Client side & Server side scripting and

Introduction to PHP
Server side scripting

 Server-side scripting is a method of programming for the

web that runs software on the server rather than the browser
or installed plugins to create dynamic web pages.
 Languages used for these tasks are normal programming
languages which include Perl, PHP, JSP, Ruby, ColdFusion,
and Python
What can server scripts do?

 Customize a web page and dynamically change its contents

 Respond to queries from users or from HTML forms
 Access database and send the information back to the
browser
Client side scripting language

 Client-side scripts are placed within an HTML document in the user’s

web browser rather than the web server to allow greater interactivity in a
document.
 For example – client-side scripting could check the user’s form for errors
before submitting it
 Enables web pages to change content according to user input and other
variables.
 Can also be stored in a separate file that is referenced to the documents
that use it.
How does it work
 Usually, JavaScript code starts with the tag <script language="JavaScript">
and ends with the tag </script>.
 Files are first sent to the user’s computer by the web server which executes
the script and displays the document.
 The client-side script may also include browser directions based on certain
user functions such as clicking buttons.
 Frequently, you can see the source code by viewing the file that contains
the script.
PHP Introduction

PHP is a recursive acronym for “PHP: Hypertext Preprocessor” –

 It is a widely-used open source general-purpose scripting language that is
especially suited for web development and can be embedded into HTML.
PHP Introduction

PHP is a server-side scripting language

 PHP scripts are executed on the server
PHP supports many databases (MySQL, Informix, Oracle, Sybase, Solid,
PostgreSQL, Generic ODBC, etc.)
 PHP is open source software-
 PHP is free to download and use
PHP Introduction

 PHP runs on different platforms (Windows, Linux, Unix, etc.)

PHP is compatible with almost all servers used today (Apache, IIS, etc.)
 PHP is FREE to download from the official PHP resource: www.php.net
 PHP is easy to learn and runs efficiently on the server side
PHP Introduction

The PHP code is enclosed in special start and end processing instructions <?
php and ?> that allow you to jump into and out of "PHP mode."
PHP Introduction
 PHP Introduction

PHP code is executed on the server, generating HTML which is then sent to
the client.
The client would receive the results of running that script, but would not know
what the underlying code was.
PHP Introduction
 PHP Getting Started

On windows, you can download and install XAMP. With one installation and
you get an Apache webserver, database server and php.

On mac, you can download and install MAMP.

http://www.mamp.info/en/index.html
PHP Hello World

Above is the PHP source code.

PHP Hello World

It renders as HTML that looks like this:

 PHP Comments

InPHP, we use // to make a single-line

comment or /* and */ to make a large
comment block.
Php Variables

Rules for PHP variables:

A variable starts with the $ sign, followed by the name of the variable
A variable name must start with a letter or the underscore character
A variable name cannot start with a number
A variable name can only contain alpha-numeric characters and underscores (A-z, 0-9,
and _ )
Variable names are case-sensitive ($age and $AGE are two different variables)
<!DOCTYPE html>
<html>
<body>

<?php
$x = 5;
$y = "John";

echo $x;
echo "<br>";
echo $y;
?>

</body>
</html
<!DOCTYPE html>
<html>
<body>

<?php
$txt = "W3Schools.com";
echo " $txt!";
?>

</body>
</html>
 Type of the variable

<!DOCTYPE html>
<html>
<body>

<?php
$x = 5;
var_dump($x);
?>

</body>
</html>
OUTPUT: int(5)
Assigning multiple values
<!DOCTYPE html>
<html>
<body>

<?php
$x = $y = $z = "Fruit";

echo $x;
echo $y;
echo $z;

?>

</body>
</html>
Conditional statements:
If else

<?php
if (5 > 3) {
echo "Have a good day!";
}
?>

OUTPUT: Have a good day

 Switch
<!DOCTYPE html>
<html>
<body>

<?php
$favcolor = "red";

switch ($favcolor) {
case "red":
echo "Your favorite color is red!";
break;
case "blue":
echo "Your favorite color is blue!";
break;
case "green":
echo "Your favorite color is green!";
break;
default:
echo "Your favorite color is neither red, blue, nor green!";
}
?>

</body>
PHP Loops

 In PHP, we have the following loop types:

 while - loops through a block of code as long as the specified

condition is true
 do...while - loops through a block of code once, and then
repeats the loop as long as the specified condition is true
 for - loops through a block of code a specified number of times
 foreach - loops through a block of code for each element in an
array
While loop
<!DOCTYPE html>
<html>
<body>

<?php
$i = 1;

while ($i < 6) {

echo $i;
$i++;
}
?>
</body>
</html>

OUPTUT: 12345
<!DOCTYPE html>
<html>
<body>

<?php
$i = 1;

while ($i < 6) {

if ($i == 3) break;
echo $i;
$i++;
}
?>

</body>
</html>
do while
<!DOCTYPE html>
<html>
<body>

<?php
$i = 1;

do {
echo $i;
$i++;
} while ($i < 6);
?>
</body>
</html>

OUTPUT: 12345
For loop
for (expression1, expression2, expression3) {
// code block
}

<!DOCTYPE html>
<html>
<body>
<?php
for ($x = 0; $x <= 10; $x++) {
echo "The number is: $x <br>";
}
?>
</body>
</html>
foreach loop
<!DOCTYPE html>
<html>
<body>

<?php
$colors = array("red", "green", "blue", "yellow");

foreach ($colors as $x) {

echo "$x <br>";
}
?>

</body>
</html>
<!DOCTYPE html>
<html>
<body>

<?php
$members = array("Peter"=>"35", "Ben"=>"37", "Joe"=>"43");

foreach ($members as $x => $y) {

echo "$x : $y <br>";
}
?>

</body>
</html>
Php functions
<!DOCTYPE html>
<html>
<body>

<?php
function myMessage() {
echo "Hello world!";
}
myMessage();
?>
</body>
</html>
OUTPUT: Hello world!
Function arguments
<!DOCTYPE html>
<html>
<body>

<?php
function familyName($fname) {
echo "$fname joy.<br>";
}

familyName("Jani");
familyName("Hege");
familyName("Stale");
familyName("Kai Jim");
familyName("Alex");
?>

</body>
</html>
Arrays
 An array is a special variable that can hold many values under a single
name, and you can access the values by referring to an index number or
name.
 In PHP, there are three types of arrays:

 Indexed arrays - Arrays with a numeric index

 Associative arrays - Arrays with named keys
 Multidimensional arrays - Arrays containing one or more arrays
 Create array
 You can create arrays by using the array() function:
<?php
$cars = array("Volvo", "BMW", "Toyota");
//$cars = ["Volvo", "BMW", "Toyota"];
var_dump($cars);
?>

Output: array(3) {
[0]=>
string(5) "Volvo"
[1]=>
string(3) "BMW"
[2]=>
string(6) "Toyota“}
Php form handling
 The PHP superglobals $_GET and $_POST are used to collect
form-data.

<form action="welcome.php" method="post">

Name: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
<input type="submit">
</form>
Welcome.php

<html>
<body>
Welcome
<?php echo $_POST["name"]; ?><br> // echo $_GET["name"];
Your email address is: <?php echo $_POST["email"]; ?>

</body>
</html>
GET vs POST
 Both GET and POST create an array (e.g. array( key1 => value1,
key2 => value2, key3 => value3, ...)).
 This array holds key/value pairs, where keys are the names of the
form controls and values are the input data from the user.
 $_GET is an array of variables passed to the current script via
the URL parameters.

 $_POST is an array of variables passed to the current script via

the HTTP POST method.
 <form method="post" action="<?php echo
htmlspecialchars($_SERVER["PHP_SELF"]);?>">
 When the form is submitted, the form data is sent with
method="post".
 The $_SERVER["PHP_SELF"] is a super global variable that
returns the filename of the currently executing script.
 So, the $_SERVER["PHP_SELF"] sends the submitted form data to
the page itself, instead of jumping to a different page.
 The user will get error messages on the same page as the form
 The htmlspecialchars() function converts special characters into
HTML entities.
 This means that it will replace HTML characters like < and > with
&lt; and &gt;. This prevents attackers from exploiting the code by
injecting HTML or Javascript code (Cross-site Scripting attacks) in
forms.
 The test_input() function is a custom function created in this script to
sanitize input data received from the user. Here's what each step in the
function does:

 trim($data): Removes any leading or trailing whitespace from the input

data. This ensures that there are no unintentional spaces at the beginning or
end of the input.
 stripslashes($data): Removes any backslashes (\) from the input data.
Backslashes are often used to escape special characters in strings, but they
can sometimes cause unintended behavior if not handled properly.
 htmlspecialchars($data): Converts special characters in the input data to
their corresponding HTML entities. This step helps prevent cross-site
scripting (XSS) attacks by ensuring that user input is displayed as text rather
than interpreted as HTML code.