In memory of Toshiko, my friend, companion, and wife of many years
I’ve always felt concerned about unduly raising readers’ expectations with the subtitle of this book, Dynamic Web Design Made Easy. PHP is not difficult, but nor is it like an instant cake mix: just add water and stir. Every web site is different, so it’s impossible to grab a script, paste it into a web page, and expect it to work. My aim is to help web designers with little or no knowledge of programming gain the confidence to dive into the code and adjust it to their own requirements.
You don’t need any previous experience of PHP or another programming language to be able to use this book; but it does move at a fast pace. After the first few chapters, you start working with relatively advanced features of the language. Don’t let that put you off. Regard it as a challenge. This book is called PHP Solutions for a reason—to provide solutions to practical problems rather than offer a series of meaningless exercises.
How you use the book will depend on your level of experience. If you’re new to PHP and programming, start at the beginning and work your way gradually through the book. It’s organized as a logical sequence with each chapter building on knowledge and skills gained in previous ones. When describing the code, I try to explain what it does in plain language. I avoid jargon, but not technical terms (each new term is described briefly when it’s first encountered). If you have more experience with PHP, you can probably jump straight into whatever interests you. Even if the code makes sense to you without my explanations, I hope the text throws light onto my thought processes when solving a problem with PHP.
A Small but Significant Change
There’s a subtle difference in the title of this edition. We’ve snuck a 7 into it. The previous editions were called simply PHP Solutions; but my editor and I decided to make it crystal clear that this edition focuses exclusively on PHP 7, the only version of PHP that’s currently supported. One of the great advantages of PHP 7, apart from greatly improved speed, is that it’s almost completely backward compatible with PHP 5—in other words, virtually all the code that ran on PHP 5 can be transferred seamlessly to PHP 7. However, it doesn’t work the other way round. This book makes use of a lot of features that are new to PHP 7. So, if you try to run the code in PHP 7 Solutions on an old server still running PHP 5, you’ll soon run into problems.
Because hosting companies are often slow to upgrade the version of PHP that they offer, previous editions of this book provided workarounds for older versions of PHP. This time, I don’t. For some readers, this means code that works perfectly in a local testing environment is likely to break when it’s uploaded to a remote server. As of mid-2019, more than two out of every three web servers running PHP are still using PHP 5, even though all official support for PHP 5 ended in December 2018. Not even the original version of PHP 7 (7.0) is supported any longer. The code in this book was developed on PHP 7.3, although with one minor exception noted in Chapter 10 (complete with workaround), everything will run on PHP 7.2 or later.
PHP isn’t like that old car you’ve been running for years and doesn’t need changing as long as you give it sufficient love and oil. PHP is constantly being updated, not only to add new features but also to fix bugs and security issues. Even if you’re not interested in the new features, you should be interested in security fixes. The Internet can be a wild place with lots of unsavory characters trying to find exploitable holes in web sites. This book contains a lot of advice on security, but it can’t protect you from security issues that are uncovered in the PHP core. Making sure that your remote server is kept up to date is an indispensable insurance policy to minimize your risks. And it shouldn’t cost you any extra because PHP is free (although hosting companies charge for their services).
If you really need code that’s compatible with PHP 5, check out the third edition of this book. Better still, make the move to the most up-to-date version of PHP.
What Else Is New in This Edition?
This edition closely follows the structure of previous editions and it uses the same Japan Journey case study, so at first glance it might not seem as though much has changed. However, every page has been revised with the aim of making the text clearer. More important, the code has been extensively reviewed and updated. The Upload and ThumbnailUpload classes in Chapters 9 and 10 have been radically rewritten to make them simpler and more robust. There’s a completely new chapter on working with arrays; and the chapter on writing PHP scripts has been split into two. Chapter 3 is now a quick introduction to PHP for newcomers, while Chapter 4 acts as a quick PHP reference for beginners and more experienced readers alike. Chapter 4 has been expanded to cover new features in PHP 7.
The chapters on working with a MySQL or MariaDB database have been revised to make the code more secure. I’ve also added a PHP solution highlighting potential problems with using the superglobal variable $_SERVER['PHP_SELF'] and suggesting a robust workaround.
Using the Example Files
All the files necessary for working through this book can be downloaded from the Apress web site via the Download Source Code button located at www.apress.com/9781484243374 .
Set up a PHP development environment, as described in Chapter 2 . Unzip the files and copy the phpsols-4e folder and all its contents into your web server’s document root. The code for each chapter is in a folder named after the chapter: ch01 , ch02 , and so on. Follow the instructions in each PHP solution, and copy the relevant files to the site root or the work folder indicated.
Where a page undergoes several changes during a chapter, I have numbered the different versions like this: index_01.php , index_02.php , and so on. When copying a file that has a number, remove the underscore and number from the filename, so index_01.php becomes index.php . If you are using a program that prompts you to update links when moving files from one folder to another, do not update them. The links in the files are designed to pick up the right images and style sheets when located in the target folder. I have done this so you can use a file comparison utility to check your files against mine.
If you don’t have a file comparison utility, I strongly urge you to install one. It will save you hours of head scratching when trying to spot the difference between your version and mine. A missing semicolon or mistyped variable can be hard to spot in dozens of lines of code. Windows users can download WinMerge for free from http://winmerge.org/ . I use Beyond Compare ( www.scootersoftware.com ), which is now available for Windows, macOS, and Linux. It’s not free but is excellent and reasonably priced. BBEdit on a Mac includes a file comparison utility. If you’re comfortable using Terminal on a Mac, the diff utility is installed by default.
Layout Conventions
Important words or concepts are normally highlighted on the first appearance in bold type .
Code is presented in fixed-width font .
New or changed code is normally presented in bold fixed-width font .
Pseudocode and variable input are written in italic fixed-width font .
Menu commands are written in the form Menu ➤ Submenu ➤ Submenu.
Where I want to draw your attention to something, I’ve highlighted it, like this:
Ahem, don’t say I didn’t warn you.
Many people have contributed to this book, each one helping improve it as it has moved over four editions. I’m particularly grateful to Chris Mills, the editor of the first edition, whose idea it was to move away from the cookbook formula of isolated solutions that left the reader with little or no idea about the practical use of a technique. Chris’s successors, Ben Renow-Clarke (for the second and third editions) and Mark Powers (for this edition), have both provided a light touch, nudging me in the right direction and forgiving my late delivery times. By the way, if you think we’re keeping it in the family, Mark is no relation in spite of his splendid surname.
A really big thank you is due to the technical reviewers of this edition, Rob Aley and Massimo Nardone. By the time a book gets to its fourth edition, an author hopes to get something of a free ride, expecting all the problems to have been sorted out in previous editions. Fortunately for you, the reader, they subjected my code and text to almost forensic analysis, making really helpful suggestions. As a result, the book has been greatly improved. Any errors or inconsistencies that remain are my responsibility alone.
Thanks are also due to everyone involved in the production chain at Apress. A book would never see the light of day without their diligent work behind the scenes.
Finally, I would like to pay tribute to my late wife, Toshiko, who put up with me disappearing for hours on end working on the previous editions of this book. We should have spent more time together. Miss you.
Contents
About the Author and About the Technical Reviewers
About the Author
is the author of more than 30 highly successful video training courses and books on PHP. He began his professional career as a radio and TV journalist for the BBC, spending a large part of it in Japan reporting on the rise and collapse of the bubble economy. His background of reporting on complex issues in plain, jargon-free language reveals itself in his writing about PHP and web development.
David first became involved with web development in the early 1990s as Editor of BBC Japanese TV. With no marketing budget, he developed a bilingual web site to promote the channel. After leaving the BBC, he went on to develop a bilingual online database for an international consultancy, as well as teaching web development courses at two universities in the UK. In addition to writing and creating video training courses, he’s a Trustee of a charity in North London that provides educational facilities for retired people and those no longer in full-time employment.
About the Technical Reviewers
has been programming commercially and academically in a variety of programming languages, with over 10 years of PHP experience since graduating in Computer Science from the University of Leeds in 1999.
Having had a varied career working in industries from coffee to condoms, as well as doing freelance software development, Rob is now a “Database Programmer” at the University of Oxford working in healthcare-related data analysis. He uses PHP almost exclusively now, out of choice.
When he’s not working or writing books, he spends time with his wife, three young children, and most importantly his cat.
has more than 24 years of experience in Security, Web and Mobile development, and Cloud and IT Architecture. His true IT passions are Security and Android.
He has been programming and teaching how to program with Android, Perl, PHP, Java, VB, Python, C/C++, and MySQL for more than 20 years.
He holds a Master of Science in Computing Science from the University of Salerno, Italy.
He has worked as a Project Manager, Software Engineer, Research Engineer, Chief Security Architect, Information Security Manager, PCI/SCADA Auditor, and Senior Lead IT Security/Cloud/SCADA Architect for many years.
His technical skills include Security, Android, Cloud, Java, MySQL, Drupal, Cobol, Perl, Web and Mobile development, MongoDB, D3, Joomla, Couchbase, C/C++, WebGL, Python, Pro Rails, Django CMS, Jekyll, Scratch, and so on.
He worked as Visiting Lecturer and Supervisor for exercises at the Networking Laboratory of the Helsinki University of Technology (Aalto University). He holds four international patents (PKI, SIP, SAML, and Proxy areas).
He currently works as Chief Information Security Officer (CISO) for Cargotec Oyj and he is member of ISACA Finland Chapter Board.
Massimo has reviewed more than 45 IT books for different publishers and has coauthored Pro JPA in Java EE 8 (Apress, 2018), Beginning EJB in Java EE 8 (Apress, 2018), and Pro Android Games (Apress, 2015).