318lab13-projected


CS 318 - Week 13 Lab - 4-22-13

Intro to PHP --

********
MAY 9, Thursday, 3:30 - 5:00 - SH 120 -
you are invited to attend the CS 435 - Software Engineering -
    final project demos!
********

********
EMAIL me if you're interested in Art/CS small experimental
directed study developing either an iOS or Android app
********

...back to PHP intro!

*   note that the course text DOES have MUCH info on --
    in Chapter 5 AND within a number of the subsequent
    chapters!

*   created by Rasmus Lerdorf in 1995

    originally stood for "Personal Home Page"
    but when it was expanded into the language it is today,
    it was changed to stand for:

    PHP Hypertext Preprocessor (yes, it IS a recursive acronym)

    *   PHP is server-side -- executed on the application
        tier;

    *   you embed snippets of code within HTML, like
        JavaScript,
	but those snippets are executed on the application
	tier "server-side", like JSP

        IF I UNDERSTAND CORRECTLY, it is INTERPRETED
        on the application tier (rather than compiled)

    *   much of its syntax id borrowed from C, Java,
        Perl, but also has some unique PHP-specific
	features/style thrown in;
        (because of its Perl influence, I get a UNIX-shell-like
	vibe at times, too)

*   our CS 318 course-coding-style PHP tags:

    <?php

    ?>

    we'll also use its expression tag:

    <?=  ?>   

    ^ yes, you CAN use this like the JSP expression tag...

    (but can ONLY use expression tag if short tags are enabled
    by your PHP preprocessor on your server -- beware?)

*   you DO need to end PHP files (or HTML with PHP embedded)
    with the suffix .php

    BUT you can place this anywhere in your public_html
    directory tree;

*   if I want to get to a dreaded PHP "hello world" page --
    I might quickly throw 3 more concepts out there:

    *   variables don't have types, a value of any type
        can just be thrown into a variable --
	(values have types, variables don't)

    *   scalar variables start with $

    and so:

    <?php
        $answer = 6*7;
    ?>

    <?= $answer ?>

*   let's go ahead and throw in server-side includes,
    also --

    require
    include
    require_once
    include_once

    require/require_once will cause a FATAL error if the
    file to be included CAN'T be included

    include/include_once will cause a WARNING message if the
    file to be included cannot be included (but it'll try
    valiantly to go on)

    ...choose the appropriate function based on how vital
    the included file is!

    *   the _once variants will ONLY include that file
        once, even if several files happen to be including
	the same thing...

*   strings can be surrounded by ' ' or " "

    BUT! 

    variables within " " WILL be replaced by their value,
    variables within ' ' will NOT;

    (and you can escape special characters with a \)

*   can print with echo or print
    ...but text suggests AVOIDING these when possible
    and use <?= ?> expression tags instead

    ^ BUT if DON'T know server it'll be running on --
    print and echo and here docs etc. are SAFER
    (not all servers have short tags enabled)

*   you DO have many familiar arithmetic operators --

    + * / -
    ++ -- 

    >= <= < > == !=

    ===  <-- equal to AND the same type!
    !==  <-- not equal to OR not the same type!

    += *= -= /=

    = is assignment

    and  &&
    or   || 
    ...DIFFERENT LEVELS of operator precedence!

*   supports 4 scalar data types:
    integer, float, string, boolean

    also supports 2 non-scalar types:
    arrays and objects

    *   (many non-boolean values are treated as false
        in a boolean context -- e.g., 0 is treated
	as false -- see the php manual for more)

*   functions in PHP:

    function funct_name( parameters )
    {
        // function code

        return; or return value; 
    }

    *   return; is optional IF your function isn't to
        return anything

*   varplay.php includes an if-else, so you can see that's
    very C-flavored;
    ...likewise for other basic control structures;
    ...(although there are also ALTERNATE syntaxes for these
       too, oy!) <-- with labelled ends instead of { }

*   WHEN PHP is being used to handle a request...

    there are some associative arrays set up and populated for you:

    $_GET["parametername"] will have the value for a name
       parametername from a form whose method is "get"

    $_POST["parametername"] will have the value for a name
       parametername from a form whose method is "post"
 
    *   PHP provides some handy functions to help with
        fighting XSS ---

	strip_tags($blah) will return a version of its
	    argument with HTML tags REMOVED

        htmlspecialchars($blah) will return a version of
	    its argument with potentially-harmful characters
	    replaced with their HTML display-equivalents

    $_SESSION["attributename"] will have the value for
        a prevously-set-up session attribute named
        attributename
	...BUT there is setup you need to for sessions to
	work, more on that on Wednesday;