Escaping characters for SQL statements

These need escape slashes to be included in a string

• Quote(‘)

• Double Quote (”)

• Backslash( \)

• NUL(NULL Byte)

UPDATE… “That’s all” = “That’’s all”

• Two single quotes will be entered in the SQL statement(phpMyAdmin) or will be required if driven by code

Databases

CRUD

Create, Read, Update, Delete

Read: SQL SELECT

SELECT * FROM table

WHERE colum1 = ‘some_text’

ORDER BY column, column2 ASC;

WRITE: SQL INSERT

INSERT INTO table (column1, colum2, column3)

VALUES (val1, val2, val3);

$_GET[‘’] & urlencode(), urldecode

Information can be sent in the link request and retrieved by the receiving page

• Display_errors/error_reporting

• Sever Error Logs

  • WAMP: C:\wamp\logs

  • XAMPP: C:\xampp\apache\logs

• typos, semicolons, closing braces

• = v.s. ==

PHP commands

echo $variable; //variable value

print_r($array); //readable array info

gettype($variable); //variable type

Functions

Functions can be placed anywhere, not necessarily BEFORE their call

function name($arguments){

statement;

}

function say_hello(){

echo "Hello World!<br />";

Control Structures

Operators

==, <=, >=, <>

Ternary

$result = (exp1) ? (expr2) :(expr3);

if exp1 is true, use expr2

otherwise, use expr3;

If, elseif, else

if

if ($a > $b){

}

elseif

if ($a > $b){

Data Types

Variables

$item – lower case

$Item – title case

$myVariable – camelcase

$_ is PHP reserved variable

String Functions

What is PHP

• Server-side, scripting language

• Designed for use with HTML

• Provides more flexibility than HTML alone

• Syntax is similar to C, Java, Perl

Versions

• Version 1: 1994

  • CGI binaries in the C programming Language

• Version 2: 1995

  • Personal Home Page Tools

• Version 3: 1998

  • PHP: Hypertext Preprocessor

  • Supported, not actively maintained