8/3/2019 SIP PHP Posibilities
1/35
SIP PHP Posibilities
8/3/2019 SIP PHP Posibilities
2/35
Advantages of using PHP ina web project like
SIP (and others) and considerations about
AJAX projects and web projects ingeneral.
8/3/2019 SIP PHP Posibilities
3/35
The usual structure ofa PHP web application is a 3
tier one; this means the high level structure of the
SIP application is very similar.
8/3/2019 SIP PHP Posibilities
4/35
Data layer
This would be adatabase server; the most
common ones used with PHP are MySql,
Postgres, but any database server can be
used: Oracle, MsSql etc.
If the database server is Mysql then theoperating system is recommended to be Linux,
andnot Windows, since the performance of
Mysql on Linux is significantly better.
8/3/2019 SIP PHP Posibilities
5/35
Mysql technical specifications andadvantages
Pluggable Storage-Engine Achitecture (InnoDB , MyISAM, Merge, Memory,Archive)
ANSI SQL (SubQueries, Joins, Cursors; Prepared Statements; Views;
Triggers;Stored Procedures; User-Defined Functions);
ACID Transactions, Commit, Rollback , Foreign Keys, Referential Integrity
Easy Install and Setup;
Built-in Replication Engine, Master/Slave,;
MySQL Cluster (99.999% Availability, Distributed architecture, Synchronous
replication)
99.999% Availability, Distributed architecture, Synchronous replication
Hot Backup for InnoDB, Full, Incremental, Partial Backups, Auto-Restart/Recovery
SSL Support, Built-in Data Encryption/Decryption
Graphical Tools: MySQL Workbench
8/3/2019 SIP PHP Posibilities
6/35
MySQL Workbench
8/3/2019 SIP PHP Posibilities
7/35
8/3/2019 SIP PHP Posibilities
8/35
Business layer
This usually is a web server with support for PHP. The most common
webservers used with PHP are Apache, Lighthttpd, Nginx but also IIS is suported
The Apache webserver has a lot of configuration options and is very well
documentedanddocumentation can be found in many places on the web (by
using Google) .
The Code architecture is recommended to be MVC as it is a flexible and
week coupled . This means, that , if it it is implemented correctly, anddepending on the application, changes can be done inany of the 3 main parts
of MVC, without having to change somethingalso in other part.
There is no conflict between the 3 tier architecture and MVC; The Model is the
MVC component which would contain the the business layer. The View neednot access directly the Model, since it is the Controller which makes the
connection between the Model and the View
8/3/2019 SIP PHP Posibilities
9/35
The Presentation (Client) Layer
This would be standard HTML (+CSS, JS,Flash),
generated by PHP . PHP appearedas a web scripting language which can
be integrated into web pages. It has evolved into afull language with strong object oriented capabilities.
At the same time it kept it real ease of use, simplicityand conciseness, so it is recommended that thelanguage used in the presentation pages themselves
should also be PHP.
Alternatives to using PHP in the presentation
layer exist, like Smarty, but they are notrecommended, since you cannot really get morechort and concise than PHP is, andalso for
performance reasons.
8/3/2019 SIP PHP Posibilities
10/35
A) classical web application the flow
1. the browser sends an HTTP request to the web server;
2. the server receives the request and sends it to the PHP
component;3. this loads and executes the controller
4. the controller cando:a. security checks (like authenticationandauthorization) ;
b. loads and executes one or more models;
c. the models (which should implement the business logic) accessthe necessary resources (like database, web services, or others),and returndata (or populate some internal Model state);
d. load the View ; the view is composed of HTML ((+CSS, JS,Flash)with place holders for dynamic data, and basic operations over
presentationdata(iterate, conditions);e. render the view by merging the data from the Model with the
View;
f. send the result to the client browser.
5. each time the client clicks ona link the new page is loaded
by going the full process starting from point 1.
8/3/2019 SIP PHP Posibilities
11/35
B) A massively AJAX web application (like SIP) flow :
1. the browser sends an HTTP request to the web server;
2. the server receives the request and sends it to the PHP component;
3. this loads and executes the controller
4. the controller cando:a. security checks (like authenticationandauthorization);b. loads and executes a minimum number of models;
c. loads aView which is very basic and is only the skeleton for the full html page; theview contains special javascript which will execute once the browser receives fully thebasic html page;
d. renders andview and sends it to the client
5. The client (browser) receives the basic html page , andafter it is fully loaded itexecutes the javascript set to execute on DOM load.
6. This script makes many AJAX calls to the server for the content of each block inthe page. Each of these requests goes through the full process describedat pointA, but the result is only the content ofa block in the page .
7. the page is now fully loaded in the client browser
8. each time the client clicks ona link one of 2 things can happen:a. if the page which the client wants is different enough then the current page the client
is on, then the whole process from the B 1 starts again;
b. if the page which the client wants is similar enough to the current page the client ison, then process from point 6 executes, but not for all the blocks in page but only forthe blocks which need to be updated (depending on the business logic andapplication) .
8/3/2019 SIP PHP Posibilities
12/35
Advantages and disadvantages of a massively AJAX web
applications
Advantages
If the pages do not vary much between them (from
a layout point ofview), then the responsiveness of
the application for the end user is increased.
8/3/2019 SIP PHP Posibilities
13/35
Disadvantages
The design has to be made by the designer with great care , to
support missing, appearinganddisappearing blocks from thepage without the layout breaking inany browser;
The pages shouldnot vary much between them because thiswould mean many ajax request to the server, slow load timesfor the pages and losing the AJAX responsiveness advantage .
The caching strategy is more difficult to do, because: data cannot be easily cached for all the blocks necessary in one
page;
blocks can have interdependencies which makes cache harder, andcache expiration, simultaneous for all dependent blocks, a problemto handle;
The framework should be adapted to make the many AJAXrequests lighter from load point ofview; otherwise, a firstloadingaa new page from a massively AJAX site, wouldproduce a load significantly higher thana classical webpage;
the business logic has to be divided in 2 places: on the server
and in the client browser inJavascript.
8/3/2019 SIP PHP Posibilities
14/35
Object Relational Mapping (ORM)
An ORM is a framework that allows to avoid the mismatch, thedifference in how they work) between the Relational Model and theObject Model, which are both present in most web applications .
The SIP project uses an ORM framework which is Entity Data Model(EDM) .
In PHP, agood ORM framework is Doctrine (http://www.doctrine-project.org/).
Doctrine 2 is divided into three main packages.
Common DBAL (includes Common)
ORM (includes DBAL+Common)
The Doctrine code base is split in to these packages for a few reasonsand they are to...
...make things more maintainable anddecoupled
...allow you to use the code in Doctrine Common without the ORM orDBAL
...allow you to use the DBAL without the ORM
8/3/2019 SIP PHP Posibilities
15/35
Doctrine framework
The Common PackageThe Common package contains highly reusablecomponents that have no dependencies beyondthe package itself (and PHP, of course).
The DBAL Package
The DBAL package contains an enhanceddatabaseabstraction layer on top of. The purpose of thislayer is to provide a single API that bridges mostof the differences between the different RDBMSvendors.
8/3/2019 SIP PHP Posibilities
16/35
TheORM Package
The ORM package contains the object-relational mapping toolkit
that provides transparent relational persistence for plain PHPobjects.
Doctrine uses the Data Mapper patternat the heart of thisproject, aiming for a complete separation of the domain/businesslogic from the persistence ina relational database management
system. The benefit of Doctrine for the programmer is the ability tofocus solely on the object-oriented business logic and worry aboutpersistence only as a secondary task. This doesnt mean persistenceis not important to Doctrine 2, however there are considerablebenefits for object-oriented programming if persistence and entitiesare kept perfectly separated.
8/3/2019 SIP PHP Posibilities
17/35
Doctrine supports Inheritance Mapping . Anmapped superclass is anabstract or concrete classthat provides persistent entity state and mappinginformation for its subclasses, but which is not itselfan entity. Typically, the purpose of such a mappedsuperclass is to define state and mappinginformation that is common to multiple entityclasses.
Doctrine introduces DQL which is best describedasobject-query-language and is adialect ofOQL andsimilar to HQL or JPQL. It does not know the conceptof columns and tables, but only those of Entity-Classand property. Using Metadata it allows for veryshort distinctive and powerful queries.
8/3/2019 SIP PHP Posibilities
18/35
Example:
The following query in standard SQL
SELECT sp.FirstName, sp.LastName, sp.HireDate
FROM SalesPerson sp
INNER JOIN Employee e ON sp.SalesPersonID =e.EmployeeID
INNER JOIN Contact c ON e.EmployeeID = c.ContactID
WHERE e.SalariedFlag = 1
AND e.HireDate >= '2008-01-01'
could be written in DQL like this (consideringall the entity classes andMetadata is defined), if we hada class inheritance and inheritance mapping:
SalesPerson extends Employee andEmployee extends Contact
SELECT sp.FirstName, sp.LastName, sp.HireDate
FROM Contacts\Employees\SalesPerson AS sp
WHERE e.HireDate >= '2008-01-01'
8/3/2019 SIP PHP Posibilities
19/35
Debugging
AnAJAXapplication is inherently more difficult to debug,because:
it has business logic in 2 separate places: in the server andin the client browser;
the very flexible and no private members javascriptnature;
However, to debuganAjax application in PHP one ca use:
simple debug logs messages, directly to output or to logfiles;
step by step debugging in PHP, by using the Xdebugextension;
Firebug to debug in the browser Javascript andAjax calls .
8/3/2019 SIP PHP Posibilities
20/35
Deployment
The deployment ofa PHP web project is generally a simple thing. Itincludes more steps some of which must be done only first time, andsome of which can be skippeddepending on the project:
Deployment related tasks
One time only deployment tasks
install operating system, for example Linux Ubuntu Server or Redhat; install Apache, Php and Mysql;
this can be done easily in linux using packages which can be installed usingjust one command for each program;
install the necessary extensions for PHP, depending on the project;
this can be done easily in linux using packages which can be installed usingjust one command for each program;
configure virtual host inApache
8/3/2019 SIP PHP Posibilities
21/35
Regular deployments tasks
put the code and resources files on the server; this can be done
in more ways; using FTP or SFTP; this is not recommended because of the dificulty totrack changes and the exact version present on production;
using SVN updates; this is the recommendedversion because: easy to track changes;
ability to know what version is in production;
ability to revert to a previous code version easily;
rundatabase updates; this can be done in more ways: manually in the database; not recommended, because it is hard to know
which updates were runand which not
usinganautomated script; we have such anautomated sql deploymentscript which works quite well andallows:
to view the sql queries which need to be run; to logall the updates done to the db
to automatilcally run only the not run updates;
to update the log separately from running the queries, in case of unsinchronisedlog, due to database dumps moving;
copy config files, separate for each application instance; for the RTLINFO older versionapplication we were usinga PHP script
which was doing this inan easy way;
8/3/2019 SIP PHP Posibilities
22/35
Tools and features which make PHP developmenteasier
XDEBUGXDEBUG
Xdebug is a PHP extension which allows:
more useful error messages;
step by step debugging, together with Eclipse IDE;
full stack trace log innon error conditions, whichcombined with a few tools to view those logs inagraphical manner (for Linux and Windows), make ituseful for performance tuning;
8/3/2019 SIP PHP Posibilities
23/35
PhingPhing
A PHP project build system or build tool basedon Apache Ant.
An easy-to-use and highly flexible build framework.
Simple XML buildfiles
Rich set of provided tasks
Easily extendable via PHP classes
Platform-independent: works on UNIX, Windows, MacOSX
No required external dependencies
Built & optimized for ZendEngine2/PHP5
8/3/2019 SIP PHP Posibilities
24/35
JSON handlingJSON handling
To work with JSON in PHP is very easy. Toconvert to from PHP object or array to aJSON
object or array you need just 2 functions:
json_encode andjson_decode .
8/3/2019 SIP PHP Posibilities
25/35
Security in PHP web applications
Security in PHP web applications does not really depend on theprogramming language. It is a matter of business logic to write secureapplications.
Authentication
Authentication means requestingandverifying the identity of thecurrent user.
Authentication is done usually usinga simple form; the user submits the account details to the server
the server check a persistent storage to see if the account is validand logsin the user;
the fact that the user is logged in is kept in the Session; the session is a
common feature of web applications; it is a storage of small amount ofdata, usually available automatically to any instance of web page for anyuser, logged in or not. The correspondence betweena session on the serveranda user currently browsing the site is done by usinga HTTP cookie whichcontains the session identifier for each user, in his own browser.
8/3/2019 SIP PHP Posibilities
26/35
Authorization
Authorization means to check ifa subject has theright to do a certainaction ona certain object.
This can be done in more ways:
Usingaccess lists
Using custom code
generally custom code is the preferred way for very
custom requests of the business logic, anda small
number of operations of objects, in which case the
overhead of usingACLs would be to much;
8/3/2019 SIP PHP Posibilities
27/35
Encrypted connections, SSL
Web applications using PHP can use encryptedcommunication between the browser and the
server. This is done by using Public Key
encryptionandCertificates. Protocols: SSL, TLS
The Apache server supports SSL using OPENSSL.
Ingeneral only some parts of the application may
require encrypted communications, like
logging in;
online payments using credit cardand other payment
information.
8/3/2019 SIP PHP Posibilities
28/35
Example of the flow a simple request and response
The code examples will be non fully working ones, since we do
not have ready made project where to copy them from and thelack of time to implement an example;
Lets say we need in our applicationa way to present the citiesusing some criteria. This will be a method ofaRESTWebservice; in the PHP applications REST webservices are
much more common than SOAP webservices; also they aremuch more easier to use .
this method will receive parameters using simple HTTP GETand return the informationas aJSON string .
Let us suppose that the application is written inCakePHP .
The AJAX request from the browser would be something like
http://example.com/regions/getCities/parentRegionId:10/minPopulation:5000
Obs: errors are not treated for brevity and clarity;
8/3/2019 SIP PHP Posibilities
29/35
CONTROLLER part 1
Ina controller class called regions we will have a public method calledgetCities
public functiongetCities($parentRegionId =null, $minPopulation =null) {
}
this would containamong others The call to the model to get the cities
$cities = $this->City->getCities($parentRegionId,
$minPopulation);
The City property member is automatically instantiated by CakePhpaccording to a list of models we need for each controller.
8/3/2019 SIP PHP Posibilities
30/35
MODEL
In the model class City we would have the method:public functiongetCities($parentRegionId, $minPopulation) {
return $this->find(
'all',
array(
'fields' => array('name, 'population', 'surface_area', 'lat', 'long),
'conditions' => array(
'City.parent_region_id' => $parentRegionId,'City.population >= ' . $minPopulation,
),
'order' => array('City.name ASC'),'recursive' => 0,
'contain' => array('Country')
));
}
This method would returnall the cities from the region with id equal to$parentRegionId and which have a minimum population of $minPopulation;
It will also return informationabout the country the city belongs to.
8/3/2019 SIP PHP Posibilities
31/35
CONTROLLER part 2
In the controller we will also have the encoding
of the cities to json string:
$citiesJson = json_encode($cities);
$this->set(citiesJson, $ citiesJson);
This will encode the cities informtaion into a
JSON stringand make it available to the view.
8/3/2019 SIP PHP Posibilities
32/35
VIEWVIEW
The view will be a file like cities_list.ctp; it will
display agrid with the cities; in the example
below the grid contains other information, but it
is similar.
We will use a javascript library called ExtJs very
useful to draw controls, which are very flexible;
see mode about it on:http://www.sencha.com/products/extjs/
8/3/2019 SIP PHP Posibilities
33/35
View template content
This is what the server sends to the client as reponse to the
request to view a block with AJAX.
The rest of the view logic is inside the javascript file array-
grid.js
8/3/2019 SIP PHP Posibilities
34/35
View output
8/3/2019 SIP PHP Posibilities
35/35