PHP Cookbook
SECOND EDITION
PHP Cookbook
Adam Trachtenberg and David Sklar
Beijing • Cambridge • Farnham • Köln • Sebastopol • Taipei • Tokyo
PHP Cookbook, Second Edition by Adam Trachtenberg and David Sklar Copyright © 2006 O’Reilly Media. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://safari.oreilly.com). For more information, contact our corporate/ institutional sales department: (800) 998-9938 or
[email protected].
Editor: Tatiana Apandi Production Editor: Adam Witwer Copyeditor: Adam Witwer Proofreader: Sada Preisch
Indexer: Joe Wizda Cover Designer: Karen Montgomery Interior Designer: David Futato Illustrators: Robert Romano and Jessamyn Read
Printing History: November 2002: August 2006:
First Edition. Second Edition.
Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. PHP Cookbook, Second Edition, the image of a Galapagos land iguana and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations uses by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
ISBN: 978-0-596-10101-5 [M] 1250799402
[9/09]
Table of Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv 1. Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 1.11 1.12 1.13 1.14 1.15 1.16 1.17
Accessing Substrings Extracting Substrings Replacing Substrings Processing a String One Byte at a Time Reversing a String by Word or Byte Expanding and Compressing Tabs Controlling Case Interpolating Functions and Expressions Within Strings Trimming Blanks from a String Generating Comma-Separated Data Parsing Comma-Separated Data Generating Fixed-Width Field Data Records Parsing Fixed-Width Field Data Records Taking Strings Apart Wrapping Text at a Certain Line Length Storing Binary Data in Strings Program: Downloadable CSV File
4 5 7 8 10 11 13 15 16 17 19 20 21 25 27 29 31
2. Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9
Checking Whether a Variable Contains a Valid Number Comparing Floating-Point Numbers Rounding Floating-Point Numbers Operating on a Series of Integers Generating Random Numbers Within a Range Generating Biased Random Numbers Taking Logarithms Calculating Exponents Formatting Numbers
36 37 38 39 40 42 43 44 45
v
2.10 2.11 2.12 2.13 2.14 2.15 2.16 2.17
Formatting Monetary Values Printing Correct Plurals Calculating Trigonometric Functions Doing Trigonometry in Degrees, Not Radians Handling Very Large or Very Small Numbers Converting Between Bases Calculating Using Numbers in Bases Other Than Decimal Finding the Distance Between Two Places
46 48 49 50 51 53 54 55
3. Dates and Times . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16 3.17
Finding the Current Date and Time Converting Time and Date Parts to an Epoch Timestamp Converting an Epoch Timestamp to Time and Date Parts Printing a Date or Time in a Specified Format Finding the Difference of Two Dates Finding the Difference of Two Dates with Julian Days Finding the Day in a Week, Month, or Year Validating a Date Parsing Dates and Times from Strings Adding to or Subtracting from a Date Calculating Time with Time Zones Accounting for Daylight Savings Time Generating a High-Precision Time Generating Time Ranges Using Non-Gregorian Calendars Using Dates Outside the Range of an Epoch Timestamp Program: Calendar
58 61 63 64 69 71 72 74 76 79 80 86 88 89 90 95 96
4. Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14
Specifying an Array Not Beginning at Element 0 Storing Multiple Elements Per Key in an Array Initializing an Array to a Range of Integers Iterating Through an Array Deleting Elements from an Array Changing Array Size Appending One Array to Another Turning an Array into a String Printing an Array with Commas Checking if a Key Is in an Array Checking if an Element Is in an Array Finding the Position of a Value in an Array Finding Elements That Pass a Certain Test Finding the Largest or Smallest Valued Element in an Array
vi | Table of Contents
103 105 106 107 109 111 113 115 116 117 118 120 121 122
4.15 4.16 4.17 4.18 4.19 4.20 4.21 4.22 4.23 4.24 4.25
Reversing an Array Sorting an Array Sorting an Array by a Computable Field Sorting Multiple Arrays Sorting an Array Using a Method Instead of a Function Randomizing an Array Removing Duplicate Elements from an Array Applying a Function to Each Element in an Array Finding the Union, Intersection, or Difference of Two Arrays Making an Object Act like an Array Program: Printing a Horizontally Columned HTML Table
123 123 125 127 128 129 130 130 133 135 138
5. Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8
Avoiding == Versus = Confusion Establishing a Default Value Exchanging Values Without Using Temporary Variables Creating a Dynamic Variable Name Using Static Variables Sharing Variables Between Processes Encapsulating Complex Data Types in a String Dumping Variable Contents as Strings
142 143 144 145 146 148 152 154
6. Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 6.10 6.11 6.12
Accessing Function Parameters Setting Default Values for Function Parameters Passing Values by Reference Using Named Parameters Creating Functions That Take a Variable Number of Arguments Returning Values by Reference Returning More Than One Value Skipping Selected Return Values Returning Failure Calling Variable Functions Accessing a Global Variable Inside a Function Creating Dynamic Functions
160 161 163 163 165 167 169 171 172 173 175 176
7. Classes and Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 7.1 7.2 7.3 7.4 7.5
Instantiating Objects Defining Object Constructors Defining Object Destructors Implementing Access Control Preventing Changes to Classes and Methods
183 184 185 187 189 Table of Contents | vii
7.6 7.7 7.8 7.9 7.10 7.11 7.12 7.13 7.14 7.15 7.16 7.17 7.18 7.19 7.20 7.21 7.22 7.23
Defining Object Stringification Specifying Interfaces Creating Abstract Base Classes Assigning Object References Cloning Objects Overriding Property Accesses Calling Methods on an Object Returned by Another Method Aggregating Objects Accessing Overridden Methods Using Method Polymorphism Defining Class Constants Defining Static Properties and Methods Controlling Object Serialization Introspecting Objects Checking if an Object Is an Instance of a Specific Class Autoloading Class Files upon Object Instantiation Instantiating an Object Dynamically Program: whereis
190 193 195 197 198 201 205 205 209 211 213 215 217 219 222 225 227 228
8. Web Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 8.9 8.10 8.11 8.12 8.13 8.14 8.15 8.16 8.17 8.18
Setting Cookies Reading Cookie Values Deleting Cookies Redirecting to a Different Location Detecting Different Browsers Building a Query String Reading the Post Request Body Generating HTML Tables with Alternating Row Styles Using HTTP Basic or Digest Authentication Using Cookie Authentication Flushing Output to the Browser Buffering Output to the Browser Compressing Web Output Reading Environment Variables Setting Environment Variables Communicating Within Apache Program: Web Site Account (De)activator Program: Tiny Wiki
232 234 235 236 237 239 240 241 242 246 249 250 251 252 253 254 255 258
9. Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 9.1 Processing Form Input 9.2 Validating Form Input: Required Fields 9.3 Validating Form Input: Numbers viii | Table of Contents
263 264 266
9.4 9.5 9.6 9.7 9.8 9.9 9.10 9.11 9.12 9.13 9.14 9.15 9.16 9.17 9.18
Validating Form Input: Email Addresses Validating Form Input: Drop-Down Menus Validating Form Input: Radio Buttons Validating Form Input: Checkboxes Validating Form Input: Dates and Times Validating Form Input: Credit Cards Preventing Cross-Site Scripting Working with Multipage Forms Redisplaying Forms with Inline Error Messages Guarding Against Multiple Submission of the Same Form Processing Uploaded Files Preventing Global Variable Injection Handling Remote Variables with Periods in Their Names Using Form Elements with Multiple Options Creating Drop-Down Menus Based on the Current Date
268 270 272 273 274 275 277 278 279 282 284 286 288 289 290
10. Database Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 10.1 10.2 10.3 10.4 10.5 10.6 10.7 10.8 10.9 10.10 10.11 10.12 10.13 10.14 10.15 10.16
Using DBM Databases Using an SQLite Database Connecting to an SQL Database Querying an SQL Database Retrieving Rows Without a Loop Modifying Data in an SQL Database Repeating Queries Efficiently Finding the Number of Rows Returned by a Query Escaping Quotes Logging Debugging Information and Errors Creating Unique Identifiers Building Queries Programmatically Making Paginated Links for a Series of Records Caching Queries and Results Accessing a Database Connection Anywhere in Your Program Program: Storing a Threaded Message Board
295 299 301 302 305 306 307 310 311 313 315 317 321 325 327 329
11. Sessions and Data Persistence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 11.1 11.2 11.3 11.4 11.5 11.6 11.7
Using Session Tracking Preventing Session Hijacking Preventing Session Fixation Storing Sessions in a Database Storing Sessions in Shared Memory Storing Arbitrary Data in Shared Memory Caching Calculated Results in Summary Tables
338 340 341 342 344 349 350
Table of Contents | ix
12. XML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 12.1 12.2 12.3 12.4 12.5 12.6 12.7 12.8 12.9 12.10 12.11 12.12 12.13 12.14
Generating XML as a String Generating XML with the DOM Parsing Basic XML Documents Parsing Complex XML Documents Parsing Large XML Documents Extracting Information Using XPath Transforming XML with XSLT Setting XSLT Parameters from PHP Calling PHP Functions from XSLT Stylesheets Validating XML Documents Handling Content Encoding Reading RSS and Atom Feeds Writing RSS Feeds Writing Atom Feeds
356 357 360 363 365 371 374 376 378 382 384 385 388 391
13. Web Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 13.1 13.2 13.3 13.4 13.5 13.6 13.7 13.8 13.9 13.10 13.11 13.12 13.13 13.14 13.15 13.16 13.17 13.18
Fetching a URL with the Get Method Fetching a URL with the Post Method Fetching a URL with Cookies Fetching a URL with Arbitrary Headers Fetching a URL with an Arbitrary Method Fetching a URL with a Timeout Fetching an HTTPS URL Debugging the Raw HTTP Exchange Marking Up a Web Page Cleaning Up Broken or Nonstandard HTML Extracting Links from an HTML File Converting Plain Text to HTML Converting HTML to Plain Text Removing HTML and PHP Tags Responding to an Ajax Request Integrating with JavaScript Program: Finding Stale Links Program: Finding Fresh Links
398 403 405 407 408 410 412 413 418 421 423 425 426 427 428 430 434 436
14. Consuming Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441 14.1 14.2 14.3 14.4 14.5 14.6
Calling a REST Method Calling a SOAP Method with WSDL Calling a SOAP Method Without WSDL Debugging SOAP Requests Using Complex SOAP Types Setting SOAP Types
x | Table of Contents
442 444 446 447 449 449
14.7 14.8 14.9 14.10 14.11 14.12 14.13
Using SOAP Headers Using Authentication with SOAP Redefining an Endpoint Catching SOAP Faults Mapping XML Schema Data Types to PHP Classes Calling an XML-RPC Method Using Authentication with XML-RPC
451 453 454 456 458 459 461
15. Building Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 15.1 15.2 15.3 15.4 15.5 15.6 15.7 15.8 15.9
Serving a REST Method Serving a SOAP Method Accepting Arguments in a SOAP Method Generating WSDL Automatically Throwing SOAP Faults Processing a SOAP Header Generating a SOAP Header Using Authentication with SOAP Serving an XML-RPC Method
463 469 472 474 475 477 480 482 487
16. Internet Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 16.1 16.2 16.3 16.4 16.5 16.6 16.7 16.8 16.9 16.10 16.11
Sending Mail Sending MIME Mail Reading Mail with IMAP or POP3 Posting Messages to Usenet Newsgroups Reading Usenet News Messages Getting and Putting Files with FTP Looking Up Addresses with LDAP Using LDAP for User Authentication Performing DNS Lookups Checking if a Host Is Alive Getting Information About a Domain Name
492 494 496 499 501 506 508 510 512 514 515
17. Graphics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519 17.1 17.2 17.3 17.4 17.5 17.6 17.7 17.8 17.9 17.10
Drawing Lines, Rectangles, and Polygons Drawing Arcs, Ellipses, and Circles Drawing with Patterned Lines Drawing Text Drawing Centered Text Building Dynamic Images Getting and Setting a Transparent Color Reading EXIF Data Serving Images Securely Program: Generating Bar Charts from Poll Results
522 524 525 527 529 534 536 537 539 541 Table of Contents | xi
18. Security and Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545 18.1 18.2 18.3 18.4 18.5 18.6 18.7 18.8 18.9 18.10 18.11 18.12 18.13 18.14
Preventing Session Fixation Protecting Against Form Spoofing Ensuring Input Is Filtered Avoiding Cross-Site Scripting Eliminating SQL Injection Keeping Passwords Out of Your Site Files Storing Passwords Dealing with Lost Passwords Verifying Data with Hashes Encrypting and Decrypting Data Storing Encrypted Data in a File or Database Sharing Encrypted Data with Another Web Site Detecting SSL Encrypting Email with GPG
546 547 548 549 550 551 552 554 555 557 562 565 567 568
19. Internationalization and Localization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571 19.1 19.2 19.3 19.4 19.5 19.6 19.7 19.8 19.9 19.10 19.11 19.12 19.13
Listing Available Locales Using a Particular Locale Setting the Default Locale Localizing Text Messages Localizing Dates and Times Localizing Currency Values Localizing Images Localizing Included Files Managing Localization Resources Using gettext Setting the Character Encoding of Outgoing Data Setting the Character Encoding of Incoming Data Manipulating UTF-8 Text
573 573 574 575 579 580 584 586 587 589 591 591 592
20. Error Handling, Debugging, and Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 597 20.1 20.2 20.3 20.4 20.5 20.6 20.7 20.8 20.9 20.10 20.11
Finding and Fixing Parse Errors Creating Your Own Exception Classes Printing a Stack Trace Reading Configuration Variables Setting Configuration Variables Hiding Error Messages from Users Tuning Error Handling Using a Custom Error Handler Logging Errors Eliminating “headers already sent” Errors Logging Debugging Information
xii | Table of Contents
598 600 603 604 606 607 608 610 611 613 614
20.12 20.13 20.14 20.15 20.16
Using a Debugger Extension Writing a Unit Test Writing a Unit Test Suite Applying a Unit Test to a Web Page Setting Up a Test Environment
616 622 624 626 628
21. Performance Tuning and Load Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629 21.1 21.2 21.3 21.4 21.5 21.6
Timing Function Execution Timing Program Execution Profiling with a Debugger Extension Stress Testing Your Web Site Avoiding Regular Expressions Using an Accelerator
630 631 635 637 638 640
22. Regular Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643 22.1 22.2 22.3 22.4 22.5 22.6 22.7 22.8 22.9 22.10
Switching from ereg to preg Matching Words Finding the nth Occurrence of a Match Choosing Greedy or Nongreedy Matches Finding All Lines in a File That Match a Pattern Capturing Text Inside HTML Tags Preventing Parentheses from Capturing Text Escaping Special Characters in a Regular Expression Reading Records with a Pattern Separator Using a PHP Function in a Regular Expression
646 648 649 651 653 653 655 657 658 659
23. Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665 23.1 23.2 23.3 23.4 23.5 23.6 23.7 23.8 23.9 23.10 23.11 23.12 23.13 23.14 23.15 23.16
Creating or Opening a Local File Creating a Temporary File Opening a Remote File Reading from Standard Input Reading a File into a String Counting Lines, Paragraphs, or Records in a File Processing Every Word in a File Picking a Random Line from a File Randomizing All Lines in a File Processing Variable-Length Text Fields Reading Configuration Files Modifying a File in Place Without a Temporary File Flushing Output to a File Writing to Standard Output Writing to Many Filehandles Simultaneously Escaping Shell Metacharacters
669 671 672 673 674 675 679 680 681 682 683 685 687 687 688 689 Table of Contents | xiii
23.17 23.18 23.19 23.20 23.21 23.22
Passing Input to a Program Reading Standard Output from a Program Reading Standard Error from a Program Locking a File Reading and Writing Custom File Types Reading and Writing Compressed Files
691 692 694 695 698 702
24. Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 705 24.1 24.2 24.3 24.4 24.5 24.6 24.7 24.8 24.9 24.10 24.11 24.12 24.13
Getting and Setting File Timestamps Getting File Information Changing File Permissions or Ownership Splitting a Filename into Its Component Parts Deleting a File Copying or Moving a File Processing All Files in a Directory Getting a List of Filenames Matching a Pattern Processing All Files in a Directory Recursively Making New Directories Removing a Directory and Its Contents Program: Web Server Directory Listing Program: Site Search
708 709 711 712 714 714 715 717 718 719 720 721 725
25. Command-Line PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729 25.1 25.2 25.3 25.4 25.5 25.6
Parsing Program Arguments Parsing Program Arguments with getopt Reading from the Keyboard Running PHP Code on Every Line of an Input File Reading Passwords Program: Command Shell
731 732 735 737 739 741
26. PEAR and PECL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745 26.1 26.2 26.3 26.4 26.5 26.6 26.7
Using the PEAR Installer Finding PEAR Packages Finding Information About a Package Installing PEAR Packages Upgrading PEAR Packages Uninstalling PEAR Packages Installing PECL Packages
747 751 752 754 756 757 759
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761
xiv | Table of Contents
Preface
PHP is the engine behind millions of dynamic web applications. Its broad feature set, approachable syntax, and support for different operating systems and web servers have made it an ideal language for both rapid web development and the methodical construction of complex systems. One of the major reasons for PHP’s success as a web scripting language is its origins as a tool to process HTML forms and create web pages. This makes PHP very web-friendly. Additionally, it is eagerly promiscuous when it comes to external applications and libraries. PHP can speak to a multitude of databases, and it knows numerous Internet protocols. PHP also makes it simple to parse form data and make HTTP requests. This web-specific focus carries over to the recipes and examples in the PHP Cookbook. This book is a collection of solutions to common tasks in PHP. We’ve tried to include material that will appeal to everyone from newbies to wizards. If we’ve succeeded, you’ll learn something (or perhaps many things) from PHP Cookbook. There are tips in here for everyday PHP programmers as well as for people coming to PHP with experience in another language. PHP, in source code and binary forms, is available for download for free from http:// www.php.net/. The PHP web site also contains installation instructions, comprehensive documentation, and pointers to online resources, user groups, mailing lists, and other PHP resources.
Who This Book Is For This book is for programmers who need to solve problems with PHP. If you don’t know any PHP, make this your second PHP book. The first should be Learning PHP 5, also from O’Reilly. If you’re already familiar with PHP, this book helps you overcome a specific problem and get on with your life (or at least your programming activities.) The PHP Cookbook can also show you how to accomplish a particular task in PHP, such as sending email or writing a SOAP server, that you may already know how to do in another
xv
language. Programmers converting applications from other languages to PHP will find this book a trusty companion.
What Is in This Book We don’t expect that you’ll sit down and read this book from cover to cover (although we’ll be happy if you do!). PHP programmers are constantly faced with a wide variety of challenges on a wide range of subjects. Turn to the PHP Cookbook when you encounter a problem you need to solve. Each recipe is a self-contained explanation that gives you a head start toward finishing your task. When a recipe refers to topics outside its scope, it contains pointers to related recipes and other online and offline resources. If you choose to read an entire chapter at once, that’s okay. The recipes generally flow from easy to hard, with example programs that “put it all together” at the end of many chapters. The chapter introduction provides an overview of the material covered in the chapter, including relevant background material, and points out a few highlighted recipes of special interest. The book begins with four chapters about basic data types. Chapter 1 covers details like processing substrings, manipulating case, taking strings apart into smaller pieces, and parsing comma-separated data. Chapter 2 explains operations with floating-point numbers, random numbers, converting between bases, and number formatting. Chapter 3 shows you how to manipulate dates and times, format them, handle time zones and daylight saving time, and find time to microsecond precision. Chapter 4 covers array operations like iterating, merging, reversing, sorting, and extracting particular elements. Next are three chapters that discuss program building blocks. Chpater 5 covers notable features of PHP’s variable handling, such as default values, static variables, and producing string representations of complex data types. The recipes in Chpater 6 deal with using functions in PHP: processing arguments, passing and returning variables by reference, creating functions at runtime, and scoping variables. Chapter 7 covers PHP’s object-oriented capabilities, with recipes on OOP basics as well as PHP 5’s new features, such as magic methods, destructors, access control, and reflection. After the data types and building blocks come six chapters devoted to topics that are central to web programming. Chapter 8 covers cookies, headers, authentication, working with query strings, and other fundamentals of web applications. Chapter 9 covers processing and validating form input, displaying multipage forms, showing forms with error messages, and guarding against problems such as cross-site scripting and multiple submission of the same form. Chapter 10 explains the differences between DBM and SQL databases and, using PHP 5’s PDO database access abstraction layer, shows how to connect to a database, assign unique ID values, retrieve rows, change data, escape quotes, and log debugging information. Chapter 11 covers PHP’s built-in sessions module, which lets you maintain information about a user as he moves from page to
xvi | Preface
page on your web site. This chapter also highlights some of the security issues associated with sessions. Chapter 12 discusses all things XML: PHP 5’s SimpleXML extension and revamped DOM functions, using XPath and XSLT, and reading and writing both RSS and Atom feeds. Chapter 13 explores topics useful to PHP applications that integrate with external web sites and client-side JavaScript such as retrieving remote URLs, cleaning up HTML, and responding to an Ajax request. The next three chapters are all about network interaction. Chapter 14 details the ins and outs of consuming a web service—using an external REST, SOAP, or XML-RPC service from within your code. Chapter 15 handles the other side of the web services equation—serving up REST, SOAP, or XML-RPC requests to others. Both chapters discuss WSDL, authentication, headers, and error handling. Chapter 16 discusses other network services such as sending email messages, using LDAP, and doing DNS lookups. The next section of the book is a series of chapters on features and extensions of PHP that help you build applications that are robust, secure, user-friendly, and efficient. Chpater 17 shows you how to create graphics, with recipes on drawing text, lines, polygons, and curves. Chapter 18 focuses on security topics such as avoiding session fixation and cross-site scripting, working with passwords, and encrypting data. Chapter 19 helps you make your applications globally friendly and includes recipes localizing text, dates and times, currency values, and images, as well as working with text in different character encodings, including UTF-8. Chapter 20 goes into detail on error handling, debugging techniques, and writing tests for your code. Chapter 21 explains how to compare the performance of two functions and provides tips on getting your programs to run at maximum speed. Chapter 22 covers regular expressions, including capturing text inside of HTML tags, calling a PHP function from inside a regular expression, and using greedy and nongreedy matching. Chapters 23 and 24 cover the filesystem. Chapter 23 focuses on files: opening and closing them, using temporary files, locking file, sending compressed files, and processing the contents of files. Chapter 24 deals with directories and file metadata, with recipes on changing file permissions and ownership, moving or deleting a file, and processing all files in a directory. Last, there are two chapters on topics that extend the reach of what PHP can do. Chapter 25 covers using PHP outside of web programming. Its recipes cover command-line topics such as parsing program arguments and reading passwords. Chapter 26 covers PEAR (the PHP Extension and Application Repository) and PECL (the PHP Extension Community Library). PEAR is a collection of PHP code that provides functions and extensions to PHP. PECL is a similar collection, but of extensions to PHP written in C. We use PEAR and PECL modules throughout the book and Chapter 26 shows you how to install and upgrade them.
Preface | xvii
Other Resources Web Sites There is a tremendous amount of PHP reference material online. With everything from the annotated PHP manual to sites with periodic articles and tutorials, a fast Internet connection rivals a large bookshelf in PHP documentary usefulness. Here are some key sites: The Annotated PHP Manual: http://www.php.net/manual Available in 17 languages, this site includes both official documentation of functions and language features as well as user-contributed comments. PHP mailing lists: http://www.php.net/mailing-lists.php There are many PHP mailing lists covering installation, programming, extending PHP, and various other topics. A read-only web interface to the mailing lists is at http://news.php.net/. PHP Presentation archive: http://talks.php.net A collection of presentations on PHP given at various conferences. PEAR: http://pear.php.net PEAR calls itself “a framework and distribution system for reuseable PHP components.” You’ll find lots of useful PHP classes and sample code there. Read more about PEAR in Chapter 26. PECL: http://pecl.php.net PECL calls itself “a repository for PHP Extensions, providing a directory of all known extensions and hosting facilities for downloading and development of PHP extensions.” Read more about PECL in Chapter 26. PHP.net: A Tourist’s Guide: http://www.php.net/sites.php This is a guide to the various web sites under the php.net umbrella. PHP Knowledge Base: http://php.faqts.com Many questions and answers from the PHP community, as well as links to other resources. PHP DevCenter: http://www.onlamp.com/php A collection of PHP articles and tutorials with a good mix of introductory and advanced topics. Planet PHP: http://www.planet-php.net An aggregation of blog posts by PHP developers and about PHP. Zend Developer Zone: http://devzone.zend.com A regularly updated collection of articles, tutorials, and code samples. SitePoint Blogs on PHP: http://www.sitepoint.com/blogs/category/php A good collection of information about and exploration of PHP.
xviii | Preface
Books This section lists books that are helpful references and tutorials for building applications with PHP. Most are specific to web-related programming; look for books on MySQL, HTML, XML, and HTTP. At the end of the section, we’ve included a few books that are useful for every programmer regardless of language of choice. These works can make you a better programmer by teaching you how to think about programming as part of a larger pattern of problem solving: • Learning PHP 5 by David Sklar (O’Reilly) • Upgrading to PHP 5 by Adam Trachtenberg (O’Reilly) • Programming PHP by Rasmus Lerdorf, Kevin Tatroe, and Peter MacIntyre (O’Reilly) • Essential PHP Tools by David Sklar (Apress) • Advanced PHP Programming by George Schlossnagle (Sams) • Extending and Embedding PHP by Sara Golemon (Sams) • HTML and XHTML: The Definitive Guide by Chuck Musciano and Bill Kennedy (O’Reilly) • Dynamic HTML: The Definitive Guide by Danny Goodman (O’Reilly) • Mastering Regular Expressions by Jeffrey E. F. Friedl (O’Reilly) • XML in a Nutshell by Elliotte Rusty Harold and W. Scott Means (O’Reilly) • MySQL Reference Manual, by Michael “Monty” Widenius, David Axmark, and MySQL AB (O’Reilly); also available at http://www.mysql.com/documentation/ • MySQL, by Paul DuBois (New Riders) • Web Security, Privacy, and Commerce by Simson Garfinkel and Gene Spafford (O’Reilly) • HTTP Pocket Reference, by Clinton Wong (O’Reilly) • The Practice of Programming, by Brian W. Kernighan and Rob Pike (AddisonWesley) • Programming Pearls by Jon Louis Bentley (Addison-Wesley) • The Mythical Man-Month, by Frederick P. Brooks (Addison-Wesley)
Conventions Used in This Book Programming Conventions The examples in this book were written to run under PHP version 5.1.4. Sample code should work on both Unix and Windows, except where noted in the text. We’ve gen-
Preface | xix
erally noted in the text when we depend on a feature added to PHP after version 4.3.0 or 5.0.0. We also call out when a feature will be available in an yet-to-be-unreleased version of PHP, including PHP 6. In those cases, please double check our code, as things can change during the development cycle.
Typesetting Conventions The following typographic conventions are used in this book: Italic Used for file and directory names, email addresses, and URLs, as well as for new terms where they are defined. Constant width
Used for code listings and for keywords, variables, functions, command options, parameters, class names, and HTML tags where they appear in the text. Constant width bold
Used to mark lines of output in code listings and command lines to be typed by the user. Constant width italic
Used as a general placeholder to indicate items that should be replaced by actual values in your own programs.
Comments and Questions Please address comments and questions concerning this book to the publisher: O’Reilly Media, Inc. 1005 Gravenstein Highway North Sebastopol, CA 95472 (800) 998-9938 (in the United States or Canada) (707) 829-0515 (international/local) (707) 829-0104 (fax) We have a web page for this book, where we list errata, examples, or any additional information. You can access this page at: http://www.oreilly.com/catalog/phpckbk2 To comment or ask technical questions about this book, send email to:
[email protected] For more information about books, conferences, Resource Centers, and the O’Reilly Network, see the O’Reilly web site at: http://www.oreilly.com
xx | Preface
Acknowledgments Most importantly, a huge thanks to everyone who has contributed their time, creativity, and skills to making PHP what it is today. This amazing volunteer effort has created not only hundreds of thousands of lines of source code, but also comprehensive documentation, a QA infrastructure, lots of add-on applications and libraries, and a thriving user community worldwide. It’s a thrill and an honor to add the PHP Cookbook to the world of PHP. Thanks also to our reviewers: Wez Furlong, James Nash, and Mark Oglia. Thanks to Chris Shiflett and Clay Loveless for their important contributions. Without Chris, Chapter 18 would be much slimmer. Without Clay, there’d be no Chapters 11, 20, 21, or 26. A special thanks to our tireless editor Tatiana Apandi. Her masterful synthesis of the iron fist and the velvet glove provided the necessary glue to orchestrate the successful completion of this edition. Without Tatiana, this book would have ended up as a 27-page pamphlet completed sometime in 2012.
David Sklar Thanks once again to Adam. We’ve been working together (in one way or another) for 11 years and PHPing together for 10. There is no one with whom I’d rather have written this book (except, to be completely honest, maybe Ben Franklin, if he could somehow be brought back to life). Thanks to the folks at Ning for providing (among other things) an opportunity to do fun things with PHP. To my parents and my sister—thank you for your steady support and love, as well as for being unwitting test subjects when I need to try out explanations of technical things that I hope are intelligible to non-geeks. For patience, inspiration, and a toad, thanks to Susannah, who continually amazes me.
Adam Trachtenberg I can’t believe I’ve been using PHP for 10 years. I still remember the first time I used the language formerly known as PHP/FI. Writing web applications in PHP was so much easier than what I had used before that I immediately dumped everything else. The defining moment for me was when writing text to the error log didn’t require a complicated sequence of steps involving file handles, but sending a string of text to function straightforwardly named error_log( ). Genius. A big shout out to David. I would not—and could not—have written this without him. I, and PHP Cookbook, owe you a big debt of gratitude. It’s tough to complete with Ben Franklin. However, please know that I, too, support the turkey as the official animal of PHP.
Preface | xxi
Thanks to everyone at eBay for providing me with such a great opportunity to work with so many amazing people that make up the entire eBay community. Thanks to my parents, family, and friends for their support and encouragement. Thanks to Elizabeth Hondl. I love you so very much. Stay tuned for my next book, the Maritime Disaster Cookbook.
Clay Loveless I would like to thank Adam Trachtenberg, David Sklar, Tatiana Apandi and the rest of the crew at O’Reilly for making this book possible, and for including me in the process. Special thanks to my wife, Kendra, and my son, Wade, for allowing the time for me to be included.
Chris Shiflett Thanks to Adam and David for writing such a great book and for giving me the opportunity to contribute.
xxii | Preface
CHAPTER 1
Strings
1.0 Introduction Strings in PHP are sequences of bytes, such as “We hold these truths to be self-evident” or “Once upon a time” or even “111211211.” When you read data from a file or output it to a web browser, your data are represented as strings. PHP strings are binary-safe (i.e., they can contain null bytes) and can grow and shrink on demand. Their size is limited only by the amount of memory that is available to PHP. Usually, PHP strings are ASCII strings. You must do extra work to handle non-ASCII data like UTF-8 or other multibyte character encodings, see Chapter 19.
Similar in form and behavior to Perl and the Unix shell, strings can be initialized in three ways: with single quotes, with double quotes , and with the “here document” (heredoc) format. With single-quoted strings, the only special characters you need to escape inside a string are backslash and the single quote itself. Example 1-1 shows four single-quoted strings. Example 1-1. Single-quoted strings print print print print
'I have gone to the store.'; 'I\'ve gone to the store.'; 'Would you pay $1.75 for 8 ounces of tap water?'; 'In double-quoted strings, newline is represented by \n';
Example 1-1 prints: I have gone to the store. I've gone to the store. Would you pay $1.75 for 8 ounces of tap water? In double-quoted strings, newline is represented by \n
Because PHP doesn’t check for variable interpolation or almost any escape sequences in single-quoted strings, defining strings this way is straightforward and fast. 1
Double-quoted strings don’t recognize escaped single quotes, but they do recognize interpolated variables and the escape sequences shown in Table 1-1. Table 1-1. Double-quoted string escape sequences Escape sequence
Character
\n
Newline (ASCII 10)
\r
Carriage return (ASCII 13)
\t
Tab (ASCII 9)
\\
Backslash
\$
Dollar sign
\"
Double quotes
\0 through \777
Octal value
\x0 through \xFF
Hex value
Example 1-2 shows some double-quoted strings. Example 1-2. Double-quoted strings print print $cost print print
"I've gone to the store."; "The sauce cost \$10.25."; = '$10.25'; "The sauce cost $cost."; "The sauce cost \$\061\060.\x32\x35.";
Example 1-2 prints: I've gone The sauce The sauce The sauce
to the store. cost $10.25. cost $10.25. cost $10.25.
The last line of Example 1-2 prints the price of sauce correctly because the character 1 is ASCII code 49 decimal and 061 octal. Character 0 is ASCII 48 decimal and 060 octal; 2 is ASCII 50 decimal and 32 hex; and 5 is ASCII 53 decimal and 35 hex. Heredoc -specified strings recognize all the interpolations and escapes of double-quoted strings, but they don’t require double quotes to be escaped. Heredocs start with
This prints: Monkey face 1 monkey face
Note that the second phrase is not “1 Monkey face.” Use ucwords( ) to capitalize the first character of each word in a string: