Transcript Creating databases for Web Applications

Creating databases for Web
Applications
php basics. Emailing.
phpMyAdmin to set up MySQL.
Homework: Use phpMyAdmin. Make
posting with [unique] source on MySql.
Reprise: PHP
• php files are interpreted by/on/at the server.
– php code within html
• One or more of the following happens:
– php interface to operating system is used to do
things such as interact with databases OR files
OR email
• Generally done by php using form input
– HTML is produced, perhaps from data from
database, and sent to the client
– cookie is set and/or accessed
• Alternative is session data
Structure
CLIENT
SERVER
Browser
(Firefox):
Requests
URL
SERVER
DBMS
(MySQL)
PHP
interpreter
Build
HTML
page
php
• echo: prints material to the html document
to be returned/sent to the client
• Can use print
• Extra credit opportunity: is there a
difference?
A hello world program
• Somewhat contrived because it really doesn't
need to run on the server. Demonstrate, show,
then explain.
• but… will use it to illustrate how to use the
query string
• http://faculty.purchase.edu/jeanine.meyer/hello
world.php
• http://faculty.purchase.edu/jeanine.meyer/hello
world.php?who=curly
<html><head>
<title>Hello world in php </title>
</head>
<body>
<?php
$who = $_GET['who'];
$junk = "this is stuff that doesn't get to the html";
print ("$who wanted to say Hello, world ");
?>
</body>
</html>
php
• Variables start with a $.
• A string can contain a variable name and
php will replace with the variable value!
• There are many associative arrays, such as
$_GET and $_POST
Notes
• method=get produces the so-called query
string. We can also generate query strings
using php OR as direct call
• method=post sends data another way (via
HTTP headers). Benefit is that less is
revealed to user. Think of it also as lack of
clutter.
Problem in my code?
<html><head>
<title>Hello world in php </title>
</head>
<body>
<?php
$who = $_GET['who']; //how does this get set?
$junk = "this is stuff that doesn't get to the html";
print ("$who wanted to say Hello, world ");
?>
</body>
</html>
Next
• We are going to create pairs of files: an
html file and a php file.
• In this case, the html file will ask for
information for sending email and the php
file will do it.
Storyboard
sendemailfromhtmlg.html
sendemailp.php
html to php
Sets of html (set up) and php files
• sendemailfromhtmlp.html
– calls sendemailp.php
• sendemailfromhtmlg.html
– calls sendemailg.php
• sendemailfromhtmlgfancy.html
– calls sendemailgfancy.php
Note
• These all look the same when viewing the
displayed html
• The source shows that each calls a different
php file!
• This is quick, but not instantaneous. Be
patient.
– It is helpful to have multiple email addresses.
sendemailfromhtmlg.html
<html>
<head>
<title>Email
</title>
</head>
<body>
<form action="sendemailg.php">
<p>Your email (for reply)
<input type="text" name="from" /> </p> <p>
To email <input type="text" name="to" /> /p><p>
Subject <input type="text" name="subject" />
</p> <p>
Body of message (you may change it) <br/>
<TEXTAREA NAME="body" COLS=40 ROWS=6>
This is email sent from my own html/php application
</TEXTAREA>
</p>
<input type="submit" value="SEND" />
</form> </body> </html>
textarea
• Similar to input
• Used for multi-line
• Can put in default content
– Where should instructions go????
sendemailg.php
<?php
$to = $_GET['to'];
$subject = $_GET['subject'];
$body = $_GET['body'];
$headers = "From: " . $_GET['from'];
if (mail($to, $subject, $body,$headers)) {
echo("Your message was sent");
} else {
echo("There was a problem.");
}
?>
Notice
• $_GET is an associative array.
• We use square brackets with the name of
the input element in the form.
• Similarly, $_POST is an associative array.
• Concatenate strings using the . operator.
– REPEAT: String concatenation uses a period
(dot) NOT a plus sign!
• Function calls use parentheses.
Question
• What is different for the post version?
Mechanics in php script
• Need to distinguish html versus php: use <?php and ?>
• Concatenation of strings operator is . (period)
• Single quotes and double quotes can be used, but must
be paired appropriately!!!!
• Common task will be to generate a string (aka character
string) made up of html you know ahead of time and
html generated from variables.
• Next example mixes up html and php. First the html
file and then the php file.
• I put in some color coding. There is some color coding
in TextPad and more in Sublime.
<html> <head> <title>Email</title></head> <body>
<form action="sendemailgfancy.php">
<p>Your email (for reply)
<input type="text" name="from" /> </p>
<p>To email
<input type="text" name="to" /> </p>
<p>Subject
<input type="text" name="subject" />
</p> <p>
Body of message (you may change it) <br/>
<TEXTAREA NAME="body" COLS=40 ROWS=6>
This is email sent from my own html/php application
</TEXTAREA> </p>
<input type="submit" value="SEND" />
</form> </body> </html>
<html> <head> <title>php for sending email within html </title> </head>
<body>
This script will use php mail
<?php
$to = $_GET['to' ];
$subject = $_GET['subject' ];
$body = $_GET['body' ];
$headers = "From: " . $_GET['from' ];
if (mail($to, $subject, $body,$headers)) {
echo( "Your message was sent" );
} else {
echo( "There was a problem." );
}
?>
<hr /> This is after the php </body> </html>
Exercise
• Write a pair of files. One html and one php.
• The html file has a form with action
pointing to the php file.
• You can build on the send email files.
• You can do other things, like sending to the
giving email and also to another email you
know…. NOT MINE!
• Make it work!
geolocation example
• http://socialsoftware.purchase.edu/jeanine.
meyer/emailing/geolocationkmemail.html
• Look at code—focus on form
<form name="msg" action="sendemailp.php"
method="post"><p>
Your email (for reply)<input type="email"
name="from" required/>To email<input
type="email" name="to" required /></p>
Subject: <input type="text" name="subject"
size="100" /><p>
Body of message (you may change it) <br/>
<TEXTAREA NAME="body" COLS=40
ROWS=5>My geolocation is at the address given
in the subject line.</TEXTAREA></p>
<input type="submit" value="SEND" />
</form>
<?php
$to = $_POST['to'];
$subject = $_POST['subject'];
$body = $_POST['body'];
$headers = "From: " . $_POST['from'];
if (mail($to, $subject, $body,$headers)) {
echo("Your message was sent");
} else {
echo("There was a problem.");
}
?>
Extra credit possibility
• Figure out how to get an error
• Note: the use of mail is an asynchronous
operation: initiated from php (sent to
operating system on the server)
For information about php and
MySQL
<?php
ob_start();
// buffering output
phpinfo();
$phpinfo = ob_get_contents(); //get contents
echo $phpinfo; //print out as html
?>
http://socialsoftware.purchase.edu/jeanine.meyer/php
infotest.php
php example
<html><head><title> Test </title></head>
<body>
<h1> Welcome to the store </h1>
<?php
….
Print("<h2>New Products</h2>");
Print( "<br>“. $newproduct1name);
?>
</body></html>
Variable set &
used
php variables within strings
• For all php variables, you can put the variable name in
a string:
print("The name input was: $fname");
– php figures out that $fname is a variable and gets its
value.
• NOTE: out of habit in using other programming
languages, sometimes I don't do that:
print ("The name input was :" .
$fname);
• NOTE: the string concatenation operator is .
• Caution: SQL often requires a single quotation mark
Form data in php
• Built-in functions
Name in form
$_GET[' ']
$_POST[' ']
• If you want to NOT distinguish (considered
less secure)
$_REQUEST[' ']
also includes $_COOKIE
So…
• Try writing [yet another] html file calling a
php file that uses $_Request
Checking if a form variable has been
set
• Common situation to check if this is first
time
$saywhich=@$_GET['saywhich'];
Prevents error if no
value exists
random
• rand (a, b) returns a pseudo-random choice
from a to b, inclusive
$choice=rand(0, sizeOf($states)-1);
• The arrays in php (like JavaScript and
ActionScript) start indexing at zero.
Overview
• Useful to think in terms of 3 language
domains (my terminology):
– client side browser (interpreter of html)
– server side interpreter of asp/JavaScript or php
• (There is another level here for the operating
system, but this is what the asp objects and the php
built-in functions & variables provide.)
– database interpreter of SQL (by Access or
MySQL)
Warnings
Applicable to php and other languages:
• To output quotation marks in the HTML, you may
use single quotes or 'escape' double quotation
marks:
print ("<a href=\"$filename\">");
• Preview: SQL statements require quotation marks
around values in certain cases.
• SQL statements use a single equals sign (=) for
checking for equality. JavaScript and php use ==
in IF statements.
Claim
• All database management systems share similar
structure.
– Tables Records Fields
– Records have primary keys
– Records may have fields that hold foreign keys, that is,
pointers to records in other tables or in that table.
• They differ on efficiencies noticeable in large[r],
production systems
– How many simultaneous queries
– Security issues
Pre Banner example (NOT
ACCURATE)
• Table of courses:
• Each record represents one course.
Course identifier: MAT3530
Cross-listing: NME3520
Name: Creating Databases for Web Applications
• ASSUMING a course has at most one prerequisite, each record has field that
Pre-req: MAT1420
NOTE: the pre-reqs are more complicated, since there are
many possibilities. This would require a new table.
Creating database
• Create tables
• [Create / specify relations.]
• If database to be used on stand-alone
computer, create Forms, Queries, Views.
Instead, we will create programs (html and
php scripts) to do this.
Table
• Define what is a record in the table: what are the
fields?
– What is the information associated with this one thing?
• What is the data type of each field?
– If the databases will contain many records, may be
important to be careful as to size
• Is there an intrinsic primary key (unique for the
record in the table) or should system supply one?
• Fields can have at most one value (can be null)
– Multiple values means you need another table
Caution
• Defining (designing) a database is not
trivial.
• May require revision.
• Interview process with
clients/customers/systems owners can take
time.
What should we do?
•
•
•
•
•
•
Budget (past and future expenses, dates)
Favorite web sites
Music collection (with features)
Courses taken (grades) / will take
Candidates
?
Spreadsheet vs Database
• Scale: DBMS can handle large amounts of information
• Efficiency: DBMS can handle different datatypes
• DBMS have facilities for MANAGING access by
multiple users
• DBMS supports multiple tables and queries across the
multiple tables.
• MySQL (and other DBMS) have easier (?)
connections to php and other programming languages
– Extra credit opportunity: do posting on php and
Excel or php and Open Office or VB.net & xls, etc.
Give explanation / examples, NOT JUST THE
LINK!
Preview
Team projects: take one of my sample
projects at
http://faculty.purchase.edu/jeanine.meyer/d
b/examples.html
• understand and present to class
• make enhancements
Admission
• There is (at least) one problem in the trivia
quiz involving questions.
Trivia game
• Questions table
–
–
–
–
–
Question id
Question text
Question answer
Question category
Question score
• Player table
• History table
Trivia database: players
• Player id
• Player name
• Player password
Trivia database: history
•
•
•
•
•
Event id
Player id
Question id
Result (right or wrong)
Time stamp
Entity Relationship Diagram
Questions
Ques id
Text
Answer
Category
score
Players
Player id
Player name
Password
History
historyID
Ques id
Player id
Result
Time stamp
phpMyAdmin
• Used to set up tables for your / my one
database
– Can also do this entirely using php code
• After setting up table, we will then use php
for adding, deleting and query-ing records
in the tables.
• Can use phpMyAdmin to see what is in the
tables
Homework
• To do email examples, you need to upload to
your server account.
– Get html email examples working if you haven't
done so
– Experiment with phpMyAdmin
• First use regular password, then id and password given
in README file
• Required: Find a good source on MySql and
make posting.
• [Continue review of HTML/HTML5]
• Next class: parallel structures