Category Archives: Core Php
PHP $ Vs $$
PHP $ Vs $$ :– If $a = ‘b’ then $$a is $b.
$variable is a normal variable $$variable takes the value of a variable and treats that as the name of a variable
Assuming $a = “foo”, $$a will be same as $foo
In PHP each variable starts with an $.
So for example you have the variable $a = ‘var’;
So $$a == $var
This new variable will have the “content” of the other variable as name.
Example
|
PHP User Login Form Authentication
PHP User Login Form Authenticatio :– This tutorial teaches you how to save user’s form data and then how to verify a user when he starts login after sign up process.
This is done because we want to restrict unauthorised users to access our information.This approach is very comman in all websites.
Example // How to create SignUp Form in html
|
Example // how to register a user when he fills out form fields
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "CREATE TABLE User ( id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, firstname VARCHAR(30) NOT NULL, lastname VARCHAR(30) NOT NULL, passwordinfo VARCHAR(50), reg_date TIMESTAMP )"; if ($conn->query($sql) === TRUE) { echo "Table 'User' created successfully"; } else { echo "Error creating table: " . $conn->error; } $sql = "INSERT INTO User (firstname, lastname, passwordinfo) VALUES ('mysqli_real_escape_string($_POST[fname])', 'mysqli_real_escape_string($_POST[lname])', 'mysqli_real_escape_string($_POST[password])')"; if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; echo " |
Example //How to create login form in html
?> |
Example // User Authentication
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql="SELECT passwordinfo,firstname,lastname FROM User WHERE passwordinfo='$password'"; $result=$conn->query($sql); if($result->num_rows>0){ while($row = $result->fetch_assoc()) { echo "Your user name is:".$row["firstname"]."@hotmail.com"." |
PHP File Download
PHP File Download:– When we click on a link pointing to text files,executable files(.exe extention file) etc ; these files has been saved in computer’s hard drive after clicking that href link but some file format like pdfs or .jpg files do not allow browser to download them. So in this scenerio we create a php script which allows a file to download.
In this tutorial I will show you how to create a link to a file which prompts the user for a download.
Note:–You should keep all files(jpg,png,pdf etc) for download inside htdocs.
Example // how to create a download link for .jpg type image
'; echo ''; echo ""; ?> |
Example // Download Tulips.jpg
|
PHP Saving Form Data Into Database
PHP Saving Form Data Into Database:– In this tutorial you will learn how to store form data into mysql. When user fills out form text field and clicks on submit button; immediately form data is retrieved and executed by php script “connectdbdemo.php” in our below example.
Here we have written _POST method to get input field’s values and then to insert into table name JohnData which we have created in our previous tutorials.
To understand our below example you should learn the simple flow of form.html script.
Example // Simple form.html
|
Example // Simple connectdbdemo.php
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "INSERT INTO JohnData (firstname, lastname, email) VALUES ('$_POST[fname]', '$_POST[lname]', '$_POST[email]')"; if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; echo " |
PHP Update Data
PHP Update Data:– Mysql UPDATE Clause is used to modify records of a table at any time where you want by using WHERE clause.Following example shows how we changed the lastname of “John Doe” to “John Henry“
Example // How to use Limit Clause to fetch data
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "UPDATE JohnData SET lastname='Henry' WHERE id=1"; if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; echo " |
PHP Delete Record From Table
PHP Delete Record From Table:– The DELETE statement is used to delete records from a table.The WHERE clause specifies which record or records that should be deleted. If you omit the WHERE clause, all records will be deleted.
Below example clears all the fundamentals of delete command how does it work. In addition to this we print the table after deletion of one record where id is equal to 5 that belong to William so hence one of William record is deleted from table.
Example // How to delete record from table using delete statement
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "DELETE FROM JohnData WHERE id=5"; if ($conn->query($sql) === TRUE) { echo "Record deleted successfully"; echo " |
PHP Prepare Statement
PHP Prepare Statement :– Whether you’re reading from, or writing to a database, using prepared statements are easy, convenient, and secure. So what are they?
If you look at an HTML file, you’ll see that it’s carrying both the content and instructions on how to show it. Commonly SQL queries are written the same way. The problem with that is that if you’re not careful, you (or more annoyingly, someone else) can write content that gets mistaken for commands. In HTML, that ends up with broken layouts or cross-site scripting attacks, but with databases it can hand over all your data to attackers.
With HTML the only answer is to always escape your content so it can never be interpreted as HTML tags when you don’t want it to. You can do that with your SQL too, by using your database’s escaping functions (like mysql_real_escape_string()), but there’s a better way, which is to use a prepared statement. With this method, your command and the content are sent along separate channels to the database, which means you never need to worry about things like SQL injection attacks.
Prepared statements are also faster if you’re running the same query often, since your database won’t need to interpret the command every time it’s sent.
Example // How to add records using prepare statement
connect_error) { die("Connection failed: " . $conn->connect_error); } // prepare and bind $sql="INSERT INTO JohnData (firstname, lastname, email) VALUES (?, ?, ?)"; if($stmt = $conn->prepare($sql)){ $stmt->bind_param("sss", $firstname, $lastname, $email); // set parameters and execute $firstname = "Adam"; $lastname = "Smith"; $email = "adam@example.com"; $stmt->execute(); $firstname = "Riley"; $lastname = "Leah"; $email = "riley@example.com"; $stmt->execute(); $firstname = "Camila"; $lastname = "Paisley"; $email = "Camila@example.com"; $stmt->execute(); echo "Prepared statements are very useful against SQL injections"; } else{ echo "ERROR: Could not prepare query: $sql. " . $conn->error; } //$stmt->close(); $conn->close(); ?> |
PHP Insert Multiple Record
PHP Insert Multiple Record :– To insert multple records at a time we use concatanation assignment operator.ultiple SQL statements must be executed with the mysqli_multi_query() function.
Inserting Multiple Records Into a Table
The following examples add three new records to the “JohnData” table:
Example // How to create a database table
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "INSERT INTO JohnData (firstname, lastname, email) VALUES ('Adam', 'Smith', 'adam@example.com');"; $sql .= "INSERT INTO JohnData (firstname, lastname, email) VALUES ('Jorden', 'Dam', 'jorden@example.com');"; $sql .= "INSERT INTO JohnData (firstname, lastname, email) VALUES ('William', 'Speare', 'william@example.com')"; if ($conn->multi_query($sql) === TRUE) { echo "All Three New records added successfully"; } else { echo "Error: " . $sql . " |
PHP Insertion Into Table
PHP Insertion Into Table:– Now that you’ve understood how to create database and tables in MySQL. In this tutorial you will learn how to execute SQL query to insert records into a table.
The INSERT INTO statement is used to insert new rows in a database table.
Let’s make a SQL query using the INSERT INTO statement with appropriate values, after that we will execute this insert query through passing it to the PHP mysqli_query() function to insert data in table. Here’s an example, which insert a new row to the persons table by specifying values for the first_name, last_name and email fields.
Inserting Rows And Column Values Into Table
The INSERT INTO statement is used to add new records to a MySQL table.The following examples add a new record to the “JohnData” table.
Example // How to create a database table
connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "INSERT INTO JohnData (firstname, lastname, email) VALUES ('John', 'Doe', 'john@example.com')"; if ($conn->query($sql) === TRUE) { echo "New record added successfully into the table"; } else { echo "Error: " . $sql . " |