Advice Needed: Learning PHP and How to Manage a Server

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
BobH - TAN
Forum Newbie
Posts: 20
Joined: Mon Mar 20, 2006 7:09 pm
Location: Texas

Advice Needed: Learning PHP and How to Manage a Server

Post by BobH - TAN »

Howdy All!

First, let me introduce myself. I'm BobH, The Ancient Noob. I'm 64 yo and retired after 40 years in the IT industry. Was a COBOL and Assembler programmer on mainframes back in the late '60's, into the '70's, but moved into design, project management and IT management before retiring. Now I'm just entertaining myself by building websites and writing code ad hoc.

I've reached the 'intermediate' point with HTML and CSS and consider myself a novice with Javascript, but have done nothing more than do several online tutorials with PHP. I want to do some server side scripts and database management; so I downloaded and installed Apache and mySQL but know virtually nothing about them. I would appreciate comments on do's and don't's and especially any pointers to online tutorials for the noob in this area. I need to know the care and feeding of my home-based server AND how to write and test scripts before putting on my hosts server.

Please be gentle. It's my first time. :?

BobH
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

If you want to setup a test server on Windows you can use:

http://www.firepages.com.au/

However it seems from experience that:

http://www.apachefriends.org/en/index.html

Might be a better choice if you just want to get PHP and MySQL and Apache up and running ASAP to start writting code.

As for tutorials in PHP...search google...

http://www.phpbuilder.com/ is an good resource for learning everything from basics to advanced concepts.

Use the forum, nothing expedites learning like asking questions :)

What I really like about this place is that there are few dedicated regulars whom each seem to specialize in a certain area, so you get a pretty good answer and explanation and answer if you ask the right question.

Cheers :)
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

Here are some tips...

Most noob articles you read will contain PHP embedded in HTML files. That feature makes learning PHP much easier than say PERL.

You have a good number of years behind you in other langs like Assembler and COBOL, so basic articles could likely be avoided, cuz you know what if, while, for, etc already do.

Or you'll catch on real quick I'm sure ;)

Anyways, ASAP once your comfortable with working in PHP...basically it's syntax...you probalby want to:

1) Look into using a template engine (Smarty is probably best known). Search google for bTemplate, it's does the same thing, but using native PHP so there is little performance hit and you still accomplish seperation.

2) Not sure if your comfortable with OOP (Doesn't COBOL stand for Common object business oriented language???) but if you are...look into using that ASAP too but also realize that functions still serve a purpose.

Avoid designing classes like:

Code: Select all

class MyClass{
  function printHead($value)
  {
    echo '<div style="text-align: right">My Header: '.$value.'</div>';
  }

  function printBody($value)
  {
    echo '<div style="text-align: right">My Body: '.$value.'</div>';
  }

  function printFoot($value)
  {
    echo '<div style="text-align: right">My Footer: '.$value.'</div>';
  }

}
Thats the worst example of OOP usage in PHP you can imagine...that should be handled by a template engine.

3) loosely typed interpreted languages are neat and gabage collection is neat too, but with that flexibility comes caveats which can't take hours to solve if you come from a compiled strict typed language like C/C++.

Variables in PHP can be empty and NOT set

When debugging you often echo a variable to screen, unlike in compiled langauges where a variable will always have a value in PHP thats not the case.

If you mis-type a variable name by one character, that can be a tricky bug to catch onto, so be sure to practice dillegence when using variable names and writing them out.

4) Sanitize incoming data from GET, COOKIE, POST, REQUEST, etc...

Meaning, if you use GET variables, like a search query criteria, say for example a name in a database...

You should ALWAYS use a principle of least privilege approach on outside data.

At least calling addslashes() to escape your data before sending it to a database for INPUT, SELECT, etc... operations.

If you know the incoming data should only be integer values, I often do the following:

Code: Select all

$var = (int)$_GET['var']; // Explicitly cast variable to integer
You could also use regex to work on alpha-numeric types: for instance if you knew that an incoming data variable was supposed to USA post codes, you could use regex to strip non-essential characters like (* $ ', etc).

Note: You should name your HTML form variables the same name as your associated DB table field names, makes it easier when writing the SQL or maintaining it. Some might argue thats a possible security hole, but effective professional programmers shouldn't believe in security through obscurity ;)

I always bring every incoming variable into local scope, by doing what I demonstarted above with the explicit cast, then I apply addslashes() and/or remove non-essential characters using regex, htmlentities, etc if required. You can focus on this once you start using FORMS.

5) Last but not least, start reading up on regex, if you came from a llinux environment, you might be familiar with them, from using tools like grep or what it's called...???

In any case if you don't have any knowledge about them, read some tutorials on them...cuz they will save you big time, especially in data validation, which I mentioned in point 4.

Using regex it's a breeze to strip non-essential characters from incoming data

6) One more note. Code reuse in PHP is difficult, but not impossible. Make you look into classes which are good examples of OOP usage:
- Smarty
- phpMailer - Make life sending emails WAAAAAY easier (especially if you have attachments, etc)
- AdoDB - Database abstraction layer so you can switch from MySQL to MSSQL with realtive ease.

You can check out PEAR (Google it) it's a massive library of classes which are usually pretty re-usable.

HTH

And remember, participate in this forum often it's helps the community and yourself :)

Cheers
Rad01
Forum Newbie
Posts: 1
Joined: Mon Mar 20, 2006 11:17 pm

Post by Rad01 »

If you are familiar with unit testing then here is one nice tool you could use: http://www.lastcraft.com/simple_test.php

I have been using this for about 2 years and I found it very useful. The initial phase of each project takes a bit longer (because you have to build the unit tests first), but the final product is much more robust and much easier to maintain.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Its always a great idea also to find a small project - preferably open source - and have a go at modifying it, adapting it, and getting to understand how all the parts fall together. It offers that little extra experience that lets you make sense of PHP texts. A little research never went astray either - there are a lot of concepts in PHP not often met in other languages mainly because its a loosely typed language focused on web apps.
BobH - TAN
Forum Newbie
Posts: 20
Joined: Mon Mar 20, 2006 7:09 pm
Location: Texas

Thanks, Guys!

Post by BobH - TAN »

It's most generous of you to help a noob. This one greatly appreciates it and has received same gratefully.

I'm sure you'll hear more from me as I get stuck on stupid things. I'm going at it fairly slowly ('cause I don't have to make a livin' at it and SWMBO INSISTS that I do other things -- Imagine THAT!).

M-T Reaper, your suggestion about adapting good code is an excellent one -- one I used to insist on using back in the day when we used to have to train programmers because no schools taught courses. Can you suggest a good starter app for taking name and address data from a form and storing it? Looks like that would be both a good, common learning paradigm and be usefull for me to boot.

Thanks again to all three of you, Hockey - Rad01 - MaugrimTR.

BobH
BobH - TAN
Forum Newbie
Posts: 20
Joined: Mon Mar 20, 2006 7:09 pm
Location: Texas

COBOL = COmmonBusinessOrientedLanguage - It's not an OOP

Post by BobH - TAN »

Forgot to mention that, Hockey. It's a compiled language and not set up for OOP although we DID do things like make common I/O modules and frequently used routines that were 'called' by various programs. It required cataloging and re-cataloging every time either the main routine or the called subroutine was changed in order to resolve memory addresses when executing the compiled code.

Thanks again for your very useful pointers. I don't understand some of what you told me - yet - but I'm resolved to learn. I went to the Apache site and followed its directions for downloading and installing a server, but I don't know what I've got nor how to use it yet. I've also got phpAdmin installed.

BobH
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

One correction to hockey's post, use mysql_real_escape_string() for escaping data for the DB, not addslashes().

Also everything you need to know is online @ http://www.php.net/manual/en/

browse through that index and read around in there, I recommend downloading the manual so you don't have to use it online.


Also to elaborate on Hockey bringing up regex, here's the best tutorial (in my opinion) on regex written by our very own d11 - viewtopic.php?t=33147

Most of the ones floating out there on the net read more like a reference then a tutorial.
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

jshpro2 wrote:One correction to hockey's post, use mysql_real_escape_string() for escaping data for the DB, not addslashes().

Also everything you need to know is online @ http://www.php.net/manual/en/

browse through that index and read around in there, I recommend downloading the manual so you don't have to use it online.


Also to elaborate on Hockey bringing up regex, here's the best tutorial (in my opinion) on regex written by our very own d11 - viewtopic.php?t=33147

Most of the ones floating out there on the net read more like a reference then a tutorial.
Always wondered about that one...whats the difference? What does it mean considers a connections current character set? So if input data was Japanese instead of English it knows how to escape that data as well???

Not only that, but what then do you use if you don't rely on native mysql functions and instead use AdoDB on a system without mysql extension installed?

Cheers :)
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

I think it depends on if you are interested in just hacking up some scripts for fun or getting into best practices in PHP development. If it is the former then just start looking around and find things you want to build, then get a little direction around here one some good ways to proceed. If it is the latter then, you might want to read up on PHP current development practices. Something like "Guide to PHP Design Patterns" (if you can get past the typos) would be pretty good as it covers many of the basic patterns plus Test-Driven Development. There are probably similar books others could recommend.
(#10850)
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

Hockey wrote: Always wondered about that one...whats the difference? What does it mean considers a connections current character set? So if input data was Japanese instead of English it knows how to escape that data as well???
See with your own eyes: http://www.php.net/mysql_real_escape_string :)
Hockey wrote: Not only that, but what then do you use if you don't rely on native mysql functions and instead use AdoDB on a system without mysql extension installed?
AdoDB has an Escape function and the mysql driver there is implemented to use mysql_real_escape_string for that function.
Post Reply