Day 5 at rtCamp
Regular expression
- In PHP, regular expressions are strings composed of delimiters, a pattern and optional modifiers.
- Following function allow us to use regular expression
preg_match()
: Returns 1 if the pattern was found in the string and 0 if notpreg_match_all()
: Returns the number of times the pattern was found in the string, which may also be 0preg_replace()
: Returns a new string where matched patterns have been replaced with another string
preg_match()
$str = "Visit W3Schools";
$pattern = "/w3schools/i";
echo preg_match($pattern, $str);
// output --> 1
preg_match_all()
$str = "The rain in SPAIN falls mainly on the plains.";
$pattern = "/ain/i";
echo preg_match_all($pattern, $str);
// output --> 4
preg_replace()
$str = "Visit Microsoft!";
$pattern = "/microsoft/i";
echo preg_replace($pattern, "W3Schools", $str);
// output --> Visit W3Schools!
GET & POST
- $_GET is an array of variables passed to the current script via the URL parameters.
- $_POST is an array of variables passed to the current script via the HTTP POST method.
Form Validation
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
$_SERVER["PHP_SELF"]
is a superglobal variable that returns tha path of filename- $_SERVER["PHP_SELF"] sends the submitted form data to the page itself instead of jumping to a different page.
- $_SERVER["PHP_SELF"] variable can be used by hackers
<form method="post" action="test_form.php/"><script>alert('hacked')</script>
- The above code add script tag with alter command. To avoid this we use
htmlspecialchars
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
htmlspecialchars()
function converts special characters to HTML entities
<form method="post" action="test_form.php/"><script>alert('hacked')</script>">
- For form field validation we do following things
- trim data using
trim
function - remove backslash using
stripslashes
function - and use
htmlspecialchars
to convert html code to html entities
- trim data using
PHP Date
- In php
date()
function is used to get the date and time in specified - Following are some characters for date
d
: represents the day of month (01-31)m
: represents the month (01-12)Y
: represents year in four digitsl
: represents day of week
- Following are some characters for time
H
: 24 hours format (00-23)h
: 12 hours format (01-12)i
: minutes (00-59)s
: seconds (00-59)a
: lowercase am/pm
strtotime()
function is used to convert a human readable date string into a Unix timestamp (number of seconds since January 1 1970 00:00:00 GMT)
include and require Statements:
- Both are ways to include content of file in current php file
- But it has following difference
require
will produce a fatal error and stop the scriptinclude
will only produce a warning and the script will continue
Midday Questions
Main Thread in Browsers
:- Handles user events.
- Renders and paints HTML/CSS on the screen.
- Runs synchronous code in scripts.
Benefits of async-await
:- Improved syntax over then() chaining.
- Cleaner code, avoiding callback hell.
- Easy error handling with try-catch.
- Avoids callback hell problem.
API Calls in JavaScript
:- Methods: fetch, XMLHttpRequest, axios (3rd party), AJAX.
- Preferred: fetch for its simplicity and compatibility with promises.
DOM (Document Object Model)
:- Represents HTML elements in a tree structure.
- Enables dynamic manipulation of elements, content, and styles.
- Vital for creating dynamic web pages, updating content without refresh.
PHP vs. JavaScript Security
:- PHP and JavaScript serve different roles.
- PHP runs on the server, keeping its code secure.
- JavaScript runs in browsers, making its code visible.
- Security depends on how and where each language is used.
PHP Cookies vs. JavaScript Cookies
:- PHP Cookies:
- Server-side management.
- Sent from the server to the client.
- Stores less sensitive data.
- Accessed using $_COOKIE superglobal.
- JavaScript Cookies:
- Client-side management.
- Uses document.cookie to set cookies on the browser.
- PHP Cookies: