PHP: Difference between revisions
Thumperward (talk | contribs) →See also: linked in-article |
→See also: Revert: invalid reason for removing items from the see also list |
||
Line 291: | Line 291: | ||
== See also == |
== See also == |
||
{{portal|Free software|Free Software Portal Logo.svg}} |
{{portal|Free software|Free Software Portal Logo.svg}} |
||
* [[Associative array]] |
* [[Associative array]] |
||
* [[Comparison of programming languages]] |
* [[Comparison of programming languages]] |
||
Line 298: | Line 297: | ||
* [[List of web application frameworks]] |
* [[List of web application frameworks]] |
||
* [[Paamayim Nekudotayim]] |
* [[Paamayim Nekudotayim]] |
||
* [[Phalanger (compiler)|Phalanger]] |
|||
* [[PHP accelerator]] |
|||
* [[Roadsend PHP]] |
|||
* [[Standard PHP Library]] |
* [[Standard PHP Library]] |
||
* [[Zend Framework]] |
|||
== References == |
== References == |
Revision as of 14:16, 26 December 2007
PHP | |
Paradigm | imperative, object-oriented |
---|---|
Designed by | Rasmus Lerdorf |
Developer | The PHP Group |
First appeared | 1995 |
Stable release | 5.2.5
/ 9 November 2007 |
Typing discipline | Dynamic, weak (duck typing) |
OS | Cross-platform |
License | PHP License |
Website | http://php.net/ |
Influenced by | |
C, Perl, Java, C++, Python |
PHP is a reflective computer programming language originally designed for producing dynamic web pages.[1] PHP is used mainly in server-side scripting, but can be used from a command line interface or in standalone graphical applications. Textual User Interfaces can also be created using ncurses. PHP is a recursive initialism for PHP: Hypertext Preprocessor.
The main implementation is produced by The PHP Group and released under the PHP License. This implementation serves to define a de facto standard for PHP, as there is no formal specification. The most recent version of PHP is 5.2.5, released on 9 November 2007. It is considered to be free software by the Free Software Foundation.[2]
History
PHP was written as a set of Common Gateway Interface (CGI) binaries in the C programming language by the Danish/Greenlandic programmer Rasmus Lerdorf in 1994, to replace a small set of Perl scripts he had been using to maintain his personal homepage.[3] Lerdorf initially created PHP to display his résumé and to collect certain data, such as how much traffic his page was receiving. Personal Home Page Tools was publicly released on 8 June 1995 after Lerdorf combined it with his own Form Interpreter to create PHP/FI (this release is considered PHP version 2).[4]
Zeev Suraski and Andi Gutmans, two Israeli developers at the Technion IIT, rewrote the parser in 1997 and formed the base of PHP 3, changing the language's name to the recursive initialism PHP: Hypertext Preprocessor. The development team officially released PHP/FI 2 in November 1997 after months of beta testing. Public testing of PHP 3 began and the official launch came in June 1998. Suraski and Gutmans then started a new rewrite of PHP's core, producing the Zend Engine in 1999.[5] They also founded Zend Technologies in Ramat Gan, Israel, which actively manages the development of PHP.
In May 2000, PHP 4, powered by the Zend Engine 1.0, was released. The most recent update released by The PHP Group, is for the older PHP version 4 code branch which, as of October 2007, is up to version 4.4.7. PHP 4 will be supported by security updates until August 8, 2008. [6]
On July 13, 2004, PHP 5 was released powered by the new Zend Engine II. PHP 5 included new features such as:[7]
- Improved support for object-oriented programming
- The PHP Data Objects extension, which defines a lightweight and consistent interface for accessing databases
- Performance enhancements
- Better support for MySQL and MSSQL
- Embedded support for SQLite
- Integrated SOAP support
- Data iterators
- Error handling via exceptions
Currently, two major versions of PHP are being actively developed: 5.x and 4.4.x. On July 13, 2007, the PHP group announced that active development on PHP4 will cease by December 31, 2007, however, critical security updates will be provided until August 8, 2008.[8] PHP 6 is currently under development, and is slated to release in conjunction with the decommission of PHP 4.
Usage
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. PHP generally runs on a web server, taking PHP code as its input and creating Web pages as output. However, it can also be used for command-line scripting and client-side GUI applications. PHP can be deployed on most web servers and on almost every operating system and platform free of charge. The PHP Group also provides the complete source code for users to build, customize and extend for their own use.
PHP primarily acts as a filter. The PHP program takes input from a file or stream containing text and special PHP instructions and outputs another stream of data for display.
From PHP 4, the PHP parser compiles input to produce bytecode for processing by the Zend Engine, giving improved performance over its interpreter predecessor. PHP 5 uses the Zend Engine II.
Server-side scripting
Originally designed to create dynamic web pages, PHP's principal focus is server-side scripting. While running the PHP parser with a web server and web browser, the PHP model can be compared to other server-side scripting languages such as Microsoft's ASP.NET system, Sun Microsystems' JavaServer Pages, mod_perl and the Ruby on Rails framework, as they all provide dynamic content to the client from a web server. To more directly compete with the "framework" approach taken by these systems, Zend is working on the Zend Framework - an emerging (as of June 2006) set of PHP building blocks and best practices; other PHP frameworks along the same lines include CakePHP, PRADO and Symfony.
The LAMP architecture has become popular in the Web industry as a way of deploying inexpensive, reliable, scalable, secure web applications. PHP is commonly used as the P in this bundle alongside Linux, Apache and MySQL, although the P can also refer to Python or Perl. PHP can be used with a large number of relational database management systems, runs on all of the most popular web servers and is available for many different operating systems. This flexibility means that PHP has a wide installation base across the Internet; over 19 million Internet domains are currently hosted on servers with PHP installed.[9] Obviously, the number of installations is going to be different from the number of sites actually using those installations, but it does reflect PHP's popularity.
Examples of popular server-side PHP applications include phpBB, WordPress, and MediaWiki.
Command-line scripting
PHP also provides a command line interface SAPI for developing shell and desktop applications, daemons, log parsing, or other system administration tasks. PHP is increasingly used on the command line for tasks that have traditionally been the domain of Perl, Python, awk, or shell scripting.[10]
Client-side GUI applications
PHP provides bindings to GUI libraries such as GTK+ (with PHP-GTK), Qt with PHP-Qt and text mode libraries like ncurses in order to facilitate development of a broader range of cross-platform GUI applications.
Syntax
The usual Hello World code example for PHP is:
<?php
echo 'Hello World!';
?>
PHP only parses code within its delimiters. Anything outside its delimiters is sent directly to the output and not parsed by PHP. PHP supports a number of different delimiters. The most common delimiters are <?php and ?>, respectively open and close delimiters. <script language="php"> </script> style delimiters are also always available, so these two forms are the most portable. Short tags (<? or <?= and ?>) are also quite commonly used, but are along with ASP style tags (<% or <%= and %>) less portable, as they can be disabled in the PHP configuration. For this reason the use of Short tags and ASP style tags is discouraged.[11] The example above outputs the following:
Hello World!
The primary use of this is to allow PHP statements to be embedded within HTML documents, for example:
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title><?php echo $page_title;?></title>
</head>
<body>
<p>Hello</p>
</body>
</html>
Variables are prefixed with a dollar symbol and a type does not need to be specified in advance. Unlike function and class names, variable names are case sensitive. Both double-quoted (""
) and heredoc strings allow the ability to embed the variable's value into the string.
PHP treats newlines as whitespace, in the manner of a free-form language (except when inside string quotes). Statements are terminated by a semicolon, except in a few special cases.
PHP has three types of comment syntax: /* */ which serves as block comments, and // as well as # which is used for inline comments.
It should be noted that many examples use the print function instead of the echo function; the two are practically identical, and one may decide which one to use based on personal preference.
Data types
PHP stores whole numbers in a platform-dependent range. This range is typically that of 32-bit signed integers. Integer variables can be assigned using decimal (positive and negative), octal and hexadecimal notations. Real numbers are also stored in a platform-specific range. They can be specified using floating point notation, or two forms of scientific notation.
PHP has a native Boolean type, named "boolean", similar to the native Boolean types in Java and C++. Using the Boolean type conversion rules, non-zero values are interpreted as true and zero as false, as in Perl.
There are eight data types in PHP:
The null data type represents a variable that has no value. The only value in the null data type is NULL.
Variables of the "resource" type represent references to resources from external sources. These are typically created by functions from a particular extension, and can only be processed by functions from the same extension. Examples include file, image and database resources.
Arrays support both numeric and string indices, and are heterogeneous. Arrays can contain elements of any type that PHP can handle, including resources, objects, and even other arrays. Order is preserved in lists of values and in hashes with both keys and values, and the two can be intermingled.
Objects
Basic object-oriented programming functionality was added in PHP 3. Object handling was completely rewritten for PHP 5, expanding the feature set and enhancing performance. In previous versions of PHP, objects were handled like primitive types. The drawback of this method was that the whole object was copied when a variable was assigned or passed as a parameter to a method. In the new approach, objects are referenced by handle, and not by value. PHP 5 introduced private and protected member variables and methods, along with abstract classes and abstract methods. It also introduced a standard way of declaring constructors and destructors, similar to that of other object-oriented languages such as C++, and a standard exception handling model.
The static method and class variable features in Zend Engine 2 do not work the way some would expect. There is no virtual table feature in the engine, so static variables are bound with a name instead of a reference at compile time.
This example shows how to define a class, foo, that inherits from class bar. The function mystaticfunc is a public static function that can be called with foo::mystaticfunc();.
class foo extends bar
{
function __construct()
{
doo = dah;
}
public static function mystaticfunc()
{
dee = dun;
}
}
If the developer creates a copy of an object using the reserved word clone, the Zend engine will check if a __clone() method has been defined or not. If not, it will call a default __clone() which will copy all of the object's properties. If a __clone() method is defined, then it will be responsible for setting the necessary properties in the created object. For convenience, the engine will supply a function that imports all properties of the source object, so that the programmer can start with a by-value replica of the source object and only override properties that need to be changed.
Resources
Libraries
PHP includes a large number of free and open source libraries with the core build. PHP is a fundamentally Internet-aware system with modules built in for accessing FTP servers, many database servers, embedded SQL libraries such as embedded MySQL and SQLite, LDAP servers, and others. Many functions familiar to C programmers such as those in the stdio family are available in the standard PHP build.
Extension
PHP allows developers to write extensions in C to add functionality to the PHP language. These can then be compiled into PHP or loaded dynamically at runtime. Extensions have been written to add support for the Windows API, process management on Unix-like operating systems, multibyte strings (Unicode), cURL, and several popular compression formats. Some more unusual features include integration with Internet relay chat, dynamic generation of images and Adobe Flash content, and even speech synthesis. The PHP Extension Community Library (PECL) project is a repository for extensions to the PHP language.
Source code encoders, optimizers and accelerators
As with many scripting languages, PHP scripts are normally kept as human-readable source code, even on production webservers. While this allows flexibility, it can raise issues with security and performance.
Encoders hinder source code reverse engineering. Encoders fall broadly into two types; those that hide source code and those that compile code into "optcode" [citation needed]. The downside of this latter approach is that a special extension has to be installed on the server in order to run encoded scripts, however the approach of encoding compiled code and use of an extension offers typically the best performance, security and opportunity for additional features that may be useful for developers. Compiled code solutions may exploit the potential for increased security through the use of their own execution engine, although some simpler solutions rely on the regular PHP engine to execute the compiled code. The most commonly used packages for source code protection are from Zend Technologies and ionCube Ltd.
Code optimizers improve the quality of the compiled code by reducing its size and making changes that can reduce the execution time and improve performance. The nature of the PHP compiler is such that there are often many opportunities for code optimization.
Accelerators offer performance gains by caching the compiled form of a PHP script in shared memory to avoid the overhead of parsing and compiling the code every time the script runs. They may also perform code optimization to provide increased execution performance. Both commercial (e.g. Zend Platform) and open source accelerators (e.g. xcache, eAccelerator, APC) are available.
Debuggers and profilers
Debuggers and profilers allow developers to analyze running PHP code for potential and noted software bugs and bottlenecks. Examples of such software for PHP include APD and Xdebug.
Templating engines
Templating engines provide macros that allow PHP applications to uniformly identify common variables. One popular templating engine is Smarty. PHP itself makes a good templating engine.
PEAR
The PHP Extension and Application Repository (PEAR) project aims to provide reusable libraries and components for PHP development. PEAR projects are usually written in PHP code using the Object-oriented programming paradigm.
Code Generators
There are PHP code generators which will automate common programming tasks such as creating HTML data entry forms, reports, connecting to databases, (e.g., MySQL, Oracle, SQL Server, etc.) and email applications. Code generators save lots of time and eliminate many common bugs due to typos in the source code.
Support
PHP has a formal development manual that is maintained by the free software community. In addition, answers to many questions can often be found by doing a simple internet search. PHP users assist each other through various media such as chat, forums, newsgroups and PHP developer web sites. In turn, the PHP development team actively participates in such communities, garnering assistance from them in their own development effort (PHP itself) and providing assistance to them as well. There are many help resources[12] available for the novice PHP programmer.
Criticism
Criticisms of PHP include those ascribed to scripting languages and dynamically typed languages in general[vague], such as low performance for general-purpose computation. The list below includes criticisms specific to PHP, some of which have been rectified in recent versions.
- PHP originally inserted data received over the network directly into the global namespace[13], leading to confusion between trusted and untrusted data, and unnecessary potential for security holes in PHP applications. This behavior was turned off by default from version 4.2.0 released in April 2002.[14] However, this feature is still being used by some legacy applications[15].
- PHP is not stable under load in multi-threaded conditions, even if using the "threadsafe" package. As such, users are forced to use the slower CGI/FastCGI implementations instead of the industry-standard SAPI method.[citation needed]
- PHP has traditionally used features such as "magic_quotes_gpc" and "magic_quotes_runtime" which attempt to escape apostrophes (') and quotes (") in strings in the assumption that they will be used in databases, to prevent SQL injection attacks. This leads to confusion over which data is escaped and which is not, and to problems when data is not in fact used as input to a database and when the escaping used is not completely correct. [16] To make code portable between servers which do and do not use magic quotes, developers can preface their code with a script to reverse the effect of magic quotes when it is applied.[17]
- PHP does not have complete native support for Unicode or multibyte strings. [18]
- PHP does not by default enforce the declaration of variables prior to their use, and variables which have not been initialized can have operations (such as concatenation) performed on them; an operation on an uninitialized variable raises an E_NOTICE level error, but this is hidden by default. When E_STRICT is set (available since PHP 5), using an undeclared variable results in a fatal error.
- PHP has no namespace support, which leads to a very large amount of globally available functions that can easily number into the thousands.
- PHP's dynamic type conversion could potentially cause problems. Variable types in PHP, although they exist, are transparent to the programmer. Some may consider this a feature, as a variable can change from a number to a string and back again without extra lines of code. However, variable type errors are not detected at compile-time, and the dynamic-typing behavior lacks full predictability.[citation needed]
- The standard function library lacks internal consistency. Many functions perform relatively similar actions and have different name standards and argument orders. For example:
- Argument consistency: strpos($haystack, $needle) vs. in_array($needle, $haystack)
- Naming convention: both of these work case-insensitively strcasecmp() vs. stristr() but the former indicates this with "case" while the latter does with "i"
- Function name consistency: strpos() vs. str_replace()
- Destructive changes of function behaviour between releases:
- tempnam() used to just return a filename prior to PHP 4.0.3. Now it also creates the file which could make some older scripts incoherent if they didn't intend to create it. One such usage is demonstrated in the official PHP manual itself (http://php.net/is_uploaded_file) where the function is used to get the path of the directory where temporary files are written.
- strtotime() went through several behaviour changes. Prior to PHP 4.4.0 and in PHP 5.0 - 5.0.2 it even returned results inconsistent with the documentation when called with specific parameters (Marked as warnings here: http://php.net/strtotime). Still more changes were detected by users (see http://bugs.php.net/bug.php?id=36266)
- for range() the manual says that it treats strings of numbers as strings not integers in PHP 4.1.0 - 4.3.2, presumably meaning that in other versions it treats them as integers.
- array_search() returns null on failure instead of false prior to PHP 4.2.0, which makes a difference if strict type matching is used to check for failure. Same is true for ftruncate().
- Functions are not first-class objects. This requires referencing functions by strings and object methods as a two-element array of the object and method name as a string. Consequently, anonymous functions are also referenced by string.
- Lack of late static binding [19] - late static binding will be available in 5.3.0 : [20]
- Some portability issues with 32-bit and 64-bit integers, and sometimes unsigned integers get converted to signed values.[21]
Release history of major versions
Version | Release date | Most important changes |
---|---|---|
PHP 1.0 | June 8, 1995 | Officially called "Personal Home Page Tools (PHP Tools)". This is the first use of the name "PHP". |
PHP Version 2 (PHP/FI) | April 16, 1996 | Considered by its creator as the "fastest and simplest tool" for creating dynamic web pages . |
PHP 3.0 | Jun 6, 1998 | Development moves from one person to multiple developers. Zeev Suraski and Andi Gutmans rewrite the base for this version. |
PHP 4.0.0 | May 22, 2000 [22] | Added more advanced two-stage parse/execute tag-parsing system called the Zend engine. |
PHP 4.1.0 | Dec 10, 2001 [23] | Introduced the superglobals ($_GET, $_SESSION, etc.) |
PHP 4.2.0 | April 22, 2002 [24] | Disabled register_globals by default |
PHP 4.3.0 | Dec 27, 2002 [25] | Introduced the CLI, in addition to the CGI |
PHP 4.4.0 | July 11, 2005 [26] | |
PHP 5.0.0 | July 13, 2004 [27] | Zend Engine II with a new object model. |
PHP 5.1.0 | Nov 24, 2005 [28] | Performance improvements with introduction of compiler (CV) variables in re-engineered PHP Engine. |
PHP 5.2.0 | Nov 2, 2006 [29] | Enabled the filter extension by default |
Future development
PHP 6, in development as of July 2007, aims to address some of PHP 5's shortcomings.[30]
- Namespace support will be added.
- Native Unicode support will be added.
- The magic_quotes option will be removed.
- The HTTP_*_VARS global variables will be removed.
- The register_globals option will be removed.
- The safe_mode option will be removed.
- Late static binding will be added.
Implementations
There are a number of alternative implementations of the PHP language in addition to the reference implementation hosted at php.net.
Name | Technology | Significant features |
---|---|---|
Roadsend PHP | Compiles PHP source to native stand alone binaries. | PHP5 support in testing (version 2.9.3) |
Quercus | Runtime implemented in Java running on a Java 5 SE Virtual Machine. | Pure Java implementation which runs a number of popular PHP applications. |
Phalanger | PHP compiler compiles to CIL on Microsoft's .NET platform or Mono. | Can re-use extensions designed to work with the PHP.net implementation. Claims support for a number of PHP applications. |
Project Zero | Runtime implemented in Java running on a Java 5 SE Virtual Machine. | Java based runtime which can use extensions implemented in either C or Java. |
See also
- Associative array
- Comparison of programming languages
- Heredoc
- List of PHP editors
- List of web application frameworks
- Paamayim Nekudotayim
- Phalanger
- PHP accelerator
- Roadsend PHP
- Standard PHP Library
- Zend Framework
References
- ^ "Introduction". PHP Manual. Retrieved 2006-11-15.
- ^ "GPL-Incompatible, Free Software Licenses". Various Licenses and Comments about Them. Free Software Foundation.
- ^ Lerdorf, Rasmus (2006-09-15). "Re: There ARE other scripting languages besides PHP". Slashdot.org. Retrieved 2006-09-15.
{{cite web}}
: Check date values in:|date=
(help) - ^ Lerdorf, Rasmus (1995-06-08). "Announce: Personal Home Page Tools (PHP Tools)". Newsgroup: comp.infosystems.www.authoring.cgi. Retrieved 2006-09-17.
{{cite newsgroup}}
: Check date values in:|date=
(help) - ^ "Zend Engine version 2.0: Feature Overview and Design". Zend Technologies Ltd. Retrieved 2006-09-17.
- ^ php.net 2007 news archive
- ^ Why PHP 5 Rocks!
- ^ php.net 2007 news archive
- ^ http://php.net/usage.php
- ^ PHP on the Command Line - Part 1
- ^ Escaping from HTML
- ^ http://php.net/support
- ^ register_globals
- ^ PHP Manual: Chapter 29. Using Register Globals
- ^ osCommerce Knowledge Base
- ^ Rasmus Lerdorf's thoughts about PHP6
- ^ Disabling magic quotes at runtime, from the PHP.net manual
- ^ Overview of PHP function which are currently Unicode compatible (in CVS)
- ^ Late Static Binding in PHP retrieved March 28, 2007
- ^ [1]
- ^ "Integers in PHP, running with scissors, and portability". MySQL Performance Blog. 27 March 2007. Retrieved 2007-03-28.
{{cite web}}
: Check date values in:|date=
(help) - ^ http://www.php.net/ChangeLog-4.php#4.0.0
- ^ http://www.php.net/ChangeLog-4.php#4.1.0
- ^ http://www.php.net/ChangeLog-4.php#4.2.0
- ^ http://www.php.net/ChangeLog-4.php#4.3.0
- ^ http://www.php.net/ChangeLog-4.php#4.4.0
- ^ http://www.php.net/ChangeLog-5.php#5.0.0
- ^ http://www.php.net/ChangeLog-5.php#5.1.0
- ^ http://www.php.net/ChangeLog-5.php#5.2.0
- ^ http://www.php.net/~derick/meeting-notes.html
Further reading
- Kerner, Sean Michael (13 September 2006). "Is PHP The Cure For The 'Broken' Web?". internetnews.com.
{{cite news}}
: Check date values in:|date=
(help) - Kerner, Sean Michael (31 October 2006). "Microsoft Opens PHP Door". internetnews.com.
{{cite news}}
: Check date values in:|date=
(help) - Sweat, Jason E (2005). Guide to PHP Design Patterns. PHP|architect. ISBN 0-9735898-2-5.
- Alshanetsky, Ilia (2005). Guide to PHP Security. PHP|architect. ISBN 0-9738621-0-6.
- Shiflett, Chris (2005). Essential PHP Security. O'Reilly Media. ISBN 0-596-00656-X.
- Ullman, Larry (2003). PHP and MySQL for Dynamic Web Sites (1st Edition ed.). Peachpit Press. ISBN 0-321-18648-6.
{{cite book}}
:|edition=
has extra text (help) - Vaswani, Vikram (2007). PHP Programming Solutions. McGraw-Hill. ISBN 0-07-148745-X.