Developing dynamic Web sites requires knowledge of several technologies, including a programming language and a database. Wyke-Smith uses open-source PHP, a server-side programming language, and a MySQL database to help readers gain this knowledge.
Wyke-Smith jumps right into coding principles in the first chapter, bypassing the usual background information. Those chapters that cover background information were moved to the book’s companion Web site (http://www.codinfortheweb.com). These chapters, along with sample files of all of the code used in the book, can be downloaded from the site. Up-to-date errata information and a form to email the author are also available.
Chapter A explains how the components of the three-tier architecture (Web page, Web server, and database) work together. Chapter B covers creating Web pages using Extensible Hypertext Markup Language (XHTML) and cascading style sheets (CSS) that conform to Web standards--an important part of the development techniques presented in the book.
A recurring topic is Web site security. The examples included are meant to be used on low-risk Web sites that store information of little or no value to a hacker. This type of information includes email addresses and names. For Web sites handling more sensitive information, like medical records or social security numbers, Wyke-Smith strongly recommends getting advice from an Internet security expert.
The discussion on creating and processing forms provides a simple real-world project to begin applying coding principles using PHP. The first order of business is to determine what steps are required to display and process the form.
Next, the form data must be validated. User-supplied data should only be trusted after it has passed several validation steps. The email address entered must be properly formatted so the visitor will be able to receive and respond to the confirmation email. Something as simple as typing a comma instead of a period can make the email address unusable. Instead of the reader having to comprehend the code in one large chunk, the form and its processing are completed in several small steps. Each step is followed by testing of the form and its functionally, along with an explanation of the PHP code. To help make the form user friendly, validation code is added that includes displaying error messages and reloading the submitted data into the form. The form processing example concludes with adding code to write the submitted information to a flat file. The file can be created in a tab-delimited format and imported into a spreadsheet for processing. This technique can be used on Web sites that collect and store small amounts of visitor information.
For those Web sites that require a more robust solution, a MySQL database is a possible answer. In the next chapter, the form processing is updated to use a MySQL database instead of a flat file. The easy-to-follow database discussion begins by showing the reader how to create a database, how to add tables to it, how to connect to the database server, and how to select the database. A brief introduction is provided for the code that is used to add the abilities to insert, select, update, and delete database information.
A full chapter on cookies and authentication spotlights the importance of security for any Web site. The chapter begins by showing the reader how to create a simple cookie that contains a single field. The discussion then moves to more complex cookies, which, depending on the browser, can contain up to four kilobytes of information. The cookie can be set to stay on the visitor’s hard drive for a year or more, unless deleted earlier by the user. The author also explains how to create an authentication system using a database, as well as the Web pages needed for it.
The final chapter covers building a Web site using PHP. The Web site in this chapter uses much of the code from the previous chapters. It presents the reader with techniques that reduce the time and effort needed to maintain and update the Web site. The author notes the advantages of using server-side include (SSI) files to hold HTML and PHP code that appears on multiple pages, for example, for site navigation.
The advantages of moving CSS rules to an external file include reducing the size of the individual Web pages, and providing a single file to update when a style change is needed.
I highly recommend this easy-to-read, informative book. It provides a beginning Web site programmer with the basic knowledge needed to be successful. It can also be useful to the experienced programmer who needs to learn about authentication, or needs to build a Web site that uses a database to store its information.
