PHP is a
general-purpose scripting language
A scripting language or script language is a programming language that is used to manipulate, customize, and automate the facilities of an existing system. Scripting languages are usually interpreted at runtime rather than compiled.
A scripting ...
geared toward
web development
Web development is the work involved in developing a website for the Internet (World Wide Web) or an intranet (a private network). Web development can range from developing a simple single static page of plain text to complex web applications ...
. It was originally created by Danish-Canadian
programmer
A computer programmer, sometimes referred to as a software developer, a software engineer, a programmer or a coder, is a person who creates computer programs — often for larger computer software.
A programmer is someone who writes/creates ...
Rasmus Lerdorf in 1993 and released in 1995.
The PHP
reference implementation
In the software development process, a reference implementation (or, less frequently, sample implementation or model implementation) is a program that implements all requirements from a corresponding specification. The reference implementation o ...
is now produced by The PHP Group.
PHP originally stood for ''Personal Home Page'',
but it now stands for the
recursive initialism ''PHP: Hypertext Preprocessor''.
PHP code is usually processed on a
web server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initia ...
by a PHP
interpreter implemented as a
module
Module, modular and modularity may refer to the concept of modularity. They may also refer to:
Computing and engineering
* Modular design, the engineering discipline of designing complex devices using separately designed sub-components
* Modul ...
, a
daemon
Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and Greek mythology, mythology and of later Hellenistic religion and Hell ...
or as a
Common Gateway Interface
In computing, Common Gateway Interface (CGI) is an interface specification that enables web servers to execute an external program, typically to process user requests.
Such programs are often written in a scripting language and are commonly r ...
(CGI) executable. On a web server, the result of the
interpreted and executed PHP code which may be any type of data, such as generated
HTML
The HyperText Markup Language or HTML is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets (CSS) and scripting languages such as JavaS ...
or
binary image data would form the whole or part of an
HTTP
The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide We ...
response. Various
web template system
A web template system in web publishing lets web designers and developers work with ''web templates'' to automatically generate custom web pages, such as the results from a search. This reuses static web page elements while defining dynamic e ...
s, web
content management system
A content management system (CMS) is computer software used to manage the creation and modification of digital content ( content management).''Managing Enterprise Content: A Unified Content Strategy''. Ann Rockley, Pamela Kostur, Steve Manning. New ...
s, and
web framework
A web framework (WF) or web application framework (WAF) is a software framework that is designed to support the development of web applications including web services, web resources, and web APIs. Web frameworks provide a standard way to build an ...
s exist which can be employed to orchestrate or facilitate the generation of that response. Additionally, PHP can be used for many programming tasks outside the web context, such as standalone
graphical applications and
robotic
Robotics is an interdisciplinary branch of computer science and engineering. Robotics involves design, construction, operation, and use of robots. The goal of robotics is to design machines that can help and assist humans. Robotics integrate ...
drone
Drone most commonly refers to:
* Drone (bee), a male bee, from an unfertilized egg
* Unmanned aerial vehicle
* Unmanned surface vehicle, watercraft
* Unmanned underwater vehicle or underwater drone
Drone, drones or The Drones may also refer to: ...
control. PHP code can also be directly executed from the
command line
A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...
.
The standard PHP interpreter, powered by the
Zend Engine, is
free software
Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, n ...
released under the
PHP License
The ''PHP License'' is the software license under which the PHP scripting language is released. The PHP License is designed to encourage widespread adoption of the source code. Redistribution is permitted in source or binary form with or wit ...
. PHP has been widely ported and can be deployed on most web servers on a variety of
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs.
Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
s and
platforms.
The PHP language evolved without a written
formal specification
In computer science, formal specifications are mathematically based techniques whose purpose are to help with the implementation of systems and software. They are used to describe a system, to analyze its behavior, and to aid in its design by verif ...
or standard until 2014, with the original
implementation
Implementation is the realization of an application, or execution of a plan, idea, model, design, specification, standard, algorithm, or policy.
Industry-specific definitions
Computer science
In computer science, an implementation is a real ...
acting as the ''
de facto
''De facto'' ( ; , "in fact") describes practices that exist in reality, whether or not they are officially recognized by laws or other formal norms. It is commonly used to refer to what happens in practice, in contrast with '' de jure'' ("by l ...
'' standard which other implementations aimed to follow. Since 2014, work has gone on to create a formal PHP specification.
W3Techs reports that, , "PHP is used by 74.4% of all the websites whose server-side programming language we know." PHP version 7.4 is the most used version. Support for version 7.3 was dropped on 6 December 2021.
History
Early history
PHP development began in 1993
when
Rasmus Lerdorf wrote several
Common Gateway Interface
In computing, Common Gateway Interface (CGI) is an interface specification that enables web servers to execute an external program, typically to process user requests.
Such programs are often written in a scripting language and are commonly r ...
(CGI) programs in
C,
which he used to maintain his
personal homepage
Personal web pages are World Wide Web pages created by an individual to contain content of a personal nature rather than content pertaining to a company, organization or institution. Personal web pages are primarily used for informative or ente ...
. He extended them to work with
web forms and to communicate with
database
In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases ...
s, and called this implementation "Personal Home Page/Forms Interpreter" or PHP/FI.
PHP/FI could be used to build simple,
dynamic web application
A server-side dynamic web page is a web page whose construction is controlled by an application server processing server-side scripts. In server-side scripting, Parameter (computer programming), parameters determine how the assembly of every new ...
s. To accelerate
bug reporting and improve the code, Lerdorf initially announced the release of PHP/FI as "Personal Home Page Tools (PHP Tools) version 1.0" on the
Usenet
Usenet () is a worldwide distributed discussion system available on computers. It was developed from the general-purpose Unix-to-Unix Copy (UUCP) dial-up network architecture. Tom Truscott and Jim Ellis conceived the idea in 1979, and it wa ...
discussion group ''comp.infosystems.www.authoring.cgi'' on June 8, 1995.
This release already had the basic functionality that PHP has today. This included
Perl-like variables, form handling, and the ability to embed
HTML
The HyperText Markup Language or HTML is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets (CSS) and scripting languages such as JavaS ...
. The
syntax
In linguistics, syntax () is the study of how words and morphemes combine to form larger units such as phrases and sentences. Central concerns of syntax include word order, grammatical relations, hierarchical sentence structure ( constituenc ...
resembled that of
Perl
Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages. "Perl" refers to Perl 5, but from 2000 to 2019 it also referred to its redesigned "sister language", Perl 6, before the latter's name was offic ...
, but was simpler, more limited and less consistent.
An example of the early PHP
syntax
In linguistics, syntax () is the study of how words and morphemes combine to form larger units such as phrases and sentences. Central concerns of syntax include word order, grammatical relations, hierarchical sentence structure ( constituenc ...
:
Hey, you are using Netscape!
Sorry, that record does not exist
Welcome !
You have credits left in your account.
Early PHP was not intended to be a new
programming language
A programming language is a system of notation for writing computer programs. Most programming languages are text-based formal languages, but they may also be graphical. They are a kind of computer language.
The description of a programming ...
, and grew organically, with Lerdorf noting in retrospect: "I don't know how to stop it, there was never any intent to write a programming language
..I have absolutely no idea how to write a programming language, I just kept adding the next logical step on the way."
A development team began to form and, after months of work and
beta
Beta (, ; uppercase , lowercase , or cursive ; grc, βῆτα, bē̂ta or ell, βήτα, víta) is the second letter of the Greek alphabet. In the system of Greek numerals, it has a value of 2. In Modern Greek, it represents the voiced labiod ...
testing, officially released PHP/FI 2 in November 1997.
The fact that PHP was not originally designed, but instead was developed organically has led to inconsistent naming of functions and inconsistent ordering of their parameters. In some cases, the function names were chosen to match the lower-level libraries which PHP was "wrapping", while in some very early versions of PHP the length of the function names was used internally as a
hash function
A hash function is any function that can be used to map data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or simply ''hashes''. The values are usually ...
, so names were chosen to improve the distribution of
hash values
A hash function is any Function (mathematics), function that can be used to map data (computing), data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or si ...
.
PHP 3 and 4
Zeev Suraski and
Andi Gutmans
Andi (Andrei) Gutmans is an Israeli programmer and entrepreneur.
Biography
Andi Gutmans holds a bachelor’s degree in Computer Science from the Technion in Haifa. Gutmans holds four citizenships: Swiss, British, Israeli and American.
Business ...
rewrote the
parser
Parsing, syntax analysis, or syntactic analysis is the process of analyzing a string of symbols, either in natural language, computer languages or data structures, conforming to the rules of a formal grammar. The term ''parsing'' comes from Lat ...
in 1997 and formed the base of PHP 3, changing the language's name to the
recursive acronym
A recursive acronym is an acronym that refers to itself, and appears most frequently in computer programming. The term was first used in print in 1979 in Douglas Hofstadter's book '' Gödel, Escher, Bach: An Eternal Golden Braid'', in which Hofs ...
''PHP: Hypertext Preprocessor''.
Afterwards, public testing of PHP 3 began, and the official launch came in June 1998. Suraski and Gutmans then started a new
rewrite of PHP's core, producing the
Zend Engine in 1999. They also founded
Zend Technologies in
Ramat Gan
Ramat Gan ( he, רָמַת גַּן or , ) is a city in the Tel Aviv District of Israel, located east of the municipality of Tel Aviv and part of the Tel Aviv metropolitan area. It is home to one of the world's major diamond exchanges, and man ...
,
Israel
Israel (; he, יִשְׂרָאֵל, ; ar, إِسْرَائِيل, ), officially the State of Israel ( he, מְדִינַת יִשְׂרָאֵל, label=none, translit=Medīnat Yīsrāʾēl; ), is a country in Western Asia. It is situated ...
.
On 22 May 2000, PHP 4, powered by the Zend Engine 1.0, was released.
By August 2008, this branch had reached version 4.4.9. PHP 4 is now no longer under development and nor are any security updates planned to be released.
PHP 5
On 1 July 2004, PHP 5 was released, powered by the new Zend Engine II.
PHP 5 included new features such as improved support for
object-oriented programming
Object-oriented programming (OOP) is a programming paradigm based on the concept of "objects", which can contain data and code. The data is in the form of fields (often known as attributes or ''properties''), and the code is in the form of ...
, the PHP Data Objects (PDO) extension (which defines a lightweight and consistent interface for accessing databases), and numerous performance enhancements. In 2008, PHP 5 became the only stable version under development.
Late static binding had been missing from previous versions of PHP, and was added in version 5.3.
Many high-profile open-source projects ceased to support PHP 4 in new code from February 5, 2008, because of the GoPHP5 initiative,
provided by a consortium of PHP developers promoting the transition from PHP 4 to PHP 5.
Over time, PHP interpreters became available on most existing
32-bit
In computer architecture, 32-bit computing refers to computer systems with a processor, memory, and other major system components that operate on data in 32- bit units. Compared to smaller bit widths, 32-bit computers can perform large calculati ...
and
64-bit
In computer architecture, 64-bit integers, memory addresses, or other data units are those that are 64 bits wide. Also, 64-bit CPUs and ALUs are those that are based on processor registers, address buses, or data buses of that size. A ...
operating systems, either by building them from the PHP source code, or by using pre-built binaries. For PHP versions 5.3 and 5.4, the only available
Microsoft Windows
Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ...
binary distributions were 32-bit
IA-32
IA-32 (short for "Intel Architecture, 32-bit", commonly called i386) is the 32-bit version of the x86 instruction set architecture, designed by Intel and first implemented in the 80386 microprocessor in 1985. IA-32 is the first incarnatio ...
builds, requiring Windows 32-bit compatibility mode while using
Internet Information Services
Internet Information Services (IIS-pronounced 2S, formerly Internet Information Server) is an extensible web server software created by Microsoft for use with the Windows NT family. IIS supports HTTP, HTTP/2, HTTPS, FTP, FTPS, SMTP and NN ...
(IIS) on a 64-bit Windows platform. PHP version 5.5 made the 64-bit
x86-64
x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit version of the x86 instruction set, first released in 1999. It introduced two new modes of operation, 64-bit mode and compatibility mode, along with a new 4-level paging ...
builds available for Microsoft Windows.
Official security support for PHP 5.6 ended on 31 December 2018.
PHP 6 and Unicode
PHP received mixed reviews due to lacking native
Unicode
Unicode, formally The Unicode Standard,The formal version reference is is an information technology standard for the consistent encoding, representation, and handling of text expressed in most of the world's writing systems. The standard, ...
support at the core language level. In 2005, a project headed by Andrei Zmievski was initiated to bring native
Unicode
Unicode, formally The Unicode Standard,The formal version reference is is an information technology standard for the consistent encoding, representation, and handling of text expressed in most of the world's writing systems. The standard, ...
support throughout PHP, by embedding the
International Components for Unicode
International Components for Unicode (ICU) is an open-source project of mature C/ C++ and Java libraries for Unicode support, software internationalization, and software globalization. ICU is widely portable to many operating systems and environ ...
(ICU) library, and representing text strings as
UTF-16
UTF-16 (16-bit Unicode Transformation Format) is a character encoding capable of encoding all 1,112,064 valid code points of Unicode (in fact this number of code points is dictated by the design of UTF-16). The encoding is variable-length, as cod ...
internally. Since this would cause major changes both to the internals of the language and to user code, it was planned to release this as version 6.0 of the language, along with other major features then in development.
However, a shortage of developers who understood the necessary changes, and performance problems arising from conversion to and from UTF-16, which is rarely used in a web context, led to delays in the project. As a result, a PHP 5.3 release was created in 2009, with many non-Unicode features back-ported from PHP 6, notably namespaces. In March 2010, the project in its current form was officially abandoned, and a PHP 5.4 release was prepared containing most remaining non-Unicode features from PHP 6, such as traits and closure re-binding. Initial hopes were that a new plan would be formed for Unicode integration, but by 2014 none had been adopted.
PHP 7
During 2014 and 2015, a new major PHP version was developed, PHP 7. The numbering of this version involved some debate among internal developers. While the PHP 6 Unicode experiment had never been released, several articles and book titles referenced the PHP 6 name, which might have caused confusion if a new release were to reuse the name. After a vote, the name PHP 7 was chosen.
The foundation of PHP 7 is a PHP
branch
A branch, sometimes called a ramus in botany, is a woody structural member connected to the central trunk of a tree (or sometimes a shrub). Large branches are known as boughs and small branches are known as twigs. The term '' twig'' usuall ...
that was originally dubbed ''PHP next generation'' (''phpng''). It was authored by Dmitry Stogov, Xinchen Hui and Nikita Popov, and aimed to optimize PHP performance by refactoring the Zend Engine while retaining near-complete language compatibility. By 14 July 2014,
WordPress
WordPress (WP or WordPress.org) is a free and open-source content management system (CMS) written in hypertext preprocessor language and paired with a MySQL or MariaDB database with supported HTTPS. Features include a plugin architectu ...
-based benchmarks, which served as the main benchmark suite for the phpng project, showed an almost 100% increase in performance. Changes from phpng make it easier to improve performance in future versions, as more compact data structures and other changes are seen as better suited for a successful migration to a
just-in-time (JIT) compiler.
Because of the significant changes, the reworked Zend Engine was called ''Zend Engine 3'', succeeding Zend Engine 2 used in PHP 5.
Because of the major internal changes in phpng, it must receive a new
major version number of PHP, rather than a minor PHP 5 release, according to PHP's release process.
Major versions of PHP are allowed to break backward-compatibility of code and therefore PHP 7 presented an opportunity for other improvements beyond phpng that require backward-compatibility breaks. In particular, it involved the following changes:
* Many fatal or recoverable-level legacy PHP error mechanisms were replaced with modern object-oriented
exceptions.
* The syntax for variable dereferencing was reworked to be internally more consistent and complete, allowing the use of the operators
->
,
[]
,
()
,
, and
::
, with arbitrary meaningful left-side expressions.
* Support for legacy PHP 4-style constructor methods was deprecated.
* The behavior of the
foreach
statement was changed to be more predictable.
* Constructors for the few classes built-in to PHP which returned null upon failure were changed to throw an exception instead, for consistency.
* Several unmaintained or deprecated
server application programming interface
In computing, server application programming interface (SAPI) is the direct module interface to web servers such as the Apache HTTP Server, Microsoft IIS, and Oracle iPlanet Web Server. Microsoft uses the term Internet Server Application Programmi ...
s (SAPIs) and extensions were removed from the PHP core, most notably the legacy
mysql
extension.
* The behavior of the
list()
operator was changed to remove support for strings.
* Support was removed for legacy ASP-style delimiters
<%
and
%>
and
<script language="php"> ... </script>
.
* An oversight allowing a
switch statement
In computer programming languages, a switch statement is a type of selection control mechanism used to allow the value of a variable or expression to change the control flow of program execution via search and map.
Switch statements function s ...
to have multiple
default
clauses was fixed.
* Support for hexadecimal number support in some implicit conversions from strings to number types was removed.
* The
left-shift and
right-shift operators were changed to behave more consistently across platforms.
* Conversions between floating-point numbers and integers were changed (e.g. infinity changed to convert to zero) and implemented more consistently across platforms.
PHP 7 also included new language features. Most notably, it introduced return type declarations for functions
which complement the existing parameter type declarations, and support for the
scalar types (integer, float, string, and boolean) in parameter and return type declarations.
PHP 8
PHP 8 was released on November 26, 2020. PHP 8 is a major version and has breaking changes from previous versions.
New features and notable changes include:
Just-in-time compilation
Just-in-time compilation
In computing, just-in-time (JIT) compilation (also dynamic translation or run-time compilations) is a way of executing computer code that involves compilation during execution of a program (at run time) rather than before execution. This may co ...
is supported in PHP 8.
PHP 8's
JIT compiler can provide substantial performance improvements for some use cases,
while PHP developer Nikita Popov stated that the performance improvements for most websites will be less substantial than the upgrade from PHP 5 to PHP 7.
Substantial improvements are expected more for mathematical-type operations than for common web-development use cases.
Additionally, the JIT compiler provides future potential to move some code from C to PHP, due to the performance improvements for some use cases.
Addition of the match expression
PHP 8 introduced the expression.
The match expression is conceptually similar to a statement and is more compact for some use cases.
Because is an expression, its result can be caught into a variable or returned from a function.
Type changes and additions
PHP 8 introduced union types, a new return type, and a new type.
"Attributes", often referred to as "annotations" in other programming languages, were added in PHP 8, which allow metadata to be added to classes.
was changed from being a statement to being an expression.
This allows exceptions to be thrown in places that were not previously possible.
Syntax changes and additions
PHP 8 includes changes to allow alternate, more concise, or more consistent syntaxes in a number of scenarios. For example, the nullsafe operator is similar to the
null coalescing operator
The null coalescing operator (called the Logical Defined-Or operator in Perl) is a binary operator that is part of the syntax for a basic conditional expression in several programming languages, including C#, PowerShell as of version 7.0.0, Perl ...
, but used when calling methods.
The following code snippet will not throw an error if returns null:
$human_readable_date = $user->getBirthday()?->diffForHumans();
Constructor property promotion has been added as "
syntactic sugar
In computer science, syntactic sugar is syntax within a programming language that is designed to make things easier to read or to express. It makes the language "sweeter" for human use: things can be expressed more clearly, more concisely, or in an ...
," allowing class properties to be set automatically when parameters are passed into a class
constructor.
This reduces the amount of
boilerplate code
In computer programming, boilerplate code, or simply boilerplate, are sections of code that are repeated in multiple places with little to no variation. When using languages that are considered ''verbose'', the programmer must write a lot of boile ...
that must be written.
Other minor changes include support for use of on objects, which serves as an alternative for the use of ;
non-capturing catches in try-catch blocks; variable syntax tweaks to resolve inconsistencies; support for named arguments; and support for trailing commas in parameter lists, which adds consistency with support for trailing commas in other contexts, such as in arrays.
Standard library changes and additions
* Weak maps were added in PHP 8. A holds references to objects, but these references do not prevent such objects from being
garbage collected
Garbage, trash, rubbish, or refuse is waste material that is discarded by humans, usually due to a perceived lack of utility. The term generally does not encompass bodily waste products, purely liquid or gaseous wastes, or toxic waste
T ...
.
This can provide performance improvements in scenarios where data is being
cached; this is of particular relevance for
object relational mappings (ORM).
* Various adjustments to interfaces, such as adding support for creating objects from interfaces, and the addition of a interface that can be used for type hinting.
* Various new functions including str_contains(), str_starts_with(), and str_ends_with();
fdiv(); get_debug_type(); and get_resource_id()
* Object implementation of token_get_all()
Additional changes
* Type annotations were also added into PHP's C source code itself to allow internal functions and methods to have "complete type information in reflection."
* Inheritance with private methods
* Abstract methods in traits improvements
PHP 8.1
PHP 8.1 is the latest version of PHP, a popular programming language used for web development and server-side scripting. It was released on December 8, 2021 and includes a number of new features and improvements over previous versions. Here is a more detailed look at some of the key features and improvements in PHP 8.1:
* Union types: This feature allows you to specify that a variable can have multiple types, such as an integer or a string. This can be useful for writing more flexible and robust code, as it allows you to handle a wider range of input values.
* Nullsafe operator: This operator allows you to chain method calls without worrying about null references. For example, if you want to call a method on an object that may be null, you can use the nullsafe operator to ensure that the method is only called if the object is not null.
* Match expression: This is a more concise and flexible way to perform matching on values. It allows you to specify multiple cases and their associated values, and then use the
match
keyword to select the appropriate case based on the value of an expression.
* Improved performance: PHP 8.1 includes various performance improvements, such as faster array operations and better memory usage. These improvements can help make your code run faster and more efficiently.
* New error handling features: PHP 8.1 introduces a new
throws
keyword that allows you to specify which exceptions a function can throw, and a new
assert()
function that can be used to check for certain conditions at runtime. These features can help you write more reliable and robust code.
* Other new features: PHP 8.1 also includes other new features such as support for named arguments, support for attributes (similar to annotations in other languages), and improved support for Unicode.
The
match
expression is a new feature in PHP 8.1 that allows you to perform value matching in a more concise and flexible way. It is similar to a
switch
statement, but with some additional features and syntax improvements.
Here is an example of how you can use the
match
expression in PHP:
$value = 3;
$result = match ($value) ;
echo $result; // Outputs: "The value is one, two, or three"
In this example, the
match
expression compares the value of
$value
to the different cases specified in the curly braces. If
$value
matches one of the cases, the corresponding value is returned. If none of the cases match, the
default
case is used.
One of the main benefits of the
match
expression is that it allows you to specify multiple values for a single case, as shown in the example above. This can help make your code more concise and easier to read.
The
match
expression also allows you to specify a
when
clause for each case, which can be used to specify additional conditions that must be met for the case to be matched. For example:
$value = 3;
$result = match ($value) ;
echo $result; // Outputs: "The value is two or three"
Overall, the
match
expression is a useful addition to PHP that can make it easier to write code that performs value matching and conditional processing.
Assert() Error handling
The
assert()
function and the
throws
keyword are new error handling features in PHP 8.1 that can help you write more reliable and robust code.
The
assert()
function is used to check for certain conditions at runtime. If the condition is not met, the function generates an
AssertionError
exception. For example:
assert($x > 0, '$x must be greater than zero');
In this example, the
assert()
function checks whether
$x
is greater than zero. If it is not, an
AssertionError
exception is thrown with the message "
$x must be greater than zero
".
The
throws
keyword, on the other hand, is used to specify which exceptions a function or method can throw. This can be helpful for documenting your code and making it easier for other developers to understand how your functions and methods behave. For example:
function divide(int $a, int $b): int
In this example, the
divide()
function uses the
throws
keyword to specify that it can throw a
DivisionByZeroError
exception if the second argument is zero.
Overall, the
assert()
function and the
throws
keyword are useful tools for handling errors and exceptions in PHP, and can help you write more reliable and robust code.
Support for enumerations
Support for enumerations was one of the most prominent features of PHP 8.1. Enums allow developers to programmatically enforce states in their codebase. Below is an example of an enum:
Other PHP 8.1 features
* Support for `readonly` properties was added.
* After the introduction of array unpacking in PHP 7.4 with consecutive numbered keys, PHP 8.1 introduced support for array unpacking with string keys.
* PHP 8.1 added support for using `new` in initializers.
* A new syntax was added for creating callables.
* PHP 8.1 brought support for Pure Intersection Types, after in the introduction of union types in PHP 8.0.
PHP 8.2
PHP 8.2 includes a number of new features and improvements. Here are some of the main ones:
# Union Types: Union types allow you to specify that a function or method parameter can accept multiple types, separated by the ", " symbol. This can help to improve type safety and reduce the need for type juggling.
# Nullsafe Operator: The nullsafe operator (?->) allows you to chain method calls without having to check for null values at each step. This can help to reduce the need for null checks and make your code more concise.
# Match Expression: The match expression allows you to perform pattern matching on values, similar to a switch statement in other languages. This can be a more concise and expressive way to handle multiple conditions.
# Improved Type Variance: PHP 8.2 introduces improved type variance for generic types, allowing you to specify whether a generic type is covariant, contravariant, or invariant. This can help to improve type safety and flexibility when working with generic types.
# Performance Improvements: PHP 8.2 includes various performance improvements, including faster JIT compilation, faster garbage collection, and improved handling of large arrays. These improvements can help to make PHP applications faster and more efficient.
# Deprecations: Some features have been deprecated in PHP 8.2, including the assert() function when used with a string argument, and the list() construct with a single array element. It's important to be aware of these deprecations if you are upgrading from an earlier version of PHP.
Here are some examples of features that have been deprecated in PHP 8.2:
# assert() function with string argument: The assert() function can be used to perform runtime checks, but it has been deprecated when used with a string argument. Instead, you should use the assert() function with a boolean argument or an expression.
# list() construct with a single array element: The list() construct allows you to unpack the elements of an array into separate variables. It has been deprecated when used with a single array element, as this usage was considered confusing and error-prone.
# create_function(): The create_function() function has been deprecated, as it has been superseded by anonymous functions, which are more flexible and easier to use.
# mb_ereg_replace_callback(): The mb_ereg_replace_callback() function has been deprecated, as it has been superseded by the preg_replace_callback() function, which provides similar functionality and is more widely used.
New "Random" extension
The "Random" extension provides a new object-oriented API for generating random values in PHP. It includes several classes ("Engine"s) that implement different algorithms for generating random numbers and storing their state within objects. This allows for multiple independent seedable sequences, which can be useful in certain contexts, such as testing or simulation.
The \Random\Randomizer class provides a high-level interface for using the engine's randomness to generate a random integer, shuffle an array or string, select random array keys, and more. This can be a convenient way to perform these common tasks without having to directly use the lower-level engine classes.
It's worth noting that the "Random" extension is not enabled by default in PHP, and you will need to install and enable it in your PHP environment in order to use its features. You can find more information about the extension in the official PHP documentation.
Release history
Beginning on 28 June 2011, the PHP Development Team implemented a timeline for the release of new versions of PHP. Under this system, at least one release should occur every month. Once per year, a minor release should occur which may include new features. Every minor release should at least be supported for two years with security and bug fixes, followed by at least one year of only security fixes, for a total of a three-year release process for every minor release. No new features, unless small and self-contained, are to be introduced into a minor release during the three-year release process.
Mascot
The mascot of the PHP project is the ''elePHPant'', a blue elephant
Elephants are the largest existing land animals. Three living species are currently recognised: the African bush elephant, the African forest elephant, and the Asian elephant. They are the only surviving members of the family Elephantida ...
with the PHP logo on its side, designed by Vincent Pontier in 1998. "The (PHP) letters were forming the shape of an elephant if viewed in a sideways angle." The elePHPant is sometimes differently colored when in plush toy
A stuffed toy is a toy doll with an outer fabric sewn from a textile and stuffed with flexible material. They are known by many names, such as plush toys, plushies, stuffed animals, and stuffies; in Britain and Australia, they may also be ...
form.
Many variations of this mascot have been made over the years. Only the elePHPants based on the original design by Vincent Pontier are considered official by the community. These are collectible and some of them are extremely rare.
Syntax
The following "Hello, World!" program
A "Hello, World!" program is generally a computer program that ignores any input and outputs or displays a message similar to "Hello, World!". A small piece of code in most general-purpose programming languages, this program is used to illustr ...
is written in PHP code embedded in an HTML
The HyperText Markup Language or HTML is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets (CSS) and scripting languages such as JavaS ...
document:
PHP "Hello, World!" program
Hello, World!';
?>
However, as no requirement exists for PHP code to be embedded in HTML, the simplest version of ''Hello, World!'' may be written like this, with the closing tag ?> omitted as preferred in files containing pure PHP code.
The PHP interpreter only executes PHP code within its delimiter
A delimiter is a sequence of one or more characters for specifying the boundary between separate, independent regions in plain text, mathematical expressions or other data streams. An example of a delimiter is the comma character, which acts a ...
s. Anything outside of its delimiters is not processed by PHP, although non-PHP text is still subject to control structure
In computer science, control flow (or flow of control) is the order in which individual statements, instructions or function calls of an imperative program are executed or evaluated. The emphasis on explicit control flow distinguishes an ''imp ...
s described in PHP code. The most common delimiters are to open and ?> to close PHP sections. The shortened form also exists. This short delimiter makes script files less portable, since support for them can be disabled in the local PHP configuration and it is therefore discouraged. Conversely, there is no recommendation against the echo short tag =. Prior to PHP 5.4.0, this short syntax for echo only works with the short_open_tag
configuration setting enabled, while for PHP 5.4.0 and later it is always available. The purpose of all these delimiters is to separate PHP code from non-PHP content, such as JavaScript
JavaScript (), often abbreviated as JS, is a programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. As of 2022, 98% of websites use JavaScript on the client side for webpage behavior, of ...
code or HTML markup. So the shortest "Hello, World!" program
A "Hello, World!" program is generally a computer program that ignores any input and outputs or displays a message similar to "Hello, World!". A small piece of code in most general-purpose programming languages, this program is used to illustr ...
written in PHP is:
='Hello, World!';
The first form of delimiters, and ?>, in XHTML
Extensible HyperText Markup Language (XHTML) is part of the family of XML markup languages. It mirrors or extends versions of the widely used HyperText Markup Language (HTML), the language in which Web pages are formulated.
While HTML, prior ...
and other XML
Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing arbitrary data. It defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. T ...
documents, creates correctly formed XML processing instructions. This means that the resulting mixture of PHP code and other markup in the server-side file is itself well-formed XML.
Variables are prefixed with a dollar symbol, and a type does not need to be specified in advance. PHP 5 introduced ''type declarations'' that allows functions to force their parameters to be objects of a specific class, arrays, interfaces or callback function
In computer programming, a callback or callback function is any reference to executable code that is passed as an argument to another piece of code; that code is expected to ''call back'' (execute) the callback function as part of its job. Thi ...
s. However, before PHP 7, type declarations could not be used with scalar types such as integer or string.
Below is an example of how PHP variables are declared and initialized.
Unlike function and class names, variable names are case sensitive. Both double-quoted ("") and heredoc strings provide the ability to interpolate a variable's value into the string. PHP treats newline
Newline (frequently called line ending, end of line (EOL), next line (NEL) or line break) is a control character or sequence of control characters in character encoding specifications such as ASCII, EBCDIC, Unicode, etc. This character, or ...
s as whitespace in the manner of a free-form language
In computer programming, a free-form language is a programming language in which the positioning of characters on the page in program text is insignificant. Program text does not need to be placed in specific columns as on old punched card syst ...
, and statements are terminated by a semicolon. PHP has three types of comment syntax: /* */ marks block and inline comments; // or # are used for one-line comments. The echo
statement is one of several facilities PHP provides to output text.
In terms of keywords and language syntax, PHP is similar to the C style syntax. if conditions, for and while loops, and function returns are similar in syntax to languages such as C, C++, C#, Java and Perl.
Data types
PHP is loosely typed. It stores integers in a platform-dependent range, either as a 32, 64 or 128-bit signed integer
An integer is the number zero (), a positive natural number (, , , etc.) or a negative integer with a minus sign ( −1, −2, −3, etc.). The negative numbers are the additive inverses of the corresponding positive numbers. In the languag ...
equivalent to the C-language long type. Unsigned integers are converted to signed values in certain situations, which is different behavior to many other programming languages. Integer variables can be assigned using decimal (positive and negative), octal
The octal numeral system, or oct for short, is the radix, base-8 number system, and uses the Numerical digit, digits 0 to 7. This is to say that 10octal represents eight and 100octal represents sixty-four. However, English, like most languages, ...
, hexadecimal
In mathematics and computing, the hexadecimal (also base-16 or simply hex) numeral system is a positional numeral system that represents numbers using a radix (base) of 16. Unlike the decimal system representing numbers using 10 symbols, he ...
, and binary notations.
Floating point
In computing, floating-point arithmetic (FP) is arithmetic that represents real numbers approximately, using an integer with a fixed precision, called the significand, scaled by an integer exponent of a fixed base. For example, 12.345 can ...
numbers are also stored in a platform-specific range. They can be specified using floating point notation, or two forms of scientific notation
Scientific notation is a way of expressing numbers that are too large or too small (usually would result in a long string of digits) to be conveniently written in decimal form. It may be referred to as scientific form or standard index form, o ...
. PHP has a native Boolean type that is similar to the native Boolean types in Java
Java (; id, Jawa, ; jv, ꦗꦮ; su, ) is one of the Greater Sunda Islands in Indonesia. It is bordered by the Indian Ocean to the south and the Java Sea to the north. With a population of 151.6 million people, Java is the world's mo ...
and C++
C++ (pronounced "C plus plus") is a high-level general-purpose programming language created by Danish computer scientist Bjarne Stroustrup as an extension of the C programming language, or "C with Classes". The language has expanded significan ...
. Using the Boolean type conversion rules, non-zero values are interpreted as true and zero as false, as in Perl
Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages. "Perl" refers to Perl 5, but from 2000 to 2019 it also referred to its redesigned "sister language", Perl 6, before the latter's name was offic ...
and C++.
The null data type represents a variable that has no value; NULL
is the only allowed value for this data type.
Variables of the "resource" type represent references to resources from external sources. These are typically created by functions from a particular extension, and can only be processed by functions from the same extension; examples include file, image, and database resources.
Arrays can contain elements of any type that PHP can handle, including resources, objects, and even other arrays. Order is preserved in lists of values and in hashes with both keys and values, and the two can be intermingled. PHP also supports strings, which can be used with single quotes, double quotes, nowdoc or heredoc syntax.
The Standard PHP Library (SPL) attempts to solve standard problems and implements efficient data access interfaces and classes.
Functions
PHP defines a large array of functions in the core language and many are also available in various extensions; these functions are well documented in the onlin
PHP documentation
However, the built-in library has a wide variety of naming conventions and associated inconsistencies, as described under history
History (derived ) is the systematic study and the documentation of the human activity. The time period of event before the invention of writing systems is considered prehistory. "History" is an umbrella term comprising past events as well ...
above.
Custom functions may be defined by the developer:
function myAge(int $birthYear): string
echo 'I am currently ' . myAge(1995) . ' old.';
As of , the output of the above sample program is "I am currently years old."
In lieu of function pointer
A function pointer, also called a subroutine pointer or procedure pointer, is a pointer that points to a function. As opposed to referencing a data value, a function pointer points to executable code within memory. Dereferencing the function poi ...
s, functions in PHP can be referenced by a string containing their name. In this manner, normal PHP functions can be used, for example, as callbacks
In computer programming, a callback or callback function is any reference to executable code that is passed as an argument to another piece of code; that code is expected to ''call back'' (execute) the callback function as part of its job. Thi ...
or within function tables. User-defined functions may be created at any time without being prototyped. Functions may be defined inside code blocks, permitting a run-time decision as to whether or not a function should be defined. There is a function_exists
function that determines whether a function with a given name has already been defined. Function calls must use parentheses, with the exception of zero-argument class constructor functions called with the PHP operator new
, in which case parentheses are optional.
Since PHP 4.0.1 create_function()
, a thin wrapper around eval()
, allowed normal PHP functions to be created during program execution; it was deprecated in PHP 7.2 and removed in PHP 8.0 in favor of syntax for anonymous function
In computer programming, an anonymous function (function literal, lambda abstraction, lambda function, lambda expression or block) is a function definition that is not bound to an identifier. Anonymous functions are often arguments being passed t ...
s or " closures" that can capture variables from the surrounding scope, which was added in PHP 5.3. Shorthand arrow syntax was added in PHP 7.4:
function getAdder($x)
$adder = getAdder(8);
echo $adder(2); // prints "10"
In the example above, getAdder()
function creates a closure using passed argument (the keyword use
imports a variable from the lexical context), which takes an additional argument , and returns the created closure to the caller. Such a function is a first-class object, meaning that it can be stored in a variable, passed as a parameter
A parameter (), generally, is any characteristic that can help in defining or classifying a particular system (meaning an event, project, object, situation, etc.). That is, a parameter is an element of a system that is useful, or critical, when ...
to other functions, etc.
Unusually for a dynamically typed language, PHP supports type declarations on function parameters, which are enforced at runtime. This has been supported for classes and interfaces since PHP 5.0, for arrays since PHP 5.1, for "callables" since PHP 5.4, and scalar (integer, float, string and boolean) types since PHP 7.0. PHP 7.0 also has type declarations for function return types, expressed by placing the type name after the list of parameters, preceded by a colon. For example, the getAdder
function from the earlier example could be annotated with types like so in PHP 7:
function getAdder(int $x): Closure
$adder = getAdder(8);
echo $adder(2); // prints "10"
echo $adder(null); // throws an exception because an incorrect type was passed
$adder = getAdder([]); // would also throw an exception
By default, scalar type declarations follow weak typing principles. So, for example, if a parameter's type is int
, PHP would allow not only integers, but also convertible numeric strings, floats or booleans to be passed to that function, and would convert them. However, PHP 7 has a "strict typing" mode which, when used, disallows such conversions for function calls and returns within a file.
PHP Objects
Basic object-oriented programming
Object-oriented programming (OOP) is a programming paradigm based on the concept of "objects", which can contain data and code. The data is in the form of fields (often known as attributes or ''properties''), and the code is in the form of ...
functionality was added in PHP 3 and improved in PHP 4. This allowed for PHP to gain further abstraction, making creative tasks easier for programmers using the language. Object handling was completely rewritten for PHP 5, expanding the feature set and enhancing performance. In previous versions of PHP, objects were handled like value type In computer programming, data types can be divided into two categories: value types (or by-value types) and reference types (or by-reference types). Value types are completely represented by their meaning, while reference types are references to an ...
s. The drawback of this method was that code had to make heavy use of PHP's "reference" variables if it wanted to modify an object it was passed rather than creating a copy of it. In the new approach, objects are referenced by handle
A handle is a part of, or attachment to, an object that allows it to be grasped and manipulated by hand. The design of each type of handle involves substantial ergonomic issues, even where these are dealt with intuitively or by following tr ...
, and not by value.
PHP 5 introduced private and protected member variable
In object-oriented programming, a member variable (sometimes called a member field) is a variable that is associated with a specific object, and accessible for all its methods (''member functions'').
In class-based programming languages, these ...
s and methods, along with abstract classes, final classes, abstract methods, and final method
A method in object-oriented programming (OOP) is a procedure associated with a message and an object. An object consists of ''state data'' and ''behavior''; these compose an ''interface'', which specifies how the object may be utilized by any of ...
s. It also introduced a standard way of declaring constructors and destructors, similar to that of other object-oriented languages such as C++
C++ (pronounced "C plus plus") is a high-level general-purpose programming language created by Danish computer scientist Bjarne Stroustrup as an extension of the C programming language, or "C with Classes". The language has expanded significan ...
, and a standard exception handling
In computing and computer programming, exception handling is the process of responding to the occurrence of ''exceptions'' – anomalous or exceptional conditions requiring special processing – during the execution of a program. In general, an ...
model. Furthermore, PHP 5 added interfaces
Interface or interfacing may refer to:
Academic journals
* ''Interface'' (journal), by the Electrochemical Society
* '' Interface, Journal of Applied Linguistics'', now merged with ''ITL International Journal of Applied Linguistics''
* '' Int ...
and allowed for multiple interfaces to be implemented. There are special interfaces that allow objects to interact with the runtime system. Objects
Object may refer to:
General meanings
* Object (philosophy), a thing, being, or concept
** Object (abstract), an object which does not exist at any particular time or place
** Physical object, an identifiable collection of matter
* Goal, an ai ...
implementing ArrayAccess can be used with array
An array is a systematic arrangement of similar objects, usually in rows and columns.
Things called an array include:
{{TOC right
Music
* In twelve-tone and serial composition, the presentation of simultaneous twelve-tone sets such that the ...
syntax and objects implementing Iterator
In computer programming, an iterator is an object that enables a programmer to traverse a container, particularly lists. Various types of iterators are often provided via a container's interface. Though the interface and semantics of a given iterat ...
or IteratorAggregate can be used with the foreach
language construct
In computer programming, a language construct is a syntactically allowable part of a program that may be formed from one or more lexical tokens in accordance with the rules of the programming language.
The term "language construct" is often used ...
. There is no virtual table feature in the engine, so static variable
In computer programming, a static variable is a variable that has been allocated "statically", meaning that its lifetime (or "extent") is the entire run of the program. This is in contrast to shorter-lived automatic variables, whose storage is ...
s are bound with a name instead of a reference at compile time.
If the developer creates a copy of an object using the reserved word clone
, the Zend engine will check whether a __clone()
method has been defined. If not, it will call a default __clone()
which will copy the object's properties. If a __clone()
method is defined, then it will be responsible for setting the necessary properties in the created object. For convenience, the engine will supply a function that imports the properties of the source object, so the programmer can start with a by-value replica
A 1:1 replica is an exact copy of an object, made out of the same raw materials, whether a molecule, a work of art, or a commercial product. The term is also used for copies that closely resemble the original, without claiming to be identical. Al ...
of the source object and only override properties that need to be changed.
The visibility
The visibility is the measure of the distance at which an object or light can be clearly discerned. In meteorology it depends on the transparency of the surrounding air and as such, it is unchanging no matter the ambient light level or time o ...
of PHP properties and methods is defined using the keywords public
, private
, and protected
. The default is public, if only var is used; var
is a synonym for public
. Items declared public
can be accessed everywhere. protected
limits access to inherited classes (and to the class that defines the item). private
limits visibility only to the class that defines the item. Objects of the same type have access to each other's private and protected members even though they are not the same instance.
Example
The following is a basic example of object-oriented programming
Object-oriented programming (OOP) is a programming paradigm based on the concept of "objects", which can contain data and code. The data is in the form of fields (often known as attributes or ''properties''), and the code is in the form of ...
in PHP 8:
new Student("Alice", "Computer Science"),
new Student("Bob", "Computer Science"),
new Student("Charlie", "Business Studies"),
$teachers = ____new_Teacher("Dan",_["Computer_Science",_"Information_Security",
____new_Teacher("Erin",_["Computer_Science",_"3D_Graphics_Programming".html" ;"title="Computer Science", "Information Security""> new Teacher("Dan", ["Computer Science", "Information Security",
new Teacher("Erin", ["Computer Science", "3D Graphics Programming"">Computer Science", "Information Security""> new Teacher("Dan", ["Computer Science", "Information Security",
new Teacher("Erin", ["Computer Science", "3D Graphics Programming",
new Teacher("Frankie", ["Online Marketing", "Business Studies", "E-commerce"]),
];
foreach ([$students, $teachers] as $users)
This program outputs the following:
Students:
Hello, my name is Alice, I learn Computer Science
Hello, my name is Bob, I learn Computer Science
Hello, my name is Charlie, I learn Business Studies
Teachers:
Hello, my name is Dan, I teach Computer Science, Information Security
Hello, my name is Erin, I teach Computer Science, 3D Graphics Programming
Hello, my name is Frankie, I teach Online Marketing, Business Studies, E-commerce
Implementations
The only complete PHP implementation is the original, known simply as PHP. It is the most widely used and is powered by the Zend Engine. To disambiguate it from other implementations, it is sometimes unofficially called "Zend PHP". The Zend Engine compiles PHP source code
In computing, source code, or simply code, is any collection of code, with or without comments, written using a human-readable programming language, usually as plain text. The source code of a program is specially designed to facilitate the ...
on-the-fly into an internal format that it can execute, thus it works as an interpreter. It is also the "reference implementation" of PHP, as PHP has no formal specification, and so the semantics of Zend PHP define the semantics of PHP. Due to the complex and nuanced semantics of PHP, defined by how Zend works, it is difficult for competing implementations to offer complete compatibility.
PHP's single-request-per-script-execution model, and the fact that the Zend Engine is an interpreter, leads to inefficiency; as a result, various products have been developed to help improve PHP performance. In order to speed up execution time and not have to compile the PHP source code every time the web page is accessed, PHP scripts can also be deployed in the PHP engine's internal format by using an opcode
In computing, an opcode (abbreviated from operation code, also known as instruction machine code, instruction code, instruction syllable, instruction parcel or opstring) is the portion of a machine language instruction that specifies the operat ...
cache, which works by caching the compiled form of a PHP script (opcodes) in shared memory
In computer science, shared memory is memory that may be simultaneously accessed by multiple programs with an intent to provide communication among them or avoid redundant copies. Shared memory is an efficient means of passing data between progr ...
to avoid the overhead of parsing
Parsing, syntax analysis, or syntactic analysis is the process of analyzing a string of symbols, either in natural language, computer languages or data structures, conforming to the rules of a formal grammar. The term ''parsing'' comes from ...
and compiling
In computing, a compiler is a computer program that translates computer code written in one programming language (the ''source'' language) into another language (the ''target'' language). The name "compiler" is primarily used for programs tha ...
the code every time the script runs. An opcode cache, Zend Opcache, is built into PHP since version 5.5. Another example of a widely used opcode cache is the Alternative PHP Cache
This is a list of PHP accelerators.
Alternative PHP Cache (APC)
Alternative PHP Cache is a free and open (PHP license) framework that caches the output of the PHP bytecode compiler in shared memory, thus reducing parsing and disk I/O overhea ...
(APC), which is available as a PECL extension.
While Zend PHP is still the most popular implementation, several other implementations have been developed. Some of these are compiler
In computing, a compiler is a computer program that translates computer code written in one programming language (the ''source'' language) into another language (the ''target'' language). The name "compiler" is primarily used for programs tha ...
s or support JIT compilation, and hence offer performance benefits over Zend PHP at the expense of lacking full PHP compatibility. Alternative implementations include the following:
* HHVM
HipHop Virtual Machine (HHVM) is an open-source virtual machine based on just-in-time (JIT) compilation that serves as an execution engine for the Hack programming language and used to support PHP execution before the release of HHVM version ...
(HipHop Virtual Machine) – developed at Facebook and available as open source, it converts PHP code into a high-level bytecode (commonly known as an intermediate language
An intermediate representation (IR) is the data structure or code used internally by a compiler or virtual machine to represent source code. An IR is designed to be conducive to further processing, such as optimization and translation. A " ...
), which is then translated into x86-64 machine code dynamically at runtime by a just-in-time (JIT) compiler, resulting in up to 6× performance improvements. However, since version 7.2 Zend has outperformed HHVM, and HHVM 3.24 is the last version to officially support PHP.
** HipHop – developed at Facebook and available as open source, it transforms the PHP scripts into C++
C++ (pronounced "C plus plus") is a high-level general-purpose programming language created by Danish computer scientist Bjarne Stroustrup as an extension of the C programming language, or "C with Classes". The language has expanded significan ...
code and then compiles the resulting code, reducing the server load up to 50%. In early 2013, Facebook deprecated it in favor of HHVM due to multiple reasons, including deployment difficulties and lack of support for the whole PHP language, including the create_function()
and eval()
constructs.
* Parrot
Parrots, also known as psittacines (), are birds of the roughly 398 species in 92 genera comprising the order Psittaciformes (), found mostly in tropical and subtropical regions. The order is subdivided into three superfamilies: the Psittacoide ...
– a virtual machine designed to run dynamic languages efficiently; the cross-translator Pipp transforms the PHP source code into the Parrot intermediate representation The Parrot intermediate representation (PIR), previously called Intermediate code (IMC), is one of the two assembly languages for the Parrot virtual machine. The other is Parrot assembly language or PASM. Compared to PASM, PIR exists at a slightly ...
, which is then translated into the Parrot's bytecode and executed by the virtual machine.
* PeachPie – a second-generation compiler to .NET
Net or net may refer to:
Mathematics and physics
* Net (mathematics), a filter-like topological generalization of a sequence
* Net, a linear system of divisors of dimension 2
* Net (polyhedron), an arrangement of polygons that can be folded up ...
Common Intermediate Language
Common Intermediate Language (CIL), formerly called Microsoft Intermediate Language (MSIL) or Intermediate Language (IL), is the intermediate language binary instruction set defined within the Common Language Infrastructure (CLI) specification. ...
(CIL) bytecode, built on the Roslyn platform; successor of Phalanger, sharing several architectural components
* Phalanger – compiles PHP into .Net Common Intermediate Language bytecode; predecessor of PeachPie
* Quercus
An oak is a tree or shrub in the genus ''Quercus'' (; Latin "oak tree") of the beech family, Fagaceae. There are approximately 500 extant species of oaks. The common name "oak" also appears in the names of species in related genera, notably ...
– compiles PHP into Java bytecode
In computing, Java bytecode is the bytecode-structured instruction set of the Java virtual machine (JVM), a virtual machine that enables a computer to run programs written in the Java programming language and several other programming langua ...
Licensing
PHP is free software
Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, n ...
released under the PHP License
The ''PHP License'' is the software license under which the PHP scripting language is released. The PHP License is designed to encourage widespread adoption of the source code. Redistribution is permitted in source or binary form with or wit ...
, which stipulates that:
This restriction on use of "PHP" makes the PHP License incompatible with the General Public License
The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general u ...
(GPL), while the Zend License is incompatible due to an advertising clause similar to that of the original BSD license
BSD licenses are a family of permissive free software licenses, imposing minimal restrictions on the use and distribution of covered software. This is in contrast to copyleft licenses, which have share-alike requirements. The original BSD lice ...
.
Development and community
PHP includes various free and open-source libraries in its source distribution, or uses them in resulting PHP binary builds. PHP is fundamentally an Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
-aware system with built-in modules for accessing File Transfer Protocol
The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...
(FTP) servers and many database servers, including PostgreSQL
PostgreSQL (, ), also known as Postgres, is a free and open-source relational database management system (RDBMS) emphasizing extensibility and SQL compliance. It was originally named POSTGRES, referring to its origins as a successor to the In ...
, MySQL
MySQL () is an open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A relational database o ...
, Microsoft SQL Server
Microsoft SQL Server is a relational database management system developed by Microsoft. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which ma ...
and SQLite
SQLite (, ) is a database engine written in the C programming language. It is not a standalone app; rather, it is a library that software developers embed in their apps. As such, it belongs to the family of embedded databases. It is the most ...
(which is an embedded database), LDAP
The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
servers, and others. Numerous functions familiar to C programmers, such as those in the stdio
The C programming language provides many standard library functions for file input and output. These functions make up the bulk of the C standard library header . The functionality descends from a "portable I/O package" written by Mike Lesk at ...
family, are available in standard PHP builds.
PHP allows developers to write extensions
Extension, extend or extended may refer to:
Mathematics
Logic or set theory
* Axiom of extensionality
* Extensible cardinal
* Extension (model theory)
* Extension (predicate logic), the set of tuples of values that satisfy the predicate
* E ...
in C to add functionality to the PHP language. PHP extensions can be compiled statically into PHP or loaded dynamically at runtime. Numerous extensions have been written to add support for the Windows API
The Windows API, informally WinAPI, is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems. The name Windows API collectively refers to several different platform implementations th ...
, process management on Unix-like
A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs.
Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
s, multibyte strings (Unicode
Unicode, formally The Unicode Standard,The formal version reference is is an information technology standard for the consistent encoding, representation, and handling of text expressed in most of the world's writing systems. The standard, ...
), cURL
cURL (pronounced like "curl", UK: , US: ) is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client URL".
History
cURL was fi ...
, and several popular compression formats. Other PHP features made available through extensions include integration with Internet Relay Chat
Internet Relay Chat (IRC) is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called ''channels'', but also allows one-on-one communication via private messages as well as chat and ...
(IRC), dynamic generation of images and Adobe Flash
Adobe Flash (formerly Macromedia Flash and FutureSplash) is a multimedia Computing platform, software platform used for production of Flash animation, animations, rich web applications, application software, desktop applications, mobile apps, mo ...
content, ''PHP Data Objects'' (PDO) as an abstraction layer used for accessing databases, and even speech synthesis
Speech synthesis is the artificial production of human speech. A computer system used for this purpose is called a speech synthesizer, and can be implemented in software or hardware products. A text-to-speech (TTS) system converts normal languag ...
. Some of the language's core functions, such as those dealing with strings and arrays, are also implemented as extensions. The PHP Extension Community Library
Pears are fruits produced and consumed around the world, growing on a tree and harvested in the Northern Hemisphere in late summer into October. The pear tree and shrub are a species of genus ''Pyrus'' , in the family Rosaceae, bearing the po ...
(PECL) project is a repository for extensions to the PHP language.
Some other projects, such as ''Zephir'', provide the ability for PHP extensions to be created in a high-level language and compiled into native PHP extensions. Such an approach, instead of writing PHP extensions directly in C, simplifies the development of extensions and reduces the time required for programming and testing.
By December 2018 the PHP Group consisted of ten people: Thies C. Arntzen Thies may refer to
* Thiès, a city in Senegal
**Université de Thiès in Senegal
**Olympique Thiès, a Senegalese football club
**Roman Catholic Diocese of Thiès
**Thiès Department
*Thiès Region in western Senegal
*Thies (name)
See also
*Thier ...
, Stig Bakken, Shane Caraveo, Andi Gutmans
Andi (Andrei) Gutmans is an Israeli programmer and entrepreneur.
Biography
Andi Gutmans holds a bachelor’s degree in Computer Science from the Technion in Haifa. Gutmans holds four citizenships: Swiss, British, Israeli and American.
Business ...
, Rasmus Lerdorf, Sam Ruby
Sam Ruby is a prominent software developer who has made significant contributions to web standards and open source software projects. In particular he has contributed to the standardization of syndicated web feeds via his involvement with the At ...
, Sascha Schumann, Zeev Suraski, Jim Winstead, and Andrei Zmievski.
Zend Technologies provides a PHP Certification based on PHP 7 exam (and previously based on PHP 5.5) for programmers to become certified PHP developers.
PHP Foundation
On November 26, 2021, the JetBrains
JetBrains s.r.o. (formerly IntelliJ Software s.r.o.) is a Czech software development company which makes tools for software developers and project managers. , the company has offices in Prague; Munich; Berlin; Boston, Massachusetts; Ams ...
blog announced the creation of the PHP Foundation, which will sponsor the design and development of PHP.
Installation and configuration
There are two primary ways for adding support for PHP to a web server – as a native web server module, or as a CGI executable. PHP has a direct module interface called server application programming interface
In computing, server application programming interface (SAPI) is the direct module interface to web servers such as the Apache HTTP Server, Microsoft IIS, and Oracle iPlanet Web Server. Microsoft uses the term Internet Server Application Programmi ...
(SAPI), which is supported by many web servers including Apache HTTP Server
The Apache HTTP Server ( ) is a free and open-source cross-platform web server software, released under the terms of Apache License 2.0. Apache is developed and maintained by an open community of developers under the auspices of the Apache So ...
, Microsoft IIS
Internet Information Services (IIS-pronounced 2S, formerly Internet Information Server) is an extensible web server software created by Microsoft for use with the Windows NT family. IIS supports HTTP, HTTP/2, HTTPS, FTP, FTPS, SMTP and NNTP. ...
and iPlanet Web Server. Some other web servers, such as OmniHTTPd, support the Internet Server Application Programming Interface The Internet Server Application Programming Interface (ISAPI) is an N-tier API of Internet Information Services (IIS), Microsoft's collection of Windows-based web server services. The most prominent application of IIS and ISAPI is Microsoft's web ...
(ISAPI), which is Microsoft
Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...
's web server module interface. If PHP has no module support for a web server, it can always be used as a Common Gateway Interface
In computing, Common Gateway Interface (CGI) is an interface specification that enables web servers to execute an external program, typically to process user requests.
Such programs are often written in a scripting language and are commonly r ...
(CGI) or FastCGI
FastCGI is a binary protocol
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any kind of variation of a physical quantity. The protocol defines the rules, s ...
processor; in that case, the web server is configured to use PHP's CGI executable to process all requests to PHP files.
PHP-FPM (FastCGI Process Manager) is an alternative FastCGI implementation for PHP, bundled with the official PHP distribution since version 5.3.3. When compared to the older FastCGI implementation, it contains some additional features, mostly useful for heavily loaded web servers.
When using PHP for command-line scripting, a PHP command-line interface
A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...
(CLI) executable is needed. PHP supports a CLI server application programming interface
In computing, server application programming interface (SAPI) is the direct module interface to web servers such as the Apache HTTP Server, Microsoft IIS, and Oracle iPlanet Web Server. Microsoft uses the term Internet Server Application Programmi ...
(SAPI) since PHP 4.3.0. The main focus of this SAPI is developing shell
Shell may refer to:
Architecture and design
* Shell (structure), a thin structure
** Concrete shell, a thin shell of concrete, usually with no interior columns or exterior buttresses
** Thin-shell structure
Science Biology
* Seashell, a hard o ...
applications using PHP. There are quite a few differences between the CLI SAPI and other SAPIs, although they do share many of the same behaviors.
PHP has a direct module interface called SAPI for different web servers; in case of PHP 5 and Apache 2.0 on Windows, it is provided in form of a DLL file called , which is a module that, among other functions, provides an interface between PHP and the web server, implemented in a form that the server understands. This form is what is known as a SAPI.
There are different kinds of SAPIs for various web server extensions. For example, in addition to those listed above, other SAPIs for the PHP language include the Common Gateway Interface and command-line interface.
PHP can also be used for writing desktop graphical user interface
The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, inste ...
(GUI) applications, by using the PHP-GTK
PHP-GTK is a set of language bindings for PHP which allow GTK GUI applications to be written in PHP. PHP-GTK provides an object-oriented interface to GTK classes and functions. While PHP-GTK partially supports GTK2, GTK3 is not supported at ...
extension. PHP-GTK is not included in the official PHP distribution, and as an extension it can be used only with PHP versions 5.1.0 and newer. The most common way of installing PHP-GTK is compiling it from the source code.
When PHP is installed and used in cloud
In meteorology, a cloud is an aerosol consisting of a visible mass of miniature liquid droplets, frozen crystals, or other particles suspended in the atmosphere of a planetary body or similar space. Water or various other chemicals may co ...
environments, software development kit
A software development kit (SDK) is a collection of software development tools in one installable package. They facilitate the creation of applications by having a compiler, debugger and sometimes a software framework. They are normally specific to ...
s (SDKs) are provided for using cloud-specific features. For example:
* Amazon Web Services
Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon.com, Amazon that provides Software as a service, on-demand cloud computing computing platform, platforms and Application programming interface, APIs to individuals, companies, and gover ...
provides the AWS SDK for PHP
* Microsoft Azure
Microsoft Azure, often referred to as Azure ( , ), is a cloud computing platform operated by Microsoft for application management via around the world-distributed data centers. Microsoft Azure has multiple capabilities such as software as a ...
can be used with the Windows Azure SDK for PHP.
Numerous configuration options are supported, affecting both core PHP features and extensions. Configuration file php.ini
is searched for in different locations, depending on the way PHP is used. The configuration file is split into various sections, while some of the configuration options can be also set within the web server configuration.
Use
PHP is a general-purpose scripting language that is especially suited to server-side
In the client–server model, server-side refers to programs and operations that run on the server. This is in contrast to client-side programs and operations which run on the client.
General concepts
Typically, a server is a computer application ...
web development
Web development is the work involved in developing a website for the Internet (World Wide Web) or an intranet (a private network). Web development can range from developing a simple single static page of plain text to complex web applications ...
, in which case PHP generally runs on a web server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initia ...
. Any PHP code in a requested file is executed
Capital punishment, also known as the death penalty, is the state-sanctioned practice of deliberately killing a person as a punishment for an actual or supposed crime, usually following an authorized, rule-governed process to conclude that t ...
by the PHP runtime, usually to create dynamic web page
A server-side dynamic web page is a web page whose construction is controlled by an application server processing server-side scripts. In server-side scripting, parameters determine how the assembly of every new web page proceeds, and includin ...
content or dynamic images used on websites or elsewhere. It can also be used for command-line
A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...
scripting and client-side
Client-side refers to operations that are performed by the client in a client–server relationship in a computer network.
General concepts
Typically, a client is a computer application, such as a web browser, that runs on a user's local compute ...
graphical user interface
The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, inste ...
(GUI) applications. PHP can be deployed on most web servers, many operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs.
Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
s and platforms, and can be used with many relational database management system
A relational database is a (most commonly digital) database based on the relational model of data, as proposed by E. F. Codd in 1970. A system used to maintain relational databases is a relational database management system (RDBMS). Many relatio ...
s (RDBMS). Most web hosting
A web hosting service is a type of Internet hosting service that hosts websites for clients, i.e. it offers the facilities required for them to create and maintain a site and makes it accessible on the World Wide Web. Companies providing web h ...
providers support PHP for use by their clients. It is available free of charge, and the PHP Group provides the complete source code for users to build, customize and extend for their own use.
Originally designed to create dynamic web pages, PHP now focuses mainly on server-side scripting
Server-side scripting is a technique used in web development which involves employing scripts on a web server which produces a response customized for each user's (client's) request to the website. The alternative is for the web server itself ...
, and it is similar to other server-side scripting languages that provide dynamic content from a web server to a client
Client(s) or The Client may refer to:
* Client (business)
* Client (computing), hardware or software that accesses a remote service on another computer
* Customer or client, a recipient of goods or services in return for monetary or other valuable ...
, such as Microsoft
Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...
's ASP.NET
ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages. It was developed by Microsoft to allow programmers to build dynamic web sites, applications and services. The name s ...
, Sun Microsystems
Sun Microsystems, Inc. (Sun for short) was an American technology company that sold computers, computer components, software, and information technology services and created the Java programming language, the Solaris operating system, ZFS, the ...
' JavaServer Pages
Jakarta Server Pages (JSP; formerly JavaServer Pages) is a collection of technologies that helps software developers create dynamically generated web pages based on HTML, XML, SOAP, or other document types. Released in 1999 by Sun Microsystems, J ...
, and mod_perl
Mod, MOD or mods may refer to:
Places
* Modesto City–County Airport, Stanislaus County, California, US
Arts, entertainment, and media Music
* Mods (band), a Norwegian rock band
* M.O.D. (Method of Destruction), a band from New York City, US
* ...
. PHP has also attracted the development of many software framework
In computer programming, a software framework is an abstraction in which software, providing generic functionality, can be selectively changed by additional user-written code, thus providing application-specific software. It provides a standard ...
s that provide building blocks and a design structure to promote rapid application development
Rapid application development (RAD), also called rapid application building (RAB), is both a general term for adaptive software development approaches, and the name for James Martin's method of rapid development. In general, RAD approaches to ...
(RAD). Some of these include PRADO
The Prado Museum ( ; ), officially known as Museo Nacional del Prado, is the main Spanish national art museum
An art museum or art gallery is a building or space for the display of art, usually from the museum's own collection. It migh ...
, CakePHP
CakePHP is an open-source web framework. It follows the model–view–controller (MVC) approach and is written in PHP, modeled after the concepts of Ruby on Rails, and distributed under the MIT License.
CakePHP uses well-known software engineeri ...
, Symfony, CodeIgniter
CodeIgniter is an open-source software rapid development web framework, for use in building dynamic web sites with PHP.
Popularity
CodeIgniter is loosely based on the popular model–view–controller (MVC) development pattern. While controller c ...
, Laravel
Laravel is a free and open-source PHP web framework, created by Taylor Otwell and intended for the development of web applications following the model–view–controller (MVC) architectural pattern and based on Symfony. Some of the features ...
, Yii Framework, Phalcon and Laminas
Laminas Project (formerly Zend Framework or ZF) is an open source, object-oriented web application framework implemented in PHP 7 and licensed under the New BSD License. The framework is basically a collection of professional PHP-based packag ...
, offering features similar to other web framework
A web framework (WF) or web application framework (WAF) is a software framework that is designed to support the development of web applications including web services, web resources, and web APIs. Web frameworks provide a standard way to build an ...
s.
The LAMP architecture has become popular in the web industry as a way of deploying web applications. PHP is commonly used as the ''P'' in this bundle alongside Linux
Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
, Apache
The Apache () are a group of culturally related Native American tribes in the Southwestern United States, which include the Chiricahua, Jicarilla, Lipan, Mescalero, Mimbreño, Ndendahe (Bedonkohe or Mogollon and Nednhi or Carrizaleño an ...
and MySQL
MySQL () is an open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A relational database o ...
, although the ''P'' may also refer to Python
Python may refer to:
Snakes
* Pythonidae, a family of nonvenomous snakes found in Africa, Asia, and Australia
** ''Python'' (genus), a genus of Pythonidae found in Africa and Asia
* Python (mythology), a mythical serpent
Computing
* Python (pro ...
, Perl
Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages. "Perl" refers to Perl 5, but from 2000 to 2019 it also referred to its redesigned "sister language", Perl 6, before the latter's name was offic ...
, or some mix of the three. Similar packages, WAMP
LAMP (Linux, Apache, MySQL, PHP/Perl/Python) is an acronym denoting one of the most common Software stack, software stacks for many of the web's most popular web application, applications. However, LAMP now refers to a generic software stack mode ...
and MAMP
MAMP is a solution stack composed of free and open-source and proprietary commercial software used together to develop and run dynamic websites on Apple Macintosh computers.
Specifications and uses
The name ''MAMP'' is an acronym that stems ...
, are also available for Windows
Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
and macOS
macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and lapt ...
, with the first letter standing for the respective operating system. Although both PHP and Apache are provided as part of the macOS base install, users of these packages seek a simpler installation mechanism that can be more easily kept up to date.
For specific and more advanced usage scenarios, PHP offers a well defined and documented way for writing custom extensions in C or C++
C++ (pronounced "C plus plus") is a high-level general-purpose programming language created by Danish computer scientist Bjarne Stroustrup as an extension of the C programming language, or "C with Classes". The language has expanded significan ...
. Besides extending the language itself in form of additional libraries
A library is a collection of materials, books or media that are accessible for use and not just for display purposes. A library provides physical (hard copies) or digital access (soft copies) materials, and may be a physical location or a vir ...
, extensions are providing a way for improving execution speed where it is critical and there is room for improvements by using a true compiled language
A compiled language is a programming language whose implementations are typically compilers (translators that generate machine code from source code), and not interpreters (step-by-step executors of source code, where no pre-runtime translation t ...
. PHP also offers well defined ways for embedding itself into other software projects. That way PHP can be easily used as an internal scripting language
A scripting language or script language is a programming language that is used to manipulate, customize, and automate the facilities of an existing system. Scripting languages are usually interpreted at runtime rather than compiled.
A scripting ...
for another project, also providing tight interfacing with the project's specific internal data structure
In computer science, a data structure is a data organization, management, and storage format that is usually chosen for efficient access to data. More precisely, a data structure is a collection of data values, the relationships among them, a ...
s.
PHP received mixed reviews due to lacking support for multithreading at the core language level, though using threads is made possible by the "pthreads" PECL extension.
A command line interface, php-cli, and two ActiveX
ActiveX is a deprecated software framework created by Microsoft that adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly from the World Wide Web. ...
Windows Script Host
The Microsoft Windows Script Host (WSH) (formerly named Windows Scripting Host) is an automation technology for Microsoft Windows operating systems that provides scripting abilities comparable to batch files, but with a wider range of supported fe ...
scripting engines for PHP have been produced.
Popularity and usage statistics
PHP is used for Web content management system
A web content management system (WCM or WCMS) is a software content management system (CMS) specifically for web content. It provides website authoring, collaboration, and administration tools that help users with little knowledge of web programm ...
s including MediaWiki
MediaWiki is a free and open-source wiki software. It is used on Wikipedia and almost all other Wikimedia websites, including Wiktionary, Wikimedia Commons and Wikidata; these sites define a large part of the requirement set for MediaWiki ...
, WordPress
WordPress (WP or WordPress.org) is a free and open-source content management system (CMS) written in hypertext preprocessor language and paired with a MySQL or MariaDB database with supported HTTPS. Features include a plugin architectu ...
, Joomla
Joomla (), also spelled Joomla! (with an exclamation mark) and sometimes abbreviated as J!, is a free and open-source content management system (CMS) for publishing web content on websites. Web content applications include discussion forums, ph ...
, Drupal
Drupal () is a free and open-source web content management system (CMS) written in PHP and distributed under the GNU General Public License. Drupal provides an open-source back-end framework for at least 14% of the top 10,000 websites worldwide ...
, Moodle
Moodle is a free and open-source learning management system written in PHP and distributed under the GNU General Public License. Moodle is used for blended learning, distance education, flipped classroom and other online learning projects in sch ...
, eZ Publish
eZ Publish (pronounced "easy publish") is an open-source enterprise PHP content management system that was developed by the Norwegian company Ibexa. eZ Publish is freely available under the GNU GPL version 2 license, as well as under propriet ...
, eZ Platform
eZ Platform (pronounced "easy platform") is an open-source enterprise PHP content management system (CMS) and Digital eXperience Platform (DXP) developed by the company Ibexa (known previously as eZ Systems), which has headquarters Oslo, Norway ...
, and SilverStripe
Silverstripe CMS is a free and open source content management system (CMS) and framework for creating and maintaining websites and web applications. It provides an out of the box web-based administration panel that enables users to make modificat ...
.
, PHP was used in more than 240 million website
A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google Search, Google, Facebook, Amaz ...
s (39% of those sampled) and was installed on 2.1 million web server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initia ...
s.
, PHP was used as the server-side programming language on 79.1% of websites, down from 83.5% previously, where the language could be determined, and PHP 7 is the most used version of the language with 50.3% of all websites on the web using that version.
Security
In 2019, 11% of all vulnerabilities listed by the National Vulnerability Database The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, ...
were linked to PHP; historically, about 30% of all vulnerabilities listed since 1996 in this database are linked to PHP. Technical security flaws of the language itself or of its core libraries are not frequent (22 in 2009, about 1% of the total although PHP applies to about 20% of programs listed). Recognizing that programmers make mistakes, some languages include taint checking Taint checking is a feature in some computer programming languages, such as Perl, Ruby or Ballerina designed to increase security by preventing malicious users from executing commands on a host computer. Taint checks highlight specific security ri ...
to automatically detect the lack of input validation which induces many issues. Such a feature is being developed for PHP, but its inclusion into a release has been rejected several times in the past.
There are advanced protection patches such as Suhosin
Suhosin (Korean 수호신, , meaning "guardian angel") is an open source software, open source patch (computing), patch for PHP and also a PHP extension, written by the German companSektion Eins The patch and the extension are two independent part ...
and Hardening-Patch, especially designed for web hosting environments.
Historically, old versions of PHP had some configuration parameters and default values for such runtime settings that made some PHP applications prone to security issues. Among these, magic_quotes_gpc
and register_globals
configuration directives were the best known; the latter made any URL parameters become PHP variables, opening a path for serious security vulnerabilities by allowing an attacker to set the value of any uninitialized global variable and interfere with the execution of a PHP script. Support for "magic quotes Magic quotes was a feature of the PHP scripting language, wherein strings are automatically escaped—special characters are prefixed with a backslash—before being passed on. It was introduced to help newcomers write functioning SQL comm ...
" and "register globals" settings has been deprecated since PHP 5.3.0, and removed from PHP 5.4.0.
Another example for the potential runtime-settings vulnerability comes from failing to disable PHP execution (for example by using the engine
configuration directive) for the directory where uploaded files are stored; enabling it can result in execution of malicious code embedded within the uploaded files. The best practice is to either locate the image directory outside of the document root available to the web server and serve it via intermediary script, or disable PHP execution for the directory which stores the uploaded files.
Also, enabling the dynamic loading of PHP extensions (via enable_dl
configuration directive) in a shared web hosting environment can lead to security issues.
Implied type conversion
In computer science, type conversion, type casting, type coercion, and type juggling are different ways of changing an expression from one data type to another. An example would be the conversion of an integer value into a floating point value ...
s that result in different values being treated as equal, sometimes against the programmer's intent, can lead to security issues. For example, the result of the comparison is true
, because strings that are parsable as numbers are converted to numbers; in this case, the first compared value is treated as scientific notation
Scientific notation is a way of expressing numbers that are too large or too small (usually would result in a long string of digits) to be conveniently written in decimal form. It may be referred to as scientific form or standard index form, o ...
having the value (), which is zero. Errors like this resulted in authentication vulnerabilities in Simple Machines Forum
Simple Machines Forum (SMF) software is an open-source web application that provides Internet forum and message board services. It is developed by Simple Machines.
The name reflects the creator's initial goal of providing a website that could b ...
, Typo3 and phpBB
phpBB is an Internet forum package written in the PHP scripting language. The name "phpBB" is an abbreviation of ''PHP Bulletin Board''. Available under the GNU General Public License, phpBB is free and open-source.
Features of phpBB include s ...
when MD5 password hashes were compared. The recommended way is to us
hash_equals()
(for timing attack
In cryptography, a timing attack is a side-channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical operation in a computer takes time to execute, and ...
safety), strcmp
or the identity operator (
), as results in false
.
In a 2013 analysis of over 170,000 website defacement
Website defacement is an attack on a website that changes the visual appearance of a website or a web page. These are typically the work of defacers, who break into a web server and replace the hosted website with one of their own. Defacement ...
s, published by Zone-H
Zone-H is an archive of defaced websites. It was established in Estonia on March 2, 2002. A whois request on the domain shows that it was created on February 14, 2002.
Product
Once a defaced website is submitted to Zone-H, it is mirrored on ...
, the most frequently (53%) used technique was exploitation of file inclusion vulnerability A file inclusion vulnerability is a type of web vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-cont ...
, mostly related to insecure usage of the PHP language constructs include
, require
, and allow_url_fopen
.
W3Techs reports that 64%
of websites using PHP, use versions 7.2 or older (which are no longer supported by The PHP Development Team) with 35%
of all PHP websites using version 5.6 or older.
Version 5 is still used by 24.5% of all the websites (September 2021). It is highly recommended to migrate to PHP version 7 or 8 and use random_int()
instead of rand()
or mt_rand()
, as the latter functions are not cryptographically-secure. There are two attacks that can be performed over PHP entropy sources: "seed attack" and "state recovery attack". With current GPU technologies an attacker can perform up to 2 MD5 calculations per second with a $250 GPU, while with an additional $500 can reach up to 2 calculations. In combination with a "birthday attack
A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties. The attack depends on the higher likeli ...
" this can lead to serious security vulnerabilities.
See also
* Comparison of programming languages
Programming languages are used for controlling the behavior of a machine (often a computer). Like natural languages, programming languages follow the rules for syntax and semantics.
There are thousands of programming languages and new ones are c ...
*
* List of AMP packages
A ''list'' is any set of items in a row. List or lists may also refer to:
People
* List (surname)
Organizations
* List College, an undergraduate division of the Jewish Theological Seminary of America
* SC Germania List, German rugby unio ...
* List of PHP accelerators
This is a list of PHP accelerators.
Alternative PHP Cache (APC)
Alternative PHP Cache is a free and open (PHP license) framework that caches the output of the PHP bytecode compiler in shared memory, thus reducing parsing and disk I/O overhead ...
* List of PHP editors
This article contains a list of text editors with features specific to the PHP scripting language.
Free editors
Cross-platform
* Aptana Studio – Eclipse-based IDE, able to use PDT plugins, visual JS editor. Open-source, free project. (C ...
* PEAR
Pears are fruits produced and consumed around the world, growing on a tree and harvested in the Northern Hemisphere in late summer into October. The pear tree and shrub are a species of genus ''Pyrus'' , in the family Rosaceae, bearing the p ...
(PHP Extension and Application Repository)
* PHP accelerator
A PHP accelerator is a PHP extension designed to improve the performance of software applications written in the PHP programming language.
Operation
Most PHP accelerators work by caching the compiled opcode/bytecode of PHP representation of ph ...
* Template processor
A template processor (also known as a template engine or template parser) is software designed to combine templates with a data model to produce result documents.
The language that the templates are written in is known as a template language ...
* XAMPP
XAMPP ( or ) is a free and open-source cross-platform web server solution stack package developed by Apache Friends, consisting mainly of the Apache HTTP Server, MariaDB database, and interpreters for scripts written in the PHP and Perl programm ...
(Free and open-source cross-platform web server solution stack package)
* Zend Server
{{Infobox software
, title = Zend Server
, name = Zend Server
, logo =
, logo caption = Zend Server
, screenshot =
, caption =
, collapsible =
, author = Zend Technologies
, developer = Perforce
, released = 2009
, discontinued =
, ...
References
Further reading
*
External links
*
*
{{Authority control
1995 software
Articles with example PHP code
Class-based programming languages
Cross-platform software
Dynamic programming languages
Dynamically typed programming languages
Filename extensions
Free compilers and interpreters
High-level programming languages
Internet terminology
Object-oriented programming languages
PHP software
Procedural programming languages
Programming languages
Programming languages created in 1995
Scripting languages
Software using the PHP license
Text-oriented programming languages