7401ICT: Web application development in PHP


Summary

PHP (PHP Hypertext Processor) is a free, open-source, mature, widely available, efficient, well-documented, HTML-embedded server-side scripting language, specifically designed for implementing the server-side tier of Web applications.

It is used for implementing some of the Web's largest applications, e.g., yahoo.com and facebook.com. It is also suitable for writing very small applications.

The official PHP site contains a tutorial and the documentation.

Another important site is zend.com.

Here are three introductory tutorials:

Many of these tutorials, and others, recommend deprecated and poor PHP programming style.

Here are some recommended texts, all in the library in paper and/or online form.

Search amazon.com for "Programming PHP" for descriptions of many other good texts.

At Griffith, PHP is available on the student Linux server dwarf.ict.griffith.edu.au and on the staff Linux server hobbit.ict.griffith.edu.au.

The language and library

PHP is an HTML-embedded scripting language. It is a modern, dynamically-typed, object-oriented language with Java-like control structures and an extensive library to support Web programming. It is relatively easy to learn and very powerful, but it is not as clean and regular as other languages such as Java, C#, Python and Ruby.

Constants are declared using the define() function:

define("LIMIT", "5");

Only booleans, integers, doubles and strings may be constant values.

Variables are preceded by a dollar character, e.g., $current, $values[2].

The most important primitive data types are booleans, integers, doubles and strings. The most important structured data types are arrays (which correspond to Java or Python lists) and associative arrays (which correspond to Java maps and Python dictionaries). Both are accessed using the conventional bracket notation:

a["key"] = b[0];

Control structures have several syntactic forms, including the familiar Java forms using braces. Functions may or may not return values.

PHP supports an object-oriented programming style that is similar to Python's and more restrictive than Java's.

PHP has multiple representations of false (e.g., 0, "", FALSE, NULL). In some contexts these are equal, in others they are not. PHP also has very subtle type conversion rules (e.g., "abc" + 1 = 1). These and other issues make programming in PHP more difficult than programming in better designed languages!

PHP has a mature and extensive library to support programming, database access, and Web application development.

The most complete database access library is the one to access MySQL, which can be considered the native DBMS for PHP.

However, the PHP library also includes a database abstraction layer, PDO, which allows programs to access any of several RDMBSs in a uniform way. This allows you to retarget your application between SQLite, MySQL, PostgreSQL or Oracle with minimal effort (as with Django). However, this is not an ORM (object-relational mapping); it still requires you to use SQL to access and update the database.

Web application development

Example applications are structured as a set of scripts. Each script should perform a single, simple, documented task. Normally the task is either to display an HTML page or to update information stored on the server. PHP scripts thus correspond to Django views. However, PHP scripts are referred to directly in application URLs, not via a URL configuration file as in Django and (the JEE framework) Play!

The selection of such scripts and the design of their interactions should be guided by a disciplined process such as that described in an earlier lecture.

The simplest PHP script is a plain, ordinary HTML document. Collections of related function (and constant) definitions are typically stored in a definitions file that is included in each script that uses the defined functions.

More complex PHP scripts contain PHP code blocks embedded in HTML documents. These code blocks output text which becomes part of the HTML document returned to the client.

Well-written PHP scripts completely separate application code written in PHP from HTML presentation written using a template system such as Smarty.

Web application development may also user more recent, higher-level, MVC frameworks such as CakePHP and Symfony. See below.

Examples

Greetings example

Here is a greetings example based on an example in the tutorial on the PHP Web site. The example shows how to transfer information from an HTML form to a PHP script, transform the information, and output the transformed information as an HTML document.

Note that this example uses bad style: it does not use templates and it does not validate user input.

Key points to note include:

Note that, at least on our Linux servers, directories and files must have very specific locations and permissions:

(Incorrect permissions is the most common cause of student errors when learning PHP!)

Factoriser example

Here is a factoriser example that acts as a compute server. This example also shows how to transfer information from an HTML form to a PHP script, perform a nontrivial computation, and return the result in an HTML page. Note that this example uses bad style - it does not use templates - but it does validate user input.

Personal details example

The previous two examples used very simple HTML form elements. This personal details example illustrates how many different kinds of HTML form elements are processed in PHP. It's an important example to understand form processing. Again, this example uses bad style: it does not use templates or validate user input.

PM database example

This (PHP) database of Australian Prime Ministers illustrates how relational data may be stored as an array of associative arrays and one way of handling user-defined queries in PHP scripts. This example illustrates good style: it stores function definitions in a separate, included file and uses HTML templates.

Guestbook example

This guestbook application allows users to enter guestbook messages that other users can see. This example also uses good style. It stores these entries in a MySQL database on the server. It stores function definitions in a separate, included file. It uses HTML templates. It uses an escape filter in templates to prevent cross-site scripting attacks. It avoids the reload-redo problem by redirecting to the home page after adding each new entry.

Groups management example

This simple groups management example allows users to create discussion groups and to write new messages and reply to messages in groups. It illustrates use of the list-detail pattern.

Frameworks

Out of the box, PHP provides no support for site administration, for user management, for object-relational mapping, for comments, for news feeds, for anything. Hence, programmers have implemented several higher-level PHP frameworks to support developers.

CakePHP is an older framework using the MVC pattern, similar to Ruby on Rails and Django (below), but less convenient (in my opinion).

Symfony is a newer framework that seems to be better designed. In many ways, it's similar to Django, using models, views, controllor, router (URL config), but not as well integrated and suffering from having to use PHP instead of Python.

There are many other PHP frameworks, including Zend and Yii.