Practicing PHP/mySQL

  • vin
  • Novice
  • Novice
  • vin
  • Posts: 19
  • Loc: Pittsburgh, PA

Post 3+ Months Ago

I have spent all last week learning PHP and mySQL, and I think I'm doing well. I learn best by doing however, so I've been messing around on xampp.
Does anyone have a simple assignment or practice problem for me to write?
So far I've created a very simple website that uses forms to store information with mySQL, and displays that information in a cool way. But now I'm not sure where to go from here. I've searched the interwebz far and wide for practice problems or ideas of simple websites to try to make, but alas I've found none.
Thanks!
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13502
  • Loc: Florida

Post 3+ Months Ago

Get ahold of the largest text files you can find, I'm talking at least hundereds of MB and preferably at least one GB.

Produce something from the content in those files. Statistics, an overview, an indexed MySQL database full of computed details derived from the files, anything.

Something you could do before that to get practice and generate files to work with, would be a webserver log generator.
  • Mars
  • Graduate
  • Graduate
  • User avatar
  • Posts: 160
  • Loc: Flordia

Post 3+ Months Ago

Make a basic one-user twitter clone page. Just have a text box that asks what you're doing and every time you submit it, it puts it in the database and then below that have your past updates. That should be a simple, fun assignment for you. It doesn't have to look fancy or anything it could just be a white background with black text. Make sure you put the date and time by each update.
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

A membership system. That was what I've done for my first project.
  • awatson
  • Novice
  • Novice
  • awatson
  • Posts: 20

Post 3+ Months Ago

Membership and profile system like Bogey suggested. Anything that makes you go through the usual view/edit/delete type stuff is good, plus using cookies, session vars, etc.
  • SpooF
  • ٩๏̯͡๏۶
  • Bronze Member
  • User avatar
  • Posts: 3422
  • Loc: Richland, WA

Post 3+ Months Ago

It kind of depends on what you want to do. Do you want to become a better programmer and problem solver? or do you want to become a more efficient at what you already know how to do? If you want to learn problem solving with PHP do what joebert suggested, if you want to fine tune your skills with pulling and inserting data into a database do what Bogey and awatson are suggesting.
  • devilwood
  • Silver Member
  • Silver Member
  • User avatar
  • Posts: 436

Post 3+ Months Ago

It sounds like you're moving data in and data out so I'd say get a good understanding of functions, arrays, and loops.

Functions: Be able to use correct syntax, variables in/out, and recognize level of your variables. Lastly, you should be able to call your function/use it in your program. This will help writing cleaner code as functions can be included in your program from an external script.

Arrays and Loops: A good understanding with these will help extracting, processing, and displaying the data. Remember, your rows returned from the database are in an array when you use mysql_fetch_array.

I wouldn't worry too much about security until you have a project that specifically calls for it due to sensitive data types. Then do tons of research for security. I'd just work deep in directories from root and just place atleast an index.html file in each parent directory.

Eventually, you'll need to look at writing/using classes as soon as possible.
  • DarkMantis
  • Born
  • Born
  • DarkMantis
  • Posts: 1

Post 3+ Months Ago

devilwood wrote:
I wouldn't worry too much about security until you have a project that specifically calls for it due to sensitive data types. Then do tons of research for security. I'd just work deep in directories from root and just place atleast an index.html file in each parent directory.


I agree with everything else which devilwood says except the security side of things.
You want to start learning about security along with all other aspects of PHP coding.

A few simple examples and preventions:

Code: [ Select ]
 
<?php

if(isset($_POST['submit']){

// prevents users inputting evil code (ie ' or 1=1--)
$user = addslashes($_POST['username']);
 
$pass = addslashes($_POST['password']);
 
 
//mySQL query to check that the username and the password are correct
$strQuery = "SELECT `username`,`password` FROM `myUserDatabase` WHERE 'username'='$user' and 'password'='$pass';";
 
 
//if $strQuery is successful execute following
if(mysql_query($strQuery)){
 
echo "Login Successful";
 
}else{
 
echo "Sorry Unable to login, please check credentials and try again";
 
}
 
//stripslashes($page); prevents RFI and LFI (Remote/Local file inclusion)
$page = stripslashes($_GET['page']);
 
if(!empty($page)){
 
file_get_contents($page);
 
}else{
 
echo "<script type='text/javascript'>location.href='index.php'</script>";
 
}
 
//made up post variable
$textarea = $_POST['textarea_input'];
 
//strip_tags() prevents XSS attacks ie. Cookie Stealing
if(isset(strip_tags($textarea)){
 
echo "Secure input against XSS";
 
}else{
 
echo "Sorry error!";
 
}
}

?>
 
 
  1.  
  2. <?php
  3. if(isset($_POST['submit']){
  4. // prevents users inputting evil code (ie ' or 1=1--)
  5. $user = addslashes($_POST['username']);
  6.  
  7. $pass = addslashes($_POST['password']);
  8.  
  9.  
  10. //mySQL query to check that the username and the password are correct
  11. $strQuery = "SELECT `username`,`password` FROM `myUserDatabase` WHERE 'username'='$user' and 'password'='$pass';";
  12.  
  13.  
  14. //if $strQuery is successful execute following
  15. if(mysql_query($strQuery)){
  16.  
  17. echo "Login Successful";
  18.  
  19. }else{
  20.  
  21. echo "Sorry Unable to login, please check credentials and try again";
  22.  
  23. }
  24.  
  25. //stripslashes($page); prevents RFI and LFI (Remote/Local file inclusion)
  26. $page = stripslashes($_GET['page']);
  27.  
  28. if(!empty($page)){
  29.  
  30. file_get_contents($page);
  31.  
  32. }else{
  33.  
  34. echo "<script type='text/javascript'>location.href='index.php'</script>";
  35.  
  36. }
  37.  
  38. //made up post variable
  39. $textarea = $_POST['textarea_input'];
  40.  
  41. //strip_tags() prevents XSS attacks ie. Cookie Stealing
  42. if(isset(strip_tags($textarea)){
  43.  
  44. echo "Secure input against XSS";
  45.  
  46. }else{
  47.  
  48. echo "Sorry error!";
  49.  
  50. }
  51. }
  52. ?>
  53.  
  54.  


Don't hold it against me if the code above doesn't work, I just wrote it off the top of my head.

Just an example of some security protocols I run my code through. There are more but I dont want to spoil your whole fun.

1) addslashes(); -> prevents SQL injection
2) mysql_real_escape_string(); -> prevents sql injection into the database;
3) stripslashes(); -> prevents LFI or RFI
4) strip_tags(); -> prevents XSS (Cross Site Scripting)

and there are many more that you can use to prevent intruders, these were just from the top of my head.


Best Regards and Good Luck.

Post Information

  • Total Posts in this topic: 8 posts
  • Users browsing this forum: price_comparison_app and 149 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.