PragsoftSticky Notewww.ebooks.org.in

PHP5 and MySQL® Bible

Tim Converse and Joyce Parkwith Clark Morgan

01 557467 FM.qxd 4/5/04 11:09 AM Page iii

www.ebooks.org.in

01 557467 FM.qxd 4/5/04 11:09 AM Page ii

www.ebooks.org.in

PHP5 and MySQL® Bible

01 557467 FM.qxd 4/5/04 11:09 AM Page i

www.ebooks.org.in

01 557467 FM.qxd 4/5/04 11:09 AM Page ii

www.ebooks.org.in

PHP5 and MySQL® Bible

Tim Converse and Joyce Parkwith Clark Morgan

01 557467 FM.qxd 4/5/04 11:09 AM Page iii

www.ebooks.org.in

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONSOR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK ANDSPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR APARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS.THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK ISSOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING,OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF ACOMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BELIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO INTHIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THATTHE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDEOR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTEDIN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN ITIS READ.

PHP5 and MySQL® Bible

Published byWiley Publishing, Inc.10475 Crosspoint BoulevardIndianapolis, IN 46256www.wiley.com

Copyright © 2004 by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 0-7645-5746-7

Manufactured in the United States of America

10 9 8 7 6 5 4 3 2 1

1B/SR/QU/QU/IN

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means,electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorizationthrough payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the LegalDepartment, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4447, E-Mail: permcoordinator@wiley.com.

For general information on our other products and services or to obtain technical support, please contact our CustomerCare Department within the U.S. at (800) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available inelectronic books.

Library of Congress Control Number: 2004103176

Trademarks: Wiley, the Wiley logo, and related trade dress are trademarks or registered trademarks of John Wiley & Sons,Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. MySQLis a registered trademark of MySQL AB Limited Company. All other trademarks are the property of their respective owners.Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.

01 557467 FM.qxd 4/5/04 11:09 AM Page iv

www.ebooks.org.in

About the AuthorsTim Converse has written software to recommend neckties, answer questions about spacestations, pick value stocks, and make simulated breakfast. He has an M.S. in ComputerScience from the University of Chicago, where he taught several programming classes. He isnow an engineering manager in the Web search group at Yahoo!.

Joyce Park has an M.A. in history from the University of Chicago, and has worked for severalSilicon Valley startups including Epinions, KnowNow, and Friendster. She is a co-lead of theMod-pubsub Open Source project.

Clark Morgan is a Web application and educational software developer with more than fiveyears’ experience writing PHP. He works primarily with medical clients and related busi-nesses. Originally from Boston, he now lives and works in Jacksonville, Florida, with his wifeand two children. Clark spends entirely too much of his free time reading other people’s com-puter books.

01 557467 FM.qxd 4/5/04 11:09 AM Page v

www.ebooks.org.in

CreditsAcquisitions EditorDebra Williams Cauley

Development EditorSara Shlaer

Production EditorEric Newman

Technical EditorsChris CornellDavid Wall

Copy EditorC. M. Jones

Editorial ManagerMary Beth Wakefield

Vice President & Executive GroupPublisherRichard Swadley

Vice President and ExecutivePublisherBob Ipsen

Vice President and PublisherJoseph B. Wikert

Executive Editorial DirectorMary Bednarek

Project CoordinatorApril Farling

Graphics and Production SpecialistsBeth BrooksSean DeckerCarrie FosterLauren Goddard

Quality Control TechnicianLaura AlbertCarl William Pierce

Permissions EditorCarmen Krikorian

Media Development SpecialistAngela Denny

Proofreading and IndexingTECHBOOKS Production Services

01 557467 FM.qxd 4/5/04 11:09 AM Page vi

www.ebooks.org.in

To our parents:For their love, for their sacrifices,

and for letting us read a lot when we were kids.

— Tim Converse and Joyce Park

This, my first serious writing effort, is for my lifelong friend Bob, who pointed me inthis direction nearly ten years ago and then had the nerve to suggest I write about it.

— Clark Morgan

01 557467 FM.qxd 4/5/04 11:09 AM Page vii

www.ebooks.org.in

01 557467 FM.qxd 4/5/04 11:09 AM Page viii

www.ebooks.org.in

Preface

Welcome to PHP5 and MySQL Bible!Although we’re biased, we believe that the PHP Web-scripting language is the hands-down win-ner in its niche — by far the easiest and most flexible server-side tool for getting great Websites up and running in a hurry. Although millions of Web programmers worldwide could bewrong, in this particular case, they’re not. MySQL is the most popular open-source databaseplatform, and it is the first choice of many for creating database-backed PHP-driven Web sites

As we write this, PHP5 is in its third beta version, and PHP has continued to grow in reach,adoption, and features since we wrote the first two versions of this book.

What Is PHP?PHP is an open-source, server-side, HTML-embedded Web-scripting language that is compati-ble with all the major Web servers (most notably Apache). PHP enables you to embed codefragments in normal HTML pages — code that is interpreted as your pages are served up tousers. PHP also serves as a “glue” language, making it easy to connect your Web pages toserver-side databases.

Why PHP?We devote nearly all of Chapter 1 to this question. The short answer is that it’s free, it’s opensource, it’s full featured, it’s cross-platform, it’s stable, it’s fast, it’s clearly designed, it’s easyto learn, and it plays well with others.

What’s New in This Edition?Although this book has a new title, it is in some sense a third edition. Previous versions were:

✦ PHP 4 Bible. Published in August 2000, covering PHP through version 4.0.

✦ PHP Bible, Second Edition. Published in September 2002, a significantly expanded ver-sion of the first edition, current through PHP 4.2.

Our initial plan for this book was to simply reorganize the second edition and bring it upto date with PHP5. We realized, however, that although the previous editions coveredPHP/MySQL interaction, we had left readers in the dark about how to create and administerMySQL databases in the first place, and this led to many reader questions. As a result, wedecided to beef up the coverage of MySQL and change the title.

01 557467 FM.qxd 4/5/04 11:09 AM Page ix

www.ebooks.org.in

x Preface

New PHP5 featuresAlthough much of PHP4’s functionality survives unchanged in PHP5, there have been somedeep changes. Among the ones we cover are:

✦ Zend Engine 2 and the new object model, with support for private/protected members,abstract classes, and interfaces

✦ PHP5’s completely reworked XML support, built around libmxl2

✦ Exceptions and exception handling

MySQL coverageWe now cover MySQL 4.0 installation, database design, and administration, including back-ups, replication, and recovery. As with previous editions, we devote much of the book totechniques for writing MySQL-backed PHP applications.

Other new materialIn addition to MySQL- and PHP5-specific features, we’ve added:

✦ Improved coverage of databases other than MySQL (Oracle, PostgreSQL, and the PEARdatabase interaction layer)

✦ The PEAR code repository

✦ A chapter on integrating PHP and Java

✦ Separate chapters on error-handling and debugging techniques

Finally, we reorganized the entire book, pushing more advanced topics toward the end, togive beginners an easier ramp up.

Who wrote the book?The first two editions were by Converse and Park, with a guest chapter by Dustin Mitchelland tech editing by Richard Lynch. For this version, Clark Morgan took on much of the revi-sion work, with help by Converse and Park as well as by David Wall and Chris Cornell, whoalso contributed chapters and did technical editing.

Whom This Book Is ForThis book is for anyone who wants to build Web sites that exhibit more complex behaviorthan is possible with static HTML pages. Within that population, we had the following threeparticular audiences in mind:

✦ Web site designers who know HTML and want to move into creating dynamic Web sites

✦ Experienced programmers (in C, Java, Perl, and so on) without Web experience whowant to quickly get up to speed in server-side Web programming

✦ Web programmers who have used other server-side technologies (Active Server Pages,Java Server Pages, or ColdFusion, for example) and want to upgrade or simply addanother tool to their kit.

01 557467 FM.qxd 4/5/04 11:09 AM Page x

www.ebooks.org.in

xiPreface

We assume that the reader is familiar with HTML and has a basic knowledge of the workingsof the Web, but we do not assume any programming experience beyond that. To help savetime for more experienced programmers, we include a number of notes and asides that com-pare PHP with other languages and indicate which chapters and sections may be safelyskipped. Finally, see our appendixes, which offer specific advice for C programmers, ASPcoders, and pure-HTML designers.

This Book Is Not the ManualThe PHP Documentation Group has assembled a great online manual, located at www.php.netand served up (of course) by PHP. This book is not that manual or even a substitute for it. Wesee the book as complementary to the manual and expect that you will want to go back andforth between them to some extent.

In general, you’ll find the online manual to be very comprehensive, covering all aspects andfunctions of the language, but inevitably without a great amount of depth in any one topic. Bycontrast, we have the leisure of zeroing in on aspects that are most used or least understoodand give background, explanations, and lengthy examples.

How the Book Is OrganizedThis book is divided into five parts, as the following sections describe.

Part I: PHP: The BasicsThis part is intended to bring the reader up to speed on the most essential aspects of PHP,with complexities and abstruse features deferred to later Parts.

✦ Chapters 1 through 4 provide an introduction to PHP and tell you what you need toknow to get started.

✦ Chapters 5 through 10 are a guide to the most central facets of PHP (with the exceptionof database interaction): the syntax, the datatypes, and the most basic built-in functions.

✦ Chapter 11 is a guide to the most common pitfalls of PHP programming.

Part II: PHP and MySQLPart II is devoted both to MySQL and to PHP’s interaction with MySQL.

✦ Chapters 12 and 13 provide a general orientation to Web programming with SQLdatabases, including advice on how to choose the database system that is right for you.

✦ Chapter 14 covers installation and administration of MySQL databases, and Chapter 15is devoted to PHP functions for MySQL.

✦ Chapters 16 and 17 are detailed, code-rich case studies of PHP/MySQL interactions.

✦ Chapters 18 and 19 provide tips and gotchas specific to PHP/MySQL work.

01 557467 FM.qxd 4/5/04 11:09 AM Page xi

www.ebooks.org.in

xii Preface

Part III: Advanced Features and TechniquesIn this part we cover more advanced and abstruse features of PHP, usually as self-containedchapters, including object-oriented programming, session handling, exception handling, usingcookies, and regular expressions. Chapter 32 is a tour of debugging techniques, and Chapter33 discusses programming style.

Part IV: ConnectionsIn this part we cover advanced techniques and features that involve PHP talking to other services, technologies, or large bodies of code.

✦ Chapters 34 through 36 cover PHP’s interaction with other database technologies(PostgreSQL, Oracle, and the PEAR database abstraction layer).

✦ Chapters 37 through 42 cover self-contained topics: PHP and e-mail programs, combin-ing PHP with JavaScript, integrating PHP and Java, PHP and XML, PHP-based Web ser-vices, and creating graphics with the gd image library.

Part V: Case StudiesHere we present six extended case studies that wrap together techniques from various earlychapters.

✦ Chapter 43 takes you through the design and implementation of a weblog.

✦ Chapter 44 presents a user authentication system in detail.

✦ Chapter 45 shows how to build a rating system that lets users vote on content.

✦ Chapter 46 discusses a soup-to-nuts implementation of a novel trivia quiz game.

✦ Chapter 47 is a study of the process of converting a static HTML site to dynamic PHP.

✦ Chapter 48 uses the gd image library to visualize data from a MySQL database.

AppendixesAt the end, we offer three “quick-start” appendixes, for use by people new to PHP but veryfamiliar with either C (Appendix A), Perl (Appendix B), or pure HTML (Appendix C). If you arein any of these three situations, start with the appropriate appendix for an orientation toimportant differences and a guide to the book. The final appendix (D) is a guide to importantresources, Web sites, and mailing lists for the PHP community.

Conventions Used in This BookWe use a monospaced font to indicate literal PHP code. Pieces of code embedded in lines oftext look like this, while full code listing lines look as follows:

print(“this”);

If the appearance of a PHP-created Web page is crucial, we include a screenshot. If it is not,we show textual output of PHP in monospaced font. If we want to distinguish the PHP outputas seen in your browser from the actual output of PHP (which your browser renders), we callthe former browser output.

01 557467 FM.qxd 4/5/04 11:09 AM Page xii

www.ebooks.org.in

xiiiPreface

If included in a code context, italics indicate portions that should be filled in appropriately, asopposed to being taken literally. In normal text, an italicized term means a possibly unfamiliarword or phrase.

What the Icons MeanIcons similar to the following example are sprinkled liberally throughout the book. Their pur-pose is to visually set off certain important kinds of information.

Tip icons indicate PHP tricks or techniques that may not be obvious and that enable you toaccomplish something more easily or efficiently.

Note icons usually provide additional information or clarification but can be safely ignored ifyou are not already interested. Notes in this book are often audience-specific, targeted topeople who already know a particular programming language or technology.

Caution icons indicate something that does not work as advertised, something that is easilymisunderstood or misused, or anything else that can get programmers into trouble.

We use this icon whenever related information is in a different chapter or section.

The Web Site and Sample CodeAll the sample code from the book, as well as supplementary material we develop after presstime, can be found at our Web site at www.troutworks.com/phpbook. You can also find thesample code at www.wiley.com/compbooks/converse.

We want to hear from you! Please send us e-mail at phpbook@troutworks.com with com-ments, errata, kudos, flames, or any other communication that you care to send our way.

Cross-Reference

Caution

Note

Tip

01 557467 FM.qxd 4/5/04 11:09 AM Page xiii

www.ebooks.org.in

01 557467 FM.qxd 4/5/04 11:09 AM Page xiv

www.ebooks.org.in

Acknowledgments

This project began out of a conversation with Debra Williams Cauley, our acquisitions edi-tor at Wiley. She managed the project, found additional contributors, and maintained asense of humor as she insulated naive first-time authors from the harsh realities of the pub-lishing business. (For the next two editions, she insulated naive second-time and third-timeauthors, respectively.)

Sara Shlaer was the development editor who coordinated everything among the contributors,stayed on us to make the project not quite as late as it would otherwise have been, and cri-tiqued our drafts in detail, making some great saves along the way. Clark Morgan did themajority of the revision of previous material. David Wall and Chris Cornell each wrote novelchapters, revised previous chapters, and served as technical reviewers.

Thanks to the Webmasters of the PHP team for permission to reproduce a graph of PHPusage; the folks at Zend for permission to use screenshots of their Zend Studio product;Amazon.com for data in the Web services chapter; KnowNow, Inc., for permission to excerptcode originally owned by them; Mimi Yin for her fabo design work; Alex Selkirk for permis-sion to reproduce material from Opencortex.org; Tim Perdue for inspiration; Hoang Nguyenfor debugging help; and Jeff Barr of Syndic8.com for timely aid.

Our obvious thanks go to everyone who created PHP itself (Rasmus Lerdorf, Zeev Suraski, AndiGutmans, Thies Arntzen, Stig Bakken, Sascha Schumann, Andrei Zmievski, Sterling Hughes, WezFurlong, George Schlossnagle, Dan Libby, Sam Ruby, and a host of other contributors), the peo-ple who have documented PHP (Stig Bakken, Alexander Aulbach, Egon Schmid, Lars TorbenWilson, Jim Winstead, and others), and everyone on the PHP mailing list. Special thanks toRasmus, Sascha, and Richard Lynch for mailing-list answers to our own questions. Finally, bothConverse and Park would like thank their spouses for their support while this book was beingwritten and revised. In a very literal sense, we couldn’t have done it without them.

01 557467 FM.qxd 4/5/04 11:09 AM Page xv

www.ebooks.org.in

Contents at a GlancePreface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ixAcknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Part I: PHP: The Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Chapter 1: Why PHP and MySQL? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Chapter 2: Server-Side Web Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Chapter 3: Getting Started with PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Chapter 4: Adding PHP to HTML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53Chapter 5: Syntax and Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Chapter 6: Control and Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83Chapter 7: Passing Information between Pages . . . . . . . . . . . . . . . . . . . . . . . . . 119Chapter 8: Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Chapter 9: Arrays and Array Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157Chapter 10: Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191Chapter 11: Basic PHP Gotchas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

Part II: PHP and MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231Chapter 12: Choosing a Database for PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233Chapter 13: SQL Tutorial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245Chapter 14: MySQL Database Administration . . . . . . . . . . . . . . . . . . . . . . . . . . 259Chapter 15: PHP/MySQL Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279Chapter 16: Displaying Queries in Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295Chapter 17: Building Forms from Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311Chapter 18: PHP/MySQL Efficiency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337Chapter 19: PHP/MySQL Gotchas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351

Part III: Advanced Features and Techniques . . . . . . . . . . . . . . . . . . 363Chapter 20: Object-Oriented Programming with PHP . . . . . . . . . . . . . . . . . . . . . 365Chapter 21: Advanced Array Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409Chapter 22: String and Regular Expression Functions . . . . . . . . . . . . . . . . . . . . . 421Chapter 23: Filesystem and System Functions . . . . . . . . . . . . . . . . . . . . . . . . . 439Chapter 24: Sessions, Cookies, and HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455Chapter 25: Types and Type Conversions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479Chapter 26: Advanced Use of Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489Chapter 27: Mathematics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501Chapter 28: PEAR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

01 557467 FM.qxd 4/5/04 11:09 AM Page xvi

www.ebooks.org.in

Chapter 29: Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531Chapter 30: Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555Chapter 31: Exceptions and Error Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . 569Chapter 32: Debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583Chapter 33: Style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599

Part IV: Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621Chapter 34: PostgreSQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623Chapter 35: Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639Chapter 36: PEAR Database Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 669Chapter 37: E-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681Chapter 38: PHP and JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 703Chapter 39: PHP and Java . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719Chapter 40: PHP and XML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 731Chapter 41: Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757Chapter 42: Graphics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 775

Part V: Case Studies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 799Chapter 43: Weblogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 801Chapter 44: User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 819Chapter 45: A User-Rating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 857Chapter 46: A Trivia Game . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871Chapter 47: Converting Static HTML Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . 913Chapter 48: Data Visualization with Venn Diagrams . . . . . . . . . . . . . . . . . . . . . . 945

Appendix A: PHP for C Programmers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 967Appendix B: PHP for Perl Hackers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973Appendix C: PHP for HTML Coders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 979Appendix D: PHP Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 987

Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 997

01 557467 FM.qxd 4/5/04 11:09 AM Page xvii

www.ebooks.org.in

01 557467 FM.qxd 4/5/04 11:09 AM Page xviii

www.ebooks.org.in

ContentsPreface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix

Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Part I: PHP: The Basics 1

Chapter 1: Why PHP and MySQL? . . . . . . . . . . . . . . . . . . . . . . . . . . 3What Is PHP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3What Is MySQL? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4The History of PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4The History of MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Reasons to Love PHP and MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Ease of Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8HTML-embeddedness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Cross-platform compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Not tag-based . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Stability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Open source licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Many extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Fast feature development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Popularity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Not proprietary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Strong user communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Chapter 2: Server-Side Web Scripting . . . . . . . . . . . . . . . . . . . . . . . 19Static HTML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Client-Side Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Server-Side Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26What Is Server-Side Scripting Good for? . . . . . . . . . . . . . . . . . . . . . . . . . . 32Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Chapter 3: Getting Started with PHP . . . . . . . . . . . . . . . . . . . . . . . 35Hosting versus DIY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

The ISP option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35The self-hosting option: Pros and cons . . . . . . . . . . . . . . . . . . . . . . . 38Compromise solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

01 557467 FM.qxd 4/5/04 11:09 AM Page xix

www.ebooks.org.in

xx Contents

Installing PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39Before you can begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40Installation procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Development tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Chapter 4: Adding PHP to HTML . . . . . . . . . . . . . . . . . . . . . . . . . . 53Your HTML Is Already PHP-Compliant! . . . . . . . . . . . . . . . . . . . . . . . . . . . 53Escaping from HTML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Canonical PHP tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54Short-open (SGML-style) tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54Hello World . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Jumping in and out of PHP mode . . . . . . . . . . . . . . . . . . . . . . . . . . 56Including files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Chapter 5: Syntax and Variables . . . . . . . . . . . . . . . . . . . . . . . . . . 61PHP Is Forgiving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61HTML Is Not PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61PHP’s Syntax Is C-Like . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

PHP is whitespace insensitive . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62PHP is sometimes case sensitive . . . . . . . . . . . . . . . . . . . . . . . . . . 62Statements are expressions terminated by semicolons . . . . . . . . . . . . . 63Braces make blocks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66C-style multiline comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Single-line comments: # and // . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67PHP variables are Perl-like . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67Declaring variables (or not) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67Assigning variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67Reassigning variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68Unassigned variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68Variable scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69You can switch modes if you want . . . . . . . . . . . . . . . . . . . . . . . . . 70Constants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Types in PHP: Don’t Worry, Be Happy . . . . . . . . . . . . . . . . . . . . . . . . . . . 71No variable type declarations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71Automatic type conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71Types assigned by context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Type Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72The Simple Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Integers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Doubles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Booleans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75NULL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80Echo and print . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80Variables and strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

01 557467 FM.qxd 4/5/04 11:09 AM Page xx

www.ebooks.org.in

xxiContents

Chapter 6: Control and Functions . . . . . . . . . . . . . . . . . . . . . . . . . 83Boolean Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Boolean constants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Logical operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Comparison operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86The ternary operator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Branching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88If-else . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

Looping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Bounded loops versus unbounded loops . . . . . . . . . . . . . . . . . . . . . . 94While . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Do-while . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95For . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95Looping examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Break and continue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99A note on infinite loops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Alternate Control Syntaxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101Terminating Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102Using Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

Return values versus side effects . . . . . . . . . . . . . . . . . . . . . . . . . 105Function Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Headers in documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Finding function documentation . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Defining Your Own Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107What is a function? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107Function definition syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107Function definition example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108Formal parameters versus actual parameters . . . . . . . . . . . . . . . . . . 109Argument number mismatches . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Functions and Variable Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110Global versus local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Static variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112Exceptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Function Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115Include and require . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115Recursion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Chapter 7: Passing Information between Pages . . . . . . . . . . . . . . . . 119HTTP Is Stateless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119GET Arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120A Better Use for GET-Style URLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122POST Arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124Formatting Form Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Consolidating forms and form handlers . . . . . . . . . . . . . . . . . . . . . . 128Using array variables with forms . . . . . . . . . . . . . . . . . . . . . . . . . . 129

PHP Superglobal Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Extended Example: An Exercise Calculator . . . . . . . . . . . . . . . . . . . . . . . . 134Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

01 557467 FM.qxd 4/5/04 11:09 AM Page xxi

www.ebooks.org.in

xxii Contents

Chapter 8: Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Strings in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Interpolation with curly braces . . . . . . . . . . . . . . . . . . . . . . . . . . . 138Characters and string indexes . . . . . . . . . . . . . . . . . . . . . . . . . . . 138String operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Concatenation and assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . 139The heredoc syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

String Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Inspecting strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141Finding characters and substrings . . . . . . . . . . . . . . . . . . . . . . . . . 141Comparison and searching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Searching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Substring selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144String cleanup functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145String replacement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146Case functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148Escaping functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149Printing and output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Extended Example: An Exercise Calculator . . . . . . . . . . . . . . . . . . . . . . . . 151Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Chapter 9: Arrays and Array Functions . . . . . . . . . . . . . . . . . . . . . . 157The Uses of Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157What Are PHP Arrays? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Creating Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Direct assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160The array( ) construct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160Specifying indices using array( ) . . . . . . . . . . . . . . . . . . . . . . . . . . 161Functions returning arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Retrieving Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162Retrieving by index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162The list( ) construct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Multidimensional Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163Inspecting Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Deleting from Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165Iteration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

Support for iteration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165Using iteration functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Our favorite iteration method: foreach . . . . . . . . . . . . . . . . . . . . . . 167Iterating with current( ) and next( ) . . . . . . . . . . . . . . . . . . . . . . . . 168Starting over with reset( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Reverse order with end( ) and prev( ) . . . . . . . . . . . . . . . . . . . . . . . 171Extracting keys with key( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Empty values and the each( ) function . . . . . . . . . . . . . . . . . . . . . . 172Walking with array_walk( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

Extended Example: An Exercise Calculator . . . . . . . . . . . . . . . . . . . . . . . . 175Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Chapter 10: Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191Numerical Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191Mathematical Operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Arithmetic operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

01 557467 FM.qxd 4/5/04 11:09 AM Page xxii

www.ebooks.org.in

xxiiiContents

Arithmetic operators and types . . . . . . . . . . . . . . . . . . . . . . . . . . 192Incrementing operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Assignment operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194Comparison operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194Precedence and parentheses . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Simple Mathematical Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Randomness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196

Seeding the generator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197Example: Making a random selection . . . . . . . . . . . . . . . . . . . . . . . 199

Extended Example: An Exercise Calculator . . . . . . . . . . . . . . . . . . . . . . . . 200Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Chapter 11: Basic PHP Gotchas . . . . . . . . . . . . . . . . . . . . . . . . . . 209Installation-Related Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

Symptom: Text of file displayed in browser window . . . . . . . . . . . . . . . 209Symptom: PHP blocks showing up as text under HTTP

or browser prompts you to save file . . . . . . . . . . . . . . . . . . . . . . 210Symptom: Server or host not found/Page

cannot be displayed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Rendering Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

Symptom: Totally blank page . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Symptom: Document contains no data . . . . . . . . . . . . . . . . . . . . . . 211Symptom: Incomplete or unintended page . . . . . . . . . . . . . . . . . . . . 212Symptom: PHP code showing up in Web browser . . . . . . . . . . . . . . . . 214

Failures to Load Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215Symptom: Page cannot be found . . . . . . . . . . . . . . . . . . . . . . . . . . 215Symptom: Failed opening [file] for inclusion . . . . . . . . . . . . . . . . . . . 216

Parse Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Symptom: Parse error message . . . . . . . . . . . . . . . . . . . . . . . . . . . 216The missing semicolon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217No dollar signs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217Mode issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Unescaped quotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Unterminated strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Other parse error causes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

File Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Symptom: HTTP error 403 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

Missing Includes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Symptom: Include warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

Unbound Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221Symptom: Variable not showing up in print string . . . . . . . . . . . . . . . . 221Symptom: Numerical variable unexpectedly zero . . . . . . . . . . . . . . . . 221Causes of unbound variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

Overwritten Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223Symptom: The variable has a valid value, just not the one you expected . . 223

Function Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224Symptom: Call to undefined function my_function( ) . . . . . . . . . . . . . . 224Symptom: Call to undefined function ( ) . . . . . . . . . . . . . . . . . . . . . . 224Symptom: Call to undefined function array( ) . . . . . . . . . . . . . . . . . . 224Symptom: Cannot redeclare my_function( ) . . . . . . . . . . . . . . . . . . . 225Symptom: Wrong parameter count . . . . . . . . . . . . . . . . . . . . . . . . 225

01 557467 FM.qxd 4/5/04 11:09 AM Page xxiii

www.ebooks.org.in

xxiv Contents

Math Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225Symptom: Division-by-zero warning . . . . . . . . . . . . . . . . . . . . . . . . 225Symptom: Unexpected arithmetic result . . . . . . . . . . . . . . . . . . . . . 226Symptom: NaN (or NAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

Time-outs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

Part II: PHP and MySQL 231

Chapter 12: Choosing a Database for PHP . . . . . . . . . . . . . . . . . . . 233What Is a Database? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233Why a Database? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Maintainability and scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . 234Portability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234Avoiding awkward programming . . . . . . . . . . . . . . . . . . . . . . . . . . 234Searching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235N-tier architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235Potential downside: Performance . . . . . . . . . . . . . . . . . . . . . . . . . 235

Choosing a Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236You may not have a choice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236Flat-file, relational, object-relational . . . . . . . . . . . . . . . . . . . . . . . . 236ODBC/JDBC versus native API . . . . . . . . . . . . . . . . . . . . . . . . . . . 237Swappable databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

Advanced Features to Look For . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238A GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238Subquery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238SELECT INTO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239Complex joins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239Threading and locking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239Transactional databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239Procedures and triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240Indexes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240Foreign keys and integrity constraints . . . . . . . . . . . . . . . . . . . . . . 240Database replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

PHP-Supported Databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241Database Abstraction (or Not) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242Our Focus: MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

Chapter 13: SQL Tutorial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245Relational Databases and SQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245SQL Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246The Workhorses of SQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

SELECT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247INSERT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251UPDATE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251DELETE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252

01 557467 FM.qxd 4/5/04 11:09 AM Page xxiv

www.ebooks.org.in

xxvContents

Database Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252Privileges and Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

Setting database permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255Keep database passwords outside the Web tree . . . . . . . . . . . . . . . . . 256Use two layers of password protection . . . . . . . . . . . . . . . . . . . . . . 257Learn to make backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

Chapter 14: MySQL Database Administration . . . . . . . . . . . . . . . . . 259MySQL Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Installing MySQL: Moving to Version 4 . . . . . . . . . . . . . . . . . . . . . . . . . . 260

Preinstall considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260Downloading MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262Installing MySQL on Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . 262Installing MySQL on Unix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263Installing MySQL on Mac OS X . . . . . . . . . . . . . . . . . . . . . . . . . . . 264Post-installation housekeeping . . . . . . . . . . . . . . . . . . . . . . . . . . . 264Basic MySQL client commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 265

MySQL User Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265Local development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Standalone Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Shared-hosting Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

PHPMyAdmin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272Replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276

myisamchk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277mysqlcheck . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

Chapter 15: PHP/MySQL Functions . . . . . . . . . . . . . . . . . . . . . . . . 279Connecting to MySQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279Making MySQL Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281Fetching Data Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282Getting Data about Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284Multiple Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285Building in Error Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287Creating MySQL Databases with PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

MySQL data types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289MySQL Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

Chapter 16: Displaying Queries in Tables . . . . . . . . . . . . . . . . . . . . 295HTML Tables and Database Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

One-to-one mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296Example: A single-table displayer . . . . . . . . . . . . . . . . . . . . . . . . . 296The sample tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298Improving the displayer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

01 557467 FM.qxd 4/5/04 11:09 AM Page xxv

www.ebooks.org.in

xxvi Contents

Complex Mappings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302Multiple queries versus complex printing . . . . . . . . . . . . . . . . . . . . 302A multiple-query example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303A complex printing example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Creating the Sample Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

Chapter 17: Building Forms from Queries . . . . . . . . . . . . . . . . . . . . 311HTML Forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311Basic Form Submission to a Database . . . . . . . . . . . . . . . . . . . . . . . . . . 312Self-Submission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314Editing Data with an HTML Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322

TEXT and TEXTAREA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322CHECKBOX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324RADIO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327SELECT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

Chapter 18: PHP/MySQL Efficiency . . . . . . . . . . . . . . . . . . . . . . . . 337Connections — Reduce, Reuse, Recycle . . . . . . . . . . . . . . . . . . . . . . . . . 337

A bad example: One connection per statement . . . . . . . . . . . . . . . . . 338Multiple results don’t need multiple connections . . . . . . . . . . . . . . . . 338Persistent connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

Indexing and Table Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340Indexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340Everything including the kitchen sink . . . . . . . . . . . . . . . . . . . . . . . 342Other types of indexes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343Table design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344

Making the Database Work for You . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345It’s probably faster than you are . . . . . . . . . . . . . . . . . . . . . . . . . . 345A bad example: Looping, not restricting . . . . . . . . . . . . . . . . . . . . . 345Creating date and time fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347Finding the last inserted row . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

Chapter 19: PHP/MySQL Gotchas . . . . . . . . . . . . . . . . . . . . . . . . . 351No Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351Problems with Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353Unescaped Quotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354Broken SQL Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356

Misspelled names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358Comma faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358Unquoted string arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358Unbound variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359

Too Little Data, Too Much Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359Specific SQL Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360

mysql_affected_rows( ) versus mysql_num_rows( ) . . . . . . . . . . . . . . . 360mysql_result( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361OCIFetch( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361

Debugging and Sanity Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

01 557467 FM.qxd 4/5/04 11:09 AM Page xxvi

www.ebooks.org.in

xxviiContents

Part III: Advanced Features and Techniques 363

Chapter 20: Object-Oriented Programming with PHP . . . . . . . . . . . . . 365What Is Object-Oriented Programming? . . . . . . . . . . . . . . . . . . . . . . . . . 365

The simple idea . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366Elaboration: Objects as datatypes . . . . . . . . . . . . . . . . . . . . . . . . . 367Elaboration: Inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367Elaboration: Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369Elaboration: Constructors and destructors . . . . . . . . . . . . . . . . . . . . 369Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

Basic PHP Constructs for OOP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371Defining classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371Accessing member variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372Creating instances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372Constructor functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372Inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373Overriding functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375Chained subclassing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375Modifying and assigning objects . . . . . . . . . . . . . . . . . . . . . . . . . . 377Scoping issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377

Advanced OOP Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378Public, Private, and Protected Members . . . . . . . . . . . . . . . . . . . . . 378Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380Constants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380Abstract Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381Simulating class functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381Calling parent functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382Automatic calls to parent constructors . . . . . . . . . . . . . . . . . . . . . . 384Simulating method overloading . . . . . . . . . . . . . . . . . . . . . . . . . . 384Serialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385

Introspection Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387Function overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387Example: Class genealogy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390Example: Matching variables and DB columns . . . . . . . . . . . . . . . . . . 392Example: Generalized test methods . . . . . . . . . . . . . . . . . . . . . . . . 395

Extended Example: HTML Forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398Gotchas and Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404

Symptom: Member variable has no value in member function . . . . . . . . . 404Symptom: Parse error, expecting T_VARIABLE ... . . . . . . . . . . . . . . . . 405

OOP Style in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405Naming conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405Accessor functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405Designing for inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407

Chapter 21: Advanced Array Functions . . . . . . . . . . . . . . . . . . . . . 409Transformations of Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409

Retrieving keys and values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410Flipping, reversing, and shuffling . . . . . . . . . . . . . . . . . . . . . . . . . . 410Merging, padding, slicing, and splicing . . . . . . . . . . . . . . . . . . . . . . 412

Stacks and Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415

01 557467 FM.qxd 4/5/04 11:09 AM Page xxvii

www.ebooks.org.in

xxviii Contents

Translating between Variables and Arrays . . . . . . . . . . . . . . . . . . . . . . . . 416Sorting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417Printing Functions for Visualizing Arrays . . . . . . . . . . . . . . . . . . . . . . . . . 418Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419

Chapter 22: String and Regular Expression Functions . . . . . . . . . . . . 421Tokenizing and Parsing Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421Why Regular Expressions? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424

Regex in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424An example of POSIX-style regex . . . . . . . . . . . . . . . . . . . . . . . . . . 425Regular expression functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426

Perl-Compatible Regular Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . 427Example: A Simple Link-Scraper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430

The regular expression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430Using the expression in a function . . . . . . . . . . . . . . . . . . . . . . . . . 432

Advanced String Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434HTML functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434Hashing using MD5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435Strings as character collections . . . . . . . . . . . . . . . . . . . . . . . . . . 436String similarity functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438

Chapter 23: Filesystem and System Functions . . . . . . . . . . . . . . . . . 439Understanding PHP File Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . 439File Reading and Writing Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440

File open . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441File read . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443Constructing file downloads by using fpassthru( ) . . . . . . . . . . . . . . . . 444File write . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445File close . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446

Filesystem and Directory Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447feof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447file_exists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447filesize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447

Network Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450Syslog functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450DNS functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450Socket functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450

Date and Time Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451If you don’t know either date or time . . . . . . . . . . . . . . . . . . . . . . . 451If you’ve already determined the date/time/timestamp . . . . . . . . . . . . . 452

Calendar Conversion Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454

Chapter 24: Sessions, Cookies, and HTTP . . . . . . . . . . . . . . . . . . . . 455What’s a Session? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455

So what’s the problem? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455Why should you care? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456

Home-Grown Alternatives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456Hidden variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457Cookie-based homegrown sessions . . . . . . . . . . . . . . . . . . . . . . . . 457

01 557467 FM.qxd 4/5/04 11:09 AM Page xxviii

www.ebooks.org.in

xxixContents

How Sessions Work in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458Making PHP aware of your session . . . . . . . . . . . . . . . . . . . . . . . . . 459Propagating session variables . . . . . . . . . . . . . . . . . . . . . . . . . . . 459Where is the data really stored? . . . . . . . . . . . . . . . . . . . . . . . . . . 461

Sample Session Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462Session Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465Configuration Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468Cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469

The setcookie( ) function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471Deleting cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472Reading cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472register_globals and variable overwriting . . . . . . . . . . . . . . . . . . . . 473Cookie pitfalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474

Sending HTTP Headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475Example: Redirection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476Example: HTTP authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . 476Header gotchas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477

Gotchas and Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478

Chapter 25: Types and Type Conversions . . . . . . . . . . . . . . . . . . . . 479Type Round-up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

What are resources? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480How to handle resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

Type Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481Assignment and Coercion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481

Integer overflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486Finding the largest integer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487

Chapter 26: Advanced Use of Functions . . . . . . . . . . . . . . . . . . . . . 489Variable Numbers of Arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489

Default arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489Arrays as multiple-argument substitutes . . . . . . . . . . . . . . . . . . . . . 490Multiple arguments in PHP4 and above . . . . . . . . . . . . . . . . . . . . . . 491

Call-by-Value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493Call-by-Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493Variable Function Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495An Extended Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499

Chapter 27: Mathematics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501Mathematical Constants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501Tests on Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502Base Conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503Exponents and Logarithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506Trigonometry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507Arbitrary Precision (BC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511

An arbitrary-precision example . . . . . . . . . . . . . . . . . . . . . . . . . . 512Converting code to arbitrary-precision . . . . . . . . . . . . . . . . . . . . . . 513

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515

01 557467 FM.qxd 4/5/04 11:09 AM Page xxix

www.ebooks.org.in

xxx Contents

Chapter 28: PEAR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517What Is PEAR? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517The PEAR Package System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518

A sampling of PEAR packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518How the PEAR database works . . . . . . . . . . . . . . . . . . . . . . . . . . . 519The Package Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519Using the Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523

PHP Foundation Classes (PFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525PHP Extension Code Library (PECL) . . . . . . . . . . . . . . . . . . . . . . . . . . . 525The PEAR Coding Style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525

Indenting, whitespace, and line length . . . . . . . . . . . . . . . . . . . . . . 526Formatting control structures . . . . . . . . . . . . . . . . . . . . . . . . . . . 526Formatting functions and function calls . . . . . . . . . . . . . . . . . . . . . . 528

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528

Chapter 29: Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531Possible Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532

Site defacement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532Accessing source code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533Reading arbitrary files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535Running arbitrary programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537Viruses and other e-critters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538E-mail safety . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539

Register Globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540File Uploads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545

Public-key encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545Single-key encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546Encrypting cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549Digitally signing files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550Secure Sockets Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551

FYI: Security Web Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552

Chapter 30: Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555Viewing Environment Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555Understanding PHP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555

Compile-time options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556CGI compile-time options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559Apache configuration files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561The php.ini file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563

Improving PHP Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568

Chapter 31: Exceptions and Error Handling . . . . . . . . . . . . . . . . . . . 569Error Handling in PHP5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569

Errors and exceptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569The Exception class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571The try/catch block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572Throwing an exception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572

01 557467 FM.qxd 4/5/04 11:09 AM Page xxx

www.ebooks.org.in

xxxiContents

Defining your own Exception subclasses . . . . . . . . . . . . . . . . . . . . . 573Limitations of Exceptions in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . 575

Other Methods of Error Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576Native PHP errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576Defining an error handler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578Triggering a user error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579

Logging and Debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581

Chapter 32: Debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583General Troubleshooting Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583

Change one thing at a time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583Try to isolate the problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584Simplify, then build up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584Check the obvious . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584Document your solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584After fixing, re-test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584

A Menagerie of Bugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584Compile-time bugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585Run-time bugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585Logical bugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585

Using Web Server Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585Apache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585IIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587

PHP Error Reporting and Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587Error reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587Error logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 588Choosing which errors to report or log . . . . . . . . . . . . . . . . . . . . . . 588

Error-Reporting Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589Diagnostic print statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589Using print_r( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590Using syslog( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590Logging to a custom location . . . . . . . . . . . . . . . . . . . . . . . . . . . . 592Using error_log( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 592

Visual Debugging Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593Avoiding errors in the first place . . . . . . . . . . . . . . . . . . . . . . . . . . 594Finding errors when they occur . . . . . . . . . . . . . . . . . . . . . . . . . . 595

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596

Chapter 33: Style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599The Uses of Style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599Readability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 600

Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602PHPDoc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602File and variable names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603Uniformity of style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605

Maintainability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605Avoid magic numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606Include files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606Object wrappers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607Consider using version control . . . . . . . . . . . . . . . . . . . . . . . . . . . 607

01 557467 FM.qxd 4/5/04 11:09 AM Page xxxi

www.ebooks.org.in

xxxii Contents

Robustness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607Unavailability of service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608Unexpected variable types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608

Efficiency and Conciseness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608Efficiency: Only the algorithm matters . . . . . . . . . . . . . . . . . . . . . . 609Efficiency optimization tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609Conciseness: The downside . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 610Conciseness tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 611

HTML Mode or PHP Mode? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613Minimal PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613Maximal PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614Medium PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615The heredoc style . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616

Separating Code from Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618Cascading style sheets in PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . 618Templates and page consistency . . . . . . . . . . . . . . . . . . . . . . . . . . 618

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 620

Part IV: Connections 621

Chapter 34: PostgreSQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623Why Choose PostgreSQL? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623Why Object-Relational Anyway? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624Installing PostgreSQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624

Linux installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625But is it a database yet? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626

Down to Real Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627PHP and PostgreSQL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629The Cartoons Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 630Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 637

Chapter 35: Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639When Do You Need Oracle? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639

Money . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 640Other rivalrous resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 640Huge data sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 640Lots of big formulaic writes or data munging . . . . . . . . . . . . . . . . . . . 640Triggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641Legal liability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641Bottom line: Two-year outlook . . . . . . . . . . . . . . . . . . . . . . . . . . . 641

Oracle and Web Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641Specialized team members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642Shared development databases . . . . . . . . . . . . . . . . . . . . . . . . . . 642Limited schema changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642Tools (or lack thereof) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642Replication and failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642Data caching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643

Using OCI8 Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643Escaping strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644Parsing and executing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644

01 557467 FM.qxd 4/5/04 11:09 AM Page xxxii

www.ebooks.org.in

xxxiiiContents

Error reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644Memory management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644Ask for nulls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644Fetching entire data sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645All caps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645Transactionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645Stored procedures and cursors . . . . . . . . . . . . . . . . . . . . . . . .