What Are PHP Filters?

If you have ever written any script that has been in public use, you should know to never trust the user, PHP filters step in to help solve this problem. PHP filters are implemented through the PHP Filter Extension. The Filter Extension is a rather thorough library of pre-defined rules you can use to clean user input and prepare data for database storage or any number of other implementations you may come across.

How Do PHP Filters Work?

PHP filters work through a couple of built-in functions, namely filter_var() and filter_var_array(), and flags you pass to these methods. The flag you pass these functions will determine which filter you want to implement.

There are two types of filters, validation and sanitization filters. Validation filters are similar to a true/false type check. When using a validation filter, the function will return the original data you passed it if the data passed the validation check. When using sanitization filters, the function will return the data you passed it after it removes the necessary data to make it pass the test.

To see what filters are supported in your environment, there is a nifty function filter_list(). Example:

print_r(filter_list());

//prints...

Array
(
    [0] => int
    [1] => boolean
    [2] => float
    [3] => validate_regexp
    [4] => validate_url
    [5] => validate_email
    [6] => validate_ip
    [7] => string
    [8] => stripped
    [9] => encoded
    [10] => special_chars
    [11] => unsafe_raw
    [12] => email
    [13] => url
    [14] => number_int
    [15] => number_float
    [16] => magic_quotes
    [17] => callback
)

These are the filters that are supported on my server, yours may be different. We’re going to take a look at a few examples of what you can do with these filters.

If you would like more information on the filter_var() and filter_var_array() functions, check out the PHP manual entries for these functions for more information about them specifically: filter_var(), filter_var_array().

Useful PHP Validation Filters

Validating Integers

You can validate integer with the FILTER_VALIDATE_INT flag. If you pass the function an integer, it will return it just like it came. However, if you pass it say, a string or a float data type it will return NULL or FALSE.

$var = 473;

filter_var($var, FILTER_VALIDATE_INT); //returns 473

$var = 'hello';

filter_var($var, FILTER_VALIDATE_INT); //returns FALSE

$var = 71.4;

filter_var($var, FILTER_VALIDATE_INT); //returns FALSE

You can also specify options for the FILTER_VALIDATE_INT flag, like min, max and default values. You have to be careful when defining the $options array, notice that its a multidimensional array.

$var_1 = 73;
$var_2 = 246;

$options = array(
    'options' => array(
        'default' => 3,
        'min_range' => 0,
        'max_range' => 99,
    )
);

filter_var($var_1, FILTER_VALIDATE_INT, $options); //returns 73

filter_var($var_2, FILTER_VALIDATE_INT, $options); //returns 3

Notice that the second filter_var() call returned 3, this is because of the default value we defined in the $options array.

Validating Floats
Validating a FLOAT work just like validating an INT does, but it uses the FILTER_VALIDATE_FLOAT flag instead.

$var_1 = 45.3;
$var_2 = 246;

filter_var($var_1, FILTER_VALIDATE_FLOAT, $options); //returns 45.3

filter_var($var_2, FILTER_VALIDATE_FLOAT, $options); //returns 246

Note that if you pass an integer into this function with the FILTER_VALIDATE_FLOAT flag, it will still return it as if it was a float.

Validating E-mail Addresses
You can also use this method for validating more abstract data types, such as e-mail addresses.

$var_1 = "jordan@17webshop.com";

$var_2 = "some data that is obviously not an e-mail address;

filter_var($var_1, FILTER_VALIDATE_EMAIL); //returns jordan@17webshop.com

filter_var($var_2, FILTER_VALIDATE_EMAIL); //returns FALSE

However, this method isn’t quite as good as a custom regex could be. An e-mail address like a@a.a, which is obviously invalid, still passes. The following regex would be a better solution:

$pattern = '/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/';

$email_1 = 'jordan@17webshop.com';

$email_2 = 'a@a.a';

preg_match($pattern, $email_1); // returns TRUE

preg_match($pattern, $email_2); //returns FALSE

Validating URLs

Validating URLs is typically pretty difficult, filter_var() however, does a pretty excellent job. What’s interesting about this flag is it optionally takes additional flags to facilitate better validation. Here’s a list of the additional, optional flags available:

• FILTER_FLAG_SCHEME_REQUIRED
• FILTER_FLAG_HOST_REQUIRED
• FILTER_FLAG_PATH_REQUIRED
• FILTER_FLAG_QUERY_REQUIRED

Let’s look at a few examples:

$var_1 = 'http://www.17webshop.com';

$var_2 = 'http://www.17webshop.com/path/to/some/file';

$var_3 = 'http://www.17webshop.com/path/to/some/file/?foo=bar';

$var_4 = 'www.17webshop.com';

$var_5 = 'some_file.html';

$var_6 = "/path/to/some/file";

filter_var($var_1, FILTER_VALIDATE_URL); // returns http://www.17webshop.com

filter_var($var_1, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED); // returns FALSE

filter_var($var_2, FILTER_VALIDATE_URL); // returns http://www.17webshop.com/path/to/some/file

filter_var($var_2, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED); // returns FALSE

filter_var($var_3, FILTER_VALIDATE_URL); // returns http://www.17webshop.com/path/to/some/file/?foo=bar

filter_var($var_4, FILTER_VALIDATE_URL); // returns FALSE

filter_var($var_5, FILTER_VALIDATE_URL); // returns FALSE

filter_var($var_6, FILTER_VALIDATE_URL); // returns FALSE

Validating IP Addresses
Validating IP Addresses is simple as well, and just like the FILTER_VALIDATE_URL flag, the FILTER_VALIDATE_IP flag allows a few optional flags in addition, they are listed below. You can even check ipv6 addresses.

• FILTER_FLAG_IPV4
• FILTER_FLAG_IPV6
• FILTER_FLAG_NO_PRIV_RANGE
• FILTER_FLAG_NO_RES_RANGE

$var_1 = '192.168.0.1';

$var_2 = '543.152.3.9';

$var_3 = '3ffe:1900:4545:3:200:f8ff:fe21:67cf';

echo filter_var($var_1, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); // returns 192.168.0.1

echo filter_var($var_2, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); // returns FALSE

echo filter_var($var_3, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6); // returns 3ffe:1900:4545:3:200:f8ff:fe21:67cf

Note that 543.152.3.9 returns false, this is because the IP address with the highest value that is still acceptable is 255.255.255.255.

The FILTER_FLAG_NO_PRIV_RANGE and FILTER_FLAG_NO_RES_RANGE check to see if the address is within a private, or reserved range respectively.

Useful PHP Sanitization Filters

Sanitizing a String
Sanitizing data is just as easy as validating it. Remember that sanitizing is different than validating because sanitizing removes unwanted characters and then returns the newly validated data. Let’s take a look at sanitizing some strings.

$var_1 = 'some string data';

$var_2 = '"some string data"';

filter_var($var_1, FILTER_SANITIZE_STRING); //returns some string data

filter_var($var_2, FILTER_SANITIZE_STRING); //returns "some string data"

Sanitizing Integers

$var_1 = 123214;

$var_2 = '213h34bh312';

filter_var($var_1, FILTER_SANITIZE_NUMBER_INT); //returns 123214

filter_var($var_2, FILTER_SANITIZE_NUMBER_INT); //returns 21334312

Filter Callback

Maybe one of the best things about the filter_var() function is the FILTER_CALLBACK flag as it allows you define your own rule via a callback function. If you can’t find a rule that meets your needs exactly, just define one yourself with this flag.

function my_rule($str) {
  return str_replace(" ", "+", $str);
}

$var_1 = "some string data with spaces in it";

$options = array(
    'options' => 'my_rule'
);

filter_var($var_1, FILTER_CALLBACK, $options); //returns some+string+data+with+spaces+in+it

Conclusion

Hopefully this post has taught you something you didn’t know about PHP, or jogged your memory on some useful functionality available to you. I didn’t go through every possible flag, for the sake of brevity, and because of the fact that while some of them are helpful and rather useful. Some of them, just… aren’t. If you want more information about these flags, take a look at the PHP manual entry.

As always, if you have any questions about anything discussed here. Feel free to leave them in the comments. I am always willing to help out.

Check out webshopcms.org

More to come soon.

So it’s been some time since our last segment, today we’re going to pick up where we left off with our PHP From the Top series and jump into some new topics. Loops and Conditions are called Control Structures and are a large part of what really makes your script dynamic, they allow the script to somewhat make its own decisions based on current circumstances. Let’s get started.

Other Posts in this Series

• 1: Getting Set Up
• 2: Using Variables and Simple Math
• 3: Loops and Conditions

Conditions (If, Else Statements)

First, we’re going to take a look at conditional statements (or If, Else statements). If and else are two seperate statements, but they often work together hand in hand. To explain how this works, I think its probably best to first draw up an example and describe it rather than keep discussing in the abstract. Here’s a simple If, Else statement.

if( 1 < 2 ) {
     echo "1 is less than two";
} else {
     echo "1 is not less than two";
}

Okay, a few things to notice here: first, notice the expression in the parentheses after the if statement. This expression is what determines how the following code will be executed. If this expression evaluates to TRUE, the code in the if statement's braces will be executed. If this expression evaluates to FALSE, the code in the else statement's braces will be executed. In the above example, the script will echo "1 is less than two" because the expression if( 1 < 2 ) will always evaluate to true. Let's take a look at a few slightly more complex examples using variables.

$x = 2;
$y = 7;
if( $x > $y ) {
     echo "$x is greater than $y";
} else {
     echo "$x is not greater than $y";
}

This example will obviously evaluate to false and will echo "2 is not greater than 7".

$x = 5;
$y = 10;
if( $y - $x == $x ) {
     echo "$y - $x is equal to $x";
} else {
     echo "$y - $x is not equal to $x";
}

This example shows that you can perform mathematical calculations within the conditional expression. Another important thing to note about this example is the double equal sign operator == in the expression. This is known as the equality operator and is used to determine whether or not two values are equal to one another. There are actually a few different "equal sign-like" operators in the PHP language and it's important not to confuse them. Let's take a quick look at a few of them.

Assignment and Comparison Operators

These are just a few of the operators available to you in the PHP language, if you would like to reference a full list, check out the PHP Comparison Operators page at php.net.

Moving on to Loops

Loops are an interesting control structures, a loop allows a script to repeat a block of code a defined number of times. There are a few loops that are available in PHP, but we're only going to take a look at what are probably the two most common -- "For" loops and "While" loops.

While Loops

A simple While Loop looks something like this:

$i = 1;
while($i <= 10) {
     echo $i . "<br />";
     $i++;
}

The above script will print numbers from 1 to 10 on the screen. This introduces a few new and important concepts. First of all, the use of the variable $i: it is a very common practice to use the variable $i as what's called the iterator when working with loops. Using this variable allows the script to keep track of how many times the loop has been executed.

NOTE: It is very important to keep track of how many times a loop has been executed and to make sure that you have a defined a maximum number of times for the loop to run. Otherwise you may end up with an infinite loop which will cause your script to crash.

Second you should notice the ++ operator. This is the increment operator. It essentially takes the variables value and adds 1 to it. In other words, $i++; is the same thing as $i = $i + 1;. It is just a shorthand. Also available with the PHP language is the opposite of the increment operator--the decrement operator which is simply --, two subtraction signs, one after the other. This operator will take the value of the variable it is assigned and subtract one from it.

Third, you should understand that the expression in the parentheses of the while statement is run exactly like the expression in the if statement. The loop will continue to iterate as long as the expression in the parentheses evaluates to true.

Now that we understand all the new syntactical points about this script we can go back and explain what happens line by line.

• Line 1: initialize the iterator to 1
• Line 2: test to see if the expression is true
• Line 3: if the expression is true we fall into the loop and evaluate the code (in this case we print the value of the iterator to the screen).
• Line 4: we increment the iterator.

After this loop has been executed 10 times, the iterator will be incremented to 11. When the expression is tested again, it will evaluate to FALSE as 11 is not greater than or equal to 10 and the script will pickup at the end of the loop and run any remaining code in the script.

For Loops

for loops are much like while loops, except they are slightly more complex and as a result, more compact. The for loop expression is broken into 3 parts. Let's look at an example then break it down. I am going to write a loop that will accomplish the same thing our while loop example accomplished in the example above, we are just going to do it with a for loop instead this time.

for( $i = 0 ; $i <= 10 ; $i++ ) {
     echo $i . "<br />";
}

You can see how the expression of a for loop is broken into 3 segments by semicolons. Let's list each of those segments and define what they do.

• $i = 0 This is what's called the initialization expression. This is the first statement that is executed when a for loop is run. Typically, the iterator variable is initialized in this expression.
• $i <= 10 This is the test expression. This expression will be evaluated at the beginning of each loop cycle before the code in the braces is executed. If this expression evaluates to TRUE, the loop continues, if the expression evaluates to FALSE the loop closes.
• $i++ This is the counter or iterator expression. It is run at the end of each loop cycle right before the test expression is tested for the next cycle. Most often, this expression simply contains an increment expression to the iterator. Just like this example shows.

There are other loops that we will probably touch on later in the series. Each of them has its strengths and weaknesses, and there are times when one is more appropriate than another, but they all do about the same thing, just in a slightly different way. There are no hard and fast rules as to which you should use when.

Conclusion

Hopefully you have learned something through reading this post; however, I would like to stress the fact that reading about programming will only get you so far. There is no better instructor than an error log full of mistakes in your code and things gone wrong in your script. You have to sit down and write your own code and try different things on your own to get to your full potential. As always, if you have any questions or comments, please leave the in the comments. I will be happy to help you out if I can.

What is the header() Function?

The header() function is used to send raw HTTP headers to the browser or replace other ready-to-send HTTP headers. If you are unfamiliar with HTTP headers, you may find it beneficial to browse through the Header Field Definitions section of the HTTP/1.1 spec.

What Are HTTP Headers?

HTTP headers are the foundation of HTTP (Hypertext Transfer Protocol), which the entire World Wide Web is built on. Every time you go to a webpage, just like when you came to this webpage your browser sent the server a number of header requests, and then in turn received http responses for each request. These headers contain information about the client browser, the server, and the document that the browser requested from the server.

Here’s an example of what some HTTP headers might look like:

A Closer Look at header()

In this post, I would really like to focus on uses for header() other than redirect, but we’ll use it as a jumping off point, since many readers will be familiar with it. When you call header() to implement a redirect, your call will be something similar to this:

	header( 'Location: http://www.mysite.com/path/to/redirected/page/index.php' );
	exit();

What is actually happening when you run the code above is you are sending a “Location” response header to the browser (along with a 302 status code) with a value of “http://www.mysite.com/path/to/redirected/page/index.php”

A quick aside: I have noticed many coders do not include a call to exit() after header() is called. This isn’t necessary, but it is considered a best practice. In the event that your redirect fails, you will more than likely want to keep the rest of the script from executing. Additionally, another note: The HTTP/1.1 spec requires that the value for the “Location” header be an absolute URI (i.e: contains scheme, hostname, and path). While many environments will accept a relative URI, I would recommend that you use an absolute URI for maximum script portability and adherence to the specification.

A Few Additional Uses for header()

Let’s take a look now at a few fun/useful headers we can send.

Status Codes

	  header('HTTP/1.1 200 OK');

You can send raw status codes to the browser by using the method above. This can be useful if you are using a php script as a landing for your 404 NOT FOUND errors, and you want to replace the previously sent 404 NOT FOUND status code to a fresh 200 OK.

Content-Type:

	  header('Content-Type: application/pdf');

The Content-Type header is used to define the mime-type of a document. This helps the browser know how to interpret the data it receives so that you can view it in its intended form. For example, an image file is displayed differently than an HTML file. The header above would indicate a PDF document.

Content-Disposition:

	 header('Content-Type: application/zip');
	 header('Content-Disposition: attachment; filename="downloadMe.zip"');

Send the Content-Disposition header if you would like to prompt the user to download a file, such as an image, an excel spreadsheet, or a PDF (which you should define with the previously mentioned “Content-Type” header). The prompt will be similar to the one shown below:

Content-Length:

	 header('Content-Type: application/zip');
	 header('Content-Length: 38724');
	 header('Content-Disposition: attachment; filename="downloadMe.zip"');

Content-Length is another header that should be used when prompting a user to download a file. This header defines the size of the file to be downloaded (in bytes) and is used by browsers when downloading files to tell the user how much of the download has completed. Have you ever noticed how sometimes your browser’s download manager will tell you how far a file download has progressed (something like “43% Complete”), and sometimes it will only say something to the effect of “458kb of ? have been transfered.” The culprit in this scenario is developers neglecting the implementation of the Content-Length header. In my opinion is a simple courtesy to include this header in your scripts involving file downloads.

Cache-Control:

	  header('Cache-Control: max-age=3600, public');

The Cache-Control header is used to define rules for caching the document it relates to or resides in. You can enabled, disable or limit caching by using a number of directives such as public to enabled caching by anyone, or no-cache to disable caching for everyone. More info on these directives and more can be found here.

Conclusion

Hopefully, you have discovered a few new things about HTTP headers and what you can do with PHP’s header() function. Remember, headers must be sent before any other output, so make sure to place them at the top of your script or before any html tags or whitespace. This includes anything included via include(), require(), include_once(), and require_once(). Even a space will throw an error.

What is Variable Scope

Variable scope refers to the context in which a variable is defined or the setting in which it is available for use. Whenever a variable is declared, it is declared in a particular scope. In PHP, there are two different possible scopes, global and local.

When you declare a variable in PHP like this:

	$count = 5; //$count is defined in the global scope

The variable is declared in the global scope. This means that the variable is available to interact with and be used and manipulated by other processes in the global scope. Variables declared in the global scope cannot be used in the local scope and the other way around. Let’s look at what it means to define something in the local scope.

function full_name($first_name, $last_name) {

	$full_name = $first_name.$last_name;

	return($full_name); //$full_name is declared in the local scope
}

Determining Which Scope You’re Using

Variables that are defined in the local scope cannot interact with variables in the global scope. You could even have two variables of the same name, in either scope and they could hold two different values. For example:

function do_something() {

	$variable = 2; //local scope

}

$variable = 5; //global scope

echo $variable; //echoes 5

do_something();

echo $variable; //still echoes 5

Within the function do_something(), the value of $variable was set to 2. However, it was set in the local scope. The echo statement, however, was used in the global scope. Therefore, the instance of $variable that was set to 2 was never accessed or used. Essentially, when a variable is defined within a function, that variable only exists within that function. Once the function is executed and completed, the variable is no longer accessible and cannot be used.

Working Around Variable Scope

So if we can’t access a global variable inside a function how to we get access to those values? Well there are a couple of ways to do this. The first way is to pass variables into functions as arguments. Passing a global variable as an argument allows the variables value to be altered in the local scope by effectively making a copy of the variable and pasting it into the new scope. But will the value still be altered in the global scope? No it won’t. This is because we are only creating a copy of the variable. However, we can still retrieve the new value by returning the variable when we are done. Let’s look at an example:

$var = 40;

function divide_by_two($var) {
	return($var / 2);
}

echo $var; //echoes 40

$var = divide_by_two($var);

echo $var; //echoes 20

This method, however, can get to be a bit cumbersome when working with large amounts of variables. Passing in all of these variables as arguments can get messy, and PHP functions can only return one variable at a time. You would therefore need to call functions multiple times. Is there an easier way? Yes there is. We can use the global keyword to bring global variables into the local scope. Say you have a variable that stores a path to a upload folder for your application.

$upload_path = '/path/to/uploads/directory/';

function delete_uploaded_file($filename) {

	//bring the variable $var out of the global scope and into
	//the local scope so it can be accessed and altered.

	global $upload_path;

	if(file_exists($upload_path.$filename)) {
		unlink($upload_path.$filename);
	}
}

delete_uploaded_file('image.jpg');

This can also be done by using the superglobal associative array $GLOBALS:

$upload_path = '/path/to/uploads/directory/';

function delete_uploaded_file($filename) {

	if(file_exists($GLOBALS['upload_path'].$filename)) {
		unlink($GLOBALS['upload_path'].$filename);
	}
}

delete_uploaded_file('image.jpg');

Using Static Variables

Static variables can occasionally come in handy as well, and are a good thing to know about when the need comes up. A static variable only exists in the local scope. However, the value of the variable remains there even when the parser leaves the local scope.

	function show_last_count() {
		//$count is declared as static and the value will remain after the function as been called.
		static $count = 0;
		echo $count;
		$count++;
	}
	show_last_count(); //echos 0
	show_last_count(); //echos 1
	show_last_count(); //echos 2
	show_last_count(); //echos 3

NOTE: when assigning values to static variables you must assign them as listed in the example above–that is as a straight value, not as the result of an expression. Assigning the result of an expression as static will throw in a parse error.

	function do_something() {
		static $static_var = 1 + 1; //throws a parse error.
	}

Conclusion

Understanding scope is a crucial concept in programming, and lack of understanding it can lead to writing some incredibly messy and difficult to maintain code. However, that doesn’t mean that you should always use the methods defined here. I’ve listed a few options for you, use the one that makes the most sense to you. If it makes sense to pass a variable into a function as an argument, perhaps because that value is constantly changing, do it that way. It is okay to work within where you’re comfortable. But that doesn’t mean you shouldn’t be aware of what your other options are.

If you have any questions, if I didn’t explain something as clear as you would have liked, please don’t hesitate to let me know. Leave a comment on this article. Someone will be thrilled to help you out.

When writing SQL queries and naming columns while building your database, you have to be careful which words you use. Some words are reserved by the SQL language for use as special built in commands and functions. Using these words as a column identifier, for example, will throw an SQL error and your query will die. I have found myself many many times pulling my hair out over a particular query, trying to find out why it isn’t working only to later discover that I named one of my columns with a reserved word. Some of these reserved words include SELECT, UPDATE and WHERE. Those you were probably already familiar with if you have ever written any SQL queries; the full list, however, is actually pretty lengthy and contains many commands you may not have known about. Additionally, as you browse this list, take a moment to look up the commands you aren’t familiar with. This can help you learn about some previously unknown and powerful features of the language.

It should be noted, however, that reserved words can actually be used in queries outside of their special uses if you quote them. For example:

SELECT * FROM messages WHERE read=0 LIMIT 10; //bad
SELECT * FROM messages WHERE `read`=0 LIMIT 10; //good

The word “read” is a reserved word, and can only be used as the identifier for a column if it is quoted.

To help you avoid the mistakes I’ve made and stress I’ve suffered. I’ve compiled (what I think to be) a complete list of these reserved words to reference as a sort of cheat sheet in the future when frustrating queries, that you know are correct, just don’t seem to work.

Reserved Words in SQL

• must have examples of previous work
• must be knowledgeable about design concepts, composition, color theory, typography, etc
• should have at least a basic understanding of (x)HTML and CSS, how they work, and how to use them.
• must be comfortable using Adobe Photoshop and Illustrator (or equivalent) and be comfortable working with raster and vector images.
• must be local to the DFW metroplex, preferably Denton, and preferably a student.

Hours are extremely flexible, will work with your schedule. Will discuss rates upon interview.

If you are interested, please send an email to Jordan: jordan@17webshop.com with a link to a portfolio, or an attached pdf (please dont send .psd or .ai files), a little bit about yourself and your experience.

Thanks so much!

This is the second installment of this new series I’m writing called “PHP From the Top.” Hopefully this guide will become a resource for beginners to get a handle on the PHP language and how to use it. I’m going to do my absolute best to not gloss over little details as I’ve found that many times beginners simply over look something minute yet crucial, get frustrated and the give up. I want to do my best to avoid this, and if any readers come across anything of the like, please feel free to discuss it in the comments. Anyway, today we’re going to cover the basics of the PHP language and get our hands dirty with a little bit of code for the first time.

If you’re new to the PHP language you may want to read the first article in this series on how to get set up with a PHP development environment on your machine. But, if you’re already set up and ready to go, we’re going to dive in.

NOTE: I will assume you know HTML and CSS in that I wont go over those elements used as supplements to these articles, however if you do not know HTML and CSS it should not be detrimental to your understanding of the concepts outlined here.

Other Posts in this Series

• 1: Getting Set Up
• 2: Using Variables and Simple Math
• 3: Loops and Conditions

Getting Started

First of all, PHP’s opening and closing tags look like this: <?php and ?>. This is very similar to a how an HTML tag works, you write your code between the two tags like the example below:

<?php
	//This is where you write your PHP code.
?>

Anytime you write PHP code, it must be between these two tags. For the rest of this article and this series, I will omit the opening and closing <?php and ?> tags from the code examples. Just remember that they must be there for your code to properly execute.

Printing a Message

In PHP there are two ways to print data to the screen. echo and print. Technically, you can use whichever one you wish, there are arguments for both sides which I won’t get into now (maybe in another article), but I will use echo throughout this article and throughout this series.

Printing output to the screen in PHP is extremely simple and easy all you have to do is write:

	echo "Print this message to the screen.";

Now there are a few things here I want you to notice and understand with this line of code. First, the message is enclosed in quotation marks. You may use double or single quotation marks, there are pros and cons to using either one of them, just make sure you stay consistent. Second, the line ends in a semicolon ;. Every line of PHP code you write must end in a semicolon. This tells the parser that this is the end of a line (the end of a command) and now it can move on to the next one. This is because PHP is whitespace insensitive, and doesnt care if you add spaces, line breaks, or tabs within your code. Ultimately, any whitespace, unless encapsulated with quotation marks, will be ignored.

Commenting Your Code

While programming you may want to leave a note in your code, perhaps to yourself or to someone else that may look at your code in the future. This can be done by using comments. Comments are ignored by the parser and therefore only show up in the code. You can comment out a line, a few lines, or whole blocks of code. In PHP, comments are declared using two methods, if you only want to comment out one line, precede the text you want commented with two forward slashes //, if you want to comment out more than one line you add a forward slash followed by an asterisk /* to the beginning of the comment, and an asterisk followed by a forward slash */at the end of the comment.

	//This is a single line comment. This whole line will be ignored.

	/*This is a multiple line comment

	All of these
	lines will
	be ignored*/

It is generally considered good practice to leave comments in your code, this enhances code readability. It will help others navigate and understand your code more quickly and it will help you not forget why you did something a certain way. I will use comments in the example code throughout this series for code explanation.

Executing Your Code

PHP code can be written right next to your HTML code in the same file, and the other way around, you just have to remember that if you’re using PHP code in a file you have to change the filename to .php instead of .html. (If you write PHP code in a .html file, it will simply be ignored.) This is fundamentally important. You have to remember that PHP is a Server-side scripting language, this means that the code is actually executed before it reaches your user’s web browser. This is important to understand because when your PHP code outputs a message, that message is printed to the HTML file that your users will view in their browsers. You can actually have PHP output HTML tags to the browser. You can do it like this:

	echo "<strong>This text will be bold</strong>";

Simple Math in PHP

Performing mathematical calculations in PHP is very easy, and the operators may already be familiar to you if you have ever had to do math on a computer. Let’s take a look at an example.

	echo 1 + 1; //prints the number "2"

Let’s look at some of the operators we can use.

	echo 3 + 2; //Addition, prints the number "5"
	echo 3 - 2; //Subtraction, prints the number "1"
	echo 3 * 2; //Multiplication, prints the number "6"
	echo 3 / 2; //Division, prints the number "1.5"
	echo 3 % 2; //Modulus or Remainder Operator, prints the number "1"

Note that PHP does follow the traditional mathematical order of operations. If you want to alter the order in with your calculation is performed, use parentheses.

	echo 3 + 2 * 4; //prints 11
	echo (3 + 2) * 4; //prints 20

Using Variables

In PHP, variables are defined by preceding the name of the variable with a dollar sign: $. Variable names may only contain alphanumeric characters or underscores, they must start with a lowercase alphabetic character, and may not contain spaces. PHP is a dynamically typed language, which means that you do not need to declare variable types, you simple declare the variable name and its value. A variable can be assigned many different values types: integer (a whole number), float (a decimal number), string (text) and a few others that we’ll get into later on in this series. Let’s look at a few examples of assigning different data types to variables.

	$int = 4; //this variable holds 4
	$float = 1.5; //this variable holds 1.5
	$string = "This is a string."; //this variable holds "This is a string."

You can perform math with variables, just as you would expect (as long as the variables contain number values).

	$int1 = 5;
	$int2 = 7;

	echo $int1 + $int2; //outputs 12

	$int3 = $int1 + $int2;

	echo $int3; //also outputs 12

Putting it All Together

I know this article got a bit lengthy, its a lot of information to take in at one sitting. Read through it again, and really take your time to make sure you understand it. This is the foundation of understanding the PHP language. Now that you know how to declare a php code block, how to output data to the screen, how to comment your code, how to perform simple math and use variables you are able to build simple PHP scripts from scratch. Take some time to play with these concepts in your own applications. If you have any questions about anything discussed in this article or anything else regarding PHP, feel free to ask them in the comments.

This is going to be the first article in this “PHP From The Top” series that I am going to be writing. I will be covering PHP basics, all the way up to some OOP concepts and applications, and hopefully some more advanced topics as time goes on. I figured today we would begin with a bit of a primer into what PHP is and what it is used for. This series will assume that you atleast have a basic understanding of (x)HTML and CSS (CSS used will not be crucial in most cases and will therefor not be focused on). Let’s get started!

Other Posts in this Series

• 1: Getting Set Up
• 2: Using Variables and Simple Math
• 3: Loops and Conditions

Introduction

PHP is a scripting language most often used for programming on the web and the development of dynamic web pages and applications. It is a server-side language (which means that the code is executed on the server before it is sent to the user’s browser), this is in contrast with other scripting languages such as Javascript which are actually executed on the user’s browser after the page is loaded. PHP is executed before the page loads.

Behind the Name “PHP”

The acronym “PHP” originally stood for “Personal Home Page,” but as the web has evolved the meaning of the name has since changed. “PHP” now stands for “PHP: Hypertext Preprocessor,” which actually is quite odd in and of itself as the acronym is recursive–that is, the first “P” in “PHP” actually stands for “PHP” and the first “P” in that second instance of “PHP” also stands for another instance of the same acronym “PHP,” and continues indefinitely.

Why Should I Learn PHP?

Any modern day web developer, or hobbyist even, should have at least a basic understand of what PHP is and how PHP works. More than 19 Million websites are built on PHP code, many that we visit every day including: Facebook, Yahoo, Wikipedia, Flickr, Digg, any blog using wordpress, etc… And there are a lot of reasons why so many people choose to use PHP over other scripting languages.

Okay, so what can PHP do for me? Web pages written in HTML markup are static. The state of the page, and any info on the page cannot change without editing the file, and saving it again.

• PHP works seamlessly with HTML. Your PHP code can actually output HTML code–right along side your existing HTML. The two just work together.
• PHP offers excellent integration with MySQL. If you are unsure of what this means, don’t worry. We’ll get to it over the next few articles.
• PHP has a strong working user-base. What does this mean for you? It means that when you have problems and need answers. There are a lot of people that can help you.
• PHP is open-source. Which means, it’s free!

What Do I Need to Get Started?

All you need to get started with coding in PHP is a simple text editor and a server with PHP installed and running on it. Nearly every hosting company should offer PHP installed on their servers. However, if you’re working locally, which is what I’ll be doing, you will have to install PHP and an Apache server on your computer. This can be more difficult than one might think, so the solution that I recommend is to install a WAMP or MAMP package, depending on what operating system you are working on. WAMP and MAMP are both package local-hosting environment solutions. They combine, Windows (or Mac OS X) with Apache, MySQL, and PHP installations.

As far as text editors go, you could use Notepad (one Windows) or TextEdit (if you’re on a Mac)–I mean, those will work… However, you may want something with a few more helpful features such as syntax highlighting for better code readability, code folding, inline “auto-complete” typing aids, etc… If you’re using Windows, might I recommend using Notepad++ and if you’re using a Mac I suggest trying out Text Wrangler. There are many other options-countless options, and many of them can get quite expensive, but the two I listed here are free to use.

Well, that about wraps up today’s first installment on how to get set up and running PHP on your machine, so you can start learning it. I would have liked this first article to go into language basics (at least). But I feel like I couldn’t start a learning series without an initial set-up guide. Next time we will begin going over the actual PHP language basics and understanding how it all works.