.php

PHP Source Code

PHP (.php) files contain server-side scripting code executed by the Zend Engine to generate dynamic web pages. Created by Rasmus Lerdorf in 1994, PHP powers approximately 77% of all websites with a known server-side language, including WordPress, which runs 43% of the web.

اقرأ المزيد ↓

بنية الصيغة

Header schema

Records structured data

Source CodeText FormatPHP 8.3+Zend Engine1994

بواسطة FileDex

غير قابل للتحويل

Source code format. Conversion is not applicable.

أسئلة شائعة

What program opens a PHP file?

Any text editor can open and read a PHP file since it is plain UTF-8 text. To view it with syntax highlighting, use VS Code (free, with PHP Intelephense extension) or PhpStorm. To execute a PHP file, you need the PHP interpreter installed. Run php script.php from the command line, or set up a local web server like XAMPP, Laragon, or php -S localhost:8080.

Is PHP still relevant in 2025?

Yes. PHP powers approximately 77% of all websites with a known server-side language, including WordPress (43% of the entire web), Wikipedia, and Facebook's original codebase. PHP 8.x is a modern language with JIT compilation, named arguments, match expressions, fibers, and a rich type system. While Node.js and Python have gained share in new projects, PHP remains dominant in CMS and e-commerce.

PHP vs Python vs Node.js for web development?

PHP is purpose-built for web: it integrates with HTML naturally, has Apache/Nginx modules for zero-config deployment, and has the largest CMS ecosystem (WordPress, Drupal, Magento). Python (Django/FastAPI) excels when your project overlaps with data science or ML. Node.js shines for real-time apps (chat, live dashboards) due to its event loop. For traditional web applications, PHP's deployment simplicity and ecosystem size are hard to beat.

How do I run PHP on Windows?

The easiest path is XAMPP (free): install it, put your .php files in the htdocs folder, start Apache from the XAMPP control panel, and open http://localhost/yourfile.php in a browser. Alternatively, install PHP directly from php.net and use the built-in server: php -S localhost:8080. Laragon is a popular modern alternative with a cleaner interface.

What is the PHP white screen of death?

A blank white screen usually means a fatal PHP error occurred but error display is disabled. Enable temporarily with ini_set('display_errors', 1); error_reporting(E_ALL); at the top of your script, or check the PHP error log. Common causes: syntax error in an included file, memory limit exceeded, or a missing required extension.

PHP vs Python vs Node.js — which to use for web development?

PHP is purpose-built for web: it integrates with HTML naturally, has Apache/Nginx modules for zero-config deployment, and has the largest CMS ecosystem (WordPress, Drupal, Magento). Python (Django/FastAPI) excels when your project overlaps with data science or ML. Node.js shines for real-time apps (chat, live dashboards) due to its event loop. For traditional web applications, especially content-heavy sites, PHP's deployment simplicity and ecosystem size are hard to beat.

What are PHP security best practices?

Never use user input directly in SQL — use PDO prepared statements. Sanitize all output with `htmlspecialchars()` before echoing into HTML. Never include files based on user-controlled input. Hash passwords with `password_hash($pass, PASSWORD_BCRYPT)` — never MD5 or SHA1. Disable `display_errors` in production php.ini. Keep PHP updated (PHP 8.1+ receives security patches). Use `open_basedir` to restrict file access. Validate and whitelist, never blacklist.

ما يميز .PHP

What is a PHP file?

PHP (PHP: Hypertext Preprocessor — a recursive acronym) files contain server-side scripting code executed by a web server to generate dynamic HTML. Originally created by Rasmus Lerdorf in 1994 as simple CGI scripts for his personal website, PHP grew into one of the most widely deployed server-side languages in the world. Approximately 77% of all websites with a known server-side language use PHP — including WordPress, which alone powers over 43% of the web.

اكتشف التفاصيل التقنية

PHP code executes on the server (not in the browser), and the client receives only the resulting HTML. A .php file can contain HTML, CSS, JavaScript, and PHP code mixed together, though modern PHP applications separate these concerns through templating engines and MVC frameworks.

How to open PHP files

VS Code (Windows, macOS, Linux) — With PHP Intelephense or PHP Tools extension
PhpStorm (Windows, macOS, Linux) — The most feature-complete PHP IDE (JetBrains)
PHP interpreter — php script.php to execute from the command line
XAMPP / WAMP / Laragon — Local development servers for running PHP
Any text editor — PHP files are plain UTF-8 text

Technical specifications

Property	Value
Typing	Dynamic with optional strict types (PHP 7+)
Paradigm	Multi-paradigm (OOP, procedural, functional)
Engine	Zend Engine
Package manager	Composer (Packagist registry)
Current version	PHP 8.3+
Execution	Server-side, interpreted (JIT in PHP 8+)
Config	`php.ini` controls runtime behavior

Common use cases

CMS platforms: WordPress, Drupal, Joomla — all PHP-based
Web frameworks: Laravel (most popular), Symfony, CodeIgniter, Slim
E-commerce: WooCommerce, Magento, PrestaShop
API development: RESTful backends with Laravel or Slim
Legacy systems: Large amounts of enterprise PHP code from the 2000s still runs today

PHP code example

<?php
declare(strict_types=1);

class UserRepository
{
    public function __construct(private PDO $db) {}

    public function findByEmail(string $email): ?array
    {
        $stmt = $this->db->prepare(
            'SELECT id, name, email FROM users WHERE email = ?'
        );
        $stmt->execute([$email]);
        return $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
    }
}

// Usage
$user = $repo->findByEmail('alice@example.com');
echo $user ? "Found: {$user['name']}" : "Not found";

Modern PHP (8.x features)

PHP 8 introduced significant improvements that bring it closer to modern language standards:

Named arguments: array_slice(array: $a, offset: 1, length: 3)
Match expressions: Type-safe switch replacement
Nullsafe operator: $user?->address?->city
Union types: function foo(int|string $value): void
Fibers: Cooperative multitasking (async primitives)
JIT compiler: Just-in-time compilation for CPU-intensive tasks
Readonly properties: public readonly string $name
Enums: enum Status { case Active; case Inactive; }

Security considerations

PHP's history includes common vulnerabilities that modern code must avoid:

SQL injection: Always use PDO prepared statements or an ORM — never concatenate user input into SQL queries
XSS: Use htmlspecialchars($output, ENT_QUOTES, 'UTF-8') before echoing user content into HTML
File inclusion: Never use user input in include/require paths (include $_GET['page'] is catastrophic)
Password hashing: Use password_hash($password, PASSWORD_BCRYPT) — never MD5 or SHA1

Composer and the PHP ecosystem

composer init                    # Create composer.json
composer require laravel/framework  # Install package
composer install                 # Install from composer.lock
composer update                  # Update dependencies
composer dump-autoload           # Regenerate class autoloader

Composer handles dependency management and PSR-4 autoloading. The Packagist repository hosts over 350,000 packages. Nearly all modern PHP projects use Composer.

المرجع التقني

المواصفات CLI التحويلات الأمان المنظومة

نوع MIME: text/x-php
المطوّر: Rasmus Lerdorf
سنة التقديم: 1995
معيار مفتوح: نعم

البنية الثنائية

PHP source files are plain-text documents encoded in UTF-8. There are no binary headers or magic bytes, though PHP files typically begin with the <?php opening tag. A PHP file can contain HTML, CSS, and JavaScript interspersed with PHP code blocks delimited by <?php and ?>. The Zend Engine tokenizes the source, compiles it to opcodes (an internal bytecode), and executes those opcodes. OPcache stores compiled opcodes in shared memory to skip re-parsing on subsequent requests. The closing ?> tag is optional and omitted in pure PHP files to prevent accidental whitespace output.

1994Rasmus Lerdorf creates PHP/FI as Perl CGI scripts to track visits to his resume1997Zeev Suraski and Andi Gutmans rewrite the parser; PHP 3 released as a collaborative open-source project1999Zend Engine 1.0 released; PHP 4 launches with improved performance and session support2004PHP 5 introduces Zend Engine 2.0, proper OOP model, PDO, and exception handling2015PHP 7 launches with 2x performance over PHP 5, scalar type declarations, and null coalescing operator2020PHP 8.0 released with JIT compiler, named arguments, match expressions, and union types2023PHP 8.3 released with typed class constants, json_validate(), and granular DateTime exceptions

Run a PHP script from the command line أخرى

php script.php

Execute a PHP file using the installed PHP CLI interpreter

Start the built-in PHP development server أخرى

php -S localhost:8080 -t public/

Launch PHP's built-in web server serving files from the public/ directory

Check PHP version and loaded extensions أخرى

php -v && php -m

Print PHP version information and list all loaded modules/extensions

Install Composer dependencies أخرى

composer install --no-dev --optimize-autoloader

Install production dependencies from composer.lock and generate optimized class map

Lint a PHP file for syntax errors أخرى

php -l script.php

Check a PHP file for syntax errors without executing it

Parse a PHP file in Python (read as text) أخرى

# PHP files are plain UTF-8 text — read like any source file
with open('script.php', 'r', encoding='utf-8') as f:
    source = f.read()

# Count PHP functions defined in the file
import re
functions = re.findall(r'function\s+(\w+)\s*\(', source)
print(f"Found {len(functions)} functions: {functions}")

Read and analyze a PHP source file using Python's standard file I/O

PHP → OPCACHE BYTECODE render lossless The Zend Engine compiles PHP source to opcodes on first request. OPcache stores compiled opcodes in shared memory, eliminating re-parsing overhead on subsequent requests.

PHP → STATIC HTML render lossy Running a PHP script through the CLI or web server produces the final HTML output. Static site generators like Jigsaw use PHP templates to produce static HTML files for deployment.

PHP → PHAR ARCHIVE render lossless PHAR (PHP Archive) bundles an entire PHP application into a single distributable file that can be executed directly by the PHP interpreter.

عالي

نقاط الضعف

Remote File Inclusion (RFI)
Local File Inclusion (LFI)
Unsafe unserialize()
PHP-FPM RCE via nginx misconfiguration
PHP type juggling
open_basedir bypass

الحماية:

PHP Interpreter أداة

The official CPython-equivalent runtime; executes .php files server-side

Composer أداة

Dependency manager for PHP; reads composer.json and installs from Packagist

Laravel مكتبة

The most popular PHP framework with MVC, Eloquent ORM, Artisan CLI, and Blade templates

Symfony مكتبة

Enterprise-grade PHP framework; many Laravel components are built on Symfony

WordPress أداة

PHP CMS powering 43%+ of all websites; most .php files on the web are WordPress

XAMPP أداة

Cross-platform local dev stack (Apache + MariaDB + PHP) for running PHP locally

PhpStorm أداة

JetBrains IDE with type inference, refactoring, and Xdebug integration for PHP

VS Code أداة

Free editor with PHP support via PHP Intelephense or PHP Tools extensions