Beginning PHP and MySQL 5.0

Ravi Kumar writes "PHP and MySQL use is so prevalent that nowadays it is hard to miss seeing a website on the net which has been built using these technologies. The beauty of PHP is in its open nature and the rich set of libraries and modules which imparts a lot of power and flexibility to the programmer. Similarly MySQL is a free database which is ideal for use as a backend for any website. And not surprisingly there are a plethora of books in the market which explains these two topics. One such book is Beginning PHP and MySQL 5 from Novice to Professional authored by W.Jason Gilmore published by Apress." Read the rest of Ravi's review.

Beginning PHP and MySQL 5.0 - From Novice to Professional
author	W.Jason Gilmore
pages	860
publisher	Apress
rating	9
reviewer	Ravi Kumar
ISBN	978-1-59059-552-7
summary	The beauty of PHP is in its open nature and the rich set of libraries and modules which imparts a lot of power and flexibility to the programmer. Similarly MySQL is a free database which is ideal for use as a backend for any website.

Spread over 860 pages and divided into a whooping 37 chapters, this book covers the PHP Language and MySQL database in detail. As the name indicates, the book endeavors to hand hold a newbie in the various aspects of PHP programming like the language constructs and progressively brings him to the level of a professional. The first 21 chapters of the book solely concentrates on PHP where the author explains with the aid of examples how to write good programs in PHP.

The author starts the narration by giving a brief history of PHP and then moves on to explain all the syntax constructs of this language in great detail. Arrays, functions and classes have each been provided separate chapters of their own. Usually I have found many books related to programming jumping straight into describing the language syntax and about writing code. But this book has a dedicated chapter each covering how to setup and configure PHP and MySQL on ones machine irrespective of the OS being used which breathes some fresh air to this subject. PHP language has a very good similarity with C/C++ at-least in the syntax. And in the sixth chapter, the author explains the Object Oriented Concepts like object cloning, inheritance and polymorphism of this language with clarity.

The maturity of any programming language is gauged by the type of traps that it has developed to check the errors and exceptions that might be generated dynamically when a program is run. PHP has a rich set of features for handling errors. Earlier versions of PHP already took care of notifying errors through configuration directives and support for logging. But one thing this robust language lacked was support for exception handling. And from PHP ver 5.0 onwards, this feature has also been included in it. The 8th chapter in this book titled Errors and Exception Handling explains all these important concepts in detail. The fact that the author has provided snippets of code to illustrate each concept that is explained goes a long way in understanding this topic.

Another of PHPs strengths is in its support of a rich set of regular expressions and string manipulation functions. Using regular expressions, one can match just about any string or a sub-set of it and even do manipulations to the matched string on the fly. The string matching functions form the backbone of many user input validations. In the 9th chapter titled "String and Regular Expressions", the author explains with the aid of code how to use the rich set of string manipulation functions available in PHP to get the desired results.

The 10th chapter is solely dedicated to working with files and operating systems where the author explains in his inimitable style different ways of reading from and writing to files. All the frequently used file manipulation functions are explained in this chapter with the aid of examples.

The first 12 chapters of the book solely concentrates on explaining the PHP language to the readers. In the next 4 chapters, the author moves into practical aspects like explaining how to mix PHP with HTML elements, user authentication , handling file uploads, sending and receiving email using PHP code and so on. I found the section where the author explains how to build specialized programs such as a port scanner, subnet converter and bandwidth tester all with the aid of PHP code really fascinating. The author introduces the reader to some of the MySQL concepts in this part of the book like connecting to a database and reading data from database but the more detailed aspects of database manipulation are left for later chapters which deals with MySQL in more depth.

The 21st chapter titled Secure PHP programming throws light on topics related to enhancing security while coding in PHP such as enabling safe mode for people who run PHP in a shared-server environment, PHP's encryption capabilities, securely configuring PHP via its configuration parameters and so on.

From the 22nd chapter onwards, the book takes an all together different turn and moves into explaining the database concepts which plays an important part in any dynamically generated website. More specifically, the succeeding chapters concentrate on explaining the configuration and use of MySQL 5.0 and how one can use PHP to interact with the MySQL database. The chapter titled Introducing PDO throws light on the abstraction layer used between PHP and MySQL. I especially liked the 26th chapter where the author lists the different MySQL clients which are available to the user like mysql, mysqladmin, mysqlshow and so on. In fact, each and every tool which comes bundled with the mysql server is explained thoroughly with the aid of examples. But that is not all, this chapter also explains how to configure a mysql database using third party clients like PHPMyAdmin, MySQL Query Browser, MySQL Administrator and Navicat. In the section on securing MySQL, the author goes into the finer nuances of the topic. For example, with the aid of commands, the author explains how to make sure that the user connects with the database over secure sockets layer (SSL) or ways of encrypting the MySQL database traffic which is an eye opener.

But I would say the 29th chapter titled PHP's MySQL Extension is the most important chapter in the entire book just because it is in this chapter that the author explains in detail the variety of ways in which one can connect to MySQL database and retrieve or manipulate the data using PHP code.

In the 30th chapter titled PHP's MySQLi Extension, one gets to know how to use the enhanced MySQLi extension to connect to the database. The MySQLi extension contains more enhancements over its predecessor in that it is object oriented, supports prepared statements, provides transactional support, has better debugging capabilities among other things. But the down side as the author puts it is that it requires PHP 5.0 for it to work.

The last six chapters deal with special features of MySQL and how one can write PHP code to use those features. The features like stored routines, MySQL triggers and Views have been provided with a dedicated chapter of their own. And yes, from MySQL ver 5.0, support for views have also been incorporated in the database. And the fact that this book covers these new topics in detail makes this a truly useful book not only for budding programmers but also for the gurus among us.

I really liked the layout of the book. Each section is accompanied by PHP code snippet which shows how it is done. Just because one gets two books at the price of one does not mean that the book is short on detail. In fact the opposite is true and the 860 pages contain all that is needed for coming upto date with the latest version of PHP and MySQL. Of course the inclusion of a couple of pages giving a complete project such as a shopping cart application at the end of the book would have imparted a nice touch especially since this book is targeted at beginners too. But that is a minor detail and I guess there are limits to which a books of even this size can cram information. All in all an informative book which gives good value for money.

The author of this book W.Jason Gilmore has developed countless PHP and MySQL applications over the past seven years, and has dozens of articles to his credit on this and other topics pertinent to Internet application development. He has had articles featured in, among others, Linux Magazine and Developer.com, and adopted for use within United Nations and Ford Foundation educational programs. Jason is the author of three books, including most recently the best-selling Beginning PHP and MySQL: From Novice to Professional, and, with coauthor Robert Treat, Beginning PHP and PostgreSQL 8: From Novice to Professional. These days Jason splits his time between running Apress's Open Source program, experimenting with spatially enabled Web applications, and starting more home remodeling projects than he could possibly complete.

Ravi Kumar is passionate about all things related to GPL and open source and likes to share his thoughts through his blog."

---

You can purchase Beginning PHP and MySQL 5.0 - From Novice to Professional from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Misleading Title

[michaelhood]

That is a very poor title. Is the book about PHP 5 and MySQL 5? or PHP 5 and MySQL 4?

Re:LAMP Rocks

[entrylevel]

I prefer the LAMP camp myself, as opposed to the ASP.NET/SQL Server camp, which I assume is what you meant when you compared LAMP to "Windows development".

However, although I'm the first to brag about the power, simplicity, and performance that PHP and Apache offer when used by the right programmer, I do make a living off of ASP.NET/SQL Server applications, so please consider the following in the ensuing flamewar:

1. PHP is an extremely flexible scripting lanuage, that really excells at what it does: powering the back-end of a web application and interfacing with databases and the file system. Trying to make PHP do other things is possible, but is almost always a nasty hack.

2. The .NET Framework and CLR although sometimes misunderstood and often misguided, is really one of the best general purpose development environments bar none right now. It does web applications just as well as it does desktop and console applications. ASP was truly idiotic and horrid, but ASP.NET is very mature and worth an unbiased look if you aren't familiar with it. Then again, there is MSDN documentation and VB programmers, which tend to cancel out anything good I could say about .NET.

3. Say what you will about SQL Server, but if we could just replace the M in LAMP with PostreSQL, or, well, anything other than MySQL, I would be happy. SQL Server is not my favorite database, but it is very good. MySQL has its niche, but I expect a RDMS to have stored procedures and transactions as standard fare.

(yes, I know 5.0 has SPs, and InnoDB gives you transactions, but I said "standard fare")

4. This is the most important point of all: There are just as many cookie-cutter, craptastic, insecure, bug-ridden PHP apps out there as there are ASP.NET apps. On the other hand, if you are smart and creative, and truly use the tools provided by either platform, you can create fantastic applications with either one, just as easily.

Re:Sec-exps already know PHP is the beginner's cho

[KermodeBear]

Which is very unfortunate. It's possible to write good, secure PHP code. Others have too. PHP is marketed as an easy to learn language (and it is), and it is commonly installed on hosting services, so new programmers flock to it. The problem is that these new programmers are, well, new. They aren't aware of things like SQL injection attacks. They don't bother to validate data. They make new programmer mistakes.

Is it the fault of the language? I can point to a few things where I can say, Shame on You, PHP!, such as the entire magic quotes 'feature' (which, iirc, is turned off by default now). But, as usual, it is the user, not the tool, that is at fault. This makes the language look bad because vulnerabilities pop up in software packages written in the language.

It's easy to spread FUD when that happens, especially to management and other uneducated people.

Some people say that the language should prevent programmers from doing stupid things. I disagree; I think the language should allow you to do what you want within the confines of its purpose, and if you happen to be making mistakes (such as not escaping data that goes into your queries) then shame on you. I don't see people complaining about C because it lets you point into kernel space and write garbage. If that happens, C programmers will point and laugh and say, "Ha ha, you silly newbie programmer!" not "Ha ha, C is retarded!"

I don't see why PHP should be any different. Sure, there are things that could be improved, but overall, most of the vulnerabilities I see are not the fault of the language. It's just the web's version of the VisualBasic syndrome (OMG I CN PRINT TXT 2 SCREEN, I R GOOD PROGMMR!!!!11one!).

The more used a language is, the more software that exists, and the more bugs that will exist - especially if it's an 'easy' language to learn.

Re:For me -- doing is better than reading

[ToxicBanjo]

Me Too.

I use books only as a language reference. I find that no matter what I'm trying to accomplish in code, any book I own doesn't have examples that "fit" the pieces of my app that I'm struggling with. So what good is a book with 1000 pages of example codes and 300 pages of theory when 95% of the time it doesn't fit what I need anyways? I prefer the reference style book or snippet archive (TurboPascal days): "a Listbox has these properties, methods, and events and here is how they work" or "To make an HTTP Request first declare a TCP/IP Object...". That is all I really need, short and concise.

Beyond that it's just down to hacking. Working on sculpting code till it does what you want and how you want. I've learned more from doing than reading a million times over.

Personally the only book I would recommend buying is one on writing tight secure code. Regardless of language as well, the fundamentals of truely professional code design are applicable to any programming language. Bounds checking, error trapping, raising errors, etc, etc, etc. I think we need more of that kind of book instead of new iterations of existing product that primarily rehash most of a previous version.

Re:LAMP Rocks

[hobuddy]

PHP is an extremely flexible scripting lanuage, that really excells at what it does: powering the back-end of a web application and interfacing with databases and the file system. Trying to make PHP do other things is possible, but is almost always a nasty hack.

Help me out here: you're saying that PHP is extremely flexible, as long as the programmer only tries to write one type of program with it? Hmmmm?

I think we both recognize the truth: compared to Python, Ruby, or Lisp, PHP is not very flexible at all. It's a poorly designed, inflexible language that happens to have gained momentum at a critical era in the history of the WWW.

Re:LAMP Rocks

[Sentry21]

(yes, I know 5.0 has SPs, and InnoDB gives you transactions, but I said "standard fare")

What does this even mean? You know that they are available, but you don't want to use them? You don't support using the latest versions? You seem to want to imply something, but I can't figure out what it is.