PHP & Database help needed

[ieuan11]

Okay I'm biulding a website for a client which is required to do the following:

Financial Advisor's from the company i am working for needs to be able to login to the website (by creating a account using a code unique to the company).

Then be able to add client infomation to their own client list on a database (seperate from other advisors).

From there the Advisors need to be able to go back and see a simplified list of their clients (i.e. just the clients name for example with a search option to find clients easily).

Then when the click on the client's name they will be taken to a different page which displays the client's information in full, with the ability to edit this information.

 

I understand the difficulty of this task and my skills are more directed towards the design aspect of websites, as you can probably make out I have little experince with databases and PHP, however I have taught myself other computer languages and not worried about the need to learn. All i'm asking for is for someone to outline what needs to be done and point me in the right direction as to where I can aquire the knowledge needed to complete this project.

 

Thanks a million Ieuan.

[justsomeguy]

That's a basic CRUD application - create, read, update, delete. Those are the 4 major operations that you do with a database. SQL has statements for each operation (insert, select, update, delete).As far as user management and authentication goes, you will find a ton of tutorials online but I would advise you to skip any tutorial you see that uses PHP's mysql extension. You can tell it uses the mysql extension because it will use functions like mysql_connect and mysql_query. The mysql extension is old and promotes bad practices. Look for tutorials that use either the mysqli extension instead, or PDO. All of your queries should be prepared statements to avoid SQL injection attacks. Most older tutorials completely skip over the concept of SQL injection attacks and will teach you a way to use the database that will leave your site wide open to exploits. So skip any tutorial where you see it using mysql_query. mysqli_query is fine, and there is also an object-oriented way to use mysqli. If you want to learn about PDO, there is a guide here:http://www.dreamincode.net/forums/topic/214733-introduction-to-pdo/For storing your user's passwords, learn the right way from the beginning and follow this guide, which requires a recent version of PHP:http://jeremykendall.net/2014/01/04/php-password-hashing-a-dead-simple-implementation/Like with mysql_query, if you see any tutorial for passwords that uses md5 or sha1 (including certain tutorials written by me), just skip them - they're out of date. Follow the one above instead, that's the correct way to manage passwords.Other than that, the major things you'll need to know and use are things like using PHP to process forms or querystring variables, using the session in PHP to keep track of who is logged in or other information you want to move between all pages, and the various database operations.

[ieuan11]

This has helped so much. Thank you.