Slashdot Mirror
PHP 5 in Practice
Michael J. Ross writes "Computer programming books come in all varieties, but there are at least four general categories: introductory texts, which typically have the lowest content per page; language references, which have become increasingly supplanted by online sources; "advanced" treatments, which are often a mishmash of errata-riddled articles; and "how-to" books, usually at the intermediate level, and sometimes presented as "cookbooks." It is that last category that has been growing in popularity, and for good reason. When an experienced software developer needs assistance, it is rarely for language syntax, but instead a desire to see how someone else solved a specific problem. For solutions using the PHP language, one source of information is PHP 5 in Practice." Read the rest of Michael's review.
PHP 5 in Practice
author
Elliott White III and Jonathan D. Eisenhamer
pages
456
publisher
Sams Publishing
rating
8
reviewer
Michael J. Ross
ISBN
0672328887
summary
One of the most meaty, immediately useful, and fluff-free PHP books available
The book was authored by Elliott White III and Jonathan D. Eisenhamer, and put out in July 2006 by Sams Publishing (an imprint of Pearson Education). Given today's standards of hefty technical books, this particular one is relatively light, weighing in at 456 pages, which are organized into an introduction, numerous chapters, and three appendices.
Its introduction is more interesting than that of most similar books, whose introductions usually consist of formatting conventions and explanations as to why the book was written — all such content providing little to no value to the impatient programmer facing a deadline, and invariably ignored (the content, that is, not the deadline).
White and Eisenhamer took a refreshingly different tack, and chose instead to explain their use of coding standards, comments and whitespace, braces and parentheses, PHP short tags, PHP mode, and other language considerations that are more useful than the typical rundown of somewhat childish icons used in other texts, such as light bulbs and red warning signs.
Switching to the other end of the book, we find three appendices. The first one briefly discusses issues one might face in migrating from PHP version 4 to 5. The second introduces the Standard PHP Library (SPL), and the objects related to its primary design pattern, the Iterator. The third appendix discusses what composes the bulk of output from my PHP programs: error messages. Seriously, this appendix is worth reading, if only for the suggestions as to what to look for when you encounter some of the most common PHP error messages.
The bulk of the book's material is divided into 20 chapters, which are themselves divided into two parts: PHP internals, and applications. The internals are: strings, numbers, time and date, variables, arrays, functions, classes and objects, and files and directories. Starting off with a discussion of strings, might seem odd to the neophyte programmer, but to the veteran who has had to learn several languages during their career, the choice makes a lot of sense. There must be countless developers out there who, being fluent in the C language and object-oriented concepts, jumped into writing their first C++ program, and had to hit the books for the first time when they wanted to do some non-array-based string handling.
The book's second part covers some of the most common applications in PHP programming: Web page creation (using XHTML and CSS), Web form handling, data validation and standardization, sessions and user tracking, Web services and other protocols, relational databases and other data storage methods, e-mail, XML, images, error reporting and debugging, and user authentication and encryption. That last chapter, in the next edition, should be relocated so that it precedes or follows the chapter on sessions and user tracking.
Many of the chapters begin with a "Quick Hits" section, which briefly summarizes how to perform many of the most common and essential tasks related to that chapter's topic. For instance, in the chapter covering the use of variables, this first section explains how to: check if a variable has no value or if it is empty (not synonymous in PHP), undefine a variable, cast it to a certain data type, and do the same thing for a value. There is one minor erratum that should be noted: On page 71, in the first "Quick Hit," it reads "a variable has bee. given a value." ("been"'s "n" ended too soon.)
Each section within the chapter briefly explains the problem domain, and then presents sample code to solve the given problem. The code itself is fairly well commented, and the variable names are adequately descriptive (unlike in some programming books, whose coding standards border on the criminal).
All in all, the book offers a lot of worthwhile solutions to a wide range of problems, and does so in a straightforward manner. It is for this reason that it is not evident as to why this particular PHP title has received so little notice. For instance, on Amazon.com, it has received only one reader review, as of this writing, and does not even make it into the top quarter million books ranked in sales by Amazon.com. It is a pity, because the book deserves much more attention.
Even though this book is to be recommended, and is packed with code and text that are well worth studying, it has one unmistakable weakness for which this writer can think of no adequate justification. The book contains almost no illustrations, even when they are clearly called for — in fact, especially in those cases. For instance, the section that shows how to generate a calendar, does not show a calendar! The code is present, but the sample output — which is what the poor reader would appreciate, to see the results of the code — is missing.
Granted, an absence of figures and screenshots might be understandable for the first part of the book, which covers the PHP language itself. But the second part, covering applications, has far too many unillustrated PHP scripts. These include sections focusing on drop-down menus, progress bars, and graphical charts Web forms. In the last chapter, there is a section with code that generates captchas, but the reader is not shown what they look like. The entire 18th chapter is devoted to images, but contains not a single one! I cannot imagine why the authors and/or publisher chose to leave out these essential graphics. Was it to save money? Whatever the reason, it was a significant mistake, and one that should be corrected in the next edition.
Readers who agree with this assessment, or who have other thoughts concerning this otherwise excellent book, can leave feedback via the book's Web page on the Web site for Sams Publishing. This page offers details on the book, a description and table of contents, links for requesting instructor or review copies, and a tool for searching the book's contents within the Safari online technical library. The book's introduction states that the Web site hosts all of the code listings, as well as a list of errata. Yet, I was unable to find either one. (Sadly, the Pearson Education sites are still some of the least usable in the technical book publishing world.) Much better results were obtained on Eli White's site.
Despite an inexcusable and almost complete lack of needed illustrations, PHP 5 in Practice is possibly one of the most meaty, immediately useful, and fluff-free PHP books available. No serious PHP programmer should be without it.
Michael J. Ross is a Web consultant, freelance writer, and the editor of PristinePlanet.com's free newsletter. He can be reached at www.ross.ws, hosted by SiteGround.
You can purchase PHP 5 in Practice from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
The book was authored by Elliott White III and Jonathan D. Eisenhamer, and put out in July 2006 by Sams Publishing (an imprint of Pearson Education). Given today's standards of hefty technical books, this particular one is relatively light, weighing in at 456 pages, which are organized into an introduction, numerous chapters, and three appendices.
Its introduction is more interesting than that of most similar books, whose introductions usually consist of formatting conventions and explanations as to why the book was written — all such content providing little to no value to the impatient programmer facing a deadline, and invariably ignored (the content, that is, not the deadline).
White and Eisenhamer took a refreshingly different tack, and chose instead to explain their use of coding standards, comments and whitespace, braces and parentheses, PHP short tags, PHP mode, and other language considerations that are more useful than the typical rundown of somewhat childish icons used in other texts, such as light bulbs and red warning signs.
Switching to the other end of the book, we find three appendices. The first one briefly discusses issues one might face in migrating from PHP version 4 to 5. The second introduces the Standard PHP Library (SPL), and the objects related to its primary design pattern, the Iterator. The third appendix discusses what composes the bulk of output from my PHP programs: error messages. Seriously, this appendix is worth reading, if only for the suggestions as to what to look for when you encounter some of the most common PHP error messages.
The bulk of the book's material is divided into 20 chapters, which are themselves divided into two parts: PHP internals, and applications. The internals are: strings, numbers, time and date, variables, arrays, functions, classes and objects, and files and directories. Starting off with a discussion of strings, might seem odd to the neophyte programmer, but to the veteran who has had to learn several languages during their career, the choice makes a lot of sense. There must be countless developers out there who, being fluent in the C language and object-oriented concepts, jumped into writing their first C++ program, and had to hit the books for the first time when they wanted to do some non-array-based string handling.
The book's second part covers some of the most common applications in PHP programming: Web page creation (using XHTML and CSS), Web form handling, data validation and standardization, sessions and user tracking, Web services and other protocols, relational databases and other data storage methods, e-mail, XML, images, error reporting and debugging, and user authentication and encryption. That last chapter, in the next edition, should be relocated so that it precedes or follows the chapter on sessions and user tracking.
Many of the chapters begin with a "Quick Hits" section, which briefly summarizes how to perform many of the most common and essential tasks related to that chapter's topic. For instance, in the chapter covering the use of variables, this first section explains how to: check if a variable has no value or if it is empty (not synonymous in PHP), undefine a variable, cast it to a certain data type, and do the same thing for a value. There is one minor erratum that should be noted: On page 71, in the first "Quick Hit," it reads "a variable has bee. given a value." ("been"'s "n" ended too soon.)
Each section within the chapter briefly explains the problem domain, and then presents sample code to solve the given problem. The code itself is fairly well commented, and the variable names are adequately descriptive (unlike in some programming books, whose coding standards border on the criminal).
All in all, the book offers a lot of worthwhile solutions to a wide range of problems, and does so in a straightforward manner. It is for this reason that it is not evident as to why this particular PHP title has received so little notice. For instance, on Amazon.com, it has received only one reader review, as of this writing, and does not even make it into the top quarter million books ranked in sales by Amazon.com. It is a pity, because the book deserves much more attention.
Even though this book is to be recommended, and is packed with code and text that are well worth studying, it has one unmistakable weakness for which this writer can think of no adequate justification. The book contains almost no illustrations, even when they are clearly called for — in fact, especially in those cases. For instance, the section that shows how to generate a calendar, does not show a calendar! The code is present, but the sample output — which is what the poor reader would appreciate, to see the results of the code — is missing.
Granted, an absence of figures and screenshots might be understandable for the first part of the book, which covers the PHP language itself. But the second part, covering applications, has far too many unillustrated PHP scripts. These include sections focusing on drop-down menus, progress bars, and graphical charts Web forms. In the last chapter, there is a section with code that generates captchas, but the reader is not shown what they look like. The entire 18th chapter is devoted to images, but contains not a single one! I cannot imagine why the authors and/or publisher chose to leave out these essential graphics. Was it to save money? Whatever the reason, it was a significant mistake, and one that should be corrected in the next edition.
Readers who agree with this assessment, or who have other thoughts concerning this otherwise excellent book, can leave feedback via the book's Web page on the Web site for Sams Publishing. This page offers details on the book, a description and table of contents, links for requesting instructor or review copies, and a tool for searching the book's contents within the Safari online technical library. The book's introduction states that the Web site hosts all of the code listings, as well as a list of errata. Yet, I was unable to find either one. (Sadly, the Pearson Education sites are still some of the least usable in the technical book publishing world.) Much better results were obtained on Eli White's site.
Despite an inexcusable and almost complete lack of needed illustrations, PHP 5 in Practice is possibly one of the most meaty, immediately useful, and fluff-free PHP books available. No serious PHP programmer should be without it.
Michael J. Ross is a Web consultant, freelance writer, and the editor of PristinePlanet.com's free newsletter. He can be reached at www.ross.ws, hosted by SiteGround.
You can purchase PHP 5 in Practice from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Chapter 1 will discuss building PHP CLI classes that download and install OpenJDK. Chapters 2-22 will teach you Java.
I'm a bit disappointed to read in the book review that there wasn't a chapter dedicated to security. Considering that PHP will let you do things like do external includes from other web servers that can modify your PHP environment, etc...
What PHP needs is not more features, but better designed security model.
Yes Francis, the world has gone crazy.
thissounds() like_a_really() interestingBook()
A few years back (circa 2002), I whipped up a rapid application prototype with PHP while working off from some on-line tutorials and using Beginning Php 4 from Wrox. I think the book and the tutorials were good a teaching the basic language features and syntax, but they taught me to use PHP dangerously because they did not teach good practices. My application worked but never got out of the prototype/demo stage back then for business reasons. Recently, I went back to it on my own time to try to clean it up, move it to PHP5, and make it deployable. I now cringe with horror at the extremely bad practices I was using back then. Granted, it was just a prototype, but I thought I was doing it "right" because I was following the examples in the book and the tutorials. I was doing stuff like accepting form data and passing it to the DB with out validation, outputting user submitted variables without checking for XSS, registering globals, etc, etc, etc. I was doing the kind of things that give me nightmares now.
/* trust us on this part for now, we'll show you how this part works latter, just remember you always have to validate the input before you use it */".
So here is my point, all the tutorials, examples, and books that the neophytes are using to learn are _WRONG_. They are teaching _BAD_PRACTICES_. Because PHP is necessarily meant to be in a network environment (excluding the rarely used cli) and it WILL be exposed to potential maliciousness, secure practices should be taught markedly at the beginning, not as an aside. So as part of teaching how to pass form parameters they should include validation code, even if they have to comment that section as "
I think PHP is a great language for its purpose, which is simple web-apps. Lots of the criticism about its brain-dead defaults is correct, but they can be overcome with good practices by the application developer. PHP can be great, but it is typically taught wrong at the beginning and that just snowballs.
The editors and authors all the PHP books and tutorials out there need to make sure the new editions encapsulate good practice at the beginning of the learning process.
first disclaimer- I haven't read this particular book. I hope it is better than the other PHP books to which my comments apply.
Second, disclaimer- this is mostly a repost from my post at this discussion ( PHP Application Insecurity - PHP or Devs Fault?)
Yes, realize that the acronym for PHP Object Oriented Programming is POOP.
Thus, the title of the next PHP book should be along the lines of "How To Write Real POOPy Code".
Another one of those huge low-density books of examples. Do we really need another one.
What's really hard today is finding a good reference manual. The original manual for Algol was 17 pages. The original manual for Scheme was 21 pages. 456 pages for PHP is a bit much. A big plastic card that boiled the language down to two pages - now that would be useful.
With languages like Ruby, Python, Perl, etc. around, why bother with PHP?
PHP has:
It does however have a good documentation. Without it though, programming PHP would be impossible. Try coding PHP without the documentation at hand.
"Was it function_name($foo, $bar) or functionname($bar, $foo)? Or rather prefix_function_name($foo,$bar,$baz) where $baz is always empty?"
I could go on and on. These are just the facts. What I ignored are the countless hours I wasted trying to debug some perfectly good looking piece of code only to find out in the end that PHP is the problem. On that occasions PHP ate away a part of my soul. (pretty poignant, eh?)
And yes, in case you wonder, I did very large PHP stuff. Megabytes of code in CVS. Luckily no more. (Could be written in kilobytes of Ruby anyway.)
Meme of the day: I browse "Disable Sigs: Checked". So should you.
> PHP 5 In Practice
Way shorter book summary:
Don't.
I'd go on and say that IMO (which genuinely is humble, as I'm a sysadmin who's prepared to look at and tweak code if necessary, rather than a fulltime dev), PHP has promulgated an entire mass of badly written, badly commented, ill conceived code.
Sure, it's possible to write bad code in any language. But PHP is like the BASIC of the web. Popular, (yes, there was a time BASIC was popular) yet treated with contempt because it's just so easy to shoot yourself hard in the foot. At least with C, you usually know pretty early on if your code is really badly thought up. With PHP, however, it seems that nobody quite realises what a festering mess they've produced until someone else points it out, by which time it's taken as a personal attack.
I've gotta agree with some of the presuppositions and points in this review. PHP - in the right hands - is a powerful language. It's great that you can whip things up quickly. But too many of the books go through the fairly simple bits in mind-numbing detail (like, I know what an array is). Thanks to Eclipse and oXygen, most of the time that I'm at a screen, my editor can load the documentation in to a panel while I'm typing it (along with remembering class names, variable names and so on). If I'm coding PHP (or a lot of other languages, for that matter), Eclipse has the language reference. And oXygen gives me the documentation from XSD/RNG/DTD schemas for XML/XHTML etc. Language references aren't useful in dead tree format.
But something that dead tree can be useful for is conveying development experience. Of course, this can be transmitted in other means. Books that give me best practice guidelines are often far more useful than language guides. For instance, in PHP, there is a function called file_get_contents(). It does what it says. You give it a URL or file and it reads it in to a string. But what the language reference *doesn't* tell you is that for getting things off the 'net libcurl is a better way of doing it - it's quicker, more powerful and has a lot of extremely useful options - in short, something which, if one is intent on building a serious web application in PHP, one should probably use. This is one of the reasons why I think language references would be better if managed on a wiki - or, as PHP does it, with comments attached. That way, people can post code samples, bug reports, workarounds, common errors and so on. This is useful.
A measure of a successful technology book these days has to be "does this make me a better developer?". The fact that we have books which deal with best practice means that online documentation has gotten better and better and publishers are responding to that. Most of the languages and frameworks I use I carry the specifications for on my Palm Pilot in Plucker format. Reference books can't compete with that. A few publishers I've seen are shifting towards a tutorial style (in the web design sphere, Friends of Ed is a good example of this).
catch (HumourFailureException e) { e.user.send("You, sir, are a humourless idiot."); }
With regard to the link you provided under "no usable object-model" - I would have to agree with the PHP developers on that one. self::$var or self::CONSTANT is supposed to bind statically. That is how self is supposed to work and actually what the bug reporter was trying to achieve is impossible in C# too AFAIK.
Namespaces are upcoming in PHP6 (again, AFAIK).
The rest of the observations are correct to the best of my knowledge and make PHP quite a horrible choice for all projects beyond a certain complexity threshold. Personally I wouldn't think of Perl as a substitute, even though I understand in many respects Perl is superior to PHP, I just find it difficult to make the right choices when it comes to picking a module for a given job. I think Perl suffers from a lot of duplicated effort, there is no concerted effort to establish a de facto framework of modules.
PHP is dying a slow death in my eyes because of all the inconsistencies. The object orientation feels more like a patch or a workaround rather than a core architectural choice. The total mess created by the ton of functions in the core is not going to go anywhere with the devs maintaining backwards compatibility indefinitely.
And in the rare case when you actually find that bug, it turns out you can't fix it because the whole card-house would crumble into oblivion if you did. So you build workarounds (which accumulate) that are the heralds of death of the system.
I should have said that I did not in fact write the whole 30ish MB code base myself. I inherited it and got to live with it or do something else. It wasn't planned, it wasn't built using development methodologies (think XP, Scrum, etc.) but rather using a whip. The explanation for the system then is something along the lines of "It has grown organically.".
And although I see myself primarily as a programmer, I am in fact working on extending my abilities to encompass marketing. So your evaluation flatters me.
Meme of the day: I browse "Disable Sigs: Checked". So should you.
I began coding PHP around 1997. Then I did not know better. Now I do. Although I generally program in languages featuring a garbage collector (memory allocation is not mine) I keep adding new language to my tool belt on a regular basis. Python is next.Please get your facts right when flaming. Ruby was started in 1993. PHP/FI was started in 1994. At that time PHP was not even a language. PHP3 (on which all the crap of today is built) was released in 1997!
Meme of the day: I browse "Disable Sigs: Checked". So should you.
In perl's defense, I think that's sometimes the biggest reason I choose perl over the others. The good thing about duplicating or reinventing the wheel is sometimes you need different wheels for different tasks. It also facilitates evolution and a plethora of ideas that you would otherwise miss if you had put everyone together and told them to make THE ONE best module because there will always be drawbacks to even particularly good implementations. The result is perl's library (cpan.org) is massive. When I look at other things like Ruby, though I like the language features, the library work simply isn't there yet.
As a side note, there's some really cool libraries out for perl. Check out moose or catalyst for example.
Here is a good source for browsing PHP Book Reviews. PHP In Practice hasn't made the top 50 yet.
Same sh*t another day.
Some uber programmers doens't like PHP because of someting else... Then start to bashing again and again
Php can't do this, can't do that. Php can't scale, Php was ugly, yada yada yada....
First purpose of Php was templating engine for HTML.
Other things comes afer.
Also, Zend try to add OOP. WHY? Why we need OOP aproach, run once scripts...
In php you cannot store objects in the Memory by default... (if you not use Memcaced/Seralize things)
I still don't get it. It was stateless universe. Evrything runs once and goes to ashes.
Whe we need all those OOP overload ?
Maybe to get more respect from other languages ?
Paaah...
Php language for who can barelly handling HTML.
It may not look nice. It may have some problems. May diturbing over obsssed engineers.
Of course, you may do more nice OOP thing in ruby, python of course you may do some hiber,uber,hypernate in JAVA.
And you cannot give
this much ability
under this cost (both cpu/ram)
and with this usability...
[My english is better than most other people's Turkish, so please point out mistakes politely. Thank you.]