Introduction to PHP

“What does PHP stand for?” is always the first question, and the answer isn’t very satisfying: it stands for PHP Hypertext Preprocessor. Originally it did stand for something else, Personal Home Page, but that was such a poor description of what it is that it is no longer used. A more useful description of PHP is that it is a language interpreted by a web server before sending HTML data to a browser. To understand that better, consider what a web server does in a simple example: A browser requests a document via the World Wide Web by sending a request, using HTTP protocol, to a web server. It specifies the document by using a URI (Universal Resource Identifier—essentially, the same as a URL). In the simplest case, the document is an HTML document, that is, a file on the server, with a filename extension of .HTM or .HTML. That file contains text and HTML tags. The server sends the file to the address in the request, but it also parses the file and sends any embedded reference files, such as images and audio or video, or CSS (Cascading Style Sheets) that might be referenced in tags. Thus, the content of what is sent is fixed or static. Whatever is in the file is what is sent. The HTML document might include client side programming using Javascript or VBScript, which are embedded in the document and can be executed by the browser, such as menus and “roll over” buttons. But once the file has been sent, the server is effectively finished; it doesn’t even “know” whether the requesting browser is still there. That scenario is the standard static HTML scenario. But there are situations that require that the content that is sent to the browser should be dynamic and not constrained by what is in an HTML file. An obvious example would be a query to a database, but it could be all sorts of other requirements, too. The older way of addressing this requirement was called CGI (Common Gateway Interface) and required a program to be run from a designated file on the server. The program could be written in almost any language, such as Perl, Python, C, C++, Java, etc., as long as it conformed to certain CGI definitions of how to pass data into and out of the program. This method is still used a lot. But another way of handling this server side programming is to include the programming code within the HTML file and configure the web server to detect files that require preprocessing by another program before delivering the HTML data to the browser. PHP is the favorite open source language to do this; Microsoft’s ASP (Active Server Pages) is another. For some years now, both Microsoft’s web servers and the widely used Apache open source web server are able to detect files that need to be preprocessed. Usually this is done by using a distinctive filename extension, normally .php, instead of .html, indicating that the file contains at least some PHP code, and optionally, some HTML code. Here’s an attempt to compare how a web server handles static HTML, CGI and Preprocessor document requests: Browser Internet Web Server xxx.html cgi-bin/ Browser Internet Web Server xxx.pl perl interpreter xxx.php Browser Internet Web Server (HTML and PHP) php preprocessor engine You can see similarities between CGI and a preprocessor such as PHP. The differences are partly that the PHP code can be embedded in the same file with HTML, whereas CGI requires a completely separate program file and must generate all HTML and content that is to be sent to the browser; and the syntax of the language itself, which is arguably simpler than languages such as C and Perl. So now, let’s look at the PHP language and how it may be combined with HTML. A file may contain both HTML and PHP, interspersed, with the following rules: The filename extension is normally .php, although this is a matter of configuring the web server. Within the file, all PHP statements must be contained within special tags, . To send text and HTML tags to the browser, use the PHP echo statement. An example should help explain this. Although the following could also be done using Javascript, on the client side, a simple example would be to include the day of the week in the greeting to a viewer: Greetings!
”; ?> First of all, notice that the tag. The file that is sent to the browser would look like this (no PHP code is sent!): Greetings!
Today is Thu
Next, notice that every line of PHP code within the tags is terminated with a semicolon (;). In PHP, all variable names are prefixed with a dollar sign ($). The line that assigns a value to the variable $day utilizes a built-in function, date(), which returns the current date and time, formatted as defined by the argument. ‘D’ returns the day of the week abbreviated as 3 letters. Finally, the echo statement instructs Apache web server to send the quoted string to the browser. Within double quotes, a variable name will be replaced by its value. Thus, the browser, in the previous example, would display: Greetings! Today is Thu Pause a moment to understand why this is different from a static HTML document, as well as different from an HTML document that contains a Javascript routine that displays the day of the week (which could easily be done, too). A static HTML document, without using an embedded script, could not display a variable value such as the current day or date. An HTML document with a Javascript (or VBScript) client side routine to display the date would produce the same result, but if you examined the source file that was sent to the browser, it would not contain the value “Thu”. It would contain the script itself. With PHP, if you examined the source file, you would find no PHP code, you would find the variable value embedded in the HTML, as if it had been stored in the file on the server! As previously explained, for this over simplified example, there’s not much reason to use PHP rather than Javascript. But suppose you needed to extract data from a database on the server to include in the document you are going to send to the browser? Client side scripts cannot possibly do that, because once the file is sent to the browser, the server is out of the picture! There’s no way for client side code to access any of the server’s resources, such as a database. But with PHP, the database lookup or other server functionality occurs before the document is sent to the browser, so you have access to a database or other resource on the server. Furthermore, the browser never receives any PHP code, so you can embed passwords, etc. in your code without exposing them to the outside world. Returning to the details of syntax, all PHP code must be enclosed between tags, which must be at the beginning of separate lines. There can be more than one insertion of PHP code in the same file; that is, a file can start off, say, with HTML, then a PHP section, followed by more HTML, and perhaps another PHP section, etc. A file can contain only PHP code, but for any HTML to be sent to the browser, in that case, everything would have to be sent with the echo statement, even the line. Variables behave much as in Python; they don’t have to be declared and they don’t have fixed data types. If you assign a numeric value to a variable, you will be able to perform arithmetic operations on that variable. For numeric values, a variable will take on the data type of integer or float depending on the value assigned to it. For example, a statement like $xyz=17 will force $xyz to be an integer data type. If you then state $xyz=0.333 the variable will change to be a float data type. Once again, all variable names begin with a dollar sign ($). PHP is very rich in its built-in functions, such as date(). All the usual math functions (perhaps not advanced math, but all the basics), all the string manipulation functions you would expect, date manipulation functions, functions for dealing with SQL (Structured Query Language) databases, specialized functions for sending email, etc. Just as with most programming languages, there is syntax for conditional branching (various if and select statements) and loops (for, while, etc.). And the ubiquitous echo statement that sends the quoted string to the browser. A word about quoted strings. PHP recognizes either matching single- or double-quotes, but with this difference: within double quotes, $ variable names are replaced by their values, but not within single quotes. Another thing to remember is that the string concatenation operator in PHP is the period (dot). The following PHP statement: echo ‘This is ‘ . ”a test.”; will send the browser this string: This is a test. Again, every PHP statement must end with a semicolon (;). Obviously, the complete syntax of PHP is beyond the scope of this short introduction, but perhaps a slightly more complicated example will help get you started. Since I haven’t discussed databases at all yet, the following example will be somewhat impractical, but it illustrates some PHP syntax and lays a foundation for database use later on. Let’s create a web page that asks the user to enter their name and password and then checks that back at the server (for a practical use, it would check it against a user/password database). This could be done with two files, the first being the data form that asks for the name and password, and a second file to tell the user that it was accepted or rejected. But this example will do both jobs, using just one file! It will actually run twice, once to ask for the data, then again to report the results. How does it know which to do? The first time, presumably the user has entered the URI in his or her browser, with no parameters passed to the server. The second time, the same file will be called, but with form data passed along with the URI. The PHP code can determine which action to take, based on whether it finds parameters or not. Now you will need to learn several new concepts. Firstly, how to create a data form, which is plain HTML, not PHP, although we will create the HTML with PHP. Why? Because we want to display the form the first time only—in other words, conditionally. HTML is not conditional, but PHP is. A simple data entry form in HTML can be created like this: Name:
Password:
Here is what to look for: • • • • • • • the form is defined between the beginning and ending

tags. the tag contains two crucial values: method and action. the method must be either post or get (to be explained a bit later). the action is the URI of the program or PHP file that will be called when the Submit button is clicked. The value of the Submit button is the wording that will appear on the button. captions are just text (“Name:”, “Password”). the data entry boxes are created by the tags and each must have a distinctive name. the form must have a Submit button that sends the data back to the action URI in the form tag. The preceding HTML creates something that looks roughly like this: Name: Password: Submit Form Now let’s look at the difference between get and post. Each of these two methods passes the form data in a different way to the server when the Submit button is clicked. Get appends the data to the action URI, which can be seen in the address line of the browser, using a question mark (?) to signify the beginning of the get parameter(s) and an ampersand (&) between multiple parameters. Each parameter consists of a key followed by an equal sign (=), followed by a value. Using the preceding example, if the method had been get, the full URI sent to the server would be something like this: serverdomain.com/myaction.php?myname=don&mypassword=abc123 But, as you see, the example used the post method, instead. The post method does not append the parameter(s) to the URI, it sends them separately, as a string array. One advantage to the post method is that it does not reveal the parameters in the browser address window. You will see how PHP retrieves the information from the array. So now we can begin writing our PHP/HTML document file. First, let’s diagram what we want it to do. Is there any post data? (if there isn’t, we want to display the form) Display the form Check the password Advise user password is invalid Welcome user to system As you can see, there are two conditional (if) branches in this logic: if there is any post data, and if there is, if the password is correct. This requires processing logic to be executed at the server in order to determine what to send to the browser. This can’t be done with HTML, nor with Javascript. It requires a language like PHP or ASP (or it could be done using a CGI program written in Perl or another language). So let’s tackle the first necessity, determining if any post data has been submitted when the URI is received. PHP retrieves post data with the following syntax: $name=$_POST[‘myname’]; $pwd=$_POST[‘mypassword’]; Notice that we can name the variables anything we want, but the key into the post array must match the names of the Form elements. If we were trying to retrieve get parameters, the array would be $_GET[] instead of $_POST[]. It’s worth noting, at this point, that PHP is case sensitive! So if either $name or $pwd are NULL (which is a PHP built-in constant), either this is the first time the page has been requested by this user, or they have submitted the form with no data. In either case, we want to display the data entry form. If both variables have non-null values, we want to check the values to see if they are acceptable. We’ll cover some of the syntax details later, but notice that we begin with HTML, just because it’s simpler to do than with PHP’s echo statements, but when we get down to where we need to know if there were any post parameters, and then the conditional logic, we have to go into PHP: ”; echo “Name:
”; echo “Password:
”; echo “”; echo “

“; } else { // check whether username and password are valid: // (in a realistic application, this would be a database query) if ($name=”don” && $pwd=”123xyz”) { // username and password valid: echo “Congratulations! User $name is accepted!”; } else { // invalid: echo “BRRRAACK!!! User or password is invalid!”; } } ?> There are lots of new things here! First, notice that anything on a line following a // is a comment. The conditional (if) syntax has the following structure: if ( boolean expression ) { ... statements to execute if expression is true } else { (optional) ... statements to execute if expression is false } Notice that the boolean expression is enclosed in parentheses. Also note that blocks of statements are enclosed in curly brackets (braces). Also note that the OR operator is represented by two vertical lines, or “pipe” symbols, and the AND operator is represented by two ampersands. We would save this file as myaction.php so that the web server (usually either Apache or Microsoft IIS – Internet Information Server) will send the file, along with any get or post parameters, to the PHP engine for preprocessing prior to sending the HTML (remember, there will be no PHP code remaining in it) to the browser. This one source document thus can produce three entirely different pages, depending on whether there were any post parameters found and if so, if they were valid! This versatility can make document maintenance easier than if there were three different source files. With this introductory look at PHP, you should be able to see how it is used, but of course there are many thick books written to explain all the syntax and functions needed to write practical PHP code.