PHP. MIT 6.470, IAP 2010 Yafim Landa

Similar documents
PHP and MySQL Programming

CENG 256 Internet Programming Draft

Course Syllabus. Course Title. Who should attend? Course Description. PHP ( Level 1 (

Full Stack Web Developer

DATABASE SYSTEMS. Introduction to web programming. Database Systems Course, 2016

Instructor s Notes Web Data Management Web Client/Server Concepts. Web Data Management Web Client/Server Concepts

Static Webpage Development

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

All India Council For Research & Training

PHP & My SQL Duration-4-6 Months

An Introduction to JavaScript & Bootstrap Basic concept used in responsive website development Form Validation Creating templates

User Interaction: jquery

Web Application Development (WAD) V th Sem BBAITM(Unit-1) By: Binit Patel

Lecture 3: Web Servers / PHP and Apache. CS 383 Web Development II Monday, January 29, 2018

Web development using PHP & MySQL with HTML5, CSS, JavaScript

PHP INTERVIEW QUESTION-ANSWERS

WEB SECURITY: XSS & CSRF

Professional Course in Web Designing & Development 5-6 Months

Creating an Online Catalogue Search for CD Collection with AJAX, XML, and PHP Using a Relational Database Server on WAMP/LAMP Server

Contents. xvii xix xxiil. xxvii

OU Mashup V2. Display Page

PHP WITH ANGULAR CURRICULUM. What you will Be Able to Achieve During This Course

CERTIFICATE IN WEB PROGRAMMING

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

Nick Terkay CSCI 7818 Web Services 11/16/2006

"Charting the Course... Intermediate PHP & MySQL Course Summary

Hello everyone! Page 1. Your folder should look like this. To start with Run your XAMPP app and start your Apache and MySQL.

Web Security: Vulnerabilities & Attacks

Introduction to PHP. Handling Html Form With Php. Decisions and loop. Function. String. Array

// Introducing PHP. Overview of Dynamic Sites with PHP and Top 5 Best Practices. WebTechNY September 10 th, 2008

Tutorials Php Y Jquery Mysql Database Without Refreshing Code

Web Development & SEO (Summer Training Program) 4 Weeks/30 Days

Database Systems Fundamentals

EPHP a tool for learning the basics of PHP development. Nick Whitelegg School of Media Arts and Technology Southampton Solent University

Jquery Ajax Json Php Mysql Data Entry Example

Web basics: HTTP cookies

PHP for PL/SQL Developers. Lewis Cunningham JP Morgan Chase

PHP & PHP++ Curriculum

Princess Nourah bint Abdulrahman University. Computer Sciences Department

Web basics: HTTP cookies

Advanced Web Technology 10) XSS, CSRF and SQL Injection

Graphing Data from MYSQL By Javier Montiel Urbina

How is state managed in HTTP sessions. Web basics: HTTP cookies. Hidden fields (2) The principle. Disadvantage of this approach

DevShala Technologies A-51, Sector 64 Noida, Uttar Pradesh PIN Contact us

Reading Writing Speaking Reading Writing Speaking. English Intermediate Intermediate Elementary Intermediate Intermediate Elementary

PHP Introduction. Some info on MySQL which we will cover in the next workshop...

RKN 2015 Application Layer Short Summary

The PHP language. Teaching you everything about PHP? Not exactly Goal: teach you how to interact with a database via web

Web 2.0 Käyttöliittymätekniikat

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang

Masters in Web Development

Real Life Web Development. Joseph Paul Cohen

Advanced Joomla! Dan Rahmel. Apress*

Advanced Topics on the Mirth Connect Interface Engine. July 6, 2016

Full Stack Web Developer

Core PHP. PHP output mechanism. Introducing. Language basics. Installing & Configuring PHP. Introducing of PHP keywords. Operators & expressions

Assignment #3 CSCI 201 Spring % of course grade Title Weathermeister Back-End API Integration

Full Stack Web Developer Course

Setting Up a Development Server What Is a WAMP, MAMP, or LAMP? Installing a WAMP on Windows Testing the InstallationAlternative WAMPs Installing a

(Frequently Asked Questions)

Web Programming with PHP

What is PHP? [1] Figure 1 [1]

How to Install (then Test) the NetBeans Bundle

Real Web Development. yeah, for real.

Databases on the web

Create-A-Page Design Documentation

Google Tag Manager. Google Tag Manager Custom Module for Magento

CS50 Quiz Review. November 13, 2017

Get in Touch Module 1 - Core PHP XHTML

Information Security CS 526 Topic 8

Ur/Web: A Simple Model for Programming the Web. Adam Chlipala MIT CSAIL POPL 2015 January 15, 2015

Review. Fundamentals of Website Development. Web Extensions Server side & Where is your JOB? The Department of Computer Science 11/30/2015

PHP 1. Introduction Temasek Polytechnic

Chapter 7:- PHP. Compiled By:- Sanjay Patel Assistant Professor, SVBIT.

JSN PageBuilder 2 User Manual

Web Development Course (PHP-MYSQL-HTML5.0)

Web Security IV: Cross-Site Attacks

You can also set the expiration time of the cookie in another way. It may be easier than using seconds.

DATABASE SYSTEMS. Database programming in a web environment. Database System Course, 2016

Let's Look Back. We talked about how to create a form in HTML. Forms are one way to interact with users

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.

Writing Servlets and JSPs p. 1 Writing a Servlet p. 1 Writing a JSP p. 7 Compiling a Servlet p. 10 Packaging Servlets and JSPs p.

Ampliación de Bases de Datos

Web Development. With PHP. Web Development With PHP

Web & APP Developer Job Assured Course (3 in 1)

Web-APIs. Examples Consumer Technology Cross-Domain communication Provider Technology

5 System architecture

Sections and Articles

1) PHP & mysql, Mini project: This will taught by trainer. 2) PHP & mysql, Live project, This will taught by trainer.

Web Development. with Bootstrap, PHP & WordPress

Web Engineering (CC 552)

Project Covered During Training:Real Time Project Training

,

last time: command injection

Getting. Started with. smash. IBM WebSphere. Ron Lynn, Karl Bishop, Brett King

Overview

CIS 3308 Web Application Programming Syllabus

System Guide

COMP390 (Design &) Implementation

2/16/18. CYSE 411/AIT 681 Secure Software Engineering. Secure Coding. The Web. Topic #11. Web Security. Instructor: Dr. Kun Sun

Transcription:

PHP MIT 6.470, IAP 2010 Yafim Landa (landa@mit.edu)

LAMP We ll use Linux, Apache, MySQL, and PHP for this course There are alternatives Windows with IIS and ASP Java with Tomcat Other database systems like PostgreSQL, or non SQL databases

Why PHP? A very simple and straightforward syntax PHP is really well documented: http://php.net/ Type the name of a function you want to look up at the end of the URL, and you ll be sent directly to the relevant help page, for example: http://php.net/json_encode Tight integration with MySQL (and lots of other database systems) Well established and created specifically for the web Used by Facebook, Wikipedia, YouTube, Digg, and plenty of others Does lots of cool things like encryption, image manipulation, email, file upload, and so on with ease Object oriented as of PHP5: http://php.net/manual/en/ language.oop5.php Convenient type system for the web

What Does PHP Do? Generates pages that the user can see Retrieves any information from the database or from other sources Displays an HTML page with dynamic content Writes data back to the database or performs other operations Generates data for your AJAX requests

Regular HTML pages can change only through the use of Javascript Very superficial (without the use of AJAX) HTML can be rendered dynamically using PHP The page can change depending on the time of day, the contents of the database, the user s input, etc.

We already know how to make HTML pages that show static content To add dynamic content, we can simply embed PHP code within an HTML page using a special tag This embedded code is executed on the server before it is sent to the client and looks like regular HTML to the client

Language Syntax http://6.470.scripts.mit.edu/2009/ Double quotes vs. single quotes If $var is set to 6.470 echo This is $var will output This is 6.470 echo This is $var will output This is $var Associative arrays $var [ foo ] = hello, world ; foreach ($var as $key => $value) { $var is an (associative) array Makes $key (a key) and $value (the value stored at that key) available on each loop iteration === does a comparison with type http://www.php.net/manual/en/langref.php

Superglobals PHP has several special variables that are global everywhere All of these are associative arrays $_SERVER server and execution environment information $_SERVER[ PHP_SELF ] is useful for the form action attribute $_GET variables passed through the URL http://some.server.com/index.php?param=value $_POST variables passed through the HTTP POST method $_REQUEST both GET and POST combined $_FILES files uploaded through HTTP POST $_COOKIE contents of HTTP cookies $_SESSION an associative array of session variables

Error Handling To debug your code, insert the following two lines at the beginning of your script: ini_set('display_errors',1); error_reporting(e_all);

Example: First dynamic content Demo: http://landa.scripts.mit.edu/6.470/ examples/example1/index.php Code: http://landa.scripts.mit.edu/6.470/ examples/example1/code.html

Example: Superglobals Demo: http://landa.scripts.mit.edu/6.470/ examples/example2/index.php Code: http://landa.scripts.mit.edu/6.470/ examples/example2/code.html

Input We can get input from various sources GET and POST request variables, from the user Includes input from forms Access using $_GET, $_POST, or $_REQUEST superglobal associative arrays File uploads from the user Changing data in the database Other websites and APIs Twitter, Google, Facebook, and so on

Working With MySQL Put the database connection code in a separate file (database.php) include_once database.php

$sql = mysql_query($query) $query is the MySQL query string (like SELECT * FROM comments ) Returns a resource and stores it in $sql You can step over the rows in the resource one by one by writing $row = mysql_fetch_object($sql) or $row = mysql_fetch_array($sql) Often used in a while loop while($row = mysql_fetch_array($sql)) { Loops until all of the rows have been examined See comments.php in Feedback example

Session Management (Logging In) Sessions allow you to store data that persists between PHP pages This means that we can create an account system Store the user s account data in sessions Using $_SESSION superglobal Must call session_start() at the beginning of each page to use sessions

Example: Feedback http://landa.scripts.mit.edu/6.470/feedback/ index.php Topics Sessions MIT certificates Working with MySQL $_POST

Example: Outputting JSON http://landa.scripts.mit.edu/6.470/feedback/ comments.php?limit=10 Useful for feeding data to AJAX calls Topics Use a limit using $_GET [ limit ] Enabling JSON using php.ini Error reporting Displays all of the comments in the database in JSON format Examine the JSON output using http://jsonformatter.curiousconcept.com/

Date and Time Functions The easiest thing to do is to convert everything into and work with seconds since January 1, 1970 date($format [, $timestamp]) formats the timestamp (used to display the date in a human readable format) time() gets the current time measured in seconds since January 1, 1970 strtotime($time [, $now]) converts a string like next Monday into seconds since January 1, 1970 Use MySQL s functions FROM_UNIXTIME and UNIX_TIMESTAMP to convert between PHP and MySQL date formats http://us.php.net/manual/en/ref.datetime.php

Input Filtering It s usually best not to trust external data Can invoke various vulnerabilities, HTML code, and other things that you may not want As a first line of defense you should strip_tags($input) to remove HTML tags addslashes($input) before writing data to the database and stripslashes($input) after retrieving it back mysql_real_escape_string($input) for SQL queries More about this tomorrow

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback