More Books
PHP 5 Unleashed
PHP 5 Unleashed
Table of Contents
Copyright
Lead Author
Contributing Authors
Acknowledgments
We Want to Hear from You!
Reader Services
Introduction
Organization of the Book
Part I. Working with PHP for General Web Development
Chapter 1. Basic PHP Development
How PHP Scripts Work
Basic PHP Syntax
Basic PHP Data Types
Variable Manipulation
Control Structures
User-Defined Functions
Dynamic Variables and Functions
Multiple File PHP Scripts
References
Strings in PHP
Comparing Strings
Advanced String Comparison
Search and Replacement
Formatting Strings
Strings and Locales
Formatting Date and Time Values
Summary
Chapter 2. Arrays
Basic Arrays
Implementing Arrays
More Array Materials
Chapter 3. Regular Expressions
The Basics of Regular Expressions
Limitations of the Basic Syntax
POSIX Regular Expressions
Perl-Compatible Regular Expressions (PCRE)
PCRE Modifiers
A Few Final Words
Chapter 4. Working with Forms in PHP
HTML Forms 101
Working with Form Submissions in PHP
Summary
Chapter 5. Advanced Form Techniques
Data Manipulation and Conversion
Form Data Integrity
Form Processing
Summary
Chapter 6. Persistent Data Using Sessions and Cookies
HTTP Cookies
PHP Sessions
Advanced Sessions
Summary
Chapter 7. Using Templates
The What and Why of Templates
The Smarty Template Engine
Summary
Part II. Advanced Web Development
Chapter 8. PEAR
What Is PEAR?
Getting and Installing PEAR
Using the PEAR Package Manager
Using the PEAR Website
Using PEAR Packages in Applications
Summary
Reference
Chapter 9. XSLT and Other XML Concerns
Relating XML to HTML
Using XSLT to Describe HTML Output Using XML Input
PHP4 and XSLT Using the DOM XML Module
PHP4 and XSLT Using the XSLT Module
PHP5 and XSLT
Accessing XML Data Using SimpleXML
Generating XML Documents Using PHP
Summary
References
Chapter 10. Debugging and Optimizations
Debugging Your PHP Scripts
Optimizing Your PHP Scripts
Summary
Chapter 11. User Authentication
Authenticating Users in PHP
Securing PHP Code
Summary
Chapter 12. Data Encryption
Shared Secret Versus Public Key
Shared Secret Algorithms
Public Key Cryptography
Using Public Keys in PHP
Summary
Chapter 13. Object-Oriented Programming in PHP
Why Objects?
Creating Basic Classes
Advanced Classes
Special Methods
Class Autoloading
Object Serialization
Exceptions
Iterators
Summary
Chapter 14. Error Handling
The PHP Error-Handling Model
What to Do About Errors
The Default Error Handler
Error Suppression
Custom Error Handlers
Causing Errors
Putting It All Together
Summary
Chapter 15. Working with HTML/XHTML Using Tidy
Introduction
Basic Tidy Usage
Tidy Configuration Options
Using the Tidy Parser
Applications of Tidy
Summary
Chapter 16. Writing Email in PHP
The MIME Protocol
Implementing MIME Email in PHP
Summary
Part III. Building Applications in PHP
Chapter 17. Using PHP for Console Scripting
Core CLI Differences
Working with PHP CLI
CLI Tools and Extensions
Summary
Chapter 18. SOAP and PHP
What Are Web Services?
Installation
Creating Web Services
Consuming Web Services
Looking for Web Services
Summary
Chapter 19. Building WAP-Enabled Websites
What Is WAP?
System Requirements
Introduction to WML
Serving WAP Content
Sample Applications
Summary
Part IV. I/O, System Calls, and PHP
Chapter 20. Working with the File System
Working with Files in PHP
File Permissions
File Access Support Functions
Summary
Chapter 21. Network I/O
DNS/Reverse DNS Lookups
Socket Programming
Network Helper Functions
Summary
Chapter 22. Accessing the Underlying OS from PHP
Introduction
Unix-Specific OS Functionality
Platform-Independent System Functions
A Brief Note About Security
Summary
Part V. Working with Data in PHP
Chapter 23. Introduction to Databases
Using the MySQL Client
Basic MySQL Usage
Summary
Chapter 24. Using MySQL with PHP
Performing Queries from PHP
A MySQLi Session Handler
What Is a Custom Session Handler?
Summary
Chapter 25. Using SQLite with PHP
What Makes SQLite Unique?
Basic SQLite Functionality
Working with PHP UDFs in SQLite
Odds and Ends
Summary
Chapter 26. PHP's dba Functions
Preparations and Settings
Creating a File-Based Database
Writing Data
Reading Data
Sample Application
Conclusion
Part VI. Graphical Output with PHP
Chapter 27. Working with Images
Basic Image Creation Using GD
Using the PHP/GD Drawing Functions
Working with Colors and Brushes
Using Fonts and Printing Strings
General Image Manipulation
Other Graphics Functions
Summary
Chapter 28. Printable Document Generation
A Note Regarding the Examples in This Chapter
Generating Dynamic RTF Documents
Generating Dynamic PDF Documents
Related Resources
Part VII. Appendixes
Appendix A. Installing PHP5 and MySQL
Installing PHP5
Installing MySQL and PHP Modules
Installing PEAR
Appendix B. HTTP Reference
What Is HTTP?
PHP Programming Libraries for HTTP Work
Understanding an HTTP Transaction
HTTP Client Methods
What Comes Back: Server Response Codes
HTTP Headers
Encoding
Identifying Clients and Servers
The "Referer"
Fetching Content from an HTTP Source
Media Types
Cookies: Preserving State and a Tasty Treat
Security and Authorization
Client-Side Caching of HTTP Content
Appendix C. Migrating Applications from PHP4 to PHP5
Configuration
Object-Oriented Programming (OOP)
New Behavior of Functions
Further Reading
Appendix D. Good Programming Techniques and Performance Issues
Common Style Mistakes
Common Security Concerns
Style and SecurityLogging
Summary
Appendix E. Resources and Mailing Lists
Relevant Websites
Mailing Lists and Newsgroups
Index
SYMBOL
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Advanced Sessions

Custom Session Handling

With the basics of sessions out of the way, let's examine exactly how sessions work by customizing how sessions are handled internally. By default, PHP provides three internal methods of storing session data specified by session.save_handler: the internal PHP session file format (specified by php), within an SQLite database (specified by sqlite) and the WDDX packet format (specified by wddx).

NOTE

WDDX session support requires WDDX support to be compiled into PHP. Likewise, to use SQLite session support you must have the SQLite extension available.


When it comes to session handling, perhaps the most useful capability of PHP does not lie in the internal session handlers. Rather, PHP provides the means to completely customize session handling by allowing you, the developer, to specify your own PHP functions that will be used to save and restore session data as necessary.

When using user-defined session handlers, six individual functions must be defined for sessions to work properly, as described next:

  1. Starting (opening) the session.

  2. Reading any existing session data from storage.

  3. Writing current session data to storage.

  4. Ending (closing) the current session.

  5. Cleaning up any unused or invalid session data from storage.

  6. Destroying the session.

The six functions each have specific parameters and return values, as shown next:

  1. Opening Accepts two parameters, $save_path (the path to write any session-related files) and $session_name (the actual session name). Both of these parameters are taken from session.save_path and session.name configuration directives, respectively. This function returns a Boolean indicating whether the session was initialized successfully.

  2. Reading Function Accepts one parameter, $id (the session ID of the current session), and must return either the session data or an empty string if no data is available.

  3. Writing Function Accepts two parameters, $id (again, the session ID of the current session) and $sess_data (the serialized session data). This function returns a Boolean value indicating whether the session data was stored successfully.

  4. Closing Function This function takes no parameters and returns a Boolean indicating success.

  5. Cleaning Function This function takes a single parameter (the maximum lifetime of a session as specified by the session.gc_maxlifetime directive) and returns a Boolean indicating whether the function call was successful.

  6. Destroying Function This function takes a single parameter (the session ID of the current session) and returns a Boolean indicating whether the function was destroyed successfully.

To use a user-defined session handler, each function must be created and then registered using the session_set_save_handler() function. The syntax of this function is as follows:

session_set_save_handler($open, $close, $read,
                         $write, $destroy, $gc)

Each of the six parameters represents the string name of the associated user-defined function. This function returns a Boolean indicating whether the custom session handler was installed successfully.

NOTE

For a successful custom session handler to be installed, the session.serialize_handler PHP configuration directive must be set to user.


Custom session handlers don't do much good without more knowledge (such as the capability to access and work with databases from PHP). Now is not the time to show a complete example of custom session handlers at work. However, I have provided such an example in Chapter 26, "Using SQLite with PHP."

Customizing Session Support

Although sessions in PHP can be a very easy tool to use, there are many complexities and customizations that are provided to allow the maximum amount of flexibility. This section will cover those configuration directives and session-related functions not already discussed elsewhere in the chapter and explain their use in practical PHP scripts.

Although I have already mentioned a few session-related configuration directives, be aware that Appendix A contains a full listing and description of each directive, including those not discussed in this chapter.

Along with the configuration directives for sessions support, PHP also provides a number of functions that help control the behavior of sessions within your scripts directly, without the need to modify the php.ini file. In most cases, these functions are named exactly as their configuration directive counterparts. For instance, to dynamically adjust the session.cache_limiter directive from a PHP script, the function session_cache_limiter() will do the trick. Because repeating these things will do nothing but take up space, I'll leave them out and instead refer you to the PHP manual where information regarding syntax can be found.