I am having a .php file with the following code. While I am changing the extension of the file as .html then also it is behaving in the same way. Can anyone explain the following:
Why the file is behaving in the same manner with both the
extensions?
What is the difference between the .php and .html file extensions?
.php file
<html>
<head>
<!-- some html code -->
</head>
<body>
<?php echo "Hello!" ?>
</body>
</html>
The filetype is just a way to identify the file, you can't always trust them.
Depending on your web server configuration, you will see different results.
.html is generally use just for html with no serverside code.
.php is used for serverside php code and html if required.
They can be used for anything, it just depends on the setup.
You can configure your web server to handle .php and .html files differently. Your webserver is configured to interpret both as PHP. Most servers handle .php as PHP, and serve .html as-is. That is, if you put your code in an HTML file, the PHP code will not run and will show up in the output.
Some people find it nicer to have .html in the URL instead of .php. It may be useful if your users download your page and try opening them by double-clicking on them.
A php indicates that it is dynamically generated using PHP language. However, you don't see the page as it was originally written, but rather the end result. The end result is, in fact, an html file.
So to answer your question, to the client, a page ending in php or html will support exactly the same contents (which is to say, an html document). Even though browsers shouldn't, they often attempt to visualize tags which make no sense to them (browser interpreting <?php echo "Hello!" ?> for instance might decide "Hello" is the text to display).
Though an html really should never have php tags in it because it isn't meant to be in an html document (php documents are traslated into html documents, thus removing php tags).
an extension is how your operating system recognizes your file and decides what to do do with it i.e. which application should it be opened with.
php is a server side scripting language. It is interpreted by a web server that has php installed on it . For eg in a XAMPP the php.exe file in XAMPP/php folder interprets the php file/commands.
HTML is the standard for sending information over the internet . So the final result of your file is a html page despite whichever serverside scripting language you use. The web server you are using will process the php commands and convert them to corresponding html and send them to your browser. The browser then processes (compiles) the html code to display you your web page.
HTML is essentially all that you see on your browser. PHP is used to interact with the web server and process information that is entered by the user into a web browser via forms or execute underlying third party scripts (such as TCL scripts) under a link to perform a automation functionality in the background hidden from the user who is using on the web site or parse a XML file or extract information from a database or maintain session information and much more.
In general PHP handles the interaction of a web application with a server that is configured to run PHP. HTML simply dumps the results in browser.
You can think of it this way- HTML is simply how your web site looks ... PHP is what makes your site intelligent so that it can interact with a user...
your getting the same result because php can be embedded in html and your web server processes both the files to give you identical results. However if you didn't have php installed on your web server you would get as output in your browser.
The difference lies in how your web server is configured, or whether you need a web server at all when trying to run the files locally (ie - with them on the computer you're currently using).
For example, if you were to run both versions on a computer with no web server installed, the .html file will open in a browser just fine, though without doing anything with any PHP tags. The .php file, however, won't necessarily run and the browser may even try to "download" the file.
What the file extensions are for is to tell a computer what to do with a given extension. Just like your computer will open .doc files in a word processor, or .txt files in a basic text editor. And just like you can tell your computer to open .txt files in your word processor, you can tell the web server to handle .html files the same way as .php files (which is what yours is evidently set up to do).
php is a server side scripting language. Every thing that have a tag php
will be generated by the server and put in the html response.
As far as I Know, depending on the extension the web server will process your file on one way or another. Also, for example, you could have a PHP file that doesn't generate any HTML output, but it redirects to another file.
If you want to give a *.html ended page, you could do it programatically.
you can set any extension to be parsed as PHP, so difference in your case is only in extension. If you disable html files in your Apache configuration to be parsed as php than content of file won't be parsed by PHP. That is all
For example you can add any extension in your Apache configuration to be parsed by php, like this
application/x-httpd-php myextension
where myextension is extension of the file you want to parse.
PHP: Pre Hyper Processot : a server side script language
HTML: Hyper text markup language
".php" and ".html" are just the file extensions however if you want to use php code you must run it off a server which supports php.
PhP is server side.
HTML is client side.
Plus, on the web, filetypes mean nothing. They are overridden by the !DOCTYPE declaration.
Related
Whenever I have to test a design change on an HTML page that's written within an PHP file, I have to make the effort of first uploading it to the webpage and then viewing it through the browser. Normally, if it was an HTML file, you'd just update the browser and see the changes locally. Of course, it's not possible to execute PHP on a browser unless you use XAMPP or whatever, but I consider that to be too much for simple debug. Isn't there a way to open a PHP file as just HTML, ignoring all PHP code for debugging purposes? If not, then I'll just get it with XAMPP. Thanks in advance.
PHP has a built-in webserver, you can utilize that i guess.
php -S localhost:8080
If the script does not require the http stack (which i doubt), you could also do:
php index.php > index.html
Update:
After you executed the command above (php -S), simply type the same url in your browsers address bar.
.html files can translate html and css code. But .php files can do all that an html file can do plus use php. Are there any advantages in using html files over php files, especially in development of a responsive website?
Semantic:
By using *.html/*.htm the reader immediately know, it is just plain HTML
Performance*:
Every html file, that is been requested, is sended by the webserver immediately to the browser.
For every php file, the webserver first starts the PHP interpreter, which is processing the file. After the file is processed, the output is send to the browser.
This means: html takes less cpu power/memory on your webserver. However you will never realy notice it, if you are not serving thousands of requests per second.
* not as much relavant as it's used to be, due to new caching technologies.
Php is a Hypertext Processor that work's on server side. It generate content and send it to a browser which reads the content sent by php. Once it is in the client window, the page is fixed. That's why we use JavaScript on client side so the page can work on its own. It is the server that deal with the php file not the browser. You browser only reads markup language like html.
I was wondering how php files are actually secured. How come one can not download a php file, even if the exact location is known?
When I upload a php file to my webserver, lets say to domain.com/files, and I call the domain.com/files page, I can clearly see the php file and its actual size. Downloading the file however leads to an empty file.
The question then is: How does the security mechanism work exactly?
The web server's responsibility is to take the PHP script and hand it to the PHP interpreter, which sends the HTML (or other) output back to the web server.
A mis-configured web server may fail to handle the PHP script properly, and send it down to the requesting browser in its raw form, and that would make it possible to access PHP scripts directly.
Your web hosting may have a mechanism to list the contents of a directory, but the unless it supplies a download mechanism to supply the PHP script with plain text headers (as opposed to HTML) without handing it to the PHP interpreter, it will be executed as PHP rather than served down.
In order to be able to download the raw PHP file, the server would have to do some extra work (possibly via another PHP script) which reads the PHP file from disk and sends its contents down to the browser with plain text headers.
When you request domain.com/files your web server is setup to show all the files in that directory.
When you request the actual php file the web server executes it and outputs the results back to you - not the source code.
Of course, both of the above can be configured. You could switch of directory listing and disable parsing of php files so the actual file contents/source code is output.
Its usually a good practice to switch off directory listing.
When you first install PHP on your server, it reconfigures Apache so that when a .php file is requested, Apache hands processing over to PHP. PHP then processes the code in the file, and returns whatever text the PHP code echoed or printed to Apache, which then sends that back over the network to the person that requested the PHP file.
The "security" comes simply in that Apache does not simply serve the PHP file, but rather hands it over to the PHP processor for execution. If Apache is not configured correctly or you use a server software that does not recognize PHP, the raw PHP file will be sent to the client.
Short answer: since the server is configured to execute PHP files and return the results, you will never be able to access the PHP source from the outside. All code is executed immediately by the server. So, to answer your question:
The security mechanism is that .php files are executed automatically by the server when they are requested.
This is a huge misconception. When you attempt to access a PHP file over port 80, your request is likely being run through a web server which does something with the file. In the case of PHP, it runs that file through the PHP interpreter, which causes that file to create some output, and that is what is sent to you.
You can easily allow downloading of PHP files by removing the interpreter for that file type. If the web server doesn't have anything special for it and doesn't understand the file, it will just have the client download it.
I want to create a simple webiste with only html pages. I am now including Header, sidebar, footer in every file, which is redundant. So, while looking for solution, I found <?php include, can help me. But my browser is not parsing php content. How can I make it parse php files in html?
Thank you
Since your goal is to create a simple HTML website, with static pages I don't think PHP is the best way to go.
You have two options:
Run PHP on your local computer to pre-process the files:
If you install PHP-cli (command line client), you can use it to process your PHP static pages. Redirect its output to a file and you have your desired output:
php-cli index.php > index.html
Use nanoc (ruby-based) to build your static website:
If you don't have a webserver with PHP enabled, I assume you do not have PHP as a requirement but rather found about <?php include('file') ?> while studying HTML.
With this in mind, I suggest you check out nanoc. It's a tool what uses ruby to help creating static HTML webpages, by providing ways to define a layout (what you're doing with PHP's include) and many other features.
It's quite simple to use and produces static HTML files that you can upload to any server or open with your browser directly and still enables many powerful features while developing your website.
You need to have PHP installed on the server that is running the website. You need to make sure you are naming your files with a valid php extension, e.g. index.php. Can you give us a link to your website where the issue is occurring?
When you enter www.example.com/test.php in the addressbar,the browser contacts the webserver at www.example.com and requests for the file /test.php. Now depending on how your server is configured, you web server will detect the type of the file (usually using the extension). In this case (since the extension is .php), the webserver will detect that the file is a PHP script and will invoke the PHP interpreter. The PHP interpreter will execute the script and generate HTML which is passed on to the web server. Now the web server will return the HTML to the browser.
PHP is a mainly (Yes, it is possible to run PHP within browser) a server side language
This means PHP is not executed in you browser, but on your server
Therefore, you need to have PHP configured correctly on your server to see the correct output
Even if you manage to configure PHP as client side language on your system, remember there is not even < 1% change of your user's browser supporting it.
You can only have webpages, and not website, without a web server
A website (also spelled Web site) is a collection of related web pages, images, videos or other digital assets that are addressed relative to a common Uniform Resource Locator (URL), often consisting of only the domain name (or, in rare cases, the IP address) and the root path ('/') in an Internet Protocol-based network. A web site is hosted on at least one web server, accessible via a network such as the Internet or a private local area network.
You need to have a web server set up with PHP running on it. PHP is an acronym for "PHP: Hypertext Preprocessor". PHP is processed on the server, rendered into HTML content, then sent out of a web browser to be viewed, but no web browser has the ability to processor PHP on its own.
Here are some resources to get you started:
PHP: What do I need?
Your First PHP-enabled Page
Your browser cannot interpret / parse php files.
If you want to test your site locally, you will need to install a local server like WampServer for windows or apache and php in linux.
if I want to view the code of a web page written in html I just need to right click and select view source. Can the same be done with php files so I can learn how certain tasks are being accomplished? Is there a way to hide the code?
Unless the server is very improperly set up, no. Very no.
For example, at the top of my "includes/database.php" file, I have three lines that look like
$host = "localhost";
$username = "myuser";
$password = "mypassword";
You can see why I'd not want that publicly visible...
Generally no and I will tell you why.
What happens is that the browser is asking for a file that the web server can serve to the user. The file has the extension .php for example. The web server is setup so whenever he gets a request for a file with that extension he has to run it through PHP first and use the output from PHP as the output to serve the user.
So the user asks for a file, the web server finds it, sees that PHP has to process it first, PHP does and gives the web server the output (whatever it is) and the web server then gives the user that content.
It can happen that the web server is configured in the wrong way and skips the PHP step, so then the user sees pure PHP but this is very rare and usually spotted immediately.
No, they can't. PHP is a server-side scripting language, the browser never actually sees the php code.
absolutely no way. PHP is processed before being outputted to the browser so its all server side!
You can only view the code if the file extention is .phps
Hypertext pre processor is interpreter which understand the code and convert into html form with the help of webserver so it is notable to view on webserver
But on local machine without Webserver we can see the code