Copyright 2009 Justin C. Klein Keane PHP Code Auditing Session 1 – PHP Foundations Justin C. Klein Keane

Slides:

Advertisements

Similar presentations

©2009 Justin C. Klein Keane PHP Code Auditing Session 4.2 – File Include Vulnerabilities Justin C. Klien Keane

Advertisements

1 PHP Statement Constructs Server Scripting. 5-2 Basic Statement All Statements end in a semicolon. Statements are delimited from the HTML code by enclosing.

PHP Introduction.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 14 Web Database Programming Using PHP.

Working with JavaScript. 2 Objectives Introducing JavaScript Inserting JavaScript into a Web Page File Writing Output to the Web Page Working with Variables.

XP 1 Working with JavaScript Creating a Programmable Web Page for North Pole Novelties Tutorial 10.

PHP Server-side Programming. PHP  PHP stands for PHP: Hypertext Preprocessor  PHP is interpreted  PHP code is embedded into HTML code  interpreter.

PHP By Dr. Syed Noman Hasany. PHP PHP was originally created by Rasmus Lerdorf in PHP stands for PHP: Hypertext Preprocessor (a recursive acronym).

August Chapter 1 - Essential PHP spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science and Technology.

ALBERT WAVERING BOBBY SENG. Week Whatever: PHP  Announcements/questions/complaints.

NMD202 Web Scripting Week1. Contact Information – Lecturer is a part time member of staff. Students are encouraged to use.

2010/11 : [1]Building Web Applications using MySQL and PHP (W1)PHP Recap.

PHP H ypertext P re-processor. Unit 6 - PHP - Hello World! - Data types - Control structures - Operators.

An Introduction to PHP The University of Tennessee at Chattanooga C. Daniel Chase “An introduction to basic PHP use with a focus on the power of dynamic.

INTERNET APPLICATION DEVELOPMENT For More visit:

NMED 3850 A Advanced Online Design January 26, 2010 V. Mahadevan.

School of Computing and Information Systems CS 371 Web Application Programming PHP - Basics Serving up web pages.

Chap 3 – PHP Quick Start COMP RL Professor Mattos.

XP Tutorial 10New Perspectives on Creating Web Pages with HTML, XHTML, and XML 1 Working with JavaScript Creating a Programmable Web Page for North Pole.

November 2003Bent Thomsen - FIT 6-11 IT – som værktøj Bent Thomsen Institut for Datalogi Aalborg Universitet.

Creating Dynamic Web Pages Using PHP and MySQL CS 320.

Introduction to PHP A user navigates in her browser to a page that ends with a.php extension The request is sent to a web server, which directs the request.

Overview: 1. Discussion of the basic architecture of a web application. 2. Discussion of the relevance of using MySQL and PHP in a web application.

PHP Teresa Worner. What is it? PHP: Hypertext Preprocessor server-side scripting language open source cross-platform compatible with almost all servers.php.php3.phtml.

CS320 Web and Internet Programming Introduction to PHP Chengyu Sun California State University, Los Angeles.

PHP PHP: Hypertext Preprocesor Personal Home Page Tools.

Just a Little PHP Programming PHP on the Server. Common Programming Language Features Comments Data Types Variable Declarations Expressions Flow of Control.

1Computer Sciences Department Princess Nourah bint Abdulrahman University.

Intro to PHP IST2101. Review: HTML & Tags 2IST210.

Introduction to PHP Advanced Database System Lab no.1.

What is PHP? PHP stands for PHP: Hypertext Preprocessor PHP is a server-side scripting language, like ASP PHP scripts are executed on the server PHP supports.

PHP Arūnas Liuiza. PHP 101 What is PHP? Widely popular dynamic interpreted opensource programming language, aimed for web development Syntax is simmilar.

PHP - 1h. How it works Client requests document Server loads document in memory Server processes document with relevant module (PHP) Server sends XHTML.

CSE 154 LECTURE 5: INTRO TO PHP. URLs and web servers usually when you type a URL in your browser: your computer looks up the.

©John Samuel 2008 Introduction to PHP. ©John Samuel 2008 Objectives At the end of this class the student will be able to; Create and run a simple php.

הרצאה 4. עיבוד של דף אינטרנט דינמי מתוך Murach’s PHP and MySQL by Joel Murach and Ray Harris.  דף אינטרנט דינמי משתנה עפ " י הרצת קוד על השרת, יכול להשתנות.

IT ELECTIVE 2.  Web server Can refer to either the hardware (the computer) or the software (the computer application) that helps to deliver content that.

CHAPTER 6 Introduction to PHP5 Part I อ. ยืนยง กันทะเนตร คณะเทคโนโลยีสารสนเทศและการสื่อสาร มหาวิทยาลัยพะเยา 1.

Just a Little PHP Programming PHP on the Server. Common Programming Language Features Comments Data Types Variable Declarations Expressions Flow of Control.

Chap 2 – Getting Started COMP YL Professor Mattos.

PHP OVERVIEW. C ONTENT Introduction of PHP History and development Basics of PHP programming.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting PHP Basics.

 A PHP script can be placed anywhere in the document.  A PHP script starts with  The default file extension for PHP files is ".php".  A PHP file normally.

Chapter 1 Introduction to PHP Part 1. Textbook’s Code DOWNLOADS PHP and MySQL for Dynamic Web Sites Complete Set of Scripts.

IS2803 Developing Multimedia Applications for Business (Part 2) Lecture 2: Introduction to IS2803 Rob Gleasure

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 14 Web Database Programming Using PHP.

PHP Syntax You cannot view the PHP source code by selecting "View source" in the browser - you will only see the output from the PHP file, which is plain.

1 PHP Intro PHP Introduction After this lecture, you should be able to: Know the fundamental concepts of Web Scripting Languages in general, PHP in particular.

Session 2: PHP Language Basics iNET Academy Open Source Web Development.

Dr. Abdullah Almutairi Spring PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used,

CSE 154 LECTURE 14: INTRO TO PHP. URLs and web servers usually when you type a URL in your browser: your computer looks up the.

PHP-Basic By- Tanvi Raval. Pre-requisites Before you continue you should have a basic understanding of the following: 1. HTML 2. JavaScript.

PHP Tutorial. What is PHP PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages.

CGS 3066: Web Programming and Design Spring 2016 PHP.

Scott Marino MSMIS Summer Session Web Site Design and Authoring Session 13 Scott Marino.

PHP using MySQL Database for Web Development (part II)

CGS 3066: Web Programming and Design Spring 2017

Introduction to Dynamic Web Programming

CHAPTER 5 SERVER SIDE SCRIPTING

Introduction to PHP Part 1

PHP (PHP: Hypertext Preprocessor)

Exploring JavaScript Ch 14

Server-Side Application and Data Management IT IS 3105 (Spring 2010)

PHP Introduction.

JavaScript an introduction.

Web DB Programming: PHP

PHP an introduction.

Presentation transcript:

Copyright 2009 Justin C. Klein Keane PHP Code Auditing Session 1 – PHP Foundations Justin C. Klein Keane

Copyright 2009 Justin C. Klein Keane Overview Purpose of these sessions Gage PHP competency Assignments Length of the course

Copyright 2009 Justin C. Klein Keane What is PHP? Dynamic scripting language  Written in C Served by a web server (Apache) CLI Current version is PHP 5

Copyright 2009 Justin C. Klein Keane Commercial Support Zend (  Produces Zend Studio IDE  Also produces debuggers, enterprise servers, etc.  Founded by some of the chief PHP developers

Copyright 2009 Justin C. Klein Keane Developing PHP Access to a web server that supports PHP Eclipse using PHP Development Tools (PDT)  Bundle from Nice to have Remote System Exporer (RSE) installed as well  Best source of documentation is

Copyright 2009 Justin C. Klein Keane PHP Basics PHP is plain text When a URL is requested Apache parses the text file and interprets any PHP  Apache must be able to read the file  Apache interprets the file every time.php is the common extension but any is possible

Copyright 2009 Justin C. Klein Keane Structure of PHP PHP is delimited with: <?php ?> Any material between the delimiters is interpreted Text outside of the delimiters is treated as static

Copyright 2009 Justin C. Klein Keane Simple 'Hello world' <?php echo “Hello world”; ?>

Copyright 2009 Justin C. Klein Keane Web friendly 'Hello world' <?php echo “Hello world”; ?>

Copyright 2009 Justin C. Klein Keane Apache renders as: Hello world

Copyright 2009 Justin C. Klein Keane PHP Syntax - Comments // One line comment /* Multiline comment */ # Acceptable but discouraged one line comment

Copyright 2009 Justin C. Klein Keane PHP Syntax Basics - Variables Variables are denoted with the $ sign Variables names must be alphanumeric or undersign PHP variables are case sensitive

Copyright 2009 Justin C. Klein Keane PHP Variables Variables are not statically typed Integers can become floats can become strings Variable types include:  Boolean  Integer  Float  String  Array  Object  Resource  NULL

Copyright 2009 Justin C. Klein Keane Operators Arithmetic operators  +, -, *, /, % String operators . Assignment operators  =,.=, +=, -=, *=, /=

Copyright 2009 Justin C. Klein Keane Operators (cont.) Comparison operators  ==, ===, !=, <>, !==,, = Increment, decrement operators  ++, -- (pre and post) Logical operators  !, &&, ||, and, or, xor

Copyright 2009 Justin C. Klein Keane Strings Strings are delimited by quotes  Different behavior depending on single or double quote Example strings:  $a = 'foo';  $b = “$a bar”;  $c = $a. $b

Copyright 2009 Justin C. Klein Keane Arrays $array = array(); $array = ('one', 'two', 'three'); $array[0] = 'new one'; $assoc_array = ('one'=>'uno', 'two'=>'dos'); $assoc_array['one'] = 'uno nuevo';

Copyright 2009 Justin C. Klein Keane Control Structures If Else Elseif and else if

Copyright 2009 Justin C. Klein Keane If Else Statement if ($a < $b) { print “$a is less than $b”; } else { print “$b is less than $a”; } Can you spot the logic flaw above?

Copyright 2009 Justin C. Klein Keane If Else Statement (alt) if ($a < $b) echo “$a is less than $b”; else if ($a == $b) echo “$a is equal to $b”; else echo “$b is less than $a”;

Copyright 2009 Justin C. Klein Keane Ternary Statement $result = ($a < $b) ? 'a is less' : 'a is not less';

Copyright 2009 Justin C. Klein Keane While loops $a = 1; while ($a < 10) { echo $a. “ ”; $a++; }

Copyright 2009 Justin C. Klein Keane Do While Loops $a = 0; do { echo $a; $a++; } while ($a < 10);

Copyright 2009 Justin C. Klein Keane For loop for ($a=0; $a<10; $a++) { echo $a. “ ”; }

Copyright 2009 Justin C. Klein Keane Break Control for ($a=0; $a<10; $a++) { if ($a == 5) break; echo $a; }

Copyright 2009 Justin C. Klein Keane Continue (skip) for ($a=0; $a<10; $a++) { if ($a==5) continue; print $a; }

Copyright 2009 Justin C. Klein Keane Switch switch ($a) { case 0: echo 'a is zero'; break; case 1: echo 'a is one'; break; default: echo 'a is something else'; }

Copyright 2009 Justin C. Klein Keane Functions function foo() { return “bar”; } echo foo();

Copyright 2009 Justin C. Klein Keane Functions (cont.) function foo($a='bar') { $a.= “ something”; return $a; } $retval = foo('foo');

Copyright 2009 Justin C. Klein Keane Classes class Foo { $name; __construct($name) { $this->name = $name; } $myvar = new Foo('foobar'); echo $myvar->name;

Copyright 2009 Justin C. Klein Keane Classes (cont.) class Foo { $var = 'bar'; function getVar() { $var = 'inner_var'; return $var; } $a = new Foo(); $b = $a->getVar();

Copyright 2009 Justin C. Klein Keane Building PHP with Includes <?php include('inc/foo.php'); require('inc/bar.php'); $a = new Foo(); echo $a->somevar; ?>

Copyright 2009 Justin C. Klein Keane Some Useful Built-in Functions for Debugging die(“message”); echo “ ”; print_r($variable); echo phpinfo();

Copyright 2009 Justin C. Klein Keane For Next Time 1) Install Eclipse PDT 2) Install the RSE extensions 3) Download the VMWare image for development 4) Connect to the VMWare image web root at: /var/www/html 5) Create a new default page with your name and the PHP configuration information