Re: entrance from php to postgresql

Hi, i'm new here. my question is: Which is the best way to make an
entrance from php to postgresql?
I read in a manual call "PHP and Postgresql" writed for Vikram
Vaswani, he mentioned that is useful to do it:
http://www.devshed.com/c/a/PHP/PHP-and-PostgreSQL/5/
Please i need help ....
recommend this?

On Jul 11, 2006, at 10:39 AM, DCarrero wrote:

> Hi, i'm new here. my question is: Which is the best way to make an
> entrance from php to postgresql?
> I read in a manual call "PHP and Postgresql" writed for Vikram
> Vaswani, he mentioned that is useful to do it:
> http://www.devshed.com/c/a/PHP/PHP-and-PostgreSQL/5/
> Please i need help ....
> recommend this?

I'm not sure if you are asking about tools/software or just general
information about how to connect PHP and PostgreSQL. The PHP
documentation is here:

http://www.php.net/manual/en/ref.pgsql.php

This book might be helpful to you:

http://www.amazon.com/gp/product/1590595475/103-7344715-4732658?
v=glance&n=283155

If you need software and are using Mac or Windows, pgEdit supports
PHP and PostgreSQL (http://pgedit.com/products) PHP is built-in so
you don't have to install anything else to connect to a PostgreSQL
database.

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

2006/7/11, John DeSoi <desoi(at)pgedit(dot)com>:
>
> On Jul 11, 2006, at 10:39 AM, DCarrero wrote:
>
> > Hi, i'm new here. my question is: Which is the best way to make an
> > entrance from php to postgresql?
> > I read in a manual call "PHP and Postgresql" writed for Vikram
> > Vaswani, he mentioned that is useful to do it:
> > http://www.devshed.com/c/a/PHP/PHP-and-PostgreSQL/5/
> > Please i need help ....
> > recommend this?
>
> I'm not sure if you are asking about tools/software or just general
> information about how to connect PHP and PostgreSQL. The PHP
> documentation is here:
>
> http://www.php.net/manual/en/ref.pgsql.php
>
> This book might be helpful to you:
>
> http://www.amazon.com/gp/product/1590595475/103-7344715-4732658?
> v=glance&n=283155
>
>
> If you need software and are using Mac or Windows, pgEdit supports
> PHP and PostgreSQL (http://pgedit.com/products) PHP is built-in so
> you don't have to install anything else to connect to a PostgreSQL
> database.
>
>
> John DeSoi, Ph.D.
> http://pgedit.com/
> Power Tools for PostgreSQL
>
>
I was asking if this useful, or secure to do a transaction on web, or
you recomend use a function with parameters an inside this insert
data, thank for the information too...

On Jul 11, 2006, at 1:23 PM, DCarrero wrote:

> I was asking if this useful, or secure to do a transaction on web, or
> you recomend use a function with parameters an inside this insert
> data, thank for the information too...

If you are inserting user entered data (especially from the web) I
highly recommend you use prepared statements. This will deal with
security issues related to SQL injection. I prefer to use functions,
but it is not necessary. Here is a short article I wrote which you
might find helpful in using prepared statements from PHP:

http://pgedit.com/resource/php/pgfuncall

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

2006/7/11, John DeSoi <desoi(at)pgedit(dot)com>:
>
> On Jul 11, 2006, at 1:23 PM, DCarrero wrote:
>
> > I was asking if this useful, or secure to do a transaction on web, or
> > you recomend use a function with parameters an inside this insert
> > data, thank for the information too...
>
> If you are inserting user entered data (especially from the web) I
> highly recommend you use prepared statements. This will deal with
> security issues related to SQL injection. I prefer to use functions,
> but it is not necessary. Here is a short article I wrote which you
> might find helpful in using prepared statements from PHP:
>
> http://pgedit.com/resource/php/pgfuncall

Thanks again :D

Hi again...
I'm confused
I have this table:
CREATE TABLE jugeninno
(
nrt_nino rut NOT NULL,
dgv_ninno char(1),
nom_ninno varchar(50),
ape_ninno varchar(50),
num_mesna int4,
num_annon int4,
gls_sexo char(1),
nrt_adult varchar(10),
dgv_adult char(1),
nom_adult varchar(50),
gls_domic varchar(50),
num_orgso int4,
flg_inclu char(1),
CONSTRAINT jugeninno_pkey PRIMARY KEY (nrt_nino)
)

Then in php a query like this???
$query="PREPARE agregar_data(varchar(10), char(1), varchar(50),
varchar(50), int4, int4, char(1), varchar(10), char(1),
varchar(50), varchar(50), int4, char(1)) AS
INSERT INTO jugeninno(nrt_nino, dgv_ninno, nom_ninno, ape_ninno,
num_mesna, num_annon, gls_sexo,
nrt_adult, dgv_adult, nom_adult, gls_domic, num_orgso, flg_inclu)
VALUES($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13);"

take the post variables and execute with pg_execute()

pg_execute ($conn1,"select
agregar_data($rutninno,$dgvninno,$nomninno,$apeninno,
$nummesna,$numannona,$glssexo,$nrtadult,$dgvadult,$nomadult,$glsdomic,
$numorgsoc,$flginclu);");
This is ok???
After what????

2006/7/11, DCarrero <dcarreroc(at)gmail(dot)com>:
> Hi again...
> I'm confused
> I have this table:
> CREATE TABLE jugeninno
> (
> nrt_nino rut NOT NULL,
> dgv_ninno char(1),
> nom_ninno varchar(50),
> ape_ninno varchar(50),
> num_mesna int4,
> num_annon int4,
> gls_sexo char(1),
> nrt_adult varchar(10),
> dgv_adult char(1),
> nom_adult varchar(50),
> gls_domic varchar(50),
> num_orgso int4,
> flg_inclu char(1),
> CONSTRAINT jugeninno_pkey PRIMARY KEY (nrt_nino)
> )
>
> Then in php a query like this???
> $query="PREPARE agregar_data(varchar(10), char(1), varchar(50),
> varchar(50), int4, int4, char(1), varchar(10), char(1),
> varchar(50), varchar(50), int4, char(1)) AS
> INSERT INTO jugeninno(nrt_nino, dgv_ninno, nom_ninno, ape_ninno,
> num_mesna, num_annon, gls_sexo,
> nrt_adult, dgv_adult, nom_adult, gls_domic, num_orgso, flg_inclu)
> VALUES($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13);"
>
> take the post variables and execute with pg_execute()
>
> pg_execute ($conn1,"select
> agregar_data($rutninno,$dgvninno,$nomninno,$apeninno,
> $nummesna,$numannona,$glssexo,$nrtadult,$dgvadult,$nomadult,$glsdomic,
> $numorgsoc,$flginclu);");
> This is ok???
> After what????
>
Is not better pg_prepare(); ???
and later pg_execute();

On Jul 11, 2006, at 5:38 PM, DCarrero wrote:

> Is not better pg_prepare(); ???
> and later pg_execute();

Yes, this is the way to go.

John

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

> Yes, this is the way to go.
>
> John
>
>
Thanks John, i'll learn :D