PHP Code specification

PHP Code specification (not to be continued)

The importance and benefits of standardization

Programmers can learn any code to understand the state of the program
New people can quickly adapt to the environment
Prevent new access to PHP from the time-saving needs, create a set of style and develop lifelong habits
Prevent new people from contacting PHP making the same mistakes again and again
In a consistent environment, people can reduce the chance of making mistakes.

One, code tags

1, <?php?>
2, <?>//need to write php.ini Short_open_tag

Choose to use the 1th type of marker

Second, the note

Write as many comments as possible, even if you spend some time.

Iii. Rules of Writing

[PHP]View Plaincopy

1. The Unit convention for each indentation is a tab (4 whitespace character width), note the following notation, the space between the statement or the keyword and the parentheses
2. if ($a ==1) {
3. Echo 1;
4. } Else {
5. Echo 0;
6. }

Iv. Naming and writing

1. File naming

class file
xxx.class.php
function file
xxx.func.php
Include file
xxx.inc.php

All above in English lowercase letters

2. Constant command

[PHP]View Plaincopy

1. Constant name All letters are capitalized in English
2. Define (' DEBUG ', FALSE);
3. Define (' Project_root ', substr (dirname (__file__), 0,-7));

3. Variable commands and function commands (or class method commands)

[PHP]View Plaincopy

1. All are named in English lowercase letters, and the words are uniformly separated by underscores.
2. function User_add ($username) {
3. $name = $username;
4. }

4. The file contains

Contains the calling program file, using require_once uniformly to avoid possible duplicate containment issues
Included and called in the code must be './' or project_root. ' /' Start by avoiding the practice of directly writing program file names (for example: require_once ' x.php ')

Require_once Project_root. /include/common.inc.php ';

V. Security

[PHP]View Plaincopy

2. Numeric parameter passing, parameter passing as much as possible using numbers
4. $page = intval ($_get[' page ');
8. String parameter pass-through
10. $allow _dos = Array (' Add ',' remove ',' modify ',' view ');
12. if (In_array ($_get[' do '),$allow _dos)) {
14. //Do something
16. }
20. MySQL Query
22. $sql = "SELECT * from user where username=". Mysql_escape_string ($_post[' username ');
26. MySQL Storage
28. $username = addslashes ($_post[' username ');
32. Prevent XSS Cross-site scripting attacks
34. Echo htmlspecialchars ($_post[' message ');

Vi. use of quotation marks

variables, constants, array subscripts, include files as much as possible using single quotes, the contents of the single quotation mark will not be resolved, the efficiency will be higher
$array [' user '] = ' James ';

PHP Code specification