Advanced PHP

PHP's strength lies in its huge library of built-in functions, which allows even a novice user
 to perform very complicated tasks without having to install new libraries or worry about
low-level details, as is often the case with other popular server-side languages like Perl.
 Because of the focus of this book, we've constrained ourselves to exploring only those functions
 that were directly related to MySQL databases (in fact, we didn't even see all of those).
In this final instalment, we'll broaden our horizons a little and explore some of the other
 useful features PHP has to offer someone building a database driven Website.

We'll begin by learning about PHP's include function, which allows us to use a single
piece of PHP code in multiple pages, and makes the use of common code fragments much more
 practical. We'll also see how to add an extra level of security to our site with this feature.

PHP, while generally quick and efficient, nevertheless adds to the load time and the
 workload of the machine on which the server is run. On high-traffic sites , this load can
grow to unacceptable levels. But this challenge doesn't mean we have to abandon the
database-driven nature of our site. We'll see how to use PHP behind the scenes to
create semi-dynamic pages that don't stress the server as much.

In essence, SSIs allow you to insert the content of one file stored on your Web
 server into the middle of another. The most common use for this technology is
 to encapsulate common design elements of a Website in small HTML files that
can then be incorporated into Web pages on the fly. Any changes to these small
files immediately affect all files that include them. And, just like a PHP script,
 the Web browser doesn't need to know about any of it, since the Web server
 does all the work before it sends the requested page to the browser.

PHP has a function that provides similar capabilities. But in addition to
being able to incorporate regular HTML and other static elements into your
 included files, you can also include common script elements.
 example:

<!-- include.php -->
<?php
  echo( '<p>"Make me one with everything!"</p>\n' );
?>
The above file, include.php, contains some simple PHP code- also need the following file:

<!-- testinclude.php -->
<html>
<head>
<title> Test of PHP Includes </title>
</head>
<body>
<p>What did the Buddhist monk say to the hot dog vendor?</p>
<?php
  include('include-me.php');
?>
</body>
</html>


Notice the call to the include function. We specify the name of the file we want to include include.php,
and PHP will attempt to grab the named file and stick it into the file to replace the call to include.



Finally, an extremely powerful feature of PHP is the ability to send email messages
 with dynamically generated content. Whether you want to use PHP to let visitors
send email versions of your site's content to their friends, or just provide a
way for users to retrieve their forgotten passwords, PHP's email function will
serve nicely.

PHP Interview questions-with-answers


To guard against this kind of security breach, you should put any security-sensitive
 code into an include file, and place that file into a directory that's not part of
your Web server's directory structure. If you add that directory to your PHP
include_path setting in php.ini, you can refer to the files directly with the PHP
include function, but have them tucked away safely somewhere where your Web server
 can't display them as Web pages.