Posted: May 12th, 2015 | Author: Alex Korn | Filed under: Tutorials | Tags: JSON, multi-byte safe, mysql, PHP, string escaping, unicode | No Comments »
The problem
Recently, I came across what started as a straightforward problem: In MySQL I was JOINing from Table A to Table B on a’s primary key, and wanted to display a list of all items in Table A, each followed by a list of all associated items in Table B.
My initial thought was to hand-roll my own JSON, so that the result of the query would have a few columns with the results of Table A, then a column with the JSON-encoded data from Table B. I realize that one should never hand-roll their own JSON, but there isn’t a native JSON encoder in MySQL, so I had to make do.
It was easy enough to come up with a basic JSON format using the following. I’ve done some pretty aggressive tabbing and newlines here to try to make the layers of functions as straightforward as possible; different arguments to each function align vertically.
SELECT a.aId, a.name,
CONCAT(
'[',
GROUP_CONCAT(
CONCAT(
'[',
b.bId, ', ',
'\"', b.name, '\"',
']')
ORDER BY b.bId ASC
SEPARATOR ','),
']'
) AS bData
FROM a
JOIN b
ON a.bId = b.bId
GROUP BY a.aId |
SELECT a.aId, a.name,
CONCAT(
'[',
GROUP_CONCAT(
CONCAT(
'[',
b.bId, ', ',
'\"', b.name, '\"',
']')
ORDER BY b.bId ASC
SEPARATOR ','),
']'
) AS bData
FROM a
JOIN b
ON a.bId = b.bId
GROUP BY a.aId
(Note that I am not the first person to come up with this solution.)
However, if b.name has a quotation mark (or a variety of other characters), this creates invalid JSON. How do we ensure that we always create valid JSON, even when there are special characters or unicode/multi-byte characters?
The solution
Ensuring we always have valid JSON was surprisingly easy – we can hexadecimal-encode b.name in the MySQL query, which ensures that its character set is 0-9 or A-F, so it will always be properly contained within the quotation marks around it. We then convert it back into a normal string in the application code.
SELECT a.aId, a.name,
CONCAT(
'[',
COALESCE(
GROUP_CONCAT(
CONCAT(
'[',
b.bId, ', ',
'\"', HEX(b.name), '\"',
']')
ORDER BY b.bId ASC
SEPARATOR ','),
''),
']') AS bData
FROM a
JOIN b
ON a.bId = b.bId
GROUP BY a.aId |
SELECT a.aId, a.name,
CONCAT(
'[',
COALESCE(
GROUP_CONCAT(
CONCAT(
'[',
b.bId, ', ',
'\"', HEX(b.name), '\"',
']')
ORDER BY b.bId ASC
SEPARATOR ','),
''),
']') AS bData
FROM a
JOIN b
ON a.bId = b.bId
GROUP BY a.aId
So let’s say b.name was something like '☃' (because I know people are always naming their things [unicode Snowman]), the resulting hexadecimal representation is 27E2988327. Opaque, but definitely JSON-safe!
Note that we also use COALESCE in case there are no associated items in Table B; otherwise CONCAT('[', NULL, ']' gives us NULL, not [].
All we have left to do is convert the hexadecimal representation back into text in the application. Here’s a function in PHP that does the trick:
function hexToStr($hex)
{
$string = '';
for ($charIter = 0; $charIter < strlen($hex) - 1; $charIter += 2)
{
$string .= chr(hexdec($hex[$charIter] . $hex[$charIter + 1]));
}
return $string;
} |
function hexToStr($hex)
{
$string = '';
for ($charIter = 0; $charIter < strlen($hex) - 1; $charIter += 2)
{
$string .= chr(hexdec($hex[$charIter] . $hex[$charIter + 1]));
}
return $string;
}
Happy coding, and remember to be safe and always properly escape your strings!
Feel free to ask questions or give feedback via Twitter.
Posted: March 17th, 2011 | Author: Alex Korn | Filed under: AWS, Hosting, Tutorials | Tags: amazon, apache, ec2, linux, mysql, PHP | 29 Comments »
Do you know nothing about Amazon Web Services (AWS) or Linux server administration, but want to get a PHP/MySQL server set up on AWS? I was once like you, relying upon my web host to have PHP and MySQL installed and configured, so it was a bit daunting initially to work with AWS, but it’s actually rather simple. Read on and I’ll show you how to set up PHP and MySQL on one of Amazon’s free servers step by step. You can have a functioning site up and running within half an hour.
Amazon Web Services
First things first: Amazon Web Services has a ton of different products, but the one you want is Amazon Elastic Compute Cloud (EC2). Go there, and click “Sign Up for Amazon EC2”.
Once you’ve gotten that set up, go to the AWS Management Console, and click on “Instances” in the Navigation panel. An Instance is just a virtual server – so let’s create one! Click “Launch Instance” under “My Instances”, and select “Basic 64-bit Amazon Linux AMI”. On the Instance Details phase, select “Micro” (which is Free tier eligible). Continue until you need to enter the “Name” – if you don’t know what else to call it, just use “Web/DB server”.
Next you create a Key Pair – this will be the credentials you’ll use to SSH into the box. The instructions here should be fairly straightforward. Next is the Security Group, which will be used to specify the firewall used for your instance. Feel free to use the default Group for now. Continue to the Review phase and launch it!
You should now be able to SSH into your instance using your .pem file with ssh -i [FILE NAME].pem ec2-user@ec2-[IP ADDRESS].compute-1.amazonaws.com. Alright, we’ve got a server up and running! However, you may notice that this server has very little installed on it. which php? Nothing. which mysql? The same. Let’s install some software.
Configuring the Linux Server
Below I’ll show you how to set up PHP and MySQL on the server. I’ve separated PHP and MySQL so that it’s easier to adapt this to having two instances.
PHP
First, the basics for PHP:
sudo yum install php-mysql php php-xml php-mcrypt php-mbstring php-cli mysql httpd
Press ‘y’ for each of the prompts that shows up. Note that you’re logged in as ec2-user, so you need to sudo all of these commands.
You should now be able to create and run a PHP test file. Next, let’s get MySQL up and running.
MySQL server
First, install and begin running the server:
sudo yum install mysql-server
sudo /etc/init.d/mysqld start
Next, set the root password. I’ve found this password generator to be just dandy.
mysqladmin -u root password '[PASSWORD]'
Now we set up two users for MySQL: the administrator, which you’ll use to create and modify tables; and the app user, which the app will use to query the DB (with more limited privileges). Log into MySQL as root (mysql -u root -p) and enter each of the following lines:
CREATE DATABASE [DB NAME];
CREATE USER '[DB NAME]_admin'@'localhost' IDENTIFIED BY '[ADMIN PASSWORD]';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER ON [DB NAME].* TO '[DB NAME]_admin'@'localhost';
CREATE USER '[DB NAME]_user'@'localhost' IDENTIFIED BY '[USER PASSWORD]';
GRANT SELECT, INSERT, UPDATE, DELETE ON [DB NAME].* TO '[DB NAME]_user'@'localhost';
You may want to fine-tune your database settings further than this, but this is a good start.
Make it web-accessible
We now have PHP and MySQL running on the box, but cannot access it through a browser. We need to configure the web server and set up an Elastic IP.
Web Server
First, let’s create a test PHP file that will be accessed by the browser. Create directories so that you can put your file in /opt/app/current1. Make an index.php file that contains whatever you want.
If you want to FTP transfer files to your server, you’ll want to give the ec2-user permissions to modify files in your web directory:
sudo chown ec2-user /opt/app/current
To set up the web server, httpd, we need to first modify its configuration file, located at /etc/httpd/conf/httpd.conf. Open it up with vim, emacs, or your favorite text editor, and go to the bottom of the file. Here you’ll see a small section on the VirtualHost (between <VirtualHost *:80> and </VirtualHost>). Uncomment it out and set DocumentRoot to /opt/app/current. Restart (or start) httpd:
sudo /etc/init.d/httpd restart
Elastic IP and Security Groups
In the AWS Management Console, click on “Elastic IPs”, then “Allocate New Address” under “Addresses”. Once the address is created, click on it, then “Associate Address”. Select the instance and associate it.
Now click on “Security Groups” in the Navigation panel. Select the Security Group that you used for the instance (probably the default one). Under the “Inbound” tab, add an HTTP rule (port 80). Click “Apply Rule Changes”, and you should now be able to access your website! In your browser, go to http://ec2-[IP ADDRESS].compute-1.amazonaws.com/, where the IP address is the Elastic IP you made with periods replaced with hyphens.
Hello World! or Putting it all together
We now have all the pieces we need to access MySQL from PHP and serve that to the browser-accessible website. So let’s log into mysql and create a sample table:
mysql -u [DB NAME]_admin -p
[type password]
mysql> use [DB NAME];
mysql> CREATE TABLE test (message VARCHAR(255));
mysql> INSERT INTO test (message) VALUES ('Hello world!');
Now modify your index.php file (/opt/app/current/index.php) to be the following:
<?php
$conn = new mysqli('localhost', '[DB NAME]_user', '[USER PASSWORD]', '[DB NAME]');
$result = $conn->query("SELECT message FROM test;");
$row = $result->fetch_assoc();
echo $row['message'];
?> |
<?php
$conn = new mysqli('localhost', '[DB NAME]_user', '[USER PASSWORD]', '[DB NAME]');
$result = $conn->query("SELECT message FROM test;");
$row = $result->fetch_assoc();
echo $row['message'];
?>
We now have a fully functioning PHP and MySQL server!
Taking it further
That’s it for the basics, but there’s so much more that you can do now.
sudo pear upgrade
sudo yum install php-pear
sudo pear channel-discover pear.phpunit.de
sudo pear channel-discover pear.symfony-project.com
sudo pear channel-discover components.ez.no
sudo pear install phpunit/PHPUnit
I’ve found it handy to set up an administration area for my sites using a different port on the same URL. Note that port 80 is the default for web traffic, but 8080 is also commonly used.
Create /opt/app/admin. Then, in httpd.conf, add the line Listen 8080 after Listen 80 and add another VirtualHost entry, using <VirtualHost *:8080> and pointing to the /opt/app/admin directory. Update your Security Group to allow traffic over port 8080. Make sure to restart Apache and you should now be able to access your admin folder through your browser at yourdomain.com:8080.
You can then download phpMyAdmin into /opt/app/admin/pma and unzip it. Using the [DB NAME]_admin user, you can now manage your databases there through your browser.
Using two Instances
It can be very beneficial to performance to separate the web server and the DB server. To do this, you’ll need to set up two Instances, one of which has the web server httpd running and an Elastic IP, and the other of which has the MySQL server mysqld running.
They can use the same Security Group, but you’ll have to add the MySQL rule (port 3066) for Inbound traffic to allow the servers to talk to each other.
On the web box, instead of using “localhost” as the MySQL host, use the Internal IP address of the MySQL box. On the DB box, set up your grant permissions to allow from anywhere in '%.ec2.internal' (or just from your IPs).
Notes
-
/opt/app/current is a Rails convention that I enjoy. What you should do is put your releases in /opt/app/releases/[release #], then have /opt/app/current be a symlink to the current release.
Another (much more) common standard is to put web-accessible code in /var/www/html. Feel free to put your HTML code wherever you want; just make sure to update httpd.conf appropriately (and restart Apache).
^ Back up
Thanks to Ryan Ausanka-Crues at Palomino Labs for help with this.