Ch. 7 - Building Personalized Web Apps

This chapter talks about making a web application remember who you are by using sessions and cookies. 

Things learned:

setcookie() - this PHP code is used to set a cookie on the browser, you can provided a expiration date also in this code

$_cookie - array to store cookies

SHA (value) - encryption code to make data unrecognizable within database

session_start() - PHP code to start a new session

session_destroy () - this closes a session

$_session - array with each session data

Ch.6 Cont.

Things Learned:

We remove the HTTP script and made it's own separate file so we can include it in more than one script

This adds more security to the site and prevents people to directly accessing the page through used of a bookmark

Human moderation improves integrity on a site.

double-hyphen(--) or number sign(#) - is used to comment things out in SQL 

SQL injection - form data is used to change the operation of an SQL query

trim() - get ride of leading and trailing spaces in form data

mysqli_real_escape_string() = converts dangerous characters into an escaped format

You can default values in sql tables.

is_numeric() - making sure the value enter is numeric

Ch. 6 - Securing Your Application

This chapter discuss the importance of security and making sure you have a secure site where people can access data without permission. 

Things Learned:

HTTP provides a simple way to secure a page using PHP. When someone tries to access the admin page,  a pop window will display requesting a user name and password from the user. HTTP authentication involves establishing a line of communication between the browser and the server through HTTP. 

The dialog between the browser and server takes place through headers, little text messages with instructions. All web pages are displayed with the help of headers. 

Header function - header();

*should precede any HTML code in PHP script

Depending on what the user's types in, the headers can take three different actions: accept, retry or deny access

Different type of headers: location, refresh and content type header

"basic realm" - security zone 

Finalized Project

I will add an event registration feature to my website: ugalambdas

The event registration will let you register for an event and if it cost money, it will let you either pay online or send in a check.

Basically, there will be a web form where the user can enter in all the necessary information. There will be validation code to check to make sure all the necessary information is entered in correctly. When the form is submitted, it will either direct the form to a online pay site or send it to a page with the address to send the check.

This project will use PHP to direct the user to the correct page after the form has been submitted.

Ch. 5 Cont.

Things learned:

include, include_once, require, require_once - script code that allow users to share code across multiple scripts. 

ORDER BY - an SQL command used to order things in a database

LIMIT - SQL command that limit the amount a statement can delete, this ensure accuracy of the deletion

UNLINK() - this deletes a file from the web server

Get method - used for data retrieval that doesn't change anything on the server. This method is shown in the url bar. Usually for directly sending data to server in a URL. 

Post method - used to send data to the server that somehow changes the state of the server. This method is hidden in the url bar. Usually used in web forms. 

Ch. 5 Working with data stored in files

This chapter discuss the used of files and databases together to build PHP applications.

Chapter example: Guitar War web site that maintain users' high scores and validates it. It needs to be able to handle a image upload.

Things learned:

SQL commands
ADD COLUMN - add a new column to the table
DROP COLUMN - remove a column from a table
CHANGE COLUMN - change the name and/or data type of a column
MODIFY COLUMN - changes the data type or position of the column in a table

$_FILES - this is another superglobal variable that provides access to information about uploaded files.

Ch. 4 Cont.

Alter Table command changes the structure of a table in a database without having to drop it and start over.
foreach is another PHP looping construct that lets you loop through an array one element at a time.

Most of the other code I learned in this chapter deals with IF statements and its operators and making sure the data can be validated.

Project - Visualization

I want a basic website with a guestbook, gallery, forum, calendar and log in capability.

A website that would attract people to join and a secure log in page where the fraternity's member can access and see certain fraternity's files and event. Also, a forum for the brothers to discuss things on.

Ch. 4 realistic and practical applications

This chapter explains the problems of moving your application from testing to a live site. Validation methods are explained in this section. The chapter example is being built off chapter 3 example with sending an email to multiple recipients in a database.

Problem: the recipients are receiving more than one email at a time.
Solution: need validation code in the send email php file. Client side validation could be use also such as JavaScript. This solution is on the server side.

IF statements are used to validate the data on the sever side.

Things Learned:
-isset() - checks that a variable exists and is set
-empty()-checks to see if a variable has any contents