PHP Tips and Tricks Jack Herrington Author of PHP Hacks

Overview PHP Basics Page tricks Database tricks Architecture tricks Security tricks References

PHP Advantages

Easy programming for the web Meant to enhance pages Now competes with Java and .NET

Architecture

Apache

IIS

mod_php

php5.dll

PHP Pages

PHP Pages

Disk

Disk

L.A.M.P Linux Apache MySQL PHP, Perl, Ruby, etc.

Features Lightweight Perl/C style syntax Scales from tiny scripts to advanced OO Runs on the command line Runs everywhere

Syntax basics

Simple PHP Page Hello !

Some demos

PEAR Module repository, similar to CPAN Migrating from the core to PEAR Invaluable in projects User contributions welcome

Applications phpBB - Forums phpMyAdmin - Database management wordPress - Blog drupal - Content management/blog/etc. phpNuke - Content management

Page Tricks

Using functions for headers and footers SMARTY Ajax

Headers and Footers Simple PHP Page

Some content here.

SMARTY Another level of templating Increased maintainability Separates business logic from display SMARTY.php.net

AJAX Rich Internet Applications DHTML + HTTP Fetch Client side coding and XML reports TinyAjax - PHP 5 Ajax library AJAXIAN.com

Database Tricks Using PEAR Auto-Generating Primary Keys Using XML for extra data Generating the SQL

XML Blobs Extensible fields made easy Optional fields only Wrapped by classes which account for missing values Not easily searchable

Generating SQL XML Definition

XML Definition

PHP Code Generator

XSLT Processor

SQL

SQL

Database

Database

XSLT Style Sheet

Architecture Tricks

Logical Three Tier Architecture Dynamic Objects Code Generation

Three Tier Architecture

Pages

Pages

Business Logic Classes

Business Logic Classes

Pages

Database Database

Database

Smarty Templates

Dynamic Objects New Magic Methods in PHP 5 Wraps any data or methods dynamically Excellent for database access Ideal for web services WASP.sourceforce.net

Code Generation XML Definition

PHP Code Generator

SQL

Database

Database Access Logic

CRUD Pages

Security Tricks No globals No plain text passwords Watching for tainted input Avoiding cross-site scripting Hardened PHP

References PHP.net PEAR.php.net ZEND.com PHPHELP.com PHPFREAKS.com