2. Server-Side Scripting
What is a script?
Collection of program or sequence of instructions
Processed/interpreted by another program
Rather than by a processor
Client-side
Server-side
In server-side scripting, PHP ASP.net - Processed by the server Like: Apache,
ColdFusion, ISAPI and Microsoft's IIS on Windows.
Client-side scripting such as JavaScript runs on the web browser.
Important fot dynamic HTML
3. Introduction to PHP
PHP stands for: Hypertext PreProcessor
Developed by Rasmus Lerdorf in 1994(Personal Home Page)
– Originally a set of Perl scripts known as the “Personal Home
Page” tools
• Source code released in 1995
• PHP 3 in 1997-98 by Andi Gutmans and Zeev Suraski
• Latest version 5.5.1
• It is a powerful server-side scripting language for creating
dynamic and interactive websites.
• It is an open source software, which is widely used and free to
download and use (php.net).
• It is an efficient alternative to competitors such as Microsoft's
ASP.
4. Introduction to PHP
• PHP is perfectly suited for Web development and can be
embedded directly into the HTML code.
• The PHP syntax is very similar to JavaScript, Perl and C.
• PHP is often used together with Apache (web server) on
various operating systems. It also supports ISAPI and
can be used with Microsoft's IIS on Windows.
• PHP supports many databases (MySQL, Informix,
Oracle, Sybase, Solid, PostgreSQL, Generic ODBC, etc.)
5. Introduction to PHP
• What is a PHPFile?
• PHP files have a file extension of .php, .phtml, .php4
.php3, .php5, .phps
• PHP files can contain text, HTML tags and scripts
• PHP files are returned to the browser as plain HTML
6. Introduction to PHP
What you need to develop PHPApplication:
• Install Apache (or IIS) on your own server,
install PHP, and MySQL
• OR
• Install Wampserver2 (a bundle of PHP, Apache,
and MySql server) on your own server/machine
7. PHP Installation Downloads
Free Download
PHP: http://www.php.net/downloads.php
MySQL Database: http://www.mysql.com/downloads/index.html
Apache Server: http://httpd.apache.org/download.cgi
• How to install and configure apache
• Here is a link to a good tutorial from PHP.net on how to install PHP5:
http://www.php.net/manual/en/install.php
8. How PHP is Processed
• When a PHP document is requested of a
server, the server will send the document first
to a PHP processor
• Two modes of operation
– Copy mode in which plain HTML is copied to the
output
– Interpret mode in which PHP code is interpreted
and the output from that code sent to output
– The client never sees PHP code, only the output
produced by the code
9. Basic PHP Syntax
• starts with <?php and ends with ?>
<?php ……………. ?>
– Other options are:
1. <? ……………… ?> or<?= ?>(shortened forms)
2. <script language=”php”> ... </script>
• There are three basic statements to output text with PHP:
echo, print, and printf. Example:
echo 'This is a <b>test</b>!';
• Comments:
– #
– //
– /* . . . * /
10. Basic PHP Syntax
• PHP statements are terminated with semicolons ;
• Curly braces, { } are used to create compound
statements
• PHP has typical scripting language characteristics
– Dynamic typing, un-typed variables
– Associative arrays
– Pattern matching
– Extensive libraries
• Primitives, Operations, Expressions
– Four scalar types: boolean, integer, double, string
– Two compound types: array, object
– Two special types: resource and NULL
11. Basic PHP Syntax
Example 1
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> <title>Simple PHP Example</title>
<body>
<?php
echo "Hello Class of 2011. This is my first PHP Script";
echo "<br />";
print "<b><i>What have you learnt and how many friends have you
made?</i></b>";
echo "<br /><a href='PHP I-BSIC.ppt'>PHP BASIC</a>";
?>
</body>
</html>
12. PHP Language Basics
• Constants, Data Types and
Variables
• Constants define a string or numeric value
• Constants do not begin with a dollar sign
• Examples:
• define(“COMPANY”, “Acme Enterprises”);
• define(“YELLOW”, “#FFFF00”);
• define(“YELLOW”, “#FFFF00”);
• define(“PI”, 3.14);
• define(“NL”, “<br>n”);
Using a constant
13. PHP Language Basics
• Constants, Data Types and
Variables
Data types
• Integers, doubles and strings
– isValid = true; // Boolean
– 25 // Integer
– 3.14 // Double
– ‘Four’ // String
– “Total value” // Another string
14. PHP Language Basics
• Constants, Data Types and
Variables
Data types
• Strings and type conversion
– $street = 123;
– $street = $street . “ Main Street”;
– $city = ‘Naperville’;
$state = ‘IL’;
– $address = $street;
– $address = $address . NL . “$city, $state”;
– $number = $address + 1; // $number equals
124
15. PHP Language Basics
• Constants, Data Types and
Variables
Data types
• Arrays
– Perl-like syntax
» $arr = array("foo" => "bar", 12 => true);
– same as
» $arr[“foo”] = “bar”;
» $arr[12] = true;
17. PHP Language Basics
• Constants, Data Types and
Variables
Operators
– Contains all of the operators like in C and Perl (even
the ternary)
Statements
– if, if/elseif
– Switch/case
– for, while, and do/while loops
– Include and require statements for code reuse
18. PHP Variables
• Variables are used for storing values, such as numbers, strings or function
results, so that they can be used many times in a script.
• All variables in PHP start with a $ sign symbol.
• Variables are assigned using the assignment operator "="
• Variable names are case sensitive in PHP: $name is not the same as
$NAME or $Name.
• Variable naming rules similar to variable naming rules in other programming
languages
• In PHP a variable does not need to be declared before being set.
PHP is a Loosely Typed Language.
19. Strings in PHP
• a string is a sequence of letters, symbols, characters and arithmetic values or
combination of all tied together in single or double quotes.
• String literals are enclosed in single or double quotes
• Example:
<?php
$sum = 20;
echo 'the sum is: $sum';
echo "<br />";
echo "the sum is: $sum";
echo "<br />";
echo '<input type="text" name="first_name" id="first_name">';
?>
– Double quoted strings have escape sequences (such as /n or /r) interpreted and
variables interpolated (substituted)
– Single quoted strings have neither escape sequence interpretation nor variable
interpolation
– A literal $ sign in a double quoted string must be escaped with a backslash,
– Double-quoted strings can cover multiple lines
20. Escaping quotes with in quotes
Example 1:
<?php
$str = ""This is a PHP string examples quotes"";
echo $str;
?>
Example 2
<?php
$str = 'It's a nice day today.';
echo $str;
?>
21. The Concatenation Operator
• The concatenation operator (.) is used to put two string
values together.
• Example:
<?php
$txt1="Hello Everyone,";
$txt2="1234 is Dan’s home address";
echo $txt1.$txt2;
?>
22. PHP Operators
Operators are used to operate on values.
List of PHP Operators:
Similar to Other programming language
Arithamatic
Assignment
Bitwise
Comparison
Incrementing/decrementing
Logical
Array
23. PHP Function
In php a function is a predefined set of
commands that are carried out when the
function is called.
The real power of PHP comes from its
functions.
PHP has more than 700 built-in or predefine
functions for you to use.
Complete php string reference
You can write your own functions
24. Using Built-in Functions
• Useful PHPString Functions
<?php
echo strlen("Hello world!");//prints string length
echo "<br />";
echo strpos("Hello world!","world"); //Prints //position of a
word
?>
</body>
</html>
25. Basic PHP Syntax
Inserting external files:
PHP provides four functions that enable you to insert
code from external files: include() or require()
include_once() or require_once() functions.
• E.g.
include("table2.php");
– Includedfiles start incopymode
26. Using Built-in Function
Examples: Inserting external files:
PHP provides four functions that enable you to insert code
from external files: include() or require() include_once() or
require_once() functions.
A sample include file called add.php
<html> <body>
<?php
function add( $x, $y ) {
return $x + $y; }
?>
<h1>Welcome to my home
page</h1>
<p>Some text</p>
</body> </html>
Using the include function
<?php
include('add.php');
echo add(2, 2); ?>
27. Using Built-in Function
Inserting external files - continued:
The functions are identical in every way, except how they
handle errors.
The include() and include_once() functions generates a warning (but
the script will continue execution)
The require() and require_once() functions generates a fatal error
(and the script execution will stop after the error).
These functions are used to create functions, headers,
footers, or elements that can be reused on multiple pages.
This can save the developer a considerable amount of time for
updating/editing.
28. Defining and Referencing a Function
Syntax
function functionname () { your code }
Example:
<html> <body>
<?php
Function Name()
{
echo "Ben John";
}
Name();
?>
</body> </html>
29. Conditional Statements
1. The If...Else Statement
Syntax
if (co nditio n) co de to be
e xe cute d if co nditio n is true ;
else co de to be e xe cute d if
co nditio n is false ;
<?php
$d=date("D");
if ($d=="Fri") echo "Have a nice
weekend!";
else echo "Have a nice day!";
?>
If more than one line should
be executed if a
condition is true/false,
the lines should be
enclosed within curly
braces:
30. Conditional Statements
2. The ElseIf Statement
• If you want to execute some code if one of several conditions
is true use the elseif statement
Syntax
if (co nditio n) co de to be e xe cute d if co nditio n is true ;
elseif (co nditio n) co de to be e xe cute d if co nditio n is true ;
else co de to be e xe cute d if co nditio n is false ;
31. PHP Switch Statement
• If you want to select one of many blocks of code to be executed, use
the Switch statement.
• The switch statement is used to avoid long blocks of if..elseif..else
code.
Syntax
switch (e xpre ssio n)
{
case labe l1 : co de to be e xe cute d if e xpre ssio n = labe l1 ;
break;
case labe l2: co de to be e xe cute d if e xpre ssio n = labe l2;
break;
default: co de to be e xe cute d if e xpre ssio n is diffe re nt fro m bo th labe l1
and labe l2;
}
32. PHP Looping
• Looping statements in PHP are used to execute the same
block of code a specified number of times.
• In PHP we have the following looping statements:
– while - loops through a block of code if and as long as a
specified condition is true
– do...while - loops through a block of code once, and then
repeats the loop as long as a special condition is true
– for- loops through a block of code a specified number of
times
– foreach - loops through a block of code for each element in
an array
33. PHP Arrays
An array can store one or more values in a
single variable name.
There are three different kind of arrays:
Numeric array - An array with a numeric ID key
Associative array - An array where each ID key is
associated with a value
Multidimensional array - An array containing one
or more arrays
34. Tricks and Tips
• Coding
Prototype your web pages first
• Separate the design of the site from the coding
Turn repetitive code into functions
• Makes for more maintainable and reusable code
Turn grunt code into functions
• Database access, configuration file access
35. Tricks and Tips
• Debugging
Feature: PHP is not a strongly typed language
• Variables can be created anywhere in your code
Undocumented Feature: PHP is not a strongly
typed language
• Typos in variable names will cause stuff to
happen
36. Tricks and Tips
• Debugging
Use scripts to dump form and session variables
• Write scripts to dump data to discover bad or
missing data
37. Tricks and Tips
• Development Tools
Color coding editors
• vim, Emacs, Visual SlickEdit
IDEs
• Windows
– Macromedia Dreamweaver
– Allaire Homesite
– Zend’s PHPEdit
– netbeans
• Linux
– ???
38. PHP and the Web
www.intellibitz.com Is typed in firefox
Firefox sends a message over the internet to
the computer named www.intellibitz.com
Apache, a program running on
www.intellibitz.com, gets the message and
asks the PHP interpreter, another program
running on the www.intellibitz.com computer,
“what does /index.php look like?”
39. PHP and the Web
The PHP interpreter reads the file
/var/www/index.php from disk drive
The PHP interpreter runs the commands in
index.php, possibly exchanging data with a
database program such as MySQL
The PHP interpreter takes the index.php
program output and sends it back to Apache
as answer
40. PHP and the Web
Apache sends the page contents it got from
the PHP interpreter back to your computer
over the Internet in response to Firefox
Firefox displays the page on the screen,
following the instructions of the HTML tags in
the page
41. Security
•About 30% of all vulnerabilities listed on the National Vulnerability
Database are linked to PHP.
•These vulnerabilities are caused mostly by not following best practice
programming rules; technical security flaws of the language itself or of
its core libraries are not frequent
•programmers make mistakes, some languages include taint
checking to automatically detect the lack of input validation which
induces many issues.
•There are advanced protection patches such as Suhosin and
Hardening- Patch, especially designed for web hosting environments.
42. Questions?
– Any Questions
• www.php.net
– Community
• www.phpbuilder.com: articles on PHP, discussion
forums
– Newsgroups
• comp.lang.php