-
February 14th, 2003, 02:01 AM
#1
Member
PHP Tutorial
Ok, I did not know whether to put this under Web Development or Tutorials... So I just stuck it here.
- What you will need
- A server with PHP and MySQL
- A text editor to edit your code... Notepad will do, but I reccomend WinSyntax
- Patience to debug your code if it does not work
Ok, This tutorial will come in 2 parts.
1) Introduction to PHP
a) What is PHP
b) Your first PHP script
c) Debbuging
2) Database Driven PHP
a) What is SQL
b) Simple SQL Script
PART I - Introduction to PHP
What is PHP
PHP is a server side scripting language, All PHP is server-side, meaning the server parses and interprets the code into html, XML and whathaveyou. The actual code never gets passed onto the users browser which provides devent security (when used properly).
Your first PHP Script
Ok, Now that you know what PHP is it's time to get started on writing your first script =] Now open up your text editor and type the following:
PHP Code:
<?php
$var = "Hello World";
print $var;
?>
Save the following as hello.php and upload it to your server (access it as yourserver.com/hello.php)... If you did everything corrrectly you should see "Hello World" if not check the code and try again.
Now to explain the script line-by-line.
1:<?php - This line tells PHP to start parsing after this line, it acts as an opening tag such as <html or <script>, substitutes for this are <? (if short_open_tag are enabled) and ASP style <% (if asp_tags is enabled)
2:$var = "Hello World"; - This line sets the variable $var equal to Hello World (notice how hello World is in quotes, everything in PHP has to be in quotes except for numbers and variables.
3rint $var; - This line prints $var
4:?> - And this one ends our script.
Debugging
Ok, Now lets say for example that the script above did not work for you.... Lets try and debug the script and see whats wrong =]
PHP Code:
<?php
$var = Hello World;
print $var
?>
Now the script above has a few (two to be exact) parse errors in it.... When you atemmpt to run it you will see the following....
Parse error: parse error, unexpected T_STRING in F:\server\Apache\htdocs\source.php on line 2
If you did not see this error put the following line into your script:
error_reporting (E_ALL);
That line tells PHP to report every error in the script.
Ok, now back to the error.... It's telling us that there is an unexpected string on line 2 of our script.... Now lets take a look at line 2.....
$var = Hello World;
If you read carefully before you may have noticed that I said ALL strings have to be enclosed in "s... And this doesn't look like a number or a variable.... So, lets fix that error.
PHP Code:
<?php
$var = "Hello World";
print $var
?>
And now it works =]
PART II - Database Driven PHP
What is SQL
SQL (structured query language) is the language for almost all databases used with server side programs (MySQL, PGSQL, MSSQL, etc). SQL uses simple statements to do some pretty cool stuff... Read more here
Simple SQL Script
Ok, Now its time for some SQL scripting =]
Lets take this simple script.
PHP Code:
<?
$id = $_GET['id'];
if($submit){
$var = $_POST['var'];
$pw = "yourdbpass";
$db = "yourdb";
$host = "localhost";
$query = "insert into test (test) values ('$var')";
mysql_connect($host,$user,$pw);
mysql_select_db($db) or die("Unable to select database");
mysql_query($query);
mysql_close();
}
if($id == "view"){
$pw = "yourdbpass";
$db = "yourdb";
$host = "localhost";
$query = "select * from test ORDER BY id";
$result = mysql_query($query);
while($row = mysql_fetch_array($result)){
print '' .$row[test]. ' ';
} else {
?>
<form method="POST" action="<? $_SERVER[PHP_SELF]; ?>">
<input type="text" name="test" size="20"></p>
<input type="submit" value="Submit" name="submit"></p>
</form>
<? } ?>
Looks uber-confusing eh? Lets go through it line by line
1:<? - Start the script
2:$id = $_GET['id']; - Set $id to GET the id var passed to the script through the browser (script.php?id=x)
3:if($submit){ - If $submit is set (by the form at the bottom of the page) execute the following
4:$var = $_POST['var']; - Set $var to get the posted variable from the form below.
5:$pw = "yourdbpass"; - Put your database password here
6:$db = "yourdb"; - Your database name here
7:$user = "user"; - Replace with your database username
8:$query = "insert into test (test) values ('$var')"; - our SQL query =] Pretty self-explanatory, insert into [table] test [field](test) values ('$var')
9:mysql_connect("localhost",$user,$pw); - Connect to the database
10:mysql_select_db($db) or die("Unable to select database"); - Select your database or die
11:mysql_query($query); - Execute our query
12:mysql_close(); - Close the connection
13:}
14:if($id == "view"){ - See line 3
15:$pw = "yourdbpass"; - See line 5
16:$db = "yourdb"; - See line 6
17:$user = "user"; - See line 7
18:mysql_connect("localhost",$user,$pw); - See line 9
19:mysql_select_db($db) or die("Unable to select database"); - See line 10
20:$query = "select * from test ORDER BY id"; - select *[all] from [table] test order by id
21:$result = mysql_query($query); - Set $result to equa; the query result
22:while($row = mysql_fetch_array($result)){ - A simple while loop, mysql_fetch_array returns $result as an array
23rint '' .$row[test]. '
'; - For each $row as $result print the test field
24:mysql_close(); - See line 12
25:} else { - If $id does not match view or $submit
26:?> - End the script temporarily for HTMl output
27:<form method="POST" action="<? $_SERVER[PHP_SELF]; ?>"> - F
28:
<input type="text" name="test" size="20"></p> - O
29:
<input type="submit" value="Submit" name="submit"></p> - R
30:</form> - M
31:<? } ?> - End the script
Below is the SQL statement to execute to use the above script:
Code:
CREATE TABLE `test` (
`id` INT NOT NULL AUTO_INCREMENT,
`test` TEXT NOT NULL ,
PRIMARY KEY ( `id` )
);
And this is my simple little tutorial, for more resources see
http://www.php.net
http://www.mysql.com
http://hotwired.lycos.com/webmonkey/...tutorial4.html
http://www.php.net/tut.php
http://www.gimpster.com/wiki/PhpTutorial
I hope you learned something =]
-
February 14th, 2003, 08:31 AM
#2
<?php
$var = "Hello World";
print $var
?>
this will work iirc last line doesnt need a ; in php double check that but its still bad coding practice
<?
$id = $_GET['id'];
if($submit){
$var = $_POST['var'];
$pw = "yourdbpass";
$db = "yourdb";
$host = "localhost";
$query = "insert into test (test) values ('$var')";
mysql_connect($host,$user,$pw);
mysql_select_db($db) or die("Unable to select database");
mysql_query($query);
mysql_close();
}
if($id == "view"){
$pw = "yourdbpass";
$db = "yourdb";
$host = "localhost";
$query = "select * from test ORDER BY id";
$result = mysql_query($query);
while($row = mysql_fetch_array($result)){
print '' .$row[test]. '
';
} else {
?>
<form method="POST" action="<? $_SERVER[PHP_SELF]; ?>">
<input type="text" name="test" size="20"></p>
<input type="submit" value="Submit" name="submit"></p>
</form>
<? } ?>
so many things that make me cringe dont know where to start
1. <? short tags are a no no **** up xml and the such so generally try to stick to the usual <?php
2.
$var = $_POST['var'];
$pw = "yourdbpass";
$db = "yourdb";
$host = "localhost";
$query = "insert into test (test) values ('$var')";
inserting unchecked datainto a database is probably one of the stupidist things you can do leaves you open for sql injections and the such
addslashes() is a must html_special_char() is usually a good idea if going to be displayed to the browser if magic quotes is turned on in your php.ini file thats fine but its off by default and most people have no idea what it is
3.
error reporting is usually a good idea makes it easier to find problems
mysql_query($query);
or die(mysql_error()) is usually best for anything mysql database related
4.
mysql_close();
}
if($id == "view"){
$pw = "yourdbpass";
$db = "yourdb";
$host = "localhost";
you then go onto do a query but the mysql link id has been lost .... need to reopen it or just not close it would be best php will close it for you at the end of scripts
5.
print '' .$row[test]. '
'; not quite sure why your doing '' if it was supposed to be a space thats fine but apart from that it really doesnt need to be their
apart from that nice tut you covered most of the basics to get people started
thanks rioter
-
February 14th, 2003, 08:41 AM
#3
Member
Is php based on any other languages like perl? What is the background of the language?
-
February 14th, 2003, 09:25 AM
#4
inserting unchecked datainto a database is probably one of the stupidist things you can do leaves you open for sql injections and the such
addslashes() is a must html_special_char() is usually a good idea if going to be displayed to the browser if magic quotes is turned on in your php.ini file thats fine but its off by default and most people have no idea what it is
...no I did not. In fact, The very first page on a search on Google gave me a fantastic paper on Magic Quotes:
http://www.webmasterstop.com/tutoria...c-quotes.shtml
Magic Quotes are Evil!
While you sleep, they whisper in your dreams -
\'Use magic quotes. You know you want to. Go on. It\\'s just so easy\\\'.
Thanks for pointing this out!
Cheers
-
February 14th, 2003, 09:28 AM
#5
Senior Member
Besides the errors, nice work Sevari.
Well tried.
\"I have a 386 Pentium.\"
-
February 14th, 2003, 12:22 PM
#6
Member
Wow, Thanks RiOtEr.... I was going for a simple script but hey, whatever suits you =]
-
February 15th, 2003, 01:48 PM
#7
hehe simple is no problem just make sure it actually works
rioter
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|