Monday, June 25, 2012

10 Things You Can Do to Become a Better PHP Developer

Website Monitoring Service
10 Things You Can Do to Become a Better PHP Developer
PHP is probably the most popular web development language right now. At least 20 million domains use PHP and it’s the language used on major sites such as Wikipedia and Facebook as well as in some of the world’s biggest open source projects like WordPress and Drupal.

In this article, I’ll share with you ten things I wish I was told when I was just getting started with PHP development, and I’m hoping you’ll be able to learn a thing or two if you’re just taking your first steps into this awesome web development language.

1. Use PHP Core Functions and Classes

If you’re trying to do something that seems fairly common, chances are, there’s already a PHP function or class that you can take advantage of. Always check out the PHP manual before creating your own functions. There’s no need to create a function to remove the white space at the beginning and at the end of a string when you can just use the trim() function. Why build an XML parser for RSS feeds when you can take advantage of PHP’s XML Parser functions (such as xml_parse_into_struct)?

2. Create a Configuration File

Instead of having your database connection settings scattered everywhere, why not just create one master file that contains its settings, and then include it in your PHP scripts? If you need to change details later on, you can do it in one file instead of several files. This is also very useful when you need to use other constants and functions throughout multiple scripts.

Using a config file is a popular web application pattern that makes your code more modular and easier to maintain.

3. Always Sanitize Data That Will Go into Your Database

SQL injections are more common that you may think, and unless you want a big headache later on, sanitizing your database inputs is the only way to get rid of the problem. The first thing you should do is learn about popular ways your app can be compromised and get a good understanding of what SQL injections are; read about examples of SQL injection attacks and check out this SQL injection cheat sheet.
Luckily, there’s a PHP function that can help make a big heap of the problem go away: mysql_real_escape_string. mysql_real_escape_string will take a regular string (learn about data types through this PHP variables guide) and sanitize it for you. If you use the function together with htmlspecialchars, which converts reserved HTML characters (like

0 comments:

Post a Comment

I am a student of MS(CS), and also a computer software engineer and web developer.