Phazm Webdesign

Welcome to Phazm Webdesign! We are here to make your life easier, so if there is anything at all we can do, let me know! Jon Hughes, Phazm Webdesign President

Notes from Phazm - by Jon Hughes

Welcome to Phazm WebdesignNotes from Phazm is the personal and professional blog of Jon Hughes, President of Phazm Webdesign. Here you can find useful resources regarding web design, inspiration, CSS Techniques and more...

Posted on:Jan18By Jon Hughes, President of Phazm Webdesign

Easy as Pie – Working with a Database

Comments:

Add

This post is the third in a continuing series of DIY tutorials, which aims to make things as simple as possible.

The [Easy as Pie] series focuses on tasks that most people consider too challenging and presents it in a way that is easy (as pie!) to understand.

Introduction

In this post, you are going to have a fantastic time learning:

The good stuff

If you're like me, you learn really well from example. For this reason, I include the download for the random quote generator right here. Enjoy!

Download the Random Quote Generator source code

Let's get started!

Previous articles in this series

Creating a MySQL Database

I am going to use cPanel for this example, as it is what my host uses.

Step 1: Go into cPanel

Step 2: Click on 'MySQL® Databases'

Step 3: Find the input box where it says 'New Database:'

Step 4: Insert your database name, and click 'Create Database'

Step 5: Find 'Current Users:' and input a new username and password into the fields, then click create user

Step 6: Find 'Add Users To Your Databases:' Select your new database and username from the dropdowns, then hit 'Add User to Database'

Now you have a database set up!

From here, you can open PHPMyAdmin from the link at the bottom of the page, but I prefer using SQLyog Enterprise (free version available)

If you are going to be using SQLyog, you may have to add your IP into the 'Access Hosts:' section. You can get your IP from cmyip.com.
PLEASE BE AWARE OF THE SECURITY RISKS INVOLVED WITH ALLOWING REMOTE ACCESS TO YOUR DATABASE(S)

Creating a Table in a MySQL Database

Now we have transitioned into SQLyog, if you want to use PHPMyAdmin, you can go into the 'Query Window' that PHPMyAdmin provides, which is very similar to SQLyog's query input area, albeit much less verbose.

First, we have to decide the columns we are going to need. Because we are going to be making a random quote generator, we're going to need the following columns:

id - this will automatically increment as entries are added
quote - this will contain the quote
author - this will contain the person who said the quote

The syntax for creating our table is:

CREATE TABLE `quotes` (
    `id` int(11) NOT NULL auto_increment,
    `quote` varchar(255),
    `author` varchar(40),
    PRIMARY KEY  (`id`)
)

This will create a table named 'quotes' with our 3 columns.

id is set to NOT NULL as it will always have a value, and it will automatically increment (so long as we don't define a value)

quote is set to VARCHAR and is limited to 255 characters

author is also set to VARCHAR, but is limited to only 40 characters

Our primary key is set to id - this means that you cannot have two of the same id

To execute this in SQLyog, go to 'Edit' => 'Execute Query' => 'Execute Current Query' ('F5' or 'F9' depending on your version) after putting the query in the query area at the top.

While we are here, we can add a few entries to our newly-created table. We could do this with the WYSIWYG interface, but that's no fun, so here's how you add values using a query:

INSERT INTO `quotes` (`quote`,`author`) values ('A rose by any other name would smell as sweet','William Shakespeare')

By not defining the id column, it auto-fills with the value of 1.

Feel free to add a few more, though it's not necessary as we will be building a script to add them right about... now.

Adding data to a MySQL Database

We just learned the query to add data, now we just need to create an interface for it. I'm going to be using PHP for the backend code.

Before we begin, create a new page, and call it quotemanager.php

The first step will be creating the HTML form.

<form action="" method="post">
<fieldset>
<legend>Add a Quote</legend>
<label for="quote">Quote:</label>
<input type="text" name="quote" id="quote" maxlength="255" />
<label for="author">Author:</label>
<input type="text" name="author" id="author" maxlength="40" />
<input type="submit" value="Add Quote" />
</fieldset>
</form>

Here's how that will look:

Then we have to do the PHP stuff.

Here's the code used to connect to a MySQL database:

$user="username";
$password="password";
$database="database";
$connection = mysql_connect('localhost',$user,$password);
@mysql_select_db($database) or die( "Unable to select database");

Most of this should be pretty self-explanatory. The first 3 lines are simply declaring variables, then you run the mysql_connect() function which connects to the server using your credentials, then the next line is selecting the appropriate database, and if it is unable to do so, it spits out an error.

You may need to change 'localhost' to your domain if you are using an external database.

Now, we are going to create the PHP code that will grab the form values on submit and add it to the database.

<?php
if ($_REQUEST['quote'] != "") {
    if($_REQUEST['author'] != "") {
	    $author = $_REQUEST['author'];
    } else {
	    $author = "Anonymous";
    }
    $quote = $_REQUEST['quote'];
    
    $query="INSERT INTO `quotes` (`quote`,`author`) values ('" . mysql_real_escape_string($quote) . "','" . mysql_real_escape_string($author) . "')";
    $result = mysql_query($query) or die(mysql_error());
    echo("inserted quote: " . htmlentities($quote) . " by " . htmlentities($author) . " into database");
} else {
    echo("<p>Please enter a quote and author</p>");
}
?>

Here's what this script is doing:

if ($_REQUEST['quote'] != "") {

This means "if there is a quote specified (quote does not equal nothing) then continue on."

if($_REQUEST['author'] != "") {
 $author = $_REQUEST['author'];
} else {
 $author = "Anonymous";
}

This means "if there is an author specified, use that value, otherwise (else) define author as 'Anonymous'."

$query="INSERT INTO `quotes` (`quote`,`author`) values ('" . mysql_real_escape_string($quote) . "','" . mysql_real_escape_string($author) . "')";

This defines the query we learned earlier

The mysql_real_escape_string() escapes the string so you aren't opened up to SQL Injection vulnerabilities.

Don't forget to escape the user input!

$result = mysql_query($query) or die(mysql_error());

This actually runs the query, and spits out an error if it fails

echo("inserted quote: " . htmlentities($quote) . " by " . htmlentities($author) . " into database");

This outputs what we put into the database

The htmlentities() converts things like < to <, so you don't run into XSS vulnerabilities.

} else {
    echo("<p>Please enter a quote and author</p>");
}

This means that there was no quote specified, so it asks for input from the person viewing the page.

So that's it, now we can add all the data we want into our quotes table. But really, that's not all that helpful, we need to have a way to output it!

Retrieving data from the Database

We are now going to list all quotes in the database along with the author.

<?php
$query="SELECT `quote`, `author` FROM `quotes`";
$result=mysql_query($query) or die(mysql_error());
$num=mysql_numrows($result);
$i=0;
while ($i < $num) {
  $quote = htmlentities(mysql_result($result,$i,"quote"));
  $author = htmlentities(mysql_result($result,$i,"author"));
  echo("<blockquote>" . $quote . " ~ <cite>" . $author . "</cite></blockquote>");
  $i++;
}
mysql_close($connection);
?>

This is what is going on:

$query="SELECT `quote`, `author` FROM `quotes`";
$result=mysql_query($query) or die(mysql_error());

Look familiar? This is the select query which selects the quote and author columns out of the quotes table, or more accurately, selects the values therein.

$num=mysql_numrows($result);

This sets $num to the number of rows that are returned by the select query. So for instance, if you have 9 quotes in the table, the number will be... you guessed it -- 9!

$i=0;

Just setting the $i variable to 0, as we are about to loop through the results, and need a counter

while ($i < $num) {

This is the beginning of a while loop. Each iteration, it checks for a condition (in this case, it checks that $i is less than the number of results (which is stored in $num))

$quote = htmlentities(mysql_result($result,$i,"quote"));
$author = htmlentities(mysql_result($result,$i,"author"));

In order to use the values in the loop, we have to define them in this way. The syntax being used is:

mysql_result() - function
$result - Which resultset to use
$i - Which row you want to pull (as this increments, it will pull each row)
"quote"/"author" - Specified which field/column to pull from

$i++;

This means "Increment $i by 1 (The same could be written $i = $i + 1; or $i+=1;)

mysql_close($connection);

As we are no longer using the MySQL Connection, we can close it here.

That's it for getting data out of a database - pretty straightforward! Now on to the fun stuff!

Making a random quote generator

Alright, if you have read this far and retained around 15% of it, you are scientifically proven to be a genius. Great job!

We're going to create a random quote generator, using the scripts we have already made

The first thing we need to do is create a new page, where the quote will show up. We'll call this page quote.php, because I'm feeling adventurous.

Here's the code we're going to put on this page:

<h1>Quote of the moment</h1>
<?php
$user="username";
$password="password";
$database="database";
$connection=mysql_connect('localhost',$user,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query="SELECT `quote`, `author` FROM `quotes` ORDER by rand() LIMIT 1";
$result=mysql_query($query) or die(mysql_error());
$quote = htmlentities(mysql_result($result,$i,"quote"));
$author = htmlentities(mysql_result($result,$i,"author"));
echo("<blockquote>" . $quote . " ~ <cite>" . $author . "</cite></blockquote>");
mysql_close($connection);
?>

Alright, so the only new thing is:

$query="SELECT `quote`, `author` FROM `quotes` ORDER by rand() LIMIT 1";

Here is our query for randomly selecting one of the quotes and authors out of the database. The rand() means random, and will generate a random column to pull from each time it is run

The LIMIT 1 means just that, limit the query to one result.

That's all you need for your random quote generator! By only slightly modifying this code, you can create a plethora of mini-applications, such as a random image generator, random trivia, etc. The possibilities, as they say, are endless.

Download the Random Quote Generator source code.

That's all, folks

And so concludes the article. If you enjoyed it, please leave a comment. Don't forget to subscribe to the RSS feed for future articles.

Share the Love:

Posted in Easy As Pie, MySQL, PHP,

[trackback]

11 Trackbacks/Pingbacks

Pingback:Game Developer Tips & Tricks » Blog Archive » Easy as Pie (mySQL) on January 19, 2008
Pingback:links for 2008-01-20 « 個人的な雑記 on January 20, 2008
Pingback:links for 2008-01-21 « LAN b4 Time on January 20, 2008
Pingback:Monday morning links serving: The January 21st edition on January 21, 2008
Pingback:links for 2008-01-22 at James A. Arconati on January 22, 2008
Pingback:Weekend Link Roundup : Week 2 on January 26, 2008
Pingback:MySQL - the basics « 0ddn1x: tricks with *nix on January 27, 2008
Pingback:neo.phyt.us » My del.icio.us bookmarks for January 18th through January 27th on January 27, 2008
Trackback:How to & DIY on February 1, 2008
Pingback:Kloppy Programming » Blog Archive » [Easy as Pie] Working with a MySQL Database on February 10, 2008
Pingback:Tagz | "Learn how to manage a MySQL database and make a random quote generator! | Notes from Phazm" | Comments on May 16, 2009

30 Comments

Kenny P January 18, 2008 at 12:03 pm 1

I think you did a great job. I think it was very simple and clear. Before, I knew a database could be a really great tool but I didn’t know where to start. It’s like I was at a party with tons of people, and I wanted to do some networking but I just hear a big crowd chattering and no idea where to start. You laid out who to talk to first (c-panel.set up db) and who to introduce that person to (have php do queries)…. So let me make sure I get this, as soon as I set up the db on the server and define the column headers and rows, then I use php to do all the writing and reading from the db, is this right?
Jon Hughes January 18, 2008 at 11:24 pm 2

I sincerely apologize to everyone that downloaded the script prior to the new changes. As a horrible lack of foresight (and sleep) I forgot to escape the SQL query on insert. If you downloaded the script prior to 7PM PST, please download the new version.
Jon Hughes January 19, 2008 at 3:08 pm 3

@ Kenny P -
Thanks for your support! To answer your question, the answer is yes. You can, of course, add the data from within your preferred WYSIWYG editor, but to make it interactive with visitors, you do that using PHP.
Anonymous January 19, 2008 at 7:32 pm 4

Using order by rand() is a *horrendously* inefficient way of getting a random row, because it has to generate random numbers for every row in the table, and keep every one of them hanging around in memory until it's sorted the rows. This scales exponentially poorly. After just a couple thousand rows it starts becoming noticeable, especially if you have many users running the query (e.g. to put a random quote on each page viewed).

Take a look at http://jan.kneschke.de/projects/mysql/order-by-rand/ for some alternate ways to do this that scale properly.
Ignonymous January 19, 2008 at 11:23 pm 5

As this is an introductory tutorial, i'd be very surprised at whether the individual functions scale well is an important factor in teaching beginners...
Antonio Ciccarone January 20, 2008 at 1:14 pm 6

Nice article here, I wish I read this when I was first trying to figure out database queries. I can't tell you how many times I came up with Resource ID # as I echoed results. I know better now and think I'll bookmark your article in case I run into a simple situation like that again.
Spuds January 21, 2008 at 1:22 am 7

Very informative.
Adam January 24, 2008 at 11:34 am 8

Your page does not validate as Valid XHTML 1.0 Strict!

22 errors...
Jon Hughes January 24, 2008 at 12:18 pm 9

Right you are, Adam. "HTML Validator" extension doesn't report any problems - some rookie mistakes in there, I'll get them cleaned up. Thanks for the notice!
Jon Hughes January 24, 2008 at 11:52 pm 10

Alright, fixed. Thanks again
Cole February 11, 2008 at 11:07 pm 11

A great article for beginners as Antonio said I wish i had read it when i was starting out. Keep up the good work
magic February 17, 2008 at 3:57 pm 12

I'm stuck. (I'm pretty new at this, but that's why I'm reading this article!). Everything was going fine- I got my page up to generate the form, saved as quotemanager.php. "Then we have to do the PHP stuff" you say- but where do I put this code? Is this in a new file, or the same one but not in the tags. Please help!
Jon Hughes February 17, 2008 at 5:25 pm 13

@ magic -
Sorry if it's a bit confusing - I know what it's like to be doing this for the first time (which is why I created these articles.) To answer your question: it goes in the same file. There's a link to download the source-code for this at the top of the page, where you can see the final quotemanager.php script. Give it a look, and if you still have questions, feel free to make another comment!
- Jon
Danltn February 18, 2008 at 6:49 am 14

A faster method is use the SELECT COUNT function in MySQL, then use PHP's rand(); to get a random number, then get the row specifying row ID.

Dan
magic February 18, 2008 at 7:12 am 15

Thanks- I will take a look at the source-code link. I'm beginning to wonder if this pie is not as easy as it seems though!
Wizz Kid February 26, 2008 at 11:21 am 16

Hey there!
I was wondering if you can help me!!
My host uses the same thing as yours, so i did everything you said and i am also using SQLyog Community...
I cant find the bit where you said i have to add my IP into the "Access Host" section! Can you please tell me where this is??
Also what are the settings or what am i meant to put here: (please give me example)

MySQL Host Address:
Username: (is this the same as i created on Cpanel?)
Password: (is this the same as i created on Cpanel?)
Port:
Database(s): ( i know the name of database goes here)

I have been searching real hard to sort this problem out!

Hope u can help!!

Thanks!!

Jatin
Jon Hughes February 26, 2008 at 9:32 pm 17

@ Wizz Kid -
Go to "MySQL Databases" in your cPanel then look for "Access Hosts:" - that's where you put your IP.

The usename and password are indeed the ones that you create using cPanel. Usually, the username will have something before it, such as yoursite_username, as will the database.

Let me know if you still have problems!

- Jon Hughes
Wizz Kid February 27, 2008 at 8:06 am 18

Hey...
Thanks for that!
I have looked in MySQL Databases but i cant find it! and ive also looked hard in Cpanel and cant find it!
I have contacted the support staff and they are saying they will get back to me.

I really need this working as i need to do this for my UNI work!

Im really Happy that there are people like you out there! willing to help!

Also i have a problem with my uni server... the problem is when you test a php page on the server and if there is any errors then it does not show it, it just shows a blank page... I have tried putting the error reporting ini_set("display_errors","2");
ERROR_REPORTING(E_ALL);
statement in the page but it does not work! Any clues??
Thanks
Jon Hughes February 27, 2008 at 9:08 am 19

@ Wizz Kid -
What version of cPanel is your host running?

To turn on reporting, most of the time you have to ask your host, as it's in the php.ini. If you have a dedicated host, then you can look in the php.ini and check the value of "error_reporting" - it should be set to:
error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT
Which will show all errors, except for notices.

Also make sure "display_errors" is set to "on".

However, this is considered bad practice for production servers. If you need to know what errors are happening, go to cPanel and click on "Error log."

Hope that helps,

- Jon Hughes
Wizz Kid March 20, 2008 at 8:09 pm 20

Hey! Jon
Sorry i have taken sooo long in replying!
I have been busy...I have spent some time understanding all this stuff on cpanel! and I now understand why you have to create a user and stuff on mysql in cpanel.
I no the user and password now as i understand it but i still dont have a clue!! what the "MySQL host address" is...please can you show me an example of yours then i would be able to work it out. If you dont want to write it on here then can you please send it via email @ jatin93@hotmail.com.

The version of my cpanel is: 11.18.3-STABLE.

Thanks a lot!!

Jatin
Wizz Kid March 20, 2008 at 8:18 pm 21

jon i think i have worked out what the problem is for not connecting. I think you are right with putting my IP Add in Access Host. But i dont know where i can find this!!
Any help?
Thanks again...
Wizz Kid March 20, 2008 at 8:40 pm 22

Hey!!
Your not gonna believe i've manage to get it working!!! way hey!! thanks for all your help!! I found the bit where i had to add the IP Add!..it was in the cpanel under "Remote Database Access Hosts"
Thanks again!
If i have any more probs i will let you know thanx!
Jatin
Jon Hughes March 20, 2008 at 9:36 pm 23

I'm really happy you got it, Wizz Kid If you need any help with anything else, just let me know!
Wizz Kid March 31, 2008 at 5:21 pm 24

Hi jon!
hope ur well!
Just wanted to know if u had a personal email that i can write to as it will be easier.
I wanted to know how you can upload an image on a website using a form and then storing it in a database.
Hope u can help!!
Thanks
Jatin
Brandon Beth April 23, 2008 at 6:14 pm 25

Hi, I just wanted to say that I found this very informative and I would appreciate it if you could shoot me an e-mail if you do any other Easy as Pie articles about php or sql.

Thank you!

Brandon Beth
Jonathan May 7, 2008 at 2:35 pm 26

How could I modify this to select the last quote input, or just replace the quote?

Any help is much appreciated!
SOHBET October 20, 2008 at 12:42 pm 27

thankss
battery November 23, 2008 at 8:07 pm 28

i have worked out what the problem is for not connecting. I think you are right with putting my IP Add in Access Host. But i dont know where i can find this!!
Any help?
Alexwebmaster March 3, 2009 at 9:45 am 29

Hello webmaster
I would like to share with you a link to your site
write me here preonrelt@mail.ru
Noob September 13, 2009 at 10:49 pm 30

Hi there, just came across your article, looks excellent!

I am ABSOLUTELY NEW to this, so I will try in the next days to follow your instructions and see if I can get things working.

But whatever the result, thank you so much for trying to help people like me, that´s very nice of you, hope everything works out fine for you and your company!