Effortless E-Commerce with PHP and MySQL
Second Edition
Larry Ullman
Effortless E-Commerce with PHP and MySQL, Second Edition
Larry Ullman
New Riders
www.newriders.com
To report errors, please send a note to:
New Riders is an imprint of Peachpit, a division of Pearson Education.
Copyright 2014 by Larry Ullman
Project Editor: Nancy Peterson
Copyeditor: Liz Welch
Proofreader: Scout Festa
Technical Reviewer: Chris Cornutt
Production Coordinator and Compositor: David Van Ness
Cover Designer: Aren Straiger
Indexer: Karin Arrigoni
Notice of Rights
All rights reserved. No part of this book may be reproduced or transmitted in any form by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. For information on getting permission for reprints and excerpts, contact .
Notice of Liability
The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of the book, neither the author nor Peachpit shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the instructions contained in this book or by the computer software and hardware products described in it.
Trademarks
MySQL is a registered trademark of MySQL AB in the United States and in other countries. Macintosh, Mac OS X, and OS X are trademarks of Apple Inc., registered in the U.S. and other countries. Microsoft and Windows are registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. This book is not officially endorsed by nor affiliated with any of the above companies, including MySQL AB.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and Peachpit was aware of a trademark claim, the designations appear as requested by the owner of the trademark. All other product names and services identified throughout this book are used in editorial fashion only and for the benefit of such companies with no intention of infringement of the trademark. No such use, or the use of any trade name, is intended to convey endorsement or other affiliation with this book.
ISBN 13: 978-0-321-94936-3
ISBN 10: 0-321-94936-6
9 8 7 6 5 4 3 2 1
Printed and bound in the United States of America
This book is dedicated to all the friends, family, and coworkers who have been so helpful, supportive, understanding, and generous with their time over the past few years. Its a long list, in no particular order: Roxanne, Nicole, Sarah, Meredith, Paula, Barb, Christina, Shirley, Cyndi, Sommar, Brian, Gary, Heather, Rich, Gina, Mike, Kay, Janice, David, and everyone at Peachpit Press.
A BushelThats Four Whole Pecksof Thanks to...
Nancy, for managing the project, for being great to work with, and for assembling such a top-notch team.
Chris, for joining in at the last minute to provide an excellent technical review.
David, for magically converting a handful of random materials into something that walks and talks like a book.
Liz and Scout, for the sharp eyes in improving my muddled words, grammar, and syntax.
Karin, the indexer who makes it easy for readers to find what they need to know without wading through all of my blather.
Aren, for the snazzy cover design.
All the readers who requested that I write this book and provided detailed thoughts as to what they would and would not want this book to be. I hope its what you were looking for!
To all the readers who liked the first edition and made suggestions for how I could improve this one.
Gary at Kona Earth coffee (www.konaearth.com) for the ton of feedback. And for the truly excellent coffee!
Templates.com (www.templates.com) for permission to use their template in the books Coffee example.
Jon, for permission to use his Architecture by Hand stencil for some of the books figures (www.jonathanbrown.me).
Rashelle, for always entertaining the kids so that I can get some work done, even if Id rather not.
Zoe and Sam, for being the kid epitome of awesomeness.
Jessica, for doing everything you do and everything you can.
Contents
Introduction
Electronic commerce has been an important and viable part of the Internet for well over 15 years now. From the behemoths like Amazon.com to the mom-and-pop online stores to the boutiques run through Etsy, e-commerce is performed in a number of ways. Despite the dozens, or hundreds, of failures for every single commercial success, e-commerce can still be an excellent business tool when done properly. And yet, surprisingly, there are very few books dedicated to the subject.
Using two concrete examples, plus plenty of theory, this book covers the fundamentals of developing e-commerce websites using PHP and MySQL. Emphasizing security, a positive customer experience, and modular, extendable programming, this book presents tons of detailed solutions to todays real-world e-commerce demands. Whether youve been creating dynamic websites for years or just weeks, youre bound to learn something new over the course of the next 15 chapters.
What Is E-Commerce?
In the broadest sense, the term e-commerce covers the gamut of possible online commercial transactions. Any website with the intention of making money for a business could fall under the e-commerce label. Of course, such a liberal definition encompasses the vast majority of existing websites. On the opposite end of the scale, e-commerce can be defined as strictly the online act of taking money directly from customers. And thats the kind of e-commerce this book addresses.
There are two key differences between a site hoping simply to make money and one intending to take money:
How comfortable the customer needs to be
How secure the site needs to be
A site can make money from selling ads, in which case all thats required of the customer is that she visits. Or a site could make money from referrals, where the hope is that the customer will use a link on the site to purchase something from another site. In both cases, whats being asked of the user is insignificant. But when a site wants a customer to provide her full name, address, and credit card information, that becomes serious business. In order for the site to succeed, the customer must be respected, her questions answered, her concerns addressed, and her fears mitigated. And, of course, the site has to have something the customer wants to spend money on there and not somewhere else.
When it comes to e-commerce, I cant overstress the importance of security. To protect both the business and its customers, a site must be designed and programmed so as to establish and maintain an appropriate level of security. As youll see, especially in , the overall security of a website is impacted not just by the code you write but also by some of the initial decisions that you make, such as the chosen hosting environment. With this in mind, security concerns are presented in the book from the big picture and the general theories down to the nuances of specific code. You can rest assured that the books examples have no known security holes. Moreover, theres plenty of discussion as to how you can make specific processes even more secure, as well as warnings about what you shouldnt do, from a security perspective.