So what's the big deal about PHP5? If you’re experienced with PHP4, you probably know about object-oriented programming and... more

So what's the big deal about PHP5? If you’re experienced with PHP4, you probably know about object-oriented programming and the way this was handled with PHP4. If you’re unfamiliar with PHP, but you’re familiar with other programming languages, you’ll probably find PHP5’s implementation of object-oriented principles familiar. Luckily, things have become a lot easier with the release of PHP5. However, there are other improvements and changes, such as more configuration options in php.ini and a host of new array-related and other functions, besides just "better object-oriented programming" handling. This chapter outlines these changes for you.

... less

When you begin a new project, one of the first things you have to consider is the structure of your code. Whether you're... more

When you begin a new project, one of the first things you have to consider is the structure of your code. Whether you're coding something as simple as an online contact form, or as complex as a full-featured content management system, how you organize your code is going to influence the performance and maintainability of the end product.

When you use a language like PHP, there are two main routes you can go: procedural programming and object-oriented programming—OOP for short. Each strategy has its own benefits and limitations.

... less

One of the more prominent features of PHP is its vast collection of built-in functions, even before you start adding in optional... more

One of the more prominent features of PHP is its vast collection of built-in functions, even before you start adding in optional extensions. This is arguably a failing because it makes the job of deciding which function to use in a given situation that much more difficult. Many of the functions are so similar in behavior that it’s sometimes hard to see why they exist as distinct functions. split() or preg_split()? str_replace() or strtr()? ksort(), asort(), rsort(), natsort(), usort() or uksort()? strftime() or date()? This book doesn’t go into the lack of conventions regarding the naming of functions or the order of arguments, or the way in which several functions are merely aliases of others.

One cause of PHP’s overlapping set of functions is its early existence as a mere wrapper over Perl’s and later C’s own libraries. Users familiar with those languages’ function libraries would find their PHP equivalents going by the same names with the same calling conventions, overlaid with PHP’s memory management and type handling. Extensions exacerbated this—with different DBMSs exposing different APIs, PHP introduced different sets of functions for each DBMS it supported. When two extensions boasted functions for two similar things, PHP provided both.

As PHP became implemented more expansively on a wider variety of platforms and built into a wider variety of environments, platform-independent implementations of functions began to be introduced. Hence the existence of both rand() (which uses whatever pseudorandom number generator was supplied by the C compiler PHP was built on) and mt_rand() (which has identical behavior across all platforms). At the same time, PHP developers have been committed to backward-compatibility; even as new mechanisms are introduced, they do their best to retain the old ones in case there are people relying on them.

So PHP’s function list burgeoned, bulging out like a loaf of bread rising in a tin that’s too small for it. At last count, the PHP manual had 3,630 function entries, distributed among 129 chapters, of which 855 are listed in the 30 chapters that the manual describes as "core" or are bundled and require an explicit configuration switch to disable. Those figures are already out of date.

The practical upshot of this is that many PHP programmers are like English speakers—they use only a small subset of the language. There are parts of the language they may just not have any use for. But hidden among PHP’s esoterica are some functions that don’t get the attention they deserve. These are functions that have been present in PHP since version 4.3.2 at the latest—many have been around since the early days of PHP 4. Despite this, they are often overlooked, even when they are ideal for the task at hand. Some of them seem to be used only in tutorials about them. They are by no means the only obscure features of the language. Rather, they represent some of the more powerful core functionality of the PHP environment and are areas which are the site of active development in recent versions.

This chapter seeks to redress some of this injustice.

... less

One of the key elements of most dynamic websites is the database that feeds it. From a simple news page, to an elaborate... more

One of the key elements of most dynamic websites is the database that feeds it. From a simple news page, to an elaborate publishing system or CMS, the database plays a central role in the management of a site’s content. To keep a site running smoothly, it helps to know a few tips and tricks of the database system. In this chapter, you'll learn how to create your databases, manage the various user accounts that will access the system, and combine and optimize your SQL code to perform complex and intricate queries.

... less

When you work with LAMP technologies, there are very few things that influence your coding decisions more than how PHP is... more

When you work with LAMP technologies, there are very few things that influence your coding decisions more than how PHP is configured. The backbone of any PHP installation is the configuration file, php.ini. The settings found in this file can greatly affect how you code your applications, how well the server performs, and even how secure it is. This chapter tells you what settings to look for and change in order to improve your PHP installation and provides you with a set of scripts to automatically prepare your PHP environment and configuration settings to your liking.

... less

This chapter shifts away from talking about PHP for a bit to discuss some features of Apache that you may not be aware of... more

This chapter shifts away from talking about PHP for a bit to discuss some features of Apache that you may not be aware of. You already know that Apache is the most popular and powerful web server available, and that PHP is designed to work with Apache, but you may not know that you can expand Apache itself to make your site run more effectively. True to its open-source nature, there are a number of excellent modules available for Apache that expand its functionality and provide useful features for you as a site administrator.

This chapter discusses three of those modules. Mod_rewrite enables you to provide URL substitutions to accommodate site changes, but if you use it properly, you can use it to secure your site and make it friendlier to search engines. Mod_speling helps correct inadvertent spelling mistakes made by visitors to your site. Mod_deflate will enable you to compress your content as you send it to users, saving you money on bandwidth. Mod_auth_mysql lets you beef up your site security by harnessing the power of a user database with Apache’s authentication. Mod_ssl allows you to encrypt the data flowing to and from your web server. Finally, mod_dav allows you to use your Apache web server as a distributed file repository.

... less

Security is one of the foremost concerns of every site administrator—and if it isn’t, it should be. Placing your site on... more

Security is one of the foremost concerns of every site administrator—and if it isn’t, it should be. Placing your site on the public Internet is an open invitation to intruders of every sort, and you need to be able to handle them, no matter how small or specialized your site may be. Fortunately, PHP can help you protect your site and your users’ data. As discussed in the previous chapter, you can use Apache to control authentication, but you can also use PHP’s built-in functions to make your own authentication system. After this chapter shows you how to do that, it will take you through some of the more common types of attacks you may encounter, and show you some simple methods to prevent them.

... less

The underlying concept of open source is, of course, using a collaborative effort to accomplish great things. The synergy... more

The underlying concept of open source is, of course, using a collaborative effort to accomplish great things. The synergy that exists between the countless contributors and their efforts pushes open source projects through ever-expanding boundaries. However, with this immense and vastly diverse effort come challenges that could potentially hinder the success of the movement. These challenges are organization, coordination, and direction. Without organization, there would be no standards in code writing, or a systematic approach to putting together a package. Without coordination, snippets of code would be dispersed throughout the vast Internet, most likely lost between poorly written HTML pages, never to be seen by human eyes. Without direction, there would be no look to the future, no resource for aspiring contributors to get excited about. In short, there would just be a bunch of techies writing and rewriting the same snippets of code as everybody else, all acting independently in their own little proverbial computing bubbles. Everyone knows that no man is an island, however, and that's where the PEAR and PECL groups come in, to provide desperately needed organization, coordination, and direction, so developers can all be better coders in the long run.

By providing developers with ready-made scripts that accomplish common tasks, such as connecting to a database or interfacing with an XML document, PEAR and PECL packages can save you a lot of coding time and headaches.

While they both accomplish similar tasks, PEAR and PECL do have fundamental differences, which this chapter explains in detail.

... less

The faster you can serve pages, the busier your site can be without users experiencing delays. This chapter covers methods... more

The faster you can serve pages, the busier your site can be without users experiencing delays. This chapter covers methods for improving the performance of your sites, and also for identifying which methods are likely to be most effective.

“More pages in less time” is the rationale, but just as there are car enthusiasts who spend every free moment elbow-deep in their car’s innards trying to shave another tenth of a second off the quarter mile, there are site developers who want to shave another millisecond off displaying the login page. You can take things too far!

You don’t want to waste your time on improvements that no one will notice, so the first section of this chapter will present a couple of cameos that illustrate just how little difference even large improvements can sometimes make, how much difference small improvements can make, and how valuable it is to understand your entire system before messing with it.

Your program runs on PHP, which runs on your web server and communicates with your DBMS, which both run on your operating system, which runs on the physical hardware. Subsequent sections look at all of these for opportunities for improvement and techniques for deciding what needs improving.

Finally, there will be a few tiny miscellaneous coding tweaks that might shave a millisecond off the login page, which are presented here because if you know and use them from the beginning, you won’t later be tempted to spend time better spent elsewhere going back and introducing them to existing code.

... less

Although the core of the PHP language provides functions that accomplish many commonly needed tasks, there are numerous extensions... more

Although the core of the PHP language provides functions that accomplish many commonly needed tasks, there are numerous extensions that can be added to bring a PHP configuration to a whole new level. This chapter explores some of the more useful extensions, but it only touches on the tip of the iceberg. The extensions in this chapter deal with manipulating images, creating PDF files (without the use of Adobe Acrobat), creating flash files (without the use of any commercial software), and interfacing with XML documents. Some of these extensions are already bundled and enabled for you with the default configuration, so what are you waiting for?

... less

Typical web applications interact with the user via forms. The server sends the client a form, the user enters responses,... more

Typical web applications interact with the user via forms. The server sends the client a form, the user enters responses, and the form is submitted back to the server for processing. Once the form is processed, the server responds with a new complete page, the composition of which is often dependent upon the user's last form submission. In each interaction with the user, an entirely new page is required. Such applications must use bandwidth, transferring constant page elements (site navigation, for example) with each page request, even though these elements were sent to the client in previous responses. Further, such applications are slower than desktop applications, because the web application is unresponsive while the results of one interaction are being processed and until the new page loads.

AJAX (Asynchronous JavaScript and XML) refers to a group of technologies that allows for the creation of fat-client web applications, where the responsibility for a relatively large portion of the application processing is given to the client. Specifically, AJAX applications often use XHTML and CSS for semantic markup and presentation, XML to format data that will be exchanged between client and server, and JavaScript to communicate with the server and manipulate the Document Object Model (DOM). When using AJAX, communication between the client and the server can be limited to data only, as the client has the functionality necessary to handle presentation and user interaction. Further, such communication happens asynchronously and without a page refresh. This allows for the client-side of the application to remain responsive even while data is being exchanged with the server. If a user performs an action that requires a request be sent to the server, the request can be sent and the application can handle further interaction while awaiting a response (even issuing more requests). This concept is illustrated in Figure 11.1.

Probably the most popular AJAX application today is Google's GMail (http://www.gmail.com), a web-based email client. In traditional web-based email clients, nearly every action by the user causes a refresh of the entire page or frame. Because GMail employs AJAX, the page never refreshes. Rather, the interface is updated dynamically by manipulating the DOM via JavaScript based on user interaction with the application and XML communication with the GMail server. This enables, for example, a user to compose an email, click Send, and continue reading his or her email while the GMail server handles the actual processing of the sent message. While reading the rest of the email, he or she will receive a status message indicating that the message was sent successfully.

... less

You've done your best to clean up your code and reduce processing load in your PHP scripts, but you just can't seem to make... more

You've done your best to clean up your code and reduce processing load in your PHP scripts, but you just can't seem to make your pages fast enough to keep your users happy. Time to throw in the towel? Not quite—there's more performance you can get out of your LAMP setup, and caching engines will help you do this.

When dealing with different caching solutions for PHP5, you have a handful of choices. A couple of setups actually cache the internally compiled PHP scripts, others cache the generated output, and others still cache the intermediate data processing objects. This chapter introduces you to several caching engines, and can help you decide which one is right for you.

... less

A Content Management System (CMS) assists a software or Web developer in organizing and facilitating any collaborative process... more

A Content Management System (CMS) assists a software or Web developer in organizing and facilitating any collaborative process and its final outcome. The term "content management" loosely refers to not only the checking in and out of files, but also the generalized sharing of information, such as common calendars, wikis, and the like. The earliest Content Management Systems emerged around 1975 when mainframes and electronic publishing required really began to catch on. These earliest versions were basically nothing more than general repositories that enabled multiple users to participate in the same project.

As computer systems became more and more complex, the need to effectively manage content also becomes more complex. As the Internet came to fruition, so did the wave of CMSs. Now there are more CMSs than you can shake a stick at. The goal of this chapter is to try and wade through all the muck to help you define whether you need a CMS, which variety of CMS is right for your project, and how you can use a CMS to improve your efficiency.

... less

This appendix is a guide to translating common PHP elements from other languages, to help you apply any existing knowledge... more

This appendix is a guide to translating common PHP elements from other languages, to help you apply any existing knowledge you have of ASP/VBScript, ASP.NET/C#, or JSP/Java to PHP.

... less

Whenever discussions of popular PHP tools spring up, the conversations usually center around text editors or coding IDEs.... more

Whenever discussions of popular PHP tools spring up, the conversations usually center around text editors or coding IDEs. Which has the best language support, syntax highlighting, code parsing, and so on? Unfortunately, with all the focus on text editors, excellent non-coding tools can sometimes get neglected. Instead of rehashing the usual arguments for one editor versus the other, this appendix shows you some of the tools you can use in your development cycle—those that don't immediately churn out code, but those that you might find hold a key position in the overall development process.

... less