CSE134A LECTURE NOTES


September 26, 2001
 
 

ANNOUNCEMENTS

Today I'm handing out the first project assignment.  Due Wed next week before class begins.

At 5:45 today the TAs will come by to be introduced, and to hand out account slips.

Unfortunately, the ieng9 web server is configured wrong, so PHP is not working currently.  ACS is trying to fix this.
 
 

HOW PHP WORKS

The web server, for example Apache under Linux, proceeds as follows: A PHP program (called a script) is executed on the web server computer, unlike Javascript, which is executed by the client browser.

PHP commands have access to information about the browser, the values of fields in a form on the browser, and can retrieve and/or update information in a database.
 
 

WRITING A PHP PAGE

Here's an example of an HTML page that includes PHP code:

      <HTML>
       <?php
              print("<P>\nHello world from <EM>PHP</EM>.");
       ?>
   </HTML>

The PHP code is inside <? ?> script tags, which are nested inside HTML.  HTML stands for Hypertext Markup Language.  <P> is a markup command nested inside the PHP string. \n is an escape character for "new line."

You create this page as an ascii file using a text editor, then save it in your web directory with the name test.php for example.  PHP has very forgiving syntax.  print and echo are synonyms, and the parentheses are optional.

If you load test.php in your browser and do "view source" you see this:

       <HTML>
       <P>
       Hello world from <EM>PHP</EM>.</HTML>

Notice where the new lines are and are not.

Variable names in PHP start with the dollar symbol.  As in most scripting languages, e.g. awk and Perl, typing is dynamic.  Variables are initialized to have the value zero or empty string depending on context.
 
 

FORMS IN HTML

Here's an example of a web page including a form in HTML, and PHP code for processing information submitted via the form

       <HTML>
       <FORM>
            Please type your name here:
            <INPUT TYPE=TEXT NAME=username>
            <INPUT TYPE=SUBMIT VALUE="Submit data">
       </FORM>
       <P>
       <?php
              print("You typed $username.\n");
       ?>
       </HTML>

When you load this page the first time, you will see an empty input box, a button containing the label Submit data, and the text You typed . Then if you fill in Joe Smith and click the button, the page will be redisplayed with the text You typed Joe Smith.

When the page containing the form is submitted, each PHP variable with the same name as one of the NAME= fields in the form is initialized with the value placed in the form by the client.

Therefore, the printing after the form is always of what the user entered before the last time s/he clicked the submit button.  You must remember this when designing your PHP code, to avoid making the user confused.

You can make the result of submitting a form be a completely different web page by writing <FORM ACTION="process.php"> for example.
 
 

PROCESSING FORMS

The URL sent to the server when the submission button is clicked is

       http://ieng9.ucsd.edu/~cs134s/test.php?username=Joe+Smith

The browser packages the information typed into the form as name/value pairs in the URL.  To avoid unprintable characters, there is a convention where blanks are changed to + symbols and other characters are also encoded in special ways.  On the server, PHP reverses this encoding automatically before initializing variables with the right names.

Browsers treat URLs that include GET information in the same way as URLs that designate static web pages.  So, the browser may cache the value of these URLs.  This can be incorrect if the server wants to return different information in response to the same form input, for example because time has passed.

If you write <FORM METHOD="POST"> then the browser sends the field values to the server not as part of the URL, but as separate messages in the HTTP protocol.  In this case the field values sent are not visible to the human user, and the web page returned by the server is never cached.
 
 

PHP SYNTAX ISSUES

Keep track of whether you are inside HTML tags, or PHP tags.

Single quote ' and double quote " are slightly different in strings.  PHP can use both.  HTML uses ".

// and # give an end of line comment.  /* and */ give multiline comments.

<!-- and --> give HTML comments.

When a double-quote string is printed, variable names are replaced by their values.  This is called variable expansion.  When a single-quote string is printed, new lines in the source code are printed.
 
 

PHP SEMANTIC ISSUES

Integers are signed four bytes.  Real numbers are double precision, i.e. 80 bits total.

Integer zero, double zero, and the empty string are treated as the Boolean FALSE.  Other values are TRUE.

Variables are declared, initialized, and have their types changed automatically as needed.  When a string is used where a number is needed, the start of the string is parsed as a double, or as an integer if only the start of the string can be parsed.

The special functions isset(), is_int(), is_double(), is_string() are useful for handling input from humans.   Note that each value submitted via an HTML form is always stored as a string in a PHP variable.

Suppose you put in the HTML code for a form:  <INPUT NAME="avail" TYPE ="checkbox">Available immediately
Then in the PHP script, you might write the assignment command  $ok = isset($avail);
Now $ok has type integer and value either 0 or 1.
 
 

OPERATORS IN PHP

The string concatenation operator is the period, but placing a variable name inside a double-quote string also achieves concatenation.

The unary operator @ switches off error reporting while its operand is being executed.  For example print @($x/$y) will not give an error message even if the value of $y is zero.

Because PHP has dozens and dozens of operators, it is easy for bugs to arise from precedence issues.  The logical operators !, &&, || bind more tightly than the assignment operators =, +=, &=, etc.
 
 

REUSING CODE

To include shared code at compile-time write the command require("common.php"); for example.  Use include() if the inclusion should happen at run-time.

Function arguments are untyped and call-by-value by default.  Call-by-reference is indicated by &, for example

       function raise(&$salary,$percent = 4) { ... }

but note that PHP does not have C-style pointers in general.  A default value is indicated by an assignment.

Because variables are not declared, global and static variables must be indicated as such.  Remember that static variables only live during one script execution.

All functions are global, even if syntactically they are nested.  A function can be assigned to a variable.
 
 

MAINTAINING STATE

With GET-based forms, a program can simulate a human filling out a form by concatenating information into a string that is a GET-type URL.  Consider this example:

       <A TARGET="_new" HREF="next.php?id=<?php echo urlencode($userid); ?>">

Clicking on this link will cause the next.php script to be executed on the server.  The resulting HTML will then be displayed by the browser, in a brand-new window because of the  TARGET="_new" part.  The URL that is invoked is actually next.php?id=Joe+Smith. The next.php script doesn't know whether it is invoked by a real form or not.

The purpose of examples like the one above is to transfer information from one web page to another, e.g. the name of the current human user.  Transferring information gets around the fact that HTTP is a stateless protocol.  State is often called session information.

Syntax note: The PHP compiler is not smart enough to realize that the echo operation is within the context of a URL, so it doesn't know to apply URL encoding automatically.

If you write  HREF="next.php?t=<?php echo time(); ?>"  then caching in the browser will be avoided.

Simulating a human filling out a POST-based form is more complicated; the programmer needs to understand how POST messages work in the HTTP protocol.
  


Copyright (c) by Charles Elkan, 2001.