A $_POST about PHP (and MySQL)

PHP is great.

No, really. It is. The syntax is very much like JavaScript, save for a few fundamental differences.

PHP is a server-side (backend) scripting language that works in the background to enhance your HTML file and make it more dynamic. For instance, paired with a database like MySQL, it can help you create working forms (thus far, our HTML forms have looked pretty, but have done absolutely nothing useful).

The way I see it right now is that If HTML and CSS were the contents and layout of your home, PHP and the backend is a little bit like Marie Kondo organising all of the crap in your cupboards so that if someone needs to find the Sellotape you know exactly where to look for it (a rare occurrence in our house).

It’s more complicated than that but, for now, that metaphor has carried me through.

That’s great, but how do I use it?

There’s a few things you need to do in order to start using PHP.

Unlike CSS stylesheets and Javascript files, you don’t link a PHP file to your HTML in the <head> tag and just start coding. Because PHP works in the backend, it needs a server to work with. In fact it needs a few things to make it work properly — usually in the form of a LAMP stack.

LAMP is an acronym for the four ingredients (software components) needed to make a website work:

These are the four things you need for a dynamic website (there are other versions of a LAMP stack [eg. a WAMP stack for Windows]).

We’ve been using Vagrant to create virtual machines (servers) on our computers so that we can learn PHP. For some reason I find this concept a bit magical and had a Zoolander moment when it was first explained to us.

Furthermore, typing vagrant destroy into the command line feels like the programming equivalent of Daenerys Targaryen saying “Dracarys”:

PHP syntax

Once you’ve got your virtual machine running, you can start using PHP. Like Javascript, PHP deals with strings, functions, arrays and so on. Some differences between the two include things like:

1. You use a $ to declare variables, rather than Javascript ‘let’

2. You can whack it right in the HTML if you wrap it in <?php … ?>

3. You output stuff to the browser using echo

4. You use dots to concatenate, rather than +’s

5. Variables are often written in snake_case, rather than camelCase

6. Arrays get a bit more fancy in PHP. An associative array is made up of key => value pairs so you can do things like this …

I’ve just realised that will output ‘Legolas is a elf’ which is truly awful grammar but you get the idea. The <br/> added to the end means that the list will output on separate lines …

You can have a look at what’s going on in an array using var_dump($array_name). This will return a load of info about the array that looks something like this:

array(3) {
[“Frodo”]=>
string(6) “Hobbit”
[“Aragorn”]=>
string(5) “Human”
[“Legolas”]=>
string(3) “Elf”
}

Otherwise, conditionals (for and while loops, switches) and functions work in pretty much the same way as Javascript.

PHP and Forms

Much of PHP week was spent creating a login system — of the type where you register your details using a form, then get sent a verification email with a link that takes you to a login page.

This is something we all use all the time but I did not appreciate just how much effort and coding goes into building one from scratch.

In order to actually do something useful with a login form, you need to use PHP to communicate between the client device and the server (i.e. the user submits a form and, on pressing ‘Send’, the information they have inputted is stored somewhere in a database and they are sent a response to tell them what to do next).

This is done using GET and POST methods. I’ll probably talk more about these when we come to Laravel and APIs but, for now, the essential idea is that a GET method requests data from a specified resource (eg. GET asks the server for the contact.html page and the server responds by loading it) and a POST method submits data to be processed by a specified resource
(eg. POST posts form inputs to the form-handler.php file on the server which then responds with a success page or whatever).

Obviously, when someone inputs information into a form, it has to go somewhere to be stored: that’s where databases come in.

MySQL

MySQL is a database management system that helps you store all your info in neat little tables using even neater commands.

Once you get the hang of the syntax, and how to navigate to MySQL in the first place (using vagrant ssh and typing in your username and password to access mysql), it’s really easy to figure out what’s going on in there.

For example, to create a table, you use the following command:

CREATE TABLE `people` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`fullname` varchar(255) NOT NULL,
`location` varchar(255) NOT NULL,
`age` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

Looks nasty, but it just says ‘create a table called ‘people’ with the following column headers: ‘id’ (that auto-increments each time a new row is added), ‘fullname’, ‘location’ and ‘age’. The table’s primary key is the ‘id’ and then there’s some default stuff at the end.

This creates an empty table, so you set up your PHP to add data to the table as and when it is inputted by the user.

You can also input data manually in the command line:

INSERT INTO `people` (`id`, `fullname`, `location`, `age`) VALUES
(1, ‘Frodo Baggins’, ‘The Shire’, 47),
(2, ‘Aragorn’, ‘Various’, 40),
(3, ‘Boromir’, ‘Minas Tirith’, 38),
(4, ‘Galadriel’, ‘Lothlorien’, 17988);

To check out your table, you use:

SELECT * FROM `people`;

Please don’t write in to tell me how wrong my LOTR estimates are.

Databases are fun. There’s something satisfying about organising tables that I cannot quite explain. I’m getting married next year and one of the first things I made sure we did was to create a wedding spreadsheet, which I call ‘the wed-sheet’. Pete’s a lucky guy…

Building a Login System

Right, I’m not going to be able to put all the fine details of building a login system here but here’s the general gist of it.

Disclaimer: I’m writing this a few weeks after the fact, having done Wordpress, Object Oriented Programming, Laravel and React in the interim — my brain is swimming in React right now, so please forgive anything I miss out.

1. The user inputs their details on a registration page to create an account:

2. I’ve got some conditionals in my register.php page that will alert the user if they haven’t entered a valid email address or password. If they don’t they get a variety of different error messages:

3. If they do it right, they get this success message:

A successful entry also creates a unique activation code and adds the new user details to the database securely by hashing the codes and passwords.

You can see the MySQL syntax in the db query below:

Here’s part of the entry in the MySQL db. The password looks like crazy gibberish because of the hashing.

It then sends the new user an email with a link. The slug of the link’s URL is the activation code, so is unique.

Here’s what they see in their email inbox:

Notice that when they click on the link, the url contains the activation code:

There are various error messages on the activation.php page for anyone who is trying to access the site without registering correctly.

4. Clicking on the link shown in the image above takes them to this login page:

Here, they re-submit their username and password. Again, there’s various conditionals in case they get it wrong, including queries to the database to check that the information they have provided actually exists.

When they’ve successfully logged in, they start a new session, which continues until they log out again. I also coded in a ‘forgot password’ system — which I’m not going to go into now but eventually I’ll add a link here to my completed login system so you can have a look.

When all of this finally came together and worked, it was potentially one of the most satisfying moments on the course up to this point.

When it was done, I was so proud of myself that I just spent 30 minutes registering new people just to go through the motions of what I’d just created. I then made Pete do the same when I got home. Again, lucky guy.

Who knew login systems could provide so much joy. I’m definitely going to be including it as part of my portfolio website — more on that next time when we look at Wordpress! :)

Originally published in November 2019 at https://www.tumblr.com.

Hi, my name’s Charlotte. I’m a Web Developer, Coding Bootcamp Teaching Assistant and career changer from Academic Teaching. I also like to hike. A lot.