Phát triển web với PHP và MySQL - p 89 pot

See Apache Web server authentication, 292-293 database servers, Web data-base architecture, 181 Equifax Secure Server, connecting with HTTPS, 388 FTP servers downloading files, 384-385 l

setting up

855

Send button, 704

send() function, 704

sending messages, online

newsletters, 704-708

sending mail, 371

Warm Mail application, 649-652

forwarding messages, 651-652

new messages, 649-651 replying to messages, 651-652

send_message() function,

650-651

sensitive data, storing,

336-337

credit card numbers, 338

serialization, 450-451

serialize() function,

450-451

server logs, 271

servers

Apache See Apache Web

server authentication, 292-293 database servers, Web data-base architecture, 181 Equifax Secure Server, connecting with HTTPS, 388

FTP servers

downloading files, 384-385 logging in to (mirroring files), 382

IIS (Internet Information Server)

basic authentication, 319-321

configuring with Internet Services Manager, 319-321

remote FTP servers, connecting to (mirroring files), 382

secure storage, 336-337

credit card numbers, 338

Secure Web servers, 298-299

Web servers, Web database architecture, 180-181

servers, 365 See also

Web servers services

adding to Web pages, 371-374

running Apache from, 797-798

services (commercial Web sites)

adding value to, 276 providing, 275-276 taking orders for, 271-275

obstacles to potential customers, 273-275

ServicesPage class (object-oriented devel-opment), 166-167 session control, 430-433, 438-445

authentication, 438-445

authmain.php script, 438-443

logout.php script, 444-445 members_only.php script, 443-444

cookies, 431-433

setting, 431-432 storing session IDs, 432-433

session IDs, 430-431

storing in cookies, 432-433

session IDs, 430-431

storing in cookies, 432-433

session variables (Shopping Cart applica-tion), 541, 557

sessions, 433-437

configuring, 437-438 destroying, 435 example session, 435-437 starting, 433

variables, 434

deregistering, 434-436 registering, 433-436

session_get_cookie_

params() function, 432 session_is_registered() function, 434 session_register() function, 433 session_start() function, 433-436

session_unregister() function, 434-436 set error handler() function, 492 SET type, 205 setcookie() function, 431-432

setting passwords, user authentication, 519-521 setting up

base canvases, 414-415 Book-O-Rama, 208 databases, 660-663 databases of lists, 657 OpenSSL, 788 poll database, code, 420-421

settype() function 856

settype() function, 36 set_magic_quotes_

runtime() function, 449 set_time_limit() function, 386

Shopping Cart applica-tion, 540

administration interface, 575-584

administration menu (admin.php), 575-577 edit_book_form.php script, 580 insert_book.php script, 578-579

insert_book_form.php script, 578

show_book.php script, 579

administrator interface, 542

administrator view, 542-543 book_sc database, 546-548 catalog scripts, 548-556

index.php, 549-553 show_book.php, 549, 555-556, 579 show_cat.php, 549, 553-555

code modules, 543 database, 547-548 extensions, 584 files, 544-545 payment module, 572-575

process.php script, 572-575

payment systems, 541-542 process.php script, 574 session variables, 541, 557

shopping cart module

adding items, 563-565 checkout.php script, 566-568

header bar summary, printing, 566 purchase.php script, 568-572

show_cart.php script, 557-560

updates, saving, 565-566 viewing contents of, 560-563

solution components, 540-542

solution overview, 542-545 tracking user’s purchases, 541

user view, 542-543

shopping carts, 540 short style (PHP tags), 15 SHOW COLUMNS statement, 255 SHOW command, 198-199 SHOW GRANTS state-ment, 255

output, 255

SHOW statement, 254-257

syntax, 255-257

SHOW TABLES statement, 254

showpoll.php file, 422-426

show_book.php script (Shopping Cart applica-tion), 549, 555-556, 579

show_cart.php script (Shopping Cart applica-tion), 557-560

adding items to cart, 563-565

header bar summary, printing, 566 updated carts, saving, 565-566

viewing contents of cart, 560-563

show_cat.php script (Shopping Cart applica-tion), 549, 553-555 show_source() function, 454

shuffle() function, 83-84 SHUTDOWN privilege, 191

signature.tif, 753 Simple Mail Transfer Protocol (SMTP), 371, 618

simplegraph.php file, 405 sin() function, 777

sites, Web, 402 See also

FTP sites size of images, 593 Slashdot Web site, 304, 712

slashes, backslash (\), 112, 263

Smart Form Mail applica-tion, 94-96

regular expressions, 113-114

SMTP (Simple Mail Transfer Protocol), 371, 618

Snoopy class (PHP), 389

857

software, errors (security

threats), 288-289

software engineering,

460-462

defined, 460-462

software errors

(commer-cial Web sites), 279

solution components,

user personalization,

499-500

sort() function, 79

sorting

associative arrays, 79-80

asort() function, 79-80 ksort() function, 79-80 reverse sort functions, 80

sort() function, 79

multidimensional arrays, 80

reverse sorts, 82 user defined sorts, 80-82

Source Forge Web site,

806

SourceForge Web site,

389, 470

spam, reverse spam, 287

special characters

literal special characters, 112

regular expressions, 113

special privileges, 191

specifications (CGI), 368

split() function, 115-116,

614

splitting strings

explode() function, 102 strtok() function, 102-103 substr() function, 103-104 with regular expressions, 115-116

sprintf() function, 98 SQL (Structured Query Language), 208

ANSI standard, Web site, 226

Book-O-Rama database

setting up, 208 tables, code to populate, 210

data, inserting into databases, 209-211 databases, 208

data, aggregating, 220-222 data, grouping, 220-222 data, inserting, 209-211 data, retrieving, 211-212 data, retrieving from multiple tables, 214-219 data, retrieving in a particular order, 219-220 data, retrieving with specific criteria, 212-214 dropping, 226 joins, 219 records, deleting, 225 records, updating, 223 rows unmatched, 217-218 rows, returning, 222-223 tables, aliases, 218-219 tables, altering, 223-225 tables, dropping, 226

tables, joining, 216-217 two-table joins, 214-216

MySQL

aggregate functions, 221

join types, 219

RDBMSs (relational database management systems), 208 resources, 806

SQL commands, CREATE TABLE command, 194-195

SQL Course Web site, 806 SQL Pro Web site, 806 SQL tutorial Web site, 806 SSL (Secure Sockets Layer), 285, 331-335, 782

compression, 335 encryption, 346-347 handshaking, 334 installing, 783-787 protocol stacks, 333 sending data, 334-335 testing, 792-793

standards, code, 463 starting sessions, 433 startup parameters, 794 stat() function, 364 statements

ALTER TABLE, 223

syntaxes, 224

break statement, 47 continue statement, 47 DELETE, 225 DESCRIBE, 257

syntax, 257

describe user [edit, OK], 247

DROP DATABASE, 226 DROP TABLE, 226

statements 858

echo statements, 20-21 else statements, 39-40 elseif statements, 40 exit statement, 47 EXPLAIN, 257-260

column values, 259 join types, 258 output, 257-260

GRANT, 246, 255

if statements, 38 include() statement, 127-129

INSERT, 209 LOAD DATA INFILE, 263 PHP statements, 15-16 require() statement, 119-129

auto_append_file (php.ini file), 126-127 auto_prepend_file (php.ini file), 126-127 filename extensions, 120-121

PHP tags, 121 Web site templates, 121-126

return statement, 140 SELECT, 211

LIMIT clause, 222 ORDER BY clause, 219

SHOW, 254-257

syntax, 255-257

SHOW COLUMNS, 255 SHOW GRANTS, 255

output, 255

SHOW TABLES, 254 switch statements, 41-42 UPDATE, 223

status, variable status, 37 STD (column) function, 221

STDDEV (column) func-tion, 221

stock quotes, retrieving for Web pages, 371-373 storage of files, content management systems, 590

store account() function, 674

store list() function, 694 store_account_settings() function, 634-635 store_new_post() func-tion, 739, 741

stories.php, 596 stories.php files, 602-611 storing

bookmarks, 500 passwords, 252 passwords (authentica-tion), 308-310 redundant data (Web databases), 176-178 strings, formatting for storage, 100-101 session IDs in cookies, 432-433

storing data, files

See files

storing sensitive data, secure storage, 336-337

credit card numbers, 338

story submit.php, 596 story.php, 596 strcasecmp() function, 105 strcmp() function, 104 str replace() function,

108, 761 strategies, commercial Web sites, 280

string column types, 204-205

ENUM type, 205 regular string data types, 204

SET type, 205 TEXT types, 205

string concatenation operator, 20-21 string operators, 27 strings

comparing, 104-105

length of strings, testing, 105 strcasecmp() function, 105

strcmp() function, 104 strnatcmp() function, 105

evaluating, 449 formatting, 96-101

AddSlashes() function, 101

case, changing, 99-100 chop() function, 97 conversion specifica-tions, 98-99 for printing, 97-99 for storage, 100-101 HTML formatting, 97 ltrim() function, 97 nl2br() function, 97 StripSlashes() function, 101

trim() function, 96 trimming excess whitespace, 96-97

joining

implode() function, 102 join() function, 102

length, testing, 105

859

ordering

strcasecmp() function, 105

strcmp() function, 104 strnatcmp() function, 105

printing

formatting strings for printing, 97-99 print() function, 97 printf() function, 98-99 sprintf() function, 98

splitting

explode() function, 102 strtok() function, 102-103 substr() function, 103-104 with regular expres-sions, 115-116

storing, formatting strings for storage, 100-101 substrings

accessing, 103-104 finding, 105-107, 114-115 numerical position of, finding, 107-108 replacing, 108-109, 115

tokens, 102

stripslashes() function,

101, 233, 254, 336

strip_tags() function, 336

stristr() function, 107

strlen() function, 105

strnatcmp() function, 105

str_replace() function, 108

Stronghold, 298

Strpos() function, 107-108

Strrpos() function, 107

strstr() function, 106-107,

528

strtok() function, 102-103 strtolower() function, 100 strtoupper() function, 100 structure, content man-agement systems, 592 Structured Query

Language See SQL

structures

component, 467 directory, 467

component structures, 467

subclasses (object-ori-ented development),

150, 156-157 subexpressions, 111-112 submit button, users (votes), 421 subscribe() function, 688 subscribers, databases, 657

subscribing (MLM), 687-689

substr() function, 103-104 substrings

accessing, substr() function, 103-104 finding, 105-107

numerical position, 107-108

strpos() function, 107-108 strrpos() function, 106-107 strstr() function, 106-107 with regular expres-sions, 114-115

replacing, with regular expressions, 115

substr_replace() function, 108-109

subtraction operator, 26 SUM(column) function, 221

Summary Web site, 271 superclasses (object-ori-ented development),

150, 156-157 supporting images in PHP, 402

switch statements, 41-42 switches, mysql command

-h switch, 186 -p switch, 186 -u switch, 186

syntactic sugar, 462 syntax, 478

ADD INDEX [index] (col-umn, ), 224

ADD PRIMARY KEY (column, ), 224 ADD UNIQUE [index]

(column, ), 224 ADD [COLUMN] (umn_description, col-umn_description, ), 224 ADD [COLUMN] col-umn_description [FIRST

| AFTER column ], 224 ALTER [COLUMN] col-umn {SET DEFAULT value | DROP DEFAULT}, 224 CHANGE [COLUMN]

column new_column description, 224 DESCRIBE statement, 257 DROP INDEX index, 224 DROP PRIMARY KEY, 224

DROP [COLUMN]

column, 224 extended, 222

syntax 860

MODIFY [COLUMN]

column_description, 224 RENAME [AS]

new_table_name, 224 SHOW statement, 255-257

syntax errors, 478-480 syntax highlighter, 454-455

syntaxes, ALTER TABLE statement, 224 system capacity limits (commercial Web sites), 279

system requirements, user personalization, 498

system() function, 366 systems, database

secu-rity, 246, 252 See also

privilege system SYSTRAN Web site, 804 t1lib, downloading, 402

T

tab control sequence (\t), 58

tables

aliases, 218-219 altering, 223-225 BDB, 263 Book-O-Rama database (SQL code), 210 Cartesian product, 215 column types, 196-198 columns, 173

atomic column values, 178

DESCRIBE statement, 257

columns_priv, 247-250

mysql database, 250

creating in MySQL, 194-199

keywords, 196 viewing tables, 198-199

data, retrieving, 214-219 database optimization, 261-262

db, 247-249

mysql database, 248-249

dropping, 226 equi-joins, 215 grant, 247-251 HEAP, 262 host, 247-249

mysql database, 249

joining, 216-217 joins, 214, 219 keys, 173-175

creating for Web databases, 179

left joins, 217-218 MyISAM, 262 rows, 173

returning, 222-223 unmatched, 217-218 values, 173

schemas, 175 scope fields, 248 tables_priv, 247-250

mysql database, 250

two-table joins, 214-216 types, 262-263

user, 247-248

mysql database, 247

tables (databases), 173

types, 180

tables_priv table, 247-250

mysql database, 250

tags

HTML tags, meta tags, 160

<IMG SRC>, 594 PHP tags, 14-15

ASP style, 15 require() statement, 121 SCRIPT style, 15 short style, 15 XML style, 15

TCP (Transmission Control Protocol), 333

TCP/IP networks, security, 284

templates, Web site tem-plates (require() state-ment), 121-126 terminating execution (scripts), 450

ternary operator, 32 testing

code, 474-475 GPG (Gnu Privacy Guard), 342-347

PHP

support, 791 Windows environment, 800

SSL, 792-793 string length, 105 variable status, 37

text

anti-aliasing, 408 buttons, colors and fonts, 411

ciphertext (encryption), 293

fitting onto buttons, 415-418

images

creating, 410-419 drawing or printing on, 406-408

tracking user’s purchases (Shopping Cart application)

861

plain text (encryption), 293 positioning onto buttons, 418

writing onto buttons, 419

text files, 50-51

checking existence of, 63 checking size of, 63 closing, 58-59 deleting, 63 disadvantages, 66 formats, 58 locking, 65-66 navigating inside files, 64 opening, 52

file modes, 52 fopen() function, 53-54 FTP (File Transfer Protocol), 54-55 HTTP (Hypertext Transfer Protocol), 55 potential problems, 55-56

reading, 52

feof() function, 60 fgetc() function, 62-63 fgetcsv() function, 61 fgets() function, 60 fgetss() function, 61 file() function, 62 fopen() function, 60 fpassthru() function, 62 fread() function, 63 readfile() function, 61 vieworders.php interface, 59-60

writing to, 52

file formats, 58 fwrite() function, 57

TEXT type, 204-205

Thawte, 297

Thawte Web site, 289

threaded discussion group application, 712

article list, 718-731

collapsing threads,

719, 723 displaying articles, 724 expanding threads, 719-723 individual articles, viewing, 731-734 new articles, adding, 734-741

plus symbols, 719 treenode class, 725-731

database design, 716-718 extensions, 741

files, 715 posters, 716 solution components, 712-714

solution overview, 714-715 tree of articles, 729 tree structure, 713-714 tree_node class, 713

threaded discussion groups, threads, 712 threads (Web forum application)

collapsing, 719, 723 expanding, 719-724

threats to security, 283-290

Denial of Service (DoS), 287

errors in software, 288-289 exposure of confidential data, 283-285 loss or destruction of data, 285-286

modification of data, 286 repudiation, 289-290

three-dimensional arrays, 77-79

TIFF library Web site, 751 time and date

converting between PHP and MySQL formats, 396-398

in MySQL

DATE_FORMAT() function, 396-397 MySQL Web site, 400 UNIX_TIMESTAMP function, 397-398

in PHP, 392-396

calendar functions, 399 checkdate() function, 396

date calculations, 398-399 date() function, 392-395

floor() function, 399 getdate() function, 395 mktime() function, 394-395, 398 PHP Web site, 400

timeouts, avoiding (FTP), 386

TIMESTAMP display types, 203

TLS (Transport Layer Security), 335 tokens (strings), 102 totaling forms with operators, 33-34 touch() function, 365 traceroute command (UNIX), 285

tracking success of Web sites, 270-271

tracking user’s purchases (Shopping Cart applica-tion), 541

transactions, secure 862

transactions, secure, 328-332

Internet, 330-331 screening user input, 336 Secure Sockets Layer (SSL), 332-335 secure storage, 336-337 user information, 328 user machines, 329-330 your system, 331-332

Transmission Control Protocol (TCP), 333 Transport Layer Security (TLS), 335

tree of articles (Web forum application), 729 tree structure (Web forum application), 713-714 tree node class (Web forum application), 725-731

tree_node class, 713 triggering errors, 492 trim() function, 96, 232 Tripwire, 286

troubleshooting opening files, 55-56

TrueType fonts, 411 tuples (tables), 173 two-dimensional arrays, 75-77

contents, accessing, 76

two-table joins, 214-216 type codes, conversion specification type codes, 99

types of tables, 262-263 types (variables), 22-24

casts, 23 data types, 22 variable variables, 23-24

U

u switch (mysql command), 186 uasort() function, 82 ucfirst() function, 100 ucwords() function, 100 uksort() function, 82 umask() function, 361 undefined functions, call-ing, 131

uninterruptible power supply (UPS), 302 UNISYS, LZW (Lempel Ziv Welch), 404

UNISYS Web site, 404 UNIX, 787-789

Apache for, 798-799 installing

Apache, 787-789 mod_SSL, 787-789 MySQL, 783-787 PHP, 783-787

traceroute command, 285

UNIX time stamps, date() function, 394-395 UNIX_TIMESTAMP func-tion, 397-398

unlink() function, 63, 365 unmatched rows, 217-218 unpublish story.php, 596 unserialize() function, 451 unset() function, 37 UNSIGNED keyword, 196 unsubscribe() function, 688

unsubscribing (MLM), 687-689

update anomalies (Web databases), avoiding, 177-178

UPDATE privilege, 190

UPDATE statement, 223 updating

privileges, 251 records, 223 vote database, code, 422-423

upload.html file, 353 upload.php, 660 upload.php file, 354 uploaded file listing, code, 358-359 uploading

files, 352-353

displaying, 357 FTP functions, 385 HTML, 353-354 HTML forms, 352 PHP, writing, 354-357 problems, 358

online newsletters, 695, 697-698

multiple files, 698-702

UPS (uninterruptible power supply), 302 UPS Web site, 276 url_encode() function, 374 url_fns.php, 502

USAGE privilege, 191 user auth fns.php, 595 user authentication, 506

input data, validating, 510 logging in, 513-517 logging out, 518 passwords, resetting, 521-526

passwords, setting, 519-521 registering, 507-511

user declared variables, 22

user defined sorts, multi-dimensional arrays, 80-82

variable variables

863

user feedback

(commer-cial Web sites), 271

user input, screening, 336

user interface design

(commercial Web sites),

274

user personalization

bookmarks, adding, 526-529

bookmarks, deleting, 530-532

bookmarks, displaying, 529-530

bookmarks, recommend-ing, 500

bookmarks, storing, 500 defined, 498

recommendations, imple-menting, 532-536 solution components, 499-500

system requirements, 498 usernames, 499

user privileges, database

security, 253

user table, 247-248

mysql database, 247

user view (Shopping Cart

application), 542-543

userfile field (HTML

form), 354

usernames, 499

users

administrative users

privileges, 191 setting up, 192

authentication, 304-325

access control, imple-menting, 305-312 basic authentication.

See basic authentica-tion

digest authentication, 313

encrypting passwords, 310-311

identifying users, 304-305 mod_auth_mysql mod-ule, 322-324 multiple pages, protecting, 312 storing passwords, 308-310 Web sites, 324

privileges, 188-193

global privileges, 189 GRANT command, 188-189, 192-193 principle of least privilege, 188 REVOKE command, 192-193

types, 190-191

secure transactions, 329-330

setting up in MySQL, 187-188, 192-193

GRANT command, 188-189, 192-193

votes

casting, 421 code to cast, 420-421 results, drawing, 421

user_auth_fns.php, 502, 660

user_auth_fns.php library, check_auth_user() function, 630 Using mkdir() function, 361

usort() function, 80-82

utilities

myisamchk, 260

EXPLAIN statement output, 260

PHP Web application projects, 470

V

valid email() function, 510-511

validating user authenti-cation input data, 510 values

array elements, 71 assigning to variables, 22 atomic column values (databases), 178 columns, EXPLAIN statement, 259 default, database optimiza-tion, 262

null values, avoiding (Web databases), 179-180 returning, 81

assignment operator, 27

returning from functions, 141-142

values (tables), 173 variable functions, 36-38

re-interpreting variables, 37

type testing functions, 36 variable status, testing, 37

variable names, code, 463-464

variable scope, 136-138 variable status, testing, 37

variable variables, 23-24

variables 864

variables

arrays, 70-71

applying functions to elements, 89-90 associative arrays, 73-75

converting to scalar variables, 91-92 counting elements, 90-91

elements, 71 indexes, 71 loading from files, 85-87

multidimensional arrays, 75-79 navigating within an array, 88-89 numerically indexed arrays, 71-73 reordering, 83-85 sorting, 79-80 two-dimensional arrays, 77

debugging, 486-489 drawing, code, 423 environment, functions, 367-368

file, 354 form variables, accessing, 19-21

global variables, 136 identifiers, 21 local variables, 136 scalar variables, 70

converting arrays to, 91-92

scope, 25 session variables, 434

deregistering, 434-436 registering, 433-436 Shopping Cart applica-tion, 557

types, 22-24

casts, 23 data types, 22 variable variables, 23-24

user declared variables, 22 values, assigning, 22

verifications (MySQL database)

connection, 250 request, 251

VeriSign, 297 VeriSign Web site, 289 version control (code), 467-468

CVS (Concurrent Versions System), 468

multiple programmers, 468 repository, 467-468

versions

Windows 2000, 794 Windows 95/98, 794 Windows NT, 794

View Mail button, 703 viewing

databases in MySQL, 198-199

list archives, 686-687 lists, 679, 681-686

action buttons, 681-682

message headers (Warm Mail application), 647 tables in MySQL, 198-199

vieworders.php interface, 59-60

views, File Details, 363 vote database

results, code to retrieve, 422-423

updating, code, 422-423

vote.html file, 420

votes

of users, code to cast, 420-421

users casting, 421

results, drawing, 421

W-Z

w file mode, 54 w+ file mode, 54 W3C (World Wide Web Consortium) Web site, protocols, 389

Warm Mail application (email client), 618

accounts

creating, 634-636 deleting, 636-637 modifying existing accounts, 636 selecting (reading email), 637-640 setting up, 632-637

application architecture, 621

database, setting up, 622-623

deleting email, 648 extensions, 652-653 files, 621

IMAP function library, 619-620

interface, 620-621 logging in, 629-631 logging out, 632 reading mail, 637-647

mailbox contents, viewing, 640-643 message headers, viewing, 647