Chapter 1
In This Chapter
Understanding databases, tables, records, and fields
Introducing the relational data model
Introducing a three-tier model
Understanding MySQL data types
Getting started with MySQL and phpMyAdmin
Adding a password to your MySQL root account
Creating new MySQL users
Designing a simple table
Adding data to the table
Most programs and websites are really about data. Data drives the Internet, so you really need to understand how data works and how to manage it well if you want to build high-powered, modern websites.
The trend in web development is to have a bunch of specialized languages that work together. HTML describes page content, CSS manages visual layout, JavaScript adds client-side interactivity, and PHP adds server-side capabilities. You're probably not surprised when I tell you that yet another language, SQL (Structured Query Language), specializes in working with data.
In this minibook, you discover how to manage data. Specifically, you find out how to create databases, add data, create queries to retrieve data, and create complex data models to solve real-world problems. In this chapter, I show you some tools that automate the process of creating a data structure and adding data to it. In later chapters in this minibook, I show how to control the process directly through SQL and PHP code.
Data has been an important part of programming since computing began. Many languages have special features for working with data, but through the years, a few key ideas have evolved. A system called relational data modeling has become the primary method for data management, and a standard language for this model, called SQL (Structured Query Language), has been developed.
SQL has two major components:
The easiest way to understand data is to simply look at some. The following table contains some basic contact information:
Name |
Company |
|
Bill Gates |
Microsoft | |
Steve Jobs |
Apple | |
Linus Torvalds |
Linux Foundation | |
Andy Harris |
John Wiley & Sons |
Note: All these e-mail addresses are completely made up (except mine). Bill Gates hasn't given me his actual e-mail address. He doesn't answer my calls, either . . . (sniff).
It's very common to think of data in the form of tables. In fact, the fancy official database programmer name for this structure is table. A table (in database terms) is just a two-dimensional representation of data. Of course, some fancy computer-science words describe what's in a table:
If you want to create a database, you need to think about what entity you're describing and what fields that entity contains. In the table in the preceding section, I'm describing e-mail contacts. Each contact requires three pieces of information:
Whenever you define a record, begin by thinking about what the table represents and then think of the details associated with that entity. The topic of the table (the kind of thing the table represents) is the record. The fields are the details of that record.
Each record contains a number of fields, which are much like variables in ordinary languages. Unlike scripting languages, such as JavaScript and PHP (which tend to be freewheeling about data types), databases are particular about the type of data that goes in a record.
Table 1-1 illustrates several key data types in MySQL (the variant of SQL used in this book).
Table 1-1 MySQL Data Types
Data Type |
Description |
Notes |
INT (INTEGER) |
Positive or negative integer (no decimal point) |
Ranges from about –2 billion to 2 billion. Use BIGINT for larger integers. |
DOUBLE |
Double-precision floating point |
Holds decimal numbers in scientific notation. Use for extremely large or extremely small values. |
DATE |
Date stored in YYYY-MM-DD format |
Can be displayed in various formats. |
TIME |
Time stored in HH:MM:SS format |
Can be displayed in various formats. |
CHAR(length) |
Fixed-length text |
Always same length. Shorter text is padded with spaces. Longer text is truncated. |
VARCHAR(length) |
Variable-length text |
Still fixed length, but trailing spaces are trimmed. Limit 256 characters. |
TEXT |
Longer text |
Up to 64,000 (roughly) characters. Use LONGTEXT for more space. |
BLOB |
Binary data |
Up to 64K of binary data. Use LONGBLOB for more space. |
Data types are especially important when you're defining a database. Relational databases have an important structural rule: Each record in a table must take up the same amount of memory. This rule seems arbitrary, but it's actually very useful.
Imagine that you're looking up somebody's name in a phone book, but you're required to go one entry at a time. If you're looking for Aaron Adams, things will be pretty good, but what if you're looking for Zebulon Zoom? This sequential search would be really slow because you'd have to go all the way through the phone book to find Zebulon. Even knowing that Zeb was in record number 5,379 wouldn't help much because you don't know exactly when one record ends and another begins.
Relational databases solve this problem by forcing each record to be the same length. Just for the sake of argument, imagine that every record takes exactly 100 bytes. You would then be able to figure out where each record is on the disk by multiplying the length of each record by the desired record's index. (Record 0 would be at byte 0, record 1 is at 100, record 342 is at 34200, and so on.) This mechanism allows the computer to keep track of where all the records are and jump immediately to a specific record, even if hundreds or thousands of records are in the system.
The length of the record is important because the data types of a record's fields determine its size. Numeric data (integers and floating-point values) have a fixed size in the computer's memory. Strings (as used in other programming languages) typically have dynamic length. That is, the amount of memory used depends on the length of the text. In a database application, you rarely have dynamic length text. Instead, you generally determine the number of characters for each text field.
When you turn the contact data into an actual database, you generally add one more important field. Each table should have one field that acts as a primary key. A primary key is a special field that's
Primary key fields are often (though not always) integers because you can easily build a system for generating a new unique value. (Find the largest key in the current database and add one.)
In this book, each table has a primary key. They are usually numeric and are usually the first field in a record definition. I also end each key field with the letters ID to help me remember it's a primary key.
Primary keys are useful because they allow the database system to keep a Table of Contents for quick access to the table. When you build multitable data structures, you can see how you can use keys to link tables together.
When you want to build a table, you begin with a definition of the structure of the table. What are the field names? What is each field's type? If it's text, how many characters will you specify?
The definition for the e-mail contacts table may look like this:
Field Name |
Type |
Length (Bytes) |
ContactID |
INTEGER |
11 |
Name |
VARCHAR |
50 |
Company |
VARCHAR |
30 |
|
VARCHAR |
50 |
Look over the table definition, and you'll notice some important ideas:
The difference between CHAR and VARCHAR is what happens to shorter words. When you return the value of a CHAR field, all the padding spaces are included. A VARCHAR automatically lops off any trailing spaces.
Programs that work with SQL are usually called relational database management systems (RDBMS). A number of popular RDBMSs are available:
The great news is that almost all of these databases work in the same general way. They all read fairly similar dialects of the SQL language. No matter which database you choose, the basic operation is roughly the same.
This book focuses on MySQL because this program is
Modern web programming often uses what's called the three-tiered architecture, as shown in Table 1-2.
The user talks to the system through a web browser, which manages HTML code. CSS and JavaScript may also be at the user tier, but everything is handled through the browser. The user then makes a request of the server, which is sometimes passed through a server-side language like PHP. This program then receives a request and processes it, returning HTML back to the client. Many requests involve data, which brings the third (data) tier into play. The web server can package up a request to the data server through SQL. The data server manages the data and prepares a response to the web server, which then makes HTML output back for the user.
Figure 1-1 provides an overview of the three-tier system.
MySQL is a server, so it must be installed on a computer in order to work. To practice with MySQL, you have a few options:
By far the most common way to interact with MySQL is through phpMyAdmin. If you've installed XAMPP, you already have phpMyAdmin. Here's how you use it to get to MySQL:
You also need Apache running (because XAMPP runs through the server). You don't need to run MySQL or Apache as a service, but you must have them both running. (Turn on both programs by clicking the start button next to the name of the program.)
If you used the default installation, you can just point your browser to http://localhost/xampp. It should look like Figure 1-3.
Don't just go through the regular file system to find the XAMPP directory. You must use the localhost mechanism so that the PHP code in phpMyAdmin is activated.
The phpMyAdmin page looks like Figure 1-4.
Type the name for your database in the indicated text field. I call my database haio. (HTML All in One — get it?)
MySQL is a powerful system, which means it can cause a lot of damage in the wrong hands. Unfortunately, the default installation of MySQL has a security loophole you could drive an aircraft carrier through. The default user is called root and has no password whatsoever. Although you don't have to worry about any pesky passwords, the KGB can also get to your data without passwords.
Believe me, the bad guys know that root is the most powerful account on MySQL and that it has no password by default. They're glad to use that information to do you harm (or worse, to do harm in your name). Obviously, giving the root account a password is a very good idea. Fortunately, it's not difficult to do:
The main screen looks like Figure 1-5. Your copy might have a scary warning of gloom at the bottom. You're about to fix that problem.
The privileges tab along the top gives you access to change user privileges. The new screen looks something like Figure 1-6.
Chances are good that you have only one user, called root (and maybe another called pma which is the phpMyAdmin user). The root account's Password field says No. You'll be adding a password to the root user. The icon at the right allows you to edit this record. (Hover your mouse over the small icon to see ToolTips if you can't find it.) The edit screen looks like Figure 1-7.
Even if you don't know what all these things are, root can clearly do lots of things, and you shouldn't let this power go unchecked. (Consult any James Bond movie for more information on what happens with unfettered power.) You're still going to let root do all these things, but you're going to set a password so that only you can be root on this system. Scroll down a bit on the page until you see the segment that looks like Figure 1-8.
Simply enter the password in the Password box, and then reenter it in the next box. Be sure that you type the same password twice. Follow all your typical password rules (six or more characters long, no spaces, case-sensitive).
If all went well, the password changes.
Try to go back to the phpMyAdmin home (with the little house icon), and something awful happens, as shown in Figure 1-9.
Don't panic about the error in Figure 1-9. Believe it or not, this error is good. Up to now, phpMyAdmin was logging into your database as root without a password (just like the baddies were going to do). Now, phpMyAdmin is trying to do the same thing (log in as root without a password), but it can't because now root has a password.
What you have to do is tell phpMyAdmin that you just locked the door, and give it the key. (Well, the password, but I was enjoying my metaphor.)
You have to let phpMyAdmin know that you've changed the password. Look for a file in your phpMyAdmin directory called config.inc.php. (If you used the default XAMPP installation under Windows, the file is in C:Program FilesxamppphpMyAdminconfig.inc.php.)
Using the text editor's search function, I found it on line 70, but it may be someplace else in your editor. In Notepad++, it looks like Figure 1-10.
Enter your root password. For example, if your new password is myPassword, change the line so that it looks like
$cfg['Servers'][$i]['password'] = 'myPassword'; // MySQL password
Of course, myPassword is just an example. It's really a bad password. Put your actual password in its place.
Save the configuration file and return to phpMyAdmin. You may need to set the file's permissions to 644 if you're on a Mac or Linux machine.
This time, you don't get the error, and nobody is able to get into your database without your password. You shouldn't have to worry about this issue again, but whenever you connect to this database, you do need to supply the username and password.
Changing the root password is the absolute minimum security measure, but it's not the only one. You can add various virtual users to your system to protect it further.
You're able to log into your own copy of MySQL (and phpMyAdmin) as root because you're the root owner. (If not, then refer to the preceding section.) It's your database, so you should be allowed to do anything with it.
You probably don't want your programs logging in as root because that can allow malicious code to sneak into your system and do mischief. You're better off setting up a different user for each database and allowing that user access only to the tables within that database.
Fortunately, creating new users with phpMyAdmin isn't a difficult procedure:
If you're running XAMPP on your own server, you'll automatically log in as root.
Be sure to add a username and password. Typically, you use localhost as the host.
If you haven't already made a database for this project, you can do so automatically with the Create Database Automatically radio button.
Only the root user should have global privileges. You want this user to have the ability to work only within a specific database.
You see a new screen like Figure 1-12 (you need to scroll down a bit to see this part of the page).
Select the database in the drop-down list. This user (haio) will have access only to tables in the haio database. Note that you probably don't have many databases on your system when you start out.
You generally want your programs to do nearly everything within their own database so that you can apply almost all privileges (for now, anyway). I typically select all privileges except Grant, which lets the user allow access to other users. Figure 1-13 shows the Privileges page.
If you're working on some remote system with your service provider, the mechanism for managing and creating your databases may be a bit different. Each host has its own quirks, but they're all pretty similar. As an example, here's how I connect to the system on Freehostia at http://freehostia.com (where I post the example pages for this book):
You usually see some sort of control panel with the various tools you have as an administrator. These tools often look like Figure 1-14.
Not all free hosting services provide database access, but most do have free MySQL access. You usually can access some sort of tool for managing your databases. (You'll probably have a limited number of databases available on free servers, but more with commercial accounts.) Figure 1-15 shows the database administration tool in Free Hostia.
Sometimes, you can create the database within phpMyAdmin (as I did in the last section), but more often, you need to use a special tool like the one shown in Figure 1-15 to create your databases. Free Hostia imposes a couple of limits: The database name begins with the system username, and it can't be more than 16 characters long.
Don't freak out if your screen looks a little different than Figure 1-15. Different hosting companies have slightly different rules and systems, so things won't be just like this, but they'll probably be similar. If you get stuck, be sure to look at the hosting service's Help system. You can also contact the support system. They're usually glad to help, but they're (understandably) much more helpful if you've paid for the hosting service. Even the free hosting systems offer some online support, but if you're going to be serious, paying for online support is a good deal.
You probably need a password (and sometimes another username) for your databases to prevent unauthorized access to your data. Because the database is a different server than the web server, it has its own security system. On many hosting services, you must enter a password, and the system automatically creates a MySQL username with the same name as the database. Keep track of this information because you need it later when you write a program to work with this data.
After you've defined the database, you can usually use phpMyAdmin to manipulate the data. With Free Hostia, you can simply click a database name to log into phpMyAdmin as the administrator of that database. Figure 1-16 shows the new database in phpMyAdmin, ready for action.
When you've got a database, you can build a table. When you've defined a table, you can add data. When you've got data, you can look at it. Begin by building a table to handle the contact data described in the first section of this chapter, “Examining the Basic Structure of Data”:
The phpMyAdmin page should look something like Figure 1-17, with your database name available in the left column.
If the database is empty, an Add Table page, shown in Figure 1-18, appears.
Now that you have a database, add the contacts table to it. The contacts database has four fields, so type a 4 into the box and let ’er rip. A form like Figure 1-19 appears.
Type the field names into the grid to create the table. It should look like Figure 1-20.
In Figure 1-20, you can't see it, but you can select the index of contactID as a primary key. Be sure to add this indicator. Also set the collation of the entire table to ascii_general_ci.
phpMyAdmin automatically writes some SQL code for you and executes it. Figure 1-21 shows the code and the new table.
Now, the left panel indicates that you're in the xfd database, which has a table called Contact.
After you define a table, you can add data. Click Contact in the left column, and you see the screen for managing the contact table, as shown in Figure 1-22.
You can add data with the Insert tab, which gives a form like Figure 1-23, based on your table design.
After you add the record, choose Insert Another Row and click the Go button. Repeat until you've added all the contacts you want in your database.
After you add all the records you want to the database, you can use the Browse tab to see all the data in the table. Figure 1-24 shows my table after I added all my contacts to it and browsed.