Glossary - PHP Foundations

Abstract Class

A class declared with the abstract keyword that cannot be instantiated directly. It serves as a blueprint for child classes, which must implement its abstract methods. See Lesson 17.

Apache

An open-source web server that processes HTTP requests and serves web pages. In this course, Apache runs PHP files and is part of the LAMP stack. See Lesson 2.

Argument

A value passed to a function when calling it. Compare with parameter, which is the variable name defined in the function signature. See Lesson 7.

Array

A data structure that stores multiple values in a single variable. PHP supports indexed arrays (numeric keys), associative arrays (string keys), and multidimensional arrays. See Lesson 8.

Arrow Function

A shorthand syntax for anonymous functions introduced in PHP 7.4: fn($x) => $x * 2. Arrow functions automatically capture variables from the parent scope. See Lesson 7.

Associative Array

An array that uses named string keys instead of numeric indexes. Example: ['name' => 'Ray', 'age' => 30]. See Lesson 8.

Autoloading

A mechanism that automatically loads class files when they're needed, eliminating the need for manual require statements. Composer provides PSR-4 autoloading. See Lesson 17.

Boolean

A data type with only two possible values: true or false. Used in conditional statements and comparisons. See Lesson 3.

break

A statement that exits a loop (for, while, foreach) or switch block immediately, continuing execution after the block. See Lesson 6.

Class

A blueprint for creating objects, defining properties (data) and methods (behavior). PHP classes support constructors, visibility modifiers, inheritance, and more. See Lesson 16.

Closure

An anonymous function that can capture variables from its surrounding scope using the use keyword. Closures are often used as callbacks. See Lesson 7.

Composer

PHP's dependency manager that handles package installation, autoloading, and versioning. Used extensively in frameworks like Laravel and Symfony. See Lesson 24.

Constructor

A special method (__construct()) that runs automatically when a new object is created. Used to initialize properties. See Lesson 16.

Cookie

A small piece of data stored in the user's browser, sent with every HTTP request to the server. Set with setcookie() and read via $_COOKIE. See Lesson 15.

CRUD

Create, Read, Update, Delete — the four basic database operations. See Lesson 20 and Lesson 21.

CSRF (Cross-Site Request Forgery)

An attack where a malicious site tricks a user's browser into making unwanted requests to another site where the user is authenticated. Prevented with CSRF tokens. See Lesson 23.

DSN (Data Source Name)

A string that tells PDO which database driver, host, database name, and charset to use. Example: mysql:host=localhost;dbname=mydb;charset=utf8mb4. See Lesson 19.

Destructuring

Assigning array elements to individual variables in a single statement. PHP uses list() or the shorthand [$a, $b] = $array. See Lesson 8.

echo

A language construct that outputs one or more strings to the browser. Not technically a function (no return value, no parentheses required). See Lesson 3.

Encapsulation

An OOP principle of hiding internal state and requiring interaction through public methods. Achieved using private and protected visibility modifiers. See Lesson 16.

Exception

An object representing an error condition, thrown with throw and caught with try/catch. PHP's base class is Exception. See Lesson 18.

Expression

Anything that produces a value — a literal, a variable, a function call, or a combination with operators. Example: $x + 5 is an expression. See Lesson 4.

filter_var()

A function for validating and sanitizing data. Examples: filter_var($email, FILTER_VALIDATE_EMAIL) checks if a string is a valid email. See Lesson 12.

foreach

A loop designed for iterating over arrays and objects. Syntax: foreach ($array as $key => $value). See Lesson 6.

Function

A reusable block of code that performs a specific task. PHP has thousands of built-in functions and supports user-defined functions. See Lesson 7.

$_GET

A superglobal array containing data sent via URL query parameters (?key=value). Visible in the URL and limited in size. See Lesson 11.

Heredoc / Nowdoc

Multi-line string syntaxes. Heredoc (<<<EOT) allows variable interpolation; Nowdoc (<<<'EOT') treats content as a literal string. See Lesson 10.

htmlspecialchars()

A function that converts special HTML characters to their entity equivalents (e.g., < → <), preventing XSS attacks. See Lesson 12 and Lesson 23.

include / require

Statements that insert the contents of one PHP file into another. require causes a fatal error if the file is missing; include only produces a warning. The _once variants prevent double-loading. See Lesson 13.

Inheritance

An OOP mechanism where a child class (extends) inherits properties and methods from a parent class, and can override or extend them. See Lesson 17.

Interface

A contract that defines method signatures a class must implement, without providing implementations. A class can implement multiple interfaces. See Lesson 17.

LAMP Stack

Linux, Apache, MySQL, PHP — a popular open-source web development stack. This course uses the full LAMP stack. See Lesson 2.

Loose Comparison

Comparison using == that performs type juggling before comparing. Example: "5" == 5 is true. Contrast with strict comparison (===). See Lesson 4.

match

A PHP 8 expression similar to switch but with strict comparison, no fall-through, and the ability to return a value. See Lesson 5.

Method

A function defined inside a class. Methods can be public, protected, or private, and can be static. See Lesson 16.

Namespace

A way to organize code and avoid name collisions between classes, functions, or constants. Declared with namespace App\Models;. See Lesson 17.

Null Coalescing Operator (`??`)

Returns the left operand if it exists and is not null, otherwise returns the right operand. Example: $name = $_POST['name'] ?? 'Guest'. See Lesson 4.

Object

An instance of a class. Created with the new keyword: $user = new User(). See Lesson 16.

OOP (Object-Oriented Programming)

A programming paradigm that organizes code into classes and objects, emphasizing encapsulation, inheritance, and polymorphism. See Lessons 16–17.

Parameter

A variable declared in a function's definition that receives a value (argument) when the function is called. See Lesson 7.

password_hash()

A function that creates a secure, salted hash of a password using bcrypt (by default). Always use this instead of md5() or sha1(). See Lesson 23.

PDO (PHP Data Objects)

A database abstraction layer that provides a consistent interface for connecting to different databases. Supports prepared statements for security. See Lessons 19–20.

$_POST

A superglobal array containing data sent via HTTP POST method (typically from form submissions). Data is not visible in the URL. See Lesson 11.

Prepared Statement

A pre-compiled SQL query with placeholders (? or :name) for values. Prevents SQL injection by separating SQL logic from data. See Lesson 19.

Property

A variable defined inside a class that holds data for each object instance. Properties have visibility modifiers (public, protected, private). See Lesson 16.

Return Type

A type declaration after a function's parameter list that specifies what type of value the function returns. Example: function add(int $a, int $b): int. See Lesson 7.

Sanitization

The process of cleaning user input by removing or encoding dangerous characters. Distinct from validation (which checks if data meets criteria). See Lesson 12.

Scope

The region of code where a variable is accessible. PHP has function scope (local variables), global scope, and the use keyword for closures. See Lesson 7.

$_SERVER

A superglobal array containing information about the server environment, request method, script path, client IP, and more. See Lesson 14.

Session

A mechanism for persisting data across multiple page requests for the same user. Data is stored on the server; the browser holds only a session ID cookie. See Lesson 15.

SQL Injection

An attack where malicious SQL is inserted into a query through user input. Prevented by using prepared statements with bound parameters. See Lesson 23.

Spread Operator (`...`)

Unpacks an array into individual arguments or collects multiple arguments into an array. Works in function calls, definitions, and array expressions (PHP 7.4+). See Lesson 8.

Static

A keyword that makes a property or method belong to the class itself rather than to instances. Accessed with ClassName::method(). See Lesson 16.

Strict Comparison

Comparison using === that checks both value and type without type juggling. "5" === 5 is false. See Lesson 4.

Superglobal

A built-in PHP array that is accessible from any scope without the global keyword. Includes $_GET, $_POST, $_SESSION, $_COOKIE, $_SERVER, $_FILES, and $_ENV. See Lesson 14.

Ternary Operator

A shorthand if/else: $result = condition ? value_if_true : value_if_false. See Lesson 4.

$this

A pseudo-variable inside a class that refers to the current object instance. Used to access properties and methods: $this->name. See Lesson 16.

Trait

A mechanism for code reuse in single-inheritance languages. A trait provides methods that can be used in multiple classes via the use keyword. See Lesson 17.

Transaction

A sequence of database operations that either all succeed or all fail together. Managed with beginTransaction(), commit(), and rollBack(). See Lesson 20.

try/catch

A control structure for handling exceptions. Code in try is executed; if it throws an exception, execution jumps to catch. See Lesson 18.

Type Hinting

Specifying the expected data type of function parameters and return values. Example: function greet(string $name): string. See Lesson 7.

Type Juggling

PHP's automatic conversion between data types in certain contexts. Example: "5" + 3 produces 8 (string converted to int). See Lesson 3.

Validation

Checking that user input meets expected criteria (correct format, within range, required fields present). Distinct from sanitization. See Lesson 12.

Visibility

Access modifiers for class properties and methods: public (accessible everywhere), protected (class and children), private (class only). See Lesson 16.

XSS (Cross-Site Scripting)

An attack where malicious JavaScript is injected into a web page through unsanitized user input. Prevented by escaping output with htmlspecialchars(). See Lesson 23.

A