Transcript the Powerpoint presentation

NMD202 Web Scripting
Week5
What we will cover today
 PHPmyAdmin
 Debugging – using print_r
 Modifying Data PHP (cont.)
 4D Methodology
 File and IO operations
 Exercises
PHPmyAdmin
MySQL has a lot of clients with GUI.
phpMyAdmin is an open source tool written in
PHP intended to handle the administration of
MySQL over the web.
PHPmyAdmin
Setup:
Copy the phpMyAdmin (in Xampp root folder)
to document folder (xampp/htdocs)
Access it through the browser:
http://localhost/phpMyAdmin
Debug
Using print_r
print_r - Prints human-readable information
about a variable
Debug
Using print_r:
$a = array ('a' => 'apple', 'b' => 'banana', 'c' => array ('x', 'y', 'z'));
echo “<pre>”;
print_r ($a);
echo “</pre>”;
Array (
[a] => apple
[b] => banana
[c] => Array (
[0] => x
[1] => y
[2] => z
)
)
Sanitize queries
mysql_real_escape_string()
This function must always be used to make data safe before sending a query to
MySQL.
$query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));
Redirection
There are several ways to perform page redirection in PHP
The most common way is to send a special header to the browser:
header(‘Location:page.php’);
Headers must be sent before any information is sent to the browser, this includes
any white spaces, make sure you open the php script tag in the first line of your
document otherwise you will get the following error:
Warning: Cannot modify header information - headers already sent by
Ini Files
Ini files are special files where you include configuration information for your
application, if you are know *nix system you are used to this format:
; This is a sample configuration file
;Comments start with ';', as in php.ini
[database]
host = localhost
username = root
password =
database = sampleDataBase
$conf = parse_ini_file($filename) loads in the ini file specified in filename , and
returns the settings in it in an associative array.
Modifying Data
Insert Form:
•If form has been submitted then run the insert query (after
validation) and provide feedback (optionally redirect the page to
the List screen)
•Draw the form action attribute should be set to
$_SERVER[‘PHP_SELF’]
Modifying Data
Edit Form:
•ID of the record is passed in the querystring
•If form has been submitted then run the update query (after
validation) and provide feedback (optionally redirect the page to
the List screen)
•Draw the form with the values populated from query results
•Usually Insert and edit screen are integrated in the same PHP
page
Modifying Data
Deleting Data
• Id record to delete is passed through the querystring
• Query is built based on id (data should be sanitized)
• Query is performed
• Feedback is given to the user (optionally redirect to the list
screen)
•Sometimes Delete is integrated in the list screen, using a
querystring like ?task=delete&Id=25, before displaying the list
record is deleted by testing if $_GET[‘task’]==“delete”
Exercise
Build a complete set of screens to insert, update,
display and delete the students records.
On the display table insert two more columns with links
to the delete and edit pages, providing the id of the
record.
Split the logical parts into separate php files:
display.php, edit.php, insert.php, delete.php,
configuration.ini
Sanitize your data
Exercise
Include more screens to manage student grades
4D methodology
4D Methodology is a variation of the waterfall
methodology
Is a methodology that allows you to understand the
system you are trying to achieve, implement it and
deliver it according to the needs of a client
4D methodology
Define – Understand the requirement of the system
Design – Design the system (ER Diagrams, page
navigation diagrams, templates, page description)
Develop – Implement and test the system
Deploy – Deploy the system in the client infraestructure
4D methodology
The most crucial steps in building any system is the
Define and Design steps.
Failure to do so will result in a large amount of time
spent in the implementation.
Login
4D methodology
Admin Homepage
Page navigation diagram:
Manage Users
List
Edit
Insert
4D methodology
Page description:
•General description of the page
•How does the user comes here, where does it go from
here (include parameters in querystring, ie:edit page)
•Description form if any, including field labels, database
field, validation rules, control type (textbox, selectbox
etc)
•Business rules, ie: User can only be deleted if there is
no records from that user.
File and IO operations
PHP can handle all vulgar file operations including:
Read
Write
Delete
List files in folder
Change attributes (*nix chmod)
Etc
File and IO operations
Read file:
<?php
// get contents of a file into a string
$filename = "/usr/local/something.txt";
$handle = fopen($filename, "r");
$contents = fread($handle, filesize($filename));
fclose($handle);
?>
$filename can be a URL
File and IO operations
Write file:
<?php
$fp = fopen('data.txt', 'w');
fwrite($fp, '1');
fwrite($fp, '23');
fclose($fp);
// the content of 'data.txt' is now 123 and not 23!
?>
File and IO operations
Error Handling:
<?php
$filename = 'test.txt';
$somecontent = "Add this to the file\n";
// Let's make sure the file exists and is writable first.
if (is_writable($filename)) {
// In our example we're opening $filename in append mode.
// The file pointer is at the bottom of the file hence
// that's where $somecontent will go when we fwrite() it.
if (!$handle = fopen($filename, 'a')) {
echo "Cannot open file ($filename)";
exit;
}
// Write $somecontent to our opened file.
if (fwrite($handle, $somecontent) === FALSE) {
echo "Cannot write to file ($filename)";
exit;
}
echo "Success, wrote ($somecontent) to file ($filename)";
fclose($handle);
} else {
echo "The file $filename is not writable";
}
?>
Exercise
Create a file in a special folder /gradeLogs (maybe accessible from
the student list as a link) that generates a file (in a special folder)
with the current students, and their grades ie, filename should be
unique (use the date function to generate unique filenames):
Luis
Maths:14
Maths2:13
----------------------------------------------John:15
Create another screen where you can list the files in the folder and
allow user to click and see the content file