Web Application Development with PHP 4.0 00 9971 FM 6/16/00 7:24 AM Page i MySQL Paul DuBois, 0-7357-0921-1 A UML Pattern Language Paul Evitts, 1-57870-118-X Constructing Superior Software Paul Clements, 1-57870-147-3 Python Essential Reference David Beazley, 0-7357-0901-7 KDE Application Development Uwe Thiem, 1-57870-201-1 Developing Linux Applications with GTK+ and GDK Eric Harlow, 0-7357-0021-4 GTK+/Gnome Application Development Havoc Pennington, 0-7357-0078-8 DCE/RPC over SMB: Samba and Windows NT Domain Internals Luke Leighton, 1-57870-150-3 Linux Firewalls Robert Ziegler, 0-7357-0900-9 Linux Essential Reference Ed Petron, 0-7357-0852-5 Linux System Administration Jim Dennis, M. Carling, et al, 1-556205-934-3 Other Books by New Riders Publishing 00 9971 FM 6/16/00 7:24 AM Page ii 201 West 103rd Street, Indianapolis, Indiana 46290 Tobias Ratschiller Till Gerken With contributions by Zend Technologies, LTD Zeev Suraski Andi Gutmans Web Application Development with PHP 4.0 00 9971 FM 6/16/00 7:24 AM Page iii Publisher David Dwyer Executive Editor Al Valvano Managing Editor Gina Brown Product Marketing Manager Stephanie Layton Publicity Manager Susan Petro Acquisitions Editors Ann Quinn Alan Bower Stacey Beheler Nancy Maragioglio Editor Robin Drake Indexer Cheryl Lenser Manufacturing Coordinator Chris Moos Book Designer Louisa Klucznik Cover Designer Aren Howell Composition Amy Parker Proofreader Jessica McCarty Web Application Development with PHP 4.0 By:Tobias Ratschiller and Till Gerken Copyright © 2000 by New Riders Publishing FIRST EDITION: July, 2000 All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. International Standard Book Number: 0-7357-0997-1 Library of Congress Catalog Card Number: 00-100402 04 03 02 01 00 7 6 5 4 3 2 1 Interpretation of the printing code:The rightmost double- digit number is the year of the book’s printing; the right- most single-digit number is the number of the book’s printing. For example, the printing code 00-1 shows that the first printing of the book occurred in 2000. Composed in Bembo and MCPdigital by New Riders Publishing Printed in the United States of America Trademarks All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capital- ized. New Riders Publishing cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.Windows and Microsoft are registered trademarks of Microsoft Corporation. Warning and Disclaimer This book is designed to provide information about PHP. Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information is provided on an as-is basis.The authors and New Riders Publishing shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the discs or programs that may accompany it. 00 9971 FM 6/16/00 7:24 AM Page iv v Contents Foreword xiii Introduction xv Target Audience xvi Prerequisites xvii Organization of This Book xvii Conventions Used in This Book xviii I Advanced PHP 1 1 Development Concepts 3 PHP for Me? 3 The Importance of Planning 4 Coding Conventions 6 Using Files to Group Functions 24 Writing Documentation 25 An API Design Example 26 Summary 30 2 Advanced Syntax 31 PHP Syntax 31 Defining Constants 32 Array Functions 33 PHP and OOP 41 Linked Lists 53 Associative Arrays 63 Polymorphism and Self-Modifying Code 78 Summary 87 3 Application Design: A Real-Life Example 89 Project Overview 90 Comparing Technologies 91 IRC Network Basics 95 00 9971 FM 6/16/00 7:24 AM Page v Fitting the Application into the Network 97 Interfacing the Network 99 Administration and Security 117 Implementation 119 Summary 119 II Web Applications 121 4 Web Application Concepts 123 HTTP and Sessions 123 Security Considerations 140 Why Usability Matters 158 Summary 166 References 166 5 Basic Web Application Strategies 167 The PHP Normal Form 168 Project Layout 175 CVS: Concurrent Versions System 178 Three-Tier Applications 191 Summary 198 6 Database Access with PHP 199 PHPLib:The PHP Base Library 200 Database Abstraction 202 Authentication 213 Summary 224 7 Cutting-Edge Applications 225 Knowledge Repositories 226 PHP and XML 238 Interchanging Data with WDDX 270 Summary 276 vi Contents 00 9971 FM 6/16/00 7:24 AM Page vi 8 Case Studies 277 BizChek.com 277 SixCMS 281 MarketPlayer.com 285 Summary 290 References 290 III Beyond PHP 291 9 Extending PHP 4.0: Hacking the Core of PHP 293 Overview 294 What Is Zend? and What Is PHP? 294 Extension Possibilities 295 Source Layout 297 PHP’s Automatic Build System 301 Creating Extensions 303 Compiling Modules 304 Using Extensions 306 Troubleshooting 308 Source Discussion 308 Accepting Arguments 317 Creating Variables 329 Objects 338 Resources 339 Macros for Automatic Global Variable Creation 340 Duplicating Variable Contents:The Copy Constructor 342 Returning Values 343 Printing Information 345 Startup and Shutdown Functions 348 Calling User Functions 349 Where to Go from Here 353 Reference: Some Configuration Macros 354 vii Contents 00 9971 FM 6/16/00 7:24 AM Page vii About the Authors Tobias Ratschiller is a new media consultant based in Italy.With extensive knowledge of software development, database design, and content-management sys- tems, he specializes in the creation of large-scale, dynamic Web sites. He has provided consulting and implementation services for some of the world’s largest Web sites and has contributed to several books and articles on PHP. He teaches at seminars through- out Europe and is a frequent speaker at leading conferences. Till Gerken is a freelance developer and consultant for various companies, focusing on the creation of Web applications for Internet-based services. His background ranges from using C/C++, Pascal, and x86 Assembler to create such high-performance multimedia systems as 3D engines and real-time sound mixers, to using PHP and its associated tools to create medium- to large-scale, dynamic Web sites. viii 00 9971 FM 6/16/00 7:24 AM Page viii ix About the Technical Reviewer Graeme Merrall contributed his considerable hands-on expertise to the entire development process for Web Application Development with PHP 4.0.As the book was being written, he reviewed all the material for technical content, organization, and flow. His feedback was critical to ensuring that Web Application Development with PHP 4.0 fits our readers’ need for the highest quality technical information. Graeme originally graduated in 1993 with a degree in biochemistry. During his university studies, he discovered the Internet while it was still very much in its infancy.This led him away from biochemistry into employment with an ISP and later with a leading Web design firm in New Zealand, where he developed his skills in PHP and ASP. As well as programming, Graeme has written for the local newspaper in his former home town in New Zealand and has produced several tutorials and articles on PHP for Wired Digital’s Web Monkey. Born and raised in New Zealand, Graeme currently resides in Sydney, where he runs his own consultancy, specializing in e-commerce and business integration with the Internet. In his spare time, he enjoys modern literature, music, and crocodile wrestling. About Zend Technologies, LTD. The Zend Engine is the basic scripting engine that drives PHP. Owned by Zend Technologies, LTD, the engine is licensed to PHP for free use under the Q Public license.The Zend engine brings to PHP performance, reliability, and an easy-to-use scripting interface. The history of the Zend Engine began four years ago when the company founders, Zeev Suraski and Andi Gutmans, joined the core development team of PHP and wrote the scripting engine of PHP, which is installed on over a million hosts today. Now, with the introduction of PHP 4.0, the Zend Engine has matured into a versatile scripting engine, and Andi Gutmans and Zeev Suraski are engaged in devel- oping a host of products for enhancing PHP’s performance and commercial value. 00 9971 FM 6/16/00 7:24 AM Page ix Acknowledgments We’d like to say “thank you” to the staff at New Riders:You’ve probably had a hard time with us, and we appreciate your friendliness and professional handling. Robin Drake, our editor, deserves special thanks for her patience with us.Thanks as well to our technical editor, Graeme Merrall, and acquisitions editor, Ann Quinn. The following people have helped us during various stages of this book, and we’d like to thank them as well: Alan Bower, Nancy Maragioglio, Jakob Nielsen, Kristian Koehntopp, Zeev Suraski, Andi Gutmans, Leon Atkinson, Alexander Aulbach, Uwe Steinmann, Boaz Yahav, and Rafi Ton.We’d also like to thank the authors of our case studies. Finally, thanks to SoftQuad for providing their excellent XMetaL XML editor for use in writing and editing the text. Acknowledgments from Tobias The person who deserves the most thanks is Till Gerken, of course, who was a great coauthor.We’ve spent thousands (or so) of hours on IRC, reviewing chapters, writing and fixing code—and having fun. It was hard work, but we had a great time. Thanks to all folks on Efnet’s #php—they’re a great community, and it’s fun hang- ing out there. If you have the chance, stop by and say hello to tigloo (Till) and Yapa (that’s me). Everyone on IRC was helpful, and Zeev was especially patient in answer- ing our questions. Thanks to Robert Finazzer, who has provided valuable business advice over the last few years, and has always been understanding when I’ve written articles or books instead of working with him on multimillion-dollar ventures. Greetings to the rest of the team at Profi Online Service, and of course Joachim Marangoni. Acknowledgments from Till I hardly thought that I would ever get to the point of writing this section, but now it’s here.With it, I am finishing a project on which I spent a lot of time and energy dur- ing the past year. I must admit that I sometimes thought that we wouldn’t make it, and I’m proud now at seeing it on the shelf. Because of this, the first person I have to mention is Tobias Ratschiller, who origi- nally pulled me into the PHP business. From the very start he had an overwhelming faith in me and showed endless patience while working with me. He was a five-star coauthor and I’m glad I had the opportunity to write this book with him. Even when I was sometimes unhappy with my material, he never had a lack of good suggestions. As he already said, we spent endless hours on IRC, criticizing and fixing up each other’s text and code, not to mention all the emails. It was definitely a lot of fun! x 00 9971 FM 6/16/00 7:24 AM Page x [...]... cases: n n n You have already developed applications with PHP, and want to take your skills to the next level You have experience with other programming languages and want to develop Web applications with PHP You’re an expert with PHP and want to extend PHP s feature set on your own You don’t need to be a PHP wizard to read this book, but you should be familiar with PHP s syntax, or have good knowledge... 5—Basic Web Application Strategies This chapter discusses more fundamentals of Web applications All Web applications process form input, for example, or deal with separation of layout and code Moving on from these topics, this chapter also introduces you to effective team development by giving an overview of version control with CVS Finally, it discusses multi-tier applications, COM, and Java from a PHP. .. Technology, who encouraged Andi and me to cooperate with Rasmus Lerdorf, the author of PHP/ FI 1.0 and 2.0; Rasmus Lerdorf, who was very happy to cooperate with us to make PHP 3.0 the official PHP/ FI 2.0 successor; The PHP Group and the entire team of PHP developers, without which PHP wouldn’t have been the excellent tool it is today; and finally, the PHP community, which has proven to be an endless resource... Access with PHP Without databases ,Web applications are not possible Chapter 6 presents the PHPLib as a tool for vendor-independent database access, and gives an overview about its other features, such as session management, user authentication, and permission management Chapter 7—Cutting-Edge Applications By developing a complete knowledge repository using PHPLib, this chapter familiarizes you with PHPLib’s... modular, plug-in-enabled applications Chapter 4 Web Application Concepts Session management, security considerations and authentication, and usability form the base of every Web application .Web applications aren’t possible without proper session management.You have to find a way to recognize users during multiple page requests if you want to associate variables like a shopping cart with one specific user... than 20 books about PHP have been published in different languages, with more in the pipeline Commercial players are beginning to join the bandwagon: PHP is included with Web servers, for example C2’s Stronghold, and Linux distributions A new company, Zend Technologies, has been formed to provide commercial add-ons and support for PHP A long list of large-scale Web sites employ PHP, as well as hundreds... companies using PHP successfully in high-demand scenarios Chapter 9—Extending PHP 4.0: Hacking the Core of PHP Are more than 1,200 functions still not enough for you? No problem, because this chapter is the official documentation on extending PHP If you know some C, Chapter 9 gives you some condensed insight into the internals of PHP 4.0, and shows you how to write your own modules to extend PHP s functionality... management and database access.You’ll also find three case studies of successful PHP projects here, to help you convince your IT managers The third part of the book, “Beyond PHP, ” is for readers who want to go beyond what’s currently available with PHP, and explains how to extend PHP with C.This is the official documentation on extending PHP, as approved by Zend Technologies In detail, the following topics are... pushed PHP beyond our wildest dreams and expectations PHP is being used today on well over a million domains on the Internet, and is the tool of choice for server-side scripting in UNIX environments PHP 4.0 is the next step in ensuring that PHP remains on the cutting edge of Web scripting technologies for years to come.The Zend engine (www.zend.com) revolutionizes the performance and scalability of PHP- based... into play.We hope to provide software developers with some guidelines on better PHP and Web application software development Many technologies are available today, and you can only fully utilize them if you understand the fundamental principles behind the development process, and if you develop problem-solving skills.Typical reference manuals don’t help with those issues Target Audience If you’re new . Web Application Development with PHP 4. 0 00 9971 FM 6/16 /00 7: 24 AM Page i MySQL Paul DuBois, 0- 7357 -09 21-1 A UML Pattern Language Paul Evitts, 1-578 70- 118-X Constructing. 1-578 70- 147 -3 Python Essential Reference David Beazley, 0- 7357 -09 01-7 KDE Application Development Uwe Thiem, 1-578 70- 201 -1 Developing Linux Applications with GTK+ and GDK Eric Harlow, 0- 7357 -00 21 -4 GTK+/Gnome. Street, Indianapolis, Indiana 46 2 90 Tobias Ratschiller Till Gerken With contributions by Zend Technologies, LTD Zeev Suraski Andi Gutmans Web Application Development with PHP 4. 0 00 9971 FM 6/16 /00 7: 24 AM Page