phpyellowtm developer guide

Start | Customize | Payment | Questions

Start

This page contains information or links to the following:

License

The proprietary license for phpyellow Pro and Lite Editions is here.

Requirements

Requires PHP 4.1.2 and mySQL 3.23.23 database, or higher, running on a web server. Apache web server (preferred) on Linux O/S is ok. Client side browser support for Javascript and CSS preferable. Netscape 6 or Internet Explorer 5 or higher are supported. Minimal experience with modifying a PHP page is preferred.

Install

The Install Helper assists you in installing the Lite or Pro edition. To install do this:

  1. download the zip file
  2. unzip the zip file
  3. make a /phpyellow folder on your web server
  4. upload the zip file from your local machine to your web server into the /phpyellow folder you just created
  5. open your favorite browser and surf to http://yourdomain.com/phpyellow/install.html
  6. follow the directions

Elapsed Time to Install

A novice with minimal PHP coding experience can install phpYellow in about 45 minutes. Installation services are also offered for a fee.

Setup

The Install Helper walks you through basic setup - enough to get up and running. The essential setup is done with the file util-DIST-*.php. You change CONSTANTS in the util.php configuration file. The only essential constants to make the application work are these: 

/* Database and connectivity */
define("DBNAME", "phpyellow" ); /* your mySQL database name - modify */
define("DBUSERNAME", "root" ); /* your mySQL username - modify */
define("DBPASSWORD", "" ); /* your mySQL username password - modify */
define("DBSERVERHOST", "localhost" ); /* the name of your database host server */
define("TABLECUSTOMER", "pycontact" ); /* DO NOT CHANGE OR DATA LOSS MAY OCCUR - pycontact */
define("TABLECATEGORY", "pycategory" ); /* DO NOT CHANGE OR DATA LOSS MAY OCCUR - pycategory */
define("INSTALLPATH", "http://www.yourdomain.com/phpyellow/"); /* The full URL with a trailing slash - modify */
The Install Helper expects you to have already created an empty database. Ask your internet service provider for a mySQL database if you don't already have one. The Helper automatically sets up database tables and inserts test records.

How to Upgrade from 3.x to 3.x

10 point upgrade

  1. Save all /phpyellow folders and files offsite. You want to be able to restore your last working copy, if needed
  2. rename the /phpyellow folder to /phpyellowOLD
  3. ftp util.php to your local machine and rename as util-OLD.php. Keep it handy for comparison to the new util file
  4. login, download and unzip the distribution package
  5. upload all files in the distribution package /phpyellow folder to the new /phpyellow folder on your web server
  6. open util-DIST-*.php in a non invasive html editor and build the new util.php file by comparing, copying and pasting from util-OLD.php into the new util.php file
  7. save and upload the new util.php file
  8. replace images from /phpyellowOLD/userlogo into /phpyellow/userlogo
  9. replace the new header.php, footer.php and yellow.css files with your saved files of the same name
  10. test by surfing to your directory

If you changed the categories then you will need to open the new categories.php and paste your categories into it starting on line 21.

Users of the Pro Edition upgrading to 3.53 or higher must also paste this command into EasySQL:

update pycategory set rank=4 where rank=3

Security

Every administration script is protected by transparent username and password security.

RECOMMENDATIONS

  1. DELETE all phpYellow files that begin with the word "install".

    Example: install.html, inclusive to installUpgradeOrRemove.php - delete all files.

  2. Set the "ADMINUSER" & "ADMINPASSWORD" CONSTANTS defined in util.php to your best possible values:

    define("ADMINUSER", "yourPHPYellowUserName"); // your phpYellow login
    define("ADMINPASSWORD", "yourPHPYellowPassword"); // your phpYellow password

  3. Change the name of admin.php to yourfilename.php, then set the "admin.php" value below in util.php to the same new changed value:

    define("ADMINHOME", "admin.php"); // your phpYellow administration page

  4. Make your administration password a good one, keep it safe and don't tell anyone .... change it regularly by changing the value for the ADMINPASSWORD constant.

  5. Make regular and frequent backups. Do not change filename extensions to anything other than php, php3, phtml or a valid php extension. To change a file extension to .html may require special server configuration.

  6. Keep the default notification on for new or changed listings:

    define("NOTIFYONCHANGE", "yes"); // if you want the WEBMASTER notified

  7. Quickly delete unwanted records using the Instant Destroy tool.

  8. Use a different password for your database which is NOT the same as your regular internet user account login.

Summary

There are a number of levels of security but no mechanism anywhere is 100% safe from unwanted breach. Your best defense is to use a good, long and varied password and be sure to include numbers and other special characters in it. You can also change the admin user name, admin password, the name of the admin php file and other parameters. This is recommended. This may be performed in util.php

Rather than make hacking easy, additional implemented phpYellow security precautions are embedded into the source code but not documented. You would need to go over every line of code to understand the built in security for phpYellow.

Additional web server specific, scripting language specific and database specific security issues are not addressed here. These component specific concerns are best described in the documentation the components are delivered with.

Web Server http://www.apache.org
Scripting Language http://www.php.net
Database http://www.mysql.com/

Feedback

If you can think of additional useful safety precautions to add to this document let us know.

Database tables

Create Table Definition - MySQL Database Only

This definition is for your archive. You don't need to do anything with it - it's FYI. 


# phpMyAdmin MySQL-Dump
# version 2.2.4
# http://phpwizard.net/phpMyAdmin/
# http://phpmyadmin.sourceforge.net/ (download page)
#
# Host: secret
# Generation Time: Sep 23, 2002 at 10:36 AM
# Server version: 3.23.51
# PHP Version: 4.2.3
# Database : `secret`
# --------------------------------------------------------

#
# Table structure for table `pycontact`
#

CREATE TABLE pycontact (
  customerid mediumint(9) unsigned NOT NULL auto_increment,
  password varchar(15) NOT NULL default 'password',
  email varchar(80) default NULL,
  organization varchar(45) default NULL,
  firstname varchar(35) default NULL,
  lastname varchar(45) default NULL,
  address varchar(70) default NULL,
  city varchar(25) default NULL,
  stateprov varchar(25) NOT NULL default '',
  country varchar(40) NOT NULL default 'United States',
  postalcode varchar(10) default NULL,
  areacode varchar(7) default NULL,
  phone varchar(20) default NULL,
  fax varchar(20) default NULL,
  cellphone varchar(20) default NULL,
  website varchar(140) default NULL,
  imagecompany varchar(120) default NULL,
  lastupdate timestamp(14) NOT NULL,
  customersince date default NULL,
  visits int(4) unsigned default NULL,
  role varchar(30) default NULL,
  privacy enum('low','medium','high') default 'medium',
  news enum('yes','no') NOT NULL default 'no',
  newsformat enum('plain','html') default NULL,
  PRIMARY KEY  (customerid,customerid,customerid),
  KEY stateprovidx (stateprov(15)),
  KEY countryidx (country(20)),
  FULLTEXT KEY wholesite (organization,firstname,lastname,address,city,
  stateprov,country,postalcode,areacode,website,role)
) TYPE=MyISAM;



# phpMyAdmin MySQL-Dump
# version 2.2.4
# http://phpwizard.net/phpMyAdmin/
# http://phpmyadmin.sourceforge.net/ (download page)
#
# Host: secret
# Generation Time: Sep 23, 2002 at 10:35 AM
# Server version: 3.23.51
# PHP Version: 4.2.3
# Database : `secret`
# --------------------------------------------------------

#
# Table structure for table `pycategory`
#

CREATE TABLE pycategory (
  ckey int(9) unsigned NOT NULL auto_increment,
  fkcustomerid mediumint(9) unsigned NOT NULL default '0',
  category varchar(80) NOT NULL default 'other',
  description mediumtext,
  rank tinyint(1) unsigned NOT NULL default '0',
  paymentrequired enum('yes','no') default 'no',
  status enum('pending','approved','expired') default 'approved',
  expires date default NULL,
  lastupdate timestamp(14) NOT NULL,
  image2 varchar(120) default NULL,
  image3 varchar(120) default NULL,
  PRIMARY KEY  (ckey),
  KEY catidx (category(15)),
  FULLTEXT KEY description (description)
) TYPE=MyISAM;

Other database subjects

Database Structure and Explanation

You can view the database fields, their datatypes and attributes here:

see create table definitions

The word "field" means the same as "column".

  • The customerid field is the primary key for the contact table. This number is autoincremented by the database RDBMS whenever a record is added. You can consider this number to be the unique customer ID number. Each customer has one customerid number, and only one.
  • The CKEY field is the primary key for the category table. This number is autoincremented by the database RDBMS whenever a record is added. You can consider this number to be the unique listing or record number for the specific category used by this one customer. Each customer has one customerid number, and at least one or more CKEY numbers. The Lite Edition will only allow you to have one category per every contact listing. The Pro Edition will allow you to have many category listings for each one contact listing.
  • The CKEY and fkcustomerid fields are NOT RELATED.
  • The fkcustomerid is the foreign key in the category table which points to the parent record in the contact table. When the fkcustomerid (in the category table) and the customerid (in the contact table) are joined together it makes one complete listing.
  • There is a one to many relationship possible between the contact and category tables. Accordingly, the relationship is a parent to child relationship. The fkcustomerid relates or joins the category record with the parent contact record.
  • The CKEY is just a number which is incremented with each category insert, and does not relate to the parent contact table.

How to import records from other Yellow Page directories

Basic Expertise Needed

To import records from other Yellow Page directories a good understanding of Structured Query Language (SQL) as well as an intermediate knowledge of programming PHP is needed. If you do not have this expertise it may be contracted out to a third party.

Steps to Import

  1. understand the 2 phpyellow table structures
  2. clean up your existing dataset
  3. export your data to 2 comma separated value files ie: contact.csv and category.csv
  4. write a script or install phpMyAdmin to import the 2 .csv files above
  5. update the category.status field such that every value is 'approved' Example:

    UPDATE pycategory set status='approved'

    This command may be pasted into EasySQL found in admin.php
  6. test

Other considerations

You may want to review your old categories and collapse similar categories into just one category. Thousands of categories are physically hard to fit on just one web page, and harder to fit into a select drop down list. By collapsing into fewer categories you make customer searches faster, and make it easier to fit the categories on the front page.

What to watch out for?

The most important consideration is to relate each child category record to its parent contact record.

Secondary Key

Each email address and password should be unique. Some customers may not have email addresses. These may be issued not valid domain names Example: 555-123-4567@domain.nul. Use a different phone number for each such listing. You may adjust the display of listings to NOT show email addresses of a single domain. View php source in proListingFirstPage.php, proListingPreferred.php, proListingBasic.php and add the domain to ignore.

Example

This site exported over 50,000 listings into a phpyellow format:

http://mepages.net

So you want to add more database fields?

One must consider the logic of the application in every respect before adding a single field. If a field is added to a table, then the scripts which insert, update, search on, delete or otherwise use the field must also be modified to accept the new field. Then testing takes place. If all is well, the new code is uploaded to the website. The documentation should be updated to reflect the new table structure. You can count on a minimum of USD$120 per extra field added to the phpYellow Pages application if you ask for a quote on your changes. The feasibility and desirability of any proposed changes is also considered.


Start | Customize | Payment | Questions