PHP in Action
Objects, Design, Agility
Dagfinn Reiersøl with Marcus Baker and Chris Shiflett
  • July 2007
  • ISBN 9781932394757
  • 552 pages
  • printed in black & white

Well written and focused - these authors are experts.

Kiernan Mathieson, Associate Professor of Management Information Systems, Oakland University

To keep programming productive and enjoyable, state-of-the-art practices and principles are essential. Object-oriented programming and design help manage complexity by keeping components cleanly separated. Unit testing helps prevent endless, exhausting debugging sessions. Refactoring keeps code supple and readable. PHP offers all this, and more.

PHP in Action shows you how to apply PHP techniques and principles to all the most common challenges of web programming, including:

  • Web presentation and templates
  • User interaction including the Model-View-Contoller architecture
  • Input validation and form handling
  • Database connection and querying and abstraction
  • Object persistence

This book takes on the most important challenges of web programming in PHP 5 using state-of-the art programming and software design techniques including unit testing, refactoring and design patterns. It provides the essential skills you need for developing or maintaining complex to moderately complex PHP web applications.

Table of Contents show full



about this book

about the title

about the cover illustration

Tools and concepts

1. PHP and modern software development

1.1. How PHP can help you

1.1.2. Overcoming PHP’s limitations

1.2. Languages, principles, and patterns

1.2.1. Agile methodologies: from hacking to happiness

1.2.3. The evolving discipline of object-oriented programming

1.2.4. Design patterns

1.2.5. Refactoring

1.2.6. Unit testing and test-driven development

1.3. Summary

2. Objects in PHP

2.1. Object fundamentals

2.1.1. Why we’re comparing PHP to Java

2.1.2. Objects and classes

2.1.3. Hello world

2.1.4. Constructors: creating and initializing objects

2.1.5. Inheritance and the extends keyword

2.1.6. Inheriting constructors

2.2. Exception handling

2.2.1. How exceptions work

2.2.2. Exceptions versus return codes—when to use which

2.2.3. Creating your own exception classes

2.2.4. Replacing built-in PHP fatal errors with exceptions

2.2.5. Don’t overdo exceptions

2.3. Object references in PHP 4 and PHP 5

2.3.1. How object references work

2.3.2. The advantages of object references

2.3.3. When references are not so useful

2.4. Intercepting method calls and class instantiation

2.4.1. What is "method overloading"?

2.4.2. Java-style method overloading in PHP

2.4.3. A near aspect-oriented experience: logging method calls

2.4.4. Autoloading classes

2.5. Summary

3. Using PHP classes effectively

3.1. Visibility: private and protected methods and variables

3.1.1. How visible do we want our methods to be?

3.1.2. When to use private methods

3.1.3. When to use protected methods

3.1.4. Keeping your instance variables private or protected

3.1.5. Accessors for private and protected variables

3.1.6. The best of both worlds? Using interception to control variables

3.1.7. Final classes and methods

3.2. The class without objects: class methods, variables, and constants

3.2.1. Class (static) methods

3.2.2. When to use class methods

3.2.3. Class variables

3.2.4. Class constants

3.2.5. The limitations of constants in PHP

3.3. Abstract classes and methods (functions)

3.3.1. What are abstract classes and methods?

3.3.2. Using abstract classes

3.4. Class type hints

3.4.1. How type hints work

3.4.2. When to use type hints

3.5. Interfaces

3.5.1. What is an interface?

3.5.2. Do we need interfaces in PHP?

3.5.3. Using interfaces to make design clearer

3.5.4. Using interfaces to improve class type hints

3.5.5. Interfaces in PHP 5 versus Java

3.6. Summary

4. Understanding objects and classes

4.1. Why objects and classes are a good idea

4.1.1. Classes help you organize

4.1.2. You can tell objects to do things

4.1.3. Polymorphism

4.1.4. Objects make code easier to read

4.1.5. Classes help eliminate duplication

4.1.6. You can reuse objects and classes

4.1.7. Change things without affecting everything

4.1.8. Objects provide type safety

4.2. Criteria for good design

4.2.1. Don’t confuse the end with the means

4.2.2. Transparency

4.2.3. Simple design

4.2.4. Once and only once

4.3. What are objects, anyway

4.3.1. Objects come from the unreal world

4.3.2. Domain object basics

4.4. Summary

5. Understanding class relationships

5.1. Inheritance

5.1.1. Inheritance as a thinking tool

5.1.2. Refactoring to inheritance

5.2. Object composition

5.3. Interfaces

5.3.1. The interface as a thinking tool

5.3.2. Single and multiple inheritance

5.4. Favoring composition over inheritance

5.4.1. Avoiding vaguely named parent classes

5.4.2. Avoiding deep inheritance hierarchies

5.5. Summary

6. Object-oriented principles

6.1. Principles and patterns

6.1.1. Architectural principles or patterns

6.1.2. Learning OO principles

6.2. The open-closed principle (OCP)

6.2.1. OCP for beginners

6.2.2. Replacing cases with classes

6.2.3. How relevant is the OCP in PHP?

6.3. The single-responsibility principle (SRP)

6.3.1. Mixed responsibilities: the template engine

6.3.2. An experiment: separating the responsibilities

6.3.3. Was the experiment successful?

6.4. The dependency-inversion principle (DIP)

6.4.1. What is a dependency?

6.4.2. Inserting an interface

6.5. Layered designs

6.5.1. The "three-tier" model and its siblings

6.5.2. Can a web application have a Domain layer?

6.6. Summary

7. Design patterns

7.1. Strategy

7.1.1. "Hello world" using Strategy

7.1.2. How Strategy is useful

7.2. Adapter

7.2.1. Adapter for beginners

7.2.2. Making one template engine look like another

7.2.3. Adapters with multiple classes

7.2.4. Adapting to a generic interface

7.3. Decorator

7.3.1. Resource Decorator

7.3.2. Decorating and redecorating

7.4. Null Object

7.4.1. Mixing dark and bright lights

7.4.2. Null Strategy objects

7.5. Iterator

7.5.1. How iterators work

7.5.2. Good reasons to use iterators

7.5.3. Iterators versus plain arrays

7.5.4. SPL iterators

7.5.5. How SPL helps us solve the iterator/array conflict

7.6. Composite

7.6.1. Implementing a menu as a Composite

7.6.2. The basics

7.6.3. A fluent interface

7.6.4. Recursive processing

7.6.5. Is this inefficient?

7.7. Summary

8. Design how-to: date and time handling

8.1. Why object-oriented date and time handling?

8.1.1. Easier, but not simpler

8.1.2. OO advantages

8.2. Finding the right abstractions

8.2.1. Single time representation: Time Point, Instant, DateAndTime

8.2.2. Different kinds of time spans: Period, Duration, Date Range, Interval

8.3. Advanced object construction

8.3.1. Using creation methods

8.3.2. Multiple constructors

8.3.3. Using factory classes

8.4. Large-scale structure

8.4.1. The package concept

8.4.2. Namespaces and packages

8.4.3. PHP’s lack of namespace support

8.4.4. Dealing with name conflicts

8.5. Using value objects

8.5.1. How object references can make trouble

8.5.2. Implementing value objects

8.5.3. Changing an immutable object

8.6. Implementing the basic classes

8.6.1. DateAndTime

8.6.2. Properties and fields

8.6.3. Periods

8.6.4. Intervals

8.7. Summary

Testing and refactoring

9. Test-driven development

9.1. Building quality into the process

9.1.1. Requirements for the example

9.1.2. Reporting test results

9.2. Database select

9.2.1. A rudimentary test

9.2.2. The first real test

9.2.3. Make it pass

9.2.4. Make it work

9.2.5. Test until you are confident

9.3. Database insert and update

9.3.1. Making the tests more readable

9.3.2. Red, green, refactor

9.4. Real database transactions

9.4.1. Testing transactions

9.4.2. Implementing transactions

9.4.3. The end of debugging?

9.4.4. Testing is a tool, not a substitute

9.5. Summary

10. Advanced testing techniques

10.1. A contact manager with persistence

10.1.1. Running multiple test cases

10.1.2. Testing the contact’s persistence

10.1.3. The Contact and ContactFinder classes

10.1.4. setUp() and tearDown()

10.1.5. The final version

10.2. Sending an email to a contact

10.2.1. Designing the Mailer class and its test environment

10.2.2. Manually coding a mock object

10.2.3. A more sophisticated mock object

10.2.4. Top-down testing

10.2.5. Mock limitations

10.3. A fake mail server

10.3.1. Installing fakemail

10.3.2. A mail test

10.3.3. Gateways as adapters

10.4. Summary

11. Refactoring web applications

11.1. Refactoring in the real world

11.1.1. Early and late refactoring

11.1.2. Refactoring versus reimplementation

11.2. Refactoring basics: readability and duplication

11.2.1. Improving readability

11.2.2. Eliminating duplication

11.3. Separating markup from program code

11.3.1. Why the separation is useful

11.3.2. Using CSS appropriately

11.3.4. Introducing templates in SimpleTest

11.4. Simplifying conditional expressions

11.4.1. A simple example

11.4.2. A longer example: authentication code

11.4.3. Handling conditional HTML

11.5. Refactoring from procedural to object-oriented

11.5.1. Getting procedural code under test

11.5.2. Doing the refactorings

11.6. Summary

12. Taking control with web tests

12.1. Revisiting the contact manager

12.1.1. The mock-up

12.1.2. Setting up web testing

12.1.3. Satisfying the test with fake web page interaction

12.1.4. Write once, test everywhere

12.2. Getting a working form

12.2.1. Trying to save the contact to the database

12.2.2. Setting up the database

12.2.3. Stubbing out the finder

12.3. Quality assurance

12.3.1. Making the contact manager unit-testable

12.3.2. From use case to acceptance test

12.4. The horror of legacy code

12.5. Summary

Building the web interface

13. Using templates to manage web presentation

13.1. Separating presentation and domain logic

13.1.1. To separate or not to separate…​

13.1.2. Why templates?

13.2. Which template engine?

13.2.1. Plain PHP

13.2.2. Custom syntax: Smarty

13.2.3. Attribute language: PHPTAL

13.3. Transformation: XSLT

13.3.1. "XMLizing" a web page

13.3.2. Setting up XSLT

13.3.3. The XSLT stylesheet

13.3.4. Running XSLT from PHP

13.4. Keeping logic out of templates

13.4.1. View Helper

13.4.2. Alternating row colors

13.4.3. Handling date and time formats

13.4.4. Generating hierarchical displays

13.4.5. Preventing updates from the template

13.5. Templates and security

13.5.1. PHPTAL

13.5.2. Smarty

13.5.3. XSLT

13.6. Summary

14. Constructing complex web pages

14.1. Combining templates (Composite View)

14.1.1. Composite View: one or several design patterns

14.1.2. Composite data and composite templates

14.2. Implementing a straightforward composite view

14.2.1. What we need to achieve

14.2.2. Using Smarty

14.2.3. Using PHPTAL

14.2.4. Using page macros with PHPTAL

14.3. Composite View examples

14.3.1. Making print-friendly versions of pages

14.3.2. Integrating existing applications into a Composite View

14.3.3. Multi-appearance sites and Fowler’s Two Step View

14.4. Summary

15. User interaction

15.1. The Model-View-Controller architecture

15.1.1. Clearing the MVC fog

15.1.2. Defining the basic concepts

15.1.3. Command or action?

15.1.4. Web MVC is not rich-client MVC

15.2. The Web Command pattern

15.2.1. How it works

15.2.2. Command identifier

15.2.3. Web handler

15.2.4. Command executor

15.3. Keeping the implementation simple

15.3.1. Example: a "naive" web application

15.3.2. Introducing command functions

15.4. Summary

16. Controllers

16.1. Controllers and request objects

16.1.1. A basic request object

16.1.2. Security issues

16.2. Using Page Controllers

16.2.1. A simple example

16.2.2. Choosing Views from a Page Controller

16.2.3. Making commands unit-testable

16.2.4. Avoiding HTML output

16.2.5. Using templates

16.2.6. The redirect problem

16.3. Building a Front Controller

16.3.1. Web Handler with single-command classes

16.3.2. What more does the command need?

16.3.3. Using command groups

16.3.4. Forms with multiple submit buttons

16.3.5. Generating commands with JavaScript

16.3.6. Controllers for Composite Views

16.4. Summary

17. Input validation

17.1. Input validation in application design

17.1.1. Validation and application architecture

17.1.2. Strategies for validation

17.1.3. Naming the components of a form

17.2. Server-side validation and its problems

17.2.1. The duplication problem

17.2.2. The styling problem

17.2.3. Testing and page navigation problems

17.2.4. How many problems can we solve?

17.3. Client-side validation

17.3.1. Ordinary, boring client-side validation

17.3.2. Validating field-by-field

17.3.3. You can’t do that!

17.3.4. The form

17.4. Object-oriented server-side validation

17.4.1. Rules and validators

17.4.2. A secure request object architecture

17.4.3. Now validation is simple

17.4.4. A class to make it simple

17.4.5. Using Specification objects

17.4.6. Knowledge-rich design

17.4.7. Adding validations to the facade

17.5. Synchronizing server-side and client-side validation

17.5.1. Form generator

17.5.2. Configuration file

17.5.3. Generating server-side validation from client-side validation

17.6. Summary

18. Form handling

18.1. Designing a solution using HTML_QuickForm

18.1.1. Minimalistic requirements and design

18.1.2. Putting generated elements into the HTML form

18.1.3. Finding abstractions

18.1.4. More specific requirements

18.1.5. The select problem

18.2. Implementing the solution

18.2.1. Wrapping the HTML_QuickForm elements

18.2.2. Input controls

18.2.3. Which class creates the form controls?

18.2.4. Validation

18.2.5. Using the form object in a template

18.2.6. What next?

18.3. Summary

19. Database connection, abstraction, and configuration

19.1. Database abstraction

19.1.1. Prepared statements

19.1.2. Object-oriented database querying

19.2. Decorating and adapting database resource objects

19.2.1. A simple configured database connection

19.2.2. Making an SPL-compatible iterator from a result set

19.3. Making the database connection available

19.3.1. Singleton and similar patterns

19.3.2. Service Locator and Registry 445

19.4. Summary

Databases and infrastructure

20. Objects and SQL

20.1. The object-relational impedance mismatch

20.2. Encapsulating and hiding SQL

20.2.1. A basic example

20.2.2. Substituting strings in SQL statements

20.3. Generalizing SQL

20.3.1. Column lists and table names

20.3.2. Using SQL aliases

20.3.3. Generating INSERT, UPDATE and DELETE statements

20.3.4. Query objects

20.3.5. Applicable design patterns

20.4. Summary

21. Data class design

21.1. The simplest approaches

21.1.1. Retrieving data with Finder classes

21.1.2. Mostly procedural: Table Data Gateway

21.2. Letting objects persist themselves

21.2.1. Finders for self-persistent objects

21.2.2. Letting objects store themselves

21.3. The Data Mapper pattern

21.3.1. Data Mappers and DAOs

21.3.2. These patterns are all the same

21.3.3. Pattern summary

21.4. Facing the real world

21.4.1. How the patterns work in a typical web application

21.4.2. Optimizing queries

21.5. Summary

Appendix A: Tools and tips for testing

Appendix B: Security



What's inside

  • Explanation of software engineering principles of design and architecture of web programming
  • How to refactor / redesign / restructure legacy applications
  • Improve existing code incrementally and under time constraints
  • How to use automated testing
  • How to keep web applications secure
  • Many interesting and useful examples

About the authors

Dagfinn Reiersøl has been designing and developing web applications, web content mining software, web programming tools, and text analysis programs, mostly in PHP, since 1997. He also has a long history as a technical writer of software manuals. He lives in Oslo, Norway.

Marcus Baker has been a software consultant for many years specializing in OO design and development as well as web application development and testing. He is also a columnist for PHP Architecture Magazine and lives in London, England.

Chris Shiflett is a PHP consultant and security expert as well as a leader in the PHP community. He is the founder of the PHP Security Consortium and the author of the HTTP Developer¹s Handbook and Essential PHP Security. He lives in Brooklyn, NY.

combo $39.99 pBook + eBook
eBook $31.99 pdf + ePub + kindle

FREE domestic shipping on three or more pBooks

A textbook for beginners and the quintessential reference for the rest of us. They have outdone themselves with this masterpiece.

Andrew Grothe, COO, Eliptic Webwise