Exercise Design and Implementation (Cont.)

  1. Calling a PHP Script with Embedded SQL (PHP)
  2. The following PHP program shows how to access the database and list the course titles taken by the students, $_POST[student], a list of names entered from the Web. If the $_POST[student] is empty, then list all titles. Note that everything printed from PHP is displayed on the browser.

    A PEM file is a text-based file that contains a certificate, a private key, and any associated certificates. The file DigiCertGlobalRootCA.crt.pem can be found from here.

    ~/public_html/course/457/2/ListCourses.php
    <?php
    
    /************************************************************************
    *                                                                       *
    *  This program lists the students’ courses by using the                *
    *    following 3 tables:                                                *
    *                                                                       *
    *  CREATE TABLE student1 (                                              *
    *    sid    INT AUTO_INCREMENT PRIMARY KEY,                             *
    *    name   VARCHAR(64) NOT NULL,                                       *
    *    email  VARCHAR(32) NOT NULL );                                     *
    *                                                                       *
    *  CREATE TABLE course1 (                                               *
    *    cid     CHAR(12) PRIMARY KEY,                                      *
    *    title   VARCHAR(64) NOT NULL,                                      *
    *    room    VARCHAR(16) NOT NULL,                                      *
    *    credit  INTEGER NOT NULL );                                        *
    *                                                                       *
    *  CREATE TABLE take1 (                                                 *
    *    sid       INT NOT NULL,                                            *
    *    cid       CHAR(12) NOT NULL,                                       *
    *    semester  VARCHAR(12) NOT NULL,                                    *
    *    PRIMARY KEY ( sid, cid ),                                          *
    *    FOREIGN KEY ( sid ) REFERENCES student1( sid ) ON DELETE CASCADE,  *
    *    FOREIGN KEY ( cid ) REFERENCES course1( cid ) ON DELETE CASCADE )  *
    *      ENGINE=InnoDB;                                                   *
    *                                                                       *
    *  -- Below is an SQL example for listing courses:                      *
    *                                                                       *
    *  SELECT s.name, c.title FROM student1 s, course1 c, take1 t WHERE     *
    *    ( s.sid=t.sid AND t.cid=c.cid ) AND                                * 
    *    ( (UPPER(s.name) LIKE '%POKE%') OR (UPPER(s.name) LIKE '%BOB%') )  *
    *    GROUP BY s.name, c.title                                           *
    *                                                                       *
    ************************************************************************/
    
    if ( $_POST['act'] == "List courses" ) {
      header( "Content-type:text/html; charset=UTF-8" );
      echo  ( "<html><body>" );
    
      $username = "user_id";
      $database = "user_id";
      $password = "password";
      $host     = "undcemmysql.mysql.database.azure.com";
    
      // Initializing MySQLi
      $conn     = mysqli_init( );
    
      // Creating an SSL connection
      mysqli_ssl_set( $conn, NULL, NULL, "DigiCertGlobalRootCA.crt.pem", NULL, NULL );
    
      // Opening a new connection to the MySQL server
      mysqli_real_connect( $conn, $host, $username, $password, $database, 3306 );
    
      // Connect to the database.
      if ( mysqli_connect_errno( ) )
        die( 'Failed to connect to MySQL: ' . mysqli_connect_error( ) );
    
      // Compose the query.
      $query  = "SELECT s.name, c.title FROM ";
      $query .= "student1 s, course1 c, take1 t WHERE ";
      $query .= "( s.sid=t.sid AND t.cid=c.cid ) ";
      $token  = strtok( $_POST['student'], " " );
      if ( $token !== false ) {
        $query .= " AND ( ";
        while ( $token !== false ) {
          $query .= "(UPPER(s.name) " . "LIKE '%" . strtoupper($token) . "%') ";
          $token  = strtok( " " );
          if ( $token !== false )  $query .= " OR ";
        }
        $query .= " ) ";
      }
      $query .= "GROUP BY s.name, c.title"; 
      echo( $query );
    
      // Execute the query.
      $result = $conn->query( $query );
      // Print the results row by row.
      if ( $result->num_rows > 0 )
        while ( $row = $result->fetch_assoc( ) )
          echo $row['name'] . " 🠞 " . $row['title'];
    
      // Close the database connection.
      $conn->close( );
      echo( "</body></html>" );
    }
    
    elseif ( $_POST["ct"] == "Help" ) {
      header( "Content-type:text/html; charset=UTF-8" );
      system( "cat Help.html" );
    }
    else {
      header( "Content-type:text/plain; charset=UTF-8" );
      if ( $_POST["ct"] == "HTML source" )
        system( "cat html.txt" );
      elseif ( $_POST["ct"] == "PHP source" )
        system( "cat ListCourses.php" );
      elseif ( $_POST["ct"] == "SQL source" ) 
        system( "cat ListCourses.sql" );
      else
        echo "No such option: $_POST[act]";
    }
    ?>

    Some of the PHP functions used may be found from the following links:

    • mysqli, which allows you to access MySQL database servers,
    • strtok, which splits string one by one,
    • strtoupper, which converts all characters to uppercase,
    • query, which performs query against a database, and
    • fetch_assoc, which fetchs a result row as an associative array.

  3. Testing the Exercise Thoroughly



      Criminal: Your money or your life …    
      Benny: [Pause.]    
      Criminal: Look, bud. I said your money or your life.    
      Benny: I’m thinking it over.    
      — Jack Benny