PHP for Java Developers: Chapters 8-22 Summary

This document provides comprehensive outlines for chapters 8-22. Each outline covers the essential concepts Java developers need to understand when learning PHP.

---

Part 3: Modern PHP Development

Chapter 8: Composer & Dependencies

Key Topics:

• Composer Overview: PHP's dependency manager (like Maven/Gradle)
• composer.json: Project configuration file (like pom.xml)
• Installing Packages: composer require vendor/package
• Autoloading: PSR-4 automatic class loading
• Lock Files: composer.lock ensures consistent dependencies
• Semantic Versioning: Understanding version constraints
• Common Packages: monolog/monolog, guzzlehttp/guzzle, symfony/http-foundation

Java Comparison:

<!-- Maven pom.xml -->
<dependencies>
  <dependency>
    <groupId>com.example</groupId>
    <artifactId>library</artifactId>
    <version>1.0.0</version>
  </dependency>
</dependencies>

// Composer composer.json
{
  "require": {
    "vendor/library": "^1.0"
  }
}

Essential Commands:

composer install      # Install dependencies (like mvn install)
composer update       # Update dependencies
composer require pkg  # Add new dependency
composer dump-autoload # Regenerate autoloader

---

Chapter 9: Working with Databases

Key Topics:

• PDO (PHP Data Objects): Database abstraction layer (like JDBC)
• Database Connections: DSN strings and connection management
• Prepared Statements: SQL injection prevention
• Query Execution: SELECT, INSERT, UPDATE, DELETE
• Transactions: BEGIN, COMMIT, ROLLBACK
• Query Builders: Fluent interfaces for SQL
• Eloquent ORM: Laravel's ActiveRecord implementation

Java JDBC vs PHP PDO:

// Java JDBC
Connection conn = DriverManager.getConnection(url, user, pass);
PreparedStatement stmt = conn.prepareStatement("SELECT * FROM users WHERE id = ?");
stmt.setInt(1, userId);
ResultSet rs = stmt.executeQuery();

// PHP PDO
$pdo = new PDO($dsn, $user, $pass);
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$userId]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);

Best Practices:

• Always use prepared statements
• Never concatenate user input into SQL
• Use transactions for multiple related operations
• Close connections in finally blocks
• Use connection pooling for performance

---

Chapter 10: Building REST APIs

Key Topics:

• RESTful Principles: Resources, HTTP methods, status codes
• Routing: Mapping URLs to controllers
• JSON Responses: Encoding/decoding data
• Request Validation: Input sanitization and validation
• Authentication: JWT tokens, API keys
• Error Handling: Consistent error responses
• CORS: Cross-origin resource sharing
• API Versioning: URL-based or header-based

Simple PHP REST API:

<?php
// GET /api/users
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    header('Content-Type: application/json');
    echo json_encode(['users' => $users]);
}

// POST /api/users
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $data = json_decode(file_get_contents('php://input'), true);
    // Create user
    http_response_code(201);
    echo json_encode(['user' => $newUser]);
}

Status Codes:

• 200 OK - Success
• 201 Created - Resource created
• 400 Bad Request - Invalid input
• 401 Unauthorized - Authentication required
• 404 Not Found - Resource doesn't exist
• 500 Internal Server Error - Server error

---

Chapter 11: Dependency Injection

Key Topics:

• DI Containers: Automatic dependency management
• Constructor Injection: Preferred method
• Service Providers: Registering services
• Autowiring: Automatic dependency resolution
• PHP-DI Library: Popular DI container
• Symfony DI: Enterprise-grade container

Spring DI vs PHP DI:

// Java Spring
@Autowired
private UserRepository repository;

@Component
public class UserService {
    private final UserRepository repository;

    @Autowired
    public UserService(UserRepository repository) {
        this.repository = repository;
    }
}

// PHP DI Container
class UserService {
    public function __construct(
        private UserRepository $repository
    ) {}
}

// Container configuration
$container->set(UserRepository::class, function() {
    return new UserRepository($pdo);
});

---

Part 4: Testing & Quality

Chapter 12: Unit Testing with PHPUnit

Key Topics:

• PHPUnit Installation: composer require --dev phpunit/phpunit
• Test Classes: Extending TestCase
• Assertions: assertEquals, assertTrue, assertSame
• Test Methods: Must start with test or use @test annotation
• Setup/Teardown: setUp(), tearDown() methods
• Mocking: Creating test doubles
• Code Coverage: Measuring test effectiveness

JUnit vs PHPUnit:

// JUnit
import org.junit.Test;
import static org.junit.Assert.*;

public class CalculatorTest {
    @Test
    public void testAdd() {
        Calculator calc = new Calculator();
        assertEquals(5, calc.add(2, 3));
    }
}

// PHPUnit
use PHPUnit\Framework\TestCase;

class CalculatorTest extends TestCase
{
    public function testAdd(): void
    {
        $calc = new Calculator();
        $this->assertEquals(5, $calc->add(2, 3));
    }
}

Running Tests:

./vendor/bin/phpunit tests/      # Run all tests
./vendor/bin/phpunit --coverage-html coverage/  # With coverage

---

Chapter 13: Integration Testing

Key Topics:

• Database Testing: Using test databases
• Test Fixtures: Setting up test data
• API Testing: Testing HTTP endpoints
• Test Isolation: Each test is independent
• Factories: Generating test data
• Seeders: Populating test database
• CI/CD Integration: GitHub Actions, GitLab CI

Test Database Setup:

class DatabaseTest extends TestCase
{
    protected function setUp(): void
    {
        // Create test database connection
        $this->pdo = new PDO('sqlite::memory:');
        $this->pdo->exec('CREATE TABLE users ...');
    }

    protected function tearDown(): void
    {
        // Clean up
        $this->pdo = null;
    }
}

---

Chapter 14: Code Quality Tools

Key Topics:

• PHPStan: Static analysis (like SpotBugs for Java)
• Psalm: Another static analyzer
• PHP_CodeSniffer: Style checker (like Checkstyle)
• PHP CS Fixer: Auto-format code
• PHPMD: Mess detector (like PMD)
• Git Hooks: Pre-commit checks
• CI Pipeline: Automated quality checks

PHPStan Example:

composer require --dev phpstan/phpstan
./vendor/bin/phpstan analyse src

Configuration:

# phpstan.neon
parameters:
    level: 8  # Maximum strictness
    paths:
        - src
        - tests

---

Part 5: Web Development

Chapter 15: HTTP & Request/Response

Key Topics:

• Superglobals: $_GET, $_POST, $_SERVER, $_COOKIE, $_SESSION
• Request Method: $_SERVER['REQUEST_METHOD']
• Headers: header() function
• PSR-7: HTTP message interfaces
• Middleware: Request/response pipeline
• Query Parameters: Parse $_GET array
• POST Data: Parse $_POST or php://input

Superglobals vs Java Servlets:

// Java Servlet
String name = request.getParameter("name");
String method = request.getMethod();
String userAgent = request.getHeader("User-Agent");

// PHP Superglobals
$name = $_GET['name'] ?? '';
$method = $_SERVER['REQUEST_METHOD'];
$userAgent = $_SERVER['HTTP_USER_AGENT'];

---

Chapter 16: Sessions & Authentication

Key Topics:

• Session Start: session_start()
• Session Variables: $_SESSION array
• Session Security: Regenerate IDs, secure cookies
• JWT Authentication: Stateless tokens
• OAuth2: Third-party authentication
• Password Hashing: password_hash(), password_verify()
• Remember Me: Persistent login
• CSRF Protection: Token verification

Session Management:

// Start session
session_start();

// Store data
$_SESSION['user_id'] = $userId;
$_SESSION['username'] = $username;

// Retrieve data
$userId = $_SESSION['user_id'] ?? null;

// Destroy session
session_destroy();

Password Hashing:

// Hash password (never store plain text!)
$hash = password_hash($password, PASSWORD_ARGON2ID);

// Verify password
if (password_verify($inputPassword, $hash)) {
    // Login successful
}

---

Chapter 17: Forms & Validation

Key Topics:

• Form Handling: Processing $_POST data
• Input Validation: filter_var(), custom validators
• Sanitization: htmlspecialchars(), strip_tags()
• CSRF Tokens: Preventing cross-site request forgery
• File Uploads: $_FILES array, move_uploaded_file()
• Form Libraries: Symfony Form, Laravel Validation
• Client-side Validation: HTML5 + JavaScript

Form Processing:

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Validate
    $email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
    if (!$email) {
        $errors['email'] = 'Invalid email';
    }

    // Sanitize
    $name = htmlspecialchars($_POST['name'], ENT_QUOTES);

    // CSRF Check
    if ($_POST['csrf_token'] !== $_SESSION['csrf_token']) {
        die('CSRF token mismatch');
    }

    if (empty($errors)) {
        // Process form
    }
}

---

Chapter 18: Security Best Practices

Key Topics:

• SQL Injection: Always use prepared statements
• XSS Prevention: Escape output with htmlspecialchars()
• CSRF Protection: Use tokens for state-changing operations
• Password Security: Use password_hash() with strong algorithms
• Session Security: Secure cookies, regenerate IDs
• Input Validation: Never trust user input
• HTTPS: Always use TLS/SSL
• Security Headers: Content-Security-Policy, X-Frame-Options
• File Upload Security: Validate MIME types, restrict extensions

Essential Security Checklist:

// ✅ SQL Injection Prevention
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);

// ✅ XSS Prevention
echo htmlspecialchars($userInput, ENT_QUOTES, 'UTF-8');

// ✅ CSRF Prevention
if ($_POST['csrf_token'] !== $_SESSION['csrf_token']) {
    die('Invalid CSRF token');
}

// ✅ Password Hashing
$hash = password_hash($password, PASSWORD_ARGON2ID);

// ✅ Secure Session Cookies
session_set_cookie_params([
    'lifetime' => 0,
    'path' => '/',
    'domain' => '',
    'secure' => true,  // HTTPS only
    'httponly' => true,  // No JavaScript access
    'samesite' => 'Strict'
]);

---

Part 6: Frameworks & Beyond

Chapter 19: Framework Comparison

Comparing PHP Frameworks to Java:

PHP Framework	Java Equivalent	Use Case
Laravel	Spring Boot	Full-stack web applications
Symfony	Java EE/Spring	Enterprise applications
Slim	Spark/Javalin	Microservices/APIs
Laminas	Java EE	Enterprise/Legacy

Laravel vs Spring Boot:

• Routing: Similar annotation-based routing
• ORM: Eloquent vs JPA/Hibernate
• DI: Built-in vs Spring DI
• Templates: Blade vs Thymeleaf
• CLI: Artisan vs Spring CLI

When to Choose:

• Laravel: Rapid development, full-stack apps
• Symfony: Large enterprise projects, reusable components
• Slim: Microservices, REST APIs
• Laravel + Vue: Modern SPA applications

---

Chapter 20: Laravel Fundamentals

Key Topics:

• Installation: composer create-project laravel/laravel myapp
• Artisan CLI: Laravel's command-line tool
• Routing: Route::get(), Route::post()
• Controllers: MVC pattern
• Eloquent ORM: ActiveRecord implementation
• Blade Templates: Template engine
• Migrations: Database versioning
• Middleware: HTTP request pipeline
• Authentication: Built-in auth scaffolding
• Testing: PHPUnit integration

Quick Start:

# Create project
composer create-project laravel/laravel blog

# Run development server
php artisan serve

# Create migration
php artisan make:migration create_users_table

# Create model
php artisan make:model User

# Create controller
php artisan make:controller UserController

Laravel vs Spring Boot Structure:

Laravel:                  Spring Boot:
app/                     src/main/java/
├── Models/              ├── domain/
├── Controllers/         ├── controller/
└── Services/            └── service/
routes/
├── web.php              @RequestMapping
database/
├── migrations/          db/migration/
resources/
└── views/               templates/

---

Chapter 21: Symfony Components

Key Topics:

• Component Architecture: Standalone, reusable components
• HttpFoundation: Request/Response abstraction
• Routing: Flexible routing system
• Console: CLI application framework
• Dependency Injection: Powerful DI container
• Event Dispatcher: Event-driven architecture
• Symfony Flex: Project setup and recipes
• Doctrine ORM: Database abstraction

Using Symfony Components:

// HttpFoundation
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

$request = Request::createFromGlobals();
$name = $request->query->get('name', 'World');

$response = new Response("Hello, $name!");
$response->send();

// Routing
use Symfony\Component\Routing\Route;
use Symfony\Component\Routing\RouteCollection;

$routes = new RouteCollection();
$routes->add('home', new Route('/', ['_controller' => 'HomeController']));

Symfony vs Java EE:

• Both are component-based
• Strong DI containers
• Event-driven architectures
• Enterprise-grade features
• Extensive ecosystems

---

Chapter 22: Micro-frameworks (Slim)

Key Topics:

• Slim Framework: Lightweight PHP framework
• PSR-7 Support: HTTP message interfaces
• Routing: Simple route definitions
• Middleware: Request/response pipeline
• Dependency Injection: Built-in container
• Performance: Minimal overhead
• Use Cases: APIs, microservices, small apps

Slim vs Laravel/Symfony:

• Size: Much smaller footprint
• Features: Fewer built-in features
• Flexibility: More control over architecture
• Learning Curve: Easier to learn
• Performance: Faster for simple applications

Quick Example:

<?php
use Slim\Factory\AppFactory;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;

$app = AppFactory::create();

// Define routes
$app->get('/hello/{name}', function (Request $request, Response $response, array $args) {
    $name = $args['name'];
    $response->getBody()->write("Hello, $name");
    return $response;
});

$app->get('/api/users', function (Request $request, Response $response) {
    $users = getUsersFromDatabase();
    $response->getBody()->write(json_encode($users));
    return $response->withHeader('Content-Type', 'application/json');
});

$app->run();

When to Use Slim:

• Building REST APIs
• Microservices architecture
• Learning PHP frameworks
• Projects where Laravel/Symfony is overkill
• Need maximum control over architecture
• Performance-critical applications

---

Series Summary

Congratulations on completing the PHP for Java Developers series! You now have a comprehensive understanding of:

Core PHP:

• Syntax and language features
• Object-oriented programming
• Namespaces and autoloading
• Error handling

Modern Development:

• Composer dependency management
• Database access with PDO
• Building REST APIs
• Dependency injection

Quality & Testing:

• Unit testing with PHPUnit
• Integration testing
• Code quality tools

Web Development:

• HTTP request/response handling
• Sessions and authentication
• Form processing and validation
• Security best practices

Frameworks:

• Laravel for full-stack applications
• Symfony for enterprise projects
• Slim for microservices and APIs

Next Steps:

1. Build a complete project using what you've learned
2. Explore the Laravel or Symfony documentation
3. Contribute to open-source PHP projects
4. Join the PHP community (forums, conferences, meetups)
5. Keep learning about PHP 8.x features and improvements

Resources:

• PHP.net Official Documentation
• Laravel Documentation
• Symfony Documentation
• PHP: The Right Way
• Packagist.org - PHP package repository

Thank you for following this series. Happy coding in PHP! 🐘