40 evidence that you are still a PHP rookie

40 signs indicate that you are still a PHP Cainiao. reading 40 signs shows that you are still a PHP Cainiao. these signs are not only used to tell me that you are a Cainiao, but also tell me that you still have a lot to learn. The English copyright for the 40 signs of the introduction is owned by ReinholdWeber, translated by yangyang (akadavidkoree ). The bilingual version can be used for non-commercial communications, but must be noted by the English version author, "> <LINKhref =" these signs are not only used to tell me that I am a Cainiao, but also tell me that there are many more to learn.
Introduction
The English copyright showing 40 signs belongs to Reinhold Weber, translated by yangyang (aka David Koree ). The bilingual version can be used for non-commercial communications, but must contain the English version of the author, copyright information, and the Chinese translation of the author. The translation level is limited. Please correct PHPer.
The author of 40 Conquer is PHPer Li Junpeng, which can be used for non-commercial communication.
Body
I would like to include this article in my "programming chores" series. Although I have been engaged in software engineering, enterprise-level software architecture and database design in formal university courses, I still feel the "evil" of the following facts from time to time. of course, these are my subjective feelings and are oriented to Eclipse.
You are a PHP rookie. if you:
1. do not use tools such as phpDoc to properly comment your code
Conquer 1
PhpDoc is an excellent module in PEAR. it generates API documents for code like javadoc. PhpDoc is written using the idea of OOP. it scans the PHP source code in the specified directory, recognizes the special mark in the comment, generates an XML file (or other), and creates the corresponding index. That is, the essence is to generate documents from comments in the source code.
2. turning a blind eye to excellent integrated development environments such as Zend Studio or Eclipse PDT
Conquer 2
I don't know how to describe Zend, but someone said in the night that Zend in the PHP field is like Microsoft in the software field, while Eclipse is another multi-functional development environment, most people want to use it to write Java (such as me), while PDT, namely, PHP Development Tools, enables users to write PHP plug-ins in Eclipse. If you are interested, you can develop a plug-in for Eclipse. Pai_^
3. never used any form of version control system, such as Subclipse
Conquer 3
Version control system? Let's take a look at version control: Version control is a data warehouse that records every change to the file. In this way, we naturally know what version control systems are. For more information, we recommend that you choose one sentence!
(1) http://www.phpchina.com/bbs/thread-46209-1-1.html
(2) http://bbs.phpchina.com/thread-47473-1-1.html
(3) http://bbs.phpchina.com/thread-89264-1-1.html
4. some coding and naming standards, as well as general conventions, cannot be implemented during the project development cycle.
Conquer 4
I think the good writing habits of code are very comfortable, and indentation is really necessary-it's depressing to look at the pile of code with no beauty at all. Generally, the indentation contains four spaces. We do not recommend using the TAB key in the PEAR standard (here I am a little ashamed), because there may be problems in some occasions (although I have not encountered it yet ). Recommended variables for Naming: The first word starts with lowercase letters, and other uppercase words start with myName, while the class names are recommended to start with uppercase letters, such as MyName or My_Name, I don't think there is a big difference (if it's big, please advise ).
5. Uniform development is not used
Conquer 5
I am still a fan of PHP, so I still have little experience in team development. here, I have the illusion that the term "development method" does not seem to understand, in addition, it is difficult to find a satisfactory article using the search engine for a long time. Therefore, we recommend:
(1) http://www.phpchina.com/html/42/1142-7314.html
(2) http://topic.csdn.net/u/20080509/09/9b81d740-68fc-4d63-9299-ce6675f240cb.html
(3) http://www.ibm.com/developerworks/cn/web/wa-jacquard/index.html#N10064
In fact, I personally think the term development method is quite generic and abstract ......
6. do not convert (or) or verify some input or SQL query strings)
Conquer 6
Always believe in one point: never trust unprocessed user input. Filtering user input is the foundation of Web security. Therefore, designers should always clearly know the data source, filter data, and distinguish processed data from unprocessed data.
7. do not thoroughly plan your program before coding
Conquer 7
I personally think that this is the same as drawing a flowchart or a project development process before writing a program. it should not be explained too much.
8. do not use test-driven development
Conquer 8
Test Driven Development (TDD) is an important part of extreme programming. its basic idea is to write Test code before developing functional code. That is to say, after developing a function, first think about how to test the function, write the test code, and then write the relevant code to meet these test cases. Add other functions cyclically until all functions are developed. Clean code that works is the goal of test-driven development. (From Baidu Encyclopedia)
9. coding and testing are not performed when the error is enabled. For more information, see The PHP function error_reporting)
Conquer 9
I think the error report is usually enabled when writing code. The prototype of error_reporting is int error_reporting ([int $ level]). This function is used to set the error level of the report to be displayed. for details, see:
Http://cn2.php.net/manual/en/function.error-reporting.php
10. turning a blind eye to the benefits of the debugger
Conquer 10
Several debuggers are recommended:
(1) Zend IDE
(2) APD
(3) Xdebug
11. do not refactor your code
Conquer 11
Refactoring refers to using a series of refactoring principles (techniques) to adjust the internal structure of the software without changing the "software-aware behavior. The purpose is to improve the comprehensibility of software without changing the "suspicious behavior of software" and reduce the modification cost. The benefits of refactoring can improve software design to make software easier to understand, help designers find bugs, and increase the speed of software development. In short, refactoring is to improve the design of the software that has been written.
12. do not use MVC-like pattern to divide different layers of programs
Conquer 12
Model View Controller (MVC) is the Model-View-Controller. a View is the user side, while a Model is the module for processing tasks, the controller controls the ing between views and models, that is, the model selected for processing in the user response, and the view displayed after the task is processed.
13. do not know these concepts: KISS, DRY, MVC, OOP, and REST
Conquer 13
(1) KISS refers to Keep It Simple and Stupid (from wikipedia). It refers to sticking to the Simple principle during design to avoid unnecessary complexity.
(2) DRY refers to Don't Repeat Yourself (from wikipedia), especially in programming and computing to avoid repeated code, because it will reduce flexibility and simplicity, and may cause conflicts between codes.
(3) OOP (Object-Oriented Programming) refers to object-oriented Programming. I have always thought that the classic analogy is that a car is a Class, and the attributes of this Class include wheels, bodies, motors, etc. The methods include acceleration and deceleration; rolls-Royce is an Object that inherits the attributes and methods of the car class. how can we achieve acceleration and deceleration? This information is hidden-information encapsulation (encapsulation), leaving only the user interface for us, such as stepping on the brakes and stepping on the accelerator. as for Polymorphism, in my rough analogy, it is an automatic vending machine (we assume that there is only one drink for each price). It is also a coin-based method, but the result you get is different from the result you get when you invest 2 yuan and 5 yuan -- unless there is a problem with the vending machine.
(4) REST (Representational State Transfer) is a design and development method for network applications, which can reduce development complexity and improve system scalability. REST puts forward some design concepts and principles:
A. everything on the network is abstracted as a resource );
B. Each resource corresponds to a unique resource identifier );
C. operate resources through the general connector interface (generic connector interface;
D. operations on resources do not change the resource ID;
E. All operations are stateless ). (From Baidu Encyclopedia)
14. output (echo/print) content directly in your function or class instead of return.
Conquer 14
In this regard, the source code of prawns is returned, so I generally learn to use it like this. As for the reason, I feel that it is quite good to use it. Maybe the style is strictly prohibited. However, I don't really understand this sentence. generally, all functions need to return statements unless they are specifically used for output.
15. turning a blind eye to the advantages of unit testing or general testing
Conquer 15
(1) unit testing is the lowest level of testing activities to be carried out during software development. in unit testing activities, the independent unit of the software will be tested in isolation from other parts of the program, which not only ensures the project progress but also optimizes the design. I remember that when I used to write a long C code, I added a piece of test code at the end of a specific module to check whether it was counted. Pai_^
(2) general testing technology? This reminds me of a piece of "software testing ***" from the Turing series in the library. The specific name is missing. These are part of the scope of software testing, if you need to download: http://bbs.phpchina.com/thread-94241-1-1.html
16. hard-coded HTML is always returned, but no pure data, string, or object is returned.
17. always hard coding of "messages" and "configuration parameters"
Conquer 16-17
The use of hard encoding may result in inflexible programs, complicated modifications in the future, and compilation problems. More specific understanding: http://bbs.bc-cn.net/thread-32143-1-6.html
18. do not optimize SQL query statements
Conquer 18
The optimization of SQL statements is to convert low-performance SQL statements into SQL statements with the same performance. The advantage is obvious. Artificial intelligence can be used for automatic SQL optimization.
19. do not use _ autoload)
Conquer 19
The _ autoload function is automatically called when you try to use a class that has not been defined. By calling this function, the script engine has the last chance to load the required class before a PHP error fails. See: http://cn.php.net/__autoload
20. intelligent error handling is not allowed)
Conquer 20
PEAR_ErrorStack provides a stack-based error handling method to unify various errors and point them to the same place to connect multiple irrelevant projects to the same application. (Translated from: http://pear.php.net/package/PEAR_ErrorStack)
21. replace $ _ GET with $ _ POST for destructive transfer operations.
Conquer 21
In my personal understanding, using $ _ GET will expose some information to the URL.
22. I don't know how to use regular expressions.
Conquer 22
Regular expression? I want to go to the night to find shanji, or to the night sharing manual to download a learning: http://bbs.phpchina.com/thread-89223-1-1.html
23. I have never heard of SQL injection or XSS
Conquer 23
(1) the so-called SQL injection is to insert SQL commands into Web forms to submit or enter query strings for domain names or page requests, and finally cheat the server to execute malicious SQL commands, for example, most of the previous VIP member passwords leaked by many video websites are exposed by submitting query characters through Web forms. such forms are particularly vulnerable to SQL injection attacks;
(2) the industry defines cross-site attacks as follows: "Cross-site attacks refer to intruders inserting malicious data in HTML code on remote Web pages, the user believes that the page is trustworthy, but when the browser downloads the page, the script embedded in it will be interpreted and executed." Because the HTML language allows the use of scripts for simple interaction, intruders insert a malicious HTML code into a page through technical means, such as recording the user information stored in the Forum (Cookie ), because the Cookie stores the complete user name and password information, the user will suffer security losses. For example, this simple Java script can easily obtain user information: alert (document. cookie), which will pop up a message box containing user information. Intruders can use scripts to send user information to their own record pages. after a slight analysis, they can obtain user sensitive information. (From Baidu Encyclopedia)
24. simple configuration is not allowed, and constructors of classes are not allowed to accept parameter passing and then execute the set/get method or constant definition during runtime.
Conquer 24
Just one sentence: do not allow class constructors to accept parameter passing.
25. do not understand the advantages and disadvantages of object-oriented programming (OOP)
26. abuse of OOP regardless of the situation
27. Self-think that implementing reusable software must be equal to/need to make your code comply with OOP
Conquer 25-27.
Advantages of OOP: it brings people's programming closer to the real world. all objects are assigned attributes and methods, and result programming is more humane. Disadvantages of OOP: for C ++, because it is oriented to a higher logic abstraction layer, C ++ has to make performance sacrifices during implementation, sometimes even fatal.
28. do not use smart default values
Conquer 28
I think using the default value is a good habit.
29. there is no single configuration file
Conquer 29
Set a config. php configuration.
30. I don't want to expose the file source code, but I replaced. php with the. inc suffix.
Conquer 30
* An. inc file, as its name implies, means include file. generally, we use inc as the suffix because it can reflect the role of this file. *. The functions of inc files are somewhat similar to those in C/C ++ *. H ,*. HPP header files. using inc files can make our programs more readable and easier to develop and maintain.
31. do not use the database abstraction layer
Conquer 31
See http://bbs.phpchina.com/thread-94258-1-1.html
32. do not keep yourself DRY, that is, do not repeat yourself. if you are always copying and pasting something, it means you are poorly designed.
Conquer 32
Refer
33. a function, class, or method cannot be used together for only one thing.
Conquer 33
This requires exercise, learning and improving in practice.
34. failed to try the advantages of OOP, such as abstract classes, interfaces, polymorphism, inheritance, and access control modifiers (such as public, private, and protected)
Conquer 34
Oh, my god. I 'd like to refer to 25-27. it also needs to grow in practice.
35. optimize your program system design without existing design patterns
Conquer 35
Recommended Head First design model
36. your users are not allowed to define basic directories when you have many files or directories
Conquer 36
Keep it. I am a little confused. Pai_^
37. the namespace is contaminated. for example, use common strings to name your library functions.
Conquer 37
Ah, this is really a bad habit, but it is a good habit!
38. no table prefix is used when database tables are used.
Conquer 38
Maybe, the prefix of a data table in PHPChina is PPC _ or PCC _. This is indeed advantageous. I think it is as if the field name uses a format such as txtUsername.
39. do not use the unified template engine
Conquer 39
I don't know what to say. a team generally uses a unified template engine.
40. don't pay attention to the existing PHP development framework, so you are too lazy to explore. In fact, advanced development concepts and wonderful code are included.
Conquer 40
Such as Zend Framework, CakePHP, FleaPHP, and ThinkPHP.