Bi ging

LP TRNH WEB
L nh Thanh B mn Mng v Truyn thng My tnh Khoa Cng ngh Thng tin Trng i hc Cng ngh, HQGHN E-mail: thanhld@vnu.edu.vn, thanhld.vnuh@gmail.com Mobile: 0987.257.504

Bi 5

ng dng CSDL trn nn web

L nh Thanh, Bi ging Lp trnh web.

Ni dung
M hnh ba tng Truy vn d liu Truy vn theo d liu ngi dng Ghi d liu

L nh Thanh, Bi ging Lp trnh web.

Phn 1

M hnh ba tng

L nh Thanh, Bi ging Lp trnh web.

M hnh ba tng
Tng khch: trnh din v tng tc vi ngi dng Tng gia: thc hin cc logic ca ng dng Tng CSDL: bao gm h qun tr CSDL, CSDL ca ng dng
L nh Thanh, Bi ging Lp trnh web.

Tng khch
Thng l trnh duyt web, nhng c th l web crawler, web proxy Gi HTTP Request ln Web server v nhn HTTP Response t Web server Trnh din ni dung web v tng tc vi ngi dng
L nh Thanh, Bi ging Lp trnh web.

Web client
M ngun trang web c th hin bng HTML, CSS javascript Hin th trn mn hnh my tnh Web Browser

Do Web Server gi ti.

Gi yu cu v nhn ni dung (m ngun HTML, CSS, javascript) trang web t Web Server. Phin dch m ngun trang web v th hin kt qu trn mn hnh.

L nh Thanh, Bi ging Lp trnh web.

Web client/server
HTTP Yu cu Web Client/Browser Microsoft Internet Explorer, Netcapse Navigator, Mozilla FireFox, Google Chrome p ng

Web Server
IIS, Apache, Tomcat, Sambar, Xitami

L nh Thanh, Bi ging Lp trnh web.

Tng gia
Cc trang web/kch bn c vit bng cc ngn ng kch bn khc nhau, v HTML Web server
Nhn yu cu t web client Yu cu cc chng trnh dch chy cc kch bn/trang ng sinh ra ni dung web (HTML, javascript, css) Gi ni dung web cho web client

Chng trnh dch

Chy cc kch bn c vit t cc ngn ng khc nhau (PHP, ASP, ASP.NET, C#, Java, ) sinh ra ni dung web Gi truy vn n H qun tr CSDL (tng di) v nhn d liu nu cn

L nh Thanh, Bi ging Lp trnh web.

Tng CSDL
CSDL cho ng dng H qun tr CSDL qun l CSDL ca ng dng
Nhn truy vn t cc chng trnh dch tng gia, thao tc CSDL v tr kt qu cho chng trnh yu cu

L nh Thanh, Bi ging Lp trnh web.

V d mu
Qun l sinh vin vi cc chc nng sau:
Hin th danh sch sinh vin. Thc hin phn trang danh sch. Cho ngi dng ty chnh s dng/trang Thm, cp nht, xa sinh vin.

L nh Thanh, Bi ging Lp trnh web.

Phn 2

Truy vn v cp nht CSDL

L nh Thanh, Bi ging Lp trnh web.

Kt ni CSDL MySQL
mysql_connect(address, username, password); mysql_select_db(database_name) or die(mysql_error());

V d
$ret = mysql_connect("localhost", "root", rt"); if ($ret) { //Ket noi thanh cong mysql_select_db("thuchanh"); //Chon CSDL . } else { echo "Khng kt ni c CSDL"; exit(); }
L nh Thanh, Bi ging Lp trnh web.

Thc thi truy vn

$ret = mysql_query(sql);
Nu thc thi thnh cng, hm tr v true, ngc li hm tr v false v nguyn nhn li c MySQL qun l. c nguyn nhn li bng hm mysql_error() Vi cc lnh update, delete, insert, MySQL qun l s bn ghi chu tc ng. Ly s bn ghi chu tc ng bng hm mysql_affected_rows() Vi lnh select, hm tr v recordset lu kt qu truy vn. Hm mysql_num_rows($recordset) tr v s bn ghi nhn c.
L nh Thanh, Bi ging Lp trnh web.

X l kt qu truy vn
$rs = mysql_query("select from "); if (!$rs) { echo mysql_error(); exit(); } while ($row = mysql_fetch_array($rs)) { $field_value = $row*field_name+; }

L nh Thanh, Bi ging Lp trnh web.

Cp nht CSDL
$count = mysql_query($sql); $sql: Lnh insert, update, delete $count: S bn ghi c cp nht

L nh Thanh, Bi ging Lp trnh web.

Phn 3

Truy vn vi d liu ngi dng

L nh Thanh, Bi ging Lp trnh web.

Cc phng php nhp liu

Nhp tham s v gi tr ngay sau URL Bm vo lin kt n URL c cc tham s km theo trnh form theo phng thc GET
D liu c gn sau URL v gi ln server theo phng thc GET V d http://localhost/example.php?regionName=Riverland &countryName=Jamaica

trnh form theo phng thc POST

D liu c a vo thn ca gi HTTP Request
L nh Thanh, Bi ging Lp trnh web.

Nhn d liu c gi theo phng thc GET

PHP
$bien = $_GET[' tenThamso '];

L nh Thanh, Bi ging Lp trnh web.

Nhn d liu c gi theo phng thc POST

PHP
$bien = $_POST[' tenThamso '];

L nh Thanh, Bi ging Lp trnh web.

X l an ninh d liu nhp

D liu do ngi dng nhp c th khng ng nh dng v cha cc k t c bit lm cho chng trnh khng lm vic hoc lm vic khng ng
Cn lm sch d liu trc khi s dng

L nh Thanh, Bi ging Lp trnh web.

X l an ninh cho d liu nhp

Gii hn di ca gi tr Thay cc k t c bit nh ; . > < \ bng cch thm \ trc k t V d
D liu c nhp: 2001;cat /etc/passwd Ct bt v thay th du c bit: 2001\;cat

PHP function clean($input, $maxlength) { $input = substr($input, 0, $maxlength); $input = EscapeShellCmd($input); return ($input); }
L nh Thanh, Bi ging Lp trnh web.

To truy vn theo d liu nhp

PHP
$sql = select from where 1=1; $sql .= and thuoctinh=\ + thamso + \;

L nh Thanh, Bi ging Lp trnh web.

Xut HTML theo d liu truy vn

PHP
while ($row = mysql_fetch_array($result)) {
echo HTML open tag; echo $row["thuoctinh+; echo HTML close tag;

L nh Thanh, Bi ging Lp trnh web.

V d xut HTML theo d liu truy vn

PHP
echo "<tr align=\right\><td>" . "<a href=\"example.php?qty=1&amp;wineId=" . $row["wine_id"] . "\">Add a bottle to the shopping cart</a>" . "</td></tr>";

L nh Thanh, Bi ging Lp trnh web.

Kt hp m hin th v thc hin truy vn trong mt trang

PHP
if (empty($thamso)) {
//To form nhp

} else {
//X l an ninh d liu nhp //Thc hin truy vn v xut HTML theo d liu truy vn

L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Trang u Trang trc 1 3 4 5 Trang sau Trang cui

Cc tham s
S dng trn mt trang: rowsPerPage Trang hin ti: currentPage

L nh Thanh, Bi ging Lp trnh web.

Nhn tham s v kim tra

PHP
$currentPage = 0; if (!empty($_GET*currentPage +) , $s = clean($_GET*currentPage +, 4); if (is_numeric($s)) $currentPage = intval($s); }

L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Hin th cc bn ghi ng vi trang hin ti PHP
$firstRow = $currentPage*$rowsPerPage; if (!mysql_data_seek($result, $ firstRow)) showerror( ); for ( $i= 0; (($i< $rowsPerPage) && ($row = mysql_fetch_array($result)) ); $i++) {
echo <tr><td>; echo $row["thuoctinh+; echo </td></tr>;

}
L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Thm lin kt Trang trc PHP
if ($currentPage == 0) echo Trang trc; else {
echo <a href = \?currentPage=; echo (currentPage-1); echo \>; echo Trang trc; echo </a>;

L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Thm lin kt Trang sau PHP
$numPage = floor(mysql_num_rows($result)/$rowsPerPage); if (mysql_num_rows($result) % $rowsPerPage != 0) $numPage++; if ($currentPage == $numPage-1) echo Trang sau; else {
echo <a href = \?currentPage=; echo ($currentPage+1); echo \>; echo Trang sau; echo </a>;

}
L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Thm lin kt Trang u PHP
if ($currentPage == 0) echo Trang u; else {
echo <a href = \?currentPage=0\>; echo Trang u; echo </a>;

L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Thm lin kt Trang cui PHP
$numPage = floor(mysql_num_rows($result)/$rowsPerPage); if (mysql_num_rows($result) % $rowsPerPage != 0) $numPage++; if ($currentPage == $numPage-1) echo Trang cui; else {
echo <a href = \?currentPage=; echo ($numPage-1); echo \>; echo Trang cui; echo </a>;

}
L nh Thanh, Bi ging Lp trnh web.

V d Phn trang hin th

Thm lin kt s trang PHP
$numPage = floor(mysql_num_rows($result)/$rowsPerPage); if (mysql_num_rows($result) % $rowsPerPage != 0) $numPage++; for ($i = 0; $i < $numPage; $i++) if ($i == $currentPage) echo ($i+1); else {
echo <a href = \?currentPage=; echo $i; echo \>; echo (i+1); echo </a> ;

L nh Thanh, Bi ging Lp trnh web.

Phn 4

Ghi vo CSDL

L nh Thanh, Bi ging Lp trnh web.

Thm, xa, cp nht bn ghi

if ((mysql_query ($insertQuery, $connection)) && (($c = mysql_affected_rows( )) > 0))
echo $c. bn ghi c cp nht;

else
showerror( );

Lu : Hm int mysql_insert_id([resource connection]) dng ly nh danh t tng ca bn ghi va c thm

L nh Thanh, Bi ging Lp trnh web.

Kin trc
Trang danh sch ----------------------Hin th thng bo (nu c) Hin th danh sch phn trang Chn Thm Chn Sa Chn Xa Form method=POST hanhdong, ma, Form cp nht -----------------------iframe hoc AJAX c d liu i tng cn sa t CSDL Form to giao din nhp, sa method=POST hanhdong, ma, Kim tra hp thc pha client thongbao= lib.inc db.inc
L nh Thanh, Bi ging Lp trnh web.

Kim tra -----------------------Kim tra hp thc pha server Kim tra trng m

CSDL Cp nht CSDL -----------------------Thm Sa Xa

util.inc

auth.inc

Mu trang to form cp nht

//Nu l cp nht th load gi tr bn ghi t CSDL a vo form //To form nhp //Kim tra hp thc pha client //Yu cu server kim tra hp thc pha server v kim tra trng m (nu cn)

L nh Thanh, Bi ging Lp trnh web.

Mu trang cp nht CSDL

$note = ;
$input = clean($input); $insertQuery = lnh sql c xy dng theo $input; if ((mysql_query ($insertQuery, $connection)) && (($c = mysql_affected_rows( )) > 0)) { $note = Thng bo thm/cp nht/xa c bao nhiu bn ghi; } else { $note = Thng bo khng thm/cp nht/xa c; } header("Location: list.php? note=.$note);
L nh Thanh, Bi ging Lp trnh web.

Trang hin th danh sch c chnh sa thng bo kt qu cp nht

if (!empty($_GET*note+) , echo $_GET*note+; } //m x l cn li hin th danh sch theo trang

L nh Thanh, Bi ging Lp trnh web.

Upload tp v lu vo CSDL
To form upload tp <form enctype="multipart/form-data" action=page.php" method="post">
<input name="userfile" type="file"> <br><input type="submit">

</form>

L nh Thanh, Bi ging Lp trnh web.

Upload tp v lu vo CSDL
Nhn tp // Tp c upload? if (is_uploaded_file($userfile)) {
// M tp $file = fopen($userfile, "r"); // c ni dung $fileContents = fread($file, filesize($userfile)); // X l cc k t c bit bng cch thm \ trc chng $fileContents = AddSlashes($fileContents);

} else $fileContents = NULL;

L nh Thanh, Bi ging Lp trnh web.

Upload tp v lu vo CSDL
Lu ni dung tp vo CSDL
$insertQuery = "INSERT INTO TableName VALUES (..., \.$fileContents . "\")";

L nh Thanh, Bi ging Lp trnh web.

c v hin th tp nh lu vo CSDL
Tp imgdisp.php hin th nh
$data = @ mysql_fetch_array($result); if (!empty($data["map"])) {
// Xut d liu ra GIF MIME header("Content-Type: image/gif"); // Xut d liu nh echo $data["map"];

Tp s dng
echo <img src=\imgdisp.php?p=" . $p. "\">";
L nh Thanh, Bi ging Lp trnh web.

Vn truy cp ng thi
Nhiu ngi truy cp CSDL ng thi c th dn n cc tnh hung sau:
Mt cp nht: Ngi dng A c gi tr t CSDL. Ngi dng B cng c gi tr t CSDL v cp nht ngay lp tc. Ngi dng A cp nht, ghi gi tr ca ngi B c sai: Ngi dng A cp nht gi tr. Ngi dng B c gi tr cp nht. Ngi dng A undo li thao tc => Gi tr B c c khng cn ng Tnh tng sai: Ngi dng A ang tnh tng th ngi dng B thay i gi tr mt s mc c gi tr khng th lp: A c gi tr, B thay i gi tr, A c li thy gi tr khc
L nh Thanh, Bi ging Lp trnh web.

X l cp nht ng thi
Kha bng cn thao tc
Kiu kha READ: cho ngi dng khc c c nhng khng c ghi Kiu kha WRITE: khng cho ngi dng khc c hay ghi

Thc hin truy vn Thc hin cp nht M kha bng

L nh Thanh, Bi ging Lp trnh web.

V d X l cp nht ng thi
//Kha cc bng cn thao tc $query = "LOCK TABLES items READ, orders WRITE, customer READ"; if (!mysql_query($query, $connection)) showerror(); // Thc hin truy vn $query = "SELECT SUM(price*qty) from FROM items, orders, customer WHERE customer.cust_id = orders.cust_id AND orders.order_id = items.order_id AND items.cust_id = orders.cust_id AND orders.order_id = $orderId AND customer.cust_id = $custId"; if (!($result = mysql_query($query, $connection))) showerror( ); $row = mysql_fetch_array($result); //ri cp nht if ($row["SUM(price*qty)"] > $minimum) { $query = "UPDATE orders SET discount = $discount WHERE cust_id = $custId AND order_id = $orderId"; if (!mysql_query($query, $connection)) showerror(); } // M kha cc bng $query = "UNLOCK TABLES";
L nh Thanh, Bi ging Lp trnh web.

Lu khi kha cc bng

Sau khi kha xong phi m kha cc bng Khng cn kha cc bng nu ch thc hin mt truy vn.

L nh Thanh, Bi ging Lp trnh web.

Tip theo

X l hp thc, phin v cookie, xc thc v an ninh

L nh Thanh, Bi ging Lp trnh web.