PHP-Projekt/Testdatenbank: Unterschied zwischen den Versionen

Aus Mikiwiki
Zur Navigation springen Zur Suche springen
Keine Bearbeitungszusammenfassung
 
(14 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 12: Zeile 12:
  $ <b>sudo mkdir md && sudo chown mik:mik md</b>
  $ <b>sudo mkdir md && sudo chown mik:mik md</b>


{| class=wiki
== base/phpinfo.php ==
! colspan=2 | database.md.base.inc.php
 
|-
Quelltext:
| Erfordert || server.mysql.inc.php
 
|-
<source lang=php enclose=div>
| Bereitgestellte Variablen ||
<?php
phpinfo();
?>
</source>
 
== base/database.md.base.inc.php ==
 
Erfordert
* base/server.mysql.inc.php
 
Bereitgestellte Variablen
* $database
* $database
* $connection
* $connection
|-
 
| Verwendete Funktionen ||
Verwendete Funktionen
* mysqlconnection()
* mysqlconnection()
* mysqldie()
* mysqldie()
|-
 
| colspan=2 |
Quelltext:
 
<source lang=php enclose=div>
<source lang=php enclose=div>
<?php
<?php
Zeile 42: Zeile 53:
?>
?>
</source>
</source>
|-
 
! colspan=2 | database.md.password.inc.php
== base/database.md.password.inc.php ==
|-
 
| colspan=2 | Diese Datei sollte später in ein anderes Verzeichnis verschoben werden, das mit ".htaccess" gegen allgemeines Herunterladen geschützt ist. Die include-Zeilen in den anderen Dateien müssen dann entsprechend angepasst werden.
Diese Datei sollte später in ein anderes Verzeichnis verschoben werden, das mit ".htaccess" gegen allgemeines Herunterladen geschützt ist. Die include-Zeilen in den anderen Dateien müssen dann entsprechend angepasst werden.
|-
 
| Bereitgestellte Variablen ||
Bereitgestellte Variablen
* $mysqluser
* $mysqluser
* $mysqlpassword
* $mysqlpassword
* $mysqlserver
* $mysqlserver
|-
 
| colspan=2 |
Quelltext:
 
<source lang=php enclose=div>
<source lang=php enclose=div>
<?php
<?php
Zeile 61: Zeile 73:
### VARIABLES ###
### VARIABLES ###


$mysqluser    = "root";        # MySQL user
## Doesn't work if $mysqlhost = "kanzler"
## "localhost" or "127.0.0.1" or "" are OK
## also check "bind-address" in file "/etc/mysql/my.cnf"
 
$mysqlhost    = "localhost";  # name of host on which Mysql is running
$mysqluser    = "root";        # Mysql user
$mysqlpassword = "xxxxxx";      # password
$mysqlpassword = "xxxxxx";      # password
$mysqlserver  = "kanzler";    # name of host on which MySQL is running
?>
?>
</source>
</source>
|-
 
! colspan=2 | server.mysql.inc.php
== base/server.mysql.inc.php ==
|-
 
| Bereitgestellte Funktionen ||
Bereitgestellte Funktionen
* mysqlconnection()
* mysqlconnection()
* mysqldie()
* mysqldie()
* mysqlinsert()
* mysqlinsert()
* mysqlselect()
* mysqlselect()
|-
 
| Verwendete Variablen ||
Verwendete Variablen
* $mysqluser
* $mysqluser
* $mysqlpassword
* $mysqlpassword
* $mysqlserver
* $mysqlserver
|-
 
| colspan=2 |
Quelltext:
 
<source lang=php enclose=div>
<source lang=php enclose=div>
<?php
<?php
Zeile 92: Zeile 109:
## Connecting with MySQL, activating database "md"; in case of a
## Connecting with MySQL, activating database "md"; in case of a
## connection error, show a complete HTML document with a short error message
## connection error, show a complete HTML document with a short error message
function mysqlconnection($mysqldatabase,$passwordfile) {
function mysqlconnection($mysqldatabase, $passwordfile) {
   ## In order to increase the security of this project,  
   ## In order to increase the security of this project,  
   ## move ...password.inc.php to another directory which is protected against
   ## move database.md.password.inc.php to another directory which is protected
   ## general download by .htaccess and change the include line accordingly
   ## against general download by .htaccess and change the include line accordingly
   require($passwordfile);
   require($passwordfile);
   $connection = mysql_connect($mysqlserver, $mysqluser, $mysqlpassword);
  ## "@" suppresses PHP error messages in case of connection error
   $connection = @mysql_connect($mysqlhost, $mysqluser, $mysqlpassword);
   if ($connection) {
   if ($connection) {
     mysql_select_db($mysqldatabase);
     mysql_select_db($mysqldatabase);
     return $connection;
     return $connection;
   }
   }
  ## In case of connection error show complete HTML file with error message
   else {
   else {
    echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\">";
     echo "<html>";
     echo "<html>";
     echo "<head>";
     echo "<head>";
Zeile 111: Zeile 131:
     echo "</body>";
     echo "</body>";
     echo "</html>";
     echo "</html>";
    ## Quit PHP interpreter
     exit();
     exit();
   }
   }
Zeile 118: Zeile 139:
{
{
   $message = mysql_error();
   $message = mysql_error();
   $number = mysql_errno();
   $number = mysql_errno();
   return  "[{$errortext}] ( {$number} : {$message} )<br />\n";
   return  "[{$errortext}] ( {$number} : {$message} )<br />\n";
   exit;
   exit;
Zeile 144: Zeile 165:
}
}


function mysqlselect($resultfields,$tarray) {
function mysqlselect($resultfields, $tarray) {
   ## number of clauses
   ## number of clauses
   $noc    = count($tarray["clause"]);
   $noc    = count($tarray["clause"]);
Zeile 169: Zeile 190:
?>
?>
</source>
</source>
|}
 
== mysql_authentification.php ==
 
Erfordert
* base/database.md.base.inc.php
 
Quelltext:
 
<source lang=php enclose=div>
<?php
 
## Name          mysql_authentification.php
## Description 
 
### FUNCTIONS ###
 
function authenticate()
{
  header('WWW-authenticate: basic realm="Musikdatenbank"');
  header('HTTP/1.0 401 Unauthorized');
  echo <<<INFO
  Du benoetigst einen gueltigen Benutzernamen
  ...
INFO;
  exit;
}
 
##### MAIN PROGRAM #####
 
if(!isset($_SERVER['PHP_AUTH_USER']))
{
  authenticate();
}
else
{
  include("base/database.md.base.inc.php");
  $id    = strtolower($_SERVER['PHP_AUTH_USER']);
  $query = mysql_query("
    SELECT * FROM t_authentication 
    WHERE f_authentication_name    = '$id'
      AND f_authentication_password = '{$_SERVER['PHP_AUTH_PW']}'
    ");
  if(!mysql_num_rows($query))
  {
    authenticate();
  }
}
?>
</source>
 
== Weiteres ==


Apache-Errorlog unter "/var/log/apache2/error.log"
Apache-Errorlog unter "/var/log/apache2/error.log"

Aktuelle Version vom 31. März 2009, 21:16 Uhr

Auf Rechner "kanzler".

Anlegen der Datenbank "md". 

$ mysql -u root -p
mysql> create database md;
mysql> quit

Anlegen Verzeichnis mit PHP-Skripten. 

$ cd /WWW
$ sudo mkdir md && sudo chown mik:mik md

base/phpinfo.php

Quelltext: 

<?php
phpinfo();
?>

base/database.md.base.inc.php

Erfordert

  • base/server.mysql.inc.php

Bereitgestellte Variablen

  • $database
  • $connection

Verwendete Funktionen

  • mysqlconnection()
  • mysqldie()

Quelltext: 

<?php

### Name          database.md.base.inc.php
### Description   Standard variables and functions with database "md"

require("server.mysql.inc.php");

### VARIABLES ###

$database   = "md";
$connection = mysqlconnection("{$database}",
                              "database.{$database}.password.inc.php")
                or mysqldie("Unable to connect");
?>

base/database.md.password.inc.php

Diese Datei sollte später in ein anderes Verzeichnis verschoben werden, das mit ".htaccess" gegen allgemeines Herunterladen geschützt ist. Die include-Zeilen in den anderen Dateien müssen dann entsprechend angepasst werden.

Bereitgestellte Variablen

  • $mysqluser
  • $mysqlpassword
  • $mysqlserver

Quelltext: 

<?php

### Name          database.md.password.inc.php
### Description   

### VARIABLES ###

## Doesn't work if $mysqlhost = "kanzler"
## "localhost" or "127.0.0.1" or "" are OK
## also check "bind-address" in file "/etc/mysql/my.cnf"

$mysqlhost     = "localhost";   # name of host on which Mysql is running
$mysqluser     = "root";        # Mysql user
$mysqlpassword = "xxxxxx";      # password
?>

base/server.mysql.inc.php

Bereitgestellte Funktionen

  • mysqlconnection()
  • mysqldie()
  • mysqlinsert()
  • mysqlselect()

Verwendete Variablen

  • $mysqluser
  • $mysqlpassword
  • $mysqlserver

Quelltext: 

<?php

## Name          server.mysql.inc.php
## Description   Basic MySQL input and output functions


### FUNCTIONS ###

## Connecting with MySQL, activating database "md"; in case of a
## connection error, show a complete HTML document with a short error message
function mysqlconnection($mysqldatabase, $passwordfile) {
  ## In order to increase the security of this project, 
  ## move database.md.password.inc.php to another directory which is protected
  ## against general download by .htaccess and change the include line accordingly
  require($passwordfile);
  ## "@" suppresses PHP error messages in case of connection error
  $connection = @mysql_connect($mysqlhost, $mysqluser, $mysqlpassword);
  if ($connection) {
    mysql_select_db($mysqldatabase);
    return $connection;
  }
  ## In case of connection error show complete HTML file with error message
  else {
    echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\">";
    echo "<html>";
    echo "<head>";
    echo "<title>No connection</title>";
    echo "</head>";
    echo "<body>";
    echo "<p>No connection to database</p>";
    echo "</body>";
    echo "</html>";
    ## Quit PHP interpreter
    exit();
  }
}

function mysqldie($errortext)
{
  $message = mysql_error();
  $number  = mysql_errno();
  return  "[{$errortext}] ( {$number} : {$message} )<br />\n";
  exit;
}

function mysqlinsert($tarray) {
  ## number of insert fields
  $noif   = count($tarray["insert"]);
  $insert = "insert into {$tarray["t"]} (";
  for ($i = 0; $i < $noif; $i++) {
    $insert .= $tarray["fname"][$tarray["insert"][$i]];
    if ($i < $noif - 1) {
      $insert .= ",";
    }
  }
  $insert .= ") values (";
  for ($i = 0; $i < $noif; $i++) {
    $insert .= "'{$tarray["fvalue"][$tarray["insert"][$i]]}'";
    if ($i < $noif - 1) {
      $insert .= ",";
    }
  }
  $insert .= ")";
  return $insert;
}

function mysqlselect($resultfields, $tarray) {
  ## number of clauses
  $noc    = count($tarray["clause"]);
  ## number of select fields
  $nosf   = count($resultfields);
  $select = "select ";
  for ($i = 0; $i < $nosf; $i++) {
    $select .= $tarray["fname"][$resultfields[$i]];
    if ($i < $nosf - 1) {
      $select .= ",";
    }
  }
  $select .= " from {$tarray["t"]} where ";
  for ($i = 0; $i < $noc; $i++) {
    $select .= $tarray["fname"][$tarray["clause"][$i]];
    $select .= " = '{$tarray["fvalue"][$tarray["clause"][$i]]}'";
    if ($i < $noc - 1) {
      $select .= " and ";
    }
  }
  return $select;
}

?>

mysql_authentification.php

Erfordert

  • base/database.md.base.inc.php

Quelltext: 

<?php

## Name          mysql_authentification.php
## Description   

### FUNCTIONS ###

function authenticate() 
{
  header('WWW-authenticate: basic realm="Musikdatenbank"');
  header('HTTP/1.0 401 Unauthorized');
  echo <<<INFO
  Du benoetigst einen gueltigen Benutzernamen
  ...
INFO;
  exit;
}

##### MAIN PROGRAM #####

if(!isset($_SERVER['PHP_AUTH_USER'])) 
{
  authenticate();
} 
else 
{
  include("base/database.md.base.inc.php");
  $id    = strtolower($_SERVER['PHP_AUTH_USER']);
  $query = mysql_query("
    SELECT * FROM t_authentication  
     WHERE f_authentication_name     = '$id' 
       AND f_authentication_password = '{$_SERVER['PHP_AUTH_PW']}'
    ");
  if(!mysql_num_rows($query)) 
  {
    authenticate();
  }
} 
?>

Weiteres

Apache-Errorlog unter "/var/log/apache2/error.log"

Von «https://mikiwiki.org/mikiwiki/index.php?title=PHP-Projekt/Testdatenbank&oldid=11886»