Slashdot Mirror
Beginning PHP and MySQL 5.0
Ravi Kumar writes "PHP and MySQL use is so prevalent that nowadays it is hard to miss seeing a website on the net which has been built using these technologies. The beauty of PHP is in its open nature and the rich set of libraries and modules which imparts a lot of power and flexibility to the programmer. Similarly MySQL is a free database which is ideal for use as a backend for any website. And not surprisingly there are a plethora of books in the market which explains these two topics. One such book is Beginning PHP and MySQL 5 from Novice to Professional authored by W.Jason Gilmore published by Apress." Read the rest of Ravi's review.
Beginning PHP and MySQL 5.0 - From Novice to Professional
author
W.Jason Gilmore
pages
860
publisher
Apress
rating
9
reviewer
Ravi Kumar
ISBN
978-1-59059-552-7
summary
The beauty of PHP is in its open nature and the rich set of libraries and modules which imparts a lot of power and flexibility to the programmer. Similarly MySQL is a free database which is ideal for use as a backend for any website.
Spread over 860 pages and divided into a whooping 37 chapters, this book covers the PHP Language and MySQL database in detail. As the name indicates, the book endeavors to hand hold a newbie in the various aspects of PHP programming like the language constructs and progressively brings him to the level of a professional. The first 21 chapters of the book solely concentrates on PHP where the author explains with the aid of examples how to write good programs in PHP.
The author starts the narration by giving a brief history of PHP and then moves on to explain all the syntax constructs of this language in great detail. Arrays, functions and classes have each been provided separate chapters of their own. Usually I have found many books related to programming jumping straight into describing the language syntax and about writing code. But this book has a dedicated chapter each covering how to setup and configure PHP and MySQL on ones machine irrespective of the OS being used which breathes some fresh air to this subject. PHP language has a very good similarity with C/C++ at-least in the syntax. And in the sixth chapter, the author explains the Object Oriented Concepts like object cloning, inheritance and polymorphism of this language with clarity.
The maturity of any programming language is gauged by the type of traps that it has developed to check the errors and exceptions that might be generated dynamically when a program is run. PHP has a rich set of features for handling errors. Earlier versions of PHP already took care of notifying errors through configuration directives and support for logging. But one thing this robust language lacked was support for exception handling. And from PHP ver 5.0 onwards, this feature has also been included in it. The 8th chapter in this book titled Errors and Exception Handling explains all these important concepts in detail. The fact that the author has provided snippets of code to illustrate each concept that is explained goes a long way in understanding this topic.
Another of PHPs strengths is in its support of a rich set of regular expressions and string manipulation functions. Using regular expressions, one can match just about any string or a sub-set of it and even do manipulations to the matched string on the fly. The string matching functions form the backbone of many user input validations. In the 9th chapter titled "String and Regular Expressions", the author explains with the aid of code how to use the rich set of string manipulation functions available in PHP to get the desired results.
The 10th chapter is solely dedicated to working with files and operating systems where the author explains in his inimitable style different ways of reading from and writing to files. All the frequently used file manipulation functions are explained in this chapter with the aid of examples.
The first 12 chapters of the book solely concentrates on explaining the PHP language to the readers. In the next 4 chapters, the author moves into practical aspects like explaining how to mix PHP with HTML elements, user authentication , handling file uploads, sending and receiving email using PHP code and so on. I found the section where the author explains how to build specialized programs such as a port scanner, subnet converter and bandwidth tester all with the aid of PHP code really fascinating. The author introduces the reader to some of the MySQL concepts in this part of the book like connecting to a database and reading data from database but the more detailed aspects of database manipulation are left for later chapters which deals with MySQL in more depth.
The 21st chapter titled Secure PHP programming throws light on topics related to enhancing security while coding in PHP such as enabling safe mode for people who run PHP in a shared-server environment, PHP's encryption capabilities, securely configuring PHP via its configuration parameters and so on.
From the 22nd chapter onwards, the book takes an all together different turn and moves into explaining the database concepts which plays an important part in any dynamically generated website. More specifically, the succeeding chapters concentrate on explaining the configuration and use of MySQL 5.0 and how one can use PHP to interact with the MySQL database. The chapter titled Introducing PDO throws light on the abstraction layer used between PHP and MySQL. I especially liked the 26th chapter where the author lists the different MySQL clients which are available to the user like mysql, mysqladmin, mysqlshow and so on. In fact, each and every tool which comes bundled with the mysql server is explained thoroughly with the aid of examples. But that is not all, this chapter also explains how to configure a mysql database using third party clients like PHPMyAdmin, MySQL Query Browser, MySQL Administrator and Navicat. In the section on securing MySQL, the author goes into the finer nuances of the topic. For example, with the aid of commands, the author explains how to make sure that the user connects with the database over secure sockets layer (SSL) or ways of encrypting the MySQL database traffic which is an eye opener.
But I would say the 29th chapter titled PHP's MySQL Extension is the most important chapter in the entire book just because it is in this chapter that the author explains in detail the variety of ways in which one can connect to MySQL database and retrieve or manipulate the data using PHP code.
In the 30th chapter titled PHP's MySQLi Extension, one gets to know how to use the enhanced MySQLi extension to connect to the database. The MySQLi extension contains more enhancements over its predecessor in that it is object oriented, supports prepared statements, provides transactional support, has better debugging capabilities among other things. But the down side as the author puts it is that it requires PHP 5.0 for it to work.
The last six chapters deal with special features of MySQL and how one can write PHP code to use those features. The features like stored routines, MySQL triggers and Views have been provided with a dedicated chapter of their own. And yes, from MySQL ver 5.0, support for views have also been incorporated in the database. And the fact that this book covers these new topics in detail makes this a truly useful book not only for budding programmers but also for the gurus among us.
I really liked the layout of the book. Each section is accompanied by PHP code snippet which shows how it is done. Just because one gets two books at the price of one does not mean that the book is short on detail. In fact the opposite is true and the 860 pages contain all that is needed for coming upto date with the latest version of PHP and MySQL. Of course the inclusion of a couple of pages giving a complete project such as a shopping cart application at the end of the book would have imparted a nice touch especially since this book is targeted at beginners too. But that is a minor detail and I guess there are limits to which a books of even this size can cram information. All in all an informative book which gives good value for money.
The author of this book W.Jason Gilmore has developed countless PHP and MySQL applications over the past seven years, and has dozens of articles to his credit on this and other topics pertinent to Internet application development. He has had articles featured in, among others, Linux Magazine and Developer.com, and adopted for use within United Nations and Ford Foundation educational programs. Jason is the author of three books, including most recently the best-selling Beginning PHP and MySQL: From Novice to Professional, and, with coauthor Robert Treat, Beginning PHP and PostgreSQL 8: From Novice to Professional. These days Jason splits his time between running Apress's Open Source program, experimenting with spatially enabled Web applications, and starting more home remodeling projects than he could possibly complete.
Ravi Kumar is passionate about all things related to GPL and open source and likes to share his thoughts through his blog."
You can purchase Beginning PHP and MySQL 5.0 - From Novice to Professional from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Spread over 860 pages and divided into a whooping 37 chapters, this book covers the PHP Language and MySQL database in detail. As the name indicates, the book endeavors to hand hold a newbie in the various aspects of PHP programming like the language constructs and progressively brings him to the level of a professional. The first 21 chapters of the book solely concentrates on PHP where the author explains with the aid of examples how to write good programs in PHP.
The author starts the narration by giving a brief history of PHP and then moves on to explain all the syntax constructs of this language in great detail. Arrays, functions and classes have each been provided separate chapters of their own. Usually I have found many books related to programming jumping straight into describing the language syntax and about writing code. But this book has a dedicated chapter each covering how to setup and configure PHP and MySQL on ones machine irrespective of the OS being used which breathes some fresh air to this subject. PHP language has a very good similarity with C/C++ at-least in the syntax. And in the sixth chapter, the author explains the Object Oriented Concepts like object cloning, inheritance and polymorphism of this language with clarity.
The maturity of any programming language is gauged by the type of traps that it has developed to check the errors and exceptions that might be generated dynamically when a program is run. PHP has a rich set of features for handling errors. Earlier versions of PHP already took care of notifying errors through configuration directives and support for logging. But one thing this robust language lacked was support for exception handling. And from PHP ver 5.0 onwards, this feature has also been included in it. The 8th chapter in this book titled Errors and Exception Handling explains all these important concepts in detail. The fact that the author has provided snippets of code to illustrate each concept that is explained goes a long way in understanding this topic.
Another of PHPs strengths is in its support of a rich set of regular expressions and string manipulation functions. Using regular expressions, one can match just about any string or a sub-set of it and even do manipulations to the matched string on the fly. The string matching functions form the backbone of many user input validations. In the 9th chapter titled "String and Regular Expressions", the author explains with the aid of code how to use the rich set of string manipulation functions available in PHP to get the desired results.
The 10th chapter is solely dedicated to working with files and operating systems where the author explains in his inimitable style different ways of reading from and writing to files. All the frequently used file manipulation functions are explained in this chapter with the aid of examples.
The first 12 chapters of the book solely concentrates on explaining the PHP language to the readers. In the next 4 chapters, the author moves into practical aspects like explaining how to mix PHP with HTML elements, user authentication , handling file uploads, sending and receiving email using PHP code and so on. I found the section where the author explains how to build specialized programs such as a port scanner, subnet converter and bandwidth tester all with the aid of PHP code really fascinating. The author introduces the reader to some of the MySQL concepts in this part of the book like connecting to a database and reading data from database but the more detailed aspects of database manipulation are left for later chapters which deals with MySQL in more depth.
The 21st chapter titled Secure PHP programming throws light on topics related to enhancing security while coding in PHP such as enabling safe mode for people who run PHP in a shared-server environment, PHP's encryption capabilities, securely configuring PHP via its configuration parameters and so on.
From the 22nd chapter onwards, the book takes an all together different turn and moves into explaining the database concepts which plays an important part in any dynamically generated website. More specifically, the succeeding chapters concentrate on explaining the configuration and use of MySQL 5.0 and how one can use PHP to interact with the MySQL database. The chapter titled Introducing PDO throws light on the abstraction layer used between PHP and MySQL. I especially liked the 26th chapter where the author lists the different MySQL clients which are available to the user like mysql, mysqladmin, mysqlshow and so on. In fact, each and every tool which comes bundled with the mysql server is explained thoroughly with the aid of examples. But that is not all, this chapter also explains how to configure a mysql database using third party clients like PHPMyAdmin, MySQL Query Browser, MySQL Administrator and Navicat. In the section on securing MySQL, the author goes into the finer nuances of the topic. For example, with the aid of commands, the author explains how to make sure that the user connects with the database over secure sockets layer (SSL) or ways of encrypting the MySQL database traffic which is an eye opener.
But I would say the 29th chapter titled PHP's MySQL Extension is the most important chapter in the entire book just because it is in this chapter that the author explains in detail the variety of ways in which one can connect to MySQL database and retrieve or manipulate the data using PHP code.
In the 30th chapter titled PHP's MySQLi Extension, one gets to know how to use the enhanced MySQLi extension to connect to the database. The MySQLi extension contains more enhancements over its predecessor in that it is object oriented, supports prepared statements, provides transactional support, has better debugging capabilities among other things. But the down side as the author puts it is that it requires PHP 5.0 for it to work.
The last six chapters deal with special features of MySQL and how one can write PHP code to use those features. The features like stored routines, MySQL triggers and Views have been provided with a dedicated chapter of their own. And yes, from MySQL ver 5.0, support for views have also been incorporated in the database. And the fact that this book covers these new topics in detail makes this a truly useful book not only for budding programmers but also for the gurus among us.
I really liked the layout of the book. Each section is accompanied by PHP code snippet which shows how it is done. Just because one gets two books at the price of one does not mean that the book is short on detail. In fact the opposite is true and the 860 pages contain all that is needed for coming upto date with the latest version of PHP and MySQL. Of course the inclusion of a couple of pages giving a complete project such as a shopping cart application at the end of the book would have imparted a nice touch especially since this book is targeted at beginners too. But that is a minor detail and I guess there are limits to which a books of even this size can cram information. All in all an informative book which gives good value for money.
The author of this book W.Jason Gilmore has developed countless PHP and MySQL applications over the past seven years, and has dozens of articles to his credit on this and other topics pertinent to Internet application development. He has had articles featured in, among others, Linux Magazine and Developer.com, and adopted for use within United Nations and Ford Foundation educational programs. Jason is the author of three books, including most recently the best-selling Beginning PHP and MySQL: From Novice to Professional, and, with coauthor Robert Treat, Beginning PHP and PostgreSQL 8: From Novice to Professional. These days Jason splits his time between running Apress's Open Source program, experimenting with spatially enabled Web applications, and starting more home remodeling projects than he could possibly complete.
Ravi Kumar is passionate about all things related to GPL and open source and likes to share his thoughts through his blog."
You can purchase Beginning PHP and MySQL 5.0 - From Novice to Professional from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
That is a very poor title. Is the book about PHP 5 and MySQL 5? or PHP 5 and MySQL 4?
When I was learning programming from the age of 12, I was 'developing' Windows apps, for various purposes. After PHP / MySQL had been about for a while, I picked those up. I dropped any windows development I did - just because it didn't interest me anymore with this exciting thing going on. I would and have suggested to a lot of newcomers to coding that they look into PHP, and a lot of them did with some success.
You can do some incredible stuff with PHP/MySQL if you put your mind to it. One of my favorite projects (it wasn't the definitive or only one!) was a windows app that hooked keypresses. Every so often it would upload the number of keypresses to some PHP / MySQL code and update your user profile.
The application potential is impressive, and not fully exploited the way I look at it.
that tells me how to code PHP. I don't want to learn how to code PHP. I want blocks of code with an explanation of what it does that I can cut and paste into simple webpages that talk to my database. I know how to change variable names using vi, thank you. I don't want to learn this; it will be passe' in a month, dead in a year.
Whoa, look at the time. Next language/framework/ide please...
Does anyone know how this compares to "PHP and MySQL Web Development"? It seems like both cover PHP5 and MySQL 5.
I personally bought the previous edition of this book. It dealt with PHP 5 and MySQL 4. I learned quite a bit in only a short time. This book helped me finish my capstone project for my engineering degrees. I recommend this book to anyone who is starting off in programming web material and anyone who wants to learn PHP 5 relatively fast. As for MySQL it covers mainly how to connect to a MySQL database using PHP and does not cover in detail how to perform SQL queries.
The first 21 chapters of the book solely concentrates on PHP where the author explains with the aid of examples how to write good programs in PHP.
this is a persistent problem with all of these programming in ____________ books. They teach the language and sometimes get around to dealing with good programming. Learning PHP, or java, or python, or whatever is still not learning to program. Learning to program effectively should be the first priority. All the OOP features in PHP5 are of no use to someone without good knowledge of OOP. Likewise, I'd gather that most of the insecurities in PHP are the result of poor design. PHP is great for its templating features, the ability to separate content from design, and its speed of development. But, that still doesn't make it secure or effective. How many times does a programmer get in trouble becasue they don't escape double quotes in a TEXT field in mysql, or account for malformed URL's, html, bad javascript, etc.?
No matter how good these books are, and I'm sure they do a good job of presenting all of PHP's features and strenghts, they still usually lack teaching how to design a web site/application, how to effectively use passwords, secure data queries, efficient programming, etc. That might be an altogether different beast, but there's a world of difference between using PHP in a web site and writing a good web app. I'd wish that the books would focus more on good programming techniques. I don't imagine everyone will buy the book otherwise, and not everyone will benefit the same, but I've not found too many books that put "programming" ahead of "programming in".
My problem? I was perfectly gruntled, until some numbnuts came by and dissed me.
WAMP (windows - apache - mysql - php) server is a cool thing I found if you want a quick and integrated solution to developing with mysql/php on windows systems. It puts a little icon in your dock that is similar to the start menu and you can start/stop all servers and enable/disable php modules, etc. It also comes with phpMyAdmin for managing the mysql databases. It's one big executable with installer and theres no admin stuff to deal with before you start programming. Not that any of the admin stuff is particularly difficult, just extremely annoying considering the frequency of changes to php and apache.
http://www.en.wampserver.com/
My version of the book is titled Beginning PHP 5 and MySQL: From Novice to Professional. The title on the Barnes and Noble link says Beginning PHP and MySQL 5: From Novice to Professional, but the cover shown at that same link reads Beginning PHP 5 and MySQL 5: From Novice to Professional. So there is some confusion.
Don't forget that Friday is Hawaiian shirt day.
I've tried so many PHP and MySQL books over the years that I can't even keep track of what I'm reading. Coding just doesn't seem to make sense to me in book form.
I learned the most I possibly could by downloading Wordpress (blog software), PHPBB (bulletin board software) and setting them up. I downloaded modifications and looked over the code in person.
Over the past few months I've become really adept at writing my own PHP and MySQL-based software, to the point that I'm starting to design my own CMS interface. Not a single thing I've learned from a book has stuck, but everything I learn in chomping on code in Notepad or emacs seems to stick forever.
Anyone else have problems with books on coding?
Which is very unfortunate. It's possible to write good, secure PHP code. Others have too. PHP is marketed as an easy to learn language (and it is), and it is commonly installed on hosting services, so new programmers flock to it. The problem is that these new programmers are, well, new. They aren't aware of things like SQL injection attacks. They don't bother to validate data. They make new programmer mistakes.
Is it the fault of the language? I can point to a few things where I can say, Shame on You, PHP!, such as the entire magic quotes 'feature' (which, iirc, is turned off by default now). But, as usual, it is the user, not the tool, that is at fault. This makes the language look bad because vulnerabilities pop up in software packages written in the language.
It's easy to spread FUD when that happens, especially to management and other uneducated people.
Some people say that the language should prevent programmers from doing stupid things. I disagree; I think the language should allow you to do what you want within the confines of its purpose, and if you happen to be making mistakes (such as not escaping data that goes into your queries) then shame on you. I don't see people complaining about C because it lets you point into kernel space and write garbage. If that happens, C programmers will point and laugh and say, "Ha ha, you silly newbie programmer!" not "Ha ha, C is retarded!"
I don't see why PHP should be any different. Sure, there are things that could be improved, but overall, most of the vulnerabilities I see are not the fault of the language. It's just the web's version of the VisualBasic syndrome (OMG I CN PRINT TXT 2 SCREEN, I R GOOD PROGMMR!!!!11one!).
The more used a language is, the more software that exists, and the more bugs that will exist - especially if it's an 'easy' language to learn.
Love sees no species.
During the years i have been using these, i have come to believe that you can to almost anything with these, except housework.
Read radical news here
Not blame the language? Why not? PHP is the only language that I know of that has like 6 or 7 functions just to escape strings to be injected in SQL queries and that still manages to get it wrong.
I mean, first time you try to hit a DB, you've heard about SQL injection you want to escape your inputs, are you using addslashes? Nope, and you should stripslashes too, if magic_quotes are active, because even though they're built in they fucking fail. Oh, there's an sqlite_escape_string, but you're using mysql so you'd probably use this lil' mysql_escape_string... except that you were really supposed to use mysql_real_escape_string, cause it's the real one you know. And the best part of all that shit? there is not one of the unsafe function that's marked anything even remotely close to "deprecated" or "dangerous", they are unsafe and should never be used, that's old news, and you can still use them n/p
Hell, PHP is the only language that I know of that does not feature any kind of prepared statement in it's standard DB interface. It only got prepared statements with the mysqli_ crapfest and that frigging piece of donkey poo requires you to create a prepared statement explicitely and then bind every single argument one by one to your statement.
This thing is the most retarded standard DB interface that's ever been born in this world, and it's only taken like 4 years for the Zend retards to unleash this abortion on us! Developers rejoice, maybe in 4 more years we'll get a DB interface on par with Perl's DBI or Python's DBAPI2...
And THIS is but one of the dozens of inherently stupid and/or insecure "features" PHP got built-in such as the good ol' REGISTER_GLOBALS, the hidden errors and notices, the lack of anything even remotely close to Perl's "use strict", the completely random and inconsistent function names and function outputs, the three-fucking-thousand functions all dumped into the global namespace (perl has 206, Python has 76 and ruby probably has less than a dozen)...
I'm all for blaming the builder, as long as he's got usable tools. PHP is nothing that can be called "usable tool" with a straight face, the whole "language" is a gigantic hack built with feces and vomit, it IS to blame, and blame it I do.
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler