Fourth Edition
Addison-Wesley
Upper Saddle River, NJ • Boston • Indianapolis • San Francisco
New York • Toronto • Montreal • London • Munich • Paris • Madrid
Cape Town • Sydney • Tokyo • Singapore • Mexico City
PHP and MySQL® Web Development, Fourth Edition
Copyright © 2009 by Pearson Education, Inc.
All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions. Neither is any liability assumed for damages resulting from the use of the information contained herein.
Library of Congress Cataloging-in-Publication Data
Welling, Luke, 1972-
PHP and MySQL Web development / Luke Welling, Laura Thomson. - 4th
ed.
p. cm.
ISBN 978-0-672-32916-6 (pbk. w/cd)
1. PHP (Computer program language) 2. SQL (Computer program language)
3. MySQL (Electronic resource) 4. Web sites-Design. I. Thomson,
Laura. II. Title.
QA76.73.P224W45 2008
005.2’762-dc22
2008036492
Printed in the United States of America
First Printing: September 2008
ISBN-10: 0-672-32916-6
ISBN-13: 978-0-672-32916-6
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Pearson Education, Inc. cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.
Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The authors and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD-ROM or programs accompanying it.
Pearson Education, Inc. offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact
U.S. Corporate and Government Sales
1-800-382-3419
[email protected]
For sales outside the U.S., please contact
International Sales
[email protected]
Acquisitions Editor
Mark Taber
Development Editor
Michael Thurston
Managing Editor
Patrick Kanouse
Project Editor
Jennifer Gallant
Copy Editor
Barbara Hacha
Indexer
Tim Wright
Proofreader
Kathy Ruiz
Technical Editor
Tim Boronczyk
Publishing Coordinator
Vanessa Evans
Multimedia Developer
Dan Scherf
Book Designer
Gary Adair
Composition
Bronkella Publishing
To our Mums and Dads
4 String Manipulation and Regular Expressions
5 Reusing Code and Writing Functions
7 Error and Exception Handling
10 Working with Your MySQL Database
11 Accessing Your MySQL Database from the Web with PHP
12 Advanced MySQL Administration
17 Implementing Authentication with PHP and MySQL
18 Implementing Secure Transactions with PHP and MySQL
19 Interacting with the File System and the Server
20 Using Network and Protocol Functions
23 Using Session Control in PHP
V Building Practical PHP and MySQL Projects
25 Using PHP and MySQL for Large Projects
27 Building User Authentication and Personalization
29 Building a Web-Based Email Service
30 Building a Mailing List Manager
32 Generating Personalized PDF Documents
33 Connecting to Web Services with XML and SOAP
34 Building Web 2.0 Applications with Ajax
Before You Begin: Accessing PHP
Creating a Sample Application: Bob’s Auto Parts
Short, Medium, and Long Variables
Understanding Precedence and Associativity
Testing and Setting Variable Types
Making Decisions with Conditionals
Comparing the Different Conditionals
Repeating Actions Through Iteration
Breaking Out of a Control Structure or Script
Employing Alternative Control Structure Syntax
Storing and Retrieving Bob’s Orders
Opening Files Through FTP or HTTP
Addressing Problems Opening Files
Opening a File for Reading: fopen()
Reading a Line at a Time: fgets(), fgetss(), and fgetcsv()
Reading the Whole File: readfile(), fpassthru(), and file()
Reading an Arbitrary Length: fread()
Using Other Useful File Functions
Checking Whether a File Is There: file_exists()
Determining How Big a File Is: filesize()
Navigating Inside a File: rewind(), fseek(), and ftell()
A Better Way: Database Management Systems
Problems with Using Flat Files
How RDBMSs Solve These Problems
Initializing Numerically Indexed Arrays
Using Loops to Access the Array
Using asort() and ksort() to Sort Arrays
Sorting Multidimensional Arrays
Performing Other Array Manipulations
Navigating Within an Array: each(), current(), reset(), end(), next(), pos(), and prev()
Applying Any Function to Each Element in an Array: array_walk()
Counting Elements in an Array: count(), sizeof(), and array_count_values()
Converting Arrays to Scalar Variables: extract()
4 String Manipulation and Regular Expressions
Creating a Sample Application: Smart Form Mail
Trimming Strings: chop(), ltrim(), and trim()
Formatting Strings for Presentation
Formatting Strings for Storage: addslashes() and stripslashes()
Joining and Splitting Strings with String Functions
Using explode(), implode(), and join()
Performing String Ordering: strcmp(), strcasecmp(), and strnatcmp()
Testing String Length with strlen()
Matching and Replacing Substrings with String Functions
Finding Strings in Strings: strstr(), strchr(), strrchr(), and stristr()
Finding the Position of a Substring: strpos() and strrpos()
Replacing Substrings: str_replace() and substr_replace()
Introducing Regular Expressions
Anchoring to the Beginning or End of a String
Matching Literal Special Characters
Reviewing the Special Characters
Putting It All Together for the Smart Form
Finding Substrings with Regular Expressions
Replacing Substrings with Regular Expressions
Splitting Strings with Regular Expressions
5 Reusing Code and Writing Functions
The Advantages of Reusing Code
Filename Extensions and require()
Using require() for Website Templates
Using auto_prepend_file and auto_append_file
Understanding Case and Function Names
Examining Basic Function Structure
Passing by Reference Versus Passing by Value
Returning Values from Functions
Understanding Object-Oriented Concepts
Creating Classes, Attributes, and Operations in PHP
Controlling Access with private and public
Implementing Inheritance in PHP
Controlling Visibility Through Inheritance with private and protected
Preventing Inheritance and Overriding with final
Understanding Multiple Inheritance
Writing the Code for Your Class
Understanding Advanced Object-Oriented Functionality in PHP
Checking Class Type and Type Hinting
Overloading Methods with__call()
Implementing Iterators and Iteration
Converting Your Classes to Strings
7 Error and Exception Handling
Exceptions in Bob’s Auto Parts
Exceptions and PHP’s Other Error Handling Mechanisms
Think About the Real-World Objects You Are Modeling
Think About What You Want to Ask the Database
Avoid Designs with Many Empty Attributes
Setting Up Users and Privileges
Introducing MySQL’s Privilege System
Types and Levels of Privileges
Examples Using GRANT and REVOKE
Understanding What the Other Keywords Mean
Understanding the Column Types
Looking at the Database with SHOW and DESCRIBE
Understanding MySQL Identifiers
10 Working with Your MySQL Database
Inserting Data into the Database
Retrieving Data from the Database
Retrieving Data with Specific Criteria
Retrieving Data from Multiple Tables
Retrieving Data in a Particular Order
Updating Records in the Database
Altering Tables After Creation
Deleting Records from the Database
11 Accessing Your MySQL Database from the Web with PHP
How Web Database Architectures Work
Querying a Database from the Web
Checking and Filtering Input Data
Disconnecting from the Database
Putting New Information in the Database
Using Other PHP-Database Interfaces
Using a Generic Database Interface: PEAR MDB2
12 Advanced MySQL Administration
Understanding the Privilege System in Detail
The tables_priv, columns_priv, and procs priv Tables
Access Control: How MySQL Uses the Grant Tables
Updating Privileges: When Do Changes Take Effect?
Making Your MySQL Database Secure
MySQL from the Operating System’s Point of View
Getting More Information About Databases
Getting Information About Columns with DESCRIBE
Understanding How Queries Work with EXPLAIN
Backing Up Your MySQL Database
Performing the Initial Data Transfer
Setting Up the Slave or Slaves
The LOAD DATA INFILE Statement
Understanding Transaction Definitions
Using Transactions with InnoDB
Cursors and Control Structures
Deciding What You Want to Achieve
Considering the Types of Commercial Websites
Publishing Information Using Online Brochures
Taking Orders for Goods or Services
Providing Services and Digital Goods
Adding Value to Goods or Services
Understanding Risks and Threats
Failure to Attract Sufficient Business
Power, Communication, Network, or Shipping Failures
Evolving Governmental Policies and Taxes
How Important Is Your Information?
Usability, Performance, Cost, and Security
Backing Up and Restoring Your MySQL Database
Strategies for Dealing with Security
Balancing Security and Usability
Identifying the Threats We Face
Access to or Modification of Sensitive Data
Understanding Who We’re Dealing With
Unwitting Users of Infected Machines
Securing Your Web Server and PHP
Commercially Hosted Web Applications
Users and the Permissions System
Prepare for DoS and DDoS Attacks
Computer and Operating System Security
Keep the Operating System Up-to-Date
17 Implementing Authentication with PHP and MySQL
Using Basic Authentication in PHP
Using Basic Authentication with Apache’s .htaccess Files
Using mod_auth_mysql Authentication
Creating Your Own Custom Authentication
18 Implementing Secure Transactions with PHP and MySQL
Using Secure Sockets Layer (SSL)
19 Interacting with the File System and the Server
Writing the PHP to Deal with the File
Avoiding Common Upload Problems
Getting Information About the Current Directory
Creating and Deleting Directories
Interacting with the File System
Creating, Deleting, and Moving Files
Using Program Execution Functions
Interacting with the Environment: getenv() and putenv()
20 Using Network and Protocol Functions
Using Data from Other Websites
Using Network Lookup Functions
Backing Up or Mirroring a File
Using FTP to Back Up or Mirror a File
Getting the Date and Time from PHP
Validating Dates with checkdate()
Converting Between PHP and MySQL Date Formats
Setting Up Image Support in PHP
Drawing or Printing Text on the Image
Using Automatically Generated Images in Other Pages
Using Text and Fonts to Create Images
Fitting the Text onto the Button
Writing the Text onto the Button
Drawing Figures and Graphing Data
23 Using Session Control in PHP
Understanding Basic Session Functionality
Unsetting Variables and Destroying the Session
Creating a Simple Session Example
Implementing Authentication with Session Control
Terminating Execution: die() and exit()
Serializing Variables and Objects
Getting Information About the PHP Environment
Finding Out What Extensions Are Loaded
Finding Out When the Script Was Modified
Temporarily Altering the Runtime Environment
V Building Practical PHP and MySQL Projects
25 Using PHP and MySQL for Large Projects
Applying Software Engineering to Web Development
Planning and Running a Web Application Project
Using a Standard Directory Structure
Documenting and Sharing In-House Functions
Choosing a Development Environment
Altering the Error Reporting Settings
27 Building User Authentication and Personalization
User Identification and Personalization
Implementing User Authentication
Implementing Bookmark Storage and Retrieval
Considering Possible Extensions
Tracking Users’ Purchases While They Shop
Building an Administration Interface
Implementing the Online Catalog
Implementing the Shopping Cart
Using the show_cart.php Script
Implementing an Administration Interface
29 Building a Web-Based Email Service
Mail Protocols: POP3 Versus IMAP
Examining the Script Architecture
Replying To or Forwarding Mail
30 Building a Mailing List Manager
Setting Up a Database of Lists and Subscribers
Defining the Script Architecture
Implementing Administrative Functions
32 Generating Personalized PDF Documents
Generating a PDF Certificate from a Template
Generating a PDF Document Using PDFlib
A Hello World Script for PDFlib
Generating a Certificate with PDFlib
Handling Problems with Headers
33 Connecting to Web Services with XML and SOAP
Project Overview: Working with XML and Web Services
Using Amazon’s Web Services Interfaces
Getting an AmazonResultSet Class
Using REST to Make a Request and Retrieve a Result
Using SOAP to Make a Request and Retrieve a Result
Caching the Data from a Request
34 Building Web 2.0 Applications with Ajax
Working with the Server Response
Adding Ajax Elements to Earlier Projects
Adding Ajax Elements to PHPbookmark
Learning More about the Document Object Model (DOM)
JavaScript Libraries for Ajax Applications
Installing Apache, PHP, and MySQL Under Unix
Installing Apache, PHP, and MySQL Under Windows
Installing MySQL Under Windows
Installing Apache Under Windows
Setting Up Other Configurations
MySQL and SQL Specific Resources
Laura Thomson is a senior software engineer at Mozilla Corporation. She was formerly a principal at both OmniTI and Tangled Web Design, and she has worked for RMIT University and the Boston Consulting Group. She holds a Bachelor of Applied Science (Computer Science) degree and a Bachelor of Engineering (Computer Systems Engineering) degree with honors. In her spare time she enjoys riding horses, arguing about free and open source software, and sleeping.
Luke Welling is a web architect at OmniTI and regularly speaks on open source and web development topics at conferences such as OSCON, ZendCon, MySQLUC, PHPCon, OSDC, and LinuxTag. Prior to joining OmniTI, he worked for the web analytics company Hitwise.com, at the database vendor MySQL AB, and as an independent consultant at Tangled Web Design. He has taught computer science at RMIT University in Melbourne, Australia, and holds a Bachelor of Applied Science (Computer Science) degree. In his spare time, he attempts to perfect his insomnia.
Julie C. Meloni is the technical director for i2i Interactive (www.i2ii.com), a multimedia company located in Los Altos, California. She has been developing web-based applications since the Web first saw the light of day and remembers the excitement surrounding the first GUI web browser. She has authored numerous books and articles on web-based programming languages and database topics, including the bestselling Sams Teach Yourself PHP, MySQL, and Apache All in One.
Adam DeFields is a consultant specializing in web application development, project management, and instructional design. He lives in Grand Rapids, Michigan where he runs Emanation Systems, LLC, (www.emanationsystemsllc.com) a company he founded in 2002. He has been involved with web development projects using several different technologies, but has developed a strong preference toward PHP/MySQL-based projects.
Marc Wandschneider is a freelance software developer, author, and speaker who travels the globe working on interesting projects. In recent years, a lot of his attention has been focused on writing robust and scalable web applications, and in 2005 he wrote a book called Core Web Application Programming with PHP and MySQL. He was was previously the main developer of the SWiK (http://swik.net) open source community site. Marc currently lives in Beijing where he spends his time mangling the Chinese language and programming.
We would like to thank the team at Pearson for all their hard work. In particular, we would like to thank Shelley Johnston, without whose dedication and patience the first three editions of this book would not have been possible, and Mark Taber, who has taken over for the fourth edition.
We appreciate immensely the work done by the PHP and MySQL development teams. Their work has made our lives easier for a number of years now and continues to do so on a daily basis.
We thank Adrian Close at eSec for saying “You can build that in PHP” back in 1998. He said we would like PHP, and it seems he was right.
Finally, we would like to thank our family and friends for putting up with us while we have been repeatedly antisocial while working on books. Specifically, thank you for your support to our family members: Julie, Robert, Martin, Lesley, Adam, Paul, Archer, and Barton.
As the reader of this book, you are our most important critic and commentator. We value your opinion and want to know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any other words of wisdom you’re willing to pass our way.
You can email or write me directly to let me know what you did or didn’t like about this book—as well as what we can do to make our books stronger.
Please note that I cannot help you with technical problems related to the topic of this book, and that due to the high volume of mail I receive, I might not be able to reply to every message.
When you write, please be sure to include this book’s title and authors as well as your name and phone or email address. I will carefully review your comments and share them with the authors and editors who worked on the book.
Email: [email protected]
Mail: Mark Taber
Associate Publisher
Pearson Education, Inc.
800 East 96th Street
Indianapolis, IN 46240 USA
Visit our website and register this book at informit.com/register for convenient access to any updates, downloads, or errata that might be available for this book.
WELCOME TO PHP AND MYSQL WEB DEVELOPMENT. Within its pages, you will find distilled knowledge from our experiences using PHP and MySQL, two of the hottest web development tools around.
In this introduction, we cover
What you will be able to achieve using this book
What PHP and MySQL are and why they’re great
What’s changed in the latest versions of PHP and MySQL
Let’s get started.
This book will teach you how to create interactive websites from the simplest order form through to complex, secure e-commerce sites or interactive Web 2.0 sites. What’s more, you’ll learn how to do it using open source technologies.
This book is aimed at readers who already know at least the basics of HTML and have done some programming in a modern programming language before but have not necessarily programmed for the Internet or used a relational database. If you are a beginning programmer, you should still find this book useful, but digesting it might take a little longer. We’ve tried not to leave out any basic concepts, but we do cover them at speed. The typical readers of this book want to master PHP and MySQL for the purpose of building a large or commercial website. You might already be working in another web development language; if so, this book should get you up to speed quickly.
We wrote the first edition of this book because we were tired of finding PHP books that were basically function references. These books are useful, but they don’t help when your boss or client has said, “Go build me a shopping cart.” In this book, we have done our best to make every example useful. You can use many of the code samples directly in your website, and you can use many others with only minor modifications.
Reading this book will enable you to build real-world, dynamic websites. If you’ve built websites using plain HTML, you realize the limitations of this approach. Static content from a pure HTML website is just that—static. It stays the same unless you physically update it. Your users can’t interact with the site in any meaningful fashion.
Using a language such as PHP and a database such as MySQL allows you to make your sites dynamic: to have them be customizable and contain real-time information.
We have deliberately focused this book on real-world applications, even in the introductory chapters. We begin by looking at a simple online ordering system and work our way through the various parts of PHP and MySQL.
We then discuss aspects of electronic commerce and security as they relate to building a real-world website and show you how to implement these aspects in PHP and MySQL.
In the final part of this book, we describe how to approach real-world projects and take you through the design, planning, and building of the following projects:
User authentication and personalization
Shopping carts
Web-based email
Mailing list managers
Web forums
PDF document generation
Web services with XML and SOAP
Web 2.0 application with Ajax
You should be able to use any of these projects as is, or you can modify them to suit your needs. We chose them because we believe they represent some the most common web-based applications built by programmers. If your needs are different, this book should help you along the way to achieving your goals.
PHP is a server-side scripting language designed specifically for the Web. Within an HTML page, you can embed PHP code that will be executed each time the page is visited. Your PHP code is interpreted at the web server and generates HTML or other output that the visitor will see.
PHP was conceived in 1994 and was originally the work of one man, Rasmus Lerdorf. It was adopted by other talented people and has gone through four major rewrites to bring us the broad, mature product we see today. As of November 2007, it was installed on more than 21 million domains worldwide, and this number is growing rapidly. You can see the current number at http://www.php.net/usage.php.
PHP is an Open Source project, which means you have access to the source code and can use, alter, and redistribute it all without charge.
PHP originally stood for Personal Home Page but was changed in line with the GNU recursive naming convention (GNU = Gnu’s Not Unix) and now stands for PHP Hypertext Preprocessor.
The current major version of PHP is 5. This version saw a complete rewrite of the underlying Zend engine and some major improvements to the language.
The home page for PHP is available at http://www.php.net.
The home page for Zend Technologies is http://www.zend.com.
MySQL (pronounced My-Ess-Que-Ell) is a very fast, robust, relational database management system (RDBMS). A database enables you to efficiently store, search, sort, and retrieve data. The MySQL server controls access to your data to ensure that multiple users can work with it concurrently, to provide fast access to it, and to ensure that only authorized users can obtain access. Hence, MySQL is a multiuser, multithreaded server. It uses Structured Query Language (SQL), the standard database query language. MySQL has been publicly available since 1996 but has a development history going back to 1979. It is the world’s most popular open source database and has won the Linux Journal Readers’ Choice Award on a number of occasions.
MySQL is available under a dual licensing scheme. You can use it under an open source license (the GPL) free as long as you are willing to meet the terms of that license. If you want to distribute a non-GPL application including MySQL, you can buy a commercial license instead.
When setting out to build a website, you could use many different products.
You need to choose the following:
Hardware for the web server
An operating system
Web server software
A database management system
A programming or scripting language
Some of these choices are dependent on the others. For example, not all operating systems run on all hardware, not all web servers support all programming languages, and so on.
In this book, we do not pay much attention to hardware, operating systems, or web server software. We don’t need to. One of the best features of both PHP and MySQL is that they work with any major operating system and many of the minor ones.
The majority of PHP code can be written to be portable between operating systems and web servers. There are some PHP functions that specifically relate to the filesystem that are operating system dependent, but these are clearly marked as such in the manual and in this book.
Whatever hardware, operating system, and web server you choose, we believe you should seriously consider using PHP and MySQL.
Some of PHP’s main competitors are Perl, Microsoft ASP.NET, Ruby (on Rails or otherwise), JavaServer Pages (JSP), and ColdFusion.
In comparison to these products, PHP has many strengths, including the following:
Performance
Scalability
Interfaces to many different database systems
Built-in libraries for many common web tasks
Low cost
Ease of learning and use
Strong object-oriented support
Portability
Flexibility of development approach
Availability of source code
Availability of support and documentation
A more detailed discussion of these strengths follows.
PHP is very fast. Using a single inexpensive server, you can serve millions of hits per day. Benchmarks published by Zend Technologies (http://www.zend.com) show PHP outperforming its competition.
PHP has what Rasmus Lerdorf frequently refers to as a “shared-nothing” architecture. This means that you can effectively and cheaply implement horizontal scaling with large numbers of commodity servers.
PHP has native connections available to many database systems. In addition to MySQL, you can directly connect to PostgreSQL, Oracle, dbm, FilePro, DB2, Hyperwave, Informix, InterBase, and Sybase databases, among others. PHP 5 also has a built-in SQL interface to a flat file, called SQLite.
Using the Open Database Connectivity Standard (ODBC), you can connect to any database that provides an ODBC driver. This includes Microsoft products and many others.
In addition to native libraries, PHP comes with a database access abstraction layer called PHP Database Objects (PDO), which allows consistent access and promotes secure coding practices.
Because PHP was designed for use on the Web, it has many built-in functions for performing many useful web-related tasks. You can generate images on the fly, connect to web services and other network services, parse XML, send email, work with cookies, and generate PDF documents, all with just a few lines of code.
PHP is free. You can download the latest version at any time from http://www.php.net for no charge.
The syntax of PHP is based on other programming languages, primarily C and Perl. If you already know C or Perl, or a C-like language such as C++ or Java, you will be productive using PHP almost immediately.
PHP version 5 has well-designed object-oriented features. If you learned to program in Java or C++, you will find the features (and generally the syntax) that you expect, such as inheritance, private and protected attributes and methods, abstract classes and methods, interfaces, constructors, and destructors. You will even find some less common features such as iterators. Some of this functionality was available in PHP versions 3 and 4, but the object-oriented support in version 5 is much more complete.
PHP is available for many different operating systems. You can write PHP code on free Unix-like operating systems such as Linux and FreeBSD, commercial Unix versions such as Solaris and IRIX, OS X, or on different versions of Microsoft Windows.
Well-written code will usually work without modification on a different system running PHP.
PHP allows you to implement simple tasks simply, and equally easily adapts to implementing large applications using a framework based on design patterns such as Model–View–Controller (MVC).
You have access to PHP’s source code. With PHP, unlike commercial, closed-source products, if you want to modify something or add to the language, you are free to do so.
You do not need to wait for the manufacturer to release patches. You also don’t need to worry about the manufacturer going out of business or deciding to stop supporting a product.
Zend Technologies (www.zend.com), the company behind the engine that powers PHP, funds its PHP development by offering support and related software on a commercial basis.
The PHP documentation and community are mature and rich resources with a wealth of information to share.
You may have recently moved to PHP 5 from one of the PHP 4.x versions. As you would expect in a new major version, it has some significant changes. The Zend engine beneath PHP has been rewritten for this version. Major new features are as follows:
Better object-oriented support built around a completely new object model (see Chapter 6, “Object-Oriented PHP”)
Exceptions for scalable, maintainable error handling (see Chapter 7, “Error and Exception Handling”)
SimpleXML for easy handling of XML data (see Chapter 33, “Connecting to Web Services with XML and SOAP”)
Other changes include moving some extensions out of the default PHP install and into the PECL library, improving streams support, and adding SQLite.
At the time of writing, PHP 5.2 was the current version, with PHP 5.3 on the near horizon. PHP 5.2 added a number of useful features including:
The new input filtering extension for security purposes
JSON extension for better JavaScript interoperability
File upload progress tracking
Better date and time handling
Many upgraded client libraries, performance improvements (including better memory management in the Zend Engine), and bug fixes
You may have heard about a new major release of PHP, called PHP 6. At the time of this writing, PHP 6 is not in the release candidate stage, and hosting providers won’t be installing it for mass use for quite some time. However, some of the key features planned in PHP 6 have been back-ported to PHP 5.3, which is a minor version release and closer to passing acceptance testing and thus installation by hosting providers (of course, if you are your own server’s administrator, you can install any version you like).
Some of the new features in PHP 5.3 are listed below; additional information also appears throughout this book as appropriate:
The addition of namespaces; for more information see http://www.php.net/language.namespaces
The addition of the intl
extension for application internationalization; for more information see http://www.php.net/manual/en/intro.intl.php
The addition of the phar
extension for creating self-contained PHP application archives; for more information see http://www.php.net/book.phar
The addition of the fileinfo
extension for enhanced ability to work with files; for more information see http://www.php.net/manual/en/book.fileinfo.php
The addition of the sqlite3
extension for working with the SQLite Embeddable SQL Database Engine; for more information see http://www.php.net/manual/en/class.sqlite3.php
The inclusion of support for the MySQLnd driver, a replacement for libmysql; for more information see http://forge.mysql.com/wiki/PHP_MYSQLND
While the list above contains some of the highly-touted features of PHP 5.3, the release also includes a significant number of bug fixes and maintenance performed on existing functionality, such as:
Removing support for any version of Windows older than Windows 2000 (such as Windows 98 and NT4)
Ensuring the PCRE, Reflection, and SPL extensions are always enabled
Adding a few date and time functions for ease of date calculation and manipulation
Improving the crypt()
, hash()
, and md5()
functionality, as well as improving the OpenSSL extension
Improving php.ini administration and handling, including better error reporting
Continuing to fine-tune the Zend engine for better PHP runtime speed and memory usage
MySQLs main competitors are PostgreSQL, Microsoft SQL Server, and Oracle.
MySQL has many strengths, including the following:
High performance
Low cost
Ease of configuration and learning
Portability
Availability of source code
Availability of support
A more detailed discussion of these strengths follows.
MySQL is undeniably fast. You can see the developers’ benchmark page at http://web.mysql.com/whymysql/benchmarks. Many of these benchmarks show MySQL to be orders of magnitude faster than the competition. In 2002, eWeek published a benchmark comparing five databases powering a web application. The best result was a tie between MySQL and the much more expensive Oracle.
MySQL is available at no cost under an open source license or at low cost under a commercial license. You need a license if you want to redistribute MySQL as part of an application and do not want to license your application under an Open Source license. If you do not intend to distribute your application—typical for most web applications, or are working on free or open source Software, you do not need to buy a license.
Most modern databases use SQL. If you have used another RDBMS, you should have no trouble adapting to this one. MySQL is also easier to set up than many similar products.
MySQL can be used on many different Unix systems as well as under Microsoft Windows.
As with PHP, you can obtain and modify the source code for MySQL. This point is not important to most users most of the time, but it provides you with excellent peace of mind, ensuring future continuity and giving you options in an emergency.
Not all open source products have a parent company offering support, training, consulting, and certification, but you can get all of these benefits from MySQL AB (www.mysql.com).
Major changes introduced for MySQL 5 include
Views
Stored procedures (see Chapter 13, “Advanced MySQL Programming”)
Basic trigger support
Cursor support
Other changes include more ANSI standard compliance and speed improvements.
If you are still using an early 4.x version or a 3.x version of the MySQL server, you should know that the following features were added to various versions from 4.0:
Subquery support
GIS types for storing geographical data
Improved support for internationalization
The transaction-safe storage engine InnoDB included as standard
The MySQL query cache, which greatly improves the speed of repetitive queries as often run by web applications
This book was written using MySQL 5.1 (Beta Community Edition). This version also added support for
Partitioning
Row based replication
Event scheduling
Logging to tables
Improvements to MySQL Cluster, information schema, backup processes, and many bug fixes
This book is divided into five main parts:
Part I, “Using PHP,” provides an overview of the main parts of the PHP language with examples. Each example is a real-world example used in building an e-commerce site rather than “toy” code. We kick off this section with Chapter 1, “PHP Crash Course.” If you’ve already used PHP, you can whiz through this chapter. If you are new to PHP or new to programming, you might want to spend a little more time on it. Even if you are quite familiar with PHP but you are new to PHP 5, you will want to read Chapter 6, “Object-Oriented PHP,” because the object-oriented functionality has changed significantly.
Part II, “Using MySQL,” discusses the concepts and design involved in using relational database systems such as MySQL, using SQL, connecting your MySQL database to the world with PHP, and advanced MySQL topics, such as security and optimization.
Part III, “E-commerce and Security,” covers some of the general issues involved in developing a website using any language. The most important of these issues is security. We then discuss how you can use PHP and MySQL to authenticate your users and securely gather, transmit, and store data.
Part IV, “Advanced PHP Techniques,” offers detailed coverage of some of the major built-in functions in PHP. We have selected groups of functions that are likely to be useful when building a website. You will learn about interaction with the server, interaction with the network, image generation, date and time manipulation, and session variables.
Part V, “Building Practical PHP and MySQL Projects,” is our favorite section. It deals with practical real-world issues such as managing large projects and debugging, and provides sample projects that demonstrate the power and versatility of PHP and MySQL.
We hope you enjoy this book and enjoy learning about PHP and MySQL as much as we did when we first began using these products. They are really a pleasure to use. Soon, you’ll be able to join the many thousands of web developers who use these robust, powerful tools to easily build dynamic, real-time websites.