PHP I : Strings

Creating the Strings Form

Follow this lesson in Ullman Chapter 5. The scripts are located in the 05 directory.


Concatenation: the . character

$greeting = ‘Hello, ‘.$user;

$greeting = “Hello $user”;

$greeting = ‘Hello, ‘;

$greeting .= $user

View in your browser the pages posting.html and handle_post.php described on Ullman pages 86ff.

“Bait” the pages: try names with spaces, quotes, numbers. What works? What doesn’t?


Dealing with Magic Quotes

Take a good, careful look at this page:


Magic Quotes is a setting in PHP.INI that does exactly the same thing addslashes() does. All single-quote (‘), double quote (“), backslash (\) and NULL characters are escaped with a backslash.

To find out if it’s set:

echo get_magic_quotes_gpc();

echo get_magic_quotes_runtime();

echo ini_get(‘magic_quotes_sybase’);


Particularly see


stripslashes() # page 93
# remove slashes from a urlencoded string

addslashes() # page 95
# inserts escape slashes before special characters

ini_get() # page 95
# gets information about ini settings,
# for instance Magic Quotes:

// Adjust for magic quotes.
if (ini_get (‘magic_quotes_gpc’)) {
 $data = stripslashes ($_POST[‘form_input‘]);
} else {
 $data = $_POST[‘form_input‘];


Fill in posting.html and look at script_05_03/handle_post.php in your browser. “Bait” it. How well does it handle unusual input?


Manipulating XHTML with PHP

htmlspecialchars() # page 96
# turns some HTML tags into HTML entities

htmlentities() # page 96
# turns all HTML tags into HTML entities

nl2br() # page 96
# turns newlines to breaks

strip_tags() # page 96
# removes all HTML and PHP tags

html_entity_decode() # page 99
# returns all HTML entities to HTML tags

word_wrap() # page 99
# wraps a string at the number of characters you specify


Fill in posting.html and look at script_05_04/handle_post.php in your browser. Note the differences in the three different renderings.


Encoding and Decoding

urlencode() # page 100
# encodes a string so it can be appended to a URL

urldecode() # page 102
# decodes an encoded string

See the file thanks.php described on Ullman page 103. Why does it need URL encoding?


Substring Replacement

str_replace(needle, replacement, haystack)

str_replace(replace_this, with_this, in_this_string)
# page 105

Note that any of the arguments of str_replace() can be arrays.

Fill in posting.html and look at script_05_07/handle_post.php in your browser. Use the word “badword” in your posting.


strlen(string) # page 106
# Returns length of string

str_ireplace(needle, replacement, haystack) # page 106
# performs case-insensitive replacement
# PHP 5 only

str_word_count(string) # page 106
# counts words delimited by spaces

strtok(string) # page 107
# “cuts up” a string based on its separators

substr(string, start_from, end_at) # page 107
# takes a substring from a string based on index:

$sub = substr($string, 0, 10);

See Ullman p. 107 regarding Tokenizing, Searching and Comparing Strings.


strstr(needle, haystack) # page 107
# returns haystack from the first instance of needle to the end of haystack

# case-insensitive

strpos(needle, haystack) # page 107
# returns (numeric) position of needle

# case-insensitive

strcmp() # page 107
# compare two strings expressed in binary

# case-insensitive

strnatcmp() # page 107
# compare two strings in “natural order”

# case-insensitive

trim(string) # page 108
# strips spaces from beginning and end of string

ltrim() # page 111

rtrim() # page 111

ucfirst(string) # page 108
# capitalizes first character of string

ucwords(string) # page 108
# capitalizes first character of every word in string

strtoupper(string) # page 108
# capitalizes entire string

strtolower(string) # page 108
# renders string in lower case


And particularly for encryption:

crypt() # page 112
# one-way encryption: hashing

encrypt() # page 112
# encryption: requires Mcrypt

decrypt() # 112
# decryption: requires Mcrypt

See re. Mcrypt.


To do for this section:

Create a page that takes a needle, a replacement and a haystack in text boxes.

Create a result page that displays the result of your transformation.

Optional: Create a page that takes a name and crypts it. Can you encrypt and decrypt on your computer?


To do out of class:

Review Chapter 5 of Ullman.