sec)
42-
users
DESCRIBE
mysql> DESCRIBE users;
+----------------+--------------+------+-----+---------+-------+
| Field
| Type
| Null | Key | Default | Extra |
+----------------+--------------+------+-----+---------+-------+
| user_id
| int(11)
| YES |
| NULL
|
|
| first_name
| varchar(20) | YES |
| NULL
|
|
| last_name
| varchar(30) | YES |
| NULL
|
|
| email
| varchar(50) | YES |
| NULL
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+-------+
6 rows in set (0.29 sec)
INSERT
INSERT1)1
116
1. PHP MySQL
SELECT
SELECT
SELECT * FROM user
DROP
CREATEINSERT
mysql> SELECT * FROM users;
+---------+------------+------------+----------------------------+-------------------------------------------------+-------------------+
| user_Id | first_name | last_name | email
|
facebook_url
| twitter_handle
|
+---------+------------+------------+----------------------------+-------------------------------------------------+-------------------+
|
1 | Mike
| Greenfield | mike@greenfieldguitars.com |
http://www.facebook.com/profile.php?id=699186223 | @greenfieldguitars
|
+---------+------------+------------+----------------------------+-------------------------------------------------+-------------------+
1 row in set (0.00 sec)
42-.Z42-
mysql> SELECT first_name, last_name, twitter_handle FROM users;
+------------+------------+--------------------+
| first_name | last_name | twitter_handle
|
+------------+------------+--------------------+
| Mike
| Greenfield | @greenfieldguitars |
+------------+------------+--------------------+
1 row in set (0.00 sec)
.Z42-
.Z42-
1)1
1)1
SELECT
WHERE
3. MySQL SQL:
117
WHERE
42-
SQL MySQL?
, SQL MySQL.
, SQL MySQL. , ,
SQL
MySQL.
SQL . MySQL , PostgreSQL Oracle.
, SQL
. , SQL ,
. , SQL
, .
MySQL .
,
SQL. ,
SQL,
SQL. MySQL
SQL (
).
SQL MySQL, . , PHP
MySQL, SQL.
, SQL- ,
SQL. SQL , MySQL. , PostgreSQL
Oracle, .
118
1. PHP MySQL
, ,
SQL .
SQL.
. (
, .)
.
, SQL, . .
SQL, MySQL ,
, SQL.
1)1.Z42
PHP
MySQL
PHP-,
.Z42-
USE.Z42-
42-
4. PHP MySQL
121
t.Z42-
t
MySQL
1)1
1)1
.Z42-
bmclaugh@akila:~$ mysql --host=dc2-mysql-02.kattare.com
--user=bmclaugh --password
1)1
connect.php
USE
42-
<?php
mysql_connect("___",
"__", "_")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
?>
, PHP
, - , , localhost,
.
mysql_connect
mysql
122
2. -
.._, -_ -
.
die EJF
die
die
die
die
mysql_connect
mysql_connect
1)1
1)1.Z42-
mysql_connect
mysql_connectfalse
<?php
// ,
if (____mysql_(".._",
"-_", "-")
_______();
else
_____die
?>
1)1
<?php
mysql_connect(".._",
"-_", "-")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
?>
mysql_connect
true
or
tdie die
mysql_connectfalse
die
4. PHP MySQL
123
.Z42-
die
mysql_connect
tmysql_error
mysql_error die
mysql_connect
1)1die
echo "<p> MySQL!</p>";
)5.-
connect.html
)5.-
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 4.1</div>
<div id="content">
<h1> SQL</h1>
<form action="scripts/connect.php" method="POST">
<fieldset class="center">
<input type="submit" value=" MySQL" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>
124
2. -
connect.php
.Z42-
connect.html
$44
$44
. 4.1. MySQL
. 4.2. MySQL
4. PHP MySQL
125
1)1
.Z42-
1)1
mysql_
false
nullnil
.Z42-
.Z42-
1)1mysql_select_db
mysql_ . -
: www.php.net/manual/ru/ref.mysql.php. -
, ,
.
-
, die PHP-,
. PHP
, :
mysql_connect("___",
"_", "");
, , ,
die.
: die - ,
,
, ,
. ,
die , , ,
:
Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
, , , , die.
, - .
126
2. -
,
-, ,
CSS-
. die.
PHP , , . ,
die , . , -
, , .
, die ( ) ,
.
,
.
die. ,
, , 7. die
.
mysql_select_db
USE
false
connect.php
<?php
mysql_connect("___",
"__", "_")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db("___")
or die("<p> bmclaugh: " .
mysql_error() . "</p>");
echo "<p> MySQL bmclaugh.</p>";
?>
die
4. PHP MySQL
127
DPOOFDUIUNM
USE
42-
. 4.3. MySQL,
SHOW
.Z42-
)5.-
)5.-
connect.php
<?php
//
$result = mysql_query("SHOW TABLES;");
?>
1)1.Z42-
mysql_query
42-
42-
42-
42-
SHOW TABLES;
42-
128
2. -
die
mysql_query
$result
SHOW TABLES
$resultfalse
mysql_false
false
<?php
//
$result = mysql_query("SHOW TABLES;");
if ($result === false) {
die("<p> : " . mysql_error() . "</p>");
}
?>
1)1
===1)1
false1)1
!
$some-variablefalse
if (!$some-variable)!
$some-variablefalse
!OPU
JGOPUSFTVMU
UIFOEJF
$result true
<?php
//
$result = mysql_query("SHOW TABLES;");
if (!$result) {
die("<p> : " . mysql_error() . "</p>");
}
?>
1)1
4. PHP MySQL
129
PHP . , ,
, ? , ... , ,
? ,
,
.
.
, , .
. PHP-,
PHP, .
?>
connect.html
. 4.4.
SQL-
t
$result
130
2. -
$result
1)1
1)1
1)1
1)1
mysql_query42- SHOW TABLES
1)1.Z42-
42-
$result
mysql_query
mysql_query
$result
63-'BDFCPPL
CREATE TABLE
1)1
1)1
1)1
.Z42-
$result
.Z42-tmysql_fetch_row
mysql_query
42-
42-
mysql_query1)1
mysql_fetch_row
, .
4. PHP MySQL
131
1)1
mysql_query
mysql_fetch_row $result
while
while
true
$row
42-
mysql_fetch_row($result)
mysql_fetch_row
$row while
ul
<?php
//
$result = mysql_query("SHOW TABLES;");
if (!$result) {
die("<p> :" . mysql_error() . "</p>");
}
echo "<p>, :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>: {$row[0]}</li>";
}
echo "</ul>";
?>
132
2. -
$row mysql_fetch_row
@3&26&45
3&26&45
42-SHOW
TABLES
$row[0]
$row[1]
$row[2]
$row[10]
$row
0
echo
echo
while ($row = mysql_fetch_row($result)) {
echo "<li>: " . $row[0] . "</li>";
}
, (. -
PHP 2).
1)1
1)1
{ }
1)1
"$row[0]"
connect.php
connect.html
connect.php
SHOW TABLES.
, ,
20, 30 100 . -
20, 30 100 . -
, PHP-
MySQL.
4. PHP MySQL
133
. 4.5. connect.php
connect.php
.Z42-
<?php
mysql_connect("___",
"__", "_")
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db("___")
or die("<p> bmclaugh: " .
mysql_error() . "</p>");
echo "<p> MySQL bmclaugh.</p>";
// ...
?>
134
2. -
1)1
1)1
<?php
mysql_connect($database_host, $username, $password)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db($database_name)
or die("<p> bmclaugh: " .
mysql_error() . "</p>");
echo "<p> MySQL bmclaugh. </p>";
// ...
?>
4. PHP MySQL
135
<?php
$database_host = ".._";
$username = "-_";
$password = "-";
$database_name = "---";
//
?>
connect.php
1)1
app_config.php
<?php
//
$database_host = ".._";
$username = "-_";
$password = "-";
$database_name = "---";
?>
app_cong.php , ,
. , , app_cong.php
scripts/. ,
ch04/scripts/, , ../../scripts/app_cong.php
[__]/scripts/app_cong.php. ,
PHP-, .
136
2. -
1)1
app_config.php
1)1
1)1
connect.php
connect.php connect.html
. 4.6.
1)1../../scripts/app_config.php
mysql_connect
require
1)1
, require ,
app_cong.php. ,
require.
4. PHP MySQL
137
Require Include?
PHP require include.
, require, PHP . , , include
PHP ,
. , require
, include .
. ,
? , , .
, , (require) .
require, include. - , . , , ,
, .
,
1)1connect.php
mysql_connect($database_host, $username, $password)
or die("<p> : " . mysql_error() . "</p>");
//
$password = "hijinks";
app_config.php
mysql_
connect $password
"hijinks"
app_config.php
defineapp_config.php
<?php
//
define("DATABASE_HOST", "___");
138
2. -
define("DATABASE_USERNAME", "__");
define("DATABASE_PASSWORD", "_");
define("DATABASE_NAME", "___");
?>
1)1
DATABASE_HOST
1)1
"___"
1)1
1)1
$
connect.php
<?php
require '../../scripts/app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db(DATABASE_NAME)
or die("<p> " . DATABASE_NAME .
mysql_error() . "</p>");
echo "<p> MySQL " . DATABASE_NAME .
"</p>";
// , SQL-...
?>
. PHP
, (
$).
(.),
PHP 2.
connect.php
connect.php
4. PHP MySQL
139
app_cong.php ,
.
, PHP-,
-. , ,
.
, ,
, app_config.php
connect.php.
connect.php,
?
?
, . . 10, 20, 50 , .
,
. .
.
. , ( ),
.
{ } ,
$row[0], die, HTML, ,
.
. , . - , . ,
, , , .
, ,
.
.
? :
, !
, ,
, -
.
140
2. -
,
: , , . , , - .
- . ,
. ,
, .
.
, .
, , ,
, .
SQL-
42-
.Z42-
t1)1
.Z42-
t1)1
t1)1
t1)1
t1)1
1)1
)5.-
42-
.Z42-
1)1
mysql_query
HTML-
mysql_query
)5.-
)5.-
queryRunner.html
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
4. PHP MySQL
141
. 4.7. queryRunner.html
142
2. -
( )
.Z42-
run_query.php
<?php
require '../../scripts/app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db(DATABASE_NAME)
or die("<p> " . DATABASE_NAME .
mysql_error() . "</p>");
echo "<p> MySQL " .
DATABASE_NAME . "</p>";
?>
.Z42-
app_config.php
require
database_connection.php
app_config.php
<?php
require 'app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
echo "<p> MySQL!</p>";
mysql_select_db(DATABASE_NAME)
or die("<p> " .
DATABASE_NAME . mysql_error() . "</p>");
?>
4. PHP MySQL
143
, app_cong.php ,
. database_connection.php , app_cong.php,
.
run_query.php
<?php
require '../../scripts/database_connection.php';
?>
app_config.php database_
connection.php database_connection.php
app_config.php
queryRunner.
html
require
. 4.8. require
SQL- ( )
1)1
42- $_REQUEST
@3&26&45
144
2. -
mysql_query
<?php
require '../../scripts/database_connection.php';
$query_text = $_REQUEST['query'];
$result = mysql_query($query_text);
if (!$result) {
die("<p> SQL-" . $query_text . ": " .
mysql_error() . "</p>");
}
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
?>
)5.-
mysql_queryt
1)1t $resultt if
mysql_fetch_row
mysql_query?
, , MySQL,
,
( ),
mysql_query. ,
require?
: , mysql_query,
. , connect.php (. MySQL PHP-,
) SHOW TABLES,
queryRunner.html.
, mysql_query ,
, , , - .
4. PHP MySQL
145
mysql_query
SQL-.
,
mysql_query. , mysql_query
,
mysql_query .
- .
,
( 8), . ? -
. ,
mysql_query,
- .
, ,
, . .
? ? !
, , , .
,
.
:
, .
,
-
urls
42-
CREATE TABLE urls (id int, url varchar(100), description varchar(100));
CREATE TABLE urls (
id int,
url varchar(100),
description varchar(100)
)
42-
146
2. -
42-
. 4.9. SQL-
. 4.10. -
4. PHP MySQL
147
CREATE
. 4.11.
CREATE TABLE
.Z42-
urls
mysql> describe urls;
+-------------+--------------+------+-----+---------+-------+
| Field
| Type
| Null | Key | Default | Extra |
+-------------+--------------+------+-----+---------+-------+
| id
| int(11)
| YES |
| NULL
|
|
| url
| varchar(100) | YES |
| NULL
|
|
| description | varchar(100) | YES |
| NULL
|
|
+-------------+--------------+------+-----+---------+-------+
3 rows in set (0.00 sec)
<?php
require '../../scripts/database_connection.php';
$query_text = $_REQUEST['query'];
$result = mysql_query($query_text);
if (!$result) {
die("<p> SQL- " . $query_text . ": " .
mysql_error() . "</p>");
}
?>
148
2. -
,
SELECT
mysql_query
CREATE
.Z42-
urls mysql_query
CREATE
false
true
$resulttrue
mysql_query42-
42-
CREATE
INSERT
UPDATE
DELETE
DROP
true
false
42-
)5.-
mysql_query
false
42-
4. PHP MySQL
149
if $location false
(= = =).
if
if
$location = strpos($query_text, "SEARCH_STRING");
if ($location === false) {
// SEARCH_STRING
}
150
2. -
, . . -
PHP- .
, .
42-
$return_rows false
true
if
$returns_rowstrue
false
$returns_rows
<?php
// require
//
//
// ,
if ($return_rows) {
//
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
4. PHP MySQL
151
// . ,
// .
if ($result) {
echo "<p> :</p>"
echo "<p>{$query_text}</p>";
}
?>
if($return_rows)
SELECT
elseif
if
if($result)
$result false
$result true
if ($return_rows) {
//
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
// . ,
// .
echo "<p> :</p>"
echo "<p>{$query_text}</p>";
}
42-
DROP TABLE urls;
152
2. -
. 4.12.
run_query.php
DROP TABLE urls;
$location = strpos($query_text, "DROP");
if ($location === false) {
// true, ,
// .
}
DROP
ESPQ
strpos
E%
%301
ESPQE3P1
4. PHP MySQL
153
, .
, -
. ,
iPhone .
DROPINSERT
// . , .
echo "<p> :</p>"
echo "<p>{$query_text}</p>";
, ,
CREATE DROP TABLE
urls;. , DROP,
CREATE.
154
2. -
$query_text
$query_text
SELECT *
FROM users
WHERE last_name = "MacLachlan";
SELECT *
FROM USERS
WHERE LAST_NAME = "MACLACHLAN";
SELECT
42-
.BD-BDIMBO
.BD-BDIMBO
.BD-BDIMBO
."$-"$)-"/
mysql_query$query_text
4. PHP MySQL
155
$return_rows = false;
$uppercase_query_text = strtoupper($query_text);
$location = strpos($uppercase_query_text, "CREATE");
$return_rows = false;
$uppercase_query_text = strtoupper($query_text);
$location = strpos($uppercase_query_text, "CREATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "INSERT");
if ($location === false) {
$location = strpos($uppercase_query_text, "UPDATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DELETE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DROP");
if ($location === false) {
// ,
// , CREATE, INSERT, UPDATE,
// DELETE DROP. .
$return_rows = true;
}
}
}
}
}
42-
1)1
, , run_query.php,
. , -
:
SELECT
FROM
WHERE
OR
*
registrar_activities
name = 'Update GPA'
name = 'Drop a class'
156
2. -
SELECT, , run_query.php
SQL , .
.
, update drop, , , ,
. - !
SQL.
CREATE, INSERT . , , .
if PHP or ():
if ($location = = = false ||
$location > 0) {
PHP . ,
: ($location = = = false)
( 0),
. , if,
. , ,
.
! ,
. , -
SQL:
CREATE TABLE urls (
id int,
url varch*ar(100),
description varchar(100)
);
: ( SELECT),
. : .
, : trim. ,
, :
$uppercase_query_text =
trim(strtoupper($query_text));
, , ,
, .
,
. -
. ,
,
-.
run_query.php
if
CREATE
UPDATE
INSERT
SELECT
strpos
run_query.php
158
2. -
if
$query_text
t
, ,
.
, .
, , , -
, .
,
strpos
strpos
UPDATEDROP
"abcdefghijklmnopqrstuvwxyz"
"abc"
"<a"
"a" "m" "a"
"a"
1)1
1)1
preg_match QSFH1)1SFHVMBS FYQSFTTJPOT
<?php
$string_to_search = "Martin OMC-28LJ";
$regex = "/OM/";
$num_matches = preg_match($regex, $string_to_search);
5.
159
if ($num_matches > 0) {
echo " !";
} else {
echo " . .";
}
?>
preg_match , ,
. ,
, preg_match
, , , .
regex.php
--(08:25 $)-> php regex.php
!
t
"
'
FTDBQF
1)1
1)1
"/OM/"
OM
"/OM/" OM
PN
0N0I.
O
M
preg_match
preg_match
t
preg_match_allpreg_match("/Mr/", "Mr. Mranity")
preg_match_all("/Mr/", "Mr. Mranity")
160
2. -
, preg_match preg_match_all,
, .
, www.php.net/manual/en/function.preg-match.php.
...
strpos
|
?
(My name is Bob) (I am a carpenter) . , .
.
? Im going to the bank. , Im going to the bank. PHP
, Im
I, m going to the bank - .
, , ,
:
, .
- , - -
. (\) .
Im going to the bank.
I\m going to the bank. \ PHP , , .
? ,
, MS-DOS 286 ?
\del C:\*.*\ Enter! ,
, PHP
, , : \*.
PHP , ,
.
.
5.
161
escape- , ,
: .
\del C:\\*.*\ Enter!
() (\), PHP
,
. , : (\n), (\t)
{$variable} $variable.
, .
, .
. :
?
: 99 % .
, escape-
,
. , ,
.
/(Mr|Dr)\. Smith/
\
\.
/Mr. Smith/.S4NJUI
%S4NJUI
/(Mr|Dr). Smith/.S4NJUI
%S4NJUI
//
echo " : " . preg_match("/(Mr|Dr). Smith/", "Mr. Smith");
//
echo " : " . preg_match("/(Mr|Dr). Smith/", "Dr. Smith");
162
2. -
run_query.php
<?php
require '../../scripts/database_connection.php';
$query_text = $_REQUEST['query'];
$result = mysql_query($query_text);
if (!$result) {
die("<p> SQL-: " . $query_text . ": " .
mysql_error() . "</p>");
}
$return_rows = false;
$uppercase_query_text = strtoupper($query_text);
$location = strpos($uppercase_query_text, "CREATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "INSERT");
if ($location === false) {
$location = strpos($uppercase_query_text, "UPDATE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DELETE");
if ($location === false) {
$location = strpos($uppercase_query_text, "DROP");
if ($location === false) {
// ,
// CREATE, INSERT, UPDATE, DELETE DROP.
// .
$return_rows = true;
}
}
}
}
}
?>
if ($return_rows) {
//
echo "<p> :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
// . ,
// .
echo "<p> :</p>";
echo "<p>{$query_text}</p>";
}
5.
163
if
<?php
// require
$return_rows = true;
if (preg_match("/(CREATE|INSERT|UPDATE|DELETE|DROP)/",
strtoupper($query_text))) {
$return_rows = false;
}
if ($return_rows) {
//
}
?>
, , -
.
run_query.php 4,
5.
if
$return_rowsfalse
true
$return_rowstrue
ifpreg_match
preg_match_all
42-
CREATE
INSERT
UPDATE
DELETE
DROP
$query_
text
$query_text
strtoupper
preg_match
1)1
false
preg_match
1)1 true
164
2. -
preg_matchif
if
if$return_rowsfalse
.
, .
, -
.
run_query.
php
if (preg_match("/(CREATE|INSERT|UPDATE|DELETE|DROP)/",
trim(strtoupper($query_text)))) {
$return_rows = false;
}
SELECT
FROM
WHERE
OR
*
registrar_activities
name = 'Update GPA'
name = 'Drop a class'
UPDATE DROP SELECT
UPDATE DROP
if
1)1
1)1
^
5.
165
//
echo " : " . preg_match("/^(Mr|Dr). Smith/",
"Dr. Smith") . "\n";
//
echo " : " . preg_match("/^(Mr|Dr). Smith/",
" Dr. Smith") . "\n";
$
//
echo " : " . preg_match("/^(Mr|Dr). Smith$/",
,
"Dr. Smith ") . "\n";
//
echo " : " . preg_match("/^(Mr|Dr). Smith$/",
"Dr. Smith") . "\n";
^ $ (/).
, , /^(Mr|Dr). Smith/$, PHP $,
. ,
, , .
$
%S4NJUI
^(Mr|Dr)
Smith$
^
$t
1)1 == ===
or
|
166
2. -
trim strtoupper
$query_text
CREATE
INSERT
J
//
echo " : " . preg_match("/^(MR|DR). sMiTH$/i",
,
"Dr. Smith") . "\n";
strtoupper
J
J
DROP
$query_text
trim $query_string
(CREATE|INSERT|UPDATE|DELETE|DROP)
5.
167
t
t
t
CREATE
UPDATE
t
. 5.1. ,
/^ Mr. Smith/
.S4NJUI
.S4NJUIt
+
//
echo " : " . preg_match("/^ (MR|DR). sMiTH$/i",
,
" Dr. Smith") . "\n";
//
echo " : " . preg_match("/^ (MR|DR). sMiTH$/i",
"
Dr. Smith") . "\n";
168
2. -
//
echo " : " . preg_match("/^ +(MR|DR). sMiTH$/i",
"
Dr. Smith") . "\n";
//
echo " : " . preg_match("/^ +(MR|DR). sMiTH$/i",
"Dr. Smith") . "\n";
$query_text
run_query.php
$return_rows = true;
if (preg_match("/^ *(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
$query_text)) {
$return_rows = false;
}
run_query.php
42-&OUFS
DROP
&OUFS\n
\r\n
\r
5.
169
. 5.2.
: \n ,
\r . , Windows \r\n, Unix Linux \n,
Mac ( , , OS X) \r.
, - ,
. -
\n, .
\n*
\r*t
\r\n \r*\n*
\r*\n* *
&OUFS
&OUFS
170
2. -
\r
\n
?
,
, : CREATE, INSERT UPDATE
$query_text. ,
, $location = strpos($query_text, "CREATE");
if ?
,
if. -, , -.
,
, .
-, . ,
. . : ,
- , .
,
run_query.php.
: SQL - $query_
text. , , .
:
SELECT
FROM
WHERE
OR
*
registrar_activities
name = 'Update GPA'
name = 'Drop a class'
SELECT , , DROP.
, , .
(\r|\n| )*
|
or
*
|
[]
$return_rows = true;
if (preg_match("/^[ \t\r\n]*(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
$query_text)) {
$return_rows = false;
}
5.
171
\t
[ \t\r\n]\s
$return_rows = true;
if (preg_match("/^\s*(CREATE|INSERT|UPDATE|DELETE|DROP)/i",
$query_text)) {
$return_rows = false;
}
. 5.3. ,
,
mysql_query
\r\n
run_query.php
SELECT *
FROM urls
WHERE description = 'home page'
urls
172
2. -
42-
1)1.Z42-
. 5.4.
42-
42-
42-
t
.Z42-
:
t
t
t
^$
preg_match
+
*
1)1.Z42-
1)1.Z42-
.Z42-
.Z42-
(PPHMF
(PPHMF
1)1
1)1
)5.-
5.
173
PHP
, , , . ,
, .
.
,
. , JavaScript . JavaScript
, replace(), match(),
. , PHP,
.
HTML5.
HTML5 ,
. ,
PHP -.
- , . Ruby Ruby on Rails
( ), ,
, Cucumber, Capybara TestUnit.
, !
, ,
.
? , SQL, MySQL, , , PHP. ,
.
1)1
)5.-
.Z42-
1)1
iffor
1)1.Z42-
1)1.Z42-
.Z42-
.Z42-
42-
5XJUUFS
63- 'BDFCPPL
1)1
6. -
175
)5.-$44
1)1
.Z42-
, - HTML
. , create_user.html.
)5.-
)5.-
getFormInfo.php
. 6.1. getFormInfo.php
176
2. -
63-'BDFCPPL
5XJUUFS
63-
'BDFCPPL5XJUUFS
42-CREATE
CREATE TABLE users (
user_id int,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);
, MySQL -
. ,
.
42-
6. -
177
, .
, .
, , ,
. , ,
, , , , .
, first_name last_name,
. ( ) , , , , . , .
, , . , .
; .
, , , . , ,
, , . . ,
, users , . ,
, .
id
user_id
5XJUUFS
5XJUUFS
NGTT
*%
178
2. -
user_id
42-
user_id
*%
user_idusers
.Z42-
.Z42-user_id1029
.Z42-
1030*%
CREATE
CREATE TABLE users (
user_id int AUTO_INCREMENT,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);
*%
.Z42-
user_id .Z42-
user_id
ID
user_id.Z42-
users
user_idt
t
6. -
179
,
.
t
user_id
user_id
2048
user_id
user_id
.Z42-user_idtAUTO_INCREMENT
user_id
t
.Z42-AUTO_INCREMENT
.Z42-
.Z42-
.Z42-
user_id
CREATE TABLE users (
user_id int AUTO_INCREMENT PRIMARY KEY,
first_name varchar(20),
last_name varchar(30),
email varchar(50),
facebook_url varchar(100),
twitter_handle varchar(20)
);
.Z42-
.Z42-
.Z42-
.Z42-
.Z42-
.Z42-
.Z42-
.Z42-
.Z42-
.Z42-
QIQ.Z"ENJO
180
2. -
. 6.2. phpMyAdmin
phpMyAdmin .
, ,
. , - MySQL
, phpMyAdmin. , ,
, , , .
user_id
AUTO_INCREMENT
AUTO_INCREMENT
.Z42-
5XJUUFS'BDFCPPL
6. -
181
1)1
.Z42-
.Z42-
NULL
CREATE TABLE users (
user_id int NOT NULL AUTO_INCREMENT PRIMARY KEY,
first_name varchar(20) NOT NULL,
last_name varchar(30) NOT NULL,
email varchar(50) NOT NULL,
facebook_url varchar(100),
twitter_handle varchar(20)
);
, MySQL
user_id, NOT NULL.
, , MySQL
.
182
2. -
NOT NULL.
, ,
, , .
28 ,
. , Facebook Twitter,
: , , .
, :
, , . .
, .
. ,
, , .
: NOT NULL , . , :
null, ( ) . , , , ,
. ,
, ,
, -
NOT NULL.
42-
users.Z42-
QIQ.Z"ENJO
DROP .
, DROP TABLE
users;. .
CREATE , .
users
AUTO_INCREMENT
1)1
getFormInfo.php
6. -
183
<?php
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
?>
create_user.phpTDSJQUT
DIFYBNQMFT
create_user.html
users
create_user.php,
strpos
.
SQL-
<?php
require '../../scripts/database_connection.php';
//
?>
184
2. -
database_connection.php echo ( ).
, ,
.
INSERT
42-
INSERT INTO users (first_name,
last_name,
email,
facebook_url,
twitter_handle)
VALUES ("Brett",
"McLaughlin",
"brett.m@me.com",
"http://www.facebook.com/bdmclaughlin",
"@bdmclaughlin");
SQL-
MySQL.
$insert_sql = "INSERT INTO users (first_name, last_name, " .
"email, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$facebook_url}', '{$twitter_handle}');";
, ,
, . ,
.
42-
mysql_query
users
{ }
6. -
185
1)1
1)1
42-
<?php
//
$insert_sql = "INSERT INTO users (first_name, last_name, email,
facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
?>
users
users
facebook_url
<?php
//
$insert_sql = "INSERT INTO users (first_name, last_name, email,
facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql)
or die(mysql_error());
?>
die
42-
mysql_query
die
186
2. -
. 6.3.
- HTML- getFormInfo.php, -
create_user.php, -
.
42-
SELECT user_id, first_name, last_name
FROM users;
+---------+------------+-----------+
| user_id | first_name | last_name |
+---------+------------+-----------+
|
1 | C. J.
| Wilson
|
+---------+------------+-----------+
1 row in set (0.00 sec)
6. -
187
QIQ.Z"ENJO
users
. 6.4. users
, -,
. , getFormInfo.html
create_user.html, , .
FTP-.
-
. ,
. , .
, , .
,
users.
188
2. -
,
,
. ,
, , create_user.php ,
.
, CRUD , , . (CReate), (Update) (Delete) .
HTML- (create_user, update_user
. .) , .
getFormInfo.php
<?php
// request
//
?>
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> 6.1</div>
<div id="content">
<p> , :</p>
<p>
: <?php echo $first_name . " " . $last_name; ?><br />
: <?php echo $email; ?><br />
<a href="<?php echo $facebook_url; ?>"> Facebook</a>
<br />
<a href="<?php echo $twitter_url; ?>"> Twitter-</a>
6. -
189
<br />
</p>
</div>
<div id="footer"></div>
</body>
</html>
5XJUUFS
5XJUUFS
63-
$twitter_handle
63-
5XJUUFS
Name: <?php echo $first_name . " " . $last_name; ?><br />
5XJUUFSt @
190
2. -
42-SELECT
<?php
// request
//
$get_user_query = "SELECT * FROM USERS WHERE ..."
mysql_query($get_user_query);
// HTML
?>
<!-- HTML- -->
$get_user_query .
,
WHERE, .
6. -
191
create_user.php
show_user.php
database_connection.php
create_user.php
create_user.php
users
1)1
1)1
)5.-
.php
)5.-
)5.-
)5.-
)5.-
.php
1)1
)5.-
)5.-
192
2. -
. 6.5.
)5.- $44
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1>. . </h1>
<p>
<img src="images/cj_wilson.jpg" class="user_pic" />
- -
.
-, 2010
, 2011
. , ,
6. -
193
. </p>
<p> , ,
.
</p>
<p class="contact_info"> . .:</p>
<ul>
<li>...
<a href="wilson@texasrangers.com"> </a></li>
<li>...
<a href="http://www.facebook.com/pages/CJ-Wilson/127083957307281">
Facebook</a></li>
<li>... <a href="http://www.twitter.com/str8edgeracer">
Twitter </a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>
, users.
.
Twitter .
, ,
, .
$first_name
$last_name
$email
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1>$first_name $last_name</h1>
<p><img src="$user_image" class="user_pic" />
$bio</p>
<p class="contact_info"> $first_name:</p>
<ul>
<li>...
<a href="$email"> </a></li>
<li>...
194
2. -
<a href="$facebook_url">
Facebook</a></li>
<li>... <a href="$twitter_url">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>
, HTML PHP.
, . ,
, PHP. ,
, ,
.
)5.-
1)1
$bio
$user_image
users
users
create_user.html
create_user.php
users
ALTER
42-ALTER
ALTER TABLE users
ADD bio varchar(1000);
6. -
195
42-
ALTER
ADD
bio NOT NULL
NOT NULL
)5.-create_user
?
ALTER
( , show_user)
: , ?
users , - ,
.
. , , - bio NULL.
NULL .
, , -,
,
, . ,
.
. -, ,
. , , username,
NOT NULL. , , ?
?
196
2. -
, .
?
username ,
.
.
, ,
?
, ,
- , NEEDS_USERNAME (
),
, . , , ,
.
ALTER : - , , ,
. ,
. ( .)
. -
, . -
- .
:
biousers)5.-
1)1
show_user.php
create_user.php
delete_user.php
update_user.php
1)1
1)1
)5.-
)5.-
1)1
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
6. -
197
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1>$first_name $last_name</h1>
<p><img src="$user_image" class="user_pic" />
$bio</p>
<p class="contact_info"> $first_name:</p>
<ul>
<li>...
<a href="$email"> </a></li>
<li>...
<a href="$facebook_url">
Facebook</a></li>
<li>... <a href="$twitter_url">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>
PHP scripts/.
ch06/scripts/, , scripts/
-, PHP- .
1)1 <?php?>
$
1)1
)5.-)5.-
42-
SELECT
1)1
<?php ?>
1)1
)5.-63-
198
2. -
. 6.6.
HTML.
- ,
. PHP
. ,
, ,
.
, ,
link head . scripts/ CSS
HTML- -
ch06/.
6. -
199
<?php ?>
1)1 echo
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"> </a></li>
<li>...
<a href="<?php echo $facebook_url; ?>">
Facebook</a></li>
<li>... <a href="<?php echo $twitter_url; ?>">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>
$
1)1 echo
1)1
1)1
1)1
200
2. -
. 6.7. -
1)1)5.-
<?php
<?php
$first_name = ". .";
$last_name = "";
$user_image = "///.jpg";
$bio = " - -
.
-, 2010
, 2011
. , ,
. </p>
<p> , ,
.";
$email = "wilson@texasrangers.com";
$facebook_url = "http://www.facebook.com/pages/CJ-Wilson/127083957307281";
6. -
201
$twitter_url = http://www.twitter.com/str8edgeracer;
?>
<html>
<!-- HTML PHP -->
</html>
$
. 6.8. - .
:
,
SELECT
)5.-
SELECT
SELECT *
FROM users;
202
2. -
+---------+------------+-----------+----------------+--------------------------------------------------------+----------------+------+
| user_id | first_name | last_name | email
|
facebook_url
|
twitter_handle | bio |
+---------+------------+-----------+----------------+--------------------------------------------------------+----------------+------+
|
1 | . .
| | wilson@texasrangers.com | http://www.facebook.com/
pages/CJ-Wilson/127083957307281 |
@str8edgeracer | NULL |
+---------+------------+-----------+----------------+--------------------------------------------------------+----------------+------+
1 row in set (0.03 sec)
, , , -
. SELECT ,
,
.
first_namelast_name
email
$first_name
$last_name
show_user.php
show_
user.php
create_user.htmlcreate_user.php
'BDFCPPL
5XJUUFS
show_user.php
63-
show_user.php
6. -
203
show_user.php
show_user.php
*%
*%
show_user.php
create_user.php
*%
show_user.php
show_user.php
show_user.php
*%
show_user.php
*%
*%
*%
*%
show_user.php
*%
$_REQUEST
show_user.php
<?php
$user_id = $_REQUEST['user_id'];
//
?>
<html>
<!-- HTML PHP -->
</html>
user_id
SELECTWHERE
SELECT *
FROM users
WHERE user_id = $user_id;
204
2. -
*
users
user_id
$user_id
user_id 1
$user_id1
user_id
1
SELECTuser_id
PRIMARY KEY
*%t
show_user
1)1
<?php
require '../../scripts/database_connection.php';
// ID
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;
//
$result = mysql_query($select_query);
//
?>
<html>
<!-- HTML PHP -->
</html>
SELECTuser_id
SQL-
$result
6. -
205
1)1
SELECT
show_user.php
$result
$resultfalse
42-
//
$result = mysql_query($select_query);
if ($result) {
// $result
} else {
die(" ID {$user_id}");
}
if
$resultfalse
$user_id
if
1)1 mysql_fetch_array
42-
42-
$result
if ($result) {
$row = mysql_fetch_array($result);
//
//
} else {
die(" ID {$user_id}");
}
mysql_fetch_array$row
mysql_fetch_array
42-
42-
mysql_fetch_array
"SSBZtt
206
2. -
mysql_fetch_array($result)
. , , ,
, .
mysql_fetch_array , .
mysql_fetch_array false, ,
.
mysql_fetch_array ,
. ,
( false, )
.
$row
$row
$_REQUEST @3&26&45
3&26&45
$_REQUEST
"first_name"
$_REQUEST['first_
name']$row
42-
42-
$row
//
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= $row['bio'];
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
//
$user_image = "///_.jpg";
} else {
die(" ID {$user_id}");
}
6. -
207
if , URL
Twitter. , URL
trim()
2,
Twitter .
, $user_image -
.
:
$user_image = ../../images/missing_user.png;
,
.
$result
mysql_fetch_array
ID
show_user.php
*%
*%
*%
show_user.php
show_user.php
$_REQUEST
63-
show_user.php
show_user.php
create_user.php
63-
ZFMMPXUBHNFEJBDPNQIQ..
DITDSJQUTTIPX@VTFSQIQ
63-
63- ?
[]://[_]/[_]?[_]
63-NZTJUFDPNTDSJQUTTIPX@VTFSQIQ GJSTU@OBNF-BODF
$_REQUEST['first_name']"Lance"
208
2. -
&
63-
NZTJUFDPNTDSJQUTTIPX@VTFSQIQ GJSTU@OBNF-BODFMBTU@OBNF.D$PMMVN
C (show_user.php) ,
(?rst_name=Lance&last_name=McCollum) .
*%
show_user.php63-
ZFMMPXUBHNFEJBDPNQIQ..DITDSJQUTTIPX@VTFSQIQ VTFS@JE
42-show_
user.php
. 6.9.
, PHP, . $_REQUEST[user_id]
USER_ID user_Id.
.
show_user.php
6. -
209
create_user.php
show_user.php
, : INSERT
users,
show_user.php. , ,
show_user.php .
create_user.php, -
.
scripts/?
( ) TDSJQUT ,
, Perl CGI ( Common Gateway Interface, ,
,
).
, , . , -, ,
.
PHP .
show_user.php HTML, PHP,
, . ,
PHP , . ,
PHP-, HTML
URL PHP- .
,
HTML PHP. ,
Wordpress (wordpress.org wordpress.com) PHP. index.php,
index.html.
, TDSJQUT? . , , , HTML-
PHP-. TDSJQUT , -
.
210
2. -
7 ,
TDSJQUT, . , , - HTML,
CSS JavaScript, , , PHP. , PHP,
PHP- HTML.
bio
create_user.php
show_user.php
*%
create_
user.html
'BDFCPPL
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="scripts/create_user.php" method="POST">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" /><br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" /><br />
6. -
211
create_user.php
create_user.html
<html>
<!-- -->
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="scripts/create_user.php" method="POST"
enctype="multipart/form-data">
<fieldset>
<!-- -->
<label for="user_pic"> :</label>
<input type="file" name="user_pic" size="30" />
</fieldset>
<!-- -->
</body>
</html>
)5.-
212
2. -
form
enctypemultipart/formdata
file
, :
? ,
. ,
, users?
? ,
.
. 6.10. ,
, ,
6. -
213
create_user.php
create_user.php
bio
INSERT
<?php
require '../../scripts/database_connection.php';
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
// ...
$insert_sql =
"INSERT INTO users (first_name, last_name, email, bio,
facebook_url, twitter_handle)
" .
"VALUES ('{$first_name}', '{$last_name}',
'{$email}', '{$bio}' " .
"'{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
?>
tbio
, , ALTER TABLE,
bio users.
create_user.html
SELECT
SELECT first_name, last_name, bio
FROM users;
214
2. -
| first_name | last_name | bio
|
|
| , 1966
Genesis. 7 .
1975, , 11
. , , (1984),
(1989), (2002).
, ,
. .
C. J. Wilson bio NULL,
, bio.
show_user.php
*%
<?php
// ,
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php");
exit();
?>
header)551 )551t
)ZQFS5FYU5SBOTGFS1SPUPDPM
)551
)551
http://
63-
show_user.php
header
echo
<html>
header
63-
IUUQXXX
HPPHMFDPNTDSJQUTEBUBCBTF@DPOOFDUJPOQIQ
tshow_user.php
6. -
215
header
*%
mysql_query
INSERT
*%
SELECT
show_user.php
show_user.php*%
1)11)1
mysql_insert_id
*%
*%
INSERT
AUTO_INCREMENT
mysql_insert_id
*%
SELECT
mysql_insert_id
INSERT
myql_query
*%
63-
63-
<?php
// ,
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
?>
create_user.php
:
("Location: show_user.php?user_id={mysql_insert_id()}");
, . PHP
, :
("Location: show_user.php?user_id={$user_id}");
.
216
2. -
create_user.php
show_
user.php
. 6.11.
)5.-
$44+BWB4DSJQU
)5.-
$44+BWB4DSJQU
$44+BWB4DSJQU
$44+BWB4DSJQU
+BWB4DSJQU
+BWB4DSJQU
( )
6. -
217
&OUFS
)5.-
)5.-
&OUFS)5.-<p></p>
&OUFS
\r\n
show_user.php&OUFS)5.-
<p>
preg_replace
<?php
//
// SELECT
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
// URL Twitter
}
?>
// HTML-
[\r\n]+, [\r\n]*. *
, , ,
</p><p> . + ,
\r \n ( ) ,
</p><p>.
t\r
\n\r\n
show_user.php
<?php
require '../../scripts/app_config.php';
218
2. -
require '../../scripts/database_connection.php';
// ID
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;
//
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
//
$user_image = "../../images/missing_user.png";
} else {
die(" ID {$user_id}");
}
?>
<html>
<head>
<link href="../../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"><?php echo $email; ?></a></li>
<li>...
6. -
219
. 6.12.
)5.-
220
2. -
,
?
HTML create_user.html,
create_user.php,
show_user.php . , first_name
HTML, PHP MySQL ( , SQL). - , firstName,
user_firstName first_name.
, . , ,
.
: HTML, PHP MySQL?
. : ,
PHP, ?
:
. Java
.
Java firstName, first_name.
C++, PHP , Ruby,
, .
SQL .
:
, , ,
. ,
HTML- .
PHP , ,
.
-
( )
$44
)5.-
)5.-
die
63-
'BDFCPPL
: JavaScript,
.
.
7. - ( )
223
. 7.1.
63-show_user.php
*%
. 7.2.
, ,
224
3. - -
*%
)5.-
1)1
1)1
1)1
)5.-show_error.html
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p></p>
</div>
<div id="footer"></div>
</body>
</html>
7. - ( )
225
. 7.3.
?
.Z42-
#1054 - Unknown column 'firstname' in 'field list'
.Z42-
1)1
, .
226
3. - -
? , -
, .
, .
. 7.4. ,
7. - ( )
227
t
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<p><img src="../images/error.jpg" class="error" />...
. ,
.
- ,
<a href="mailto:info@yellowtagmedia.com"></a>,
.</p>
<p> , ,
, <a href="javascript:history.go(-1);"> .</a>
,
. , . ...
.
.</p>
</div>
<div id="footer"></div>
</body>
</html>
228
3. - -
. 7.5.
,
1)1
7. - ( )
229
. , , .
, (
) ,
.
,
,
,
. ,
, .
, , , ,
24 36 - ,
.
, !
,
, . .
, ,
, ,
.
, ,
:
! , ,
.
, .
,
, .
230
3. - -
PHP
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<p><img src="../images/error.jpg" class="error" />...
. , <span class="error_message">
.</span></p>
<p> ,
.
- ,
<a href="mailto:info@yellowtagmedia.com"></a>,
.</p>
<p> , ,
, <a href="javascript:history.go(-1);"> .</a>
,
. , . ...
.
.</p>
</div>
<div id="footer"></div>
</body>
</html>
7. - ( )
231
$44
. 7.6.
PHP
)5.-
t
t
t
)5.-
232
3. - -
show_error.php
)5.-
TDSJQUT
,
phpMM/scripts/, phpMM/ .
$_REQUEST
7. - ( )
233
<?php
$error_message = $_REQUEST['error_message'];
?>
<html>
<!-- HTML PHP -->
</html>
1)1
1)1
1)1
show_error.php
63-63-
http://www.yellowtagmedia.com/phpMM/scripts/
show_error.php?error_message=There's%20been%20a%20problem
%20connecting%20to%20the%20database.
URL . ,
,
%20. , .
,
$_REQUEST,
. ,
?,
&.
show_error.php
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
234
3. - -
. 7.7.
1)1
1)1
\\\\\
1)1
1)1
error_message
7. - ( )
235
. 7.8. ,
show_error.php scripts/?
TDSJQUT . , , - create_user.html
create_user.php show_user.php. , HTML- PHP-
, .
show_error.php scripts/. ?
, show_error.php HTML-.
, .
database_connection.php,
TDSJQUT. () , ,
HTML-.
236
3. - -
: ? PHP- HTML...
? JavaScript, CSS?
.
. ,
.
VTFST, ,
: show_user.php, create_user.php create_user.html.
, HSPVQT TPDJBM . .
, . , , ,
(CSS, PHP - ). , ,
, ,
. , .
, , PHP-.
TDSJQUT. , ,
, TDSJQUT VUJMJUJFT.
, 50 100 ,
.
<?php
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
if (!isset($error_message)) {
$error_message = " - .";
}
?>
<html>
<!-- HTML PHP -->
</html>
isset
$error_message
!
$error_message
isset
true
null
$ererror_message
$_REQUEST['error_message']
null
isset
7. - ( )
237
. 7.9.
TQBO
error_message
238
3. - -
63-
63-
t
t
63-
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E %F9%E5%EB%EA%ED%E8%F2
%E5%20%E7%E4%E5%F1%FC%2C%20%F7%F2%EE%E1%FB%20%EF%EE%EB%F3%F7%E8%F2%FC%20
%EE%EF%E8%F1%E0%ED%E8%E5%20%EE%F8%E8%E1%EA%E8%3C/a%3E
ZFMMPXUBHNFEJBDPNZFMMPXUBHNFEJBDPN
. 7.10. ,
7. - ( )
239
. 7.11. :
( , ),
4Z'Z #FJOH
)VNBO
$44
ZFMMPXUBHNFEJBDPN
240
3. - -
,
63-
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E %F9%E5%EB%EA%ED%E8%F2
%E5%20%E7%E4%E5%F1%FC%2C%20%F7%F2%EE%E1%FB%20%EF%EE%EB%F3%F7%E8%F2%FC%20
%EE%EF%E8%F1%E0%ED%E8%E5%20%EE%F8%E8%E1%EA%E8%3C/a%3E
error_message
63-
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=<a
href="http://www.syfy.com/beinghuman"> ,
</a>
1)1
, .
, . ,
: , -
. , , ,
. 13, -
, -
.
7. - ( )
241
,
PHP
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
$first_name
isset
1)1
1)1
- , -, -
- PHP, .
.
display_error.php
<?php
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
echo "{$query}\n\n";
?>
242
3. - -
$first_name
$ php display_error.php
,
SELECT * FROM users WHERE first_name =
1)1
$first_name
1)1 error_reporting
display_error.php
<?php
error_reporting(E_ALL);
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
echo "{$query}\n\n";
?>
E_ALL E_ALL
E_ERROR
E_WARNING
E_PARSE E_NOTICE
XXXQIQOFUNBOVBMFOGVODUJPOFSSPSSFQPSUJOH
QIQ E_ALL
$ php display_error.php
PHP Notice: Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/
display_error.php on line 5
Notice: Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/display_error.php on line 5
,
PHP Notice:
7. - ( )
243
display_error.php on line 6
Notice: Undefined variable: first_name in yellowtagmedia_com/phpMM/ch07/display_error.php on line 6
SELECT * FROM users WHERE first_name =
1)1
, , ,
.
PHP .
, .
database_connection.php
app_config.php
database_connection.php
, , -
app_cong.php . -
.
.
app_config.php
TDSJQUTshow_error.phpdatabase_
connection.phperror_reporting
<?php
//
//
error_reporting(E_ALL);
?>
244
3. - -
<?php
require '../scripts/app_config.php';
echo ", {$first_name}\n\n";
$query = "SELECT * FROM users WHERE first_name = {$first_name}";
echo "{$query}\n\n";
?>
, , error_reporting
display_error.php, app_cong.php.
,
( - )
, , ,
, , , ... app_config.php. , ,
?
,
- .
, ,
, , -
... , . app_config.php.
( )
, .
app_config.php,
. (
app_config.php.) , , .
app_config.phpshow_error.php
7. - ( )
245
<?php
require 'app_config.php';
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
if (!isset($error_message)) {
$error_message = " - .";
}
?>
<html>
<!-- HTML PHP -->
</html>
show_error.php
show_error.php
. 7.12. :
!
246
3. - -
null
<?php
require 'app_config.php';
if (isset($_REQUEST['error_message'])) {
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
} else {
$error_message =
" - .";
}
?>
<html>
<!-- HTML PHP -->
</html>
1)1
1)1
nullissetisset
null
t
t
: , -
, -
.
app_config.php
7. - ( )
247
<?php
//
define("DEBUG_MODE", true);
//
//
if (DEBUG_MODE) {
error_reporting(E_ALL);
} else {
//
error_reporting(0);
}
?>
DEBUG_MODE
require require_once
database_connection.php
require 'app_config.php';
require '../../scripts/database_connection.php';
app_config.php
app_config.php
database_connection.php
app_config.php
app_config.php
app_config.php
database_connection.php
database_connection.php
app_config.php
248
3. - -
app_config.php
database_connection.php
app_config.php
app_config.php
1)1
//
define("DATABASE_HOST", "db.host.com");
define("DATABASE_USERNAME", "username");
define("DATABASE_PASSWORD", "super.secret.password");
define("DATABASE_NAME", "db-name");
require require_once
require
// ,
require '../scripts/app_config.php';
app_config.php
require_once
// database_connection.php
require_once '../scripts/app_config.php';
require_once
includerequire
app_config.php
create_
user.php
show_user.php
require
app_config.php
database_connection.php
require_once
7. - ( )
249
app_config.php
require
require_once
, require_once,
, require.
, ,
PHP- require_once.
,
app_config.phpDEBUG_MODE
1)1
debug_print
function debug_print($message) {
if (DEBUG_MODE) {
echo $message;
}
}
250
3. - -
show_error.php
<?php
require 'app_config.php';
if (isset($_REQUEST['error_message'])) {
$error_message = preg_replace_all("/\\\\/", '',
$_REQUEST['error_message']);
} else {
$error_message = " - .";
}
if (isset($_REQUEST['system_error_message'])) {
$system_error_message = preg_replace("/\\\\/", '',
$_REQUEST['system_error_message']); } else {
$system_error_message = " .";
}
?>
. error_reporting,
- .
)5.-
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> ...</h1>
<!--
-->
<?php
debug_print("<hr />");
debug_print("<p>
:
<b>{$system_error_message}</b></p>");
?>
</div>
<div id="footer"></div>
</body>
</html>
7. - ( )
251
app_config.php
1)1 error_reporting
debug_print
connect.htmlconnect.php
, .
connect.html connect.php
scripts/ connect.php connect.html.
require_once app_cong.php app_cong.
php connect.php. , ,
PHP, , .
show_error.php
<?php
require '../scripts/app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p> : " .
mysql_error() . "</p>");
// . ...
?>
mysql_connect
if (!mysql_connect(DATABASE_HOST,
DATABASE_USERNAME, DATABASE_PASSWORD)) {
$user_error_message = " , " .
" , " .
" .";
$system_error_message = mysql_error();
header("Location: ../scripts/show_error.php?" .
252
3. - -
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
exit();
, ,
. , , ,
. $user_
error_message, header URL- .
1)1
1)1
if (!mysql_connect(DATABASE_HOST, DATABASE_USERNAME, "foo")) {
//
}
. 7.13. , ,
7. - ( )
253
, , DEBUG_MODE app_cong.php
true, ,
, .
DEBUG_MODEapp_config.phpfalse
//
define("DEBUG_MODE", false);
connect.htmlconnect.php
. 7.14. ,
254
3. - -
connect.php
if (!mysql_connect(DATABASE_HOST,
DATABASE_USERNAME, DATABASE_PASSWORD)) {
$user_error_message = " , " .
" , " .
" .";
$system_error_message = mysql_error();
header("Location: ../scripts/show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
exit();
}
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or die("<p>Error connecting to database: " . mysql_error() . "</p>");
t
if (!mysql_connect(DATABASE_HOST,
DATABASE_USERNAME, DATABASE_PASSWORD)) {
$user_error_message = " , " .
" , " .
" .";
$system_error_message = mysql_error();
header("Location: ../scripts/show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
exit();
t
t
header63-t
debug_print
7. - ( )
255
debug_print
exit
header
1)1
connect.php
if (!mysql_connect(DATABASE_HOST, DATABASE_USERNAME, "foo")) {
handle_error(" , , " .
" .",
mysql_error());
}
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, "foo")
or handle_error(" , , " .
" .",
mysql_error());
if
or die
t
handle_error
256
3. - -
. 7.15. PHP
connect.php
show_error.php
1)1
63-
63-
.php
1)1
1)1
1)1
63-
.php
63-1)1
63-1)1
63-1)1
1)1
1)1
/PJOQVUGJMFTQFDJGJFE
app_config.php
function handle_error($user_error_message, $system_error_message) {
header("Location: show_error.php?" .
"error_message={$user_error_message}&" .
"system_error_message={$system_error_message}");
}
show_error.phpapp_config.php
app_config.php
show_error.php
connect.php
DI
show_error.phpTDSJQUTTIPX@FSSPSQIQ
handle_errorapp_config.php
connect.php show_error.php
app_config.phpconnect.php
handle_error
t
show_error.php
7. - ( )
257
, . , ,
show_error.php, (..). show_error.php
../scripts/show_error.php. ,
.
, ,
.
/, , ,
-. /scripts/show_error.php.
app_config.php
//
define("SITE_ROOT", "/phpMM/");
handle_error
app_config.php
handle_errordebug_print
<?php
//
define("DEBUG_MODE", false);
//
define("SITE_ROOT", "/phpMM/");
//
define("DATABASE_HOST", "database.host.com");
define("DATABASE_USERNAME", "username");
define("DATABASE_PASSWORD", "super.secret.password");
define("DATABASE_NAME", "database-name");
//
if ($debug_mode) {
error_reporting(E_ALL);
} else {
//
error_reporting(0);
}
function debug_print($message) {
if (DEBUG_MODE) {
258
3. - -
echo $message;
,
SITE_ROOT URL header
(.).
show_error.phpconnect.php
diehandle_error
database_connection.php
handle_error
<?php
require 'app_config.php';
mysql_connect(DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD)
or handle_error(" , , " .
" .",
mysql_error());
mysql_select_db(DATABASE_NAME)
or handle_error(" .",
mysql_error());
?>
?
, ? - . , - , ,
, require require_once
PHP-
.
7. - ( )
259
- .
, . , , , ?
, , ,
.
,
.
. , ,
- , .
1)1
if
.Z42-
1)1
.Z42-
1)1
1)1
1)1
'BDFCPPL5XJUUFS
users
t debug_print handle_error
8.
261
. 8.1.
'BDFCPPL5XJUUFS
'BDFCPPL5XJUUFS
5XJUUFS
5XJUUFS
img)5.-
<img src="images/cj_wilson.jpg" class="user_pic" />
262
3. - -
. 8.2. ,
src
users
3ZBO(FZFS!USFOTQPU
,
, ,
, , .
, : , . HTML, CSS JavaScript
8.
263
HTML
)5.-
1)1
)5.-
)5.-
)5.-
create_user.html
264
3. - -
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"> </div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form action="create_user.php" method="POST"
enctype="multipart/form-data">
<fieldset>
<label
<input
<label
<input
<label
<input
<label
<input
<label
<input
<label
<input
<label
for="first_name">:</label>
type="text" name="first_name" size="20" /><br />
for="last_name">:</label>
type="text" name="last_name" size="20" /><br />
for="email"> :</label>
type="text" name="email" size="50" /><br />
for="facebook_url">URL- Facebook:</label>
type="text" name="facebook_url" size="50" /><br />
for="twitter_handle"> Twitter:</label>
type="text" name="twitter_handle" size="20" /><br />
for="user_pic"> :</label>
type="file" name="user_pic" size="30" />
for="bio">:</label>
8.
265
(form action), ,
scripts/. HTML ch08/
.
. 8.3. , ,
, .
: 1 000 000 -. , , , 20
30 Word 1 . 20 .
,
, Flickr (www.ickr.com), -
. .
266
3. - -
"MAX_FILE_SIZE"
)5.-
)5.-
)5.-
)5.-
)5.-
)5.-
<input type="hidden" name="MAX_FILE_SIZE" value="2000000" />
<label for="user_pic"> :</label>
<input type="file" name="user_pic" size="30" />
, le.
. -
. ( , , ,
.)
1)1
$ISPNF
. 8.4.
1)1
create_user.php$
<?php
require_once '../scripts/app_config.php';
8.
267
require_once '../scripts/database_connection.php';
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>
, .
app_cong.php database_connection.php,
require require_once.
<?php
require_once '../scripts/app_config.php';
268
3. - -
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
$image_fieldname = "user_pic";
$first_name = trim($_REQUEST['first_name']);
//
//
// MySQL
?>
SITE_ROOT
app_config.php
5FSNJOBM
'51 SITE_ROOT
VQMPBETQSPGJMF@QJDTSITE_ROOT
ZFMMPXUBHNFEJB@DPNQIQ..
ZFMMPXUBHNFEJB@DPNQIQ..
VQMPBETQSPGJMF@QJDT
$upload_dir = SITE_ROOT . "uploads/";
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
array
// PHP-
$php_errors = array(' . , php.ini',
' . , HTML',
' ',
' .');
$php_errors[0]
'
. , php.ini'
8.
269
, ,
, (. . -
2).
=>
1)1
$_REQUEST['user_pic']$_REQUEST
)5.-
user_pic
profile_pic.jpg
$_REQUEST = array('user_pic' => 'profile_pic.jpg');
PHP , .
, PHP .
, , ,
, , .
1)1
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
1)1
1)1
$php_errors[1]
' . , php.ini'
1)1
$php_errors[0]
1)1
1)1
1)1
1)1
1)1$_REQUEST
$_FILES
$_REQUEST
$_FILES[$image_fieldname]
$image_fieldname
create_user.php
270
3. - -
$_FILES[$image_fieldname]
$_FILES[$image_fieldname]['error']
1
2
3
4
=>
=>
=>
=>
' . , php.ini'
' . , HTML'
' '
' .'
$php_errors
$_FILES[$image_fieldname]['error']
?
$_FILES
handle_error
<?php
//
//
//
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors($_FILES[$image_fieldname]['error']));
// MySQL
// show_error.php
?>
($_FILES[$image_fieldname]['error'])
$php_errors
app_cong.php , DEBUG_
MODE true.
8.
271
ifif
1)1
($_FILES[$image_fieldname]['error'] == 0)
. -
, .
if
1)1
create_user.html
J1IPUP
J1IPUP
1)1
handle_error
handle_error
1)1
, , , -
, ,
. ,
, .
PHP, .
$php_errors
)5.-
272
3. - -
. 8.5.
?
1)1
FUDQBTTXE
1)1
1)1
is_uploaded_file
)551
)551
)5.-
false
8.
273
// ,
// ?
is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// MySQL
,
. ,
, .
,
, .
.
PHP-. . , ,
- , , .
.
, , -
PHP . , .
($_FILES[$image_fieldname])
is_uploaded_file
is_uploaded_file
1)1
@
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
274
3. - -
handle_error
, PHP , @. , , SQL- ,
URL.
, , -
, , .
@ , ,
.
.
, : ,
, .
, , @, , . : @
( ) or
. .
. ( !) ,
-. @, .
.
, @, or ,
, , 7. ,
(, , ).
,
, .
?
8PSE
+BWB4DSJQU
8.
275
1)1
getimagesize
t
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
)551
)551
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
, .
, Flickr Facebook.
, ,
.
276
3. - -
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
$now
1)1time
while
true
true
while$upload_filename
$upload_dir
-
$_FILES[$image_fieldname]['name']
while
file_exists
while
while
$now
1)1
// ,
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'], $upload_filename)
or handle_error(" " .
" .",
", " .
" {$upload_filename}");
8.
277
create_user.php
. 8.6. -
create_user.php
echo
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
echo $upload_filename;
echo "<br />";
echo $_FILES[$image_fieldname]['tmp_name'];
278
3. - -
echo
// ,
//
//header("Location: show_user.php?user_id=" . mysql_insert_id());
echo
. 8.7. echo
. 8.8.
8.
279
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
" '{$bio}', " . '{$facebook_url}', " .
"'{$twitter_handle}');";
//
mysql_query($insert_sql);
ALTER
ALTER TABLE users
ADD user_pic_path varchar(200);
users
DESCRIBE
mysql> describe users;
+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
|
| PRI | NULL
| auto_increment |
| first_name
| varchar(20) |
|
|
|
|
| last_name
| varchar(30) |
|
|
|
|
| email
| varchar(50) |
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | varchar(200) | YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
8 rows in set (0.00 sec)
user_pic_patht
, ,
, , -
.
280
3. - -
INSERT
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, " .
"user_profile_pic) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
" '{$bio}', " . '{$facebook_url}', " .
"'{$twitter_handle}', '{$upload_filename}');";
//
mysql_query($insert_sql);
)5.-
1)1
users
show_user.php
42-.Z42-
42-
SELECT
SELECT user_pic_path
FROM users
WHERE last_name = 'Roday';
mysql> select user_pic_path from users where last_name = 'Roday';
+------------------------------------+
| user_pic_path
|
+------------------------------------+
| /yellowtagmedia_com/phpMM/uploads/profile_pics/1312127661-City_2_0_by_pince-l3d.jpg |
+------------------------------------+
1 row in set (0.00 sec)
8.
281
create_user.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url .
substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
282
3. - -
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
// ,
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'],
$upload_filename)
or handle_error(" " .
" .",
", " .
" {$upload_filename}");
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, user_pic_path) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}', " .
"'{$upload_filename}');";
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>
,
8.
283
show_user.phpcreate_user.htmlcreate_
user.phpshow_user.php
users
require
require_once, app_cong.php , ,
scripts/, . , HTML,
show_user.php, CSS JavaScript.
SELECT
SELECT
// SELECT
$select_query = "SELECT * FROM users WHERE user_id = " . $user_id;
42-INSERT
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url = $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
$user_image
= $row['user_pic_path'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
} else {
handle_error(" " .
" .",
" ID {$user_id}");
}
die else if
handle_error.
//
$user_image = "../../images/missing_user.png";
284
3. - -
)5.-
)5.-
$user_image
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<!-- . ... -->
show_user.php
*%
*%
create_user.php
. 8.9.
'JSFCVH
'JSFCVH
8.
285
. 8.10.
)5.-img
)5.-
)5.-
URL-
HTML ,
public_html/.
show_user.php test.php
1)1
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
?>
286
3. - -
$_SERVERt
1)1DOCUMENT_ROOT
, $_SERVER, www.php.net/manual/
ru/reserved.variables.server.php.
IPNFCCNDMBVHIZFMMPXUBHNFEJB@DPN
IPNFCCNDMBVHI
ZFMMPXUBHNFEJB@DPN
. 8.11.
ZFMMPXUBHNFEJB@DPN
test.php
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
$image_sample_path =
"/home1/b/bmclaugh/yellowtagmedia_com/phpMM/" .
"uploads/profile_pics/1312128274-james_roday.jpg";
?>
str_replace
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
8.
287
$image_sample_path =
"/home1/b/bmclaugh/yellowtagmedia_com/phpMM/" .
"uploads/profile_pics/1312128274-james_roday.jpg";
$web_image_path = str_replace($_SERVER['DOCUMENT_ROOT'],
'', $image_sample_path);
?>
echo
<?php
echo " : {$_SERVER['DOCUMENT_ROOT']}";
$image_sample_path =
"/home1/b/bmclaugh/yellowtagmedia_com/phpMM/" .
"uploads/profile_pics/1312128274-james_roday.jpg";
$web_image_path = str_replace($_SERVER['DOCUMENT_ROOT'],
'', $image_sample_path);
echo "<br /><br /> : {$web_image_path}";
?>
test.php
. 8.12. , :
, ,
&OUFS
test.php
app_config.php
test.php
function get_web_path($file_system_path) {
return str_replace($_SERVER['DOCUMENT_ROOT'], '', $file_system_path);
}
288
3. - -
. 8.13. ,
,
function
app_config.php
get_web_path
$file_system_path
$file_system_path
''
return
str_replace
treturn1)1
1)1
VTSCCFOUMFZXFC
JNBHFTQSPGJMFKQHVTSCCFOUMFZXFC
get_web_path/images/profile.jpg
8.
289
, , , Ruby on Rails,
. ,
-, .
, PHP . ,
test.php ,
.
, ,
- -
, CSS,
.
, HTML .
,
.
. , -
, . , , ../../../web/images/prole.jpg,
. , ,
, . ,
.
:
show_
user.php
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url = $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
290
$user_image
3. - -
= get_web_path($row['user_pic_path']);
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
} else {
handle_error(" " .
" .",
" ID {$user_id}");
}
create_user.php
show_user.php
user_id63-
show_user.php
. 8.14. , , , ,
, ,
8.
291
app_cong.php
$_SERVER['DOCUMENT_ROOT']
get_web_path
app_config.php
//
define("SITE_ROOT", "/phpMM/");
SITE_ROOT , , . ,
- ,
. , /,
.
IPNFCCNDMBVHI
ZFMMPXUBHNFEJB@DPN
QIQ..
$_SERVER['DOCUMENT_ROOT']
get_web_path
SITE_ROOT/phpMM
//
define("SITE_ROOT", $_SERVER['DOCUMENT_ROOT'] . "/phpMM/");
IPNFCCNDMBVHI
ZFMMPXUBHNFEJB@DPNQIQ..
get_web_path
handle_error
function handle_error($user_error_message, $system_error_message) {
header("Location: " . SITE_ROOT . "scripts/show_error.php" .
"?error_message={$user_error_message}" .
"&system_error_message={$system_error_message}");
}
292
3. - -
?
get_web_path ,
, . -, :
? ,
.
.
. ,
, PHP Ruby, Perl PHP, ,
,
. ,
, .
?
. , , , !
,
. .
, ,
/. ,
. . ,
,
.
, .
,
.
SITE_ROOT
SITE_ROOT
function handle_error($user_error_message, $system_error_message) {
header("Location: " . get_web_path(SITE_ROOT) .
"scripts/show_error.php" .
"?error_message={$user_error_message}" .
"&system_error_message={$system_error_message}");
8.
293
63-
show_user.php
1)1
1)1
users
SELECT INSERT
tusers
t
63-'BDFCPPL
t
63-'BDFCPPL
t
63-'BDFCPPL
63-'BDFCPPL
'BDFCPPL
'BDFCPPL
5XJUUFSt
users
9.
295
images
, users.
( ),
, Twitter.
, ,
.
*%
user_idusers
users
.*.&
42-CREATE
CREATE TABLE images (
image_id
int
filename
varchar(200)
mime_type
varchar(50)
file_size
int
image_data mediumblob
);
mediumblob
tinyblobt
blobtblob
#MPC
#JOBSZ-BSHF0CKFDU
#JOBSZ-BSHF0CKFDU
-BSHF0CKFDU
-BSHF0CKFDU
0CKFDU
0CKFDU
296
3. - -
mediumblobt
longblobtlongblob
, -
. ,
longblob. ,
, ,
.
longblob
. ,
, longblob, 2 ,
, mediumblob, 2 . longblob ,
.
,
2 , mediumblob.
, ,
.
,
varchar(255), . - .
longblob, ( ) ,
, mediumblob.
users
mysql> USE bmclaugh;
Database changed
mysql> SHOW tables;
+------------------------------------+
| Tables_in_bmclaugh
|
+------------------------------------+
| images
|
| users
|
+------------------------------------+
2 rows in set (0.00 sec)
9.
297
create_user.php
1)1
getimagesize
images
create_user.php
create_user.php.
create_user.php.bak - ,
.
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
// , ,
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
298
3. - -
9.
299
INSERT
users
images
images
$_FILES
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{$first_name}', '{$last_name}', '{$email}', " .
"'{$bio}', '{$facebook_url}', '{$twitter_handle}');";
//
mysql_query($insert_sql);
// images
$image = $_FILES[$image_fieldname];
$image_filename = $image['name'];
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];
$image_data = file_get_contents($image['tmp_name']);
$insert_image_sql = "INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('{$image_filename}', '{$image_mime_type}', " .
"'{$image_size}', '{$image_data}');";
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
?>
$image
$image = $_FILES[$image_fieldname];
$_FILES[$image_fieldname]
$image_filename = $image['name'];
300
3. - -
getimagesize
getimagesize
.*.&
.*.&
)5.-
$image_size = getimagesize($image['tmp_name']);
getimagesize
.*.&
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];
le_get_contents
getimagesize
file_get_contents
image_data
images
$image_data = file_get_contents($image['tmp_name']);
INSERT
t
INSERT
$insert_image_sql = "INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('{$image_filename}', '{$image_mime_type}', " .
"'{$image_size}', '{$image_data}');";
mysql_query($insert_image_sql);
9.
301
! , -
.
MySQL. ,
- .
1)1.Z42-
, , , - -
PHP. . 4 5 PHP
,
getimagesize, mysql_real_escape_string,
.
mysql_real_escape_string
$image_data
mysql_real_escape_string
mysql_queryINSERT
.Z42-
$insert_sql = "INSERT INTO users (first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('{mysql_real_escape_string($first_name)}', " .
"'{mysql_real_escape_string($last_name)}', " .
"'{mysql_real_escape_string($email)}', " .
"'{mysql_real_escape_string($bio)}', " .
"'{mysql_real_escape_string($facebook_url)}', " .
"'{mysql_real_escape_string($twitter_handle)}');";
//
mysql_query($insert_sql);
// images
$image = $_FILES[$image_fieldname];
$image_filename = $image['name'];
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];
302
3. - -
$image_data = file_get_contents($image['tmp_name']);
$insert_image_sql = "INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('{mysql_real_escape_string($image_filename)}', ".
"'{mysql_real_escape_string($image_mime_type)}', " .
"'{ mysql_real_escape_string($image_size)}', " .
"'{mysql_real_escape_string($image_data)}');";
mysql_query($insert_image_sql);
$image_size ,
mysql_real_escape_string. ,
,
.
.
, . ,
PHP ,
, ,
.
"{$variable}"
$variable
1)1
mysql_real_escape_string
mysql_real_escape_string
// images
$image = $_FILES[$image_fieldname];
$image_filename = mysql_real_escape_string($image['name']);
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = mysql_real_escape_string($image_info['mime']);
// . ...
.Z42-$image_filename
.Z42
t
mysql_real_escape_string
9.
303
42-INSERT
.*.&
.Z42-
42-
1)1
sprintf
sprintf
mysql_query
%s
$hello = sprintf("Hello there, %s %s", $first_name, $last_name);
echo $hello;
$first_name
+PIO $last_name
t
8BZOF
Hello there, John Wayne
sprintf%s
$first_name
%s
$last_name
$hello
sprintf
sprintf
$hello = sprintf("Hello there, %s", $first_name . ' ' . $last_name);
echo $hello;
sprintf
mysql_real_escape_string
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
304
3. - -
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
images
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
%dsprintf
INSERT
sprintf
PHP- sprintf
, ,
mysql_real_escape_string
. ,
: sprintf
.
,
. ,
(, , ,
- ), ,
, , SQL-.
sprintf . - SQL-, .
9.
305
create_user.php
create_user.php
show_user.php
images
mysql> SELECT image_id, filename FROM images;
+----------+----------------------------+
| image_id | filename
|
+----------+----------------------------+
|
4 | 220px-William_Shatner.jpeg |
+----------+----------------------------+
1 row in set (0.00 sec)
SELECT *
.Z42-
.Z42-
1IQ.Z"ENJO
1IQ.Z"ENJO
images
1IQ.Z"ENJO
1IQ.Z"ENJO
1IQ.Z"ENJO
1IQ.Z"ENJO
#-0#
. 9.1. PhpMyAdmin
ID
306
3. - -
. 9.2. -
create_
user.php
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
9.
307
mysql_insert_id
*% INSERT
INSERT users
INSERT
images
show_user.php
*%
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
$user_id = mysql_insert_id();
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . $user_id);
exit();
308
3. - -
show_user.php
. 9.3.
t users images
show_user.php
imagesusers
*%users user_id
images image_id
9.
309
s
users
image_id
mysql> ALTER TABLE users
->
ADD profile_pic_id int;
Query OK, 6 rows affected (0.11 sec)
Records: 6 Duplicates: 0 Warnings: 0
, . ALTER -
. -
. .
, .
, , , ,
. ,
, .
PHP MySQL
. ,
.
profile_pic_id , .
,
images.
,
, ,
FOREIGN KEY .
, profile_pic_id ID, image_id images. MySQL .
MySQL ,
MySQL InnoDB.
, - InnoDB.
, MySQL ,
310
3. - -
. InnoDB
, :
ALTER TABLE [table-name]
ENGINE = InnoDB;
images
*%
profile_pic_id users
usersimages
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
9.
311
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
$user_id = mysql_insert_id();
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// ,
//
header("Location: show_user.php?user_id=" . $user_id);
exit();
*%
mysql_insert_id
*%
*%
mysql_insert_id
profile_pic_idusers
INSERTusers
INSERTimages
UPDATE*%users
.Z42-
INSERTimages
*%
INSERT users
*%
INSERT
312
3. - -
.Z42-
INSERT
//
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle));
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . $user_id);
exit();
- .
mysql_query, ,
, , .
. , users
, mysql_insert_id.
*%INSERT
INSERT
users
mysql_insert_id*%
9.
313
images
INSERT
users
//
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, " .
"file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
// $insert_sql
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, " .
"profile_pic_id) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s', %d);",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_insert_id());
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
, , ID , prole_pic_id,
, , sprintf %d
.
create_user.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
314
3. - -
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
"'{$_FILES[$image_fieldname]['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//
9.
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
$now++;
}
// images
$image = $_FILES[$image_fieldname];
$image_filename = $image['name'];
$image_info = getimagesize($image['tmp_name']);
$image_mime_type = $image_info['mime'];
$image_size = $image['size'];
$image_data = file_get_contents($image['tmp_name']);
$insert_image_sql = sprintf("INSERT INTO images " .
"(filename, mime_type, file_size, image_data) " .
"VALUES ('%s', '%s', %d, '%s');",
mysql_real_escape_string($image_filename),
mysql_real_escape_string($image_mime_type),
mysql_real_escape_string($image_size),
mysql_real_escape_string($image_data));
mysql_query($insert_image_sql);
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, email, " .
"bio, facebook_url, twitter_handle, " .
"profile_pic_id) " .
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s', %d);",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_insert_id());
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
exit();
?>
315
316
3. - -
*%
images
mysql> select image_id from images;
+----------+
| image_id |
+----------+
|
4 |
|
5 |
|
6 |
+----------+
3 rows in set (0.00 sec)
WHERE
*%
$select_query = sprintf("SELECT * FROM users WHERE user_id = %d",
$user_id);
sprintf show_user.php
show_user.php
profile_
pic_id
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
9.
$bio
$email
$facebook_url
$twitter_handle
$profile_pic_id
=
=
=
=
=
317
show_user.php ,
, -
.
tprofile_pic_idusersimage_idimages
WHERE
users
images
profile_pic_id
image_id
SELECT first_name, last_name, filename
FROM users, images
WHERE profile_pic_id = image_id;
.Z42-
mysql> SELECT first_name, last_name, filename
->
FROM users, images
-> WHERE profile_pic_id = image_id;
+------------+-----------+----------------------------+
| first_name | last_name | filename
|
+------------+-----------+----------------------------+
| William
| Shatner
| 220px-William_Shatner.jpeg |
+------------+-----------+----------------------------+
1 row in set (0.02 sec)
William Shatner,
.
318
3. - -
( )
SELECT first_name, last_name, filename
FROM users, images
WHERE profile_pic_id = image_id;
first_namelast_nameusers
filename
filenameimages
profile_pic_idimage_id
SELECT users.first_name, users.last_name, images.filename
FROM users, images
WHERE users.profile_pic_id = images.image_id;
42-
42-
SELECT u.first_name, u.last_name, i.filename
FROM users u, images i
WHERE u.profile_pic_id = i.image_id;
9.
319
show_user.php
show_image.php
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
?>
*%
SELECTimages
*%
SELECT
*%
*%images
320
3. - -
ID
*%
*%
*%
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
if (!isset($_REQUEST['image_id'])) {
handle_error(" .");
}
$image_id = $_REQUEST['image_id'];
?>
show_
user.phphandle_error
SELECT-
42-
42-
sprintf
tmysql_query
<?php
// require
// ID
// SELECT
$select_query = sprintf("SELECT * FROM images WHERE image_id = %d",
$image_id);
//
$result = mysql_query($select_query);
?>
,
$result
9.
321
if ($return_rows) {
// ,
echo "<p>, :</p>";
echo "<ul>";
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
echo "</ul>";
} else {
// . , .
echo "<p> :</p>";
echo "<p>{$query_text}</p>";
}
5. ,
.
if
if ($result) {
$row = mysql_fetch_array($result);
//
} else {
handle_error(" " .
" .",
" ID {$user_id}");
}
322
3. - -
.
. , , ,
. , ,
.
,
.
( if-), , , . -
. ,
-
.
show_
user.php:
if ($result) {
$row = mysql_fetch_array($result);
//
} else {
handle_error(
" " .
" .",
" ID
{$user_id}");
}
, . ?
- . , .
, . ?
?
, , , , . , ,
. ,
, , . ,
.
show_image.php,
, ,
. .
9.
323
)5.-
)5.-
.*.&text/htmltext/xml
image/jpeg
image/
gifimage/png
header("Location: " . SITE_ROOT . "scripts/show_error.php?" .
error_message={$user_error_message}&" .
system_error_message={$system_error_message}");
Location
63-
Location
63-
header1)1
1)1
Content-typet
.*.&
Content-lengtht
images
mime_typefile_size
show_image.php
<?php
//
//
//
//
require
ID
324
3. - -
image/jpegtimage/gif
<?php
//
//
//
//
//
require
ID
echo $image['image_data'];
?>
images
*%
SELECTimages*%
SELECT
*%
*%images
9.
325
Content-type
Content-length
handle_error
1)1trycatch
try trycatch
catch trycatch
try
catch
catchException
handle_error
show_image.php
try
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
if (!isset($_REQUEST['image_id'])) {
handle_error(" .");
}
$image_id = $_REQUEST['image_id'];
// SELECT
$select_query = sprintf("SELECT * FROM images WHERE image_id = %d",
$image_id);
//
$result = mysql_query($select_query);
if (mysql_num_rows($result) == 0) {
326
3. - -
handle_error(" .",
" ID " . $image_id . ".");
$image = mysql_fetch_array($result);
header('Content-type: ' . $image['mime_type']);
header('Content-length: ' . $image['file_size']);
echo $image['image_data'];
}
?>
1)1
Exception
catch
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
// ,
} catch (Exception exc) {
}
?>
catch
Exception exc
exc $, PHP $
. PHP ,
, exc , ,
.
catch
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
// ,
} catch (Exception exc) {
handle_error(" .",
" : " . $exc->getMessage());
}
?>
9.
327
->
handle_error
handle_error
excgetMessage1)1
->
, .
, ,
.
1)1try
show_image.php
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
try {
if (!isset($_REQUEST['image_id'])) {
handle_error(" .");
}
$image_id = $_REQUEST['image_id'];
// SELECT
$select_query = sprintf("SELECT * FROM images WHERE image_id = %d",
$image_id);
//
$result = mysql_query($select_query);
if (mysql_num_rows($result) == 0) {
handle_error(" .",
" ID " . $image_id . ".");
}
$image = mysql_fetch_array($result);
header('Content-type: ' . $image['mime_type']);
header('Content-length: ' . $image['file_size']);
echo $image['image_data'];
} catch (Exception $exc) {
handle_error(" .",
" : " . $exc->getMessage());
}
?>
328
3. - -
,
.Z42-
*%
mysql> select image_id, filename from images;
+----------+----------------------------+
| image_id | filename
|
+----------+----------------------------+
|
6 | 220px-William_Shatner.jpeg |
+----------+----------------------------+
1 row in set (0.03 sec)
63-show_image.php
&OUFS
*%
. 9.4. ID
63-show_image.php?image_id=6
9.
329
. 9.5.
,
show_user.php
show_image.php
show_user.php
t42-
imagesusers
SELECT u.first_name, u.last_name, i.filename
FROM users u, images i
WHERE u.profile_pic_id = i.image_id;
330
3. - -
, URL ,
users .
(src)
)5.-img
<img src="/images/roday.jpg" />
img
src
9.
331
t
JNBHFTSPEBZKQH
roday.jpg
roday.jpg63-
src
<img src="show_image.php?image_id=6" />
show_image.php*%
*%
img
)5.-
<?php
// PHP-
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="show_image.php?image_id=<?php echo $image_id; ?>"
class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<!-- -->
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>
332
3. - -
srcimg*%
show_user.php
<?php
require '../scripts/app_config.php';
require '../scripts/database_connection.php';
// ID
$user_id = $_REQUEST['user_id'];
// SELECT
$select_query = sprintf("SELECT * FROM users WHERE user_id = %d",
$user_id);
//
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name
= $row['first_name'];
$last_name
= $row['last_name'];
$bio
= preg_replace("/[\r\n]+/", "</p><p>", $row['bio']);
$email
= $row['email'];
$facebook_url
= $row['facebook_url'];
$twitter_handle = $row['twitter_handle'];
$image_id
= $row['profile_pic_id'];
// $twitter_handle URL
$twitter_url = "http://www.twitter.com/" .
substr($twitter_handle, $position + 1);
} else {
handle_error(" .",
" ID {$user_id}");
}
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
9.
. 9.6.
333
334
3. - -
-
?
, , , ,
Google. , 20 30
PHP, , .
, !
PHP,
, ? ,
,
.
-, , , . , ,
, , , , , .
, , , , .
, ,
, . ,
,
.
-, -
, . ,
, . , JPG, GIF, , , HTML,
.
,
? , -
, , .
,
.
9.
335
, ?
1)1
c
,
...
SELECT
images
image_data
336
3. - -
?
,
, . (, ,
!) , ,
. ?
-, .
, -
- ,
.
-, profile_pic_id
users. SQL, :
ALTER TABLE users
DROP COLUMN profile_pic_id;
images:
DROP TABLE images;
. .
10
1)1.Z42-
1)1
.Z42-
.Z42-
'BDFCPPL
5XJUUFS
(PPHMF
42-
1)1.Z42-)5.-
.Z42-)5.-
.Z42-)5.-
)5.-
)5.-
tDELETEWHERE
338
3. - -
.Z42-
,
)5.-
1IPUPTIPQ
,
-
show_user.php
10. ,
339
. 10.1.
)5.-
)5.-
1)1
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>
340
3. - -
<li>
<a href="show_user.php?user_id=30"> </a>
(<a href="mailto:bill@williamshatner.com">bill@williamshatner.com</a>)
<a href="delete_user.php?user_id=30">
<img class="delete_user" src="../images/delete.png" width="15" />
</a>
</li>
<li>
<a href="show_user.php?user_id=22"> </a>
(<a href="mailto:james@roday.net">james@roday.net</a>)
<a href="delete_user.php?user_id=22">
<img class="delete_user" src="../images/delete.png" width="15" />
</a>
</li>
<li>
<a href="show_user.php?user_id=1">. . </a>
(<a href="mailto:cj@texasrangers.com">cj@texasrangers.com</a>)
<a href="delete_user.php?user_id=1">
<img class="delete_user" src="../images/delete.png" width="15" />
</a>
</li>
</ul>
</div>
<div id="footer"></div>
</body>
</html>
1IPUPTIPQ
1IPUPTIPQ
)5.-
$44
1IPUPTIPQ
10. ,
341
J1BEJ1IPOF
, ,
,
, . .
.
42-
SELECT *
FROM users;
342
3. - -
1)1.Z42-
SELECT (
)
SELECT *
users
SELECT *
mysql> describe users;
+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
|
| PRI | NULL
| auto_increment |
| first_name
| varchar(20) |
|
|
|
|
| last_name
| varchar(30) |
|
|
|
|
| email
| varchar(50) |
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | varchar(200) | YES |
| NULL
|
|
| profile_pic_id | int(11)
| YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
9 rows in set (0.10 sec)
, ,
user_pic_path prole_pic_id. ,
,
images, .
:
ALTER TABLE users
DROP COLUMN prole_pic_id;
first_name
last_nameuser_idshow_user.php
email
SELECT *
facebook_url
twitter_handle
biouser_pic_path
10. ,
343
users
*
bio
users
SELECT user_id, first_name, last_name, email
FROM users;
SELECT
, ?
. , user_pic_path
users . , ,
SELECT?
, SELECT, , . ,
, ,
- ? , .
,
.
, , ,
. , , . , . ,
-
. .
SELECT * , , .
, , , .
SELECT. .
.
344
3. - -
: -
. , ( )
.
,
, .
, .
, , ,
,
.
SELECT
admin.
php
create_user.phpt
show_user.phpt
app_config.phpt
database_connection.phpt
create_user.php
show_user.php
admin.php
admin.php
show_users.php
show_users.php
10. ,
345
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
//
$result = mysql_query($select_users);
?>
SELECT , sprintf.
.
)5.-
<?php
//
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>
<!-- <li>- -->
</ul>
</div>
<div id="footer"></div>
</body>
</html>
1)1)5.-
show_users.php
346
3. - -
. 10.2. ,
SELECT
<li>
)5.-
sprintf
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='delete_user.php?user_id=%d'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
//
);
sprintf
. sprintf,
,
.
.
<li><a href='show_user.php?user_id=1'>.. </a>
(<a href='mailto:cj@texasrangers.com'>cj@texasrangers.com</a>)
10. ,
347
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row[0]}</li>";
}
while ($row = mysql_fetch_row($result)) {
echo "<li>{$row['col_name']}</li>";
}
$row
col_name
users
)5.-
<?php
//
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<ul>
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='delete_user.php?user_id=%d'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
</ul>
</div>
<div id="footer"></div>
</body>
</html>
348
3. - -
HTML , : delete_user.php. ,
. ,
.
sprintf
)5.-
)5.-
HTML
- .
PHP, , ,
echo . , PHP- , -
PHP- . , , PHP- HTML,
.
show_users.php. PHP-,
HTML... - PHP,
HTML.
, , , HTML,
PHP, ,
, . , , HTML PHP.
, PHP:
.
, (, - )
, . -
HTML PHP . .
PHP , .
show_users.php
show_user.php
10. ,
349
. 10.3.
. 10.4. show_user.php,
1)1
350
3. - -
1)1
)5.-
)5.-
)5.-
8PSEQSFTT1)1
DELETE FROM users;
WHERE
DELETE FROM users
WHERE user_id = [id__];
user_id
show_users.php
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='delete_user.php?user_id=%d'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
10. ,
351
)5.-
<a href='delete_user.php?user_id=22'>...</a>
user_idshow_user.php
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
create_user.php.
, .
user_id
show_users.php
SELECT
delete_user.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
//
$user_id = $_REQUEST['user_id'];
// DELETE
$delete_query = sprintf("DELETE FROM users WHERE user_id = %d",
$user_id);
//
mysql_query($delete_query);
// show_users
// ( )
header("Location: show_users.php");
exit();
?>
352
3. - -
, . app_config.php. ,
- ,
.
,
, , :
! ,
, , . ? .
, . ,
. , , , ,
, , , .
, , , , ,
emacs vi ,
- . .
? ,
, .
, .
$insert_sql, $insert_query.
, PHP , . ,
.
(, )
.
, . , .
,
.
.
(. 10.5)
(. 10.6) , ,
, .
.
. , ,
.
10. ,
353
. 10.5. ,
,
. 10.6.
,
( Terminal Mac)
!
. .
354
3. - -
show_users.php
. 10.7.
delete_user.php
show_users.php
10. ,
355
delete_user.php
show_users.php
JavaScript
1)1
1)1
)5.-
)5.-
0,
"KBY
+BWB4DSJQU
+BWB4DSJQU
show_users.php
+BWB4DSJQU
<?php
// SELECT
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
</script>
</head>
<body>
<!-- HTML -->
</body>
</html>
delete_user.php
356
3. - -
, JavaScript.
- ,
, JavaScript, .
, ?
, , , . .
, , , ,
. (, , - ?)
? :
<head>
<link href="../css/phpMM.css"
rel="stylesheet" type="text/css"
/>
<script type="text/javascript">
function delete_user(user_id) {
//
}
</script>
</head>
, , JavaScript
head- .
.
1. JavaScript-.
2. JavaScript-.
3. , JavaScript
!
4. , JavaScript, .
, . , XXXBNB[PODPN, XXXHPPHMFDPN XXXBQQMFDPN.
- <script>- head-
!
10. ,
357
+BWB4DSJQU
delete_user.php
+BWB4DSJQU
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
358
3. - -
. 10.8.
SELECT
delete_user.php
show_users.php
10. ,
359
show_users.php
delete_user.php
show_users.php
delete_user.php
show_users.php
delete_user.php
header("Location: show_users.php");
1)1)551
1)1)551
)551
)551
Location
)551
63-
header
1)1
1)1
echo
)5.-
header
header
Location exit()
delete_user.php
1)1
360
3. - -
show_users.php
show_users.php
-- ( - )
-.
MVC, Model-View-Controller (--).
: , . MVC,
.
, . , , .
delete_user.php MySQL .
MVC- PHP-, User.php, ,
delete() remove(). :
User user_to_delete =
User.find_by_id($user_id);
user_to_delete.delete();
, MVC , . , ,
.
, .
show_user.php show_users.php . HTML . ,
, , .
MVC- .
.
, , . delete_user.php. , ,
, , , show_users.php.
-, PHP,
MVC-. , PHP, MVC-,
. ,
, delete_user.php ( ), show_users.php ().
10. ,
361
delete_user.php (
). show_users.php
, , ,
.
PHP MVC-, ? . -,
MVC,
- MVC , ,
. -,
, ,
, .
delete_user.php, , .
, , show_users.php, .
delete_user.php
success_message
// show_users,
// ( )
$msg = " .";
header("Location: show_users.php?success_message={$msg}");
, error_message,
.
show_users.php
show_users.php
show_users.
phpsuccess_message
delete_user.php63-
63-
362
3. - -
. 10.9.
,
JavaScript
show_users.php
. show_users.php
, .
( - ) .
+BWB4DSJQU
, JavaScript
+BWB4DSJQU
show_users.php+BWB4DSJQU
window.location.href
63-
function get_request_param_value(param_name) {
param_name = param_name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexS = "[\\?&]" + param_name + "=([^&#]*)";
var regex = new RegExp(regexS);
10. ,
363
.
, JavaScript.
, ,
, .
, ,
PHP, JavaScript.
success_message
+BWB4DSJQU
msg = get_request_param_value("success_message");
if (msg.length > 0) {
//
}
get_request_param_value
msg = get_request_param_value("success_message")
if (msg.length > 0) {
alert(msg);
}
headshow_users.phpscript
. 10.10.
364
3. - -
. 10.10 , alert. ,
, alert
, . window.onload,
onload, body, jQuery
,
.
PHP
+BWB4DSJQU
)5.-
$44+BWB4DSJQU
+BWB4DSJQU
success_message
63-
show_users.php
)5.-
+BWB4DSJQU
show_users.php
$msg = $_REQUEST['success_message'];
+BWB4DSJQU
function get_request_param_value(param_name) {
param_name = param_name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexS = "[\\?&]" + param_name + "=([^&#]*)";
var regex = new RegExp(regexS);
var results = regex.exec(unescape(window.location.href));
if (results == null)
return "";
else
return results[1];
}
, , get_request_param_value
JavaScript PHP,
.
10. ,
365
1)1
// ,
if (isset($_REQUEST['success_message'])) {
$msg = $_REQUEST['success_message'];
}
+BWB4DSJQU)5.-
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
<?php if (isset($msg)) { ?>
window.onload = function() {
alert("<?php echo $msg ?>");
}
<?php } ?>
</script>
users.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
//
$result = mysql_query($select_users);
// ,
if (isset($_REQUEST['success_message'])) {
$msg = $_REQUEST['success_message'];
}
?>
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
366
3. - -
, show_user.php
show_users.php, app_cong.php. , -
, -,
,
. ,
, .
1)1
1)1
1)1
1)1
63-
ZFMMPXUBHNFEJBDPNQIQ..
DITIPX@VTFSTQIQ TVDDFTT@NFTTBHF
10. ,
367
show_users.php
63-
. 10.11.
63-
)5.-
. 10.12.
368
3. - -
show_users.php63-
+BWB4DSJQU)5.-
show_users.php
window.onload
. 10.13.
63-
63-
63-
63-
alert
0,
t
10. ,
369
, UX ( user
experience, ) UI (user interface, ).
, UX
, UI.
: .
, , ,
- -.
K2VFSZ
jQuery, jQuery
- www.jqueryui.com/demos/dialog. ,
Modal-. jQuery UI 10 ,
5 ,
jQuery.
0,
handle_error
?
11, ? .
370
3. - -
+BWB4DSJQU
<body>
<?php display_messages($_REQUEST); ?>
<!-- , HTML- -->
</body>
. 10.14. ,
- -
)5.-
<div id="messages">
<div class="success">
10. ,
371
<p> </p>
</div>
</div>
. 10.15.
, , create_user.html.
c HTML , ,
. ,
. , ,
.
)5.-
classdiv
<div id="messages">
<div class="error">
<p> </p>
</div>
</div>
372
3. - -
delete_user.php
show_users.php
<div id="messages">
<div class="success">
<p>$msg</p>
</div>
</div>
1)1
<div id="messages">
<div class="success">
<p><?php echo $msg; ?></p>
</div>
</div>
function display_success_message($msg) {
echo "<div id='messages'>\n";
echo " <div class='success'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
echo "</div>\n\n";
}
sprintf? , \n?
, display_success_message ,
.
sprintf. echo ( echo sprintf). HTML, PHP <?php ?>.
.
\n. ,
. :
<div id='messages'> <div class='success'>
<p>{$msg}</p> </div></div>
10. ,
373
HTML. . HTML .
HTML:
<div id='messages'>
<div class='success'>
<p>{$msg}</p>
</div>
</div>
, \n? - . ?
. . ? echo, sprintf ?
PHP- , - , . sprintf
. echo
sprintf . , , , .
\n . , HTML- ,
. ,
, , . ( - ,
, .)
function display_error_message($msg) {
echo "<div id='messages'>\n";
echo " <div class=error>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
echo "</div>\n\n";
}
374
3. - -
display_error_message($error_msg);
echo "</div>\n\n";
}
function display_success_message($msg) {
echo " <div class='success'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
function display_error_message($msg) {
echo " <div class='error'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
function display_success_message($msg) {
echo " <div class='success'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
function display_error_message($msg) {
echo " <div class='error'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
10. ,
375
%3:
define("SUCCESS_MESSAGE", "success");
define("ERROR_MESSAGE", "error");
function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
display_message($success_msg, SUCCESS_MESSAGE);
display_message($error_msg, ERROR_MESSAGE);
echo "</div>\n\n";
}
function display_message($msg, $msg_type) {
echo " <div class='{#msg_type}'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
DRY-
, , DRY- , (Drying up your code,
). DRY, Dont Repeat Yourself, : .
. 4, , ,
app_config.php?
( ) . ,
.
database_connection.php.
.
DRY-: DRY- , .
display_success_message display_error_message,
.
, ?
, . ,
, .
, DRY-
, .
376
3. - -
&3303
FSSPS
FSSPST
view.php
require_onceapp_config.php
<?php
require_once 'app_config.php';
define("SUCCESS_MESSAGE", "success");
define("ERROR_MESSAGE", "error");
function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
display_message($success_msg, SUCCESS_MESSAGE);
display_message($error_msg, ERROR_MESSAGE);
echo "</div>\n\n";
}
function display_message($msg, $msg_type) {
echo " <div class='{$msg_type}'>\n";
echo " <p>{$msg}</p>\n";
echo " </div>\n";
}
?>
app_cong.php view.php . ,
, ,
, . ,
require_once , .
View Display
tview.php
TDSJQUT
app_config.php database_
connection.php
display_messagesdisplay_message app_config.php
show_users.php
view.
php
10. ,
377
delete_user.php
view.php
, database_connection.php.
, require_once database_connection.php .
- , . ,
.
,
show_
users.php
view.php
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
<?php if (isset($msg)) { ?>
window.onload = function() {
alert("<?php echo $msg ?>");
}
<?php } ?>
</script>
</head>
View
require_once
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// . ...
?>
378
3. - -
. , . ?
? , !
, show_users.php PHP-,
head- HTML- .
display_messages)5.-
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<?php display_messages($msg); ?>
display_messages
display_messages
)5.-
)5.-
)5.-
+BWB4DSJQU
+BWB4DSJQU
show_users.php
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type="text/javascript">
function delete_user(user_id) {
if (confirm(" , ?" +
"\n !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
</script>
</head>
view.php
display_messages
10. ,
379
div
display_header
head)5.-
+BWB4DSJQU
head
+BWB4DSJQU
display_title
display_messages
view.php
display_messages
1)1
NULL
NULL , .
Ruby nil. Java null. PHP NULL, C++.
: .
NULL
1)1
if ($value == NULL) // -
is_nullis_null
1)1
display_messages
NULL
display_message
function display_messages($success_msg, $error_msg) {
echo "<div id='messages'>\n";
if (!is_null($success_msg)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}
380
3. - -
show_users.php
$error_msg $success_msg
display_messages
function do_something(this_value = "default value") {
// - this_value
}
display_messagesNULL
function display_messages($success_msg = NULL, $error_msg = NULL) {
echo "<div id='messages'>\n";
if (!is_null($success_msg)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}
display_messages
view.php
heredoc
)5.-
)5.-
html
title
head
+BWB4DSJQU
view.php
+BWB4DSJQUhead
function display_head($page_title = "", $embedded_javascript = NULL) {
$page_title
)5.-
echo
+BWB4DSJQU
function display_head($page_title = "", $embedded_javascript = NULL) {
echo "<html>";
10. ,
381
link
)5.-
href
reltype
\"\'
1)1
1)1
IFSFEPD
IFSFEPD
IFSFEPD
$some_text = <<<EOD
EOD
. -
EOD EOT, ,
.
{$var_name}
<html>
<head>
<title>{$page_title}</title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
382
3. - -
EOD;
$some_text = <<<EOD
<html>
<head>
<title>{$page_title}</title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
EOD;
.
, .
.
,
.
unex-
pected T_SL. , , PHP
, :
.
display_head
IFSFEPD
IFSFEPD
echo
IFSFEPD
+BWB4DSJQU
10. ,
383
()
display_head
show_users.php
show_user.php
)5.-)5.-
)5.-)5.-
)5.-
)5.-
display_head
IFSFEPD
show_users.php
+BWB4DSJQU
<?php
//
?>
<?php
$delete_user_script = <<<EOD
function delete_user(user_id) {
if (confirm(" , ?" +
" !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
EOD;
display_head("", $delete_user_script);
?>
<!-- HTML- -->
</html>
PHP, , <?php/?> (
, display_head). .
, , , ,
<?php. .
IFSFEPD
+BWB4DSJQU
display_head
IFSFEPD
sprintf
)5.-
)5.-
show_users.php
384
3. - -
. 10.16. show_users.php
view.php
)5.-
display_head
View
display_
messages
)5.-
display_head)5.-
+BWB4DSJQU
+BWB4DSJQU
)5.-
)5.-
<html>
<head>
<title></title>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<script type='text/javascript'>function delete_user(user_id) {
if (confirm(" , ?" +
" !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}</script>
10. ,
385
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id='messages'>
<div class='success'>
<p> .</p>
</div>
</div>
<div id="content">
<!-- HTML- -->
</div>
</body>
</html>
show_users.php
display_title("", $msg);
$_REQUEST
NULL
display_title("",
$_REQUEST['success_message'], $_REQUEST['error_message']);
show_users.php , success_message
$_REQUEST,
display_title.
display_headdisplay_title
display_head
display_title
386
3. - -
$_REQUEST display_title?
,
$_REQUEST display_title. display_title
$_REQUEST['success_message'] $_REQUEST['error_message']. .
,
, , ,
.
, (
view.php, HTML) . ,
,
.
, MVC- PHP .
,
.
view.php
$_REQUEST.
t display_
title
body
)5.-
)5.-display_title
)5.-display_head
display_head
display_title
)5.-)5.-display_head
<?php
// -
?>
<?php display_head($title, $javascript);
<?php display_title($title,
?>
10. ,
387
$_REQUEST['success_message'], $_REQUEST['error_message']);
?>
$title
)5.-
display_title
display_head display_
messages
function page_start($title, $javascript = NULL,
$success_message = NULL, $error_message = NULL) {
display_head($title, $javascript);
display_title($title, $success_message, $error_message);
view.php , -
.
display_head
display_title
. 380 PHP
.
388
3. - -
show_users.php
IFSFEPD
IFSFEPD
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
//
$result = mysql_query($select_users);
//
$delete_user_script = <<<EOD
function delete_user(user_id) {
if (confirm(" , ?" +
" !")) {
window.location = "delete_user.php?user_id=" + user_id;
}
}
EOD;
page_start("Current Users", $delete_user_script,
$_REQUEST['success_message'], $_REQUEST['error_message']);
?>
<div id="content">
<ul>
<?php
while ($user = mysql_fetch_array($result)) {
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
}
?>
</ul>
</div>
<div id="footer"></div>
</body>
</html>
10. ,
389
page_start
view.php
page_end
div
footer
c
-
.
HTML view.php, database_
connection.php, . ,
,
require_once. : -
, .
,
. .
, . , 20 30
?
, .
,
.
, . :
display_page($title, $javascript, $content);
:
display_head($title, $javascript);
display_messages($msg);
display_content($content);
display_footer();
,
. ,
, .
390
3. - -
- , , .
, display_page,
? display_head,
display_messages, display_content, ...
? , .
,
- .
,
,
.
. , , ,
.
$PPLJF
11
, , delete_user.php admin.php.
delete_user.php
create_user.html
show_users.php
11.
393
create_user.html
. , ,
. ,
, , , .
:PV5VCF(PPHMF
5XJUUFS'BDFCPPL
5XJUUFS'BDFCPPL
'BDFCPPL
'BDFCPPL
394
4.
create_user.html
HTTP-
)551
)551
)551
function handle_error($user_error_message, $system_error_message) {
header("Location: " . get_web_path(SITE_ROOT) .
"scripts/show_error.php" .
"?error_message={$user_error_message}" .
"&system_error_message={$system_error_message}");
}
handle_error scripts/app_cong.php.
show_image.php 9,
, .
)551
)551
Content-typeLocation
HTTP/1.1 401 Unauthorized
t
)551
HTTP www.w3.org/Protocols/rfc2616/rfc2616-
sec10.html.
11.
395
WWW-Authenticate
tbasic realm
"The Social Site"
...
show_users.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
// PHP
?>
,
ch11. ,
, , - .
show_users.php
396
4.
. 11.1.
- -
.htpasswd ( - Apache), .
.htpasswd PHP.
.htpasswd
, .
show_users.php
t
$BODFM
show_users.php
show_users.php
11.
397
. 11.2. show_users.php
show_users.php
)551
)551
1)1
1)1
$_SERVER
$_SERVER['PHP_AUTH_USER']t
$_SERVER['PHP_AUTH_PW']t
398
4.
)551
)551
$_SERVER['PHP_AUTH_USER']$_SERVER['PHP_AUTH_PW']
isset
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
}
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
11.
399
header
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
1)1
1)1
header
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
// ,
//
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
exit
die
. 11.3.
,
( !)
while
while (_____) {
______();
}
400
4.
, PHP. ,
. .
t
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
- ,
,
. ,
, - .
. ,
, .
if, while, else, , PHP, .
:
while (_____) {
______();
}
,
PHP. , $_SERVER, ,
. , , ,
, :
while (_____) {
- :
if (($_SERVER['PHP_AUTH_USER'] !=
VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] !=
VALID_PASSWORD)) {
? -... ,
. , , . :
______();
11.
401
, . .
. , ,
- ,
. ,
, , .
show_users.php
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
} else {
if (($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
}
if exit .
exit , ,
. , ,
.
.
)551
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
402
4.
show_users.php.
show_users.php
if
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
show_users.php
adminsuper_secret
show_users.php
. 11.4.
PHP $_SERVER
11.
403
. 11.5. , ;
show_users.php
show_users.php
delete_user.php
app_config.phpdatabase_connection.php
: authorize.php
authorize.php
<?php
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
?>
404
4.
?
, . show_users.php : . , ,
, ,
show_users.php.
, ,
, .
, ,
... . .
, , ( ).
,
,
.
1)1
authorize.php
authorize.php
+BWB4DSJQU
<script>
<script type="text/javascript">
dashboard_alert("#hits_count_dialog");
$("#hits_count_dialog").dialog("open");
query_results_tables();
</script>
+BWB4DSJQU
1)1
authorize.php
11.
405
<?php
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
($_SERVER['PHP_AUTH_USER'] != VALID_USERNAME) ||
($_SERVER['PHP_AUTH_PW'] != VALID_PASSWORD)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
?>
require_once
authorize.php
authorize.php
show_users.php
require_onceauthorize.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/authorize.php';
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
//
// SELECT
$select_users =
"SELECT user_id, first_name, last_name, email " .
" FROM users";
// . ...
?>
406
4.
delete_user.php
1)1
. 11.6. ,
show_users.php
delete_user.php
11.
407
. 11.7.
PHP
1)1
app_config.phpauthorize.php
t
42-
authorize.php
- , , -
, . , ,
, . , -
, ,
, .
408
4.
.Z42-
users
users
mysql> describe users;
+----------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+----------------+--------------+------+-----+---------+----------------+
| user_id
| int(11)
| NO
| PRI | NULL
| auto_increment |
| first_name
| varchar(20) | NO
|
|
|
|
| last_name
| varchar(30) | NO
|
|
|
|
| email
| varchar(50) | NO
|
|
|
|
| facebook_url
| varchar(100) | YES |
| NULL
|
|
| twitter_handle | varchar(20) | YES |
| NULL
|
|
| bio
| text
| YES |
| NULL
|
|
| user_pic_path | text
| YES |
| NULL
|
|
+----------------+--------------+------+-----+---------+----------------+
8 rows in set (0.02 sec)
AFTER MySQL .
AFTER , ( username password,
, ) .
, ,
DESCRIBE.
11.
409
username
password
NOT NULL
42-
mysql> UPDATE users
->
SET username = "jroday",
->
password = "psych_rules"
-> WHERE user_id = 45;
mysql> SELECT user_id, username, password, first_name, last_name
->
FROM users
-> WHERE user_id = 45;
+---------+----------+-------------+------------+-----------+
| user_id | username | password
| first_name | last_name |
+---------+----------+-------------+------------+-----------+
|
45 | jroday
| psych_rules | James
| Roday
|
+---------+----------+-------------+------------+-----------+
1 row in set (0.00 sec)
users
410
4.
?
, , . -
. .
, ,
50 .
, UPNNZO!ECDPSH, ( ), , UOB.
.
users username? ?
-, , . , ,
, Gmail, iCloud
, , - .
-,
. - , - . , , - ,
, .
.
-, , .
?
. , ?
, . , 1Password
(XXXBHJMFCJUTDPNQSPEVDUT1BTTXPSE), . ,
1Password ( $59,99 ) .
11.
411
create_user.html
)5.-
)5.-
create_user.html
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
<link href="../css/jquery.validate.password.css" rel="stylesheet"
type="text/css" />
<script type="text/javascript" src="../js/jquery.js"></script>
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript" src="../js/jquery.validate.password.js">
</script>
<script type="text/javascript">
$(document).ready(function() {
$("#signup_form").validate({
rules: {
password: {
minlength: 6
},
confirm_password: {
minlength: 6,
equalTo: "#password"
}
},
messages: {
password: {
minlength: " 6 "
},
confirm_password: {
minlength: " 6 ",
equalTo: " ."
}
}
});
});
</script>
412
4.
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example"></div>
<div id="content">
<h1> </h1>
<p>, :</p>
<form id="signup_form" action="create_user.php"
method="POST" enctype="multipart/form-data">
<fieldset>
<label for="first_name">:</label>
<input type="text" name="first_name" size="20" class="required" />
<br />
<label for="last_name">:</label>
<input type="text" name="last_name" size="20" class="required" />
<br />
<label for="username"> :</label>
<input type="text" name="username" size="20" class="required" />
<br />
<label for="password">:</label>
<input type="password" id="password" name="password"
size="20" class="required password" />
<div class="password-meter">
<div class="password-meter-message"> </div>
<div class="password-meter-bg">
<div class="password-meter-bar"></div>
</div>
</div>
<br />
<label for="confirm_password"> :</label>
<input type="password" id="confirm_password" name="confirm_password"
size="20" class="required" /><br />
<label for="email"> :</label>
<input type="text" name="email" size="30" class="required email" />
<br />
<label for="facebook_url"> URL- Facebook:</label>
<input type="text" name="facebook_url" size="50" class="url" /><br />
<label for="twitter_handle"> Twitter:</label>
<input type="text" name="twitter_handle" size="20" /><br />
<input type="hidden" name="MAX_FILE_SIZE" value="2000000" />
<label for="user_pic"> :</label>
<input type="file" name="user_pic" size="30" /><br />
<label for="bio">:</label>
<textarea name="bio" cols="40" rows="10"></textarea>
</fieldset>
<br />
<fieldset class="center">
11.
413
K2VFSZ
XXXKRVFSZDPNK2VFSZ
K2VFSZ
+BWB4DSJQU
K2VFSZK2VFSZ
XXXKRVFSZCBTTJTUBODFEF
create_user.html
. 11.8.
414
4.
create_user.html
typepassword
K2VFSZK2VFSZ
+BWB4DSJQU
. 11.9.
K2VFSZ
K2VFSZ
11.
415
1)1
. 11.10.
1)1
create_user.php
<?php
require_once '../scripts/app_config.php';
require_once '../scripts/database_connection.php';
$upload_dir = SITE_ROOT . "uploads/profile_pics/";
416
4.
$image_fieldname = "user_pic";
// PHP-
$php_errors = array(1 => ' . , php.ini',
2 => ' . , HTML',
3 => ' ',
4 => ' .');
$first_name = trim($_REQUEST['first_name']);
$last_name = trim($_REQUEST['last_name']);
$username = trim($_REQUEST['username']);
$password = trim($_REQUEST['password']);
$email = trim($_REQUEST['email']);
$bio = trim($_REQUEST['bio']);
$facebook_url = str_replace("facebook.org", "facebook.com", trim($_
REQUEST['facebook_url']));
$position = strpos($facebook_url, "facebook.com");
if ($position === false) {
$facebook_url = "http://www.facebook.com/" . $facebook_url;
}
$twitter_handle = trim($_REQUEST['twitter_handle']);
$twitter_url = "http://www.twitter.com/";
$position = strpos($twitter_handle, "@");
if ($position === false) {
$twitter_url = $twitter_url . $twitter_handle;
} else {
$twitter_url = $twitter_url . substr($twitter_handle, $position + 1);
}
//
($_FILES[$image_fieldname]['error'] == 0)
or handle_error(" .",
$php_errors[$_FILES[$image_fieldname]['error']]);
// ?
@is_uploaded_file($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" . !",
" : " .
['tmp_name']}'");
// ?
@getimagesize($_FILES[$image_fieldname]['tmp_name'])
or handle_error(" , " .
" .",
"{$_FILES[$image_fieldname]['tmp_name']} " .
" .");
//
$now = time();
while (file_exists($upload_filename = $upload_dir . $now .
'-' .
$_FILES[$image_fieldname]['name'])) {
11.
417
$now++;
// ,
@move_uploaded_file($_FILES[$image_fieldname]['tmp_name'],
$upload_filename)
or handle_error(" " .
" .",
", " .
" {$upload_filename}");
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, username, " .
"password, email, " .
"bio, facebook_url, twitter_handle, " .
"user_pic_path) " .
"VALUES ('%s', '%s', '%s', '%s', '%s',
'%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_real_escape_string($upload_filename));
//
mysql_query($insert_sql);
// ,
//
header("Location: show_user.php?user_id=" . mysql_insert_id());
?>
, , -
create_user.php ( create_user.html). ,
, 9 10,
. , ,
-, .
require_once
authorize.php
418
4.
. 11.11.
create_user.php
?
, . , create_user.php
, . , , .
SELECT . - ,
, handle_error. . ,
, , ,
.
create_user.html create_user.php. , - ,
, , , .
, , , Ajax, .
, ?
. PHP . , , , ,
, , 12,
.
.
11.
419
authorize.php
users
authorize.php
define(VALID_USERNAME, "admin");
define(VALID_PASSWORD, "super_secret");
if
$_SERVERPHP_AUTH_USERPHP_AUTH_PW
VALID_USERNAMEVALID_PASSWORD
if
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
420
4.
, if (), else ( ),
else . if ,
exit, .
, PHP_AUTH_USER PHP_AUTH_PW
$_SERVER.
sprintf mysql_real_escape_string
<?php
require_once 'database_connection.php';
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_PW'])));
$results = mysql_query($query);
?>
11.
421
if (mysql_num_rows($results) == 1) {
// ! .
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
, , , ,
, , , -
, exit,
authorize.php.
authorize.php
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$current_user_id = $result['user_id'];
$current_username = $result['username'];
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
<?php
require_once 'database_connection.php';
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
422
4.
" . .");
}
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_PW'])));
$results = mysql_query($query);
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$current_user_id = $result['user_id'];
$current_username = $result['username'];
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
?>
show_users.php
authorize.php
,
show_users.php
admin
11.
423
42-
mysql> SELECT user_id, username, password, first_name, last_name
->
FROM users
-> WHERE user_id = 45;
+---------+----------+-------------+------------+-----------+
| user_id | username | password
| first_name | last_name |
+---------+----------+-------------+------------+-----------+
|
45 | jroday
| psych_rules | James
| Roday
|
+---------+----------+-------------+------------+-----------+
1 row in set (0.00 sec)
+BNFT3PEBZ
Psycht
1)1
crypt
1)1crypt
$encrypted_password = crypt($password);
424
4.
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($username),
mysql_real_escape_string(crypt($password)),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_real_escape_string($upload_filename));
crypt
ALTER TABLE users
CHANGE password
password VARCHAR(50) NOT NULL;
password . ,
. ,
( NOT NULL). ,
, password.
crypt
crypt
11.
425
authorize.php
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(
crypt(trim($_SERVER['PHP_AUTH_PW']))));
. -
, , -
.
crypt
crypt
t
crypt
crypt
crypt
crypt
426
4.
test_salt.php
<?php
$input = "secret_string";
$first_output = crypt($input);
$second_output = crypt($input);
echo " : {$first_output}\n\n";
echo " : {$second_output}\n\n";
?>
yellowta@yellowtagmedia.com [~/www/phpMM/ch11]# php test_salt.php
X-Powered-By: PHP/5.2.17
Content-type: text/html
: $1$ciU1qEcc$XFT9G7FD/4K/L1Kl.bd.q/
: $1$7cLtF/bc$Js6rEk5RHg4PujAkVOOSG1
<?php
$input = "secret_string";
$salt = "salt";
$first_output = crypt($input, $salt);
$second_output = crypt($input, $salt);
echo " : {$first_output}\n\n";
echo " : {$second_output}\n\n";
?>
yellowta@yellowtagmedia.com [~/www/phpMM/ch11]# php test_salt.php
X-Powered-By: PHP/5.2.17
Content-type: text/html
: sazmIw2D3KJ/M
: sazmIw2D3KJ/M
crypt
11.
427
create_user.php
$insert_sql = sprintf("INSERT INTO users " .
"(first_name, last_name, username, " .
"password, email, " .
"bio, facebook_url, twitter_handle, " .
"user_pic_path) " .
"VALUES ('%s', '%s', '%s', '%s', '%s',
'%s', '%s', '%s', '%s');",
mysql_real_escape_string($first_name),
mysql_real_escape_string($last_name),
mysql_real_escape_string($username),
mysql_real_escape_string(crypt($password, $username)),
mysql_real_escape_string($email),
mysql_real_escape_string($bio),
mysql_real_escape_string($facebook_url),
mysql_real_escape_string($twitter_handle),
mysql_real_escape_string($upload_filename));
authorize.php
$_SERVER
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(
crypt(trim($_SERVER['PHP_AUTH_PW']),
$_SERVER['PHP_AUTH_USER'])));
show_users.php
12
Cookie-,
1)1
1)1
.Z42-
.Z42-
5XJUUFS63-'BDFCPPL
5XJUUFS63-'BDFCPPL
63-'BDFCPPL
63-'BDFCPPL
'BDFCPPL
'BDFCPPL
(PPHMF
1)1
1)1
show_users.phpdelete_user.php
12. Cookie-,
429
t
)551
)551
)551
. 12.1.
430
4.
$44
$44
)5.-47(
)5.-47(
47(
47(
index.html
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="content">
<div id="home_banner"></div>
<div id="signup">
<a href="create_user.html"><img src="../images/sign_me_up.png" /></a>
<a href="signin.html"><img src="../images/sign_me_in.png" /></a>
</div>
</div>
<div id="footer"></div>
</body>
</html>
12. Cookie-,
431
1)1
1)1
)551
)551
. 12.2.
create_user.html
signin.html
432
4.
authorize.php
authorize.php
$_SERVER
, , -
, , -
.
.
)5.-
1)1
1)1
show_user.php
)5.-
)5.-
)5.-
1)1
12. Cookie-,
433
1)1
1)1
1)1
1)1
1)1
1)1
show_user.php
1)1
1)1
1)1
1)1
1)1
<html>
<head>
<link href="../css/phpMM.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="content">
<div id="home_banner"></div>
<div id="signup">
<a href="create_user.html"><img src="../images/sign_me_up.png" /></a>
<a href="signin.php"><img src="../images/sign_me_in.png" /></a>
</div>
</div>
<div id="footer"></div>
</body>
</html>
434
4.
PHP
, HTML, , ,
PHP. , -
, , HTML-.
?
...
. , . ,
, . , if, .
if ,
, , .
, , ,
, , . .
.
PHP,
, . , , , , PHP, ,
PHP, . , ,
...
, PHP,
.
, - (Model-View-Controller, MVC), .
HTML , ,
( - ) , . , ,
MVC-, PHP.
.
, , Ruby
Java ( , ).
, PHP
MVC,
. .
12. Cookie-,
435
HTTP-
ookie-
signin.php
signin.php
)551
show_users.php
delete_user.php
PPLJF
,
(cookie . , , , , ).
, (magic cookies).
Unix -
, - .
, ookie-
, ,
.
ookie-?
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJFusername
my_username
DPPLJFuser_id52
DPPLJFusername
DPPLJFusername
DPPLJF
DPPLJF
436
4.
DPPLJF
cookie- , ,
cookie-.
, :
.
13. ,
cookie-. , ,
. , cookie-
,
.
cookie-
DPPLJF
1)1DPPLJF
1)1DPPLJF
DPPLJF
DPPLJF
$_SERVER$_REQUEST
DPPLJFsetcookie
DPPLJF
setcookie("username", "my_username");
DPPLJF
$_COOKIE
echo " " . $_COOKIE['username'] . ".";
DPPLJF
setcookie$_COOKIE
cookie- , ,
. setcookie , -
-
.
cookie-
DPPLJF
signin.php
12. Cookie-,
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// , cookie- user_id
if (!isset($_COOKIE['user_id'])) {
// username
if (isset($_REQUEST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
}
// ,
// if,
// .
// . ,
// ,
// .
page_start("");
?>
<html>
<div id="content">
<h1> </h1>
<form id="signin_form" action="signin.php" method="POST">
<fieldset>
<label for="username"> :</label>
<input type="text" name="username" id="username" size="20" />
<br />
<label for="password">:</label>
<input type="password" name="password" id="password" size="20" />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value="" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>
<?php
} else {
437
438
4.
// ,
// , , show_user.php
}
?>
, database_connection.php ,
app_cong.php ? app_cong.php, ,
- , . , -
database_connection.php app_cong.php. ,
database_connection.php, app_con-
g.php.
?
require_once
t
DPPLJF user_id
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
DPPLJF
isset
DPPLJF
?
DPPLJF user_id
)5.-
12. Cookie-,
439
$_REQUEST(&5
63-
1045
t
1045
$_REQUEST
$_POST
1045
, , , $_POST GET-:
$_GET.
$_POST
1045
1045
63-
. POST- , GET-,
. , , POST-
, . .
//
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
440
4.
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
// ,
}
, : $_REQUEST $_POST?
, ,
. , ,
$_REQUEST, $_GET $_POST . $_REQUEST , $_GET, $_POST. ,
POST-, ,
$_REQUEST, $_POST.
$_REQUEST $_GET
$_POST. $_COOKIE (
). , signin.php
:
// , cookie- user_id
if (!isset($_REQUEST['user_id'])) {
, $_REQUEST $_GET,
$_REQUEST $_COOKIE. , : , ,
, , .
, , $_REQUEST,
$_GET, $_POST $_COOKIE.
signin.php, , POST-.
, , , $_POST.
GET-, $_GET.
cookie-,
$_COOKIE. ... ,
.
)5.-
12. Cookie-,
441
, -
. , ,
.
// if,
// .
// . ,
// ,
// .
page_start("");
?>
<html>
<div id="content">
<h1> </h1>
<form id="signin_form" action="signin.php" method="POST">
<fieldset>
<label for="username"> :</label>
<input type="text" name="username" id="username" size="20" />
<br />
<label for="password">:</label>
<input type="password" name="password" id="password" size="20" />
</fieldset>
<br />
<fieldset class="center">
<input type="submit" value="" />
</fieldset>
</form>
</div>
<div id="footer"></div>
</body>
</html>
)5.-
if
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
)5.-
)5.-
$_POST$_REQUEST
<form id="signin_form" action="signin.php" method="POST">
442
4.
signin.php
admin.phpdelete_user.php
show_users.php
1)1
1)1
$_SERVER
signin.php
$_SERVER['PHP_SELF']
<form id="signin_form"
action="<?php echo $_SERVER['PHP_SELF']; ?>"
method="POST">
<?php
} else {
// ,
// , , show_user.php
}
?>
, signin.php
, . , ,
. , , . , ,
.
12. Cookie-,
443
, .
check_the_user_credentials(). :
//
// ,
.
, .
)5.- 1)1
1045
1)1
1)1
)5.-
DPPLJFuser_id1045
1045
. 12.3. ,
444
4.
authorize.php
//
$query = sprintf("SELECT user_id, username FROM users " .
" WHERE username = '%s' AND " .
"
password = '%s';",
mysql_real_escape_string(trim($_SERVER['PHP_AUTH_USER'])),
mysql_real_escape_string(
crypt(trim($_SERVER['PHP_AUTH_PW']),
$_SERVER['PHP_AUTH_USER'])));
$results = mysql_query($query);
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$current_user_id = $result['user_id'];
$current_username = $result['username'];
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="The Social Site"');
exit(" ." .
" . .");
}
)551
signin.php
DPPLJF
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
//
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
$query = sprintf("SELECT user_id, username FROM users " .
12. Cookie-,
445
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
setcookie('user_id', $user_id);
setcookie('username', $result['username']);
header("Location: show_user.php");
} else {
// ,
}
// if,
// .
// . ,
// ,
//
page_start("");
?>
signin.php
)5.-
)5.-
DPPLJF
DPPLJF
show_user.php
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
setcookie('user_id', $user_id);
setcookie('username', $result['username']);
header("Location: show_user.php");
} else {
// ,
}
446
4.
. 12.4. show_user.php
,
(&563-
(&563-
63-
63-
user_id
signin.phpuser_id
show_user.php
// ID
$user_id = $_REQUEST['user_id'];
show_user.php
signin.php
if
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
12. Cookie-,
447
// , , show_user.php
header("Location: show_user.php");
show_user.phpuser_id
show_user.php
signin.php
$_REQUEST
@3&26&45@1045
signin.phpDPPLJF
DPPLJF
$_COOKIE $_REQUEST
$_COOKIE
$_POST$_GET
$user_id = $_REQUEST['user_id'];
$user_id = $_COOKIE['user_id'];
DPPLJF
: : $_COOKIE $_REQUEST?
. , $_COOKIE,
create_user.php. , - $_REQUEST,
show_user.php .
cookie-, . ,
cookie-, show_user.php, $_COOKIE,
.
cookie-
signin.php
&OUFS
signin.php
DPPLJF
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
448
4.
. 12.5.
DPPLJF
<?php
} else {
// ,
// , , show_user.php
}
?>
signin.php
show_user.php
} else {
// ,
// , , show_user.php
header("Location: show_user.php");
}
show_user.phpDPPLJF
user_id
show_user.php
)551
DPPLJF
DPPLJF
setcookie , 0,
, cookie- ,
.
12. Cookie-,
449
DPPLJF
DPPLJF
setcookie
6OJY-JOVY
time() + 10
setcookie
DPPLJF
// (60 seconds * 60 minutes = 3600)
setcookie('user_id', $user_id, time() + 3600);
// cookie-,
//
setcookie('user_id', $user_id, time() - 3600);
// :
setcookie('user_id', $user_id, 0);
DPPLJF
DPPLJF
, Facebook Twitter,
.
, 10 .
DPPLJF
signin.php
450
4.
else
if (mysql_num_rows($results) == 1) {
// cookie- show_user.php
} else {
// ,
}
handle_error
handle_error
handle_error
page_start
view.phpsignin.php
page_start("");
view.php
function page_start($title, $javascript = NULL,
$success_message = NULL, $error_message = NULL) {
$success_message$error_message
$error_message
page_start
)5.-
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = "";
// ,
12. Cookie-,
451
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
//
if (isset($_POST['username'])) {
//
//
if (mysql_num_rows($results) == 1) {
$result = mysql_fetch_array($results);
$user_id = $result['user_id'];
setcookie('user_id', $user_id);
setcookie('username', $result['username']);
header("Location: show_user.php");
} else {
// ,
$error_message = " -.";
}
// if,
// .
// ,
// .
page_start("", NULL, NULL, $error_message);
?>
, cookie- -
, .
, ID , -
cookie- .
, ! cookie-
, .
, cookie-.
452
4.
. 12.6.
view.php
page_start
$error_message
""
view.phpdisplay_message
function display_messages($success_msg = NULL, $error_msg = NULL) {
echo "<div id='messages'>\n";
if (!is_null($success_msg)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}
12. Cookie-,
453
$error_message
$error_message
null
function display_messages($success_msg = NULL, $error_msg = NULL) {
echo "<div id='messages'>\n";
if (!is_null($success_msg) && (strlen($error_msg) > 0)) {
display_message($success_msg, SUCCESS_MESSAGE);
}
if (!is_null($error_msg) && (strlen($error_msg) > 0)) {
display_message($error_msg, ERROR_MESSAGE);
}
echo "</div>\n\n";
}
. 12.7.
454
4.
. 12.8. ,
signin.php
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
}
// . ...
12. Cookie-,
455
$username
)5.-
)5.-
value$username
<label for="username"> :</label>
<input type="text" name="username" id="username" size="20"
value="<?php if (isset($username)) echo $username; ?>" />
. 12.9.
-
1)1
456
4.
1)1
1)1
DPPLJFuser_id
if (isset($_COOKIE['user_id'])) {
//
} else {
//
}
view.php
display_title
if
DPPLJFuser_id
show_user.php signout.php
function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
EOD;
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'> </a>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
}
12. Cookie-,
457
view.php
)5.-
if
display_title
display_title
$_REQUEST
$_COOKIE
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'> </a>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
*%show_user.php
DPPLJF
show_user.php
$_REQUEST['user_id']
*%
-
?
, - , ,
. -
, - ,
. , ?
,
. -,
, ,
, - . -, ,
, ,
. - . , .
, , , .
, cookie-. ,
. ,
.
458
4.
)5.- show_user.php
show_users.php signin.php
page_start
)5.-
)5.-
display_title
page_start
view.php
show_user.php
<?php
require '../scripts/database_connection.php';
require '../scripts/view.php';
// PHP ID
// cookie-,
//
page_start("");
?>
<div id="content">
<div class="user_profile">
<h1><?php echo "{$first_name} {$last_name}"; ?></h1>
<p><img src="<?php echo $user_image; ?>" class="user_pic" />
<?php echo $bio; ?></p>
<p class="contact_info">
<?php echo $first_name; ?>:
</p>
<ul>
<li>...
<a href="<?php echo $email; ?>"><?php echo $email; ?></a></li>
<li>...
<a href="<?php echo $facebook_url; ?>">
Facebook</a></li>
<li>... <a href="<?php echo $twitter_url; ?>">
Twitter</a></li>
</ul>
</div>
</div>
<div id="footer"></div>
</body>
</html>
show_user.php
- show_user.php
. !
start_page
display_title
view.phpDPPLJF
12. Cookie-,
459
signin.php
if display_title
DPPLJF
. 12.10.
HTML
show_user.php
show_users.php
signin.php
index.html
create_user.html
start_pageview.php
)5.-
1)1
index.html
create_user.html
460
4.
HTML PHP
create_user.htmlcreate_user.php
create_user.php
create_user.html signup.php
index.html
TJHOVQ
[~/www/phpMM/ch12]# cp create_user.html create_user.html.orig
[~/www/phpMM/ch12]# mv create_user.html signup.php
,
.
, ,
, ,
.
)5.-
)5.-
1)1page_start
+BWB4DSJQU
IFSFEPD
<?php
require_once "../scripts/view.php";
$inline_javascript = <<<EOD
$(document).ready(function() {
$("#signup_form").validate({
rules: {
password: {
minlength: 6
},
confirm_password: {
minlength: 6,
equalTo: "#password"
}
},
messages: {
password: {
minlength: " 6 "
},
confirm_password: {
12. Cookie-,
}
});
});
461
EOD;
page_start(" ", $inline_javascript);
?>
<div id="content">
<h1> </h1>
<p>, :</p>
<form id="signup_form" action="create_user.php"
method="POST" enctype="multipart/form-data">
<!-- -->
</form>
</div>
<div id="footer"></div>
</body>
</html>
462
4.
index.html
signup.php
create_user.html
<div id="content">
<div id="home_banner"></div>
<div id="signup">
<a href="signup.php"><img src="../images/sign_me_up.png" /></a>
<a href="signin.php"><img src="../images/sign_me_in.png" /></a>
</div>
</div>
. 12.11.
:
12. Cookie-,
463
K2VFSZ
+BWB4DSJQU
signin.phpcreate_user.php
DPPLJF
DPPLJF
setcookie('user_id', $user_id);
//
setcookie('username', $result['username']); //
//
DPPLJF
DPPLJF
// cookie- user_id
setcookie('user_id', '', time()-(60*60*24*365));
DPPLJFuser_id
. ,
, .
, .
DPPLJF
DPPLJF
tuser_idusername
t
<?php
setcookie('user_id', '', time()-(365*24*60*60));
setcookie('username', '', time()-(365*24*60*60));
header('Location: signin.php');
?>
464
4.
DPPLJF
show_user.php
show_users.php
.
, .
*%
. 12.12. ,
12. Cookie-,
465
cookie-
show_user.php
authorize.php
)551
authorize.php
signin.php
signin.php
authorize.php
DPPLJF
<?php
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
}
?>
DPPLJF
DPPLJF
<?php
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message=You must login to see this page.');
//
exit;
}
?>
exit . ,
show_user.php, delete_user.php, -
, ,
. -
.
require_once
show_user.php
show_users.phpdelete_user.php
signout.php
466
4.
show_user.php
63-
. 12.13.
signin.php
63-
signin.php
require_once '../scripts/view.php';
$error_message = "";
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
$error_message
12. Cookie-,
467
// if,
// .
// ,
// .
page_start("", NULL, NULL, $error_message);
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = $_REQUEST['error_message'];
// ,
// cookie- user_id
if (!isset($_COOKIE['user_id'])) {
show_user.phpDPPLJF
. 12.14. ,
468
4.
show_users.php delete_user.php
DPPLJF
DPPLJF
13
show_users.phpdelete_user.php
authorize.php
authorize.php
show_users.php
show_user.php
DPPLJF
DPPLJF
470
4.
1)1
groups
1)1.Z42-
t
.Z42-
tNOT NULL
mysql> CREATE TABLE groups (
->
id
INT
NOT NULL AUTO_INCREMENT PRIMARY KEY,
->
name
VARCHAR(30) NOT NULL,
->
description VARCHAR(200)
-> );
Query OK, 0 rows affected (0.03 sec)
mysql> DESCRIBE groups;
+-------------+--------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+-------------+--------------+------+-----+---------+----------------+
| id
| int(11)
| NO
| PRI | NULL
| auto_increment |
| name
| varchar(30) | NO
|
| NULL
|
|
| description | varchar(200) | YES |
| NULL
|
|
+-------------+--------------+------+-----+---------+----------------+
3 rows in set (0.03 sec)
description
NOT NULL
groups
mysql> INSERT INTO groups
->
(name, description)
-> VALUES ("Administrators",
->
"- .");
Query OK, 1 row affected (0.04 sec)
mysql> INSERT INTO groups
13.
471
->
(name, description)
-> VALUES ("Luthiers",
->
" . .");
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO groups
->
(name, description)
-> VALUES ("Musicians",
->
", , .
.");
Query OK, 1 row affected (0.00 sec)
, . ,
Administrators. - -,
, Administrators ,
.
mysql> SELECT id, name FROM groups;
+----+----------------+
| id | name
|
+----+----------------+
| 1 | Administrators |
| 2 | Luthiers
|
| 3 | Musicians
|
+----+----------------+
3 rows in set (0.01 sec)
42-
, ,
users
images
usersimages
Luthier
MusicianAdministrator
472
4.
Administrators
,
. , -
. --
() ().
:
, , , - .
,
.
(1--1 1:1).
.
1--N. N ,
n, N. N
. , N ,
- .
, , 1:N.
1:N .
, .
1:N, , .
13.
473
, , N:N, ,
. N:N (
, ) . ,
N:N
.
*%
*%
*%
*%
*%
*%
t user_id
users
SELECT *
FROM images
WHERE user_id = $user_id;
SELECT u.username, u.first_name, u.last_name, i.filename, i.image_data
FROM users u, images i
WHERE u.id = i.user_id;
user_id
users
users groups
users groups
*%
*%
*%
*%*%
474
4.
users groups
users
groups
users
user_groups
user_id group_id
user_id*%
Administrators*%Musicians
usersgroups
groups
users*% Administrators user_groups
mysql> CREATE TABLE user_groups (
->
user_id INT NOT NULL,
->
group_id INT NOT NULL
-> );
Query OK, 0 rows affected (0.03 sec)
Luthiers
user_groups
mysql> INSERT INTO user_groups
->
(user_id, group_id)
-> VALUES (51, 2);
Query OK, 1 row affected (0.02 sec)
mysql> select * from user_groups;
+---------+----------+
| user_id | group_id |
+---------+----------+
|
51 |
2 |
+---------+----------+
1 row in set (0.00 sec)
users groups
13.
475
user_groups
*%
*%
mysql> SELECT COUNT(*)
->
FROM users u, groups g, user_groups ug
-> WHERE u.username = "traugott"
->
AND g.name = "Luthiers"
->
AND u.user_id = ug.user_id
->
AND g.id = ug.group_id;
+----------+
| COUNT(*) |
+----------+
|
1 |
+----------+
1 row in set (0.00 sec)
COUNT(*)
users
groupsuser_groups
SELECT COUNT(*)
FROM users u, groups g, user_groups ug
usersgroups
SELECT
FROM
WHERE
AND
COUNT(*)
users u, groups g, user_groups ug
u.username = "traugott"
g.name = "Luthiers"
*%
user_groups
*%
user_groups
SELECT
FROM
WHERE
AND
AND
AND
COUNT(*)
users u, groups g, user_groups ug
u.username = "traugott"
g.name = "Luthiers"
u.user_id = ug.user_id
g.id = ug.group_id;
476
4.
users
user_groups
groups
COUNT
users
+----------+
| COUNT(*) |
+----------+
|
1 |
+----------+
! , COUNT,
. , ,
.
1)1
authorize.php
13.
477
authorize.php
authorize.php
authorize.php
authorize.php
1)1
<?php
if ((!isset($_COOKIE['user_id'])) || (!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
//
exit;
}
?>
authorize.php
authorize.php
<?php
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit;
}
}
?>
478
4.
show_user.php
show_user.php
<?php
require '../scripts/authorize.php';
require '../scripts/database_connection.php';
require '../scripts/view.php';
//
authorize_user();
// ID ,
$user_id = $_REQUEST['user_id'];
// SELECT
// . ...
show_user.php63-
. 13.1.
13.
479
authorize_user1)1
show_users.phpdelete_user.php
Administrators
<?php
require_once
require_once
require_once
require_once
'../scripts/app_config.php';
'../scripts/authorize.php';
'../scripts/database_connection.php';
'../scripts/view.php';
//
// Administrators
authorize_user(array("Administrators"));
// PHP HTML-
, , show_users.php.
delete_user.php, .
authorize.php ,
. .
: , , ,
.
:
<?php
$message = "hello\n\n";
require_once "print.php";
?>
, test.php. ,
print.php, , :
<?php
echo $message;
?>
print.php, ,
print.php, ,
480
4.
require_once. , PHP
:
<?php
$message = "hello\n\n";
echo $message;
?>
test.php :
yellowta@yellowtagmedia.com [~/www/phpMM/ch13]# php test.php
X-Powered-By: PHP/5.2.17
Content-type: text/html
hello
,
.
, -
. , .
:
$allowed_groups = array("Musicians", "Luthiers");
require_once "../scripts/authorize.php";
. , $allowed_groups
require_once, authorize.
php, authorize.php .
authorize_user . ,
, , , , .
1)1
authorize.php
authorize_user
NULL
<?php
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) ||
(!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit;
}
// ,
13.
481
if ((is_null($groups)) || (empty($groups))) {
return;
}
}
?>
empty PHP. ,
(empty), true, false. ,
empty true, .
return1)1
1)1
show_users.phpdelete_user.phpauthorize.
php
42-
$groups
for
foreach
foreach
$my_array = array("first", "second", "third");
foreach ($my_array as $item) {
echo $item;
}
$groups
foreach ($groups as $group) {
// SQL- $group
}
42-
users
groups
SELECT
FROM
WHERE
AND
AND
AND
COUNT(*)
users u, groups g, user_groups ug
u.username = "traugott"
g.name = "Luthiers"
u.user_id = ug.user_id
g.id = ug.group_id;
authorize.php
userst
482
4.
user_id
user_id
SELECT
FROM
WHERE
AND
AND
COUNT(*)
user_groups ug, groups g
g.name = mysql_real_escape_string($group)
g.id = ug.group_id
ug.user_id = mysql_real_escape_string($_COOKIE['user_id']);
, mysql_real_escape_string,
. mysql_real_
escape_string ,
MySQL.
SELECT
FROM
WHERE
AND
AND
ug.user_id
user_groups ug, groups g
g.name = mysql_real_escape_string($group)
g.id = ug.group_id
ug.user_id = mysql_real_escape_string($_COOKIE['user_id']);
user_groups
ug.group_id
foreach
foreach ($groups as $group) {
// SQL- $group
$query = "SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '" . mysql_real_escape_string($group) . "'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " .
mysql_real_escape_string($COOKIE['user_id']) . "';";
mysql_query($query);
//
}
13.
483
users
sprintf
foreach
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
foreach ($groups as $group) {
// SQL- $group
//
}
foreachsprintf
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
foreach ($groups as $group) {
// SQL- $group
$query = sprintf($query_string, mysql_real_escape_string($group));
$result = mysql_query($query);
//
}
sprintf
$_COOKIE
sprintf
484
4.
,
?
, . , ,
.
, ,
.
:
SELECT COUNT(*)
FROM users u, groups g, user_groups ug
WHERE u.username =
mysql_real_escape_string($_COOKIE['username'])
AND g.name = mysql_real_escape_string($group)
AND u.user_id = ug.user_id
AND g.id = ug.group_id;
.
(users), , cookie-.
,
COUNT SELECT, user_groups. , -
.
.
,
sprintf .
,
.
. .
, .
.
,
.
,
.
,
, , ,
.
13.
485
, ,
$group
$group
$groups
authorize_user
$groups
1)1)5.-
foreach
handle_error
authorize.php
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) || (!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit;
}
// ,
486
4.
if ((is_null($groups)) || (empty($groups))) {
return;
}
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
//
foreach ($groups as $group) {
$query = sprintf($query_string, mysql_real_escape_string($group));
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
// , .
// , .
return;
}
}
// , .
// .
handle_error(" .");
exit;
}
?>
users
Administrators user_groups
show_users.php
13.
487
. 13.2. ,
,
authorize_user
view.php
function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="page_start">
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
488
4.
EOD;
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'></a></li>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
echo "</div> <!-- , id="page_start" -->";
}
authorize_user
truefalse
function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="page_start">
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
EOD;
if (isset($_COOKIE['user_id'])) {
echo "<li><a href='show_user.php'></a></li>";
if (user_in_group($_COOKIE['user_id'], "Administrators")) {
echo "<li><a href='show_users.php'></a></li>";
}
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
echo "</div> <!-- , id="page_start -->";
}
13.
489
, view.php require_once
authorize.php.
Administrators
authorize_user.php
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_COOKIE['user_id']);
//
foreach ($groups as $group) {
$query = sprintf($query_string, mysql_real_escape_string($group));
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
// , .
// , .
return;
}
function user_in_group($user_id, $group) {
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = %d";
$query = sprintf($query_string, mysql_real_escape_string($group),
mysql_real_escape_string($user_id));
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
return true;
} else {
return false;
}
490
4.
authorize.phpauthorize_user
Administrators
show_user.php
. 13.3. Administrators,
1)1
Administrators
is_admin
Administrators
13.
491
. 13.4. Administrators
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
.P[JMMB'JSFGPY
DPPLJF
$PPLJF
492
4.
Safari cookie- . -
, . Google Chrome
cookie
. Internet Explorer ,
.
.
, -.
13.
493
authorize_user
user_in_group?
, , user_in_group
, . , user_in_group $groups authorize_user .
user_in_group
foreach authorize_
user:
//
//
foreach ($groups as $group) {
if (user_in_group($_COOKIE['user_id'],
$group) {
// ,
return;
}
}
. , , ,
. , , authorize_user,
. , ( user_in_group). ,
, $groups.
, ( )
authorize_user.
. ,
? , authorize_user , ,
.
, , ... .
t
DPPLJF
494
4.
*%
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
DPPLJF
session_
start
// ()
session_start();
//
13.
495
session_start
signin.php
session_start
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = $_REQUEST['error_message'];
session_start();
// PHP HTML...
session_start1)1
$_COOKIE $_SESSION
$_COOKIE
$_SESSION
<?php
require_once '../scripts/database_connection.php';
require_once '../scripts/view.php';
$error_message = $_REQUEST['error_message'];
session_start();
// ,
// user_id
if (!isset($_SESSION['user_id'])) {
// . ...
setcookie
$_SESSION
if (!isset($_SESSION['user_id'])) {
//
if (isset($_POST['username'])) {
//
$username = mysql_real_escape_string(trim($_REQUEST['username']));
$password = mysql_real_escape_string(trim($_REQUEST['password']));
//
496
4.
$_SESSION
signin.php
show_user.php
signin.php
authorize_user
authorize.php
show_user.php
<?php
require '../scripts/authorize.php';
require '../scripts/database_connection.php';
require '../scripts/view.php';
//
authorize_user();
13.
497
authorize_user
$_COOKIE
$_REQUEST
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
function authorize_user($groups = NULL) {
// cookie-,
if ((!isset($_COOKIE['user_id'])) || (!strlen($_COOKIE['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit();
}
// . ...
$_COOKIE
$_SESSION
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
function authorize_user($groups = NULL) {
// ,
if ((!isset($_SESSION['user_id'])) || (!strlen($_SESSION['user_id']) > 0)) {
header('Location: signin.php?' .
'error_message= .');
exit();
}
// . ...
//
$query_string =
"SELECT ug.user_id" .
" FROM user_groups ug, groups g" .
" WHERE g.name = '%s'" .
"
AND g.id = ug.group_id" .
"
AND ug.user_id = " . mysql_real_escape_string($_SESSION['user_id']);
498
4.
. -
.
.
session_start
signin.php1)1
show_user.php
signin.php
8J'J&UIFSOFU
start_session
DPPLJF
DPPLJF
DPPLJF
13.
499
. 13.7. cookie- ,
-
DPPLJF
$_SESSION
session_start
show_user.php
session_start
authorize.php
authorize_
userauthorize.php
<?php
require_once 'database_connection.php';
require_once 'app_config.php';
session_start();
function authorize_user($groups = NULL) {
// . ...
}
?>
500
4.
. 13.8.
$_REQUEST
$_SESSION
show_user.php
// ID ,
$user_id = $_REQUEST['user_id'];
$_REQUEST
$_GET
$_POST$_COOKIE
$_REQUEST
13.
501
$_REQUEST
t$_SESSION
show_users.php
$user_row = sprintf(
"<li><a href='show_user.php?user_id=%d'>%s %s</a> " .
"(<a href='mailto:%s'>%s</a>) " .
"<a href='javascript:delete_user(%d);'><img " .
"class='delete_user' src='../images/delete.png' " .
"width='15' /></a></li>",
$user['user_id'], $user['first_name'], $user['last_name'],
$user['email'], $user['email'], $user['user_id']);
echo $user_row;
- show_users.php. while, -
HTML.
$_REQUEST
$_SESSION
session_start
<?php
require '../scripts/authorize.php';
502
4.
require '../scripts/database_connection.php';
require '../scripts/view.php';
session_start();
//
authorize_user();
// ID ,
$user_id = $_REQUEST['user_id'];
if (!isset($user_id)) {
$user_id = $_SESSION['user_id'];
}
// $user_id
show_user.php session_start :
authorize.php, require_once,
show_user.php.
, PHP
, , ,
authorize.php, session_start. ,
, show_user.php, . -
. session_start ,
- .
?
$_COOKIE
session_start
<?php
require_once 'app_config.php';
require_once 'authorize.php';
define("SUCCESS_MESSAGE", "success");
define("ERROR_MESSAGE", "error");
session_start();
// ...
?>
13.
503
display_title$_COOKIE$_SESSION
function display_title($title, $success_message = NULL, $error_message = NULL)
{
echo <<<EOD
<body>
<div id="page_start">
<div id="header"><h1>PHP & MySQL: The Missing Manual</h1></div>
<div id="example">$title</div>
<div id="menu">
<ul>
<li><a href="index.html"> </a></li>
EOD;
if (isset($_SESSION['user_id'])) {
if (user_in_group($_COOKIE['user_id'], "Administrators")) {
echo "<li><a href='show_users.php'></a></li>";
}
echo "<li><a href='show_user.php'></a></li>";
echo "<li><a href='signout.php'> </a></li>";
} else {
echo "<li><a href='signin.php'></a></li>";
}
echo <<<EOD
</ul>
</div>
EOD;
display_messages($success_message, $error_message);
echo "</div> <!-- , id="page_start -->";
}
DPPLJF
$_SESSION
unset
$_SESSION
session_start
unset
signout.php
<?php
session_start();
unset($_SESSION['user_id']);
504
4.
unset($_SESSION['username']);
header('Location: signin.php');
exit();
?>
DPPLJF
signout.php
DPPLJF
?
1)1
error_message show_error.php
if (isset($_REQUEST['error_message'])) {
$error_message = preg_replace("/\\\\/", '', $_REQUEST['error_message']);
} else {
$error_message = " - .";
}
scripts/show_error.php.
63-
http://yellowtagmedia.com/phpMM/ch07/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E%20,
%20%20%20%20%3C/a%3E
13.
505
. 13.9. - CSS-,
,
1)1
function handle_error($user_error_message, $system_error_message) {
session_start();
506
4.
$_SESSION['error_message'] = $user_error_message;
$_SESSION['system_error_message'] = $system_error_message;
header("Location: " . get_web_path(SITE_ROOT) . "scripts/show_error.php");
exit();
}
handle_error
show_error.php
<?php
require 'app_config.php';
session_start();
if (isset($_SESSION['error_message'])) {
$error_message = preg_replace("/\\\\/", '', $_SESSION['error_message']);
} else {
$error_message = " - .";
}
if (isset($_SESSION['system_error_message'])) {
$system_error_message = preg_replace("/\\\\/", '',
$_SESSION['system_error_message']);
} else {
$system_error_message =" .";
}
?>
HTML, PHP, .
63-
show_error.php TDSJQUT
63-
http://www.yellowtagmedia.com/phpMM/scripts/show_error.php?error_message=
%3Ca%20href=%22http://www.syfy.com/beinghuman%22%3E%20,
%20%20%20%20%3C/a%3E
,
.
13.
507
. 13.10.
63-
cookie-?
DPPLJF
DPPLJF
DPPLJF
508
4.
DPPLJF
.
PHP MySQL.
.
.
.
.
.
.
.
'(+3-,3(0#%(##
"+-1$-!'!,-!,('#
!0&0180#-(0!(1
7#&%&1&"*-$
&$2*:/,--"6!&1&08,!3-/2+!4,1&/&02&1&08*'1&/!12/-(
*9"'1&/&)-+&,%-#!184-/-5'&),'$''4-1&*'"701!18,!5'+
.!/1,&/-+
,-(2-!./,-(#%)'
*+-(!+,%)$*+)+''1#" -!&2,-*#-!+
#
"
&
'# %
(#'(#!
&#
$ $#
$#
,KFB7B@B@9AF4CB?GH4=F9BFEFB<@BEF<>4:8B=CB>GC><>BFBDGL
EB69DI<F>?<9AFCD<8M6<AF9DA9F@474;<A*<F9DCBEEJ?>94I<@
C4DFA9DE><@AB@9DB@$.:41873<8);.4A8917*9.46.;74A37B;<361,<67
1-9<,1.10-)61C%@874<>).;.-787461;.4A6787 7;:;7157:;13)/-72
361,1
&.6A,1:+19;<)4A67,7:>.;)%@57/.;.87;9);1;A6)873<83<361,+16;.96.;"
5),)016.10-);.4A:;+)!'1;.9#);)3/..:41:<55)*<-.;*74A?. 9<*4.2
8.9.+.:;11=6)37?.4.3+:1:;.5.(6-.3:&.6A,1141
*D<@9DC4DFA9DE>B=EEJ?><
7*@>6)C::@43)
8)9;6.9:3)C
::@43),-. B;7+)?<613)4A6@28)9;6.9:312675.9
*B8DB5ABB*4DFA9DE>B=CDB7D4@@9
# *<F9DH<F4=F9A4E4=F9