30 PHP best practices for Beginners (no lights in the wilderness ). 1. I became a good friend with the PHP Manual. 2. opening ErrorReportingErrorreporting is very helpful in PHP development. you can find errors you haven't found in your code before, because and 1, become good friends with the PHP Manual
2. enable Error Reporting.
Error reporting is very helpful in PHP Development. you can find errors you have not found in your code, because not all bugs will make the program run impossible. When the product is officially used, it is necessary to turn off the error report. Otherwise, the customer will not know what it means to see a bunch of strange characters.
3. use IDE
IDE is a helpful tool for developers.
Netbeans IDE is recommended for wilderness.
4. try to use a PHP Framework
5. learn the DRY method.
DRY stands for Don't Repeat Yourself, which is a valuable programming concept, no matter what language. DRY programming, as its name implies, is to ensure that you do not write redundant code.
6. use spaces to indent the code to improve readability
7. "Tier" your Code
Layer your applications into different components of the code. This allows you to easily change your code in the future. For example, the common MVC mode.
8. always use
9. use meaningful and consistent naming conventions
10. comments, comments, and comments
11. install MAMP/WAMP
12. restrict the running time of your script
Generally, the running time of PHP scripts is limited to 30 seconds. if this time is exceeded, PHP will throw a fatal error.
13. use OOP
14. know the difference between double quotation marks and single quotation marks
15. do not put phpinfo () in the root directory of the website ()
16. Never trust your users
17. encrypted storage password
Rebuttal:
Keep in mind, however, that MD5 hashes have long since been compromised. they're absolutely more secure than not, but, with the use of an enormous "rainbow table," hackers can cross reference your hash. to add even more security, consider adding a salt as well. A salt is basically an additional set of characters that you append to the user's string.
18. use visual database design tools
Such as DBDesigner and MySQL Workbench
19. use the output buffer
Rebuttal: Though not required, it's generally considered to be a good practice to go ahead and append the "ob_end_flush ();" function as well to the bottom of the document. p.S. want to compress the HTML as well? Simply replace "ob_start ();" with "ob_start ('OB _ gzhandler ')";
Refer to this Dev-tips article for more information.
The code is as follows:
Untitled
20. Protect your code from SQL injection
The code is as follows:
$ Username = mysql_real_escape_string ($ GET ['username']);
$ Id = $ _ GET ['id'];
$ Statement = $ connection-> prepare ("SELECT * FROM tbl_members WHERE id =? ");
$ Statement-> bind_param ("I", $ id );
$ Statement-> execute ();
By using prepared statements, we never embed the user's inputted data directly into our query. instead, we use the "bind_param" method to bind the values (and escaping) to the query. much safer, and, notably, faster when executing multiple CRUD statements at once.
21. try ORM (object relational mapping)
ORM libraries for PHP like Propel, and ORM is built into PHP frameworks like CakePHP.
22. cache database driver page
For example:
The code is as follows:
// TOP of your script
$ Cachefile = 'cache/'. basename ($ _ SERVER ['script _ URI']);
$ Cachetime = 120*60; // 2 hours
// Serve from the cache if it is younger than $ cachetime
If (file_exists ($ cachefile) & (time ()-$ cachetime <filemtime ($ cachefile ))){
Include ($ cachefile );
Echo" ";
Exit;
}
Ob_start (); // start the output buffer
// Your normal PHP script and HTML content here
// BOTTOM of your script
$ Fp = fopen ($ cachefile, 'w'); // open the cache file for writing
Fwrite ($ fp, ob_get_contents (); // save the contents of output buffer to the file
Fclose ($ fp); // close the file
Ob_end_flush (); // Send the output to the browser
23. use the cache system
- Memcached
- APC
- XCache
- Zend Cache
- EAccelerator
24. verify Cookie data
Cookie data, like any data passed on the Web, can be harmful. You can validate cookie data with either the htmlspecialchars () or mysql_real_escape_string ().
25. use a static file cache system
For example, Smarty is a powerful template system with built-in cache.
26. analyze your code
Profiling your code with a tool like xdebug can help you to quickly spot bottlenecks and other potential problems in your PHP code. Some IDEs like Netbeans have PHP profiling capabilities as well.
27. encoding standards
For example, Pear standard.
28. Keep Functions Outside of Loops
You take a hit of performance when you include functions inside of loops. the larger the loop that you have, the longer the execution time will take. take the extra time and line of code and place the function outside of the loop.
Editor's Note: Think of it this way. Try to remove as permitted operations from the loop as possible. Do you really need to create that variable for every iteration of the loop? Do you really need to create the function each time? Of course not.
29. do not copy no extra variables (in fact this one is doubtful, as described below)
For example:
The code is as follows:
$ Description = strip_tags ($ _ POST ['description']);
Echo $ description;
It can be written as follows:
Echo strip_tags ($ _ POST ['description']);
Rebuttal: In reference to the comment about "doubling the memory," this actually is a common misconception. PHP implements "copy-on-write" memory management. this basically means that you can assign a value to as your variables as you like without having to worry about the data actually being copied. while it's arguable that the "Good" example exemplified above might make for cleaner code, I highly doubt that it's any quicker.
That is to say, PHP implements the "copy-on-write" memory management method. The first code above does not occupy double memory. Therefore, Rebuttal seriously doubts whether the second method of code is really faster than the previous one.
30. update PHP to the latest version.
31. reduce the number of database queries
32. brave question
Such as StackOverflow is a good place.
Issue 2: opening Error Reporting Error reporting is very helpful in PHP Development. you can find errors you have not found in your code, because...
