[Week 8, Continued] [David J. Malan] [Harvard University] [This is CS50.] [CS50.TV] This is CS50, so this is the end of Week 8 here. We of course had a bit of a hurricane earlier this week, so right now it is really just you and me in this lecture hall, but today we continue our conversation about PHP and about web programming more generally, and we also introduce the idea of databases, particularly one called MySQL, which is quite popular these days, in large part because of its scalability as well as because its being free and open source. But first, a look at where we left off last time. Recall that we were looking at the several Frosh IMs examples, and this was the hideous form that I came up with some 15+ years ago in order to have students on campus register for freshman intramural sports without actually having to trek anymore across the yard to Wigglesworth to slide a physical piece of paper underneath some proctor's door. Instead we moved everything online, but to do that we needed to make use of a few technologies, so one, we needed HTML, hypertext markup language, which again is this markup language with which you make web pages structurally. Using a bit of CSS these days, cascading style sheets, whereby we use stylizations of the web page using a slightly different syntax, whereas the HTML was all about the structure thereof. We also need to introduce a web programming language. In this case, we'll use PHP, and PHP is going to allow us to dynamically output content as well as do programmatic things like sending emails, as was the case on the note we left last week. Recall that the code for this was in 2 parts. One, we had froshims3.php, and this was largely markup with an HTML form inside of it, a tiny bit of CSS up here in the style attributes so that the form itself would be centered on the page, but beyond that we had some representative form inputs, a text field, a checkbox, some radio buttons, a select menu, and a submit button. And via this form, we submitted to a file that was apparently called register3.php, which itself looked a little something like this. Now, most of the code in register3.php, recall, was all about email. It did a little bit of validation of the form that was submitted to make sure that the fields were actually provided that were expected. Then we called some PHP functions using slightly new syntax, even though it's borrowed from C. This arrow operator allows us to make use of something called object-oriented programming. We won't go into that in any detail here, but know for now it's a way of having functions associated with objects, which are a special type of structure, as we saw in C. But for now, just take on faith that this is the correct syntax to use when using a library like this PHPMailer library. And then by the end of this file we had dynamically generated an email that got sent to my jharvard@cs50.net account from my jharvard@cs50.net account, and we informed the user accordingly that they had been registered for this sport. That is pretty much what the Frosh IMs site did all those years ago when I implemented it, granted, in a different language, but it shows you perhaps the power that you have now that you can express yourself not only programmatically at a low level in a language like C but at a much higher level with these very real world applications like email to actually solve some real world problems. Now, of course, even though I use this script to generate some emails dynamically from jharvard@cs50.net, which is indeed an account that I have access to, do be quite careful to send mail only from accounts that are actually your own, lest things get you in a bit of hot water in life. With that said, let's now transition to solving a different problem altogether, that of retaining states. Now, what does this actually mean? HTTP, this hypertext transfer protocol, is actually a stateless protocol, and what this means is that when you pull up something like Google.com and then hit enter usually your browser has some kind of spinning icon that then results in some web page being downloaded, and then that little icon stops spinning, and that indeed suggests that HTTP has completed some kind of connection to the server and that's it. HTTP is stateless in the sense that it doesn't maintain a persistent connection to the server in the same way Skype does or Gchat does because with HTTP the assumption is that once you've fetched a web page that's it. Now, in reality these days on sites like Facebook and Google Maps and Twitter and the like there's a lot more dynamism whereby even after that icon stops spinning you can in fact get more updates from the server, more tweets, more status updates on Facebook and the like. But even that is using a technique that we'll talk about in a week or two known as Ajax using a language called JavaScript, but at the end of the day, HTTP is still stateless. And yet if you want to somehow remember things about a user even after they've disconnected from your server PHP does afford you a means of doing this because, as we saw last time, PHP has a number of superglobals, and a superglobal is, again, a special global variable that's handed to you by the web server and by PHP itself. You don't have to do anything to put values in it, and among the superglobals we've seen thus far are get and post, which is where form fields are put automatically for you, as well as a couple of others that we haven't seen yet. Inside of $_server are some special variables related to the server itself. What's the IP address, what protocol, HTTP or HTTPS did you use, what request method did you use and the like, so there's some interesting, juicy details about the server, and in fact, the user in there as well. There's $_cookie, which is where these things called cookies are stored. We won't spend time on cookies themselves today, but know for now that a cookie is just a small piece of information that a web server can plant on a web browser and in turn its RAM or its computer's hard drive to store information about a user, for instance, their user name so that they don't have to type it every time they log in or some unique number or identifier for that user so that you don't have to pester them with the same kinds of questions about preferences in the future, but most of interest right now is $_session. This superglobal, which, like the others, is handed to you automatically by PHP when you're writing PHP-based websites can store anything you want, strings, integers, floating points, values, arrays, objects, really anything that you want, and it allows you to store it in such a way that even if the user visits you now and then comes back a minute from now or 5 minutes from now because they take their time before clicking some other link PHP will ensure that whatever you put in that session superglobal a minute or 5 minutes ago will still be there when the user returns. And underneath the hood this superglobal is implemented by way of those things called cookies, but for now, it's just an abstraction whereby it's sort of the programmatic equivalent of a shopping cart. Whatever you, the programmer, put in that superglobal associative array will be there some number of minutes later until you delete it or until the user quits his or her browser altogether. Let's take a look at an example of how this thing is actually used. In counter.php among today's pieces of code we have the following line. At the start of this file we have a bunch of blue comments, which are uninteresting for now. But in line 13 we have a new line, session_start, and that actually does exactly what it says. It starts sessions. It enables you to use that big superglobal $_session, and it's as simple as that. Now, if we proceed to look at line 16, let's try to figure out what this web page is going to do. If (isset ($_SESSION ["counter"]) then go ahead and store in the counter variable, lowercase counter, $_SESSION ["counter"]. This seems to be declaring a local variable called counter inside of which it's putting a copy of whatever is inside of the superglobal called session at the location "counter." Else, apparently, this little local variable counter, is initialized to 0. But then a few lines later in 26 notice that the session's copy of counter, its key, has a new value assigned which is its current value plus 1. In short, this file seems to be updating a counter that's stored inside of the session superglobal by incrementing it by 1, but it first retains a copy of the previous value by storing it in a local variable called $counter, and then down here let's see what remains. It turns out it's pretty much just HTML. At the bottom of this page we see in line 37 that I have visited this site counter number of times, so there's a couple interesting features here. One, this is clearly a variable, but it doesn't suffice to just put $counter in the body of your HTML because of course if it's just there among your HTML PHP is going to assume that's just HTML. You literally want $counter to be printed on the screen. But instead by dropping into PHP mode with this piece of syntax we can dynamically insert a value here very similar in spirit to what we did last time with inserting values into strings. In fact, this is just a shorthand notation for saying something like this literally, print ($counter) or even something like printf (%s, counter), or even, as you may have seen online or in textbooks, there's a function in PHP called echo which does the same thing, and all of those are just longer winded ways of saying