Giải pháp thiết kế web động với PHP - p 53 pdf
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (631.02 KB, 9 trang )
INDEX
501
multidimensional arrays, 48, 56
nowdoc syntax, 54
NULL data type, 48
object data type, 48
online documentation for PHP syntax, 47
performing calculations, 49
PHP as a weakly typed language, 48
PHP quick checklist of main language
points, 67
precedence of arithmetic operators, table of,
50
print_r(), using to inspect the contents of an
array, 57
resource data type, 48
return keyword, 66
side-effects of PHPs weak typing, 48
single and double quotes, 52
string data type, 48
switch statement, 60
ternary operator, 61
variables inside strings, 52
while loop, 62
See also overview of PHP
referential integrity
maintaining, 417, 431
preserving on record deletion, 452
RegexIterator class, 198, 202
register.php, 259, 261, 264–265, 268
register_01.php, 259
register_02.php, 262
register_03.php, 264–265
register_04.php, 267
register_05.php, 269
register_2way_mysqli.inc.php, 469
register_2way_pdo.inc.php, 470
register_db.php, 461, 465
register_globals, leaving turned off, 108
register_user_mysqli.inc.php, 462
register_user_pdo.inc.php, 462
register_user_text.inc.php, 265–267, 269
register_user_text.inc_01.php, 267
register_user_text.inc_02.php, 269, 461
register_user_text.php, 461
regular expressions (regex), 119
Relation view, 455
Reply-To header, 122
$_REQUEST, 108
require(), 71
require_once(), 71
$required array, 115, 134
required attribute, 105
resources, 48
return keyword, 66
rewind(), 188, 193
root superuser account, 288
rowCount(), 309–310, 322, 362, 375, 456, 465
<rss> tag, 204
RSS 2.0 feed
RSS Specification, online location, 205
structure of, 204
rtrim(), 187
S
safe_mode_include_dir, 181
Save as file check box, 298
scandir(), 168, 195
scope, 66
scope resolution (double colon) operator, 404
secretpage.php, 255–257
secretpage_01.php, 255
Secure Sockets Layer (SSL), 469
using for secure data transmission, 107
security
checking user input before processing it, 6
using insecure email scripts, 6
SEEK_END, 193
SELECT command, 315, 355, 419
DISTINCT option, 377
linking tables in a SELECT query, 422
syntax of, 369, 377
WHERE clause, 377
<select> tag, 138
selected attribute, 138
self-processing form, 111
semicolons
ending commands or statements with, 34, 40
using in SQL queries along with PHP, 315
$_SERVER, 37, 77, 100
server-side include, definition of, 69
session_start(), 258, 271
sessions
adding a salt to a password before
encryption, 258
array_merge(), 266
authenticate.inc.php, 253, 270
basename(), 274
buffering output with ob_start() (PHP
Solution 9-2), 250
building a login page (PHP Solution 9-3), 251
byte order mark (BOM), 247
check(), 260–263
CheckPassword.php, 259, 262, 265
INDEX
502
CheckPassword_01.php, 262
CheckPassword_02.php, 264
contents of a simple session file, 245
creating a file-based user registration
system (PHP Solution 9-7), 265
creating a password strength checker (PHP
Solution 9-6), 258
creating a random salt for each password,
270
creating a reusable logout button (PHP
Solution 9-5), 256
creating a simple session (PHP Solution
9-1), 247
creating PHP sessions, 245
creating session variables, 246
definition of, 243
destroying a session, 246
disabled cookies and, 245
encrypted.txt, 269
encrypting passwords with SHA-1, 258
ending a session after a period of inactivity
(PHP Solution 9-9), 270
file(), 251
file-based authentication, 251
filesize(), 267
filetest_02.txt, 251
fopen(), 267
getErrors(), 261
handling the "headers already sent" error,
247, 249
header(), 247, 254–255, 275
ini_set(), 270
invalidating the session cookie, 246
login.php, 251, 255, 257, 269, 271
login_01.php, 269
login_02.php, 270
logout.inc.php, 257
making passwords more secure, 258
menu.php, 255–257
menu_01.php, 255
menu_02.php, 256
multiform.inc.php, 274–275
multiple_01.php, 273–274
multiple_02.php, 276
multiple_03.php, 276
multiple_04.php, 277
never using session variables to store
sensitive information, 245
ob_end_clean(), 258
ob_end_flush(), 247, 251, 258
ob_start(), 247, 258
one-way encryption, 258
PHPSESSID, 244
preg_match(), 260, 264
preg_match_all(), 264
Ps2_CheckPassword class, 260
regenerating the session ID, 247
register.php, 259, 261, 264–265, 268
register_01.php, 259
register_02.php, 262
register_03.php, 264–265
register_04.php, 267
register_05.php, 269
register_user_text.inc.php, 265–267, 269
register_user_text.inc_01.php, 267
register_user_text.inc_02.php, 269
removal of inactive session files, 245
restricting access to a page with a session
(PHP Solution 9-4), 255
secretpage.php, 255–257, 272
secretpage_01.php, 255
$_SESSION, 37, 246
session ID, 243
session variables, 244
session_01.php, 247
session_02.php, 247, 250
session_03.php, 248, 250
session_destroy(), 246
session_name(), 246
session_regenerate_id(), 247
session_register(), 246
session_start(), 245, 247, 250, 258, 271
session_timeout.inc.php, 271
session_unregister(), 246
setcookie(), 247, 250
setting a time limit on sessions, 270
sha1(), 269
str_replace(), 275
strlen(), 260
time(), 271
trim(), 259
unsetting session variables, 246
using an encrypted login (PHP Solution 9-8),
269
using sessions for a multipage form (PHP
Solution 9-10), 273
using sessions to restrict website access,
247
See also encryption; one-way encryption;
passwords; SHA-1; two-way encryption
SET data type, 301
set_include_path(), 98, 100
Download from Wow! eBook <www.wowebook.com>
INDEX
503
setDate(), 406
setDestination(), 225
setMaxSize(), 164, 226
setPermittedTypes(), 162, 165
setter methods, 222
setThumbDestination(), 239
setTime(), 406
setTimezone(), 407
creating a DateTimeZone object, 209
setting up PHP (Mac OS X)
installing MAMP, procedure for, 19
testing and configuring MAMP, procedure
for, 20
See also PHP test environment
setting up PHP (Windows)
choosing a web server, 12
configuring XAMPP, procedure for, 14
developing web pages using ASP or
ASP.NET, 12
displaying filename extensions, 11
installing MySQL on IIS, 17
installing PHP using the Web Platform
Installer (Web PI), procedure for, 16
installing phpMyAdmin on IIS, 18
installing XAMPP, procedure for, 12
Internet Information Services (IIS), 12
logging on as an Administrator before
installing, 11
starting Apache and MySQL automatically
with XAMPP, 15
troubleshooting, 14
See also PHP test environment
SHA-1, 265
encrypting passwords with, 258
one-way encryption, 258
sha1(), 269, 463, 468
See also encryption; one-way encryption;
passwords; sessions; two-way
encryption
SimpleXML, 58, 179
consuming an RSS news feed (PHP Solution
7-5), 206
Coordinated Universal Time (UTC), 209
DateTime class, 208
<description> tag, 208
extracting information from XML, 205
getOffset(), 209
newsfeed.php, 206
<pubDate> tag, 208
setTimezone(), 209
simplexml_load_file(), 205, 207
SimpleXMLElement class, 205
SimpleXMLIterator class, 207
<title> tag, 208
See also Extensible Markup Language
(XML)
single-line comments, 35
site-root-relative path, 100
Skype, changing the incoming port, 11
<span> tag, 114
SplFileInfo, table of methods, 197
SQL Server, using with PHP, 17
SQLyog, 284
Standard PHP Library (SPL), 179
DirectoryIterator class, 196
SplFileInfo, 196
static methods, 404
stmt_init(), 326
Storage Engine drop-down menu, 433, 452
storage_engines.php, 434
store_result(), 327
str_replace(), 81, 167, 275
strftime(), 401
strict, 46
strings, 48
concatenation (.) operator, 45
escaping single quotes and apostrophes in a
single-quoted string, 53
joining strings in PHP, 45
single and double quotes, 52
variables inside strings, 52
See also quotes
strip_tags(), 204
strlen(), 260
strpos(), 224, 385
strrpos(), 168, 385
strtolower(), 82
strtotime(), 403, 410
strtoupper(), 82
Structure icon, 293
Structure tab, 453, 455
Structured Query Language (SQL)
adding comments to queries, 315
affected_rows property, 361
AS keyword, 384, 391
ASC keyword, 317
assigning an alias to a column, 384
BETWEEN, 378
BINARY keyword, 319
bind_param(), 328, 360
bind_result(), 327
bindColumn(), 331
INDEX
504
binding the parameters, 360, 362
changing column options through user input
(PHP Solution 11-10), 332
close(), 327
CONCAT(), 378
controlling the sort order, 316
COUNT(), 310, 348
cross-reference (linking) table, 417
DELETE command, 355, 375, 380
DESC keyword, 316
embedding variables in MySQLi prepared
statements, 326
embedding variables in PDO prepared
statements, 329
errorInfo(), 331
establishing relationships between tables
through foreign keys, 415
execute(), 330–331, 361
fetch(), 327, 329
fetch_assoc(), 329
finding records that dont have a matching
foreign key, 427
foreign key constraints, 432
formatting dates in a SELECT query with
DATE_FORMAT(), 390
free_result(), 327
handling numbers, 315
handling security and error messages, 380
IN(), 378
INNER JOIN, 422
INSERT command, 357, 359, 379, 419
inserting a foreign key in a table, 419
inserting a new record with MySQLi (PHP
Solution 13-1), 359
inserting a new record with PDO (PHP
Solution 13-2), 361
inserting a string with real_escape_string()
(PHP Solution 11-7), 323
inserting an integer from user input into a
query (PHP Solution 11-6), 320
INTO, 379
is_numeric(), 319, 321
joint primary key, 417
keywords as case-insensitive, 314
LEFT JOIN, 427
LEFT(), 384
LIKE keyword, 318, 325
LIMIT clause, 349, 379
LIMIT keyword, 347
linking tables in a SELECT query, 422
main operators used in MySQL WHERE
expressions, table of, 377
many-to-many relationship, 417
mysqli_03.php, 316
mysqli_integer_01.php, 320
mysqli_prepared_02.php, 329
named placeholders, 330
ON, 422
one-to-many relationship, 416
one-to-one relationship, 415
ORDER BY clause, 316, 379
pdo_03.php, 316
pdo_integer_01.php, 320
percentage sign as a wildcard character, 318
performing a case-sensitive search, 319
prepare(), 328
prepared statements, using, 320
preventing SQL injection attacks, 319
query(), 322
question mark placeholders, 330
quoting strings, 315
real_escape_string(), 320
referential integrity, maintaining, 417, 431
reversing the sort order, 316
reviewing the four essential SQL commands,
376
SELECT command, 355, 369, 377, 419
selecting columns, 315
stmt_init(), 326
store_result(), 327
understanding table relationships, 415
UPDATE command, 357, 367, 370, 380, 419
updating a record with MySQLi (PHP Solution
13-4), 367
updating a record with PDO (PHP Solution
13-5), 371
using a MySQLi prepared statement in a
search (PHP Solution 11-8), 327
using a PDO prepared statement in a search
(PHP Solution 11-9), 331
using a variable for a column name, 320
using semicolons in queries along with PHP,
315
USING() clause, 424, 427
WHERE clause, 317, 375, 424
whitespace ignored, 315
writing SQL queries, 314
See also databases; foreign keys; MySQL;
PHP Data Objects (PDO);
phpMyAdmin; phpsols database;
primary keys; tables
INDEX
505
sub(), 406, 409
SUBDATE(), 392
substr(), 168, 220, 223, 384–385
Sun Microsystems, 280
superglobal arrays
$_FILES, 37, 144
$_GET, 36, 107, 109
get method, 36
$_POST, 36, 106–107, 109–111, 113, 116,
120–121, 132
post method, 36
$_REQUEST, 108
$_SERVER, 37
$_SESSION, 37, 246
See also arrays
switch statement
break keyword, 60
case keyword, 60
comparison operators and, 61
default keyword, 61
example of, 60
syntax of, 60
See also conditional statements; loops;
operators
Symfony, 100
T
tables
adding an extra column to a table (PHP
Solution 15-1), 418
altering the structure of an existing table,
417
composite primary key, 436
converting an InnoDB table back to MyISAM,
455
converting tables from MyISAM to InnoDB,
452
cross-reference (linking) table, 417, 436
establishing relationships between tables
through foreign keys, 415
finding records that dont have a matching
foreign key, 427
INNER JOIN, 422
inserting a foreign key in a table, 419
inserting data into multiple tables (PHP
Solution 16-4), 444
LEFT JOIN, 427
linking tables in a SELECT query, 422
many-to-many relationship, 417
one-to-many relationship, 416
one-to-one relationship, 415
referential integrity, maintaining, 417, 431
parent and child (dependent) tables, 417
understanding table relationships, 415
updating records in a cross-reference table,
449
See also databases; foreign keys; MySQL;
PHP Data Objects (PDO);
phpMyAdmin; phpsols database;
primary keys; Structured Query
Language (SQL)
tags, opening and closing, 30
ternary operator, syntax of, 61
test(), 220, 225, 228, 233
text
array_pop(), 388
blog_mysqli.php, 389
blog_pdo.php, 389
blog_ptags_mysqli.php, 387
blog_ptags_pdo.php, 387
count(), 388
displaying a text extract, 383
displaying database text as paragraphs, 386
displaying the first two sentences of an
article (PHP Solution 14-1), 388
ending an extract on a complete word, 385
extracting a fixed number of characters, 384
extracting complete sentences, 387
getFirst(), 387–388
implode(), 388
LEFT(), 384
nl2br(), 386
preg_replace(), 386
preg_split(), 387
strpos(), 385
strrpos(), 385
substr(), 384–385
using the PHP_EOL constant, 385
utility_funcs.inc.php, 387–388
See also file system; fopen()
<textarea> tag, 105, 118
TextEdit, 6, 9
$this->, 33, 153, 158
throwing an exception, 46–47
thumbnail images
generating, 217
Ps2_Thumbnail class, building, 218
Thumbnail.php, 218, 222, 236
Thumbnail_01.php, 222
Thumbnail_02.php, 226–227
Thumbnail_03.php, 229, 231
Thumbnail_04.php, 234
INDEX
506
ThumbnailUpload.php, 236
See also gallery (online); images;
Ps2_Thumbnail class;
Ps2_ThumbnailUpload class
thumbs folder, 337
time(), 271, 463
TIMESTAMP column, 394
automatically updating in a MySQL table,
356–357
TIMESTAMP data type, 300
timezones.php, 407
TINYBLOB data type, 301
<title> tag, 205, 208
title.inc.php, 79, 81–82
tmp_name, 148
toggle_fields.js, 442
transaction, definition of, 435
trim(), 187, 259
troubleshooting
catch block, 95–96
display_errors directive, turning off, 94
open_basedir directive has been set, 94
Parse error, 10
server is running in safe mode, 93
suppressing error messages in a live
website, 94
try block, 47, 95
See also error messages
true keyword, 58
two-way encryption
advantages and disadvantages of, 460
AES_DECRYPT(), 472
creating a login page with, 471
decrypting a password with, 472
storing a password in a database as a binary
object, 469
using, 469
See also encryption; one-way encryption;
passwords; sessions; SHA-1
type juggling, 166
U
ucfirst(), 80
ucwords(), 81–82
underscores, 33, 36
Unicode (UTF-8), 117, 122
unlink(), 239
UNSIGNED, 300
UPDATE command, 357, 370, 419
syntax of, 367, 380
WHERE clause, 380
Update Entry button, 370, 375
Upload.php, 155, 160, 236
Upload_01.php, 156–157
Upload_02.php, 160, 162
Upload_04.php, 170, 172
Upload_05.php, 176
Upload_06.php, 438
upload_test folder, 164, 170
uploading files
$this->, 158
adapting the Ps2_Upload class to handle
multiple file uploads (PHP Solution 6-6),
172
adding a file-upload field to an HTML form,
143
adding the multiple attribute to the <input>
tag, 171
addPermittedTypes(), 162–163, 165
allowing different MIME types and sizes to
be uploaded (PHP Solution 6-4), 161
array_merge(), 162
casting operators, 162, 166
checkError(), 158–160, 173–174
checking an uploaded files name before
saving it (PHP Solution 6-5), 166
checking the suitability of uploaded content,
141
checking upload errors, 156
checkName(), 169–170, 173
checkSize(), 158–159, 173–174
checkType(), 164–165, 173
common MIME types, table of, 161
configuration settings affecting file uploads,
table of, 142
converting the Ps2_Upload class to use a
namespace (PHP Solution 6-7), 176
copy(), 150
creating a basic file-upload class (PHP
Solution 6-2), 151
creating a basic file-upload script (PHP
Solution 6-1), 148
creating an upload folder for local testing on
Mac OS X, procedure for, 147
creating an upload folder for local testing on
Windows, 146
error levels in the $_FILES array, table of,
157
file_upload.php, 144, 150, 155–156, 160,
164–165, 170
file_upload_01.php, 144
file_upload_02.php, 144, 161
INDEX
507
file_upload_03.php, 148
file_upload_04.php, 148
file_upload_05.php, 156
file_upload_06.php, 171
file_upload_07.php, 171
file_uploads, 142
getMaxSize(), 158–159
getMessages(), 157
giving global access (chmod 777) to upload
directories, 146
hosting companies and file/directory
permissions, 146
how PHP handles file uploads, 142
how the $_FILES array handles multiple files,
171
in_array(), 163, 168–169
inspecting the $_FILES array, 144
is_int(), 163
is_numeric(), 163
isset(), 145
isValidMime(), 162–163
making changes to protected properties on
the fly, 161
max_execution_time, 142
MAX_FILE_SIZE, 148, 150, 164
max_input_time, 142
move(), 158–159, 164, 170, 173–174
move_uploaded_file(), 148–150, 154,
159–160, 173
moving a temporary file to the upload folder,
148
number_format(), 159
post_max_size, 142–143
preventing existing files from being
overwritten, 166
print_r(), 145
processFile(), 173–175
Ps2_Upload class, 151
scandir(), 168
security recommendations for file uploads,
178
setMaxSize(), 164
setPermittedTypes(), 162, 165
specifying a maximum size for an uploaded
file in an HTML form, 148
steps required to ensure a secure file-upload
process, 150
str_replace(), 167
strrpos(), 168
substr(), 168
testing the error level, file size, and MIME
type (PHP Solution 6-3), 157
tmp_name, 148
type juggling, 166
Upload button, 146, 149
upload directory, establishing, 146
Upload.php, 151, 155, 160
Upload_01.php, 156–157
Upload_02.php, 160, 162
Upload_03.php, 167
Upload_04.php, 170, 172
Upload_05.php, 176
upload_max_filesize, 143
upload_test folder, 146–147, 149–150, 164,
170
upload_tmp_dir, 143
uploading multiple files, 171
using the Ps2_Upload class in a script, 177
See also Ps2_Upload class
URL encoding, 106
users table
creating, 460
table of columns, 460
users_2way table
creating, 469
table of columns, 469
USING() clause, 424, 427
utility_funcs.inc.php, 387–388, 396–398, 424
V
value attribute, 139
Value field, 295
variables, 32
assigning values to, 33
assignment (=) operator, 33
camel case, 33
ending commands or statements with a
semicolon, 34
rules for naming variables, 33
scope of, 66
$this->, 33
underscores, 33
using a variable variable, 126
variables inside strings, 52
virtual host
setting up a virtual host for testing, 101
setting up your site in a virtual host, 27
INDEX
508
W
WampServer, 12
warnings, 46
websites
building PHP pages dynamically in response
to a browser request, 3
checking for PHP support on your website, 9
checking the current running version of PHP,
9
displaying the current year in a copyright
notice, 2
how PHP makes web pages dynamic, 2
include files, 3
suppressing error messages in a live
website, 94
testing your pages on your own website, 10
uses for PHP, 1
using PHP to introduce logic into web pages,
4
using the W3Cs Markup Validation Service,
5
WHERE clause, 317, 375, 377, 380, 424
while loop
syntax of, 62
while.php, 62
whitespace in code, 42
wordwrap(), 126
World Wide Web Consortium (W3C),
Markup Validation Service, 5
X, Y
XAMPP
configuring, procedure for, 14
confirming that Apache and MySQL are
running, 13
Control Panel, 13
Explore button, 14
installing on Windows, procedure for, 12
Port-Check button, 14
troubleshooting, 14
Z
Zend Framework, 100, 176
Zend Studio, 8
INDEX
509
