This course will provide an overview of the PHP scripting language and SQL, and how to use these technologies to generate dynamic web sites. It will introduce secure and maintainable coding practices.
PrerequisitesStudents should have taken Web Design 1 or have comparable knowledge. Students should also have or be in the process of acquiring some knowledge of forms in (X)HTML. It can be taken in parallel to Web design 2.
Recommended Textbook(s)Beginning PHP 5.3 is the main book. Essential PHP Security lacks a few modern tools, since it is from 2005, but explains attack vectors and the philosophy of security really well.
- Doyle, Matt.. Beginning PHP 5.3. Indianapolis, IN: Wiley Pub, 2009.
- Shiflett, Chris.. Essential PHP Security, A Guide to Building Secure Web Applications. Sebastopol, CA: O'Reilly, 2005.
Please note that a lot of links are provided in the competency table.
- Official php.net resources
- Savage, Brendon. “To the New PHP Programmers.” BrandonSavage.net. 09-oct-2009. Web. 6 Mar 2010. <http://www.brandonsavage.net/to-the-new-php-programmers/>.
- Tabini, Marco. “Stop Telling People to Optimize, and Start Teaching Them to Program.” php | architect. 25 jun 2009. Web. 6 Mar 2010. <Stop Telling People to Optimize, and Start Teaching Them to Program>.
Usually provided by the institution/teacher:
- A web server, with student access to a MySQL database, PhpMyAdmin, SSH- and encrypted FTP access. Short open tags should be disallowed and display errors should be on, with an error reporting level of E_ALL.
- Practice servers, to install an HTTP-server, PHP and MySQL on.
- To help students write clean and readable code from day one, the teacher may provide PHP Code Sniffer. Many Linux distributions provides it through the packaging system, e.g. on Fedora, you can just do yum install phpcs. A suggested sniff is provided in the resources section.
Students are required to use:
- A full fledged editor or IDE.
- An FTP client that supports SFT and/or FTPS. (Can be part of the IDE or a browser extension.)
- An SSH client.