Rectangle 27 1

Basically there problems with this as soon as it gets a bit more complicated and you need to query e.g. a lot of objects at once, or you have joins, and so on.

Let's take $this->getRowFromPlayers. I'm assuming, that that method will fetch one row from the database. So you already have a bottleneck here because you'll have to run n separate queries for each of your n IDs when you want to get like a list of objects by their IDs, which is very inefficient. So you'll have to construct objects from the outside, mapping a result of multiple rows from the database to newly constructed (or cached) objects.

Another problem often comes up in that your objects don't exactly are the table rows, they are just mapped onto objects, so testing by identity is mostly meaningless unless you keep track of objects and return the same object for the same row of a table. It gets complicated very fast.

Obviously there are already solutions for this, so I suggest you take a look at existing PHP libraries for this.

Sign up for our newsletter and get our top new questions delivered to your inbox (see an example).

php object-oriented sql mysql
Rectangle 27 4

password_hash()

As for encrypting user information, you probably don't want to be rolling your own library either, there are many existing PHP libraries for encrypting that will save you from making mistakes, such as Defuse, PHPSecLib, PHPCrypt, etc.

You will get no benefit from doing this. MD5 is not adequate for password hashing. PHP's password_hash() is very specifically designed to do password hashing, and it will be automatically upgraded in the future, saving you from problems down the road.

Please do not try to invent new security schemes. The chances are huge that you will end up with something that's not secure at all or at least not as secure as you' expect. Encryption is a delicate art and we should rely on trusted libraries which have been scutinized by some experts.

@MuhammadSumonMollaSelim it is a mistake to think this way. Merely throwing more hash mehtods at it, that aren't designed for password hashing (but instead, like with MD5, are designed for high speed hashing, and have many security flaws) does not enhance security. PHP's password_hash() already does what is needed. It will run proper hash methods hundreds/thousands of times for you, automatically.

@FredPerryMunnelly "Is there a library that you would recommend?" paragonie.com/blog/2015/11/

Encrypting data with PHP and MYSQL (SHA1, MD5, MCRYPT_RIHNDAEL_256) - ...

php mysql encryption hash sha1
Rectangle 27 279

PHP String Encryption Example with Libsodium

To implement authenticated encryption, you want to Encrypt then MAC. The order of encryption and authentication is very important! One of the existing answers to this question made this mistake; as do many cryptography libraries written in PHP.

You should avoid implementing your own cryptography, and instead use a secure library written by and reviewed by cryptography experts.

Both of the libraries linked above above make it easy and painless to implement authenticated encryption into your own libraries.

If you still want to write and deploy your own cryptography library, against the conventional wisdom of every cryptography expert on the Internet, these are the steps you would have to take.

  • Encrypt using AES in CTR mode. You may also use GCM (which removes the need for a separate MAC). Additionally, ChaCha20 and Salsa20 (provided by libsodium) are stream ciphers and do not need special modes.
  • Unless you chose GCM above, you should authenticate the ciphertext with HMAC-SHA-256 (or, for the stream ciphers, Poly1305 -- most libsodium APIs do this for you). The MAC should cover the IV as well as the ciphertext!
  • Unless Poly1305 or GCM is used, recalculate the MAC of the ciphertext and compare it with the MAC that was sent using hash_equals(). If it fails, abort.
  • Do not compress anything ever. Ciphertext is not compressible; compressing plaintext before encryption can lead to information leaks (e.g. CRIME and BREACH on TLS).
mb_strlen()
mb_substr()
'8bit'
mbstring.func_overload
mcrypt_create_iv()
MCRYPT_RAND
bin2hex()

Even if you follow the advice given here, a lot can go wrong with cryptography. Always have a cryptography expert review your implementation. If you are not fortunate enough to be personal friends with a cryptography student at your local university, you can always try the Cryptography Stack Exchange forum for advice.

Don't encrypt passwords. You want to hash them instead, using one of these password-hashing algorithms:

Never use a general-purpose hash function (MD5, SHA256) for password storage.

If you do not have libsodium installed, you can use sodium_compat to accomplish the same result (albeit slower).

<?php
// This requires the libsodium PECL extension

/**
 * Encrypt a message
 * 
 * @param string $message - message to encrypt
 * @param string $key - encryption key
 * @return string
 */
function safeEncrypt($message, $key)
{
    $nonce = \Sodium\randombytes_buf(
        \Sodium\CRYPTO_SECRETBOX_NONCEBYTES
    );

    $cipher = base64_encode(
        $nonce.
        \Sodium\crypto_secretbox(
            $message,
            $nonce,
            $key
        )
    );
    \Sodium\memzero($message);
    \Sodium\memzero($key);
    return $cipher;
}

/**
 * Decrypt a message
 * 
 * @param string $encrypted - message encrypted with safeEncrypt()
 * @param string $key - encryption key
 * @return string
 */
function safeDecrypt($encrypted, $key)
{   
    $decoded = base64_decode($encrypted);
    $nonce = mb_substr($decoded, 0, \Sodium\CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
    $ciphertext = mb_substr($decoded, \Sodium\CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');

    $plain = \Sodium\crypto_secretbox_open(
        $ciphertext,
        $nonce,
        $key
    );
    \Sodium\memzero($ciphertext);
    \Sodium\memzero($key);
    return $plain;
}
<?php
// This refers to the previous code block.
require "safeCrypto.php"; 

// Do this once then store it somehow:
$key = \Sodium\randombytes_buf(
    \Sodium\CRYPTO_SECRETBOX_KEYBYTES
);
$message = 'We are all living in a yellow submarine';

$ciphertext = safeEncrypt($message, $key);
$plaintext = safeDecrypt($ciphertext, $key);

var_dump($ciphertext);
var_dump($plaintext);

One of the projects I've been working on is an encryption library called Halite, which aims to make libsodium easier and more intuitive.

<?php
use \ParagonIE\Halite\KeyFactory;
use \ParagonIE\Halite\Symmetric\Crypto as SymmetricCrypto;

// Generate a new random symmetric-key encryption key. You're going to want to store this:
$key = new KeyFactory::generateEncryptionKey();
// To save your encryption key:
KeyFactory::save($key, '/path/to/secret.key');
// To load it again:
$loadedkey = KeyFactory::loadEncryptionKey('/path/to/secret.key');

$message = 'We are all living in a yellow submarine';
$ciphertext = SymmetricCrypto::encrypt($message, $key);
$plaintext = SymmetricCrypto::decrypt($ciphertext, $key);

var_dump($ciphertext);
var_dump($plaintext);

All of the underlying cryptography is handled by libsodium. Obviously, this means you need the PECL extension to use Halite.

<?php
/**
 * This requires https://github.com/defuse/php-encryption
 * php composer.phar require defuse/php-encryption
 * 
 * Note that v2.0.0 is around the corner and this might need
 * to be edited when it's finally released.
 */

use \Defuse\Crypto\Crypto;

require "vendor/autoload.php";

// Do this once then store it somehow:
$key = Crypto::createNewRandomKey();

$message = 'We are all living in a yellow submarine';

$ciphertext = Crypto::encrypt($message, $key);
$plaintext = Crypto::decrypt($ciphertext, $key);

var_dump($ciphertext);
var_dump($plaintext);
Crypto::encrypt()
base64_encode()
base64_decode()

If you're tempted to use a "password", stop right now. You need a random 128-bit encryption key, not a human memorable password.

You can store an encryption key for long-term use like so:

$storeMe = bin2hex($key);

And, on demand, you can retrieve it like so:

$key = hex2bin($storeMe);

I strongly recommend just storing a randomly generated key for long-term use instead of any sort of password as the key (or to derive the key).

That's a bad idea, but okay, here's how to do it safely.

First, generate a random key and store it in a constant.

/**
 * Replace this with your own salt! 
 * Use bin2hex() then add \x before every 2 hex characters, like so:
 */
define('MY_PBKDF2_SALT', "\x2d\xb7\x68\x1a\x28\x15\xbe\x06\x33\xa0\x7e\x0e\x8f\x79\xd5\xdf");

Note that you're adding extra work and could just use this constant as the key and save yourself a lot of heartache!

Then use PBKDF2 (like so) to derive a suitable encryption key from your password rather than encrypting with your password directly.

/**
 * Get an AES key from a static password and a secret salt
 * 
 * @param string $password Your weak password here
 * @param int $keysize Number of bytes in encryption key
 */
function getKeyFromPassword($password, $keysize = 16)
{
    return hash_pbkdf2(
        'sha256',
        $password,
        MY_PBKDF2_SALT,
        100000, // Number of iterations
        $keysize,
        true
    );
}

Don't just use a 16-character password. Your encryption key will be comically broken.

password_hash()
password_verify()

"Do not compress anything ever." You mean like HTTP, spdy and other protocols do? Before TLS? Absolutist advice much?

@ScottArciszewski I like your comment about key "// Do this once then store it somehow:" .. somehow, lol :)) well how about storing this 'key' (which is object) as plain string, hardcoded? I need the key itself, as a string. Can I get it from this object somehow? Thanks

function getKeyFromPassword($password, $keysize = \Sodium\CRYPTO_SECRETBOX_KEYBYTES)

security - How do you Encrypt and Decrypt a PHP String? - Stack Overfl...

php security encryption cryptography encryption-symmetric
Rectangle 27 3

Composer is a tool for dependency management in PHP. It allows you to declare the dependent libraries your project needs and it will install them in your project for you.

Composer Manager provides a gateway to the larger PHP community by enabling Drupal modules to more easily use best-in-breed libraries that are managed by Composer.

8 libraries
Rectangle 27 2

There is definitely a risk of breaking something by simply dropping in PHP5. See the PHP 4 to PHP 5 migration index, most notably, the Backward Incompatible Changes section. Considering that PHP5 came out in, what... 2004? -- I think it's perfectly reasonable to have clients expect that you're going to keep your environment up to date and that clinging to PHP4 prevents you from doing so. In addition, not embracing PHP5 is going to just cause more problems like this as you continue to develop sites with 3rd party libraries that are being kept up-to-date. I.e., if they're expecting more work, this will just continue to happen more and more often.

Edit: Alternatively, if you simply can't switch them to 5, you might be able to get them to start another hosting account and set that one to 5 -- then use that to migrate the sites over one at a time.

Ok, thank you very much for your answer!

backwards compatibility - Upgrading web server from PHP 4 to PHP 5. An...

php backwards-compatibility
Rectangle 27 5

You should try the following. They are some useful PHP libraries for PDF documents:

See Stack Overflow questions Generate PDF from HTML PHP and How to generate PDF files with PHP?.

It's your choice with which you feel more comfortable.

So there are no pdf functions shipped with php, a library it is then .. thanks all

PHP PDF functions - Stack Overflow

php pdf
Rectangle 27 5

You should try the following. They are some useful PHP libraries for PDF documents:

See Stack Overflow questions Generate PDF from HTML PHP and How to generate PDF files with PHP?.

It's your choice with which you feel more comfortable.

So there are no pdf functions shipped with php, a library it is then .. thanks all

PHP PDF functions - Stack Overflow

php pdf
Rectangle 27 6

  • You can't use any of the pre-existing PHP applications and libraries.

Although those may not always be considered disadvantages per se.

javascript - Disadvantages of using NodeJS instead of PHP - Stack Over...

php javascript node.js
Rectangle 27 12

Libraries are easy to write but they have a few restrictions. Constructors can only take an array as a parameter and it's assumed that only one class will exist per file.

You can include any of your own classes to work with them however you want, as this is only PHP ofc :)

include APPPATH . 'classes/foo.php';
$foo = new Foo;

Or set up an __autoload() function in your config.php (best place for it to be) and you can have access to your classes without having to include them.

php - Loading custom classes in CodeIgniter? - Stack Overflow

php codeigniter
Rectangle 27 22

Getting a Certificate Bundle

If you are using PHP 5.6 with Guzzle, Guzzle has switched to using the PHP libraries autodetect for certificates rather than it's process (ref). PHP outlines the changes here.

You can to dump where PHP is looking using:

var_dump(openssl_get_cert_locations());

For OS X testing, you can use homebrew to install openssl brew install openssl and then use openssl.cafile=/usr/local/etc/openssl/cert.pem in your php.ini or Zend Server settings (under OpenSSL).

A certificate bundle is also available from curl/Mozilla on the curl website: https://curl.haxx.se/docs/caextract.html

Once you have a bundle, either place it where PHP is already looking (which you found out above) or update openssl.cafile in php.ini. (Generally, /etc/php.ini or /etc/php/7.0/cli/php.ini or /etc/php/php.ini on Unix.)

YES. After seeing too many people suggest the obviously wrong approach of downgrading by multiple version numbers, this stands as the correct approach imho. I had followed others' advice about the cafile but didn't have a means of testing why it still didn't load. This openssl_get_cert_locations() function really did the job in identifying my problem. Thanks!

php - cURL error 60: SSL certificate: unable to get local issuer certi...

php ssl curl wamp stripe-payments
Rectangle 27 15

Personally I sanitize all my data with some PHP libraries before going into the database so there's no need for another XSS filter for me.

directives.directive('ngBindHtmlUnsafe', [function() {
    return function(scope, element, attr) {
        element.addClass('ng-binding').data('$binding', attr.ngBindHtmlUnsafe);
        scope.$watch(attr.ngBindHtmlUnsafe, function ngBindHtmlUnsafeWatchAction(value) {
            element.html(value || '');
        });
    }
}]);
<div ng-bind-html-unsafe="group.description"></div>
$sce
app.config(['$sceProvider', function($sceProvider) {
    $sceProvider.enabled(false);
}]);

I am unclear what the difference is between the two examples. One of our team members has a problem where they have System.out.println(Hello World!); in the database. She is using <div data-ng-bind-html="text"></div> and it appears on the page as: System.out.println(Hello World!);. Are you saying that using your ngBindHtmlUnsafe directive would fix this problem?

@Alan I believe it would work if it was <script>System.out.printIn("Hello World!");</script>, haven't tried this personally because my PHP removed all JS from user input. I removed my second example because Angular's native one is superior in every way just use that one.

How to do this for summernote editor, initially i will get the json data(which contains html) from server, in summernote i am using ng-model. how to make the code as trusted to display in summernote editor

angularjs - How do you use $sce.trustAsHtml(string) to replicate ng-bi...

angularjs
Rectangle 27 15

Personally I sanitize all my data with some PHP libraries before going into the database so there's no need for another XSS filter for me.

directives.directive('ngBindHtmlUnsafe', [function() {
    return function(scope, element, attr) {
        element.addClass('ng-binding').data('$binding', attr.ngBindHtmlUnsafe);
        scope.$watch(attr.ngBindHtmlUnsafe, function ngBindHtmlUnsafeWatchAction(value) {
            element.html(value || '');
        });
    }
}]);
<div ng-bind-html-unsafe="group.description"></div>
$sce
app.config(['$sceProvider', function($sceProvider) {
    $sceProvider.enabled(false);
}]);

I am unclear what the difference is between the two examples. One of our team members has a problem where they have System.out.println(Hello World!); in the database. She is using <div data-ng-bind-html="text"></div> and it appears on the page as: System.out.println(Hello World!);. Are you saying that using your ngBindHtmlUnsafe directive would fix this problem?

@Alan I believe it would work if it was <script>System.out.printIn("Hello World!");</script>, haven't tried this personally because my PHP removed all JS from user input. I removed my second example because Angular's native one is superior in every way just use that one.

How to do this for summernote editor, initially i will get the json data(which contains html) from server, in summernote i am using ng-model. how to make the code as trusted to display in summernote editor

angularjs - How do you use $sce.trustAsHtml(string) to replicate ng-bi...

angularjs
Rectangle 27 5

A bundle must not embed third-party PHP libraries. It should rely on the standard Symfony autoloading instead.

This means that you shouldn't copy code of other libraries to your Bundle (directory). Instead that you should add them as a dependencies to your composer.json.

php - Symfony 2 reusable bundles - Stack Overflow

php symfony reusability bundles
Rectangle 27 15

I suggest setting ZF path as library for your ide (Preferences > PHP > PHP Libraries > New > Add External Folder). And then for your project: RMB on project in sidebar > Properties > PHP Include Path > Add Library > User Library > select your library.

I develop full time in Zend and this way is the best so far ;) (if you don't want to pay for ZendStudio ;)

BTW You don't HAVE TO set include path in php.ini. Your app bootstrap can set the paths too. Consult the manual quicstart (framework.zend.com/manual/en/learning.quickstart.intro.html)

The pic in the first link is missing.

php - Zend Framework Plugin for Eclipse PDT - Stack Overflow

php eclipse zend-framework eclipse-pdt
Rectangle 27 1

The trade off between using a command line call and using a library is speed of your application, and speed of the computer your application is running on.

Every-time you make a command line call like that, PHP has to fork a process (two actually, the shell and then the command you want to run). What this means is, your computer has to start up another application. This is an expensive things that eats up a lot of system resources. Think about what happens if you (or your startup process) try to start too many programs at once on your computer.

When you use a library, no processes have to be forked. PHP itself is doing the work those other applications would do.

That said, I've known a lot of production web applications that get away with making calls to command line applications that aren't available via PHP libraries. If it's a low traffic part of an application, or a page that doesn't get hit that often, you MIGHT be able to get away with it, but you're buying yourself a world of hurt when it comes time to scale.

There's also security to consider. When you run a command from PHP like that, if you're using variables to build up the command string, you risk something like

;rm -rf /

Being injected into your command, which would be bad (rm -rf / will delete your entire file system). Yes, you can escape your input variables to handle this, but ask any veteran PHP developer how hand escape SQL queries worked out.

So, in short, you can probably get away with it, but it's not a best practice and you're buying yourself a load of pain in the future when the s--- hits the fan.

PHP library or command line? - Stack Overflow

php command-line curl imagemagick
Rectangle 27 2

Q: Is there a client library to consume an OData feed available for my

A: OData client libraries are available for a range of platforms including .NET and Silverlight through WCF Data Services, as well as AJAX, PHP, Java and the IPhone.

no

Thanks... This could be the answer but I prefer to leave the question open so we all get notified if a python library shows up one day and someone leaves a comment here.

Yea, always leave questions open, other people might find it usefull as well :-)

OData Python Library available? - Stack Overflow

python odata
Rectangle 27 2

Q: Is there a client library to consume an OData feed available for my

A: OData client libraries are available for a range of platforms including .NET and Silverlight through WCF Data Services, as well as AJAX, PHP, Java and the IPhone.

no

Thanks... This could be the answer but I prefer to leave the question open so we all get notified if a python library shows up one day and someone leaves a comment here.

Yea, always leave questions open, other people might find it usefull as well :-)

OData Python Library available? - Stack Overflow

python odata
Rectangle 27 9

Preparation step 1: Install gettext and the locales on the server

I know this is an old question, but I feel that the answers are lacking a more hands-on approach from start to finish. This is what I did to get translation working using PHP's gettext library and Poedit without using any additional PHP libraries on a Debian server:

I am not sure how this is done with other operating systems, but for Debian, you do:

sudo apt-get install gettext
sudo dpkg-reconfigure locales

Edit: I assumed Ubuntu would be the same as Debian, but apparently it's slightly different. See this page for instructions for installing locales on Ubuntu.

Make sure you select all of the locales that you want to use. You should then see something like:

Generating locales (this might take a while)...
  en_US.UTF-8... done
  es_MX.UTF-8... done
  fr_FR.UTF-8... done
  zh_CN.UTF-8... done
Generation complete.

Note: Make sure you select the right variants and character encodings (most likely UTF-8) for each language. If you install es_MX.UTF-8 and try to use es_ES.UTF-8 or es_MX.ISO-8859-1 it won't work.

Poedit is available from the software repository for most Linux operating systems. For Debian-based, just execute:

sudo apt-get install poedit

Ok, now you're ready to get started coding. I wrote the following gettext() wrapper function to translate both singular and plurals:

function __($text, $plural=null, $number=null) {
    if (!isset($plural)) {
        return _($text);
    }
    return ngettext($text, $plural, $number);
}
// Singular
echo __('Hello world');

// Plural
$exp = 3;
printf(
    __(
        'Your account will expire in %d day',
        'Your account will expire in %d days',
        $exp
    ),
    $exp
);

This will work for all languages, not only languages where plural is anything where n != 1 - this includes languages with multiple plural types.

You can also add translator notes like this:

/** NOTE: The name Coconut Hotel is a brand name and shouldn't be 
 translated.
*/
echo __('Welcome to Coconut Hotel');

You can change the text from NOTE to whatever you want, but you will have to alter it in the shell script below. Important: The translators note must be part of a comment on the line immediately preceding the __() function or it won't be picked up when we scan the PHP files for translatable strings.

// Warning! THIS WILL NOT WORK!
/* NOTE: This translator's note will not be picked up because it is
not immediately preceding the __() function. */
printf(
    __(
        'Your account will expire in %d day',
        'Your account will expire in %d days',
        $exp
    ),
    $exp
);
// Warning! THIS WILL NOT WORK!

After you are ready to send the strings off to the translators, save the following as a shell script (e.g. update.sh) in your application's root directory:

#!/bin/sh
find . -iname "*.php" | xargs xgettext --add-comments=NOTE --keyword=__:1,2 --keyword=__ --from-code=UTF-8 -o i18n.pot
find . -name '*.po' | xargs -I{} msgmerge -U {} i18n.pot
cd /path/to/script && sh update.sh

This will recursively scan for all PHP files in that directory and create a .pot file (I called it i18n.pot, but feel free to name it whatever you like) and update any existing .po files it finds with the new strings.

We then need to create the directories that all the locale files will be stored, one for each locale. They need to be of the format ./locale/{locale}/LC_MESSAGES. For example:

cd /path/to/your/project
mkdir -p ./locale/en_US.UTF-8/LC_MESSAGES
mkdir -p ./locale/es_MX.UTF-8/LC_MESSAGES
# ...etc.

You need to decide on a text domain to use. This can be anything you want, but the script will look for a file called {yourTextDomain}.mo within the LC_MESSAGES folder for that language. Put the following in your PHP script:

define('TEXT_DOMAIN', 'yourdomain');
bindtextdomain(TEXT_DOMAIN, __DIR__.'/locale');
textdomain(TEXT_DOMAIN);
bind_textdomain_codeset(TEXT_DOMAIN, 'UTF-8');
$lang = 'es_MX.UTF-8'; // Change this to the language you want to use
if (setlocale(LC_ALL, $lang) === false) {
    throw new Exception("Server error: The $lang locale is not installed");
}
putenv('LC_ALL='.$lang));

Initially, you send the .pot file generated by the script above to the translators. They then open Poedit and click on File > New from POT/PO file. When they save it, they need to save it as {yourTextDomain}.po. The {yourTextDomain} needs to be exactly the same as the text domain you have in your PHP script. When they save it, it will automatically create both the .po file and the .mo file. Both of these need to be saved in that language's LC_MESSAGES directory when they are done translating.

Now when you update the strings in your PHP file, just re-execute the shell script and send the newly updated .po files to the translators. They then translate the strings and both the .po and .mo files need to be re-uploaded.

internationalization - Best way to internationalize simple PHP website...

php internationalization multilingual
Rectangle 27 11

Not more powerful in the sense that you could write something in Java that would be impossible to replicate in PHP. I'm not familiar with PHP, but there's most likely similar frameworks and libraries that have been created for PHP that exist already in Java (such as an ORM framework like JPA).

Stateful EJBs aren't that special (and not that common either). You can readily store information in the session whether you're using Java or PHP.

This isn't really a suitable question for SO either, since programming languages are different and frameworks are different and you'll never find the "best" something, because that doesn't really exist.

Well, I'm trying to understand if it could be worth learning PHP too, but if Wordpress-like or e-commerce websites is the maximum complexity that can be achieved with PHP, I'm not interested into it.

Plenty of large sites have been implemented in PHP. It's not about the language, it's about the programmer. What makes you think you'll be able to learn Java well enough to create something "more complex".

I already know Java and I'm using it in enterprise applications. I know that PHP is well widespread too, I want to understand how much is it powerful today compared to the full Java enterprise stack (maybe this wasn't very clear in my question). Can you provide some examples of those large sites that I can look at?

I hope you know Java better than you know how to use search engines. But I'll give you the first site for free: facebook.com

+1 for avoiding the flame-war with "learn both". Good advice!

PHP vs Java for enterprise web applications - Stack Overflow

java php java-ee web-applications
Rectangle 27 15

You can try free libraries like fPdf

FPDF is a PHP class which allows to generate PDF files with pure PHP, that is to say without using the PDFlib library. F from FPDF stands for Free: you may use it for any kind of usage and modify it to suit your needs.

hi my question is wanna to create a new pdf file with the help core PHP code.. can you show me any demo.

I don't know that did you mean with 'core' but here is an demo, powered by fpdf fpdf.org/en/tutorial/tuto1.htm

i visited that demo could you understand what im telling i want to generate a new pdf file with the help of php code

Yep i understood and the page shows that too. It's php and creating a pdf file. Not enough?

How to create a PDF file with PHP? - Stack Overflow

php pdf