PHP and MySQL Web Development, 2nd Edition

honestpuck writes with the short review below of Sams' PHP and MySQL Web Development, 2nd Edition, which he says is aimed at "someone who has programmed before needs to know about both PHP and MySQL," and a good book for the intended audience. Read on for his thoughts on the book. PHP and MySQL Web Development author Luke Welling & Laura Thomson pages 815 publisher Sams rating 9 reviewer Tony Williams ISBN 067232525X summary New edition to for an excellent guide to PHP and MySQL

There is a good review of the first edition of this book here on Slashdot. For this second edition, I would add that Welling and Thomson have updated extensively and improved slightly a book that may well be the classic text on the topic.

PHP and MySQL are probably the most pervasive add-ons to Apache web servers across the web. Certainly they are both easy to acquire and common on a large range of web hosting systems, including several extremely low-cost ones. They also fit together extremely well.

This book demonstrates just how well. It starts out with a quick course in PHP (OK, 160 pages is hardly quick but it seems to move along at a good pace), follows it up with a brief look at MySQL before a short digression on E-commerce leads into building authentication and secure systems with the two tools (a marvelous place to start when you're thinking about commercial-grade web systems).

Then, after some more on PHP, the final section covers some large projects, a shopping cart, email service, mailing list manager and web forums. The final chapter in this section is new for this edition and covers XML and SOAP.

The new edition has been updated extensively. All scripts work now perfectly in PHP 4.3

I like this book a great deal. Even after a fair amount of time with the previous edition I still find it useful. It is well structured for finding what you need, well written, and has few typos. (Though there are still some, including ones in code examples -- when will authors learn to work straight off running code into the manuscript and keep godforsaken editors away from it? Brian Kernighan managed it twenty-five years ago.)

This would not be the best book if you had little programming experience, nor would it be the best book if you had a fair amount of PHP experience.

You will want to have some program design experience and preferably some experience with database design as these are given short shrift. The book also lacks examples and discussion of some of the less database intensive parts of PHP and some of the more obscure tasks you may need to perform. It covers what someone who has programmed before needs to know about both PHP and MySQL while informing on methods of using both to build practical and sturdy web applications. If that sounds like the book you want then I heartily recommend this volume to you.

You can purchase PHP and MySQL Web Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

previous version was good

[joeldg]

The previous version was good.
I am sure we will be getting at least one copy of this for our office as some of the junior programmers use the books and we let them take them home.
me personally, I really only use php.net if I need to look up a function, but then I have been doing this for a long time and don't need to read about the how's and why's, just need the facts and what functions expect.
From my experience, seasoned php programmers usually have a browser open to php.net to look up functions and seldom have any PHP books.
again, however, for beginners this book series is good.

Re:backwards compat.

>>$_POST vs. $HTTP_POST_VARS.

Did you read the book?

They discuss this early on in the PHP section and give the pros/cons of each, and what version they are compatible with.

Another clueless post.

php.net

[SPaReK]

While I haven't read this book or the previous edition. If you are wanting to learn the language and don't want to pay for the book, php.net and phpbuilder.com are two of the best sites available. They post have good references and PHPbuilder has a very useful forum in case you get stuck.

Re:php.net

[dJCL]

I've also found devshed.com has some userful tutorials for php and mysql, quite well done ones in fact. I have used examples from there in my production code.(Esp. the template info, saved me a lot of time and beautified my code a lot too)...

Re:Perl

[NineNine]

Also, can one use Perl or PHP to link up to a non-SQL database such as Oracle?

Please. Get a book. Oracle was a "SQL" database as you say about 20 years before MySQL ever existed. MySQL isn't even a "real" database, in the technical meaning of the word.

Re:Again... no best practices

[Christianfreak]

1. Checking any input from outside the program

2. Checking input

3. Checking input!!!

4. Separation of logic from HTML design. (templating)

I don't know how many times the company I work for now has been burned because a previous programmer never checked any input to his scripts, rather just blindly inserting it into the database.

Re:PHP 5? (ummm)

[joeldg]

PHP is *not* ready for "production" the latest stable release is here: http://qa.php.net/ if you are wanting to *look* at the development version then http://snaps.php.net specifically states that they are "DEV" versions, and from personal experience these are unstable and not all functions are fully supported (i.e. try compiling in IMAP support and you will see)
The dev versions should not be use in any sort of production environment until they have been realeased as stable, these change everyday and anything you code with it one day, might be broken tomorrow.
I am speaking from experience here.

Re:PHP is a mess - try out ZOPE

ini_set('display_errors', false);
ini_set('log_errors', true);
ini_set('error_log', '/path/to/my/error.log');

SHEESH! :)

-r

MySQL

[pchown]

If you're just starting in web development, don't use MySQL unless you have absolutely no choice. It will hurt you in long term.

When you first start out, you're happy that you can put data in and pull it back out. Then you find that your data gets inconsistent for some reason. To stop this happening, database designers put constraints on the data, and use transactions. If the job is done properly, it shouldn't be possible to insert inconsistent data, like a company address that doesn't belong to a company.

Unfortunately, if you chose to use MySQL at the beginning, you're now stuffed because it doesn't provide these features. What's worse, its SQL is rather non-standard, so you're going to have a problem moving to anything else. I know that people will think I'm trolling for Postgres, but I'm not really. Use any database that supports this type of feature. There are two other open source databases which are worth a look: Firebird and SAP DB.

Re:MySQL

[Surak]

MySQL with InnoDB tables supports foreign key contrants and uses transactions. In fact, a site you may have heard a thing or two about uses MySQL with InnoDB tables.

One reason why online docs are better than a book

[Wee]

I own this book, and it's a good one (it has a lot of examples, and the chapter on generating PDFs was interesting, for example). I'd actually recommend O'Reilly's Web Database Applications with PHP & MySQL, however. I think the example code is better, and it went into individual details of MySQL and PHP more. You're exactly right about one thing: once you've used either book for any length of time, they become obsolete. PHP moves pretty fast, and even small revs of MySQL can contain lots of new features. Both the PHP and MySQL web sites are excellent references which a book just cannot compete with, no matter how good it is.

An interesting side note: the MySQL people "stole" (Rasmus Lerdorf's words, not mine) php.net's webmaster. For a long time now, I've gotten very used to typing things like php.net/mysql_pconnect in the location bar of my browser and getting redirected to the right page in the online docs. MySQL's new webmaster brought that feature with him, so you can do things like mysql.com/select and get answers fast. (If you want to do this on your site, it's actually fairly simple. Check out lerdorf.com/tips.pdf. Look midway through for a slide on the $PATH_INFO environment variable.)

The web sites obviate both books for all but beginners, IMO.

-B

Re:Perl vs PHP question

[frankie_guasch]

mod_perl and HTML::Mason gives an impressive
framework to work with. It's not easy to install
but you'll get a nice backend por code embedding.

Reasons to choose perl:

Separation of presentation from code: perl objects and modules.

Zillions of perl modules in search.cpan.org

Perl is a more mature language with years of existence before php. It has many more features like quite better regexpes and many more.

Online Documentation?

[ergonal]

I'm sure the book is great, but what I like about PHP and MySQL (PHP mainly) are the user comments underneath each page. Sometimes the tips and tricks in these comments are life-saving. You just can't get that sort of value out of one book.

Re:knowing the language vs knowing the ins and out

[Balthisar]

I'll agree. Books are good. I DON'T have a PHP nor mySQL reference, and I'm kludging my way through some PostNuke stuff. Luckily as an experienced programmer, a language is a language and it's not been a major problem. BUT, I'm not doing a serious PHP project starting from the ground up (big difference between starting from scratch and modifying someone else's work). I think if I were going to write something entirely from scratch, I'd easily spend a week working with a paper book and following along until I was comfortable not having to cross-reference everything. In fact, I tried NOT purchasing books to learn Cocoa. In this case, "a language is a language" (Objective-C[++]) more or less applied, but the class libraries ("Cocoa") demanded something a lot more structured than sporadic online documentation. I ended up buy TWO books for Cocoa. It was worth every penny.

Re:Why PHP?

[localekko]

I find using heredoc syntax when assigning strings can make things a bit more legible...

$sql = query
SELECT whatever FROM wherever WHERE name LIKE "%{$_POST['search']}%"
query;

etc.

Re:Why PHP?

[localekko]

Yes that first line should be $sql = <<<query

Re:Why PHP?

[Jetson]

$a.='('.$_POST["it$f['n1'][$i]"]."='${q2}');";
Is there any good CGI language that doesn't have this kind of problems?

If you are comfortable with Perl then one way around the "stuff HTML into a variable and print it" problem is to use the MASON system. This allows you to embed Perl inside an HTML page rather than trying to print HTML from within Perl. One positive side effect of this role-reversal is that all static HTML remains literal text in the source code so that you can do page layout using wysiwyg editors and can structure your code so that opening and closing tags are easily identifiable and balanced.

Re:Perl vs PHP question

[Qbertino]

Perl is executable line-noise.
That kinda sums it up. If you have no problem with the somewhat bizar syntax of Perl you're in. Perl is powerfull and present on allmost anything that runs even the faintest resemblence of Posix. It' ancient and so are it's homegrown semantics. If you know Unix well, take Perl. You'll feel right at home. You'll have to add AxKit, Petal (the Perl rippoff of Zope's TAL) or some other stuff to make it practically usable for larger webstuff and it will probably be slower than PHP, but therefore it's a very universal PL.

PHP on the other hand is the worlds prime dynamic web content language because it's built for, would've you guessed?: dynamic web content.
It's a subset of the large families of SSI-technologies (server-side include) like ASP (don't!), JSP (ok if you're running java), ColdFusion (don't!) and the likes. It's fast, has a bazillion readymade free products ready and beats the living crap out of Perl when it comes to developing dynamic web content. PHP projects make up the lions share of anything serious on the web. You don't need to set up Petal or AxKit/XML or whatnot to get a descent template-engine (as you'd have to with perl) but therefor it gets unpratical when you want to use it for something else then dynamic web stuff. Allthough there's a PHP-GTK lib available that let's you make 'real' apps too.

If you're mainly into dynamic web stuff take PHP. If you emphasise on Unix/Linux admining and scripting take Perl.
And take a look at Python and Zope beforehand - those are *my* favourites.

Re:Why not Online Documentation ?

[plugger]

The online manuals at mysql.com and php.net are hardly disorganised. Php.net is very good, each page of the manual has user anotations where people share experiences with pitfalls and handy tips. As for finding answers quickly, I like to have an introductory book to get a feel for the language and how it works but when searching for builtin functions, a search engine can't be beat.

Re:MySQL -- People don't get it

[Sxooter]

The reason MySQL is easy is that it never complains when you do something stupid, it just does it.

Convert a column type filled with dates from text to date / time type, and MySQL will put 0000-00-00 for each date it can't figure out.

If it can't figure out any dates, they all get set to that.

Since even innodb tables can survive such a change, all your original dates are gone.

On the other hand, in a real database, you'd get errors, complaints, all kinds of guff from the database as it refused to do something that stupid.

That is only one of dozens of examples of MySQL doing things "wrong" from the point of view of reliable, coherent data, and not bothering to tell you.

If I use interbase or pgsql and don't need the features, I just don't use them. But when I need the extra features of a real database, I don't have to switch from MySQL to another database if I already started with one.