Lecture Slides
advertisement
PHP+MySQL Integration
Connecting to databases
• One of the most common tasks when working
with dynamic webpages is connecting to a
database which holds the content of the page
• PHP has several libraries that allows for
communication with many different databases
• Some of these libraries have variations in the
commands
• We will be using the mysql library
• Most functions start with mysql_ and then the
name of the function
2
Working with databases –key steps
1. Design the DB
– Create the DB on PHPMyAdmin or MySQL
command
2. Design and create the HTML
3. Create a connection and select the database
4. Run the query
– Verify Insert/Fetch the rows/Do other SQL
associated tasks
5. Display Results as needed
6. Close the connection
3
1. Database Design and Creation
Create database ‘hospital’, add a table ‘discharge’
with appropriate fields – patient id, name,
appointment type, admission ward, xray
examination, mri scan, cat scan, eye test, hearing
test, and date (to capture todays date)
hospital
discharge (patid,name, appointment, ward,
xray, mri, cscan, eye, hearing, date)
Data details
Field
Type
Comment
patid
int(11) NN AI PK
Primary Key Index
name
varchar(45)
Patient Full Name
appointment
varchar(11)
type of appointment:
GP, Specialist or Surgery
ward
char(2)
Admitted to ward? No, or ward A,B or C
xray
char(3)
x-rays taken? YES,NO
mri
char(3)
mri carried out? YES,NO
cscan
char(3)
CAT scan carried out? YES,NO
eye
char(3)
eye test carried out? YES,NO
hearing
char(3)
hearing test carried out? YES,NO
date
date
date of discharge: format YYYY-MM-DD as text
2. Design and Create the HTML
In order to interact with the database we need a
data capture form, and a script that will
process the form.
Create an HTML document in the folder you
created in C:\wamp\www\hospital, and save
it as hospital.html
hospital.html
<form action="process.php" method="get" name="discharge">
Patient name: <input name="name" type="text" /><br/>
<hr/>
Appointment type: <select name="appointment">
<option value="General Practitioner">GP</option>
<option value="Specialist">Specialist</option>
<option value="Surgery">Surgery</option>
</select>
<hr/>
Admission to these Wards:<br/>
<label> <input type="radio" name="ward" value="No" id="ward_0" /> No Ward</label> <br />
<label> <input type="radio" name="ward" value="A" id="ward_1" /> Ward A</label> <br />
<label> <input type="radio" name="ward" value="B" id="ward_2" /> Ward B</label> <br />
<label> <input type="radio" name="ward" value="C" id="ward_3" /> Ward C</label> <br />
<hr/>
Treatments Undertaken:<br/>
<input name="xray" type="checkbox" value="yes" />X-Ray Treatment<br/>
<input name="mri" type="checkbox" value="yes" />MRI Scan<br/>
<input name="cscan" type="checkbox" value="yes" />CAT Scan<br/>
<input name="eye" type="checkbox" value="yes" />Eye Test<br/>
<input name="hearing" type="checkbox" value="yes" />Hearing Test<br/>
<hr/>
<input name="" type="submit" value="Submit Form" />
<input name="" type="reset" value="Reset Form" />
</form>
Form
link to php script file
use get to check form is working correctly
post could also be used, user choice
<form action="process.php" method="get" name="discharge">
form name
Drop down list
Patient Name: <input type="text" name="name" /><br />
<hr />
Appointment type<br />
<select name="appointment">
<option value="GP">General Practicioner</option><br />
<option value="Specialist">Specialist</option><br />
<option value="Surgery">Surgery</option><br />
</select>
3 options for appointment type
Radio buttons
Admission to Wards:<br />
<label>
<input type="radio" name="ward" value="No" />
No Ward</label>
<br />
<label>
<input type="radio" name="ward" value="A" />
Ward A</label>
<br />
<label>
<input type="radio" name="ward" value="B" />
Ward B</label>
<br />
<label>
<input type="radio" name="ward" value="C" />
Ward C</label>
<br />
<hr />
4 options via radio
buttons, only one can
be selected on form
Checkboxes
Treatments Undertaken:<br />
<input type="checkbox" name="xray" value="yes" />X-Ray Treatment<br />
<input type="checkbox" name="mri" value="yes" />MRI Scan<br />
<input type="checkbox" name="cscan" value="yes" />CAT Scan<br />
<input type="checkbox" name="eye" value="yes" />Eye Test<br />
<input type="checkbox" name="hearing" value="yes" />Hearing Test<br />
<hr />
5 options, any can be selected on form
Submit/reset buttons
<input type="submit" value="Submit Form" />
<input type="reset" value="Reset Form" />
</form>
process.php
Open a new file, save as process.php, keep on same directory
as html file
<?php
$name = $_GET['name'];
$app = $_GET['appointment'];
$ward = $_GET['ward'];
single option data passing
$_POST option also viable, keep consistent with
previous use
$variable
Arguments are passed as below:
http://localhost/process.php?name=Joe+Bloggs&appointment=General+Practitioner&ward=A
Checkbox data selection
checkboxes allow multiple options
if not checked, it will not pass
the parameter (not set)
if (isset($_GET['xray'])) {
$xray = $_GET['xray'];
} else {
$xray = "No";
}
if passed the default is set to ‘yes’
so if not passed, we need to assign
a value to the respective variable that
will go into the database
Note: This code needs to be repeated for every checkbox variable passed as a parameter
the variables used are:
$mri, $cscan, $eye, $hearing
Check data capture
print "Name:".$name."<br />";
print "Appointment:".$app."<br />";
print "Ward:".$ward."<br />";
print "X-Ray:".$xray."<br />";
print "MRI:".$mri."<br />";
print "CSCAN:".$cscan."<br />";
print "EYE:".$eye."<br />";
print "HEARING:".$hearing."<br />";
print used to check fields are being
passed and captured in the page
3. Database connection
• You will need:
– The address to the database server
– A username with privileges to access the table you
require
– The username associated password
• Optionally:
– The name of the database you are connecting to
16
Connection Sequence
• mysql_connect(host, username, password)
– returns a link to the host using username and password
authentication.
Usage:
– $conn=mysql_connect(‘localhost’,myusername’,’MyP455w0rd’);
• mysql_select_db(database,link)
– selects a database from the connection in link
Usage:
– mysql_select_db(‘db_name’,$conn);
17
Opening a connection
$link = mysql_connect('localhost','student','student') or die(mysql_error());
mysql_select_db('hospital',$link);
Current date selection
This script demonstrates how the current date
can be obtained from the MySQL server using
the appropriate DATE query
$querydate = "SELECT CURDATE() as Today";
$result1 = mysql_query($querydate,$link) or die(mysql_error());
$row = mysql_fetch_assoc($result1);
$today = $row['Today'];
The parameter being queried (date)
does not have an index in the array,
so we need to use the alias “AS” to assign
an index that we can use to retrieve from
the result array
SQL Query Structures
• SQL is a non procedural language providing
syntax for extracting data, including a syntax
to update, insert, and delete records.
• The Query and Update commands together
form the Data Manipulation (DML) part of SQL
– SELECT
– UPDATE
– DELETE
– INSERT INTO
SQL-DML
SELECT
• SELECT: This command is mandatory when
performing a query; it is used to retrieve data
from a table based on some criteria
• It specifies a coma separated list of fields to be
retrieved, and the FROM clause specifies the
table(s) to be accessed.
• The results are stored in a result table known as
the result-set.
• The * symbol can be used to represent all of the
fields
SQL-DML
SELECT
Format:
SELECT column_name(s) FROM table_name
Example:
SELECT LastName, FirstName, Address FROM Students;
To select specified columns, the SELECT command
is followed by a comma separated list of fields to
be selected from the table
SQL-DML
SELECT
• WHERE Clause: It is used to select a field when
a certain criteria set of conditions are desired
• The WHERE Clause is optional
• To create the conditions (called selection
criteria) SQL provides a set of operators to
further qualify what criteria should be
specified
SQL-DML
Where Operators
Operator
Description
Example
=
Equal to
WHERE country = ‘ireland’
<>, !=
Not equal to
WHERE country != ‘USA’
>
Greater than
WHERE salary > 28000
<
Less than
WHERE age < 35
>=, <=
Greater/Less Than or Equal
WHERE cost >=1200
IS [NOT] NULL
Is NULL (vo value) or Not NULL
WHERE birth = NULL
BETWEEN
Between an inclusive range
WHERE last_name BETWEEN ‘Doherty’ AND ‘McDAID’
LIKE
Search for a value like a pattern
WHERE name LIKE ‘D%’
NOT LIKE
Search for a value not like a pattern
WHERE country NOT LIKE ‘Sw%’
! , NOT
Logical not for negation
WHERE age ! 10;
||, OR
Logical OR
WHERE order_number > 10 || part_number = 80
&&, AND
Logical AND
WHERE age>12 && age < 21
XOR
Exclusive OR
WHERE status XOR
SQL-DML
• Using Quotes: Quotes are always an issue in
programming languages. (single quotes?,
double quotes?, when?)
• SQL uses single quotes around text values
(MySQL also accepts double quotes)
• Numeric Values should not be enclosed in
quotes.
SQL-DML
• Comparing Strings: When comparing strings
using =, the string must be exactly as typed for
the condition to be true – this include length
and type of characters.
• NULL: Null means that there is not a value in
the field, or it is unknown, but does not mean
a value of zero.
DML-SQL
• LIKE – NOT LIKE: The pattern matching operator
can be used as a condition in the WHERE clause,
allowing the selection of rows that are ‘like’ or
match a pattern
• A percent sign (%) can be used as a wildcard to
match any possible character that might appear
before and/or after the character(s) specified.
• A _ is used to match a single character.
• The LIKE/NOT LIKE condition can be used in any
valid SQL statement, including SELECT, INSERT,
UPDATE or DELETE.
DML-SQL
• Examples of the wildcard % uses:
• SELECT CompanyName, Country FROM Customers WHERE
country LIKE ‘SW%’;
– Returns all the customers and countries in which the country starts
with “Sw” i.e. Sweden, Switzerland
• SELECT City, Country FROM suppliers WHERE City LIKE ‘%o’;
– Returns all cities and countries where the % matches any city that
ends with a letter o.
• SELECT CompanyName FROM customers WHERE
CompanyName LIKE ‘%Super%’
– Returns all company names where the % matches any company name
that contains the pattern “Super”
DML-SQL
• Examples of the wildcard _ uses:
• SELECT Extension, Firstname FROM Employees WHERE
extension LIKE ‘4_ _’;
– Returns all extensions and first names where the exetension has three
characters and the first character is a 4.
DML-SQL
• ORDER BY: Used to sort the output of a query
in either ascending (ASC, the default) or
descending (DESC) order where the values
being sorted are either strings or numbers
Format:
SELECT column_name(s) FROM table_name [WHERE condition]
ORDER BY column [ASC, DESC]
Example:
SELECT Company,Ordernumber FROM Orders ORDER BY Company;
SQL-DML
INSERT
• The INSERT statement is used ot insert new
rows into a table.
• After the VALUES keyword, a commaseparated list of column names follows
Format:
INSERT INTO table_name VALUES (value1, value2, … )
INSERT INTO table_name (column1, column2,…) VALUES (value1,
value2, … )
Example:
INSERT INTO Shippers (CompanyName, Phone) VALUES
(‘FEDEX’,’416-555-1221’);
SQL-DML
INSERT
• Usually, the tables have a primary key column
that is usually set to auto-increment; when
this is the case, the id of the table is created
by the database engine automatically
• Letting the database increment the PRIMARY
KEY ensures that the value is always unique.
SQL-DML
UPDATE
• The UPDATE statement is used to modify data in a
table.
• The UPDATE command is followed by the name
of the table where the data will be changed,
followed by the SET statement to inidcate what
field will be changed, and then the new value
that will be assigned to the field
• The WHERE clause further qualifies what data is
to be modified, thereby limiting the scope of the
UPDATE
SQL-DML
UPDATE
Format:
UPDATE table_name
SET column_name = new value
WHERE column_name = some_value;
Example:
UPDATE orders SET ShipCountry=‘Spain’ WHERE CustomerId = ‘whitc’;
SQL-DML
DELETE
• The DELETE statement is used to delete rows in a
table and returns the number of rows that were
deleted.
• DELETE uses the FROM clause to specify the
name of the table that contains the data you
want to delete
• The WHERE clause specifies the criteria to
identify what data should be removed.
BE CAREFUL: Without the WHERE clause ALL ROWS
are DELETED
SQL-DML
DELETE
• If the ORDER BY clause is specified, the rows
are deleted in the order that is specified.
• The LIMIT clause places a limit on the number
of rows that can be deleted.
Format:
DELETE FROM table_name
WHERE column_name = some_value;
Example:
DELETE FROM orders WHERE ShipCountry = ‘Greenland’;
4. Run the query
mysql_query(link, query) is used to run a query on the
database server. It requires the link and the query
string and returns a result object.
Usage:
$result= mysql_query(“SELECT * from directory”, $conn);
Queries can be constructed as strings. The string
variable can then be used on the mysql_query
command.
Usage:
$query="select * from directory";
$result = mysql_query($query,$link) or die("could not
execute:".mysql_error());
Insert query
Query to insert all data from html form + date obtained from
previous query
Specify discharge table
$query = "INSERT INTO discharge VALUES
(NULL,'$name','$app','$ward','$xray','$mri','$cscan','$eye','$hearing','$today')";
$result = mysql_query($query,$link) or die(mysql_error());
$affected = mysql_affected_rows($link);
if ($affected >0) {echo "success";} else {echo "fail";}
detects affected rows in the query
in this case 1 row was INSERTED so
$affected=1 if the insert was successful
generates mysql error causes
Select query
This query will retrieve all the data from the table discharge
$query3 = "SELECT * FROM discharge";
$result3 = mysql_query($query3,$link) or die(mysql_error());
$row3 = mysql_fetch_assoc($result3);
?>
5. Display results
•Result sets are objects. They point to places in memory
where the values returned from the query exist
•Result sets are NOT the individual rows from the query
•You can think of a result set as the TABLE that holds the
results
•You need to read the rows from that table individually
•$row=mysql_fetch_array($result);
•Using this function, the array returned can be either
numerically indexed or associative!
•If there are no more rows, the function returns FALSE
Table headings
<table width="200" border="1">
<tr>
<th scope="col">Patient ID</th>
<th scope="col">Patient Name</th>
<th scope="col">Appointment Type</th>
<th scope="col">Admitted to Ward</th>
<th scope="col">X-Ray</th>
<th scope="col">MRI</th>
<th scope="col">Cat Scan</th>
<th scope="col">Eye Test</th>
<th scope="col">Hearing Test</th>
<th scope="col">Date Discharged</th>
</tr>
Results
$row is an associative array containing the results,
the index of the array is the field in the database
<tr>
<td><?php echo $row3['patid']; ?></td>
<td><?php echo $row3['name']; ?></td>
<td><?php echo $row3['appointment']; ?></td>
<td><?php echo $row3['ward']; ?></td>
<td><?php echo $row3['xray']; ?></td>
<td><?php echo $row3['mri']; ?></td>
<td><?php echo $row3['cscan']; ?></td>
<td><?php echo $row3['eye']; ?></td>
<td><?php echo $row3['hearing']; ?></td>
<td><?php echo $row3['date']; ?></td>
</tr>
</table>
do …. while loop
<?php do { ?>
<tr>
<td><?php echo $row3['patid']; ?></td>
<td><?php echo $row3['name']; ?></td>
<td><?php echo $row3['appointment']; ?></td>
<td><?php echo $row3['ward']; ?></td>
<td><?php echo $row3['xray']; ?></td>
<td><?php echo $row3['mri']; ?></td>
<td><?php echo $row3['cscan']; ?></td>
<td><?php echo $row3['eye']; ?></td>
<td><?php echo $row3['hearing']; ?></td>
<td><?php echo $row3['date']; ?></td>
</tr>
<?php } while ($row3=mysql_fetch_assoc($result3)); ?>
</table>
DO-WHILE Loop
needed to display
all the results of the database
Keeping it tidy
• Once you have completed your work with the
database, there are two things you should do:
– Free the results
– Close the connection to the server.
• Freeing the results can be optional: On closing the
connection, the results are automatically freed
• If you are planning to run further queries on the same
connection, it is good practice to free the previous
result set.
– mysql_free_result($result);
• To close the connection you use
– mysql_close($conn);
44
6. Close connection
<?php
mysql_close($link);
?>
Places where
things can go wrong
• Creating a connection
– Server unreachable/offline
– Wrong username/password combination
• Selecting the table
– Table does not exist
– User without privileges for that table
• Running the query
– Syntax errors
– Empty result set
• Fetching results
– Misusing the array
46
