Re: [PHP] About PHP/XML/XSLT/MYSQL Web Sites
On Thu, July 12, 2007 4:15 pm, Kelvin Park wrote: I'm trying to setup a XSLT based web site. I wasn't exactly sure about the flow of the whole system when data from relational database is transferred to XML and in turn the data inputted from the user is relayed back to the database through XML (or directly to the database with PHP DB connection). I built a flowchart illustrating what the flow of the XSLT/PHP/MYSQL system might be like. If you think it's the wrong way or an inefficient way of getting user inputted data back to mysql, I would appreciate any comments. If you cannot download the PDF file, you can bring it up with direct address the the file: http://www.envigan.net/CMSFLOW.pdf Maybe you already know this, and it's too detail oriented to be in your diagram. Maybe not. Filter Input; Escape Output Escape output is pretty easy: Right before you cram it into MySQL, put it into another variable with mysql_real_escape_string() called on it first, and put THAT into MySQL, not the original. Right before you spew it to a browser, call htmlentities() on it, and use THAT to go out to the browser, not the original. Filter Input is a bit tougher... It basically boils down to: Trust no one. Validate everything. If you aren't already paranoid, nor even not paranoid enough, start reading here: http://phpsec.org/ -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] About PHP/XML/XSLT/MYSQL Web Sites
On Fri, July 13, 2007 12:19 am, Nathan Nobbe wrote: thing as i mentioned before is i cannot see a reason to create xml data while processing a GET or POST request from a client; it would just be an extra step with no apparent benefit as far as i can tell. You DEFINITELY are not being nearly paranoid enough! Don't write another line of code or draw another diagram until you've realized the sheer fallacy of the above statement. :-) -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: About PHP/XML/XSLT/MYSQL Web Sites
Although it is necessary to convert SQL data into XML before it can be processed in an XSL transformation, it is a waste of time converting user input into XML before it is added to the database as none of the SELECT/INSERT/UPDATE/DELETE commands can work with XML files. It is far easier to take the GET/POST array and convert it into an sql query directly without any intermediate XML. This is what i have been trying to express to OP. Also, i havent had time to fully explore your application framework, but i have had a glimpse at it. i really appreciate your explanation of modularizing the xsl templates as i was struggling to grasp this with my limited exposure to xsl. i read up about you on your site and discovered you had been using xsl prior to php. i am the reverse of that, so while ive been using php for a few years now xsl is still very new to me. your documentation and articles are quite excellent. i hope you dont mind if i ask a couple questions in the future myself :) -nathan On 7/13/07, Tony Marston [EMAIL PROTECTED] wrote: Although it is necessary to convert SQL data into XML before it can be processed in an XSL transformation, it is a waste of time converting user input into XML before it is added to the database as none of the SELECT/INSERT/UPDATE/DELETE commands can work with XML files. It is far easier to take the GET/POST array and convert it into an sql query directly without any intermediate XML. FYI a complete framework which creates all HTML using XML+XSL has already been built, and is described at http://www.tonymarston.net/php-mysql/infrastructure.html#figure5, with a working sample application which is described in and can be downloaded from http://www.tonymarston.net/php-mysql/sample-application.html -- Tony Marston http://www.tonymarston.net http://www.radicore.org Kelvin Park [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I'm trying to setup a XSLT based web site. I wasn't exactly sure about the flow of the whole system when data from relational database is transferred to XML and in turn the data inputted from the user is relayed back to the database through XML (or directly to the database with PHP DB connection). I built a flowchart illustrating what the flow of the XSLT/PHP/MYSQL system might be like. If you think it's the wrong way or an inefficient way of getting user inputted data back to mysql, I would appreciate any comments. If you cannot download the PDF file, you can bring it up with direct address the the file: http://www.envigan.net/CMSFLOW.pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: About PHP/XML/XSLT/MYSQL Web Sites
Although it is necessary to convert SQL data into XML before it can be processed in an XSL transformation, it is a waste of time converting user input into XML before it is added to the database as none of the SELECT/INSERT/UPDATE/DELETE commands can work with XML files. It is far easier to take the GET/POST array and convert it into an sql query directly without any intermediate XML. FYI a complete framework which creates all HTML using XML+XSL has already been built, and is described at http://www.tonymarston.net/php-mysql/infrastructure.html#figure5, with a working sample application which is described in and can be downloaded from http://www.tonymarston.net/php-mysql/sample-application.html -- Tony Marston http://www.tonymarston.net http://www.radicore.org Kelvin Park [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I'm trying to setup a XSLT based web site. I wasn't exactly sure about the flow of the whole system when data from relational database is transferred to XML and in turn the data inputted from the user is relayed back to the database through XML (or directly to the database with PHP DB connection). I built a flowchart illustrating what the flow of the XSLT/PHP/MYSQL system might be like. If you think it's the wrong way or an inefficient way of getting user inputted data back to mysql, I would appreciate any comments. If you cannot download the PDF file, you can bring it up with direct address the the file: http://www.envigan.net/CMSFLOW.pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] About PHP/XML/XSLT/MYSQL Web Sites
I'm trying to setup a XSLT based web site. I wasn't exactly sure about the flow of the whole system when data from relational database is transferred to XML and in turn the data inputted from the user is relayed back to the database through XML (or directly to the database with PHP DB connection). I built a flowchart illustrating what the flow of the XSLT/PHP/MYSQL system might be like. If you think it's the wrong way or an inefficient way of getting user inputted data back to mysql, I would appreciate any comments. If you cannot download the PDF file, you can bring it up with direct address the the file: http://www.envigan.net/CMSFLOW.pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] About PHP/XML/XSLT/MYSQL Web Sites
kelvin, attached is a very simple diagram i put together when i got home illustrating a possible relationship between the main components in an xsl templated php application w/ a database back-end. as ive mentioned there are other configurations as well. primarily the main options in the overall relationship are rendering the xhtml on the client or server side and building xml data in memory or reading in xml files from disk. also, this diagram does not take into account any sort of validation using DTDs or XMLSchemas. i am currently vaguely familiar w/ those technologies and therefore dont know how to incorporate them into the image. actually to be quite honest i dont think the would really be used when generating a page to send to the client. really those are important if you expose an API and allow clients to send data to your application. then it would be handy to validate that xml w/ a dtd or xml schema. the other thing as i mentioned before is i cannot see a reason to create xml data while processing a GET or POST request from a client; it would just be an extra step with no apparent benefit as far as i can tell. -nathan On 7/12/07, Kelvin Park [EMAIL PROTECTED] wrote: I'm trying to setup a XSLT based web site. I wasn't exactly sure about the flow of the whole system when data from relational database is transferred to XML and in turn the data inputted from the user is relayed back to the database through XML (or directly to the database with PHP DB connection). I built a flowchart illustrating what the flow of the XSLT/PHP/MYSQL system might be like. If you think it's the wrong way or an inefficient way of getting user inputted data back to mysql, I would appreciate any comments. If you cannot download the PDF file, you can bring it up with direct address the the file: http://www.envigan.net/CMSFLOW.pdf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] php, xml and mysql with netscape and ie
hi.. was just wondering when i use php xml and mysql (standard xml) it seems that netscape 4.7 and below wont see the web page with results from a mysql query on them... we dont know about ie5 or below yet but does anybody know why this is or how to fix it? the nature of the web pages is a table built with standard xml that goes into a loop to get all the rows in a table and show them on a web page but for strange reasons anything below netscape 7 ignores everything except the last entry in the mysql table... trying to get someone i know with ie5 or below to look and see if it doesnt work --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.443 / Virus Database: 248 - Release Date: 1/10/2003 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] xml to mysql
Hi, Is there a way to create a DB from a xml file or it's better to use the xml file for DB, i have lot of files so i think a DB will be better. If you know a program or tutorial let me know. thanx. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] xml to mysql
Hi, Virtuoso http://www.openlinksw.com/virtuoso can do the opposite - represent tables and SQL queries, either from relational data in Virtuoso or another back-end database (including MySQL and all the usual suspects) and provide an XML document in real time for PHP to use. Virtuoso Universal Server is available as a free download - let me know what you think. Best regards, Andrew Hill Director of Technology Evangelism OpenLink Software http://www.openlinksw.com Universal Data Access Virtuoso Universal Server -Original Message- From: DtM [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 04, 2002 11:28 AM To: [EMAIL PROTECTED] Subject: [PHP] xml to mysql Hi, Is there a way to create a DB from a xml file or it's better to use the xml file for DB, i have lot of files so i think a DB will be better. If you know a program or tutorial let me know. thanx. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] XML to MySQL
Does anyone know of a script that will take data from XML/RDF news feeds and automatically INSERT into a MySQL database? I have a news script that I can make changes to, but I would also like to be able to automatically insert data into the database that my news script is running on.
