This is PHP and the syntax is very similar to C. If you see the link I provided, it wont be very difficult for you to decipher the working logic. sign() is a server side function which is taking $txSkeleton & $privateKeys variables as input and returning the signed data. But, if I could sign using PHP itself, I could avoid this step and directly push the signed Tx. I hope, someone, who knows PHP, chime in and point me to a code that allows me to do so...
This is false; the library signs using PHP itself. So they're doing it right: server generates the unsigned transaction, user signs locally and returns the signature.