Intro to Programming Database Internet of Things IT Project Management Networking Web Development Security For Research Students

Introduction

Javascript is executed on the client side. This means it has no access to any information held on the web server such as files on the web server or databases on the web server. To access this information, we use a server-side language, in this case, PHP.

This course teaches a particular style of interacting with the server-side script. In this course, the server-side script is kept separate from the client-side script and information is accessed by JavaScript using JSON. This isn't the only way of communicating with the server-side script, but it keeps the two languages separated which may be conceptually easier for students to understand.

Any questions or comments should be directed to: The creator's email

Standard PHP Structure

A PHP file begins with <?php and ends with ?>

PHP variables are always named beginning with a dollar sign ($). Like Javascript, they are untyped.

The PHP concatenation operator is the period (.). Unlike Javascript, PHP has an integer division operator called intdiv. Otherwise, PHP operations behave similarly to that of other languages descended from BCPL like C, C++, Java, C#, or Javascript.

You can send input to a PHP file as a URL get. Basically, you reference the PHP file put a question mark in the end and follow with a list of variable value pairs separated by an ampersand (&). For example: runthis.php?arg1=value1&arg2=value2. The code example below is activated by saying introdemo.php?inputvar=<whatever you want>.

PHP uses the function strlen() to calculate the length of a string.

Here is a piece of example PHP code:

To demonstrate this code, enter a value into the textbox below, then hit the process button.


For more information:

Any questions or comments should be directed to: The creator's email

Reading a file

The PHP command to read a file is file_get_contents

The below example uses the php program basicrender.php to display a file on screen.

To demonstrate this code, enter a URL into the textbox below, then hit the process button.


For more information:

Any questions or comments should be directed to: The creator's email

Arrays and JSON

What PHP calls an array is really an ordered map. If you do not specify what the item maps to, it will map to a numeric index like a regular array. However, you can explicitly identify a mapping in-lieu of this.

JSON is a standard format used for data exchange between web objects. We use json_encode to transform a piece of data into the JSON format to prepare it for interchange.

The below example creates an array, shows the mapping and then transforms it into JSON format.

For more information:

Any questions or comments should be directed to: The creator's email

Basic Database Access

To connect to a database in PHP, you create a PHP Data Object (PDO), by telling PHP the data source name (the type of database and the name of the database), your username and password. You then prepare an SQL statement and execute it. Finally, you fetch the results of the query into a variable.

The below example queries the Amazonia database and retrieves all entries in the bookcat table.

For more information:

Any questions or comments should be directed to: The creator's email

Database Access With Parameters

In most cases when you query a database, you want to modify the search with various parameters. For example, you might want to search for a customer by ID or name. In PHP, you do this by marking the search location in the SQL query with a marker prefaced by a colon (:marker). You then map each marker to a PHP variable using bindParam. BindParam takes three arguments- the marker to bind, the variable to bind to, and the data type of the binding. Once done, you use the execute method to run the query.

The below example illustrates this on the Amazonia database by searching for books by title.

To demonstrate this code, enter a title into the textbox below.


For more information:

Any questions or comments should be directed to: The creator's email

Insert, Update, Delete

Insertion, updating and deletion of database entries works in the exact same way as selection of records. You just create a PDO instantiation, prepare the appropriate SQL statement, bindParams as necessary, and then execute it.

For more information:

Any questions or comments should be directed to: The creator's email

Password Matching

To preserve security, passwords should not be stored in plain text. Instead, use a one-way hash algorithm to store passwords in an unreadable form. In a one way hash, it is possible to verify a piece of plain text matches a piece of encrypted text, but it is not possible to reverse-engineer the plain text from the encrypted text.

Use password_hash to encrypt a password for storage on the computer. PASSWORD_BCRYPT uses a variant of the Blowfish encryption algorithm to secure the password. Use password_verify to test the plain text password against the encrypted one.

The below example illustrates comparing an encrypted password against a plain text one. Press the compare button to do the actual comparison.






For more information:

Any questions or comments should be directed to: The creator's email

Sessions

Sessions are a way to preserve information across web pages. You initiate or recall a session in PHP with session_start(). Variables you want to preserve across pages are stored in $_SESSION[].

In the below example, the "status" variable is used to track the login status of the user. When this variable has a value "login_successful" the user is logged in. Otherwise, the user is forced to go to a password page to log in.

For more information about sessions, go here.

Any questions or comments should be directed to: The creator's email