PHP-Projekt/Testdatenbank: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Michi (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
Michi (Diskussion | Beiträge) |
||
(12 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 12: | Zeile 12: | ||
$ <b>sudo mkdir md && sudo chown mik:mik md</b> | $ <b>sudo mkdir md && sudo chown mik:mik md</b> | ||
== base/phpinfo.php == | |||
Quelltext: | |||
<source lang=php enclose=div> | |||
<?php | |||
phpinfo(); | |||
?> | |||
</source> | |||
== base/database.md.base.inc.php == | |||
Erfordert | |||
* base/server.mysql.inc.php | |||
Bereitgestellte Variablen | |||
* $database | * $database | ||
* $connection | * $connection | ||
Verwendete Funktionen | |||
* mysqlconnection() | * mysqlconnection() | ||
* mysqldie() | * mysqldie() | ||
Quelltext: | |||
<source lang=php enclose=div> | <source lang=php enclose=div> | ||
<?php | <?php | ||
Zeile 42: | Zeile 53: | ||
?> | ?> | ||
</source> | </source> | ||
== base/database.md.password.inc.php == | |||
Diese Datei sollte später in ein anderes Verzeichnis verschoben werden, das mit ".htaccess" gegen allgemeines Herunterladen geschützt ist. Die include-Zeilen in den anderen Dateien müssen dann entsprechend angepasst werden. | |||
Bereitgestellte Variablen | |||
* $mysqluser | * $mysqluser | ||
* $mysqlpassword | * $mysqlpassword | ||
* $mysqlserver | * $mysqlserver | ||
Quelltext: | |||
<source lang=php enclose=div> | <source lang=php enclose=div> | ||
<?php | <?php | ||
Zeile 61: | Zeile 73: | ||
### VARIABLES ### | ### VARIABLES ### | ||
$mysqluser = "root"; # | ## Doesn't work if $mysqlhost = "kanzler" | ||
## "localhost" or "127.0.0.1" or "" are OK | |||
## also check "bind-address" in file "/etc/mysql/my.cnf" | |||
$mysqlhost = "localhost"; # name of host on which Mysql is running | |||
$mysqluser = "root"; # Mysql user | |||
$mysqlpassword = "xxxxxx"; # password | $mysqlpassword = "xxxxxx"; # password | ||
?> | ?> | ||
</source> | </source> | ||
== base/server.mysql.inc.php == | |||
Bereitgestellte Funktionen | |||
* mysqlconnection() | * mysqlconnection() | ||
* mysqldie() | * mysqldie() | ||
* mysqlinsert() | * mysqlinsert() | ||
* mysqlselect() | * mysqlselect() | ||
Verwendete Variablen | |||
* $mysqluser | * $mysqluser | ||
* $mysqlpassword | * $mysqlpassword | ||
* $mysqlserver | * $mysqlserver | ||
Quelltext: | |||
<source lang=php enclose=div> | <source lang=php enclose=div> | ||
<?php | <?php | ||
Zeile 92: | Zeile 109: | ||
## Connecting with MySQL, activating database "md"; in case of a | ## Connecting with MySQL, activating database "md"; in case of a | ||
## connection error, show a complete HTML document with a short error message | ## connection error, show a complete HTML document with a short error message | ||
function mysqlconnection($mysqldatabase,$passwordfile) { | function mysqlconnection($mysqldatabase, $passwordfile) { | ||
## In order to increase the security of this project, | ## In order to increase the security of this project, | ||
## move . | ## move database.md.password.inc.php to another directory which is protected | ||
## general download by .htaccess and change the include line accordingly | ## against general download by .htaccess and change the include line accordingly | ||
require($passwordfile); | require($passwordfile); | ||
$connection = mysql_connect($ | ## "@" suppresses PHP error messages in case of connection error | ||
$connection = @mysql_connect($mysqlhost, $mysqluser, $mysqlpassword); | |||
if ($connection) { | if ($connection) { | ||
mysql_select_db($mysqldatabase); | mysql_select_db($mysqldatabase); | ||
return $connection; | return $connection; | ||
} | } | ||
## In case of connection error show complete HTML file with error message | |||
else { | else { | ||
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\">"; | |||
echo "<html>"; | echo "<html>"; | ||
echo "<head>"; | echo "<head>"; | ||
Zeile 111: | Zeile 131: | ||
echo "</body>"; | echo "</body>"; | ||
echo "</html>"; | echo "</html>"; | ||
## Quit PHP interpreter | |||
exit(); | exit(); | ||
} | } | ||
Zeile 118: | Zeile 139: | ||
{ | { | ||
$message = mysql_error(); | $message = mysql_error(); | ||
$number = mysql_errno(); | $number = mysql_errno(); | ||
return "[{$errortext}] ( {$number} : {$message} )<br />\n"; | return "[{$errortext}] ( {$number} : {$message} )<br />\n"; | ||
exit; | exit; | ||
Zeile 144: | Zeile 165: | ||
} | } | ||
function mysqlselect($resultfields,$tarray) { | function mysqlselect($resultfields, $tarray) { | ||
## number of clauses | ## number of clauses | ||
$noc = count($tarray["clause"]); | $noc = count($tarray["clause"]); | ||
Zeile 169: | Zeile 190: | ||
?> | ?> | ||
</source> | </source> | ||
== mysql_authentification.php == | |||
Erfordert | |||
* base/database.md.base.inc.php | |||
Quelltext: | |||
<source lang=php enclose=div> | |||
<?php | |||
## Name mysql_authentification.php | |||
## Description | |||
### FUNCTIONS ### | |||
function authenticate() | |||
{ | |||
header('WWW-authenticate: basic realm="Musikdatenbank"'); | |||
header('HTTP/1.0 401 Unauthorized'); | |||
echo <<<INFO | |||
Du benoetigst einen gueltigen Benutzernamen | |||
... | |||
INFO; | |||
exit; | |||
} | |||
##### MAIN PROGRAM ##### | |||
if(!isset($_SERVER['PHP_AUTH_USER'])) | |||
{ | |||
authenticate(); | |||
} | |||
else | |||
{ | |||
include("base/database.md.base.inc.php"); | |||
$id = strtolower($_SERVER['PHP_AUTH_USER']); | |||
$query = mysql_query(" | |||
SELECT * FROM t_authentication | |||
WHERE f_authentication_name = '$id' | |||
AND f_authentication_password = '{$_SERVER['PHP_AUTH_PW']}' | |||
"); | |||
if(!mysql_num_rows($query)) | |||
{ | |||
authenticate(); | |||
} | |||
} | |||
?> | |||
</source> | |||
== Weiteres == | |||
Apache-Errorlog unter "/var/log/apache2/error.log" | Apache-Errorlog unter "/var/log/apache2/error.log" |
Aktuelle Version vom 31. März 2009, 21:16 Uhr
Auf Rechner "kanzler".
Anlegen der Datenbank "md".
$ mysql -u root -p mysql> create database md; mysql> quit
Anlegen Verzeichnis mit PHP-Skripten.
$ cd /WWW $ sudo mkdir md && sudo chown mik:mik md
base/phpinfo.php
Quelltext:
<?php
phpinfo();
?>
base/database.md.base.inc.php
Erfordert
- base/server.mysql.inc.php
Bereitgestellte Variablen
- $database
- $connection
Verwendete Funktionen
- mysqlconnection()
- mysqldie()
Quelltext:
<?php
### Name database.md.base.inc.php
### Description Standard variables and functions with database "md"
require("server.mysql.inc.php");
### VARIABLES ###
$database = "md";
$connection = mysqlconnection("{$database}",
"database.{$database}.password.inc.php")
or mysqldie("Unable to connect");
?>
base/database.md.password.inc.php
Diese Datei sollte später in ein anderes Verzeichnis verschoben werden, das mit ".htaccess" gegen allgemeines Herunterladen geschützt ist. Die include-Zeilen in den anderen Dateien müssen dann entsprechend angepasst werden.
Bereitgestellte Variablen
- $mysqluser
- $mysqlpassword
- $mysqlserver
Quelltext:
<?php
### Name database.md.password.inc.php
### Description
### VARIABLES ###
## Doesn't work if $mysqlhost = "kanzler"
## "localhost" or "127.0.0.1" or "" are OK
## also check "bind-address" in file "/etc/mysql/my.cnf"
$mysqlhost = "localhost"; # name of host on which Mysql is running
$mysqluser = "root"; # Mysql user
$mysqlpassword = "xxxxxx"; # password
?>
base/server.mysql.inc.php
Bereitgestellte Funktionen
- mysqlconnection()
- mysqldie()
- mysqlinsert()
- mysqlselect()
Verwendete Variablen
- $mysqluser
- $mysqlpassword
- $mysqlserver
Quelltext:
<?php
## Name server.mysql.inc.php
## Description Basic MySQL input and output functions
### FUNCTIONS ###
## Connecting with MySQL, activating database "md"; in case of a
## connection error, show a complete HTML document with a short error message
function mysqlconnection($mysqldatabase, $passwordfile) {
## In order to increase the security of this project,
## move database.md.password.inc.php to another directory which is protected
## against general download by .htaccess and change the include line accordingly
require($passwordfile);
## "@" suppresses PHP error messages in case of connection error
$connection = @mysql_connect($mysqlhost, $mysqluser, $mysqlpassword);
if ($connection) {
mysql_select_db($mysqldatabase);
return $connection;
}
## In case of connection error show complete HTML file with error message
else {
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\">";
echo "<html>";
echo "<head>";
echo "<title>No connection</title>";
echo "</head>";
echo "<body>";
echo "<p>No connection to database</p>";
echo "</body>";
echo "</html>";
## Quit PHP interpreter
exit();
}
}
function mysqldie($errortext)
{
$message = mysql_error();
$number = mysql_errno();
return "[{$errortext}] ( {$number} : {$message} )<br />\n";
exit;
}
function mysqlinsert($tarray) {
## number of insert fields
$noif = count($tarray["insert"]);
$insert = "insert into {$tarray["t"]} (";
for ($i = 0; $i < $noif; $i++) {
$insert .= $tarray["fname"][$tarray["insert"][$i]];
if ($i < $noif - 1) {
$insert .= ",";
}
}
$insert .= ") values (";
for ($i = 0; $i < $noif; $i++) {
$insert .= "'{$tarray["fvalue"][$tarray["insert"][$i]]}'";
if ($i < $noif - 1) {
$insert .= ",";
}
}
$insert .= ")";
return $insert;
}
function mysqlselect($resultfields, $tarray) {
## number of clauses
$noc = count($tarray["clause"]);
## number of select fields
$nosf = count($resultfields);
$select = "select ";
for ($i = 0; $i < $nosf; $i++) {
$select .= $tarray["fname"][$resultfields[$i]];
if ($i < $nosf - 1) {
$select .= ",";
}
}
$select .= " from {$tarray["t"]} where ";
for ($i = 0; $i < $noc; $i++) {
$select .= $tarray["fname"][$tarray["clause"][$i]];
$select .= " = '{$tarray["fvalue"][$tarray["clause"][$i]]}'";
if ($i < $noc - 1) {
$select .= " and ";
}
}
return $select;
}
?>
mysql_authentification.php
Erfordert
- base/database.md.base.inc.php
Quelltext:
<?php
## Name mysql_authentification.php
## Description
### FUNCTIONS ###
function authenticate()
{
header('WWW-authenticate: basic realm="Musikdatenbank"');
header('HTTP/1.0 401 Unauthorized');
echo <<<INFO
Du benoetigst einen gueltigen Benutzernamen
...
INFO;
exit;
}
##### MAIN PROGRAM #####
if(!isset($_SERVER['PHP_AUTH_USER']))
{
authenticate();
}
else
{
include("base/database.md.base.inc.php");
$id = strtolower($_SERVER['PHP_AUTH_USER']);
$query = mysql_query("
SELECT * FROM t_authentication
WHERE f_authentication_name = '$id'
AND f_authentication_password = '{$_SERVER['PHP_AUTH_PW']}'
");
if(!mysql_num_rows($query))
{
authenticate();
}
}
?>
Weiteres
Apache-Errorlog unter "/var/log/apache2/error.log"