; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. magic_quotes_runtime = Off
|
|
- Roberta Summers
- 5 years ago
- Views:
Transcription
1 SQLite PHP tutorial This is a PHP programming tutorial for the SQLite database. It covers the basics of SQLite programming with PHP language. There are two ways to code PHP scripts with SQLite library. We can use procedural functions or OOP objects and methods. In this tutorial, we use the classical procedural style. You might also want to check the PHP tutorial, SQLite tutorial or SQLite Perl tutorial on ZetCode. Installation To work with this tutorial, you must install several packages. The apache2, libapache2-mod-php5, php5-sqlite packages. sqlite command line tool is optional, but recommended. The document root directory is a directory, where you place your html and php files. It is a place, where the apache server looks for the files, that make up the web site. The document root for apache2 server can be changed at /etc/apache2/sites-available/default file. This is for Ubuntu. DocumentRoot /var/www/ This is a portion of the above mention configuration file. The default document root directory is /var/www. We should also edit the php.ini file to turn the magic quotes off. Since PHP they are off by default. On my system, I have currently PHP so I had to edit the php.ini file. It is located at /etc/php5/apache2/php.ini on my system. Magic Quotes is a process that automatically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed. We are going to use sqlite_escape_string() function to escape strings if necessary. ; Magic quotes ; ; Magic quotes for incoming GET/POST/Cookie data. magic_quotes_gpc = Off ; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. magic_quotes_runtime = Off ; Use Sybase-style magic quotes (escape ' with '' instead of \'). magic_quotes_sybase = Off This is a portion of the php.ini file. Magic quotes are off. If you edited the file while apache was running, you must restart the apache server. We are also going to create a directory, where we will have our sqlite database files. In the document root directory, /var/www on my Ubuntu system, we create a directory called db. $ pwd /var/www $ ls -ld db drwxrwxrwx 2 root root :04 db
2 A web server must have a write & execute access to the directory. It is convenient to have a read access too. $ pwd /var/www/db $ ls -l test.db -rw-rw-rw- 1 root root :04 test.db Inside the db directory, we create a test.db file with read and write access rights. SQLite database is called a zero configuration database. The only problems that could arise are insufficient access rights. First example Our first example will test the version of the SQLite library and the version of the PHP language. If it works, we have all installed correctly. We create a simple PHP script and give it a name version.php. We place it into the document root directory. It is /var/www on my system. Ensure, that the apache server is running. $ /etc/init.d/apache2 status * Apache is running (pid 22965). We check, if the apache server is running. To start the server, we can use the /etc/init.d/apache2 start command. echo sqlite_libversion(); echo phpversion(); Now we start the browser and locate to The PHP code shows and ubuntu4.5 strings on my system. You should get something similar. Figure: First example
3 Creating a table In the following PHP code, we will create a database table. $stm = "CREATE TABLE Friends(Id integer PRIMARY KEY,". "Name text UNIQUE NOT NULL, Sex text CHECK(Sex IN ('M', 'F')))"; $ok = sqlite_exec($dbhandle, $stm, $error); if (!$ok) die("cannot execute query. $error"); echo "Database Friends created successfully"; Besides creating a database table, we do some error checking. The sqlite_open() function opens a SQLite database. The function has three parameters. The first parameter is the filename of the database. According to the documentation, the second parameter is ignored currently. The 0666 is the recommended value. If we cannot open the database, an error message is put into the $error variable. The sqlite_open() function returns a database handle on success or FALSE on error. The die() function outputs an error message and terminates the script. $stm = "CREATE TABLE Friends(Id integer PRIMARY KEY,". "Name text UNIQUE NOT NULL, Sex text CHECK(Sex IN ('M', 'F')))"; The $stm variable holds the SQL statement to create a Friends database table. Note that there are two strings concatenated with the dot operator. $ok = sqlite_exec($dbhandle, $stm, $error); The sqlite_exec() executes a result-less statement against the database. The first parameter is the database handle, that we obtained with the sqlite_open() function. The second parameter is the statement, that we are about to execute. And the last parameter is the possible error message. This is usually due to a syntax error. The function returns TRUE for success or FALSE for failure. if (!$ok) die("cannot execute query. $error"); We check for possible errors. There could be two types of errors. SQL syntax error or insufficient permissions. echo "Database Friends created successfully"; If all went OK, we print a message 'Database Friends created successfully'. If there is some error, this message is not printed, because the die() function terminates the execution of the PHP script.
4 We close the database handle. It is not necessary to do it explicitly. PHP language does it automatically. But it is a good programming practice to do it. Inserting data In the following example, we will insert some data into the Friends database. $stm1 = "INSERT INTO Friends VALUES(1,'Jane', 'F')"; $stm2 = "INSERT INTO Friends VALUES(2,'Thomas', 'M')"; $stm3 = "INSERT INTO Friends VALUES(3,'Franklin', 'M')"; $ok1 = sqlite_exec($dbhandle, $stm1); if (!$ok1) die("cannot execute statement."); $ok2 = sqlite_exec($dbhandle, $stm2); if (!$ok2) die("cannot execute statement."); $ok3 = sqlite_exec($dbhandle, $stm3); if (!$ok3) die("cannot execute statement."); echo "Data inserted successfully"; We insert some data. We don't retrieve any data. Therefore we use again the sqlite_exec() function. $stm1 = "INSERT INTO Friends VALUES(1,'Jane', 'F')"; $stm2 = "INSERT INTO Friends VALUES(2,'Thomas', 'M')"; $stm3 = "INSERT INTO Friends VALUES(3,'Franklin', 'M')"; Here we have three statements that will insert three rows into the Friends database. $ok1 = sqlite_exec($dbhandle, $stm1); if (!$ok1) die("cannot execute statement."); We execute the first statement. If something goes wrong, the script is terminated. What if we wanted to add a name like O'Neil? The single quote ' character belongs to some unsafe characters. Using them could lead to problems. We must properly escape them. The single quote character is escaped by using another single quote character. '' Note that it is easily confused with a double quote character. $name = "O'Neill"; $name_es = sqlite_escape_string($name); $stm = "INSERT INTO Friends VALUES(4,'$name_es', 'M')";
5 $ok1 = sqlite_exec($dbhandle, $stm); if (!$ok1) die("cannot execute statement."); echo "Data inserted successfully"; In this code example, we add a fourth row to the Friends table. $name = "O'Neil"; We have a name with a single quote character in it. $name_es = sqlite_escape_string($name); To escape the string, we use the sqlite_escape_string() function. The returned string is O''Neill. $stm = "INSERT INTO Friends VALUES(4,'$name_es', 'M')"; We build the SQL statement with the $name_es variable. sqlite> SELECT * FROM Friends; Id Name Sex Jane F 2 Thomas M 3 Franklin M 4 O'Neil M We look with the sqlite command line tool, what we have in the table. All is OK. Retrieving data There are multiple ways, how we can retrieve data from a table. $query = "SELECT Name, Sex FROM Friends"; $result = sqlite_query($dbhandle, $query); if (!$result) die("cannot execute query."); $row = sqlite_fetch_array($result, SQLITE_ASSOC); print_r($row); sqlite_rewind($result); $row = sqlite_fetch_array($result, SQLITE_NUM); print_r($row); sqlite_rewind($result); $row = sqlite_fetch_array($result, SQLITE_BOTH);
6 print_r($row); To fetch data from the table, we can use the sqlite_fetch_array(). $query = "SELECT Name, Sex FROM Friends"; $result = sqlite_query($dbhandle, $query); We build a SELECT query and execute the query with the sqlite_query() function. The function returns a result set, e.g. all data from the query. The sqlite_fetch_array() does two things. Moves the pointer to the next row and returns that row from the result set. The row is is an array. We can control how the data is organized in the array, by using three result type flags. SQLITE_ASSOC, SQLITE_NUM, SQLITE_BOTH. Using the first flag we will have an associative array. Using the second one, we will have a numerical array. The third option is the default option also. Using this flag, we will have both arrays with associative indexes and numerical indexes. The print_r() function returns a human readable representation of a variable. In our case, we can inspect what we have in an array. $row = sqlite_fetch_array($result, SQLITE_ASSOC); print_r($row); Here we fetch the first row from the result set. We use the SQLITE_ASSOC flag. Which means, we can access data from the array using string indexes. The indexes are column names of the table. These are Name and Sex column names. Note that the SQL select statement did not include the id column. sqlite_rewind($result); The sqlite_rewind() function makes the pointer point to the first row of the result set. We use this function because we want to compare three flags on the same row. For the sake of the clarity of the explanation. Figure: Retrieving data In the following example, we will traverse the data using the associative indexes. $query = "SELECT Name, Sex FROM Friends"; $result = sqlite_query($dbhandle, $query);
7 if (!$result) die("cannot execute query."); while ($row = sqlite_fetch_array($result, SQLITE_ASSOC)) { echo $row['name']. " : ". $row['sex']; We traverse all data in our table. More specifically, four rows in the Friends table. while ($row = sqlite_fetch_array($result, SQLITE_ASSOC)) { echo $row['name']. " : ". $row['sex']; We can use the while loop to go through all rows of the result set. The sqlite_fetch_array() returns FALSE, if the next position is beyond the final row and the loop stops. echo $row['name']. " : ". $row['sex']; We get the data from the array using the string indexes. These are the column names of the Friends table. while ($row = sqlite_fetch_array($result, SQLITE_NUM)) { echo $row[0]. " : ". $row[1]; Same loop with the SQLITE_NUM flag. Columns & rows Next, we are going to count the number of rows and columns in our result set. $query = "SELECT * FROM Friends LIMIT 2"; $result = sqlite_query($dbhandle, $query); if (!$result) die("cannot execute query."); $rows = sqlite_num_rows($result); $cols = sqlite_num_fields($result); echo "The result set has $rows rows and $cols columns"; The functions get the numbers from the result set. This means, that the number of rows and columns calculated depend on the SQL statement, that we use to obtain the data from the database table.
8 $query = "SELECT * FROM Friends LIMIT 2"; Here we build the SQL query. We get all columns from the table. And we limit the number of rows to 2. $rows = sqlite_num_rows($result); $cols = sqlite_num_fields($result); The sqlite_num_rows() returns the number of rows in our result set. sqlite_num_fields() returns the number of columns/fields from the result set. We get this string 'The result set has 2 rows and 3 columns'. The next PHP script will display the data from the Friends table with the names of the columns. $query = "SELECT Name, Sex FROM Friends"; $result = sqlite_query($dbhandle, $query); if (!$result) die("cannot execute query."); $rows = sqlite_num_rows($result); $field1 = sqlite_field_name($result, 0); $field2 = sqlite_field_name($result, 1); echo "<table style='font-size:12;font-family:verdana'>"; echo "<thead><tr>"; echo "<th align='left'>$field1</th>"; echo "<th align='left'>$field2</th>"; echo "</tr></thead>"; for ($i = 0; $i < $rows; $i++) { $row = sqlite_fetch_array($result, SQLITE_NUM); echo "<tr>"; echo "<td>$row[0]</td>"; echo "<td>$row[1]</td>"; echo "</tr>"; echo "</table>"; $field1 = sqlite_field_name($result, 0); $field2 = sqlite_field_name($result, 1); The sqlite_field_name() returns the name of a particular field. Our SQL query returns two columns. The first function returns 'Name', the second 'Sex'. echo "<thead><tr>"; echo "<th align='left'>$field1</th>"; echo "<th align='left'>$field2</th>"; echo "</tr></thead>"; We put the two column names into the html table header. for ($i = 0; $i < $rows; $i++) {
9 $row = sqlite_fetch_array($result, SQLITE_NUM); echo "<tr>"; echo "<td>$row[0]</td>"; echo "<td>$row[1]</td>"; echo "</tr>"; We use yet another way to retrieve data from the result set. We count the number of rows. And use the for cycle to go through the data. The next PHP script will display column types of the Friends table. $cols = sqlite_fetch_column_types('friends', $dbhandle, SQLITE_ASSOC); foreach ($cols as $column => $type) { echo "Column name: $column Column type: $type"; $cols = sqlite_fetch_column_types('friends', $dbhandle, SQLITE_ASSOC); The sqlite_fetch_column_types() function returns an array of column types from a particular table. The table name is the first parameter of the function. foreach ($cols as $column => $type) { echo "Column name: $column Column type: $type"; We go through the array using the foreach keyword. Listing available tables The next example will list all available tables from the current database. sqlite>.tables Books Cars Friends Using the sqlite3 tool we list the available tables. $query = "SELECT name, sql FROM sqlite_master WHERE type='table'"; $result = sqlite_query($dbhandle, $query, SQLITE_NUM); if (!$result) die("cannot execute query."); while (sqlite_has_more($result)) { $row = sqlite_fetch_array($result); echo "table: $row[0], sql: $row[1]";
10 We use the sqlite_master table to obtain the list of tables for the database. $query = "SELECT name, sql FROM sqlite_master WHERE type='table'"; This is the query. The name column of the sqlite_master table gives us the table name. The sql column gives us the SQL used to create that table. while (sqlite_has_more($result)) { $row = sqlite_fetch_array($result); echo "table: $row[0], sql: $row[1]"; The while loop goes through the rows of the result set. We use a new function. sqlite_has_more() returns TRUE if there are more rows available from the result set, or FALSE otherwise. Simple form example In our last example, we will work with a simple html form. Submitting the form, we add a new friend to the Friends table. <html> <head> <title>sqlite PHP tutorial</title> </head> <body style="font-size:12;font-family:verdana"> <form action="add.php" method="post"> <p> Name: <input type="text" name="name"><br> Male: <input type="radio" value="m" name="gender"><br> Female: <input type="radio" value="f" name="gender"> </p> <p> <input type="submit"> </p> </form> </body> </html> In our html form we have one text box and one radio box. We enter a name of a friend in the text box. The radio box determines the gender. The action property of the html form points to the add.php script. This means, that upon submitting the form the add.php script will run. $gender = $_POST['gender']; $name = $_POST['name'];
11 $name_es = sqlite_escape_string($name); if (!empty($name)) { $stm = "INSERT INTO Friends(Name, Sex) VALUES('$name_es', '$gender')"; $ok = sqlite_exec($dbhandle, $stm, $error); if (!$ok) die("error: $error"); echo "Form submitted successfully"; This is the add.php script. $gender = $_POST['gender']; $name = $_POST['name']; We retrieve the data from the submitted form. $name_es = sqlite_escape_string($name); The data from the text box is potentionally unsafe; 'tainted'. We use the sqlite_escape_string. It escapes a string for use as a query parameter. This is common practice to avoid malicious sql injection attacks. $stm = "INSERT INTO Friends(Name, Sex) VALUES('$name_es', '$gender')"; Here we build the SQL statement. $ok = sqlite_exec($dbhandle, $stm, $error); Statement is executed. Figure: Form example This was the SQLite PHP tutorial. We covered some basics of programming SQLite with PHP language. We used procedural style of code.
Chapters 10 & 11 PHP AND MYSQL
Chapters 10 & 11 PHP AND MYSQL Getting Started The database for a Web app would be created before accessing it from the web. Complete the design and create the tables independently. Use phpmyadmin, for
More informationPHP 5 if...else...elseif Statements
PHP 5 if...else...elseif Statements Conditional statements are used to perform different actions based on different conditions. PHP Conditional Statements Very often when you write code, you want to perform
More informationFundamentals of Web Programming
Fundamentals of Web Programming Lecture 8: databases Devin Balkcom devin@cs.dartmouth.edu office: Sudikoff 206 http://www.cs.dartmouth.edu/~fwp http://localhost:8080/tuck-fwp/slides08/slides08db.html?m=all&s=0&f=0
More informationDaniel Pittman October 17, 2011
Daniel Pittman October 17, 2011 SELECT target-list FROM relation-list WHERE qualification target-list A list of attributes of relations in relation-list relation-list A list of relation names qualification
More informationCHAPTER 10. Connecting to Databases within PHP
CHAPTER 10 Connecting to Databases within PHP CHAPTER OBJECTIVES Get a connection to a MySQL database from within PHP Use a particular database Send a query to the database Parse the query results Check
More informationInstalling memcached And The PHP5 memcache Module On Debian Etch (Apache2)
By Falko Timme Published: 2008-09-09 18:11 Version 1.0 Author: Falko Timme Last edited 08/27/2008 This guide explains how to install memcached and the PHP5 memcache module
More informationPHP Reference. To access MySQL manually, run the following command on the machine, called Sources, where MySQL and PhP have been installed:
PHP Reference 1 Preface This tutorial is designed to teach you all the PHP commands and constructs you need to complete your PHP project assignment. It is assumed that you have never programmed in PHP
More informationA QUICK GUIDE TO PROGRAMMING FOR THE WEB. ssh (then type your UBIT password when prompted)
A QUICK GUIDE TO PROGRAMMING FOR THE WEB TO GET ACCESS TO THE SERVER: ssh Secure- Shell. A command- line program that allows you to log in to a server and access your files there as you would on your own
More informationApache MySQL PHP PHPAdmin Install
Apache MySQL PHP PHPAdmin Install Installing Apache 2 To only install the apache2 webserver, use any method to install apache2 It requires a restart for it to work sudo /etc/init.d/apache2 restart Checking
More informationPHP Introduction. Some info on MySQL which we will cover in the next workshop...
PHP and MYSQL PHP Introduction PHP is a recursive acronym for PHP: Hypertext Preprocessor -- It is a widely-used open source general-purpose serverside scripting language that is especially suited for
More informationCS 5142 Scripting Languages
CS 5142 Scripting Languages 10/16/2015 Web Applications Databases 1 Outline Stateful Web Applications AJAX 2 Concepts Scope in Server-Side Scripts Request $_GET, $_POST global $g; Session $_SESSION Application
More informationSQL Injection Attack Lab
SEED Labs SQL Injection Attack Lab 1 SQL Injection Attack Lab Copyright 2006-2016 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation
More information"Charting the Course... Intermediate PHP & MySQL Course Summary
Course Summary Description In this PHP training course, students will learn to create database-driven websites using PHP and MySQL or the database of their choice. The class also covers SQL basics. Objectives
More informationPHP for PL/SQL Developers. Lewis Cunningham JP Morgan Chase
PHP for PL/SQL Developers Lewis Cunningham JP Morgan Chase 1 What is PHP? PHP is a HTML pre-processor PHP allows you to generate HTML dynamically PHP is a scripting language usable on the web, the server
More informationRunning SQL in Java and PHP
Running SQL in Java and PHP FCDB 9.6 9.7 Dr. Chris Mayfield Department of Computer Science James Madison University Mar 01, 2017 Introduction to JDBC JDBC = Java Database Connectivity 1. Connect to the
More informationFachgebiet Technische Informatik, Joachim Zumbrägel
Computer Network Lab 2017 Fachgebiet Technische Informatik, Joachim Zumbrägel Overview Internet Internet Protocols Fundamentals about HTTP Communication HTTP-Server, mode of operation Static/Dynamic Webpages
More informationCERTIFICATE IN WEB PROGRAMMING
COURSE DURATION: 6 MONTHS CONTENTS : CERTIFICATE IN WEB PROGRAMMING 1. PROGRAMMING IN C and C++ Language 2. HTML/CSS and JavaScript 3. PHP and MySQL 4. Project on Development of Web Application 1. PROGRAMMING
More informationCourse Topics. The Three-Tier Architecture. Example 1: Airline reservations. IT360: Applied Database Systems. Introduction to PHP
Course Topics IT360: Applied Database Systems Introduction to PHP Database design Relational model SQL Normalization PHP MySQL Database administration Transaction Processing Data Storage and Indexing The
More informationL.A.M.P. Stack Part I
L.A.M.P. Stack Part I By George Beatty and Matt Frantz This lab will cover the basic installation and some configuration of a LAMP stack on a Ubuntu virtual box. Students will download and install the
More informationRunning SQL in Java and PHP
Running SQL in Java and PHP FCDB 9.6 9.7 Dr. Chris Mayfield Department of Computer Science James Madison University Feb 28, 2018 Introduction to JDBC JDBC = Java Database Connectivity 1. Connect to the
More informationA Crash Course in PDO
PDO (PHP Data Objects) provides a vendor-neutral method of accessing a database through PHP. This means that, once you have established a connection to the specific database, the methods used to access
More informationCMPT 165 INTRODUCTION TO THE INTERNET AND THE WORLD WIDE WEB
CMPT 165 INTRODUCTION TO THE INTERNET AND THE WORLD WIDE WEB Unit 8 HTML Forms and Basic CGI Slides based on course material SFU Icons their respective owners 1 Learning Objectives In this unit you will
More informationWhat is PHP? [1] Figure 1 [1]
PHP What is PHP? [1] PHP is an acronym for "PHP: Hypertext Preprocessor" PHP is a widely-used, open source scripting language PHP scripts are executed on the server PHP is free to download and use Figure
More informationCSC 564: SQL Injection Attack Programming Project
1 CSC 564: SQL Injection Attack Programming Project Sections copyright 2006-2016 Wenliang Du, Syracuse University. Portions of this document were partially funded by the National Science Foundation under
More informationOptiRain Open 2 Installation Guide for LInux. This guide provides general instructions for installing OptiRain Open 2 on a Linux based server.
QUICKSMART OptiRain Open 2 Installation Guide for LInux QuickSmart Development P.O. Box 3689 Santa Clara, CA 95055 408-777-0944 www.quicksmart.com This guide provides general instructions for installing
More informationB. V. Patel Institute of BMC & IT 2014
Unit 1: Introduction Short Questions: 1. What are the rules for writing PHP code block? 2. Explain comments in your program. What is the purpose of comments in your program. 3. How to declare and use constants
More informationGet started with Efficient Documents Management System. Stephane Van de Putte, The NO-SOD Project
Get started with Efficient Documents Management System Stephane Van de Putte, The NO-SOD Project Get started with Efficient Documents Management System by Stephane Van de Putte Published 2004 Copyright
More informationLecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion
IN5290 Ethical Hacking Lecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion Universitetet i Oslo Laszlo Erdödi Lecture Overview What is SQL injection
More informationWeb insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.
Web Security Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming Web Security Slide 1/25 Outline Web insecurity Security strategies General security Listing of server-side risks Language
More informationEnd o' semester clean up. A little bit of everything
End o' semester clean up A little bit of everything Database Optimization Two approaches... what do you think they are? Improve the Hardware Has been a great solution in recent decades, thanks Moore! Throwing
More informationCONTENTS IN DETAIL INTRODUCTION 1 THE FAQS OF LIFE THE SCRIPTS EVERY PHP PROGRAMMER WANTS (OR NEEDS) TO KNOW 1 2 CONFIGURING PHP 19
CONTENTS IN DETAIL INTRODUCTION xiii 1 THE FAQS OF LIFE THE SCRIPTS EVERY PHP PROGRAMMER WANTS (OR NEEDS) TO KNOW 1 #1: Including Another File as a Part of Your Script... 2 What Can Go Wrong?... 3 #2:
More informationThis is CS50. Harvard College Fall Quiz 1 Answer Key
Quiz 1 Answer Key Answers other than the below may be possible. Know Your Meme. 0. True or False. 1. T 2. F 3. F 4. F 5. T Attack. 6. By never making assumptions as to the length of users input and always
More informationCOMS 359: Interactive Media
COMS 359: Interactive Media Agenda Project #3 Review Forms (con t) CGI Validation Design Preview Project #3 report Who is your client? What is the project? Project Three action= http://...cgi method=
More informationNow go to bash and type the command ls to list files. The unix command unzip <filename> unzips a file.
wrangling data unix terminal and filesystem Grab data-examples.zip from top of lecture 4 notes and upload to main directory on c9.io. (No need to unzip yet.) Now go to bash and type the command ls to list
More informationCMPS 401 Survey of Programming Languages
CMPS 401 Survey of Programming Languages Programming Assignment #4 PHP Language On the Ubuntu Operating System Write a PHP program (P4.php) and create a HTML (P4.html) page under the Ubuntu operating system.
More informationPHP & PHP++ Curriculum
PHP & PHP++ Curriculum CORE PHP How PHP Works The php.ini File Basic PHP Syntax PHP Tags PHP Statements and Whitespace Comments PHP Functions Variables Variable Types Variable Names (Identifiers) Type
More informationPHP INTERVIEW QUESTION-ANSWERS
1. What is PHP? PHP (recursive acronym for PHP: Hypertext Preprocessor) is the most widely used open source scripting language, majorly used for web-development and application development and can be embedded
More informationCNIT 129S: Securing Web Applications. Ch 10: Attacking Back-End Components
CNIT 129S: Securing Web Applications Ch 10: Attacking Back-End Components Injecting OS Commands Web server platforms often have APIs To access the filesystem, interface with other processes, and for network
More informationCourse Topics. IT360: Applied Database Systems. Introduction to PHP
IT360: Applied Database Systems Introduction to PHP Chapter 1 and Chapter 6 in "PHP and MySQL Web Development" Course Topics Relational model SQL Database design Normalization PHP MySQL Database administration
More informationLecture 5 Security and User Input. INLS 760 Web Databases Spring 2013 Rob Capra
Lecture 5 Security and User Input INLS 760 Web Databases Spring 2013 Rob Capra Security What data should be stored on a web server? HTTP logs? Users account information? Passwords? Possible harms Exposure
More informationShell Scripting. Todd Kelley CST8207 Todd Kelley 1
Shell Scripting Todd Kelley kelleyt@algonquincollege.com CST8207 Todd Kelley 1 If we have a set of commands that we want to run on a regular basis, we could write a script A script acts as a Linux command,
More informationUsing htmlarea & a Database to Maintain Content on a Website
Using htmlarea & a Database to Maintain Content on a Website by Peter Lavin December 30, 2003 Overview If you wish to develop a website that others can contribute to one option is to have text files sent
More informationDatabases and PHP. Accessing databases from PHP
Databases and PHP Accessing databases from PHP PHP & Databases PHP can connect to virtuay any database There are specific functions buit-into PHP to connect with some DB There is aso generic ODBC functions
More informationPrincess Nourah bint Abdulrahman University. Computer Sciences Department
Princess Nourah bint Abdulrahman University Computer Sciences Department 1 And use http://www.w3schools.com/ PHP Part 3 Objectives Creating a new MySQL Database using Create & Check connection with Database
More informationcwhois Manual Copyright Vibralogix. All rights reserved.
cwhoistm V2.12 cwhois Manual Copyright 2003-2015 Vibralogix. All rights reserved. This document is provided by Vibralogix for informational purposes only to licensed users of the cwhois product and is
More informationPHP Tutorial 6(a) Using PHP with MySQL
Objectives After completing this tutorial, the student should have learned; The basic in calling MySQL from PHP How to display data from MySQL using PHP How to insert data into MySQL using PHP Faculty
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 1 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationHomework 4: Comparing Search Engine Ranking Algorithms
Homework 4: Comparing Search Engine Ranking Algorithms Objectives: o o Preparation Experience using Solr Investigating ranking strategies In a previous exercise you used crawler4j to crawl a news website.
More informationCSCI-UA: Database Design & Web Implementation. Professor Evan Sandhaus
CSCI-UA:0060-02 Database Design & Web Implementation Professor Evan Sandhaus sandhaus@cs.nyu.edu evan@nytimes.com Lecture #28: This is the end - the only end my friends. Database Design and Web Implementation
More informationA shell can be used in one of two ways:
Shell Scripting 1 A shell can be used in one of two ways: A command interpreter, used interactively A programming language, to write shell scripts (your own custom commands) 2 If we have a set of commands
More informationPHP-security Software lifecycle General Security Webserver security PHP security. Security Summary. Server-Side Web Languages
Security Summary Server-Side Web Languages Uta Priss School of Computing Napier University, Edinburgh, UK Copyright Napier University Security Summary Slide 1/15 Outline PHP-security Software lifecycle
More informationSQLite Perl tutorial. Perl DBI. Table of Contents
This is a Perl programming tutorial for the SQLite database. It covers the basics of SQLite programming with the Perl language. Table of Contents SQLite Perl tutorial...6 Perl DBI...1 Related tutorials...2
More informationWeb Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le
Web Security Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le Topics Web Architecture Parameter Tampering Local File Inclusion SQL Injection XSS Web Architecture Web Request Structure Web Request Structure
More informationHTML Forms & PHP & MySQL Database. Database Systems CSCI-3343 Dr. Tom Hicks Computer Science Department
HTML Forms & PHP & MySQL Database Database Systems CSCI-3343 Dr. Tom Hicks Computer Science Department 1 Import Database University1 with MySQL Workbench 2 It Should Have 3 Tables 3 Create Folders 4 Create
More informationOpenEMR INSTALLATION AND UPGRADE Quick guide
OpenEMR INSTALLATION AND UPGRADE Quick guide Preliminary documentation September 2 nd, 2009 Updated February 1 st, 2010 Amended on July 13 th, 2010 Amended September 22, 2010 Page 1 of 19 Preliminary notes
More informationWriting Perl Programs using Control Structures Worked Examples
Writing Perl Programs using Control Structures Worked Examples Louise Dennis October 27, 2004 These notes describe my attempts to do some Perl programming exercises using control structures and HTML Forms.
More informationLecture 3: Web Servers / PHP and Apache. CS 383 Web Development II Monday, January 29, 2018
Lecture 3: Web Servers / PHP and Apache CS 383 Web Development II Monday, January 29, 2018 Server Configuration One of the most common configurations of servers meant for web development is called a LAMP
More information4th year. more than 9 years. more than 6 years
4th year more than 9 years more than 6 years Apache (recommended) IIS MySQL (recommended) Oracle Client Webserver www.xyz.de Webpage (Output) Output Call MySQL-Database Dataexchange PHP Hello World
More informationLecture 2 Unix and PHP. INLS 523 Web Databases Spring 2013 Rob Capra
Lecture 2 Unix and PHP INLS 523 Web Databases Spring 2013 Rob Capra Server-Side Scripting Server-side scripting Scripts run on the server Scripts return HTML to the client Apache Open-source Perl and PHP
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 15: Software Security II Department of Computer Science and Engineering University at Buffalo 1 Software Vulnerabilities Buffer overflow vulnerabilities account
More informationWeb Application Development (WAD) V th Sem BBAITM (Unit 4) By: Binit Patel
Web Application Development (WAD) V th Sem BBAITM (Unit 4) By: Binit Patel Working with Forms: A very popular way to make a web site interactive is using HTML based forms by the site. Using HTML forms,
More informationWeb Programming. Dr Walid M. Aly. Lecture 10 PHP. lec10. Web Programming CS433/CS614 22:32. Dr Walid M. Aly
Web Programming Lecture 10 PHP 1 Purpose of Server-Side Scripting database access Web page can serve as front-end to a database Ømake requests from browser, Øpassed on to Web server, Øcalls a program to
More informationInstalling LAMP on Ubuntu and (Lucid Lynx, Maverick Meerkat)
Installing LAMP on Ubuntu 10.04 and 10.10 (Lucid Lynx, Maverick Meerkat) April 29, 2010 by Linerd If you're developing websites, it's nice to be able to test your code in the privacy of your own computer
More informationWEBD 236 Web Information Systems Programming
WEBD 236 Web Information Systems Programming Week 4 Copyright 2013-2017 Todd Whittaker and Scott Sharkey (sharkesc@franklin.edu) Agenda This week s expected outcomes This week s topics This week s homework
More informationITS331 IT Laboratory I: (Laboratory #11) Session Handling
School of Information and Computer Technology Sirindhorn International Institute of Technology Thammasat University ITS331 Information Technology Laboratory I Laboratory #11: Session Handling Creating
More informationWeb Security. Attacks on Servers 11/6/2017 1
Web Security Attacks on Servers 11/6/2017 1 Server side Scripting Javascript code is executed on the client side on a user s web browser Server side code is executed on the server side. The server side
More informationHTML Forms & PHP. Database Systems CSCI Dr. Tom Hicks Computer Science Department
HTML Forms & PHP Database Systems CSCI-3343 Dr. Tom Hicks Computer Science Department Create Page Faculty-Add.php AddFaculty Page Create page Faculty-Add.php It will be blank for the moment. We are going
More information(Frequently Asked Questions)
(Frequently Asked Questions) Aptech Ltd. Version 1.0 Page 1 of 9 Table of Contents S# Question 1. How do you create sub domains using PHP? 2. What is the difference between echo and print statements in
More informationCSCI 161: Introduction to Programming I Lab 1b: Hello, World (Eclipse, Java)
Goals - to learn how to compile and execute a Java program - to modify a program to enhance it Overview This activity will introduce you to the Java programming language. You will type in the Java program
More informationImportant Points about PHP:
Important Points about PHP: PHP stands for PHP: Hypertext Preprocessor PHP is a server-side scripting language that is embedded in HTML. It is used to manage dynamic content, databases, session tracking,
More informationCS4604 Prakash Spring 2016! Project 3, HTML and PHP. By Sorour Amiri and Shamimul Hasan April 20 th, 2016
CS4604 Prakash Spring 2016! Project 3, HTML and PHP By Sorour Amiri and Shamimul Hasan April 20 th, 2016 Project 3 Outline 1. A nice web interface to your database. (HTML) 2. Connect to database, issue,
More informationProduct: DQ Order Manager Release Notes
Product: DQ Order Manager Release Notes Subject: DQ Order Manager v7.1.29 Version: 1.0 January 20, 2017 Distribution: ODT Customers DQ OrderManager v7.1.29 *** requires db update 20170120 or newer ***
More informationApplication vulnerabilities and defences
Application vulnerabilities and defences In this lecture We examine the following : SQL injection XSS CSRF SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database
More informationPrepared Statement. Always be prepared
Prepared Statement Always be prepared The problem with ordinary Statement The ordinary Statement was open to SQL injections if fed malicious data. What would the proper response to that be? Filter all
More informationEssential Linux Shell Commands
Essential Linux Shell Commands Special Characters Quoting and Escaping Change Directory Show Current Directory List Directory Contents Working with Files Working with Directories Special Characters There
More informationComputer Science E-75 Building Dynamic Websites
Computer Science E-75 Building Dynamic Websites Harvard Extension School http://www.cs75.net/ Lecture 0: HTTP David J. Malan malan@post.harvard.edu http://www.cs.harvard.edu/~malan/ 0 DNS Image from wikipedia.org.
More informationSystems Programming & Scripting
Systems Programming & Scripting Lecture 19: Database Support Sys Prog & Scripting - HW Univ 1 Typical Structure of a Web Application Client Internet Web Server Application Server Database Server Third
More information// Introducing PHP. Overview of Dynamic Sites with PHP and Top 5 Best Practices. WebTechNY September 10 th, 2008
More information
PHP. Interactive Web Systems
PHP Interactive Web Systems PHP PHP is an open-source server side scripting language. PHP stands for PHP: Hypertext Preprocessor One of the most popular server side languages Second most popular on GitHub
More informationThe connection has timed out
1 of 7 2/17/2018, 7:46 AM Mukesh Chapagain Blog PHP Magento jquery SQL Wordpress Joomla Programming & Tutorial HOME ABOUT CONTACT ADVERTISE ARCHIVES CATEGORIES MAGENTO Home» PHP PHP: CRUD (Add, Edit, Delete,
More informationAttacks Against Websites. Tom Chothia Computer Security, Lecture 11
Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:
More informationContents. Error Message Descriptions... 7
2 Contents Error Message Descriptions.................................. 7 3 4 About This Manual This Unify DataServer: Error Messages manual lists the errors that can be produced by the Unify DataServer
More informationCherryPy on Apache2 with mod_python
Revision History CherryPy on Apache2 with mod_python Revision 1.5 November 9, 2009 Revised by: FB Ferry Boender 1. Introduction I ve recently written a web application using Python using the following
More informationCreate Basic Databases and Integrate with a Website Lesson 3
Create Basic Databases and Integrate with a Website Lesson 3 Combining PHP and MySQL This lesson presumes you have covered the basics of PHP as well as working with MySQL. Now you re ready to make the
More informationPERL DATABASE ACCESS
http://www.tutialspoint.com/perl/perl_database.htm PERL DATABASE ACCESS Copyright tutialspoint.com This tutial will teach you how to access a database inside your Perl script. Starting from Perl 5 it has
More informationNextcloud 13: How to Get Started and Why You Should
Nextcloud 13: How to Get Started and Why You Should Nextcloud could be the first step toward replacing proprietary services like Dropbox and Skype. By Marco Fioretti In its simplest form, the Nextcloud
More informationGMI-Cmd.exe Reference Manual GMI Command Utility General Management Interface Foundation
GMI-Cmd.exe Reference Manual GMI Command Utility General Management Interface Foundation http://www.gmi-foundation.org Program Description The "GMI-Cmd.exe" program is a standard part of the GMI program
More informationLecture 12. PHP. cp476 PHP
Lecture 12. PHP 1. Origins of PHP 2. Overview of PHP 3. General Syntactic Characteristics 4. Primitives, Operations, and Expressions 5. Control Statements 6. Arrays 7. User-Defined Functions 8. Objects
More informationRecite CMS Web Services PHP Client Guide. Recite CMS Web Services Client
Recite CMS Web Services PHP Client Guide Recite CMS Web Services Client Recite CMS Web Services PHP Client Guide Copyright 2009 Recite Pty Ltd Table of Contents 1. Getting Started... 1 Adding the Bundled
More informationProgramming for the Web with PHP
Aptech Ltd Version 1.0 Page 1 of 11 Table of Contents Aptech Ltd Version 1.0 Page 2 of 11 Abstraction Anonymous Class Apache Arithmetic Operators Array Array Identifier arsort Function Assignment Operators
More informationGeneral Coding Standards
Rick Cox rick@rescomp.berkeley.edu A description of general standards for all code generated by ResComp employees (including non-programmers), intended to make maintaince, reuse, upgrades, and trainig
More informationWeb Attacks Lab. 35 Points Group Lab Due Date: Lesson 16
CS482 SQL and XSS Attack Lab AY172 1 Web Attacks Lab 35 Points Group Lab Due Date: Lesson 16 Derived from c 2006-2014 Wenliang Du, Syracuse University. Do not redistribute with explicit consent from MAJ
More informationCSCI-UA: Database Design & Web Implementation. Professor Evan Sandhaus
CSCI-UA:0060-02 Database Design & Web Implementation Professor Evan Sandhaus sandhaus@cs.nyu.edu evan@nytimes.com Lecture #18: PHP: The PHP Hypertext Preprocessor Database Design and Web Implementation
More informationExploring UNIX: Session 3
Exploring UNIX: Session 3 UNIX file system permissions UNIX is a multi user operating system. This means several users can be logged in simultaneously. For obvious reasons UNIX makes sure users cannot
More informationNETB 329 Lecture 13 Python CGI Programming
NETB 329 Lecture 13 Python CGI Programming 1 of 83 What is CGI? The Common Gateway Interface, or CGI, is a set of standards that define how information is exchanged between the web server and a custom
More informationMYSQL DATABASE ACCESS WITH PHP
MYSQL DATABASE ACCESS WITH PHP Fall 2010 CSCI 2910 Server-Side Web Programming Typical web application interaction Database Server 3 tiered architecture Security in this interaction is critical Web Server
More informationPHP 5 and Databases. Marcus Börger Sterling Hughes. International PHP2003 conference
PHP 5 and Databases Marcus Börger Sterling Hughes International PHP2003 conference Marcus Börger PHP5 and Databases 2 Intro Review of PHP 4 Situation PHP 5 News PHP 5 Situation Marcus Börger PHP5 and Databases
More informationElevateDB Version 2 PHP Extension Manual
Table of Contents ElevateDB Version 2 PHP Extension Manual Table Of Contents Chapter 1 - Getting Started 1 1.1 Installation and Configuration 1 1.2 Connection Strings 3 1.3 Character Sets 10 1.4 Sample
More informationBasic PHP. Lecture 19. Robb T. Koether. Hampden-Sydney College. Mon, Feb 26, 2108
Basic PHP Lecture 19 Robb T. Koether Hampden-Sydney College Mon, Feb 26, 2108 Robb T. Koether (Hampden-Sydney College) Basic PHP Mon, Feb 26, 2108 1 / 27 1 PHP 2 The echo Statement 3 Variables 4 Operators
More informationSchool of Information and Computer Technology Sirindhorn International Institute of Technology Thammasat University
School of Information and Computer Technology Sirindhorn International Institute of Technology Thammasat University ITS331 Information Technology Laboratory I Laboratory #8: PHP & Form Processing II Objective:
More information