How to Do Everything with PHP and MySQL 354
How to Do Everything with PHP and MySQL | |
author | Vikram Vaswani |
pages | 381 |
publisher | McGraw-Hill/Osborne |
rating | 7 |
reviewer | Michael J. Ross |
ISBN | 0072257954 |
summary | A tutorial on PHP and MySQL, geared to the new developer. |
The publisher has a page on their Web site devoted to the book; for some reason, it lists the book as containing 400 pages, but my copy has 381. The page also has links to a table of contents and a sample chapter, namely the first one. For those readers with very slow Internet access or unstable Adobe Acrobat plug-ins installed, be aware that the sample chapter -- and even the table of contents -- are offered only as PDFs, but the two links give no warning.
Most technical publishers, for every one of their books, wisely have links to the errata and sample code, right there on each book's Web page. This is the best approach, because when readers are having difficulty getting a book's examples to work correctly, they want to be able to quickly find and download the most up-to-date sample code, as well as check the errata page for any bugs in the printed code. Unfortunately, McGraw-Hill/Osborne has their links to those two types of information in an easily-overlooked part of a menubar, using small black text on a blue background. The links are near the upper left-hand corner, and outside the content section of the Web page, where the typical reader would be seeking fruitlessly for them.
The companion Web site for the book is hosted by Vaswani's software consulting firm, Melonfire. The site has the book's table of contents (in HTML), a link to chapter 1 in PDF, a profile of the author, three full-length case studies, a feedback form, and an extensive collection of links to PHP and MySQL reference material, discussion lists, articles, and tutorials. At the end of the Introduction in the book, the author invites the reader to use that companion site for connecting with other PHP users, and sharing their thoughts on PHP and MySQL development. The site itself has no such forum, so the author probably meant the discussion lists.
The companion site also has a link to download a Zip file containing all of the sample applications from the book -- from chapters 7, 12, and 16 -- comprising nine PHP scripts, an SQL file, and a data file. The code snippets themselves do not appear to be included in the download. This shouldn't pose a difficulty for the typical reader, since few of the code snippets are long. Besides, typing them in on one's computer can help to reinforce the language syntax that one is learning, as well as decent code formatting (valuable for newbies).
The book is organized into four parts.The first of these presents the basics of PHP and MySQL, including the history and features of both technologies, as well as how to install them on Unix and Windows systems, verify the integrity of the installations, and make some critical security and configuration changes, such as changing passwords. Parts II and III cover the basics of PHP and MySQL, respectively. The fourth and final part describes how to use the two together. To that end, every chapter contains snippets of code to illustrate the ideas being described. In addition, each section is wrapped up and illustrated with a sample application. For PHP, the author shows how to build a session-based shopping cart. For MySQL, he presents a simple order-tracking system. For using PHP and MySQL together, he shows a news-publishing system.
Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL. As the author notes in the Introduction, the book is not designed to be a complete reference for either technology, but instead intended as a tutorial for Web developers who are interested in learning how to do server-side scripting in combination with a database management system. Vaswani states that he does not assume prior knowledge of programming or database fundamentals, and that these basic concepts will be taught by example, using tutorials and realistic examples. I suspect a reader not familiar with HTML, however, could be easily baffled by the book. On the other hand, most if not all developers reading a book on PHP or MySQL are likely to already know HTML well enough to understand the output of PHP-enhanced Web pages.
One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL, rather than relegating these topics to an appendix, or skipping them entirely. This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working, along with a Web server, such as Apache -- and not coding the applications themselves.
Another welcome aspect of the book is the author's enthusiasm for the technologies -- although characterizing MySQL as "quite friendly" (page 150) is a stretch. Furthermore, his explanations are clear and concise. In addition, Vaswani makes no pretense that his book has all the answers; he frequently refers the reader to URLs in the online manuals of the products, for more details. In addition, he does a nice job of illustrating the advantages of normalized database tables, and later explaining how to format query output -- an important topic omitted in many similar books.
Yet, like all books, this one is not perfect. There are a number of errors or pitfalls in the book that could confuse the reader. They range from incomplete explanations of what a user will see when running particular commands, to the sort of errata one finds in all technical books. I found over two dozen in total (there may be more). In the interests of keeping this Slashdot version of the book review close to the recommended length, I won't list all of the problems here, but will instead refer the reader to a longer version of this book review, if they are interested in those details.
Aside from its many minor flaws, I recommend this title to any programmer who wants to learn the basics of PHP and MySQL. Even though the publisher could improve their production quality, choice of binding, and Web page, the author has done a good job of clearly presenting the major points. Future editions could incorporate fixes to the errors noted in the longer version of this review, as well as better explain to the neophyte how to test/debug the code snippets. Nonetheless, the intended reader would be well served by this particular book.
Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase How to Do Everything with PHP and MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Re:bah! (Score:1, Insightful)
Most comments to this review (Score:5, Insightful)
Which is sad, because as much as PHP sucks [blogspot.com], J2EE solutions suck just as badly in different ways. (That's another article.)
Re:bah! (Score:5, Insightful)
Granted, PHP lends itself to sloppier code than some other languages. Or rather, it _allows_ you to write sloppy code. But this is only a disadvantage if the developer is unskilled/undisciplined. A skilled PHP programmer can write robust, object-oriented code that follows the same design patterns as Java. It's just that certain Java frameworks force every project to be heavyweight, while PHP allows you to do a lot of things simply. If you want to write yourself a simple photo gallery app, why bother with Struts?
I write this as an ex- (not current) PHP programmer. I recently made the switch to Ruby on Rails, which has proved to be fantastic thus far.
Never trust anyone who says "Language X is terrible and Language Y is great."
Make it stop (Score:5, Insightful)
Seems like the only explanation for this myriad of redundant books on such a simple topic. Really, how can there be a market that can accomodate another one of these identical books every month?
Re:Like the old saying goes (Score:1, Insightful)
those two sites are more informative than any book I've read on PHP/MySQL. Even with moving from php3 to php4 and then php4 to php5 or from mysql 3.x to 4.x I have still yet to purchase any documentation for either of the two.
Any book I've picked up at the local book store on the subject I've found to have too much filler and have somehow stretched out 1 paragraph in to two pages.
If anyone is going to be getting into PHP/MySQL do your self a favor and just read through the tutorials and syntax examples on the parents post. I guarentee they will be just as, if not more informative as any $25 - $50 book you'll purchase at a book store and you will have the option of Ctrl+F.
I hate the title (Score:4, Insightful)
I hate how people abuses of PHP. PHP is nice when you really need what things like PHP/ASP/etc provide, but these days some people use it for everything. I hate it. Take a look at blogs - they're not really "dynamic content", they're just static content which changes very frequently, still everybody uses PHP to implement them.
Re:both available under open-source licenses? (Score:2, Insightful)
No, buy a SQL book (Score:5, Insightful)
It was the language and not the code? (Score:4, Insightful)
PHP websites are more vulnerable to worms. Just six months ago, many PHP run forums were shut down and destroyed. The exploit was something that worked only with PHP forums.
So it was a shortcoming endemic to the langauge, and not sloppy coding, right? I mean to say, PHP itself was at fault, due its very nature? A similar thing can't possibly happen in a "real" programming language like Java?
Java is the better language to learn. It is more like a true programming language than PHP. The reward for the time spent learning a language is greater with Java than with PHP.
That's begging the question [skepdic.com]. And wooly-headed thinking at its best. I'd argue that the barrier to entry is a lot lower with PHP than Java (or C, C++, .Net, et al.). So someone new to the language is bound to see results faster. But your point is nonsensical to begin with...
I always thought of PHP as more of a scripting langugae, and not a true language. No large PHP applications exists out there. But there are tons of enterprise Java applications.
A scripting language is a "true language". BASIC is a true programming langauge. MSDOS batch is a true programming langauge. Further, have you ever heard the saying "use the right tool for the job"? There are a lot of types of websites filling a lot of roles. Many (most?) of them don't need the overhead and complexity of an enterprise-class system. Use what works, without specious limitations brought on by technical snobbery.
-B
Re:MySQL good, PHP not so good (Score:3, Insightful)
If this is the worm I am thinking about, it was specific to one particular forum, which is quite popular and written in PHP. The exploit was a vulnerability in the source, not PHP itself. Is all JSP code automatically uber-secure?
And if the 'reward' of programming with a 'real' programming language is that much better, write your web-apps in C, or
Re:both available under open-source licenses? (Score:5, Insightful)
Not very free IMHO.
Brilliant! (Score:2, Insightful)
Of course, this book is just indicative of one of the key features of the Open Source movement: the ability to take two bad software packages and combine them to form something truely horrific.
(I wasn't using that Karma anyway.)
Re:bah! (Score:3, Insightful)
This isn't quite true. A good example is that many very-high load Java websites use application-scoped caching of data. This is very hard to do elegantly in PHP.
Java was designed to be object-oriented from the start. With PHP, it was an afterthought.
It's just that certain Java frameworks force every project to be heavyweight, while PHP allows you to do a lot of things simply. If you want to write yourself a simple photo gallery app, why bother with Struts?
Java also allows you to do a lot of things simply. There is nothing forcing you to use those Java frameworks. You can write everything in scripted JSP pages.
Re:I prefer a different book (Score:2, Insightful)
Re:Perl and PostgreSQL (Score:5, Insightful)
Re:No, buy a SQL book (Score:5, Insightful)
If people start doing that.... I can't see people still using MySQL :)
Re:Comparison to Other Books? (Score:3, Insightful)
Re:I prefer a different book (Score:2, Insightful)
We should author that book.
MySQL has garnered such popularity because it is EASY. It is unfortunate however that easy does not mean good. MySQL is the Geo Metro of database systems. It's easy to drive and anyone can finance the thing. It pays to note that LAMP is the ultimate driving force behind the movement.
As a result of this ease and the lack of knowledge needed to make it operational, there are more scripts than one can count that you just drop into a LAMP installation and *bing*, instant website. The security concerns [mangeek.com] alone make me shudder, but the proliferation of bad code is perhaps just as serious of a problem.
While I think there are things that MySQL and PHP do quite well together, I would prefer if the development groups spent less time trying to perfect their recipe for "instant website" and instead increased their educational resources and expanded their product to meet standards.
It would make better netizens of their users. Or at least teach them "no, the world doesn't have padded walls for when your server falls down and gets a booboo."
Re:I hate the title (Score:4, Insightful)
Doesn't that make it dynamic?
ANd why not use PHP to implement them? Instead of ftping the file tomy computer, adding my new text, then ftping it back, I can just use a PHP script to add it to a db, and a second script to write it out to the world. Much easier. As someone who did things the bad old way once upon a time, this is a huge time saver.
PHP encourages bad code. (Score:3, Insightful)
Also, the PHP developers have proven over and over again that they do not care AT ALL about security. As an ex-PHP programmer myself, I have to agree with the "dear god use anything but PHP" people.
Risk of SQL injection (Score:5, Insightful)
Look at the examples given in the companion web site. There is code like the following, which is highly vulnerable to SQL injection [wikipedia.org] attacks:
Validate? Just by removing trailing spaces? People trusting this book's advice will be very sorry soon.
One more example:
No validation at all! User input thrown into the database without any check!
It's unbelievable that in 2005, after all the outrage and cry about SQL injection ther is still a new book proposing such horrible code!
Re:Make it stop (Score:5, Insightful)
Re:PHP editorfor Linux, anyone? (Score:3, Insightful)
Invaluable and the CVS integration makes it even better.
I run it on (seriously) on Windows (Work), Linux (Home), Mac (Laptop) and don't skip a beat.
Re:Brilliant! (Score:5, Insightful)
Re:Perl and PostgreSQL (Score:3, Insightful)
Re:Perl and PostgreSQL (Score:1, Insightful)
Re:"JSP in a very light manner" (Score:4, Insightful)
It certainly has. Especially in terms of performance. The latest Tomcat (5.5) approaches the speed of Apache in some cases.
Yes, you could run Tomcat on port 80, with no Apache, but I seem to recall that Tomcat specifically leaves out much of the functionality that Apache does natively- perhaps lock something down by IP, etc.
This is all available now (RemoteHostValve, RemoteAddrValve etc).
Once you've gone through the nightmare of setting this up properly, you then get to learn Ant to make your WARs. While I did find Ant appealing/nice/whatever, it's quite a bit more complex than you're making it up to be to be serving up
The latest versions of NetBeans (4.0, 4.1) does this for you. Every change to a J2EE project automatically updates your WAR file. It even (again automatically) writes and maintains Ant scripts so that you can do this from the command line as well.
I do feel a lot of the criticism of Java/JSP/J2EE is based on the way things were years ago. This have changed a lot!
Re:Is that Realistic? (Score:1, Insightful)
People who tell you Java or
Re:Most comments to this review (Score:2, Insightful)
Re:buy a MySQL book (Score:3, Insightful)
I just don't care that MySQL isn't SQL-92 compliant. By the way, none of the applications I have worked on on Oracle could be trivially ported to a different db, standards or no. I agree that MySQL is friendlier than other dbs. Most obvious example - meaningful error messages.
I am not excited by Innodb or most of the features being added to MySQL. These changes, which add Oracle-like capabilities, also add Oracle-like problems, such as complexity, slowness, lock buildups, etc. We already have Oracle. We use MySQL where it fits.
As for hammers and nails: the guy with only one tool has a problem; so does the guy who spends all his time learning new tools and never becomes expert with one. There is not a logical niche for every technology - many of them are not worth touching, period. It's better to invest time in learning a few tools deeply.