PHP MySQL web development3847
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (12.27 MB, 1,009 trang )
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page i
“I’ve never purchased a better
programming book… This book proved to
be the most informative, easiest to follow,
and had the best examples of any other
computer-related book I have ever
purchased.The text is very easy to follow!”
—Nick Landman
“This book by Welling & Thomson is the
only one which I have found to be indispensable.The writing is clear and straightforward but never wastes my time.The book is
extremely well laid out.The chapters are the
right length and chapter titles quickly take
you where you want to go.”
—Wright Sullivan, President, A&E
Engineering, Inc., Greer South Carolina
“I just wanted to tell you that I think the
book PHP and MySQL Web Development
rocks! It’s logically structured, just the right
difficulty level for me (intermediate),
interesting and easy to read, and, of course,
full of valuable information!”
—CodE-E, Austria
“There are several good introductory
books on PHP, but Welling & Thomson is an
excellent handbook for those who wish to
build up complex and reliable systems. It’s
obvious that the authors have a strong background in the development of professional
applications and they teach not only
the language itself, but also how to use it
with good software engineering practices.”
—Javier Garcia, senior telecom engineer,
Telefonica R&D Labs, Madrid
“I picked up this book two days ago
and I am half way finished. I just can’t put
it down.The layout and flow is perfect.
Everything is presented in such a way so
that the information is very palatable. I am
able to immediately grasp all the concepts.
The examples have also been wonderful.
I just had to take some time out to express
to you how pleased I have been with
this book.”
—Jason B. Lancaster
“This book has proven a trusty
companion, with an excellent crash course
in PHP and superb coverage of MySQL as
used for Web applications. It also features
several complete applications that are great
examples of how to construct modular,
scalable applications with PHP.Whether
you are a PHP newbie or a veteran in
search of a better desk-side reference, this
one is sure to please!”
—WebDynamic
“The true PHP/MySQL bible, PHP
and MySQL Web Development by Luke
Welling and Laura Thomson, made me
realize that programming and databases are
now available to the commoners. Again, I
know 1/10000th of what there is to know,
and already I’m enthralled.”
—Tim Luoma,TnTLuoma.com
“Welling and Thomson’s book is a good
reference for those who want to get to
grips with practical projects straight off the
bat. It includes webmail, shopping cart,
session control, and web-forum/weblog
applications as a matter of course, and
begins with a sturdy look at PHP first,
moving to MySQL once the basics
are covered.”
—twilight30 on Slashdot
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page ii
“This book is absolutely excellent, to
say the least…. Luke Welling and Laura
Thomson give the best in-depth explanations I’ve come across on such things as
regular expressions, classes and objects,
sessions etc. I really feel this book filled in a
lot of gaps for me with things I didn’t quite
understand….This book jumps right into
the functions and features most commonly
used with PHP, and from there it continues
in describing real-world projects, MySQL
integration, and security issues from a project manager’s point of view. I found every
bit of this book to be well organized and
easy to understand.”
—notepad on codewalkers.com
“A top-notch reference for
programmers using PHP and MySQL.
Highly recommended.”
—The Internet Writing Journal
“This is a well-written book for learning how to build Internet applications with
two of the most popular open-source Web
development technologies….The projects
are the real jewel of the book. Not only are
the projects described and constructed in a
logical, component-based manner, but the
selection of projects represents an excellent
cross-section of common components that
are built into many web sites.”
—Craig Cecil
“The book takes an easy, step-by-step
approach to introduce even the clueless
programmer to the language of PHP. On
top of that, I often find myself referring
back to it in my Web design efforts. I’m still
learning new things about PHP, but this
book gave me a solid foundation from
which to start and continues to help me to
this day.”
—Stephen Ward
“This book rocks! I am an experienced
programmer, so I didn’t need a lot of help
with PHP syntax; after all, it’s very close to
C/C++. I don’t know a thing about
databases, though, so when I wanted to
develop a book review engine (among
other projects) I wanted a solid reference
to using MySQL with PHP. I have
O’Reilly’s mSQL and MySQL book, and
it’s probably a better pure-SQL reference,
but this book has earned a place on my
reference shelf…Highly recommended.”
—Paul Robichaux
“One of the best programming guides
I’ve ever read.”
—jackofsometrades from Lahti, Finland
“This book is one of few that really
touched me and made me ‘love’ it. I can’t
put it in my bookshelf; I must put it in a
touchable place on my working bench as I
always like to refer from it. Its structure is
good, wordings are simple and straight forward, and examples are clear and step by
step. Before I read it, I knew nothing of
PHP and MySQL. After reading it, I have
the confidence and skill to develop any
complicated Web application.”
—Power Wong
“This book is God…. I highly recommend this book to anyone who wants to
jump in the deep end with database driven
Web application programming. I wish more
computer books were organized this way.”
—Sean C Schertell
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page iii
PHP and MySQL
Web Development
®
Fourth Edition
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page iv
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page v
PHP and MySQL
Web Development
®
Fourth Edition
Luke Welling
Laura Thomson
Upper Saddle River, NJ • Boston • Indianapolis • San Francisco
New York • Toronto • Montreal • London • Munich • Paris • Madrid
Cape Town • Sydney • Tokyo • Singapore • Mexico City
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page vi
PHP and MySQL® Web Development, Fourth Edition
Copyright © 2009 by Pearson Education, Inc.
All rights reserved. No part of this book shall be reproduced, stored in a
retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the
preparation of this book, the publisher and authors assume no responsibility for errors or omissions. Neither is any liability assumed for damages
resulting from the use of the information contained herein.
Library of Congress Cataloging-in-Publication Data
Welling, Luke, 1972PHP and MySQL Web development / Luke Welling, Laura Thomson. -- 4th
ed.
p. cm.
ISBN 978-0-672-32916-6 (pbk. w/cd)
1. PHP (Computer program language) 2. SQL (Computer program language)
3. MySQL (Electronic resource) 4. Web sites--Design. I. Thomson,
Acquisitions Editor
Mark Taber
Development Editor
Michael Thurston
Managing Editor
Patrick Kanouse
Project Editor
Jennifer Gallant
Copy Editor
Barbara Hacha
Indexer
Tim Wright
Proofreader
Kathy Ruiz
Technical Editor
Tim Boronczyk
Publishing Coordinator
Vanessa Evans
Laura. II. Title.
QA76.73.P224W45 2008
005.2'762--dc22
2008036492
Printed in the United States of America
Multimedia Developer
Dan Scherf
First Printing: September 2009
Book Designer
Gary Adair
ISBN-10: 0-672-32916-6
ISBN-13: 978-0-672-32916-6
Composition
Bronkella Publishing
Trademarks
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Pearson Education, Inc.
cannot attest to the accuracy of this information. Use of a term in this
book should not be regarded as affecting the validity of any trademark or
service mark.
Warning and Disclaimer
Every effort has been made to make this book as complete and as accurate
as possible, but no warranty or fitness is implied. The information provided
is on an “as is” basis. The authors and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or
damages arising from the information contained in this book or from the use
of the CD-ROM or programs accompanying it.
Bulk Sales
Pearson Education, Inc. offers excellent discounts on this book when
ordered in quantity for bulk purchases or special sales. For more information, please contact
U.S. Corporate and Government Sales
1-800-382-3419
For sales outside the U.S., please contact
International Sales
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page vii
❖
To our Mums and Dads
❖
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page viii
Contents at a Glance
Introduction 1
I Using PHP
1 PHP Crash Course 13
2 Storing and Retrieving Data 59
3 Using Arrays 81
4 String Manipulation and Regular Expressions 107
5 Reusing Code and Writing Functions 133
6 Object-Oriented PHP 159
7 Error and Exception Handling 193
II Using MySQL
8 Designing Your Web Database 207
9 Creating Your Web Database 219
10 Working with Your MySQL Database 243
11 Accessing Your MySQL Database from the Web
with PHP 267
12 Advanced MySQL Administration 287
13 Advanced MySQL Programming 311
III E-commerce and Security
14 Running an E-commerce Site 327
15 E-commerce Security Issues 341
16 Web Application Security 361
17 Implementing Authentication with PHP and
MySQL 391
18 Implementing Secure Transactions with PHP and
MySQL 409
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page ix
IV Advanced PHP Techniques
19 Interacting with the File System and the Server
431
20 Using Network and Protocol Functions 451
21 Managing the Date and Time 469
22 Generating Images 483
23 Using Session Control in PHP 509
24 Other Useful Features 525
V Building Practical PHP and MySQL Projects
25 Using PHP and MySQL for Large Projects 535
26 Debugging 551
27 Building User Authentication and Personalization
569
28 Building a Shopping Cart 607
29 Building a Web-Based Email Service 651
30 Building a Mailing List Manager 687
31 Building Web Forums 741
32 Generating Personalized PDF Documents 771
33 Connecting to Web Services with XML and SOAP
807
34 Building Web 2.0 Applications with Ajax 855
VI Appendixes
A Installing PHP and MySQL 889
B Web Resources 907
Index 911
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page x
Table of Contents
Introduction
1
I Using PHP
1 PHP Crash Course 13
Before You Begin: Accessing PHP 14
Creating a Sample Application: Bob’s Auto Parts 14
Creating the Order Form 14
Processing the Form 16
Embedding PHP in HTML 17
PHP Tags 18
PHP Statements 19
Whitespace 20
Comments 20
Adding Dynamic Content 21
Calling Functions 22
Using the date() Function 22
Accessing Form Variables 23
Short, Medium, and Long Variables 23
String Concatenation 26
Variables and Literals 27
Understanding Identifiers 28
Examining Variable Types 29
PHP’s Data Types 29
Type Strength 29
Type Casting 30
Variable Variables 30
Declaring and Using Constants 31
Understanding Variable Scope 31
Using Operators 32
Arithmetic Operators 33
String Operators 34
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xi
Assignment Operators 34
Comparison Operators 36
Logical Operators 38
Bitwise Operators 38
Other Operators 39
Working Out the Form Totals 41
Understanding Precedence and Associativity 42
Using Variable Functions 44
Testing and Setting Variable Types 44
Testing Variable Status 45
Reinterpreting Variables 46
Making Decisions with Conditionals 46
if Statements 46
Code Blocks 47
else Statements 47
elseif Statements 48
switch Statements 49
Comparing the Different Conditionals 51
Repeating Actions Through Iteration 51
while Loops 53
for and foreach Loops 54
do...while Loops 55
Breaking Out of a Control Structure or Script 56
Employing Alternative Control Structure Syntax 56
Using declare 57
Next 57
2 Storing and Retrieving Data
59
Saving Data for Later 59
Storing and Retrieving Bob’s Orders 60
Processing Files 61
Opening a File 61
Choosing File Modes 61
Using fopen() to Open a File 62
Opening Files Through FTP or HTTP 64
Addressing Problems Opening Files 65
00_0672329166_fm.qxd
xii
9/3/08
1:14 PM
Page xii
Contents
Writing to a File 67
Parameters for fwrite() 68
File Formats 68
Closing a File 69
Reading from a File 71
Opening a File for Reading: fopen() 72
Knowing When to Stop: feof() 73
Reading a Line at a Time: fgets(), fgetss(), and
fgetcsv() 73
Reading the Whole File: readfile(), fpassthru(), and
file() 74
Reading a Character: fgetc() 75
Reading an Arbitrary Length: fread() 75
Using Other Useful File Functions 76
Checking Whether a File Is There:
file_exists() 76
Determining How Big a File Is: filesize() 76
Deleting a File: unlink() 76
Navigating Inside a File: rewind(), fseek(), and
ftell() 76
Locking Files 78
A Better Way: Database Management Systems 79
Problems with Using Flat Files 79
How RDBMSs Solve These Problems 80
Further Reading 80
Next 80
3 Using Arrays
81
What Is an Array? 81
Numerically Indexed Arrays 82
Initializing Numerically Indexed Arrays 82
Accessing Array Contents 83
Using Loops to Access the Array 84
Arrays with Different Indices 85
Initializing an Array 85
Accessing the Array Elements 85
Using Loops 85
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xiii
Contents
Array Operators 87
Multidimensional Arrays 88
Sorting Arrays 92
Using sort() 92
Using asort() and ksort() to Sort Arrays 93
Sorting in Reverse 93
Sorting Multidimensional Arrays 93
User-Defined Sorts 93
Reverse User Sorts 95
Reordering Arrays 96
Using shuffle() 96
Using array_reverse() 97
Loading Arrays from Files 98
Performing Other Array Manipulations 102
Navigating Within an Array: each(), current(),
reset(), end(), next(), pos(), and prev() 102
Applying Any Function to Each Element in an
Array: array_walk() 103
Counting Elements in an Array: count(), sizeof(),
and array_count_values() 104
Converting Arrays to Scalar Variables:
extract() 105
Further Reading 106
Next 106
4 String Manipulation and Regular
Expressions 107
Creating a Sample Application: Smart Form Mail 107
Formatting Strings 110
Trimming Strings: chop(), ltrim(), and
trim() 110
Formatting Strings for Presentation 110
Formatting Strings for Storage: addslashes() and
stripslashes() 114
Joining and Splitting Strings with String
Functions 116
Using explode(), implode(), and join() 116
Using strtok() 117
Using substr() 118
xiii
00_0672329166_fm.qxd
xiv
9/3/08
1:14 PM
Page xiv
Contents
Comparing Strings 119
Performing String Ordering: strcmp(),
strcasecmp(), and strnatcmp() 119
Testing String Length with strlen() 120
Matching and Replacing Substrings with String
Functions 120
Finding Strings in Strings: strstr(), strchr(),
strrchr(), and stristr() 120
Finding the Position of a Substring: strpos() and
strrpos() 121
Replacing Substrings: str_replace() and
substr_replace() 122
Introducing Regular Expressions 123
The Basics 124
Character Sets and Classes 124
Repetition 126
Subexpressions 126
Counted Subexpressions 126
Anchoring to the Beginning or End of a
String 126
Branching 127
Matching Literal Special Characters 127
Reviewing the Special Characters 127
Putting It All Together for the Smart Form 128
Finding Substrings with Regular Expressions 129
Replacing Substrings with Regular Expressions 130
Splitting Strings with Regular Expressions 130
Further Reading 131
Next 131
5 Reusing Code and Writing Functions
133
The Advantages of Reusing Code 133
Cost 134
Reliability 134
Consistency 134
Using require() and include() 134
Filename Extensions and require() 135
Using require() for Website Templates 137
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xv
Contents
Using auto_prepend_file and
auto_append_file 142
Using Functions in PHP 143
Calling Functions 143
Calling an Undefined Function 145
Understanding Case and Function Names 146
Defining Your Own Functions 146
Examining Basic Function Structure 146
Naming Your Function 147
Using Parameters 148
Understanding Scope 150
Passing by Reference Versus Passing by Value 153
Using the return Keyword 154
Returning Values from Functions 155
Implementing Recursion 156
Namespaces 158
Further Reading 158
Next 158
6 Object-Oriented PHP
159
Understanding Object-Oriented Concepts 160
Classes and Objects 160
Polymorphism 161
Inheritance 162
Creating Classes, Attributes, and Operations in PHP
162
Structure of a Class 162
Constructors 163
Destructors 163
Instantiating Classes 164
Using Class Attributes 164
Controlling Access with private and public 166
Calling Class Operations 167
Implementing Inheritance in PHP 168
Controlling Visibility Through Inheritance with
private and protected 169
xv
00_0672329166_fm.qxd
xvi
9/3/08
1:14 PM
Page xvi
Contents
Overriding 170
Preventing Inheritance and Overriding with final
172
Understanding Multiple Inheritance 173
Implementing Interfaces 173
Designing Classes 174
Writing the Code for Your Class 175
Understanding Advanced Object-Oriented
Functionality in PHP 183
Using Per-Class Constants 184
Implementing Static Methods 184
Checking Class Type and Type Hinting 184
Late Static Bindings 185
Cloning Objects 186
Using Abstract Classes 186
Overloading Methods with __call() 186
Using __autoload() 187
Implementing Iterators and Iteration 188
Converting Your Classes to Strings 190
Using the Reflection API 190
Next 191
7 Error and Exception Handling
193
Exception Handling Concepts 193
The Exception Class 195
User-Defined Exceptions 196
Exceptions in Bob’s Auto Parts 199
Exceptions and PHP’s Other Error Handling
Mechanisms 202
Further Reading 203
Next 203
II Using MySQL
8 Designing Your Web Database
Relational Database Concepts 208
Tables 208
Columns 209
207
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xvii
Contents
Rows 209
Values 209
Keys 209
Schemas 210
Relationships 211
Designing Your Web Database 211
Think About the Real-World Objects You Are
Modeling 211
Avoid Storing Redundant Data 212
Use Atomic Column Values 214
Choose Sensible Keys 215
Think About What You Want to Ask the
Database 215
Avoid Designs with Many Empty
Attributes 215
Summary of Table Types 216
Web Database Architecture 216
Further Reading 218
Next 218
9 Creating Your Web Database
219
Using the MySQL Monitor 220
Logging In to MySQL 221
Creating Databases and Users 222
Setting Up Users and Privileges 223
Introducing MySQL’s Privilege System 223
Principle of Least Privilege 223
User Setup:The GRANT Command 223
Types and Levels of Privileges 225
The REVOKE Command 227
Examples Using GRANT and REVOKE 227
Setting Up a User for the Web 228
Using the Right Database 229
Creating Database Tables 229
Understanding What the Other Keywords
Mean 231
Understanding the Column Types 232
xvii
00_0672329166_fm.qxd
xviii
9/3/08
1:14 PM
Page xviii
Contents
Looking at the Database with SHOW and
DESCRIBE 233
Creating Indexes 234
Understanding MySQL Identifiers 235
Choosing Column Data Types 236
Numeric Types 236
Date and Time Types 238
String Types 239
Further Reading 241
Next 241
10 Working with Your MySQL Database
243
What Is SQL? 243
Inserting Data into the Database 244
Retrieving Data from the Database 246
Retrieving Data with Specific Criteria 248
Retrieving Data from Multiple Tables 249
Retrieving Data in a Particular Order 255
Grouping and Aggregating Data 256
Choosing Which Rows to Return 258
Using Subqueries 258
Updating Records in the Database 261
Altering Tables After Creation 261
Deleting Records from the Database 264
Dropping Tables 264
Dropping a Whole Database 264
Further Reading 265
Next 265
11 Accessing Your MySQL Database from the
Web with PHP 267
How Web Database Architectures Work 268
Querying a Database from the Web 271
Checking and Filtering Input Data 271
Setting Up a Connection 272
Choosing a Database to Use 274
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xix
Contents
Querying the Database 274
Retrieving the Query Results 275
Disconnecting from the Database 276
Putting New Information in the Database 276
Using Prepared Statements 280
Using Other PHP-Database Interfaces 282
Using a Generic Database Interface: PEAR
MDB2 282
Further Reading 285
Next 285
12 Advanced MySQL Administration
287
Understanding the Privilege System in Detail 287
The user Table 289
The db and host Tables 290
The tables_priv, columns_priv, and procs priv
Tables 292
Access Control: How MySQL Uses the Grant
Tables 293
Updating Privileges:When Do Changes Take
Effect? 293
Making Your MySQL Database Secure 294
MySQL from the Operating System’s Point of
View 294
Passwords 295
User Privileges 295
Web Issues 296
Getting More Information About Databases 296
Getting Information with SHOW 296
Getting Information About Columns with
DESCRIBE 299
Understanding How Queries Work with
EXPLAIN 299
Optimizing Your Database 304
Design Optimization 304
Permissions 304
Table Optimization 304
xix
00_0672329166_fm.qxd
xx
9/3/08
1:14 PM
Page xx
Contents
Using Indexes 305
Using Default Values 305
Other Tips 305
Backing Up Your MySQL Database 305
Restoring Your MySQL Database 306
Implementing Replication 306
Setting Up the Master 307
Performing the Initial Data Transfer 307
Setting Up the Slave or Slaves 308
Further Reading 309
Next 309
13 Advanced MySQL Programming
311
The LOAD DATA INFILE Statement 311
Storage Engines 312
Transactions 313
Understanding Transaction Definitions 313
Using Transactions with InnoDB 314
Foreign Keys 315
Stored Procedures 316
Basic Example 316
Local Variables 319
Cursors and Control Structures 319
Further Reading 323
Next 323
III E-commerce and Security
14 Running an E-commerce Site
327
Deciding What You Want to Achieve 327
Considering the Types of Commercial Websites 327
Publishing Information Using Online
Brochures 328
Taking Orders for Goods or Services 331
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xxi
Contents
Providing Services and Digital Goods 334
Adding Value to Goods or Services 335
Cutting Costs 335
Understanding Risks and Threats 336
Crackers 337
Failure to Attract Sufficient Business 337
Computer Hardware Failure 337
Power, Communication, Network, or Shipping
Failures 338
Extensive Competition 338
Software Errors 338
Evolving Governmental Policies and Taxes 339
System Capacity Limits 339
Choosing a Strategy 339
Next 339
15 E-commerce Security Issues
341
How Important Is Your Information? 342
Security Threats 342
Exposure of Confidential Data 343
Loss or Destruction of Data 344
Modification of Data 345
Denial of Service 346
Errors in Software 347
Repudiation 348
Usability, Performance, Cost, and Security 349
Creating a Security Policy 349
Authentication Principles 350
Encryption Basics 351
Private Key Encryption 353
Public Key Encryption 353
Digital Signatures 354
Digital Certificates 355
Secure Web Servers 356
Auditing and Logging 357
xxi
00_0672329166_fm.qxd
xxii
9/3/08
1:14 PM
Page xxii
Contents
Firewalls 357
Data Backups 358
Backing Up General Files 358
Backing Up and Restoring Your MySQL
Database 358
Physical Security 359
Next 359
16 Web Application Security
361
Strategies for Dealing with Security 361
Start with the Right Mindset 362
Balancing Security and Usability 362
Monitoring Security 363
Our Basic Approach 363
Identifying the Threats We Face 363
Access to or Modification of Sensitive Data 363
Loss or Destruction of Data 364
Denial of Service 364
Malicious Code Injection 365
Compromised Server 365
Understanding Who We’re Dealing With 365
Crackers 366
Unwitting Users of Infected Machines 366
Disgruntled Employees 366
Hardware Thieves 366
Ourselves 366
Securing Your Code 367
Filtering User Input 367
Escaping Output 371
Code Organization 374
What Goes in Your Code 374
File System Considerations 375
Code Stability and Bugs 376
Execution Quotes and exec 377
Securing Your Web Server and PHP 378
Keep Software Up-to-Date 378
Browse the php.ini file 380
00_0672329166_fm.qxd
9/3/08
1:14 PM
Page xxiii
Contents
Web Server Configuration 380
Commercially Hosted Web Applications 382
Database Server Security 383
Users and the Permissions System 383
Sending Data to the Server 384
Connecting to the Server 384
Running the Server 385
Protecting the Network 385
Install Firewalls 386
Use a DMZ 386
Prepare for DoS and DDoS Attacks 387
Computer and Operating System Security 387
Keep the Operating System Up-to-Date 387
Run Only What Is Necessary 388
Physically Secure the Server 388
Disaster Planning 388
Next 390
17 Implementing Authentication with PHP and
MySQL 391
Identifying Visitors 391
Implementing Access Control 392
Storing Passwords 395
Encrypting Passwords 397
Protecting Multiple Pages 399
Using Basic Authentication 399
Using Basic Authentication in PHP 400
Using Basic Authentication with Apache’s .htaccess
Files 402
Using mod_auth_mysql Authentication 406
Installing mod_auth_mysql 406
Using mod_auth_mysql 407
Creating Your Own Custom Authentication 408
Further Reading 408
Next 408
xxiii
00_0672329166_fm.qxd
xxiv
9/3/08
1:14 PM
Page xxiv
Contents
18 Implementing Secure Transactions with
PHP and MySQL 409
Providing Secure Transactions 409
The User’s Machine 410
The Internet 411
Your System 412
Using Secure Sockets Layer (SSL) 413
Screening User Input 417
Providing Secure Storage 417
Storing Credit Card Numbers 419
Using Encryption in PHP 419
Installing GPG 420
Testing GPG 422
Further Reading 427
Next 428
IV Advanced PHP Techniques
19 Interacting with the File System and the
Server 431
Uploading Files 431
HTML for File Upload 433
Writing the PHP to Deal with the File 434
Avoiding Common Upload Problems 438
Using Directory Functions 439
Reading from Directories 439
Getting Information About the Current
Directory 442
Creating and Deleting Directories 443
Interacting with the File System 443
Getting File Information 444
Changing File Properties 446
Creating, Deleting, and Moving Files 447
Using Program Execution Functions 447
