summary of contents - home - springer978-1-4302-1120-4/1.pdf · ken is a 21-year old entrepreneur...
TRANSCRIPT
Summary of Contents Introduction
Chapter 1: PHP Road map
Chapter 2: Installation
Chapter3: PHP Fundamentals
Chapter 4: PHP Structures
Chapter 5: Object-Oriented Programming with PHP Chapter 6: Debugging
Chapter7: User Input and Regular Expressions Chapter 8: Sessions and Cookies Chapter9: File Handling
Chapter 10: Coding FTP Clients Chapter 11: E-Mail and News Chapter 12: Retrieving E-Mail and News
Chapter 13: Networking and TCP/IP
Chapter 14: LDAP
Chapter 15: Introduction to Multi-Tier Development Chapter 16: A WAP Case Study Chapter 17: PHP and MySQL Chapter 18: PHP and PostgreSQL Chapter 19: PHP and ODBC
Chapter 20: Non-Web PHP Programming Chapter 21: PHPXML
Chapter22: Internationalization Chapter23: Security
Chapter24: Optimization
Chapter25: PHP Extension Libraries
Chapter26: User Privilege System
Index
Professional PH P4
Luis Argerich
WankyuChoi
John Coggeshall
Ken Egervari
Martin Geisler
ZakGreant
Andrew Hill
Chris Hubbard
James Moore
Devon 0' Dell
Jon Parise
Harish Rawat
Tarique Sani
Christopher Scollo
Deepak Thomas
Chris Ullman
APress Media, LLC
Professional PHP4
Copyright © 2003 by Apress
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.
ISBN 978-1-59059-248-9 ISBN 978-1-4302-1120-4 (eBook) DOI 10.1007/978-1-4302-1120-4
Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.
The information in this book is distributed on an "as is" basis, without warranty. Although every precaution has been taken in the preparation of this work, neither the author(s) nor Apress shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in this work.
Editorial Board Dan Appleman Craig Berry Gary Cornell Tony Davis Steven Rycroft Julian Skinner Martin Streicher Jim Sumser Karen Watterson
Gavin Wray John Zukowski
Additional Material Dilip Thomas
Category Manager Dilip Thomas
Technical Architect Dilip Thomas
Technical Editors Manjunath B. V. lndu Britto Matthew Moodie Nilesh Parmar
Author Agent Safiulla S. M.
Production Manager Liz Toy
Production Coordinator Pip Wonson
Illustrations Tom Bartlett
Credits
Technical Reviewers Thies C. Arntzen Daniel Beulshausen Cornelia Boenigk Florian Clever Ken Egervari Jo Henrik Endrerud Steph Fox Zak Greant Ryan Grove Christopher Harshman Joshua Hoover Amit Kulkarni Adam Lang Richard Lynch Mark Mamone Tony Mobily Jon Parise Ganesh Prasad George Ricter Jon Rosenberg Jonathan Sharp Christopher Smith Jerry Stratton Carl Svensson UlfWendel Kevin Yank Zili Zhang
Index Adrian Axinte
Cover Kurt Krames
Proof Reader Fiona Berryman
Editorial Thanks John Franklin Victoria Hudgson Dan Maharry
About the Authors Luis Argerich
Luis is a development and technology manager for Salutia, a leading health solutions provider for South America and a teacher at the University of Buenos Aires (UBA). Luis has shown interest in PHP since version 2.0 and has used it in conjunction with XML for projects such as search engines, transactional systems, web applications, web services, and others.
I would like to thank my company, my family, and my wife Natalia for the time spent with this book.
Wankyu Choi Wankyu (pronounced wan-kyu, not wank-yu:-) is the president/CEO of NeoQuest Communications, Inc. running a PHP-powered English language education portal (http://www.neoqst.com/) in the Republic of Korea. He's been programming for more than a decade in a number of languages, the latest of which is PHP. He is independently working on an open source PHP project called NeoBoard (http://www.neoboard.net/), a feature-rich web discussion board. When not programming or writing, he can be found absorbed in reading the latest computer books or banging his head to Metallica or Megadeth, two of his favorite rock bands.
I'd like to thank my parents for their encouragement and guidance, the dedicated staff at Wrox and the technical reviewers for all their hard work, the staff at NeoQ,uest for their support while working on the book, and last but not least, my wife, Yonsuk Song for her patience and love for this particular geek.
John Coggeshall John is a columnist focusing in web technologies utilizing the PHP programming language in UNIX. He is also a private web development contractor for organizations such as the Michigan Council for Cooperative Education. His skillsets include C++, PHP4, Office Suites, UNIX and UNIX based OS, and SQL.John is specifically proficient in programming theory, recursive thinking, advanced algorithms, data structures, and working at great lengths in the UNIX environment.
Ken Egervari Ken is a 21-year old entrepreneur from Windsor, Ontario CA who is a technology enthusiast and software architect. Ken has written several types of application ranging from networking to entertainment and the enterprise. He has used various languages such as Assembly, C, C++,Java, SQL, PHP, DHTML, and others.
Ken is now the Chairman and Chief Technology Officer of a business/technology consulting company called Positive Edge. Outside of Positive Edge, Ken actively participates on the Web by writing articles on web development and business on coffeecode.com and studies organic business modeling.
Martin Geisler I've been interested in computers for several years now. It started with Windows 95, but two years ago I installed Linux. That became my favorite toy: it's free and it's incredibly fun to fiddle with.
After having installed Linux, a friend introduced me to PHP. I started learning the language, and became really fond of it. The great thing about PHP is that it doesn't limit you. You don't have to think about allocating and freeing memory - you just code. That makes it perfect for writing a "proof of concept". I've also liked mathematics for as long as I can remember. And now that I study Computer Science, I can see how math plays a big and interesting role in designing good and fast algorithms.
Apart from that, I live in Aarhus, Denmark. I enjoy seeing movies in the theaters, and can't wait to see The Lord of the Rings this Christmas. I read the trilogy this summer- a fantastic story.
Andrew Hill Andrew is Director of Technology Evangelism for OpenLink Software, an enterprise middleware and data access infrastructure firm located in Burlington, MA. Andrew's position puts him squarely between the business and tech fronts of developing technology industries. He has been programming in PHP for a couple of years, coming to the PHP community initially to support the use of ODBC and database agnostic application connectivity. His technology interests also include XML, VSP, Mac OS X, and various other *nix technologies.
Chris Hubbard Chris is the founder of and principal consultant for Wild Characters. Wild Characters provides web development to various clients in the telecom, health, gaming and business consulting industries. Chris has been working with Internet technologies since 1994 and has worked on projects ranging from an HTML sweat shop to working with a couple of the largest web sites. Chris is happily married with two wonderful children.
Many thanks to the indulgence and tolerance given to me by my family while working on this book.
James Moore James is currently living in Bristol having taken a year out in between completing his A-levels at Richard Huish College, Taunton and continuing his studies at university. He is spending this year both working and traveling.
Over the past two years, James has taken an active role within the PHP community as a member of the PHP quality assurance team and as the PHP-GTK manual editor. He has also contributed the Windows API extension to PHP's code base.
Devon O'Dell Devon H. O'Dell has been programming applications for the web since 1998 using Perl CGI scripts, though now he uses JSP and PHP for these applications. He owns and operates SiteTronics (http://sitetronics.com), a company providing custom programming, networking, hosting, and security solutions. His applications have ranged from PHP language extensions to content management and templating systems, and he has also participated in operating system development. Additionally, Devon proposed and coauthored the book Professional PHP4 Multimedia Programming. Some of his recent projects include AMFPHP and ActionCrypt. Devon currently lives in Varden, Netherlands. He would like to thank Margriet Homma for her support and care; Shawn T. Lawyer; and his parents, Dennis O'Dell and Meg Hudson.
Jon Parise Jon is a long-time contributor to the PHP, PEAR, and Horde projects. He holds a bachelors degree in Information Technology from the Rochester Institute of Technology and is pursuing his masters in Entertainment Technology from Carnegie Mellon University. He currently works as an independent consultant.
Harish Rawat Harish is a software developer at Oracle corporation. He has over nine years of experience in systems programming. His technical areas of interest include XML,Java, and network protocols. Co-author of Professional PHPfrom Wrox; he has also contributed to other Wrox titles on Linux and Java both as an author and a reviewer.
Tarique Sani Dr Sani is a pediatrician and forensic expert by education. Starting with the ZX80, he has been dabbling with computers for 19 years. He is currently the CTO of SANisoft (http://www.sanisoft.com/), a web engineering company that specializes in PHP application development. He is based in Nagpur, India, where he lives with his wife Swati and four year old son Aasim.
Christopher Scollo By day, Christopher Scollo is a seemingly ordinary software developer toiling away at his projects. But by night, he eats and sleeps. Other hobbies include hiking, cycling, teaching courses about web technologies, and being very polite to people. Many of his personality traits can be connected in one way or another to his use of the vi editor. Originally from New Jersey, USA, he now lives in Munich, Germany with his wife, Nicole Bator.
Deepak Thomas Deepak is a member of technical staff with Oracle corporation in Redwood Shores, CA. Co-author of Professional PHPfrom Wrox; he has also contributed to other Wrox titles on Linux and Java both as an author and a reviewer. His interests include Linux, J2EE technologies, and web site deployment issues.
Chris Ullman Chris is a Computer Science graduate who came to Wrox five years ago, when 14.4 modems were the hottest Internet technology and Netscape Navigator 2.0 was a groundbreaking innovation. Since then he's applied his knowledge of HTML, server-side web technologies, Java, and Visual Basic to developing, editing, and authoring books.
When not trying to reconstruct the guts of his own PC or trying to write extra chapters in a hurry, he can be found either playing keyboards in a psychedelic band, The Beemen, tutoring his cats in the way of eating peacefully from their own food bowl and not the one next to theirs, or hoping against hope that this is the year his favorite soccer team, Birmingham City, can manage to end their exile from the Premier League.
PLEASE READ
W rox Press Ltd. was the publisher of earlier printings of this book, but Apress is the publisher of this printing.
Therefore, all source code and support for this book can now be found at http://www.apress.com, even though
references within the chapters may point to http://www. wrox.com.
Introduction
Who Is this Book For?
What's Covered in this Book?
What You Need to Use this Book
Conventions
Customer Support How to Download the Sample Code for the Book
Errata forums.apress.com
Chapter 1: PHP Roadmap
Why PHP?
PHP Evolution PHP Past
PHP Present
PHP in the Ring PHP Future
PHP vs. Other Scripting Languages PHP vs. ASP PHP vs. Cold Fusion
PHP vs. Peri PHP vs. Java
PHP Licensing
Resource List
Chapter 2: Installation
I Already Have PHP
Pre-Installation
Installation Decisions Which Operating System?
Module or CGI?
Which Web Server?
Installing MySQL, Apache, and PHP
Table of Contents
1
2
2
4
5
5 6 6 6
9
9
10 10 10 10 11
11 11 11 12 12
12
12
15
15
16
17 17 18 19
19
Table of Contents
Installing on Windows 20 Installing MySQL 20 Installing Apache 22 Installing PHP 26 Configuring Apache to Use PHP 27 Testing PHP Installation 29 Post-Installation 30 Upgrading to ISAPI 32
Installing on UNIX-Like Systems 33 Installing MySQL 33 Installing Apache 38 Installing PHP 41 Post-Installation 44 Integrating PHP With Apache 44
Installing on Mac OS X 48 Pre-Installation 49 Installing MySQL 49 Installing Apache 52 Installing PHP 54 Post-Installation 55 Integrating PHP with Apache 55 Compiling PHP Standalone 56 Further Resources 56
Summary 58
ChaRter 3: PHP Fundamentals 61 PHP Programs 62
File Basics 62
Statements 63 Comments 65
Literals 66 Textual Literals 66 Here Documents 67 Numeric Literals 68 Boolean Literals 68
Variables 68 Assignment 69 Reference 70
Constants 71 Data Types 71
Casting 72
Operators and Functions 73 General Operations 74 String Operations 75 String Functions 76 Numerical Operations 80
Bitwise Operators 81 Comparison Operators 82 Operator Precedence 82
Logical Operators 83 Operator Precedence 83
ii
Arrays
Variables from the Outside World System and GET Variables and $HTIP _ Arrays
POST Variables
Cookies
CGI Variables
HTIP Header Variables
Summary
Chapter 4: PHP Structures Program Flow Control Structures
Conditional Statements
Loops
Functions Defining Functions
Variable Scope
Variable Lifetime
Recursion Assigning Functions to Variables
Using Functions to Organize Code
Comments Arrays
Initializing Arrays
Looping Through Arrays
Built-In Array Functions
Predefined Arrays
Multi-Dimensional Arrays
Summary
Chapter 5: Ob!ect-Oriented Programming with PHP
Object-Oriented Programming Functional vs. Object-Oriented Programs
The Importance of OOP
Top-Down Approach to Software Development Classes Objects
Factory Methods
Encapsulation Inheritance
The Class-Function Call Operator
Polymorphism Abstract Methods
Cohesion and Coupling
Object Modeling In UML Delegation
Important Heuristics and Design Decisions
PHP Class Functions
PHP's Limitations
Modeling a Complex Web Component
Summary
Table of Contents
83
84 84
85
85
85
86
87
89 89 89 94
96 97
98
100
100
101
101
105
105 105
107
107
109
109
111
113
113 114 115
116 116 119 120
122 124 128
129 130
133
135 137
139
140
142
146
151
iii
Table of Contents
Chapter 6: Debuggln"
Overview of Programming Errors Syntax Errors Semantic Errors Logical Errors Environmental Errors
Error Levels In PHP Parse Errors Fatal Errors Warnings Notices Core Errors Compile Errors User Error Levels Setting Error Reporting Levels
Error Handling Suppressing Error Messages Error Recovery Custom Error Checking Logging Errors
Debugging Utilities HTTP Debugging Utilities
Telnet Client Snoop Servers
Debugging by Tracing phpCodesite
Remote Debuggers BODY Zend IDE
Script Testing
Summary
Chapter 7: User Input and Regular Expressions
iv
User Input Forms
Handling User Input Complex Forms Validating Data
OOH Forms
Sample Application
Preventing Form Misuse
Regular Expressions Basic Syntax Creating a Regular Expression
Validating E-Mail Addresses Regular Expressions in PHP Peri Compatible Regular Expressions
Summary
153
154 154 155 156 156
157 157 157 158 158 158 158 158 158
159 159 160 161 162
163 164 164
165
166 167
172 172
174
176
179
183
183 184
186 186 190 190
191
199
199 200 202 204
204 207
212
Chaoter 8: Sessions and Cookies
Sessions Adding Session Support to PHP Using PHP Sessions Starting Sessions Registering Session Variables Creating Custom Session Handling Functions
URLs Security Issues
Cookies Security Issues Using Cookies
Expiration Information
Path Information Domain Scope
Sample Application to Use Cookies setcookie()
Setting Cookie Expiry Information
Setting Scope
Deleting a Cookie Amalgamating Cookie Data Problems with Cookies
Some More Session Functions
Summary
Chapter 9: File Handling
Files Opening Files Closing Files Displaying Files Reading from Files Writing to Files Navigating within Files Copying, Deleting, and Renaming Files Determining File Attributes
Directories Adding and Deleting Directories
Uploading Files from Clients Uploading Files with PUT Uploading Files with POST
A Sample File System Application Online Storage Application
Common Functionality
New User Registration
Logging On
Creating Folders
Removing a Folder/File
Uploading Files
Viewing Rles
Viewing Folders
Logging Off
Summary
Table of Contents
215
216 216 217 218 218 220
226 226
227 227 228 228
228
229
230 231 232
233
235 235 237
239 240
243
243 244 245 245 245 247 247 248 249
250 252
253 254 254
257 257 260
262
265
272
273
274
275
276
277
278
v
Table of Contents
Chapter 10: Coding FTP Clients
Adding FTP Support to PHP
PHP's FTP Extension
Building FTP Clients An FTP Convenience Wrapper
A Web-Based FTP Client Building a Client
Function Overview by Use Connecting and Disconnecting Directory Commands File Commands Miscellaneous
Alphabetical Function Reference
Common FTP Client Commands and Corresponding PHP Functions
Summary
Chapter 11: E-Mail and News
How E-Mail Works Not-So-Secret Agents
E-Mail Unveiled E-Mail Header Fields
Mandatory Headers Optional Headers
Sending E-Mail Using mail() MIME E-Mail Creating My_Smtp_Mime_Mail Class
Use net How Usenet Works An Example NNTP Session NNTP Server Response Codes Anatomy of a News Article Creating an NNTP Class
Putting It All Together
Resources
Summary
Chapter 12: Retrieving E-Mail and News
vi
E-Mail Retrieval Protocols POP
An Example POP Session
I MAP Tags
Mailbox Formats Example IMAP Session
POP vs. I MAP
281
282
282
283 284
291 299
303 303 303 303 304
304
313
317
319
320 320
322 323 323 325
325 343 353
354 354 355 358 360 361
368
376
377
379
380 380 380 382 382 382 383
386
Retrieving E-Mail with PHP Connecting to a Server Creating a Webmail Class Listing Messages or Articles Listing Messages with Webmail Class Retrieving Messages Reading Messages Using Webmail Class Working with Mailboxes Manipulating Mailboxes using the Webmail Class Manipulating Messages Manipulating Messages Using Webmail Class
Web-Based E-Mail System
Resources
Summary
Chapter 13: Networking and TCP /IP
The Internet Protocol
Transport-Layer Protocols The Transmission Control Protocol (TCP) The User Datagram Protocol (UDP)
Domain Name Resolution Distributed and Hierarchical System DNS and PHP Resolver library
Sockets Sockets and PHP Mail Client Application
Network Information Service NIS Servers NIS Clients NIS Maps NIS and PHP
Simple Network Management Protocol Agents and Managers SNMP Protocol
Get
Get Next
Set Trap
SNMP Data Organization SNMP Functions in PHP
Summary
Table of Contents
387 388 390 394 400 405 407 414 416 420 422
425
441
441
443
444
445 445 446
446 447 448 452
457 458 463
466 467 467 467 469
471 471 472 473
473
473
473
473 474
477
vii
Table of Contents
Chapter 14: LDAP
Overview of Directories
LDAP LDAP vs. Traditional Databases Components of LDAP Characteristics of LDAP
Global Directory Service
Open Standard lnterconnectivity Customizabrlity and Extensibility
Heterogeneous Data Store
Secure and Access Controlled Protocol
LDAP Applications Some LDAP Terminology LDAP Models
Information Model
Naming Model
Functional Model
Security Model
Advanced Features of LDAP Asynchronous Operations Replication
Referral
Security
Extended Features
LDAP Software Installing and Configuring an LDAP Server
The OpenLDAP Config File
Runnrng the slapd Server
Testing the Installation
LDAP Support In PHP The PHP LDAP API
Connection and Control Functions Search Functions Modification Functions
Error Functions
A Sample LDAP Application in PHP
Summary
Chapter 15: Introduction to Multi-Tier Development
The Evolution of Web Applications
Multi-Tier
viii
The Content Layer Plain Files Model
Relational Database Model
XML Model
Hybrid Model
The Logic Layer The Presentation Layer The Explosion of Web Devices
479
479
480 480 481 482 482 482
482 483 483
483 485 486 486
488 489 491
491 491 492 492 492 492
493 493 494
496 497
497 497 498
500
504
506
506
522
525
526
527 527 528
529 530 531 531 532 532
Architectures for Multi-Tier Development HTML-Based Architecture
The Content Layer
The Logic Layer
The Presentation Layer
XML-Based Architecture
Separating the Layers Modular Programming Independence between Logic and Presentation Independence between Logic and Content Database Independence
Designing the Poll Application Designing the Data Model
The Content Layer
The Logic Layer
The Presentation Layer
The Classic Multi-Tiered Architecture
Summary
Chapter 16: A WAP Case Study
Requirement Analysis
End User Interaction
Choosing Software Alternatives for the Back-End Database Alternatives for the Middle Tier
Design of the Database Schema Database Tables Database User Indices
Design Consideration for the Middle Tier Authentication Session Storage WML Issues Performance
Implementation The Application Code
Summary
Chapter 17: PHP and MySQL
Relational Databases Indices Keys Normalization
Table of Contents
533 533 534 534
534
535
537 537 537 538 538
538 538 539
539 540
540
541
543
543
544
546 546 547
547 548 550 551
552 552 552 553 553
554 557
619
621
622 623 623 624
ix
Table of Contents
Structured Query Language Data Definition Statements
CREATE DATABASE
USE
CREATE TABLE
DESCRIBE
ALTER TABLE
DROP TABLE
DROP DATABASE
Data Manipulation and Retrieval Statements INSERT
REPLACE
DELETE
UPDATE
SELECT
Joins Using Indices Atomicity
PHP and Relational Databases PHP's MySQL Interface An Online Library Database Abstraction
A Database Abstraction Layer
Building the DB Class
Testing the DB Class
Summary
Chapter 18: PHP and PostgreSOL
X
PostgreSQL Basics Data Definition Statements
CREATE DATABASE
CREATE TABLE
ALTER TABLE
DROP TABLE
DROP DATABASE
Data Manipulation and Retrieval Statements INSERT
DELETE
UPDATE
SELECT
PHP's PostgreSQL Interface pg_connect()
pg_pconnect()
pg_close()
pg_dbname()
pg_exec()
pg_cmdtuples()
pg_numrows()
pg_result()
pg_fetch_object()
pg_fetch_row()
pg_fetch_array()
pg_freeresult()
An Online Library
627 628 628
628
628
630
631
632
633
633 633
633
634
635
635
637 638 639
640 640 645 654 655
655
659
662
665
666 667 667
667
669
671
671
671 671
672
672
673
674 674
675
675
676
676
676
677
677
678
678
679
680
680
Database Abstraction
Summary
Chapter 19; PHP and ODBC
ODBC History and Purpose
ODBC Architecture SQL Standards
ODBC and PHP Installation on Windows
ODBC and PHP Installation on *nix Apache Shared Static Module
PHP API for ODBC Connecting to the Database Dealing with Meta Data Manipulating Transactions Retrieving Data and Cursors Common Problems
Prerequisites for ODBC Connections Using MS SQL Server Using MS Access
Making the Connection
Database Abstraction Unified ODBC PEAR DB ADO DB Metabase
An Online Library
Summary
Chapter 20; Non-Web PHP Programming
What Is GTK?
What Is PHP-GTK?
PHP at the Command Line Linux Setup PHP-GTK Support Windows Setup
Automating Tasks NCSA Common Log File Format
The Log Analyzer Script
cron AT Accepting Command Line Arguments
Interactive Scripts
Table of Contents
684
688
691
692
692 693
694
694 695
697 697 698 700 701 704
705 705 707
707
709 709 710 710 711
711
716
719
719
720
720 720 721 722
724 724 726
727 728 728
729
xi
Table of Contents
Programming with PHP-GTK 731 Key Concepts of PHP-GTK 731 The Hello World Example 733 A Front End for Our Library Application 735
Resources 744
Summary 744
Cbamr 2:1.: t!!HP XML 741
Overview of XML 748 The XML Framework 750 XML vs. Databases 751
SML 752 Converting XML into SML 752
PHP and XML 753 Verifying XML Support 754 XML APis Comparison 754
SAX vs. DOM 755 PRAX vs. SAX and DOM 755
The SAX Model 756 Using PHP's SAX Support 757 SAX Example Code 758
The DOM Model 763 Using PHP's DOM Support 764 DOM Example Code 765
The RAX Model 775 Using PHP's PRAX Support 775 PRAX Example Code 775
XSLand XSLT 779 Sa biotron 780 Installation and Verifying XSL 780
UNIX Installation 780 Windows Installation 780
XSL Example Code 781
Summary 785
;biJ!ter 22: !nltr!lltl~niiiZitlon 787
Concepts 787 Internationalization 788 Localization 788 Native Language Support 788
Reasons for Internationalization 789 The Problem 789
Strtnss 790 Static Strings 791 Dynamic Strings 791 Storing the Strings 792
xii
GNU Gettext The Basics xgettext and Helpers Updating the Translation Disadvantages of Gettext
Extending the System with Objects Advantages of Objects Using Objects and Switching Languages
Converting Existing Programs An Un-Translated Program Translating the Program
Objects for Diverse Translations
Integrating the Output Class
Refining the Script
Regular Expressions
Capitalization
Local Time and Dates
Information Retrieval with localeconv()
Sorting A Custom Comparison Function
Character Encoding Writing the Locales
Making the Browser Understand the Language Reacting to Browsers using PHP
Multi-Byte Strings PHP Multi-Byte String Module
Apache's mod_mime
PHP Weather: A Real World Example
Summary
Chapter 23: Security
What Is Security?
Securing the Server Hardening the Server Monitoring the System Monitoring New Vulnerabilities
Common Types of Vulnerability
Securing Apache The User Directive The Directory Directive Hardening Apache
Table of Contents
794 794 794 797 797
798 798 799
799 799 799
802
805
806
806
807
808
811
813 814
816 816 817
817
822 822
823
823
826
829
830
830 830 831 831 832
833 833 834 835
xiii
Table of Contents
Securing PHP Security Concerns with the CGIInstallation Configuring PHP
display_errors
error _reporting
open_basedir
variables_order
register_globals
track_vars
disable_functions
allow_url_fopen
Safe Mode safe_mode
safe_mode_gid
safe_mode_exec_dir
safe_mode_allowed_env_vars
safe_mode_protected_env_vars
Securing MySQL MySQL and the Root User Cleaning Up Managing MySQL Users
Cryptography One Way Encryption Symmetric Encryption Asymmetric Encryption
Network Security Apache mod_ssl
Installing mod_ssl for Unux
Installing mod_ssl for Windows
Configuring mod_ssl When to Use an SSL Connection
Secure Programming register__globals Insecurities Trusting User Input Cross-Site Scripting Vulnerabilities Include Pitfalls
A Few Tips
Summary
Resources and Further Reading Securing Linux Servers Secure Shells Tripwire Securing Apache Securing PHP Securing MySQL Cryptography mod_ssl Secure Programming Security Web Sites Other
Chapter 24: Optimization
The Right Language The Benchmarks
xiv
835 835 836 836
836
837
838
838
838
838
839
839 839
839
839
839
839
839 840 841 842
843 843 845 847
847 848 848
849
849
850
850 851 852 853 854
855
855
856 856 856 856 856 856 856 857 857 857 857 857
859
859 860
Optimizing PHP Code Profiling Code
How to Profile PHP Scnpts
Classify Bottlenecks
Optimization Techniques Code Optimization Output Buffering and Compression Database Optimizations Caching Optimizing the PHP Engine
Summary
Chapter 25: PHP Extension Libraries
The PDF Library Installation Using PDFiib
Macromedia Flash Ming vs. UbSWF Using Ming
Shapes
Buttons
Actions
What about Text?
WAPand WML What about the Library?
Using HAWHAW
Image Creation and Manipulation Installing the GD Library Using GD Making a Counter with GD
Counter Code
Summary
Chapter 27: User Privilege System
Defining Requirements Application Requirements
Designing the Application Designing the Database Schema Designing the Middle Tier
Designing the Presentation Tier
Coding the Application The Database Code The Privilege Class The User Class Testing the Classes
Taking Advantage of the User Privilege System
Other Ideas for the User Privilege System
Summary
Index
Table of Contents
861 861 862
865
866 866 868 871 880 886
887
889
890 890 891
895 895 896 897
901
902
902
903 905 905
909 909 910 911 911
914
917
917 918
918 918 919 922
922 922 923 926 930
942
943
944
947
XV