PHP Code specification

Source: Internet
Author: User
Tags mysql query vars

PHP Code specification (not to be continued)


The importance and benefits of standardization

Programmers can learn any code to understand the state of the program
New people can quickly adapt to the environment
Prevent new access to PHP from the time-saving needs, create a set of style and develop lifelong habits
Prevent new people from contacting PHP making the same mistakes again and again
In a consistent environment, people can reduce the chance of making mistakes.


One, code tags

1, <?php?>
2, <?>//need to write php.ini Short_open_tag

Choose to use the 1th type of marker


Second, the note

Write as many comments as possible, even if you spend some time.


Iii. Rules of Writing

[PHP]View Plaincopy
    1. The Unit convention for each indentation is a tab (4 whitespace character width), note the following notation, the space between the statement or the keyword and the parentheses
    2. if ($a ==1) {
    3. Echo 1;
    4. } Else {
    5. Echo 0;
    6. }


Iv. Naming and writing

1. File naming

class file
xxx.class.php
function file
xxx.func.php
Include file
xxx.inc.php

All above in English lowercase letters


2. Constant command

[PHP]View Plaincopy
    1. Constant name All letters are capitalized in English
    2. Define (' DEBUG ', FALSE);
    3. Define (' Project_root ', substr (dirname (__file__), 0,-7));


3. Variable commands and function commands (or class method commands)

[PHP]View Plaincopy
    1. All are named in English lowercase letters, and the words are uniformly separated by underscores.
    2. function User_add ($username) {
    3. $name = $username;
    4. }


4. The file contains

Contains the calling program file, using require_once uniformly to avoid possible duplicate containment issues
Included and called in the code must be './' or project_root. ' /' Start by avoiding the practice of directly writing program file names (for example: require_once ' x.php ')

Require_once Project_root. /include/common.inc.php ';


V. Security

[PHP]View Plaincopy
  1. Numeric parameter passing, parameter passing as much as possible using numbers
  2. $page = intval ($_get[' page ');
  3. String parameter pass-through
  4. $allow _dos = Array (' Add ',' remove ',' modify ',' view ');
  5. if (In_array ($_get[' do '),$allow _dos)) {
  6. //Do something
  7. }
  8. MySQL Query
  9. $sql = "SELECT * from user where username=". Mysql_escape_string ($_post[' username ');
  10. MySQL Storage
  11. $username = addslashes ($_post[' username ');
  12. Prevent XSS Cross-site scripting attacks
  13. Echo htmlspecialchars ($_post[' message ');



Vi. use of quotation marks

variables, constants, array subscripts, include files as much as possible using single quotes, the contents of the single quotation mark will not be resolved, the efficiency will be higher
$array [' user '] = ' James ';

PHP Code specification

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.