My take on Advanced PHP by Larry Ullman

Chapter 8 Review:

• What is an exception? How do exceptions differ from errors? (See page 244.)

Exceptions are OOP error messages. They are "caught" versus the need to definie via conditional statements.

• What exception methods will you commonly use? (See page 245.)

The standard Exception class in PHP has a number of methods to capture message, filename, line number etc.

• What is the try... catch syntax? (See page 244.)

The practice for wrapping all code in try {}, then catching errors in catch{}

• How do you create different exception types? (See page 251.)

You can extend the Exception class and customize to your needs. Only the __construct() and __toString() can be over-ridden and it's within those where you can customize and extend. We created the extended error handling for the WriteToFile example/class.

• What is PDO? What are the benefits of using PDO? (See page 258.)

PHP data objects is a new class as of php 5.? that allows portability between database types. It apparently offers performance improvements and is the recommended db connection practice in 2013.

• How do you connect to a database using PDO? (See pages 258 and 259.)

Create a $pdo object via: new PDO(dsn string, $username, $password, options)

• How do you execute a simple query using PDO? (See page 261.)

Basic steps are to take the db object created, say $pdo, then create a query string, say $q, then run query as follows: $pdo->exec($q). This will return the number of rows affected. For selects

• How do you execute a query that returns results, and fetch those results, using PDO? (See page 262.)

Simplest I can think of:

  1. Create query: $q="SELECT * FROM tbl ";
  2. $results= $pdo->query($q);
  3. $rows = $results->fetchAll();
  4. print_r($rows);

• What are prepared statements? How do you execute them using PDO? (See page 266.)

Prepared statements separate the query from the data inserted in the query. This solves the SQL injection problem (assuming data in query is validated). The most basic steps for running are:

  1. connection $pdo
  2. Create query $q - with "SELECT * FROM tbl WHERE user= :name"
  3. Data to include say, $data
  4. $stmt = $pdo->prepare($q);
  5. $stmt->execute(array of $data);
  6. $results = $stmt->fetchAll();

The better practices are to bind parameters to the execution. $stmt->bindParam(':name', $data, options); this will be bound to the execute() statement and not required including the $data as parameters of execute().Seems to provide a little more clarity to the process.

• What is the SPL? (See page 270.)

The Standard PHP Library. A fairly recent group of classes and data structures available to PHP as PHP v 5.3

• What SPL classes exist for working with files? (See page 271.)

SplFileInfo gets information about files, while SplFileObject enables read/write options. Very cool stuff!

• What is an iterator? (See page 273.)

Simply, iterator is a means to loop through something. In Spl - it provides classes for looping through some standard items like directories, ie DirectoryIterator.

• What are some of the new data structures added in the SPL? What advantages are there in using them? (See page 278.)

There is SplFixedArray for example, which should improve performance by defining the elements of an array, unlike basic php arrays which are inherently changeable.

• What are the benefits of having PHP autoload class files for you? How do you set that up? (See page 279.)

Use spl_autoload_register('my_loader_function') function is only going to include the class files it needs. The my_loader_function should spell out where to get your class files - and requires that the file titles are the same as your class name.