Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
 
For 2023 (and 2024 ...) - we are now fully retired from IT training.
We have made many, many friends over 25 years of teaching about Python, Tcl, Perl, PHP, Lua, Java, C and C++ - and MySQL, Linux and Solaris/SunOS too. Our training notes are now very much out of date, but due to upward compatability most of our examples remain operational and even relevant ad you are welcome to make us if them "as seen" and at your own risk.

Lisa and I (Graham) now live in what was our training centre in Melksham - happy to meet with former delegates here - but do check ahead before coming round. We are far from inactive - rather, enjoying the times that we are retired but still healthy enough in mind and body to be active!

I am also active in many other area and still look after a lot of web sites - you can find an index ((here))
Diagrams to show you how - Tomcat, Java, PHP

I like to work with a flipchart occasionally, and I have been doing so quite a bit this week, which is a week that I'm giving a wide ranging web server deployment course under Linux, covering both LAMP / PHP technologies, and Tomcat / Java too. Why do I like using a flipchart? Because it encourages me to come up with a number of simple but effective diagrams which I can look back to and add to my notes / re-use. Here are some from the last couple of days ...




The ancestry of Java and C# from C and C++

The left hand diagram on this page shows how the C language was extended into C++, with source code compatibility maintained - resulting in a complex language. Java (originally called Oak, but I have crossed that name out!) took the best of C++ but removed the need for compatibility, simplified, added network awareness and the virtual machine concept. Never the less, it is C / C++ based.

J++ from Microsoft took the Java standard and added things to it - which was great if you wanted to run J++ but caused issues if you developed code under J+ and expected it to run on a standard Java Virtual Machine; J++ was decidedly NOT the way it had been intended for Java to be taken forward, and it had a short life.

Microsoft's C# follows the same philosophy that Java followed - best of C++, network aware, virtual machines, simplified ... so it's little wonder that it bears more than a passing resemblance to Java. It came a long a bit later, though, and has learned from Java's early experience. As a "differentiator", Java is the more portable across platforms, but C# runs in a .net virtual machine meaning that developers in the environment have an extra choice of other languages, such as Visual Basic.

The diagram to the right shows how Java source code (in a .java file) is compiled into a class file via the javac program, and is then run within a Java Virtual Machine or JVM. The JVM is rather like the engine of a car, and just line buying a car ... you need more than just the engine - in this case you need the whole of a JRE or Java Runtime Environment, which provides your application with all the extra standard classes it needs in order to run.

There's a choice when you download Java between a JRE (lower half of the diagram) and a full JSDK (Java Software Development Kit) which is the JRE plus the compiler an tools. If you see the terms JDK, SDK and JSDK mixed and matched, they're all the same thing - it's just Sun's habit of renaming things from time to time.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



Releases of Java, and which download to choose

Sun have actually done a very good job with Java in terms of an initial specification that hasn't had to be broken with any sort of incompatible source code - which means that it goes up very nicely from Java 1.0 to Java release 1.6.

But would you buy into a product that was 10 years old, and still at release one-point-summat? The marketing folks thought you wouldn't so Java was re-christened Java 2 - we have releases like Java 2 1.3 and Java 2 1.4 - and then with a leap to show it was really well established, we went on to Java 5 and now Java 6. All very well in terms of showing change and progress in the product, but it's really still 1.6.

My diagram also shows Apache Tomcat releases - Tomcat 6 works well with Java 6 (good, and nice to see some synchronisation!). Java 5 goes with - err - Tomcat 5.5 and Java 2 1.4 with Tomcat 5.0. It is also possible to run Tomcat 5.5 with Java 6, and Tomcat 5.0 with Java 5, but you'll need some extra patches if you want to run Tomcat 5.5 with Java 2 1.4 (and, no, I am NOT going back any further)

On the right of my diagram, I was helping my users select which of all the plethora of options they'll need to download to run Tomcat on their Linux servers, supporting Servlets and JSPs. It worked out as follows:
• Sun's Java, rather than anyone else or the oft-supplied gcj / gij.
• The standard edition, rather than micro or enterprise. True, one of the Enterprise jars provides Tomcat support, but that's also included with the Tomcat distribution.
• The Development kit rather than just the Runtime Environment. "Why do I need a compiler on the live server" you may ask. Because you'll be running JSPs which include Java source code you'll need to be able to handle!
• The appropriate download for Linux (Java class files may be portable, but the JVM most certainly is NOT!)
• The appropriate download for the hardware (processor) you're running on - for example i586. (Same portability note!)
• and of course a version that's a release that's compatible with the Tomcat you wish to run.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



Three guises for the Java Virtual Machine

You can run your Java programs as stand alone programs on your computer, on your web server (in the form of Servlets or JSPs) and in your browser (as applets).

In a stand alone program, the programmer provides a method called main which runs, once, when the program is called up.

For a servlet, running on a web server with an engine such as Tomcat's Catalina, the programmer takes a standard pre-written class and overwrites (extends) one of more of its methods - such as init, destroy, doGet and doPost. Unlike a stand alone program, these don't run just once when Tomcat invokes them - either the doGet or the doPost method will run many times, retained in the server's memory - like turning the handle of a machine each time a visitor browses to the URL which triggers them.

Applets run within a browser plugin. When a web page that includes and applet is loaded, a method called init is run once, followed by a method called start when the window becomes visible. The paint method id called repeatedly to keep updating / refreshing the output - giving dynamic graphics - until the window ceases to be visible when the stop method is called. When the user moves on to the next page or kills the browser window, the destroy method is called.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



A flowchart for each stage of a web application

A well designed web based application should work in a manner to something like I am showing in this flowchart. Whether you're looking at a doGet or doPost method in a Java Servlet, or a phase of a PHP application, the pattern is a common one ...

• read any cookie or hidden field to see if this is a continuing session or if we know who the user is
• if we do know the user, read in his details - "shopping cart" - to date, which will be from a file of a database such as MySQL
• process the data that's been entered, which I characterise as finishing up from the previous page. You'll see a multiway branch such as a switch used here, as it's a very good idea (later slide) to have all the stages of an application controlled from a single process.
• prepare for the next page. That will be a branch again and USUALLY for the next page in the sequence, but if the user made an error in entering his data it will refresh the previous page.
• Save the (updated) details back to the shopping cart
• Read it the HTML template for the response page
• Complete and send out the next page / form


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



The 4 layer model

You shouldn't write all the code for a web application in a single file. The file will get too big and too hard to maintain, and you'll be preventing yourself from reusing parts of the code in other pages / applications. You'll also end up with a file that's got a mixture or program code and HTML in it, meaning that it can only be maintained by a person who is skilled in BOTH.

What is better? Try the 4 layer model.

1. Your Top level / controlling code
2. The application logic (also known as the business logic) which contains all the database and calculation code.
3. The Web helpers - your standard routines for (example) ensuring that you are not open to injection attacks, that input boxes are "sticky", and that forms have a consistent way of handling errors
4. Your HTML template that gives you the look and feel of each page.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



Handling any characters in your input

There's a joke about the mother who gave the son the middle names "DROP DATABASE". When she signed him up, on line, for his primary school, the school's computer mysteriously lost all its records ...

In a well programmed system, problems like this should not occur and even database keywords should be acceptable as inputs. But you have to check this in your programming, and as well as keywords be aware of how quotes, less than signs, ampersands, and even spaces are handled.

This diagram shows how user inputs from the web need to be cleaned up to provide the "real" values to be used in calculations, and then need further processing / protection if they're to be stored in a database, or echoed back on a web page.

The same principles apply in Perl (vis CGI), Java, and PHP ... and other languages. The function names in orange on the diagram are from PHP.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



Things to consider in PHP ...

If you're looking to write an easy to use, secure PHP page, here are some of the things you should consider ...
• How to prevent injection attacks (see previous board)
• How to provide sticky fields, so that user who fails to complete a form correctly is NOT penalised by being given a new BLANK form to try again (I think we've all see when sites that drop fields, haven't we?)
• Preventing users bookmarking a page in the middle of a series so that they can just land there, unexpectedly, at a later date - the "Hogwarts effect"
• How to maintain users's sessions
• The best and consistent way to handle errors.
There are considerations for other languages too - it just so happens that this example is a PHP slide!

In PHP, some variables are automatically provided to you when you start your web page processing, and on this board they're listed down the right hand side of the screen. They are:
$_GET - parameters supplied via the URL / GET method
$_POST - parameters supplied via a POSTed form
$_COOKIE - cookies returned with the request
$_ENV - environment variables from the server
$_SERVER - a wide range of variables from the web server / details of the requesy.

$_GET, $_POST, $_COOKIE and $_ENV are also combined into another single array called $_REQUEST which is very useful to you if you want to check for the presence of an input field, whether it was supplied by any of the methods.

Finally, this diagram mentions $_SESSION which is a little different - it's populated by the session_start function rather than by the starting server process, and it contains the information saved for this user's previous page in his / her current session.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



Versions of PHP and code portability

PHP is a vibrant language - so much so that there have been a number of issues / changes over the years, and configuration options added, that mean that PHP code written on one server may not run straight off on another. This board goes through recent(ish) versions, and highlights some of the issues.

Up to and including PHP 4.1, variables were populated directly from form fields which was regarded as a security issue when coding is in the hands of newcomers who don't appreciate the need to initialise their storage. From 4.1 onwards (4.1 supports both methods), you should use $_GET, $_POST or $_REQUEST. But you'll see a delta sign on my diagram - if you have old code, you can support the old mode too ..

As of PHP 5.0, the Object model was changed and if you assign an object, you're copying a pointer in PHP 5, but cloning the whole object in PHP 4. It means, incredibly, that an assignment statement may have a different effect depending on the version you're running.

As PHP 5 was introduced, the MySQL drivers (that had been supplied with PHP4) were withdrawn, due to the tightened license with MySQL. If you want have MySQL support in PHP 5, you download and unpack MySQL first (no need to actually install it - just have the libraries available) and then build PHP.

Also at PHP 5, a second API to the (now loaded from elsewhere) MySQL drivers was provided. The ones provided prior to that date - with names starting with mysql_ - were judged imperfect in Computer Scientist's terms and the mysqli_ ones which were added are considered better. To use the new ones means you have to change your code, so you'll probably want to consider building your PHP with both sets!

Also noted at the top right of this slide - other things to remember with regards to code portability across different versions and settings of PHP
• Register Globals
• Short Tags
• Magic Quotes


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



OOO Arrrr!

There are lots of file types with extensions ending in "ar" which usually stands for "archive"!

.tar files have been around for many, many years - "tape archives" produced and also unpacked by the tar utility. The format is very basic - they're uncompressed, and they lack a single index at the beginning which mean they're very inefficient if you were to even THINK of using them for random access.

.jar files are designated as "Java Archives" and written (and read) by the jar utility which is supplied as a part of the Java distribution - but in fact the can contain any file and directory structure, and they're actually ".zip" file compatible. Which means that they are compressed, and they include a list of contents which allow them to easily be used for randomly accessing the files / elements they contain.

.war files ... "web archives" are .jar files! what tells them apart from .jar files is the specific layout of the files they contain, and a certain subdirectory that must be present, which means that Tomcat will assume that they can be directly deployed (instructions for the URLs to be used contained within!) to allow a "distribute and play" approach to Java Application Upgrades.

Similarly, .ear and .sar files are generated to a specific layout by jar - enterprise archives and service archives. .rar files - resource archives - are something else!


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



Regular Expressions - an easy introduction

If you're looking to see if two values are equal in programming terms, that's usually easy enough - but what is you want to see if (example) a user's data entry "looks like" a postcode - that's an altogether tougher prospect, and we commonly use a regular expression to make the test.

A regular expression is the description of a pattern and can contain a number of elements.

Anchors - things like "does it start with ..."

Literal characters - "does it contain exactly this character"

Character groups - "does it contain a character from this list"

Counts "does it contain one or more of ..."

All these elements were (are) present in grep - the "Regular Expression processor" and they're shown in blue on the board. egrep provides / provided extensions - shown in brown, which included the ability to group together sections of the regular expression, and added an "or" operator described in post terms as "alternation".

Larry Wall's Perl added yet further options - a tiny sampling of those are added in red - and languages like Tcl (John Ousterhout) and PHP added "POSIX" standard alternatives - in Green. Larry decided to support the green POSIX stuff too, and the PHP team supported Larry's style ... and so the whole this is very flexible as well as being a complex story.

For this week's web server deployment course, Regular Expressions actually came up in the form of configuration settings for the Apache httpd web server - especially for mod_rewrite which lets you tell the web server to divert a request which is apparently for a fixed web page to a script that's going - for example - to access a database, passing in the name of the page that was called up as a parameter to the page. It's very clever stuff, allowing us to create whole directories of virtual documents.


Want to learn more from me on this subject? - see here
Looking for more articles and examples? - see here



It's incredible just how long it has taken me to document a few diagrams - but it also goes a long way to proving that a picture paints a thousand words, and to demonstrating just how much useful information I can pack into a short course such as the one I've been giving on site in Milton Keynes (link - what would such a course cost?) this week.

Update - more similar diagrams If you found these diagrams useful, I have added a second series of them here covering the conclusion of the course - with more on Java and Tomcat, and a whole series on MySQL too!
(written 2008-08-22, updated 2008-08-24)

 
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
S159 - MySQL 5 and PHP 5
  [104] mysql_connect or mysql_pconnect in PHP? - (2004-10-30)
  [494] MySQL - a score of things to remember - (2005-11-12)
  [515] MySQL - an FAQ - (2005-12-03)
  [1131] MySQL - Password security (authentication protocol) - (2007-04-02)
  [1417] What software version do we teach? - (2007-10-31)
  [1455] Connecting to MySQL 5 from PHP on Mac OSX Leopard - (2007-12-03)
  [1754] Upgrade from PHP 4 to PHP 5 - the TRY issue - (2008-08-15)
  [2172] PHP4 v PHP5 - Object Model Difference - (2009-05-11)
  [3455] MySQL, MySQLi, PDO or something else - how best to talk to databases from PHP - (2011-09-24)

Q802 - Object Orientation and General technical topics - Regular Expression Elements
  [453] Commenting Perl regular expressions - (2005-09-30)
  [1480] Next course - 7th January 2008, Regular Expressions - (2007-12-21)
  [1799] Regular Expressions in PHP - (2008-09-16)
  [1849] String matching in Perl with Regular Expressions - (2008-10-20)
  [2804] Regular Expression Myths - (2010-06-13)
  [4505] Regular Expressions for the petrified - in Ruby - (2015-06-03)
  [4763] Regex Reference sheet - (2017-10-10)

J607 - Java - Servlets, JSP, Tomcat
  [2058] Invoker and cgi servlets on Tomcat 6 - (2009-02-27)
  [2147] A very easy JSP (Java Server Page) - (2009-05-01)
  [2642] What does a web application look like under Tomcat? - (2010-02-20)

J601 - Java Introduction
  [25] Release numbers - (2004-08-23)
  [111] Training notes available under Open Distribution license - (2004-11-07)
  [124] PHP v Java - (2004-11-20)
  [317] Programming languages - a comparison - (2005-05-20)
  [792] Is Java the right language to learn? - (2006-07-04)
  [871] Java oversold? - (2006-09-19)
  [1049] Java 6, Apache Tomcat 6. - (2007-01-21)
  [1158] Private Java Course - A customer's pictures - (2007-04-22)
  [1418] A Golf Club Decision - Perl to Java - (2007-11-01)
  [1466] Effective Java training - the bootcamp approach - (2007-12-09)
  [1497] Training Season Starts again! - (2008-01-07)
  [1557] Trying out our Java examples on our web site - (2008-02-27)
  [1908] Java CLASSPATH explained - (2008-11-26)
  [2115] Finding your java program - the CLASSPATH variable - (2009-04-02)
  [2423] What is a JVM, a JRE, a JDK - components of the core Java Environment - (2009-09-26)
  [2536] All the Cs ... and Java too - (2009-12-13)
  [4332] First Java Application - calculating the weight of a tablecloth - (2014-11-29)

H302 - PHP - MVC, 4 layer model and templating
  [1634] Kiss and Book - (2008-05-07)
  [1716] Larger applications in PHP - (2008-07-22)
  [2174] Application design in PHP - multiple step processes - (2009-05-11)
  [2199] Improving the structure of your early PHP programs - (2009-05-25)
  [2221] Adding a newsfeed for your users to a multipage PHP application - (2009-06-06)
  [3454] Your PHP website - how to factor and refactor to reduce growing pains - (2011-09-24)
  [3539] Separating program and artwork in PHP - easier maintainance, and better for the user - (2011-12-05)
  [3956] Zend / layout of MVC and other files in an example application (PHP) - (2012-12-16)
  [4066] MVC and Frameworks - a lesson from first principles in PHP - (2013-04-19)
  [4114] Teaching CodeIgniter - MVC and PHP - (2013-06-12)
  [4314] PHP training - refreshed modern course, backed up by years of practical experience - (2014-11-16)

H301 - PHP - Sticky fields and session
  [1739] Bath, Snake or Nag? - (2008-08-06)
  [1911] Remember Me - PHP - (2008-11-28)
  [2416] Automating access to a page obscured behind a holding page - (2009-09-23)
  [2738] What is all this SESSION stuff about? (PHP) - (2010-04-25)
  [3540] Easy session example in PHP - keeping each customers data apart - (2011-12-06)
  [3820] PHP sessions - a best practice teaching example - (2012-07-27)
  [3918] Multiple page web applications - maintaining state - PHP - (2012-11-10)
  [4070] Passing variable between PHP pages - hidden fields, cookies and sessions - (2013-04-26)

A504 - Web Application Deployment - Java - Terminologes, Technologies and releases.
  [4317] Java - an update of the basics - (2014-11-16)


Back to
Dialects of English and Unix
Previous and next
or
Horse's mouth home
Forward to
mod_proxy and mod_proxy_ajp - httpd
Some other Articles
3 hours from Milton Keynes
July child ponders on August children
What is built in to this httpd and PHP?
mod_proxy and mod_proxy_ajp - httpd
Diagrams to show you how - Tomcat, Java, PHP
Dialects of English and Unix
Yank and Push - copy and move in vi
Co-operating to save, yet we dont
WEB-INF (Tomcat) and .htaccess (httpd)
Logging Cookies with the Apache httpd web server
4759 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96 at 50 posts per page


This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2024: 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.net/mouth/1766_Dia ... a-PHP.html • PAGE BUILT: Sun Oct 11 16:07:41 2020 • BUILD SYSTEM: JelliaJamb