PHP is indeed one of the most used programming languages in the world to develop applications and websites on the Internet. PHP 8 is a very dynamic, flexible programming language; it’s also easy to use as embedded language, for instance, for HTML.
In this chapter, you will learn all about exceptions, form validation, and regular expressions. What are they and when do we need to use them?
PHP is indeed very flexibility programming language, also when it comes to handling exceptions, which are out-of-the-ordinary scenarios that may occur in code. A code exception can be something like an input or code bug, and PHP version 8, compared to previous versions, has been updated to be more secure and to handle more exceptions better.
We will explain how to use PHP exceptions using try, catch, and throw.
Also, as developer, you will need to do web form validation, which means validating certain values entered in a PHP form of various input field types like text boxes, checkboxes, radio buttons, and checklists.
Finally, we will describe the usage of PHP regular expressions, which are simply a sequence of characters that form a search pattern and can be used, for instance, to check with your PHP code if a provided string of text contains a certain pattern of characters.
PHP Exceptions (try, catch, finally, and throw)
PHP Form Validation (validating Name and E-Mail values)
PHP Regular Expressions
PHP Exceptions
As we said in the introduction of the chapter, an exception in a programming language is simply an unexpected outcome of a PHP program. Your goal is to tell your code how to handle any unexpected outcome by itself, where possible.
Please remember that the main difference between an error and an exception is that an exception will disrupt the normal flow of your code but by adding some additional code it can be handled while an error cannot be handled by the code itself. You will see how to use PHP to handle exceptions thrown and catch them.
PHP, like all programming languages, must have a code exception mechanism to handle runtime errors, also known exceptions. This, in PHP and any other language, is necessary to maintain the normal flow of the application.
CompileError
ParseError
TypeError
ArithmeticError
ClosedGeneratorException: Occurs when trying to attempt to perform a traversal on a generator that has already been closed or terminated.
DOMException: When an operation is impossible to perform for logical reasons
ErrorException: Used to convert a PHP error to an exception
IntlException: As per the PHP documentation, this class is used for generating exceptions when errors occur inside an intl function. Such exceptions are only generated when intl.use_exceptions is enabled.
PHP can help us handle runtime errors such as IOException, SQLException, ClassNotFoundException, and many more.
Let’s start with an example where unfortunately the exception is not caught, generating a fatal error issued with an "Uncaught Exception" message.
In this example, you will throw an exception without catching it by sending the number 3 to a PHP function named checkMyNum, which is expecting only a value of 1 or below.
Here is the code:
try: The try block includes your function triggered in the case of an exception of your code. If no exception triggers the try, the code will simply continue as normal. If an exception is triggered, it means that the exception is "thrown."
throw: This is how you trigger a certain exception but remember that each throw must have at least one catch in the code.
catch: The catch block mainly retrieves the exception occurred and creates an object containing the exception information and decides what to do, like print an error message.
finally: The finally block can be specified after or instead of a catch block. The code within the finally block will always be executed after the try and catch blocks, regardless of whether an exception has been thrown and before normal execution resumes.
The current state of your code will be saved.
The execution of your code will be switched automatically to the predefined exception handler function you added in the code.
Finally, the handler function will halt the execution of program, will either resume the execution from the last saved code state, or continue the execution of your code from another part of it.
Let’s now take your uncaught exception error PHP code and fix it with try, catch, finally, and throw methods.
You create a checkMyNum() function, which simply checks if a number is greater than 1.
Since you sent the number 3, the exception within the checkMyNum() function is thrown
The checkMyNum() function is called in the try block.
Your code in the catch block will simply retrieve the exception and create the object ($e) that contains the exception information, in your case to print the “Caught exception” error message using echo, which finally will print the error message from the exception by calling $e->getMessage().
The finally block will complete your code, just closing the code execution and writing the message “Code execution completed.”
Please remember that you can develop your own PHP customized exception handler by just creating a special class with functions that can be called when a certain exception occurs in your PHP code. This customized exception handler class must be an extension of the exception class.
Let’s see next how to validate a PHP web form.
PHP Form Validation
Web form validation at the client side is very important for security reasons, helping developers protect PHP forms from hackers and spammers.
You may need to perform a PHP form validation of the values entered in a PHP form containing various types of fields like text boxes, checkboxes, radio buttons, and checklists.
Say you have an HTML web form and you want to use PHP to validate the values entered in the form prior sending it to the server.
First, build a simple HTML web form like this:
Now you need to write some PHP code that will allow you to simply verify the values entered as Name and E-mail before they are sent to the server.
Suppose you wish to have the HTML value of Name required and that it must only contain letters and whitespace. The E-mail value will also be required and must contain a valid email address (including @ and . as typical email format characters).
Let’s start from the previous HTML web page and add some PHP validation code. Create a new PHP file named form-action.php, which for now will only validate if the values entered are not empty:
PHP form web page submitted with empty fields
Let’s update the PHP example so that it will validate the value entered for Name, which must only be letters and whitespace, and validate that the format of the E-mail value must contain @ and . characters as part of the value submitted.
Here is the updated code:
PHP form web page submitted with invalid values
When you analyze the code, you see that to validate the Name value, you utilize the PHP regular expression function preg_match() (you will learn more about it later in this chapter), which returns 1 if the pattern is found in the string and 0 if it is not.
So, in your PHP code you define the function as preg_match("/^[a-zA-Z-' ]*$/",$name)), where you force the value entered to have only letters and whitespace. If not, the code will produce an error message of “Error: Only letters and whitespace allowed!”
To validate the E-mail value, you use the PHP function named filter_var(), which filters a variable with a specified filter and utilizes the PHP predefined filter constant FILTER_VALIDATE_EMAIL, which validates a value as a valid format for an entered e-mail address.
If you didn’t enter @ or ., the code will produce the error “Error: Invalid email format!”
Let’s now learn how to use PHP regular expressions.
PHP Regular Expressions
As we said in the introduction of the chapter, a regular expression is simply a sequence of characters that forms a searching pattern. Regular expressions are commonly known as regex and by default they are case-sensitive.
In general, a regular expression can be a single character or a more complicated pattern made of several characters.
They are mainly used when you need to run a text search, perform a text replace operation, or split a string into multiple chunks, for instance.
Regular expressions use arithmetic operators (+, -, ^) to create complex expressions.
You need to validate a certain text string in your code.
You need to analyze and search a pattern in a certain string or modify a text string.
You need to search for special keywords.
You need help with user input validation testing, validating browser detection, spamming filtration, password strength checking, and more.
/ is the delimiter .
mas[si]mo is the pattern you are searching for.
i is an example of a special character you can use with a regular expression (in this case, it forces case-insensitive searching).
[si]: This square bracket defines which character within a certain pattern might or might not be searched (in this case, it means match one character, s or i).
@Text is the given string you will search the pattern in.
In regular expressions, the delimiter can be any character, but it cannot be a letter, number, backslash, or space.
Regular Expressions Modifiers
i: When you need to have a case-insensitive pattern search
m: When you need to perform a multiline search using a pattern to search at the beginning or end of a string to match
u: When you need to enable a correct matching of UTF-8 encoded patterns
Regular Expression Metacharacters
is a general escape character with several uses.
^ means to assert start of subject (or line, in multiline mode).
$ means to assert end of subject or before a terminating newline (or end of line, in multiline mode).
. means match any character except newline (by default).
[ means start character class definition.
] means end character class definition.
| means the start of an alternative branch.
( means start a subpattern.
) means end a subpattern.
? extends the meaning of (, also 0 or 1 quantifier, also makes greedy quantifiers lazy (see repetition).
* is used for 0 or more quantifiers.
+ is used for 1 or more quantifiers.
{ is a start min/max quantifier.
} is an end min/max quantifier.
Regular Expression Square Brackets
In a regular expression, square brackets surrounding a pattern of characters are called a character class, So [abcdef] will match a single character out of your list of specified characters. In this example of a regular expression, [abcdef] will only match the a, b, c, d , e, or f characters and nothing else.
[abc] means match one character from the options in the brackets.
[^abc] means match any character NOT in the brackets.
[0-9] means match one character from the range 0 to 9.
Regular Expression Quantifiers
a+ matches any string that contains at least one character a.
a* matches any string that contains zero or more occurrences of the character a.
a{x} matches any string that contains the letter a exactly x times.
a{2} matches any string that contains the letter a exactly two times.
a{x,y} matches any string that contains a between x and y times.
Finally, PHP regular expressions use grouping via parentheses to apply quantifiers to entire patterns.
Regular Expression Functions
preg_match() returns 1 if the pattern is found in the string and 0 if it is not.
preg_match_all() returns the number of how many times the pattern was found in the string or false on failure.
preg_replace() returns a new string where matched patterns have been replaced with another string; otherwise, the subject is returned unchanged or null if an error occurrs.
Let’s start your first example of PHP regular expression using preg_match(), which will return 1 if the pattern is found in the string and 0 if it is not. Here is the code:
The output of this code is Match was found! because “Massimo” is in the text and the i means case-insensitive, which means “Massimo” and “Massimo” are the same.
Removing the i from the pattern means a match will be not found because regular expressions are by default case-sensitive.
Let’s have the same example but using some squared brackets.
The output of this code is Match was found! as “Massimo” is in the text, with the i meaning case-insensitive but in this case one of the needed characters, s, is in the square bracket of [trgs], which means match one character from the options in the brackets. Since s is in the square bracket, the pattern is found.
Here’s an example using the metacharacter $, which means look for a match at the end of the string:
The output of this code is Match was found! as the pattern “imo” is found at the end of the text “Massimo.”
Let’s create an example of a regular expression with a group and quantifier. You want to search for a match in a string that contains the letters “co” exactly two times.
The output of this code is Match was found! because the pattern “co” is found exactly two times in the text “I love coconut.”
Let’s create a new PHP example of a regular expression using preg_match_all(), which will return the number of how many times the pattern was found in the string.
The output of this code is 2 because the pattern “na” is found two times: in the words “name” and “Naples,” because you added I so the case is insensitive.
Finally, let’s create a new PHP example of a regular expression using preg_replace(), which returns a very new string where matched patterns are replaced with another string.
The output of this code is “My favorite color is blue!” because the pattern “red” is found in the text and is replaced with the new text “blue.” The case is insensitive because you added i.
Summary
In this chapter, you first learned about PHP proper exceptions and how to deal with them using the try, throw, and catch methods. Then you saw how to use PHP to validate client HTML form values entered before sending the value to the server. Finally, you learned about PHP regular expressions, which are used almost everywhere in current application programming, allowing you to search for a specific pattern of characters inside a given string.
In the next chapter, you will see PHP and MySQL working together and learn how to create MySQL databases, tables, and use PHP programming code to handle them.