Core Web Application Development with PHP & MySQL 149
jsuda writes "Core Web Application Development with PHP and MySQL is an intermediate
to advanced-level guide for programmers and developers. It bills itself as >everything
one needs to know about building robust database applications. That is a
bit of puffery but this is a comprehensive practical guide for designing and building
production-quality, database-enabled applications." Read the rest of John's review.
| Core Web Application Development with PHP & MySQL | |
| author | Marc Wandschneider |
| pages | 912 |
| publisher | Pearson Education |
| rating | 8 |
| reviewer | John Suda |
| ISBN | 0131867164 |
| summary | Fine strategic overview |
The author is an open-source platform expert and software developer. He comes from a background of working with standard desktop Windows-based applications and made the transition to building dynamic web applications. His experience in making the transition informs this book as a comprehensive explanation of how to use the various technologies that go into writing web applications. For those making similar transitions, this is a very fine presentation done by a thoughtful, systematic designer. For those already busy in the PHP/MySQL area, the advanced level of instruction is likely to be valuable.
The emphasis is on open-source applications, particularly PHP5 and MySQL in an XHTML/Javascript environment. But, beyond technologies, the author's focus is on the strategies and systematic approach one needs to design and implement successful web applications. He writes for an advanced audience which is already basically familiar with programming and XHTML. Those writing or planning dynamic web applications will benefit most from the book.
There are 33 chapters in five parts - basics of PHP, database basics, planning web applications, implementation, and sample projects. There are three appendices covering installation and configuration of PHP, MySQL, and other related open-source applications like Apache, a set of charts of database function equivalents among the leading database types - MySQL, Oracle, PostgreSQL, Microsoft SQL Server, and a short list of recommended reading.
This is a large format book of 912 pages, including index. My reviewer's copy is a prepublication version containing grayscale graphics and much white space, especially around the code snippets, making reading easy and comfortable. Although the material is high-level and technical, the writing seems light and casual. Wandschneider's writing style flows easily, never bogs down even with technical details, and the book reads much faster than one might expect.
Although the best part of the book contains the three start-to-finish sample projects at the end - a calendar system, weblog engine, and e-commerce store, the lead-in chapters are nicely done, too. Chapters 1 and 2 are about getting started in PHP. There is a brief comparison to perl and C++, but the bulk is about PHP terminology and programming concepts. Much is made of PHP5's new object-oriented features, but the discussions of that here (and in Chapter 4) was about the only parts which I feel needed more clarity - the rest of the chapters are very clearly stated and contain plenty of good examples.
Chapters 3 - 7 continue with scripting concepts like functions, classes, arrays, strings and characters. The discussion is not designed to instruct comprehensively about PHP itself but works on a higher level of showing how PHP interacts with MySQL and other technologies on an overall basis. You can get detailed PHP coding instructions elsewhere. Chapter 6 contains an unusually good discussion of character sets, usable for global applications, and provides instructions on configuring Unicode and multi-byte support for high-level applications.
Part 2, Chapters 8 - 12, take the same approach to MySQL and databases in general. They include discussion of basic terminology and concepts, designing and creating databases, storing and retrieving data, PHP-to-database connectivity, and advanced topics, like use of "transactions" and advanced querying.
Part 3, Chapters 13 - 17, deal with the server-side matters. Again, the level of presentation is not on comprehensive details of PHP, MySQL, and web services, but present a comprehensive overview to guide planning, design, and implementation. Here the author states overall design considerations of a website noting how to incorporate CSS, HTML, code libraries, user interfaces, and web services into a working dynamic website.
User management and security concerns are noted throughout the book and Chapters 14 - 17 deal specifically with validation, and software and hardware security, including tips on how to secure your server. These passages on security are some of the better and clearest written I've experienced in this area.
Part IV continues the systematic approach to website construction discussing error handling, debugging, cookies, and sessions (again some of the clearest explanations I've read), authorization, and data validation with regular expressions. Chapter 21 is entirely about globalization and localization that is, dealing with the fact that the Internet is global and that there is a need to deal with foreign language sets. There are tips on how to determine users' locations and how to script to account for different language sets, including Unicode.
Chapters 23 and 27 are about XML and are especially useful now that XML and XHTML are becoming the reigning protocols of dynamic web activity. There is an extensive sample of using XML to work with the Google API. Using XML with PHP is an advanced topic and it is only generally covered here, together with XML web services and SOAP. Other chapters cover the use of extensions to PHP, like PEAR, developing a coding "style", creating test suites, configuring PHP.ini, and more. The three working examples are extensively commented and contain complete code examples.
The book comes with a comparison CD-ROM containing all of the sample code, and versions of PHP5, MySQL, and Apache HTTP server."
You can purchase Core Web Application Development with Php & MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Debugger (Score:3, Interesting)
Re:Multi-tier (Score:3, Interesting)
My approach (Score:3, Interesting)
Oh please, Where did I say i used all that just to implement my UI layer?
Maybe if you paid enough attention to what I said, you'd have realized that I never implied "templates = multitier". Templates are a NECESSARY part of the view, but they alone don't make a multi-tier app.
To clarify, this is how i build my web-apps:
a) I have the main ".php" files which implement the Controller. Actually i use a prepend that includes them, but that's my approach. Each main php file has a function "handle_request()" which does all the processing. I came with this concept while studying Apache Velocity. The main php files include() the particular libraries used in the model, which is split between the business and data-tier.
b) Also, the prepend.php includes (engine.php), which itself include()s security.php. I call this is the "security tier" which lies on top of the controller. The security tier verifies that no weird requests are done, and filters the unnecessary global and environment variables. It also checks the login, session, etc.
c) For the database class I used, has two subclasses: one for reading the data, and another for writing. These can have two different users connected to the MySQL database. All database operations are done thru these classes, saving the app from SQL-injections in read-only queries. Also, having the controller embedded in a function saves us from global variables injection and other nastiness.
d) The controller arranges the GET and POST parameters into an associative array, which it passes to the appropriate business-tier function. In reality, I have the business and data-tier a little bit mixed, but it's organized enough that it doesn't give too much trouble.
e) The business-tier returns another set of parameters, which are to be passed (later) to the template (which template to use is calculated also based on GET and POST, even SESSION).
f) Finally, the controller returns in an associative array, the template file and the e) parameters to the engine.php, which uses a template object to process the output.
As you can see, while processing I do not use a single echo statement. All the data (database output) is passed thru associative arrays. In other frameworks, I'd have returned an XML string which would be passed to an XSLT engine.
So, I hope that's multi-tier enough for you. If you were so kind to show us how YOU implement your multi-tier apps (you didn't), I'd really appreciate it.
Re:Oxymoron (Score:3, Interesting)
It's just a fashionable and trendy target to bash.
Sorta like the (open|free|net)bsd zealots who bash linux. They're so insecure in their choice of OS that they need to put down something else in order to feel better.