PHP 5.4

By W. Jason Gilmore

PHP is the world's most popular server-side Web scripting language, sporting a syntax simple enough to attract novice programmers yet powerful enough to run some of the world's most popular websites, among them Yahoo!, Facebook, GameSpy, and Vimeo.

This reference card was created to help you quickly navigate some of PHP's most commonplace features, including objectoriented programming, array and string manipulation, regular expressions, and MySQL integration.

PHP's behavior can be configured at a variety of levels:

Global Configuration

The php.ini file is PHP's configuration fi le, containing more than 200 directives capable of tweaking nearly every aspect of the language's behavior. This fi le is parsed every time PHP is invoked, which for the server module version occurs only when the web server starts, and every time for the CGI version.

Host- and Directory-specific Configuration

If you lack access to the php.ini fi le, you may be able to change desired directives within Apache's httpd.conf or .htaccess files. For instance, to force the display of all PHP errors for solely your development domain (for instance http://dev.wjgilmore.com), add the following to a .htaccess file:

php_fl ag display_errors on

Script-specific Configuration Occasionally you'll want to tweak directives on a per-script basis. For instance to change PHP's maximum allowable execution time for a script tasked with uploading large fi les, you could call the ini_set() function from within your PHP script like so:

ini_set('max_execution_time', 60);

Changing the PHP File Extension

PHP's default fi le extension is .php, however you can change it to whatever you please by adding the desired extension to the AddType directive within Apache's httpd.conf fi le. For instance to configure Apache to recognize .dzone as a supported PHP file extension:

AddType application/x-httpd-php .php .dzone

The PHP Extension Application Repository (PEAR) is the de facto service for distributing reusable PHP components. Over 500 packages are available for download from http://pear.php.net/, including these popular solutions:

Web frameworks help the programmer to embrace best practices, simultaneously decreasing errors and eliminating redundant code. If you haven't yet settled upon a framework, consider checking out one or several of the following popular solutions:

Creating a Class

A class defines the behavior and characteristics of an entity you'd like to represent in an application. A sample class follows:

class RadioStation {

private $_id;

private $_name;

private $_frequency;

private $_band;

private $_audioStream;

public function setBand($band) {

$this->_band = $band;

}

public function getBand() {

return $this->_band;

}

...

}

Object Instantiation

To create an instance of a class (known as an object), you call the class name like you would a function, preceding it with the new keyword:

$wtvn = new RadioStation();

Class Constructors

Constructors are useful for performing initialization tasks at class instantiation time, thereby saving you the hassle of calling additional class methods. Constructors are declared using the __construct() method, like so:

function __construct($id="") {

// If specifi c station ID is requested, retrieve it

from the database

if (isset($id))

$this->fi nd($id);

}

Class Destructors

Custom class destructors can perform tasks when the object is destroyed. You can create a destructor using the __destruct() method:

function __destruct() {

printf("The radio station %s has been destroyed!",

$this->name);

}

Attribute and Method Visibility

PHP supports three levels of attribute and method visibility:

Class Constants

Class constants are defi ned with the const keyword, and can be referenced through the scope resolution operator (::). For instance, to define a constant identifying the RadioStation class' minimum supported PHP version:

const MIN_PHP_VER = '5.3';

You can then reference it outside the class like so:

echo RadioStation::MIN_PHP_VER;

Extending Classes

Class hierarchies can be created using the extends keyword. For instance, an application tasked with cataloging all major media outlets might first define a MediaOutlet class which defines some broad characteristics, and then child classes such as RadioStation and TVStation would inherit from it:

class MediaOutlet {

protected $owner;

protected $residentCountry;

public function setOwner($owner) {

...

}

}

class RadioStation extends MediaOutlet {

...

}

If you wanted to prevent child classes (in this case, RadioStation) from overriding a parent method, prefix it with the final keyword. For instance:

final public function setOwner($owner) {

...

}

Class Abstraction

The aforementioned MediaOutlet class would be more accurately defi ned as an abstract class, because it would never be explicitly instantiated (instead, one would instantiate derived classes such as RadioStation, TVStation, Newspaper, etc.). Abstract classes are declared using the abstract keyword:

abstract class MediaOutlet {

...

}

You can choose to override any methods found within an abstract class, which would then be inherited by its child classes, or alternatively you can declare them as abstract, requiring these methods be defined by any child.

Creating Interfaces

An interface helps developers rigorously enforce application specifications, and is similar to an abstract class, but contains solely the required method signatures. Any class implementing the interface must also implement all defined interface methods.

Interfaces are defined using the interface keyword and their names are typically prefixed with a capital I:

interface IRadioStation {

public function setBand($band);

public function getBand();

}

class RadioStation implements IRadioStation {

...

}

The array is one of programming's most powerful data structures, capable of managing a seemingly endless variety of data.

Creating an Array

The following two examples all create an array named $stations consisting of three elements:

$stations = array (

"WTVN",

"WBNS",

"WYTS");

$stations = array();

$count = array_push($stations, "WTVN", "WBNS", "WYTS");

You can create an array consisting of a character- or numericallybased range using the range() function:

// $teenListenerDemographic =

// array(13,14,15,16,17,18,19)

$teenListenerDemographic = range(13,19);

Retrieving Array Contents

Indexed arrays such as those created so far can be accessed according to their numerical offset (beginning with a zerobased offset). For instance to retrieve the second value in the $stations array:

$callSignal = $stations[1];

Perhaps the most flexible way to enumerate array contents is through the foreach statement:

foreach($stations AS $station)

printf("%s<br />", $station);

Associative Arrays

Associative arrays give developers the opportunity to assign meaningful context to both the array value and its corresponding key:

$stations = array(

"WTVN" => "610",

"WBNS" => "1460",

"WYTS" => "1230 "

);

You can then obtain a value (in this case the station/band) by referencing its call signal:

// $channel = "610"

$channel = $stations["WTVN"];

The foreach statement proves equally useful for navigating associative arrays:

foreach($stations AS $key => value)

printf("%s => %s<br />", $key, $value);

Multidimensional Arrays

Multidimensional arrays are useful for representing more complex data structures:

$stations = array(

"AM" =>

array("WTVN" => "610",

"WBNS" => "1460",

"WYTS" => "1230"),

"FM" =>

array("WLVQ" => "96.3",

"WNCI" => "97.9")

);

Referencing an element isn't unlike the methods used for indexed and associative arrays; it's just a tad more verbose:

$channel = $stations["FM"]["WTVN"];

Determining Array Size

The number of elements found in an array can be determined using the count() function:

// Outputs "3 stations are being tracked"

printf("%d stations are being tracked",

count($stations));

Sorting Arrays

PHP offers a powerful assortment of functions (more than 70) capable of sorting arrays in a variety of ways. Most of these functions accept an optional parameter which can change the sorting behavior. Four values are supported, including SORT_ REGULAR for comparing elements without implicit typecasting, SORT_NUMERIC for comparing elements numerically, SORT_STRING for comparing elements as strings, and SORT_LOCALE_STRING, for sorting elements according to the defined locale.

Consult the PHP manual for a complete listing: http://www.php.net/array.

PHP supports over 100 functions identified as specific to string parsing and manipulation. Following are the most commonly used tasks.

$stations = array("WTVN","WBNS","WYTS");

$stations = implode(",", $stations)

// $stations = "WTVN,WBNS,WYTS"

$stations = "WTVN,WBNS,WYTS";

$stations = explode(",", $stations);

// $stations[0]="WTVN", $stations[1]="WBNS",

$stations[2]="WYTS"

$sentence = "Columbus is home to numerous

radio stations";

$words = str_word_count($sentence);

// $words = 7

$callsign = strtoupper("wtvn");

// $callsign = "WTVN"

$input = "You won the <a href="http://www.

example.com">lottery!</a>."

$clean = strip_tags($input);

// $clean = "You won the lottery!"

$phrase = "Big rockers listen to rock radio";

$phrase = str_replace("rock", "talk", $phrase);

// $phrase = "Big talkers listen to talk radio"

$description = "WFAN: Sports Radio 66";

$callsign = substr($description, 0, 4);

if (strcasecmp("WTVN", "wtvn") == 0)

echo "The strings are equal in a caseinsensitive

context."

$stations = "WTVN: 610\nWLW: 700\nWYTS: 1230";

$html = nl2br($stations);

// $html = "WTVN: 610<br />WLW: 700<br />WYTS:

1230"

PHP's regular expression features borrow heavily from both the Perl and POSIX formats, and in fact are formally identified as such.

Perl-compatible (PCRE) Regular Expression Functions

PHP supports eight PCRE-specific functions, including these commonly used solutions:

Common PCRE Pattern Modifiers

Metacharacters

POSIX Regular Expression Functions

PHP supports seven functions as defi ned by the POSIX 1003.2 specifi cation, including these commonly used solutions:

POSIX Regular Expression Syntax

Regular Expression Examples

Validating a Phone Number

Presumes the required format is XXX-XXX-XXXX.

// PCRE

if (preg_match('/^[2-9]{1}\d{2}-\d{3}-\d{4}$/', '614-

599-2599'))

echo "Valid number!";

// POSIX

if (ereg('^[2-9]{1}[0-9]{2}-[0-9]{3}-[0-9]{4}$', '614-

999-2599'))

echo "Valid number!";

Validating a Username

Presumes username is between 6 and 10 alphabetical and numerical characters.

// PCRE

if (preg_match('/^[a-z0-9]{6,10}$/i', '800gilmore'))

echo "Valid username!";

// POSIX

if (eregi('^[a-z0-9]{6,10}$', '800gilmore'))

echo "Valid username!";

Turn URLs into Hyperlinks

// PCRE

$text = "Go to http://www.wjgilmore.com.";

$html = preg_replace('/\s(\w+:\/\/)(\S+\.?)(\w+)/',

' <a href="\\1\\2\\3">\\1\\2\\3</a>', $text);

// POSIX

$text = "Go to http://www.wjgilmore.com. ";

$html= ereg_replace('[a-zA-Z]+://(([.]?[a-zAZ0-

9_/-])*)', '<a href="\\0">\\0</a>', $string);

// $html = "Go to <a href=" http://www.wjgilmore.

com">http://www.wjgilmore.com."

The Date Function

The date() function is perhaps one of PHP's most commonly used functions, capable of retrieving nearly every temporal attribute of a specific timestamp.

string date(string $format [, $int $timestamp])

Day Parameters

Week Parameters

Month Parameters

Year Parameters

Date Function Examples

Setting the Timezone

You can set the timezone for all scripts by setting the date. timezone configuration directive within the php.ini file, or on a per-script basis using the date_default_timezone_set() function.

Other Useful Functions

PHP 5.1.0 introduced an object-oriented DateTime class. See http://www.php.net/DateTime for more information.

Date-related Examples

Although PHP supports several popular databases, MySQL remains by far the most common database solution. PHP's MySQL support has evolved considerably in recent years, with the MySQLi (MySQL Improved) extension being the current recommended solution. Here are the most commonly used methods.

Connecting to MySQL

The mysqli extension provides a number of ways to connect to MySQL, but the easiest involves just passing the connection data along when instantiating the mysqli class:

mysqli new mysqli([string host [, string user [, string

pswd

[string dbname [int port [string socket]]]]]]);

Here's an example:

$mysqli = new mysqli("localhost", "webuser", "secret",

"corporate");

Handling Connection Errors

In case of connection error you can retrieve both the error number and error string using the errno() and error() methods. Example:

if ($mysqli->errno) {

printf("Unable to connect: %s", $mysqli->error);

exit();

}

Sending a Query to the Database

Once the connection has been established, you can begin querying the database. Queries are sent using the query() method:

mixed query(string $query [, int $resultmode])

Setting the optional $resultmode parameter to MYSQLI_USE_ RESULT will cause query() to return the result as an unbuffered set.

Example:

$result = $mysqli->query("SELECT callsign FROM

stations");

Sending INSERT, UPDATE, and DELETE queries works identically. For instance, sending an UPDATE query works like this:

$result = $mysqli->query("UPDATE stations SET station

= '610' WHERE callsign = 'WTVN'");

Retrieving Data

Data can be parsed from the result set using a number of data structures, including via associative and indexed arrays, and objects.

Retrieving data as an associative array:

while ($row = $result->fetch_array(MYSQLI_ASSOC) {

printf("%S", $row["callsign"]);

}

Retrieving data as an indexed array:

while ($row = $result->fetch_row() {

printf("%S", $row[0]);

}

Retrieving data as an object:

while ($row = $result->fetch_object() {

printf("%S", $row->callsign);

}

Determining the Number of Rows Affected and Retrieved

To determine the number of affected rows after sending an INSERT, UPDATE, or DELETE query, use the affected_rows property.

Example:

$result = $mysqli->query("UPDATE stations SET station =

'610' WHERE callsign = 'WTVN'");

printf("Rows affected: %d", $result->rows_affected);

To determine how many rows were returned when using a SELECT query, use the num_rows property:

$result = $mysqli->query("SELECT * FROM stations WHERE

state ='Ohio');

printf("Rows affected: %d", $result->num_rows);

Working with Prepared Statements

Prepared statements both optimize query performance and decrease the possibility of SQL injection attacks by separating the query data from the logic, fi rst passing the query to MySQL for preparation, binding variables to the query columns, and fi nally passing the data to MySQL for query execution.

To prepare a query, create the query, and then initialize a statement object using the stmt_init() method:

$query = "INSERT INTO stations VALUES(?, ?)";

$stmt = $mysqli->stmt_init();

Next the query is prepared by passing it to MySQL using the prepare() method:

$stmt->prepare($query);

Next, bind the parameters using the bind_param() method:

$stmt->bind_param('ss', "WTVN", "610");

Finally, execute the prepared statement using the execute() method:

$stmt->execute();

You can also use prepared statements to retrieve results. The general process used to execute the previous INSERT query is identical to that required for executing a SELECT query, except that the bind_param() method is not required, and you bind results following a call to the execute() method. An example follows:

$query = "SELECT callsign, frequency FROM stations

ORDER BY callsign";

$stmt = $mysqli->stmt_init();

$stmt->prepare($query);

$stmt->execute();

$stmt->bind_result($callsign, $frequency);

while ($stmt->fetch())

printf("%s: %s<br />", $callsign, $frequency);

Transactions

By default the MySQLi extension will render each query "permanent" upon successful execution, actually changing the database's contents when INSERT, UPDATE, and DELETE queries are processed. However the success of some tasks depend upon the successful execution of several queries, and until all have occur. ATM transactions and online credit card processing are common examples requiring several queries. Using transactions, you can change the MySQLi extension's behavior, committing a series of queries as you see fit.

To begin a transaction, start by disabling the autocommit feature:

$mysqli->autocommit(FALSE);

Execute the various queries as you see fit, and if everything proceeds as you expect, execute the commit() method:

$mysqli->commit();

Otherwise, if a problem occurs, execute the rollback() method:

$mysqli->rollback();