INTECH 2201: Web Application Development Lab

2nd Semester 2019-2020

PHP and MySQL

This document guides you on how to perform create, read, update and delete operations, as well as
connection to the database. The MySQLi functions allow you to access the MySQL Server. The
requirements for this are activities 2 and 3. Make sure that you completed it before proceeding.

connection.php

In the same directory of the activity 2, create the connection.php file. This file will hold the link to the
database. We can use mysqli_connect() to establish a connection to the server.

The mysqli_connect() function requires host, username, password, and database name. The host
refers to the location or address of your server. Commonly, the localhost used to refer to the current
machine. The host can be 127.0.0.1 or the actual IP address of the computer where the server is running.

The username and password are the credentials to access your server. In XAMPP, the default
username is root, and the password is empty. The database name is the actual name of the database
existing in your server. Use the labdb database you created in Activity 3.

The function will return a connection or an error based on the passed parameters. Errors may occur if
the host is refusing the connection, incorrect username or password, or database doesn't exist. The
mysqli_error() function returns the generated error of the connection.

Type the code below and run in your web browser. The Connected to databases message should
appear in your browser.

<?php

$host = "localhost";
$user = "root";
$pass = "";
$db = "labdb";

$conn = mysqli_connect($host,$user,$pass,$db);

if(!$conn) {
echo mysqli_error($conn);
} else {
echo "Connected to the database.";
}

?>

If successful, comment out the statement Connected to the database.

index.php

Let us display the rows in your database. First, include the connection that you created earlier. Use the
include function to import the contents of connection.php. Prepare the select query and store it to $sql
variable. To execute the query, use the mysqli_query() function. This function returns the result set if
successfully performed. Otherwise, it will return false.

It will return a result set. Therefore, you need to assign it to the $res variable. Also, use
mysqli_num_rows() to check the number of rows returned. Within a while loop, fetch the individual rows
returned by the server. Use mysqli_fetch_assoc() function to retrieve rows as an associative array, array
using a keyword as an index.

Save your work and run the application. The application should display the records from the database.
<?php

include 'connection.php';

$sql = "SELECT * FROM user";

$res = mysqli_query($conn,$sql);

if(mysqli_num_rows($res) > 0) {
while($row = mysqli_fetch_assoc($res)) {
echo "<tr>";
echo "<td>".$row['id']."</td>";
echo "<td>".$row['fullname']."</td>";
echo "<td>".$row['username']."</td>";
echo "<td>".$row['password']."</td>";
echo "<td><a href='update.php?id=".$row['id']."'>Update</a></td>";
echo "<td><a href='delete.php?id=".$row['id']."'>Delete</a></td>";
echo "</tr>";
}
}

?>

add.php

In the add.php file, you created a form with fields for full name, username, password, and submit. Make
sure that every input tag has a name attribute. The action attribute has an empty value. Then the form data
will be submitted to the same file. Put the PHP scripts at the beginning of the code.

First, include the connection file to the page. Aside from using include function, you can use require
keyword. Both perform the same action but require() returns an error if the file doesn't exist. Second, check
if the user submitted the form by clicking the submit button using the isset function. Third, fetch the data
inputted by the user using the $_POST variable.

Next, prepare the query to insert the record. Take note that you can combine double and single
quotations. When insert, update, and delete queries executed in mysqli_query() function, it will return true if
successful and false if not.

<?php

require 'connection.php';

if(isset($_POST['submit'])) {
$fullname = $_POST['fullname'];
$username = $_POST['username'];
$password = $_POST['password'];

$sql = "INSERT INTO user

SET fullname='$fullname',
username='$username',
password='$password'";

if(mysqli_query($conn,$sql)) {
echo "User added";
} else {
echo mysqli_error($conn);
}
}

?>
update.php

Aside from including the connection, you must also check an id parameter passed in the URL. In
updating a record, you must first retrieve the current values and place them in their respective input fields.
Just repeat the process we perform in the index.php file.

<?php
require 'connection.php';
if(isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "SELECT * FROM user WHERE id=$id";
$res = mysqli_query($conn,$sql);
$row = mysqli_fetch_assoc($res);
} else {
header("location:index.php");
}
?>

Use the value attribute of the input tag to display the data. Look for the sample code below.

<form action="" method="post">

<input type="text" name="id" value="1" hidden>
<label>Name</label> <br>
<input type="text" name="fullname"
value="<?php echo $row['fullname']; ?>"> <br>
<label>Username</label> <br>
<input type="text" name="username"
value="<?php echo $row['username']; ?>"> <br>
<label>Password</label> <br>
<input type="password" name="password"
value="<?php echo $row['password']; ?>"> <br>
<input type="submit" name="submit" value="Update User">
</form>

Similar to add.php, check if the user submitted the form, get the form data, prepare the query, and
execute the statement. Place the code below after the PHP scripts at the top of the page.

<?php

if(isset($_POST['submit'])) {
$id = $_GET['id'];
$fullname = $_POST['fullname'];
$username = $_POST['username'];
$password = $_POST['password'];

$sql = "UPDATE user

SET fullname='$fullname',
username='$username',
password='$password'
WHERE id=$id";

if(mysqli_query($conn,$sql)) {
echo "User updated";
} else {
echo mysqli_error($conn);
}
}

?>
delete.php

Same as what you did in updating a record, check if the URL has the id parameter. Otherwise, redirect
the user to the index of the app. Then prepare the query and execute it.

<?php
require 'connection.php';
if(isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "DELETE FROM user WHERE id=$id";
if(mysqli_query($conn,$sql)) {
echo "User deleted";
} else {
echo mysqli_error($conn);
}
} else {
header("location:index.php");
}
?>

Save all your files and run them in your browser. Make sure that you can successfully perform CRUD
operations. The next topic is about creating, setting, and destroying sessions.

Prepared by JDRivera