Javascript is executed on the client side. This means it has no access to any
information held on the web server such as files on the web server or databases on
the web server. To access this information, we use a server-side language, in this case,
PHP.
This course teaches a particular style of interacting with the server-side script.
In this course, the server-side script is kept separate from the client-side script
and information is accessed by JavaScript using JSON. This isn't the only way
of communicating with the server-side script, but it keeps the two languages
separated which may be conceptually easier for students to understand.
PHP variables are always named beginning with a dollar sign ($). Like Javascript, they
are untyped.
The PHP concatenation operator is the period (.). Unlike Javascript, PHP has an
integer division operator called intdiv.
Otherwise, PHP operations behave similarly to that of other languages descended from
BCPL like C, C++, Java, C#, or Javascript.
You can send input to a PHP file as a URL get. Basically, you reference the
PHP file put a question mark in the end and follow with a list of variable value pairs
separated by an ampersand (&). For example: runthis.php?arg1=value1&arg2=value2.
The code example below is activated by saying introdemo.php?inputvar=<whatever
you want>.
PHP uses the function strlen() to calculate the length of a string.
Here is a piece of example PHP code:
To demonstrate this code, enter a value into the textbox below, then hit the process button.
What PHP calls an array is really an ordered map. If you do not specify what the item
maps to, it will map to a numeric index like a regular array. However, you can explicitly
identify a mapping in-lieu of this.
JSON is a standard format used for data exchange between web objects. We use json_encode
to transform a piece of data into the JSON format to prepare it for interchange.
The below example creates an array, shows the mapping and then transforms it into JSON format.
To connect to a database in PHP, you create a PHP Data Object (PDO), by telling
PHP the data source name (the type of database and the name of the database),
your username and password. You then prepare an SQL statement and execute it.
Finally, you fetch the results of the query into a variable.
The below example queries the Amazonia database and retrieves all entries
in the bookcat table.
In most cases when you query a database, you want to modify the search with various parameters.
For example, you might want to search for a customer by ID or name.
In PHP, you do this by marking the search location in the SQL query with a marker prefaced by a colon
(:marker). You then map each marker to a PHP variable using bindParam. BindParam
takes three arguments- the marker to bind, the variable to bind to, and the data type
of the binding. Once done, you use the execute method to run the query.
The below example illustrates this on the Amazonia database by searching for books by title.
To demonstrate this code, enter a title into the textbox below.
Insertion, updating and deletion of database entries works in the exact same way
as selection of records. You just create a PDO instantiation, prepare the appropriate
SQL statement, bindParams as necessary, and then execute it.
To preserve security, passwords should not be stored in plain text.
Instead, use a one-way hash algorithm to store passwords in an unreadable form.
In a one way hash, it is possible to verify a piece of plain text matches
a piece of encrypted text, but it is not possible to reverse-engineer the
plain text from the encrypted text.
Use password_hash to encrypt a password for storage on the computer. PASSWORD_BCRYPT
uses a variant of the Blowfish encryption algorithm to secure the password. Use
password_verify to test the plain text password against the encrypted one.
The below example illustrates comparing an encrypted password against a plain text one.
Press the compare button to do the actual comparison.
Sessions are a way to preserve information across web pages.
You initiate or recall a session in PHP with session_start().
Variables you want to preserve across pages are stored in $_SESSION[].
In the below example, the "status" variable is used to track
the login status of the user. When this variable has a value "login_successful"
the user is logged in. Otherwise, the user is forced to go to a password page
to log in.