PHP and MySQL Web Development

PHPee writes ""Learn the concepts and build the applications..." - PHP and MySQL Web Development is a well-written web developer's guide to using these open source products to create dynamic websites quickly and easily. This book covers everything you need to design, build and debug your own website from the ground up. Special attention is paid real-world issues, like database normalization and site security. Overall, a great reference for beginner and more advanced programmers alike." Read on for the rest of his review. PHP and MySQL Web Development author Luke Welling & Laura Thomson pages 896 publisher Sams rating 9/10 reviewer PHPee ISBN 0672317842 summary From hello world to e-commerce in under 900 pages...

The authors of the book (Luke Welling and Laura Thomson) do a great job of introducing new programmers to the world of PHP and MySQL. The book is divided into five sections which take the beginner programmer through many lessons in solid, secure web programming.

Part One Starting with the "PHP Crash Course," the reader quickly learns the syntax and language constructs of PHP. The following five chapters focus on topics such as arrays, string manipulation, writing functions and object-oriented PHP. This provides a solid foundation in PHP before moving on to the intricacies of MySQL. This section is very hands-on, using realistic examples, which could be expanded upon as skills progress.

Part Two The following section focuses on MySQL, starting by explaining the advantages of a relational database vs. a flat file storage system. The book assumes no knowledge of databases, explaining simple terms such as tables, columns, rows, etc. It then progresses on to the fun stuff, like designing databases for the web and normalization.

Particular attention is placed on MySQL's privilege system, including proper use of the GRANT/REVOKE commands to give/take away rights for database users. This section is quite detailed and offers a lot more information than I expected. The various column types and associated keywords are also examined in great detail, providing the reader with a solid understanding of MySQL's main features.

Part Three Part Three of the book examines the issues associated with running an e-commerce site. This section is nicely done, looking at common mistakes and how to avoid them. These include things like server security, data backups, keeping detailed logs and dealing with other threats, such as crackers, denial of service attacks and destruction of data. Authentication methods and encryption schemes are also thoroughly covered.

Part Four This section of the book expands on part one, delving into some more advanced PHP techniques, such as interacting with the file system, using network and protocol functions and generating images on the fly with the gd library.

This section also looks at PHP's powerful session functions, including using sessions with authentication and the use of cookies.

Part Five This is by far the most exciting section of the book. Here the reader is presented with seven real-world examples that utilize most of the issues presented throughout the book. These practical projects are presented in an easy to follow manner. The basic problem is presented, and then a solution is proposed. The authors take you from start to finish, outlining the database design, necessary files and functions and show you how to tie it all together. They are also very good at pointing out possible enhancements or alterations, hopefully inspiring the reader to develop their skills and create something beyond the scope of the book.

The seven projects are as follows:

• User authentication and personalization
• Shopping cart
• Content management system
• Web-based email service
• Mailing list manager
• Web forums
• Generating personalized documents in PDF format

Each of the projects has a real-life application, and can easily be modified to fit the needs of almost any website. The shopping cart application is quite complete, and could serve as a basic cart as-is. The web-based email service incorporates the IMAP and POP3 protocols in an easy to understand manner. And the web forums project discusses the complexity involved in creating a threaded discussion board. It even refers to slashdot as a "fantastic example of a popular website that uses discussion boards" :)

Other info: There are a few minor typos and errors in the book, but nothing to get angry at the authors about. Most of them are quite negligible, but may still create some frustration for beginners. (For example, they make reference to a function isempty(), which does not exist in PHP. The real function is simply named empty()...) Small errors like this may create some confusion, but the errata listed on the author's website are quite helpful, yet not all-inclusive.

The appendices do a good job of showing you how to install apache, PHP and MySQL to get up and running under both Linux and Windows. The book also comes with a CD that contains a PDF version of the entire text, all code examples, and copies of PHP and MySQL so you can set up your own development environment at home.

Overall The book is targeted toward intermediate to advanced programmers, but I'd suspect it would be more useful to the beginner to intermediate group. However, the book is organized in a way that accommodates beginners and more advanced users. If you have previous programming experience, you can probably skip some of the early chapters and jump straight into the larger projects. It's a handy reference book, nonetheless. This book covers almost everything you need to know to learn how to use PHP and MySQL to create dynamic, database-driven websites in no time at all. It does an excellent job presenting some real life projects, and the emphasis on security and clean code is consistent throughout the entire book.

You can purchase PHP and MySQL Web Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

online user comments on

[stonebeat.org]

mysql.com and php.net are the best reference you can ever get.

Re:online user comments on

the php comments are not moderated/proofread *every day*, but they are proofread periodically. take a look at them. you'll see things like *Editor's note: although this will work, it's not because of why you think it will* or whatever

Excellent Book

[lpret]

I have always been an O'Reilly kind of guy, but I picked this book up and was very impressed. I'm probably catagorised as an intermediate programmer, and I found it intuitive and easy to pick up. Also, the book assumed you had some grasps of the concepts which kept it from being redundant and boring. A very good book if PHP is your second or third language.

Old News

This book has been out for a couple of years now. Don't know why this needs to be posted.

www.php.net

To be honest I'm not sure you really need a book to learn PHP or MYSQL, both of these have excellent websites which cover their respective topics extremely well.

I have bought a few PHP books, the wrong ones I think, and none of them have come close to being as informative or as useful as the website.

The other thing with PHP is that there are now so many free projects using PHP it is often a lot better to look at they are coded, I think you gain a lot more pratical knowledge this way than you could glean from any book no matter how exhaustive.

I am of course speaking from the perspective of someone who was familiar with programming and scripting before I came to use PHP but maybe it is better to get a book or learn programming theory before you come to apply it to a language. Although languages are different once you know what you want to do you can usually apply your general knowledge to the language without too much trouble and in the process I think gain new persepectives on what is a right or a wrong way to do something.

It needs updating

[Ian.Waring]

I agree that the book is a good one (and I built my site after reading it). However, it reflects life at the dawn of PHP 4.0, and several things (particularly on PHP now shutting off globals by default, and changes on session control) now lead the user into some frustrating debugging sessions under 4.2.x onwards. At least until the PHP newsgroups and some of the more modern PHP books come to the rescue. I'd add "PHP Cookbook" (O'Reilly), "PHP Developers Cookbook" (SAMS) and "Web Database Applications with PHP and MySQL" (O'Reilly) alongside this book as good supplements to the more dated Welling/Thomson work. At least until they update it...

Re:It needs updating

[skribble]

I posted this here as a seperate post, but the Second Edition of this book (PHP and MySQL Web Development) will be showing up in bookstores around mid-February.

The 2nd edition has been updated to include PHP stuff that was unavailable or unclear in the first edition (register_globals, PEAR, XML, ...)

Re:Not ready for prime time

[u-235-sentinel]

mySQL not ready for prime time?

Have you checked Yahoo's financial news lately? They are running mySQL for their backend. Sounds like they are pretty happy with it. Oh, and it runs 24x7 also :D

I believe there was a slashdot article last month which mentioned this also. Very impressive.

Re:The Superiority of PHP over Perl

So close, yet so far.

You got a bit too blatant in saying what perl can't do. Any newbie could have seen it was a troll after the Data Structures section.

Good try, but you need to be a bit more subtle -- bash perl for being obscure and hard to read (write-once, etc), not saying it can't do something that even grandma knows it can (i.e. data structures).

I look forward to v1.1, good man!

Read it on Safari without buying the paper version

[linuxbaby]

O'Reilly has a great service called Safari where you can read the entire book, searchable and everything, on their website.

Very handy for cut-and-pasting long chunks of code without having to retype it while reading the page.

Here's the link to read PHP and MySQL Web Development as reviewed here.

details details details...

[sunryder]

I used this book as a secondary reference for a Database course a couple of years ago, and then later for a reference on developing an online MessageBoard using PHP.

The book is pretty good, but tends to gloss over some of the more technical issues of PHP. In addition, the book tries to cover so much that there are a few parts that are missing some of the more complex details. For example, the section on PHP Session Management was a little too brief for my liking, and ended up being supplemented with material from http://www.php.net

These were are fairly minor issues and the only really *serious* issue I had with the book was the section on MySQL installation. It made the installation look so simple and straightforward, when in fact it was not. I attempted installing MySQL on several different boxes under both Mandrake and Redhat. In the end, the MySQL server was installed on a secondary machine under FreeBSD, where it installed without a hitch.

next book review: Orwell's 1984

[dubiousmike]

PHP and MySQL Web Development

Luke Welling, Laura Thomson

Paperback, March 2001

How long does a book need to be out before it gets reviewed? Is it still viable after almost 2 years?

Re:Great!

I've not heard of PHP being slow before. I've been using it for 3.5 years and I've been very impressed by it's speed.

Gee, let's bitch about a free, lighting fast database that gives 95% of users what the need, but charges for a small, specialized add-on.

As for a debugger - how many PHP developers have a need for a debugger? There are some, you say? I agree, and for those folks they're hopefully using a decent templating engine like Smarty which includes a very slick debugging window.

PhP and database security papers

www.cgisecurity.com/lib

It Worked Great For Me

[Dr.+Wu]

And I've been programming since the Pet/Apple ][/Atari days.

I wanted to make some changes to my website last year to take advantage of a MySQL database. While the O'Reilly Reference at the time got the database configured fine, it was more of an issue of getting the database tied into the website.

I picked up this book and within four hours it was up and running, and coded near-perfectly on the first run (there were some minor tweaks that need to be made for format).

While I agree that there are some great resources for PHP and MYSQL on the web, it doesn't exactly lend itself to armchair (or bathroom) reading. The other problem with the web is that I've found it hard to find step-by-step tutorials, versus code that focuses on a specific command or feature. Once you're familiar with a language, those resources are excellent. But when you're just starting to dabble, it's good to have a reference that takes you step-by-step through the process (even if you end up only skimming 75% of it).

I think the best testimony I can give for this book, is that after using it to get my site up, I lent it to one of the web programmers at the office (and let's just say that my company is a well-recognized name in the computer industry).

I haven't seen the book for six months.

Dr. Wu

Two Things

[ziriyab]

1. Amazon has it cheaper than BN by $5.00. And they have free shipping (vs. $4.00 min for BN)
2. The second edition of the same book is coming in about 3 weeks (Feb 13), so you may want to wait for that.

Re:Target market

[Brandon+T.]

Take a look at "Web Application Development with PHP 4.0", by Ratschiller and Gerken. This book is primarily intended for advanced php programmers and contains topics on advanced topics such as bitwise operations for storing values in databases and writing your own database-driven session handlers to replace php's.

Brandon

Re:Not ready for prime time

[delta407]

MySQL is not stable enough for a real 24x7 web service.

Yahoo disagrees.

Re:why php vs. perl?

[jeremyacole]

I think you are missing something. How about:

$array = split(":", $blah);

or even

$array = preg_split('/:/', $blah);

The confusion is only that PHP uses $ for arrays as well as scalars. I.e., you don't have to use list() and name a bunch of variables on the left hand side.

Re:Different publisher.

[skribble]

Safari is a cooperative venture between O'Reilly and Pearson (which includes Sams). Safari really isn't O'Reilly's alone (though they do seem to do a better job of advertising it), and this book is available there.

Important: New Edition of This book...

[skribble]

FYI a new Edition of this book which has been updated to include PEAR stuff, XML stuff, and various minor fixes will be in a book store near you around mid-February.

Re:Does PHP need a good debugger?

[delta407]

Really, I've been playing around with PHP for months now, playing around with string functions, loops, databases, recursion, and the like and I've never need any debugging tool more advanced from echo.

Really? I've been writing a real-world application in PHP. I have created a device-independent output layer capable of writing XHTML, PDF, WML, and more with no extra coding, a flexible authentication system, a database-independent backend (far more nifty than it sounds), a module system that allows exporting individual pieces of functionality (including dependencies), a navigation system that's fully integrated with permissions, and lots of other things that come together to make a web application. Plus, I've written enough UI code to let a private high school do all of their functions (attendance, grading, transcripts, scheduling), and print all the reports they need (honor rolls, transcripts, attendance summaries, etc.). Total, this project has taken me seven months so far using my spare time, and I have written over 18,000 lines of PHP in this one application.

Guess what I use for debugging? I wrote a special error handler. Whenever an error occurs (except not parse errors), the error handler displays the snippet of code that it happened in -- complete with line numbers, syntax highlighting, and mouse-overs on the local variables that show their contents -- inside of a little box that I can open and close with a click. Plus, I can invoke this whenever I need, via the trigger_error() function.

Guess what made me write that error handler? echo ""` wasn't enough. When dealing with larger applications, you need to be able to look at what conditions prompted a failure, and a "print" is less than helpful. Honestly, even a dump of the offending code with the appropriate values inlaid isn't always enough; I would really like a backtrace, but I have to wait for PHP5.

<plug> If you want to develop something with my framework, hop on over to the website, grab it out of CVS, join the mailing list, and we'll be in touch. </plug>

Re:Why PHP rather than Perl?

[b17bmbr]

rather than the pissing match about perl has this, php that, first, see my earlier post about why php vs. perl

it's like this. a php page is simply a .html with a .php extension. if you never added on line of php code, and simply changed every .html link to .php, you'd not notice a thing. however, and i'm hardly some php guru, but you can do things like this: (forget all the DB suff, 'cause i do this with the homework pages for my school's website)

yo have a file, let's call it homework.hw ( a simple text file). i want to put the data on the page. now if i use perl, i have to call a cgi, and have a bunch of prints and maybe a bunch of heredocs, etc. then i have to basically do: open FILE, "homework.hw";while<FILE>;print; okay fine. but, in .php file, which is simply the exact same .html file, i simply use: <?php include "homework.hw";?> and viola. and of course, i use a perl/cgi form to create the homework.hw file. now, you can also create a link to the .php like this:

a href=index.php?teacher=smith

anf then the php looks like this:

<?php
include "$_GET[teahcer].hw";
?>

bottom line, use what your comfortable with. they are not competing. it's just taht php has some really useful aspects. not to satrt a flame war, but think of it as php->client-side, perl->server-side.

as i'm in the process of overhauling our school's site, what i like about it is the plugable nature of it. i create a series of modules, and include the in or not. also call them from GET or not. for instance:

to include a poll, simply do

<?php
if($_GET[poll]=="yes"){include "poll.php";}
?>

and the link looks like this:

a href="index.php?poll=yes&.......

so, my template is actually a single table, with 3 columns. anyways, it is a powerful tool.

Re:Postgres?

[axxackall]

As usually let's use s/my/pg/g :)

Seriously, have you tried PHPpgAdmin?

Features include:

• create and drop databases
• create, copy, drop and alter tables/views/sequences/functions/indicies/triggers
• edit and add fields (to the extent Postgres allows)
• execute any SQL-statement, even batch-queries
• manage primary and unique keys
• create and read dumps of tables
• administer one single database
• administer multiple servers
• administer postgres users and groups

Requirements: PHP 3.x+ (4+ suggested), PostgreSQL 7+, PHP enabled web server, Web Browser that supports frames and Javascript.

Re:Some wrong fundamental facts

[axxackall]

Transaction management is not necessarily a prerequisite for "database" (DBMS). There is no cononical definition of "database" (DBMS).

Dr. E.F. Codd, a then IBM researcher, gave us both a canonical definition of RDBMS and rules explaining why transactional management is essential. Read it here.

Citing from the link, Rule 5: Comprehensive Data Sublanguage Rule: The database must support at least one clearly defined language that includes functionality for data definition, data manipulation, data integrity, and database transaction control. All commercial relational databases use forms of the standard SQL (Structured Query Language) as their supported comprehensive language.

MySQL is failed to be RDBMS. It still helps to manage data, somehow. But the way it pretends to be RDBMS is confusing many uneducated users and thus MySQL should be considered as a very bad phenomena in software industry.