15 Replies Latest reply on Jun 9, 2009 11:38 PM by Richard_Abbott

    PHP + Mysql + Flex Tutorials and Examples weak!

    Jim Daniel

      >>>Rant Alert:  The following posting can be considered a 'rant' by some readers.<


      For the past few days I have been searching here and on the net for a good tutorial on how to use Flex with MySQL with PHP.  I had thought my requiryments would be rather common, but it seems they are not.  Here is what I need to do:


      1)Have a secure login that also connects to the Database and this happens only once.
      2)Perform a set of quirys to the database as the user does things, each independent of each other
      1.such as user info
      2.searching different tables for information asked for


      I had thought I could do this by using httpService calls each to a different php file.  This doesn't work.  I can login and connect to the db just fine but when I try to perform a quiry (to get userInfo) I get the error 'No database selected' when the quiry is in it own php file.  Everything works fine when the quiry is in the login php file.


      Knowing I was missing something I first tried using the database wizard to create an app that I could then see what I was doing wrong, unfortunately the code generated is so complex that it would take several days to just understand what is going on.  I then tried searching both the Adobie site and Googling the net to find examples and/or tutorials on Flex/PHP/MySQL.  I found quite a lot but all of them only show doing quirys with the database connection.


      I'd like to take a short pause here and say that all of the examples/tutorials used hard-coded user name and password and often used the default name/password.  This is so screamingly bad coding I could not believe that pros were actually writing this.  Need I say more?


      I'd love to find out, somewhere, that would either tell me how to do my database connection as I want, or tell me it is not possible.  I'm now looking at AMFPHP to see if it will let me access databases the way I want to.    Failing that I'll have to workout some way to do the conection everytime I do a quiry and then disconect.

        • 1. Re: PHP + Mysql + Flex Tutorials and Examples weak!
          michaelangela

          Hi Jim,

           

          I can understand your frustration but it sounds like the issue you are having is with PHP, not with Flex. Flex/Flash can work with whatever you would like on the backend. How your PHP application is structured is totally up to you. That said, I haven't tried to use the wizards.

           

          But I use either a collection of PHP, pre-written PHP classes that are included in my app, or whichever combination that seems to work best to get the needed output. I would hazard a guess to say that the tutorials you have seen may intentionally be simple purely because there are so many tutorials out on the web for building apps with PHP and mysql. The tutorials are only showing the essentials needed to connect that to flex, i.e. using POST requests, GET requests, etc. As in your related post about using one or multiple PHP files, that is totally up to you and how you want to structure your app. But that again is not directly related to Flex.

           

          You can even use a system like Drupal, Codeigniter, etc. as your backend. For example:

          Services Tutorials and Examples | drupal.org

           

          The options are endless...

          • 2. Re: PHP + Mysql + Flex Tutorials and Examples weak!
            Jim Daniel Level 1

            You make some good points here.  You also support my 'rant' in that the tutorials for how to get Flex to work with MySQL are weak, very weak.  What they show is not the 'basics' of Flex/MySQL communications, they are much too simple with 'Bad' coding technique, to be of any use to someone who is not experienced with PHP.  I do not accept the idea that you should be an experienced PHP programmer to be able to get Flex to access MySQL. 

            I see no reason for the examples & tutorials for Flex should be this poor, nor has anyone given me what I can except as viable explanation why this condition is allowed to continue.

            Once again, thanks for your points and link to a set of PHP tutorials.

            • 3. Re: PHP + Mysql + Flex Tutorials and Examples weak!
              Richard_Abbott Level 3

              Hi Jim,

              I think the problem is that Flex examples tend to deal with, well, Flex coding. Database connections (or web service connections, etc) are first and foremost to do with server-side coding, and Flex makes, on the whole, a very clear and clean division between client and server. This is in contrast with technologies like ASP.NET which (unless you are very careful) leaves you with tightly-coupled client and server code. I can take my Flex apps, write a thin server-side piece of code and migrate the app to a completely different server technology with no problems, whereas I have encountered huge problems trying to do the same with Java and ASP interfaces. That has to be cool.

              Now, your example is PHP+mySQL+Flex. But this is a combination I never have to use in a commercial environment. I am regularly working with combinations like C#+Oracle+Flex or ASP+SQLServer+Flex or JSP+Oracle+Flex - no doubt lots of folk onlist never have to worry about those... but Flex is versatile enough to easily accommodate all of those cases and many more. So, while I can sympathise with your frustration, the real issue you are facing surely is a lack of PHP examples rather than Flex?

              Richard

              • 4. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                Michael Borbor Level 4

                I agree with Richard's statement. Maybe you'll find some useful info here

                http://wadearnold.com/blog/

                • 5. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                  Jim Daniel Level 1

                  You and Richard are correct that the problem is with the PHP files in the examples.  An, yes, if I were an experienced PHP programmer I'd most likely not be having any problems.  That said,  the PHP files used in both the examples & tutorials use very bad coding techniques. I'm sure neither you or Richard would code like that, no experienced programmer  who wishes to be considered competent would write like that.

                   

                  To use such code in examples and/or tutorials is worse than bad, its aiding and abetting 'Hacking'.  Tutorials need to show the inexperienced user how to do things right, using good coding practices with real world examples.  As this is what was done with the Flex/Cold Fusion tutorials I can not help but think that the poor quality of the Flex/MySQL examples was done knowingly.

                   

                  I maybe wrong in my feelings, the people responsible for the examples and/or tutorials may just be lazy or incompetent, or they just might not care.  It really doesn't mater.  What maters is that all we currently have is example code that demonstrates that Flex/Flash can communicate with MySQL using PHP.  “Big Deal”.

                   

                  What I'm asking for are examples and tutorials that use real world situations with real world coding practices and security.  Or is that too much to expect?  I'd like to know.

                  • 6. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                    JZBAO

                    Check out this website www.baoandassociates.com and run the demos.

                    • 7. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                      michaelangela Level 1

                      You seem to have a grasp of programming languages. Out of curiosity, is PHP one of the requirements for your project or you would just like to learn PHP? For the example code you posted, you want a backend that can connect to a database and return xml data. If PHP is not required, you can use any backend language you like. Python (another favorite of mine), Ruby, etc.

                       

                      I actually haven't seen the tutorials you mentioned that are so poor. When I first started learning Flex and wanting to connect to a backend, I first understood how Flex communicates with a backend, i.e. the HttpService as you noted. But from there I went off and learned what I needed with the appropriate resources for the language/tool I wanted to use. This is only a guess but the Cold Fusion examples might be better because that is also an Adobe product. As such they are responsible for producing good tutorials for that.

                       

                      But really there are countless examples on the web on how to make mysql generate web data. There are many debates about what constitutes "best practices" but generally a developer inexperienced in a language should go to the resources dedicated to that particular language/tool. You'd be surprised at the number of competent developers who do the very things you say shouldn't be done simply because it solves their particular issue quickly and easily.

                       

                      So to answer your follow up question, in my opinion, I do think it's too much to expect for Adobe to present a complete app with real world coding practices and security for every language I think should be represented, and especially to make that approachable for someone inexperienced in the technologies involved. It might be nice for them to do that, but then there would be just as many arguments shooting down what they provide as a "best practice" and "why not this language?", the list goes on.

                       

                      Here is a good example of someone who posted a good set of example code. Check out the comments.

                       

                      http://toys.lerdorf.com/archives/38-The-no-framework-PHP-MVC-framework.html

                       

                      Perhaps you could use something like that actually, just generate xml instead of json.

                      • 8. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                        JZBAO Level 1

                        PHP is part of LAMP. They are becoming popular because they are FREE. Everyone is cheap during the bad economy.

                         

                        I guess you are using PHP to access MySQL, not produce HTML (you are using Flex for UI, right?). I'm not sure how good

                        PHP in a server cluster, but if you are using stick session, it should be OK. Session fail-over is hard even with Java.

                        • 9. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                          Jim Daniel Level 1

                          Just for info I've started using a component called 'AS3FlexDBKit' to do my db work.  It's still got some holes in it but it works just fine as a starting point.  I'd love to hear any comments on it if you've used it.

                          • 11. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                            Jim Daniel Level 1

                            Two good sites.  The first one's PHP code demonstrates one of the big complainants I have, no security.

                            Look at the code snippet: 

                            [php]<?php

                            define( "DATABASE_SERVER", "localhost" );

                            define( "DATABASE_USERNAME", "user" );

                            define( "DATABASE_PASSWORD", "pass" );

                            define( "DATABASE_NAME", "flex" );

                            //connect to the database

                            $mysql = mysql_connect(DATABASE_SERVER, DATABASE_USERNAME, DATABASE_PASSWORD) or die(mysql_error());

                            As you can see the user name and password are hard coded.  This is very bad since PHP files on the server can be read by anyone who knows just a little hacking.  User names and/or passwords should NEVER EVER be hard coded.  Most especially in human readable format.

                            • 12. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                              d:n:k Level 1

                              Just out of curiosity, where/how do you store/use your passwords for PHP (or like languages) then?

                              • 13. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                                Jim Daniel Level 1

                                You don't store passwords or usernames, they are passed in from the HTML page or in this case the Flex servace call.  Like this

                                 

                                <?php
                                    require_once("constants.php");
                                   
                                    global $connection;
                                    global $db_select;

                                 

                                    $username = mysql_real_escape_string($_POST['username']);
                                    $password = mysql_real_escape_string($_POST['password']);

                                     // 1. Create a database conection
                                    $connection = mysql_pconnect(DB_SERVER, $username, $password);
                                .

                                .

                                .

                                .

                                .

                                • 14. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                                  michaelangela Level 1

                                  I think there might be a confusion about how those usernames/passwords

                                  are being used. The ones hardcoded in the code are for database access,

                                  as opposed to individual user access.

                                   

                                  I believe most systems/frameworks do have these database credentials

                                  hardcoded in the source as part of settings, configs, etc. I don't see

                                  where else they can be stored.

                                   

                                  Securely passing it from the client could be done over HTTPS, but that

                                  would require the user to know the database access credentials which

                                  isn't what I think you intend.

                                   

                                  For individual user access, those are typically transferred by POST

                                  requests as you outlined but then those credentials wouldn't be used to

                                  connect to the database, but only to be tested against the database to

                                  see if that user is valid in the app.

                                   

                                  Michael

                                  • 15. Re: PHP + Mysql + Flex Tutorials and Examples weak!
                                    Richard_Abbott Level 3

                                    I agree with Michael here. It is very common to have a single set of database credentials that is used to access the db itself (and if using mySQL then you can restrict access by host name/IP as well). These would be written into the server-side code so inaccessible to end-users.

                                    The issue of access to the web pages themselves, and any related implications about what they are allowed to see or edit, is managed quite differently, for example by LDAP, or by access roles built in to the web server environment.

                                    There may well be situations where you use the same credentials for both, but personally I'd keep them separate.

                                    Richard