In addition to the libraries that come with PHP, database abstraction classes such as Metabase or PEAR::DB are available that allow you to use the same function names for each different
Trang 1is a standard for connections to databases It has the most limited functionality of any of the function sets, for fairly obvious reasons If you have to be compatible with every-thing, you can’t exploit the special features of anything
In addition to the libraries that come with PHP, database abstraction classes such as Metabase or PEAR::DB are available that allow you to use the same function names for each different type of database
Using a Generic Database Interface: PEAR DB
We will look at a brief example using the PEAR DB abstraction layer.This is one of the core components of PEAR, and probably the most widely used of all the PEAR com-ponents If you have PEAR installed, then you should already have DB If not, please refer to the “PEAR Installation” section in Appendix A
For comparative purposes, let’s look at how we would have written our search results script differently using DB
Listing 10.5 results_generic.php—Retrieves Search Results from our MySQL Database
and Formats Them for Display
<html>
<head>
<title>Book-O-Rama Search Results</title>
</head>
<body>
<h1>Book-O-Rama Search Results</h1>
<?php // create short variable names
$searchtype=$HTTP_POST_VARS['searchtype'];
$searchterm=$HTTP_POST_VARS['searchterm'];
$searchterm= trim($searchterm);
if (!$searchtype || !$searchterm) {
echo 'You have not entered search details Please go back and try again.';
exit;
}
$searchtype = addslashes($searchtype);
$searchterm = addslashes($searchterm);
// set up for using PEAR DB require('DB.php');
$user = 'bookorama';
$pass = 'bookorama123';
Trang 2238 Chapter 10 Accessing Your MySQL Database from the Web with PHP
$db_name = 'books';
// set up universal connection string or DSN
$dsn = "mysql://$user:$pass@$host/$db_name";
// connect to database
$db = DB::connect($dsn, true);
// check if connection worked
if (DB::isError($db)) {
echo $db->getMessage();
exit;
}
// perform query
$query = "select * from books where ".$searchtype." like '%".$searchterm."%'";
$result = $db->query($query);
// check that result was ok
if (DB::isError($result)) {
echo $db->getMessage();
exit;
}
// get number of returned rows
$num_results = $result->numRows();
// display each returned row for ($i=0; $i <$num_results; $i++) {
$row = $result->fetchRow(DB_FETCHMODE_ASSOC);
echo '<p><strong>'.($i+1).' Title: ';
echo htmlspecialchars(stripslashes($row['title']));
echo '</strong><br />Author: ';
echo stripslashes($row['author']);
echo '<br />ISBN: ';
echo stripslashes($row['isbn']);
echo '<br />Price: ';
echo stripslashes($row['price']);
echo '</p>';
}
// disconnect from database
Listing 10.5 Continued
Trang 3</body>
</html>
Let’s examine what we are doing differently in this script
To connect to the database we use the line
$db = DB::connect($dsn, true);
This function accepts a universal connection string that contains all the parameters nec-essary to connect to the database.You can see this if you look at the format of the con-nection string:
$dsn = "mysql://$user:$pass@$host/$db_name";
The second parameter to connect()determines whether the connection will be persist-ent or not A value of true will make it persistpersist-ent
After this, we check to see if connection was unsuccessful using the isError()
method and, if so, print the error message and exit:
if (DB::isError($db)) {
echo $db->getMessage();
exit;
}
Assuming everything has gone well, we then set up a query and execute it as follows:
$result = $db->query($query);
We can check the number of rows returned:
$num_results = $result->numRows();
We retrieve each row as follows:
$row = $result->fetchRow(DB_FETCHMODE_ASSOC);
The generic method fetchRow()can fetch a row in many different formats —the parameter DB_FETCHMODE_ASSOCtells it that we would like the row returned as an asso-ciative array
After outputting the returned rows, we finish by closing the database connection:
$db->disconnect();
As you can see, this generic example is very similar to our first script
The advantages of using DB are that we only need to remember one set of database functions and that the code will require minimal changes if we decide to change our database software
Listing 10.5 Continued
Trang 4240 Chapter 10 Accessing Your MySQL Database from the Web with PHP
Since this is a MySQL book we will use the MySQL native libraries for a little extra speed and flexibility.You might wish to use the DB package in your projects, however, as there are times when the use of an abstraction layer can be extremely helpful
Further Reading
For more information on connecting MySQL and PHP together, you can read the appropriate sections of the PHP and MySQL manuals
For more information on ODBC, visit http://www.webopedia.com/TERM/O/ODBC.html Metabase is available from
http://phpclasses.upperdesign.com/browse.html/package/20
Next
In the next chapter, we will go into more detail about MySQL administration and dis-cuss how you can optimize your databases
Trang 5Advanced MySQL
IN THIS CHAPTER,WE’LL COVER SOMEmore advanced MySQL topics including advanced privileges, security, and optimization
The topics we’ll cover are
n Understanding the privilege system in detail
n Making your MySQL database secure
n Getting more information about databases
n Speeding things up with indexes
n Optimization tips
n Different table types
n Backup and recovery
Understanding the Privilege System in Detail
Previously (in Chapter 8, “Creating Your Web Database”) we looked at setting up users and granting them privileges.We did this with the GRANTcommand If you’re going to administer a MySQL database, it can be useful to understand exactly what GRANTdoes and how it works
When you issue a GRANTstatement, it affects tables in the special database called
mysql Privilege information is stored in five tables in this database Given this, when granting privileges on databases, you should be cautious about granting access to the
mysqldatabase
One side note is that the GRANTcommand is only available from MySQL version 3.22.11 onward
We can look at what’s in the mysqldatabase by logging in as an administrator and typing