Build a Database Driven Site -- Quick

norburym (Mary Norbury-Glaser) writes "The third edition of Build Your Own Database Driven Website Using PHP & MySQL is written by Kevin Yank, Technical Business Director for sitepoint.com, a popular online resource for Web development. Updated for PHP 5 and MySQL 4 in this edition, Yank has put together an easy-to-follow, hands-on tutorial using the tools and techniques necessary to build a functional database-driven Web site. Many Web designers don't have deep knowledge and experience in data coding but want to get started serving up dynamic Web pages. This book gives designers and beginning coders a concise introduction to PHP and MySQL and quickly brings the reader to the page-creation stage." Read on for the rest of Norbury-Glaser's review.

Build Your Own Database Driven Website Using PHP & MySQL
author	Kevin Yank
pages	359
publisher	Sitepoint
rating	8
reviewer	Mary Norbury-Glaser
ISBN	0975240218
summary	Using PHP and MySQL to Build Your First Data Driven Website

Yank starts with the basics of MySQL and PHP installation on Windows, Linux and Mac OS X systems (he notes PHP 4.3 differences as well), and walks the reader through his first PHP script (no, not "Hello World!"). This first chapter is well written, with step-by-step instructions and shell script examples. It will help even a newbie feel comfortable with the process, and encourage him or her to move on to the rest of the book.

Chapter 2 focuses on relational databases and SQL queries. This chapter is not an in-depth study of RDBMs, but rather an extremely brief overview of the concepts involved in order to introduce the reader to command line interaction with MySQL. A simple database is begun that will be used in later chapters.

Basic syntax and commands of PHP are covered in Chapter 3 (statements, variables, operators). There are a lot of simple examples here that clearly demonstrate the elemental concepts of PHP. Yank uses forms, user interaction and control structures (if-else, while loop, for loop) to illustrate some easy methods of data access and user interaction with PHP.

Chapter 4 combines the two previous chapters' concepts into the beginnings of a working data-driven Web site. Yank shows the reader how to use PHP to connect to a sample MySQL joke database ("A man walks into a bar....Ouch."). He introduces sending SQL queries with PHP (mysql_query, delete, insert, update), handling SELECT result sets and inserting data into the sample ijdb (Internet Joke) database.

Chapter 5 is devoted to relational database design, and expands the one-to-one relationship to many-to-one, one-to-many and many-to-many relationships, this chapter teaches the reader how to join data spread between tables into one resultant set. This chapter is not meant to deal comprehensively with the complexities of relational database design. Indeed, the author gives an extremely brief nod to the inherent informality of his approach and references other resources for deeper study. Yank's intention here, as with the entire book, is to use relevant real-world examples to illustrate the simpler types of relationships a beginner will experiment with and how to deal with complex data and table issues with good design practice.

The next chapter presents content management and restricted-access database administration without relying on the command line (a few hints on protecting pages with appropriate access restrictions are in the introduction to this chapter but aren't dealt with in any depth until Chapter 12). Chapter 4's mention of forms is revisited here, and forms are used to manage, add, search for, edit and delete data.

At this point, the reader will have designed a database, organized the data into categories, created Web pages to display the data to site visitors, and prepared pages for administration of the data. The HTML is separate from the data, thereby relieving the Webmaster from the onerous and constant task of having to refresh pages with content. Here, in Chapter 7, the reader learns to format and submit content without resorting to hand-written HTML by using PHP functions (Yank covers the more standardized POSIX regular expressions, not PCRE). Code examples for string replacement, boldface and italic text, paragraphs, hyperlinks and splitting text into pages are included. The last bit of this chapter is dedicated to automatic content submission and has a nice design note about creating a visible column to the joke table where newly submitted jokes are handled as a No value, which allows review by a content manager before being posted.

This leads well into Chapter 8, "MySQL Administration (backing up, access control, checking and repairing data files)." Yank explains mysqldump and the use of update logs to create a practical backup-management scheme. He also covers using the myisamchk utility to check and repair MySQL data files. Basic MySQL access control using GRANT (creates new users, assigns passwords and adds user privileges) and REVOKE (the reverse of those functions) is included in this chapter as well, along with some tips and tricks to prevent access control problems.

Chapter 9 "gets back to the fun stuff" with Advanced SQL Queries (sorting and GROUPing SELECT results, setting LIMITs, LOCKing TABLES, aliases, LEFT JOINs and Limiting results with HAVING) giving the reader a well rounded sense of the versatility and scope of SQL in general and the SELECT command in particular.

Yank veers from textual data in Chapter 10, "Binary Data" (image files, encryption keys, programs for download) and shows the reader how to deal with working with files in PHP, handling uploaded files in PHP, storing and retrieving binary data in MySQL and learning when to use semi-dynamic pages to lighten the load on server performance in the process.

Chapter 11 deals with creating persistent variables, and offers an excellent description of cookies and sessions in PHP. I like Yank's figure "the life cycle of a cookie," which shows a graphical representation of a PHP-generated cookie. Yank rounds out the chapter with a simple shopping-cart example that consists of PHP scripts handling a product catalog and a checkout page (very real world).

The final chapter of the book is titled "Structured PHP Programming," and focuses on techniques for organizing code in order to simplify management (using include files, writing your own functions and streamlining code within Web pages). Yank gives a lot of sensible advice here, and his approach is not preachy. He brings up many important pitfalls that developers fall into: too much code, difficulty of finding what you need, understanding how it works. As this is a beginner's book, I would say that good design, good technique and good sense go a long way and should be stressed at the start of anyone's career in coding.

Build Your Own Database Driven Website Using PHP & MySQL, 3rd Edition runs only about 350 pages with a clean, easy-to-read page design, comfortable typography, lots of script boxes and screen shots. The appendices cover MySQL syntax, functions and column types and PHP functions for working with MySQL. Errata can be found at sitepoint's Web site, and I can't stress enough the value of checking these out before delving into any technical or instructional book: the frustration level goes way down if you know in advance that there's a typo, or a step missing!

This is a beginner's book with the essential tools and techniques that will get anyone started with serving up their first dynamic Web site. The tutorial approach of this book makes it easy for any reader to follow the step by step instructions. Yank manages to cover pretty much every topic necessary to provide the reader with a clean overview of the topic. It's a quick read and gives the reader encouragement and enough knowledge to move on to more complex volumes on the subject. This book provides a great first step for the beginner."

You can purchase Build Your Own Database Driven Website Using PHP & MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

ROR!

[Ramses0]

ROR! -- "Using PHP & MySQL to Build a Database Driven S"

quickly changed to: "Build a Database Driven Site -- Quick"

MMmmmmmh @ Perl + Mysql. ;^)

--Robert

SQLlite

[Philmeeh]

If you really want to set up a quick database site then you may as well use SQLlite that comes bundled in PHP5. No need to worry about connecting to a separate mySQL server with all those niggling connections

Leans more toward the DB side

[bbzzdd]

As the title suggests. Nothing about PHP templating technology (like Smarty) which can lead to some pretty gnarly PHP code. I'd recommend following this book up with Advanced PHP Programming [amazon.com] by George Schlossnagle as it focuses more on PHP.

I learned my PHP using Kevin Yanks tutorials

[SpaceKow]

I learned PHP using Kevin Yanks tutorials and articles 4 years ago. His books and tutorials are very easy to understand and use. His tutorials and articles can be read on http://sitepoint.com/

No mention of Security

[kevin_conaway]

The review didn't touch on security. I think that when you're trying to teach beginners and/or non-programmers how to build web applications, a good foundation on computer security principles is a necessity.

Basic things like input validation and protecting against XSS are a MUST when dealing with PHP (or any language for that matter). Since beginners are the ones most likely to make these mistakes, it is important that they be educated now.

Re:SQLlite

[XorNand]

I tend to think along the same lines. Maybe I'm a bit of an elitist, or it's the fact that I despise contending with so many horrid DBs thrown together by people who had no clue what they were doing. I'm sorry, but these "implement technology x in minutes" books really rub me the wrong way. Why don't people take the time to learn how to properly use their choosen tools? I wouldn't expect to be able pick up a wrench today and then begin building an engine tomorrow. Designing a good relational database requires some know-how. If you want to do something fast, use a simple flat file.

Re:Database vs. XML Text Files

[dreadlord76]

You are missing something.... Big...

In a small database application, used by, let say, 500 users a month. There can easily be hundreds of thousands of records. Come end of month, you need to find 50 records out of 100,000 that meets certain criteria. How are you going to get that out of the XML text files? Read all 100,000 and then parse it?

The fact that there may be 100000 text files out on disk should be causing all sort of alarms to go off.

Re:Why MySQL and not PostGreSQL? (honest question!

[danieljpost]

I'll bite. Mysql installs & runs on Windows without any third party software. (Yes, the Web really runs on Linux. I know, I know.) PostGreSQL seems to run on Windows only in emulation (via Cygwin). Also, there used to be very slight performance differences (in terms of maximum numbers of hits to the DBMS per second, on simple benchmark datasets), and people seem to enjoy the idea that someone the same box could take 20,000+ hits in an hour using Mysql rather than 19,000 on the same hardware using PostGreSQL. This was a couple years ago so could be completely wrong now. I think there might also be a perception that MySQL is easier to use than PostGreSQL (based, I think, on pronunciation of the name). Plus, Slashdot uses MySQL. Those are the reasons I can think of. YMMV.

Re:The good ol' days

[wackysootroom]

The main problem with Clarion is that while it's easy to whip up a quick toy app, it plain dead sucks for anything more than an address book or recipe book with anything more than a couple of 1:many relations.

Clarion was (at least from my experience with 5.0-5.5) riddled with bugs in it's QBE template and softvelocity's solution was to buy a template that fixes the problem from a third party until the next version comes out. No thanks.

Another thing that pissed me off about clarion is that you would get buried in dialog boxes very quickly while clicking away at options with the mouse. Definetly not productive. Another fond memory I have is trying to figure out what event to use to do a certain action from the event model. The clarion community's response? Just keep trying different ones until you find one that works. I suspect that there's not one person who fully understands the event model.

If it's CRUD you want along with maintainability and separation of business logic, view and data model. Try Ruby On Rails. You can literally develop a "toy" app 5 times faster in ROR than you could in clarion that does all of your CRUD stuff.

Re:Database vs. XML Text Files

[halosfan]

If you truly want to understand this, read through the first couple chapters of the Date book [bookpool.com]

For a brief answer, your XML files (and most OO databases as an extension) might work well for your application, but try using them for a totally different application that works with the same data. That's where relational model (at least in theory) shines: it is application-agnostic.

Additionally, as your application grows and so is the number of concurrent users, you might face issues that are just not trivial/too tedious to program by hand:

• Transaction support. For example, you transfer $5000 from your savings account to your checking account, and the power goes down when your savings account is debited but before your checking acount is credited. If you don't explicitly code around this problem, $5000 disappears.
• Transaction isolation. Same example as above, but instead of power outage, a program that generates your paper statement is run -- $5000 is not on the statement, even though it is in your account.
• Durability. Same example, power goes down. Try it enough times, and depending on which filesystem your XML file is on, you may well see it corrupted when you boot the machine after power is restored.
• Consistency/integrity. Same example, your checking account balance is stored in a two-byte unsigned integer and is currently at $63,000...

Try Date's book for more detailed (and likely more clear) explanation.

Re:Why MySQL and not PostGreSQL? (honest question!

[JohnsonWax]

mySQL is popular now because every hosting firm offers it as an option, but Postgres is far less common.

Further, most web service add-ons (CMS, forums, etc.) are mySQL based out-of-the-box so it has become the platform on which to build.

You'll notice there are no technical reasons there - as RDBMS go, mySQL is pretty horrible. It's the Windows of free databases, as it were.

RoR is gaining traction

[5n3ak3rp1mp]

Coming from some work in PHP, I've been burying my head in Ruby lately, to much joy, and have also discovered Ruby on Rails [rubyonrails.com], which was also featured in a recent Slashdot article. What I've seen is amazing so far (not to mention that Ruby code is so much more readable than PHP that it's not even funny). Just an FYI...

Re:Why MySQL and not PostGreSQL? (honest question!

[egoots]

Mysql installs & runs on Windows without any third party software. (Yes, the Web really runs on Linux. I know, I know.) PostGreSQL seems to run on Windows only in emulation (via Cygwin).

This is no longer true! PostgreSQL 8.0 was recently released [postgresql.org] and one of the main feature enhancements is a Win32 Native Server

Four Sample Chapters for this book

[Anonymous Coward]

The publisher is offering 4-sample chapters in PDF Format for this book on their Website: SitePoint.com/books/phpmysql1/ [sitepoint.com] - It's definitely more useful in helping me make a decision than reading through a Table of Contents or Index, at least for me.

Re:Why MySQL and not PostGreSQL? (honest question!

[drew]

i think it's mainly tradition. mysql was fast, stable, and usable for basic sites long before postgresql. mysql gained a lot of mindshare early on, when they were the only free game in town (as far as most people knew anyway). while postgresql was focused on correctness first, and speed and ease of use only later, mysql was fast and simple to get working almost from the start, and most people didn't know or care why they wanted ACID in a database. now, some six years later, postgresql is mostly a match for mysql in speed, and mysql has added a lot of the 'real' database features that they were criticized for not having early on (although some of us will still not forget their attitude towards implementing them). there's not nearly as much reason to choose one over the other anymore as there used to be, but mysql had the advantage of early mindshare, so all of the websites talk about LAMP, and all of the books talk about "how to do X with mysql".

personally i would never use mysql for data that i didn't want to risk losing, although i have no doubt that it has improved substantially since the last time i had the pleasure of using it. but that's just me.

Re:Database vs. XML Text Files

[jc42]

Hmmm ... I wouldn't use slashdot as an example of searchable DBs. I occasionally try to find something with /.'s search thingy, hoping beyond hope, and invariably it fails me. Even if I give it a single word to find, it often returns articles that don't contain that word at all. If this is an example of mysql's search capability, I'll use something else.

In my experience, (e)grep usually finds me a match much faster than SQL searches in whatever DB system we're using. I keep wishing this weren't true, but that's what the time(1) command tells me.

(And google is better for finding /. articles than /. is. ;-)

My PHP Slides

[Sim9]

If anyone is interested in some extra resources for learning PHP, check out my powerpoint slides:

http://www.cs.trinity.edu/~rzinchak/php/

Re:The good ol' days

[Anonymous Coward]

As for CRUD web tools, you might want to take a look to 'ruby on rails' ( http://www.onlamp.com/pub/a/onlamp/2005/01/20/rail s.html)
also recently featured on slashdot.

Re:PHP is the Visual Basic of the web.

[Anonymous Coward]

"Many mistakes can be made" with any language. If you think that specifying a particular technology will avoid mistakes, that's fine, but you will always have people who don't know anything about programming but can verifiably claim to know a language and will proceed to develop garbage. I think all of the popular languages for building web-based apps are on the wrong track in that none of them offer data dictionaries or similar workload-reducing features except in the form of third party packages. There is Zope with the CMF, but nobody seems to know how to use it (and the people who do probably had their own frameworks built in their language of choice before they ever saw it). Yes, PHP may be the Visual Basic of the web, but like VB, it is extremely powerful in the hands of a good programmer.

We keep trying to solve problems with different languages when the real problem is with the programmers; they need training, they need to enjoy what they are doing, and they need to be encouraged to be good programmers, not coders in a specific language.

Re:A PHP developer's review

[MBraynard]

See, here is why the book stinks compared to online. Obviously they have formats that are friendly not just to all OSes but also many languages.

Take a look here [php.net]

Notice that there are notes. User notes. Those are often more valuable to me than the documentation. No book has those. That is why the online/print it out solution is infinitly better.

Re:SQLlite

[nofx_3]

IIRC pacman is the packages manager for Archlinux, it uses a tar.gz package much like slackware. It's quite good although I still prefer debian just for the sheer number of packages in its repository. Even compiling php and mysql from source shouldn't be too difficult for any competent linux user.

-kaplanfx

Re:The good ol' days

[Tobias Luetke]

If it's CRUD you want along with maintainability and separation of business logic, view and data model. Try Ruby On Rails. You can literally develop a "toy" app 5 times faster in ROR than you could in clarion that does all of your CRUD stuff.

As a matter of fact I can confirm that this figure holds true for any size of application. I developed the e-commerce software powering www.snowdevil.ca 5 times faster then would have been possible without ruby on rails.

This includes XMLRequest powered backend, inventory, order processing, credit card clearing, encryption and so on and so on and so on.

Alone... in 3 months... while publishing an array of opensource tools and having fun doing so