Ten principles of the PHP Masters

Glen Stansberry on Sep 8th with 151 comments

Share

4diggsdigg

Discover the industry leader in e-mail marketing.try icontact for free today!

With PHP's widespread adoption,it ' s almost too easy-to-find a script or snippet to doing exactly what are you need. Unfortunately, there's no filter as to what's a "good practice" and "s, well ... not good when writing a PHP script. We need trustworthy sources, who has proven they has a solid grasp on the best practices of PHP.

We need PHP masters to show us the best principles to follow for high-grade PHP programming.

1. Use PHP if you need it? Rasmus Lerdorf

There ' s no better resource than PHP ' s creator for knowing what PHP is capable of. Rasmus Lerdorf created PHP in 1995, and since then the language have spread like wildfire through the developer community, Changing the face of the Internet. However, Rasmus didn ' t create PHP with that intent. PHP was created out of a need to solve web development problems.

And as with many open source projects that has gone on to become popular, the motivation is never philosophical or even Narcissistic. It was purely a, needing a tool to solve real-world web-related problems. In 1994 the options were fairly limited when it came to WEB development tools.

However, you can ' t use PHP for everything. Lerdorf is the first to admit this PHP is really just a tool in your toolbox, and that even PHP have limitations.

Use the right tool for the job. I have the run across companies that has completely bought into PHP, deploying it absolutely everywhere, and it was never mea NT to is a general-purpose language appropriate for every problem. It is a most in home as the front-end scripting language for the Web.

Trying to use PHP for everything isn ' t efficient, and it certainly isn ' t the best use of your time as a web developer. Don ' t is afraid to the use of other languages if PHP isn ' t working out for your project.

2. Use many Tables with PHP and MYSQL for Scalability? Matt Mullenweg

Nobody needs to question Matt Mullenweg's authority with PHP. He had, (alongside a rabid community), developed the most popular blogging system on the planet:wordpress. After creating Wordpress, Matt and company launched the stellar wordpress.com, a free blogging site based on the WordPress MU code base blogging software for multiple blogs. At the time of this writing, WordPress.com hosts over 4 million blogs, and their users has written over 140,000 posts Tod Ay. (You can see more interesting stats on wordpress.com usage here.)

If anybody knows how to scale a website, it's Matt Mullenweg. In 2006 Matt gave some insight to WordPress ' database structure and explained why WordPress MU uses a separate MySQL tab Le for each blog, as opposed to using one giant "monolithic" table for all of the blogs.

We tested this approach for MU, but found it is too expensive to scale past a certain point. With monolithic structures-a wall based on your hardware. In MU users is divided and can be partitioned easily, for example on wordpress.com we have the users partitioned between 4096 databases, which allows you to scale very cheaply and efficiently to hundreds of thousands and even millions of users and extremely high levels of traffic.

Being Able Migrate the tables allows the code and ultimately the blogs to run much faster and scale easier. Alongside some heavy caching, and smart database usage, Matt has shown the extremely popular sites like Facebook and Word Press.com can run off of PHP and handle the incredible traffic load.

3. Never, ever trust your users? Dave Child

Dave Child is the brainchild (Teehee) behind the recently renamed Added Bytes (previously ilovejackdaniels.com) website th At featured Dave's excellent cheat sheets for many programming languages. Dave's worked for many development companies in the UK and have established himself as an authority in the programming worl D.

Dave offers some sage advice when it comes to writing secure code in Php:don ' t trust your users. They just might hurt you.

The cardinal rule of all web development, and I can ' t stress it enough, is:never, ever, Trust Your Users. Assume every single piece of the Data your site collects from a user contains malicious code. Always. That includes data think you has checked with the Client-side validation, for example using JavaScript. If You can manage this, you'll be off to a good start. If PHP Security is important to your, this single point is the most important to learn.

Dave goes give specific examples of secure practices in parts one, both and three of his ' Writing Secure PHP ' series. But he ultimate takeaway is this:

Finally, be completely and utterly paranoid.
If you assume your site would never come under attack, or face any problems of any sort, then when something eventually doe s go wrong, you'll be in massive amounts of trouble. If, on the other hand, you assume every a visitor to your site was out to get your and you are permanently at war, you yourself to keep your site secure, and is prepared in case things should go wrong.

4. Invest in PHP Caching? Ben Balbo

Ben Balbo has been writing for Site Point, a very well respected tutorial Site for the likes of developers and designers. He ' s on the Committee for both the Melbourne PHP User Group and Open Source developers ' Club, so he knows a thing or both a Bout the language. It ' s no surprise with Ben's background as a PHP developer and trainer that he recommends putting a little more thought and Preparation into PHP caching.

If you have a busy and predominantly static web Site?such as a blog?that ' s managed through a content management system, it Would likely require little alteration, yet may benefit from huge performance improvements resulting from a small investme NT of your time. Setting up caching for a more complex site this generates content on a per-user basis, such as a portal or shopping cart s Ystem, would prove a little more tricky and time consuming, but the benefits is still clear.

There is many different techniques for caching in PHP, and Ben touches on a few of the bigger ones in the article, like:

Cached function calls setting expiry headers caching file downloads in IE template caching Cache_lite

and many others. Because of the nature of the dynamic languages like PHP, caching was critical to store those parts of the page that was Accesse D frequently and don ' t change often.

5. Speed up PHP development with an IDE, Templates and Snippets? Chad Kieffer

When Chad Kieffer isn ' t busy rocking user interfaces and administering databases, he's giving expertise advice from his BL og 2 tablespoons. Because of Chad ' s wide field of expertise, he ' s often able to see the big picture that other programmers might not, SPECIF Ically when it comes to the holistic approach, Chad takes to developing a website. He specializes in all aspects of the development process, so any insights he can provide with putting together an entire p Roject is going to be useful.

Chad believes that using the IDE like Eclipse PDT (Eclipse's PHP development package) with a mixture of templates and Snipp ETS can really speed up the turnaround time on a project.

Busy schedules, long to does lists, and deadlines make it tough for developers to get familiar with some of the advanced FEA Tures their tools provide. This was a shame, because some features, like Eclipse Templates, can really reduce coding time and errors.

Common sense says this any time you can automate a task, the quicker you'll get the project done. The same holds true with Dan ' s theory. By taking the time to create templates so you'll use over and over, you'll save tons of time automating the repetitive p Arts of coding.

By using a IDE like Eclipse and the PDT package, you'll find that your development time would incrementally speed up. The IDE would auto-close brackets, add those missing semicolons and even allow you to debug within the editor, without Havi ng to upload to the server.
(Chad have a nifty tutorial on getting started with Eclipse PDT and the benefits of an IDE in general, if you ' re interested .)

6. Make Better use of PHP ' s Filter Functions? Joey Sochacki

While Joey Sochacki is not being as big of a name as Matt Mullenweg in the PHP community, he ' s a seasoned web developer and Shares tips that he's picked up along the the-the-Devolio.

Joey had found that even though there was a ton of filtering that had to happen when writing PHP code, not many programmers Make use of PHP ' s filter functions.

Filtering data. We have the to do it. Most, if not all of us, despise doing it. However, unbeknown to the most is PHP's filter_* functions, that's allow us to do all sorts of filtering and validation. Using PHP ' s filter_* functions, we can validate and sanitize data types, URLs, e-mail addresses, IP addresses, strip bad C Haracters, and more, all with relative ease.

Filtering can is tricky, but this guide can help immensely. With Joey's help you ' ll learn how to install the filters and and filter nearly anything, taking advantage of the filtering Power of PHP.

7. Use a PHP Framework? Josh Sharp

There have always been a debate as to whether to use a PHP framework like Zend, CakePHP, Code igniter, or any other Framewo Rk. There is upsides and downsides to using one, and many developers has their own opinions about whether or not to go This road.

Josh Sharp was a web developer who makes he bread and butter creating websites for clients. Should trust him when he says it's a good idea to use a PHP framework to save time and eliminate mistakes When programming. Why? Josh believes it ' s because PHP is too easy to learn.

But PHP's ease of use are also its downfall. Because There is less restrictions on the structure of the code you write, it's much easier to write bad code. But there is a solution:use a framework.

PHP frameworks help standardize how-to program, and can save lots of time in the development process. You can read more about the benefit of using a PHP framework at the Josh ' s blog.

8. Don ' t use a PHP Framework? Rasmus Lerdorf

Contrary to Josh's belief that one should use a PHP framework, Rasmus Lerdorf, the godfather of Php himself, believes that Frameworks aren ' t that great. Why? Because they perform much slower than simple PHP.

During Rasmus ' presentation at Drupalcon, Rasmus compared the response times to a PHP page with a simple "Hello world" "Example, and compared it to a few PHP frameworks (slides 24-32), and showed that PHP frameworks is much slower than Str Aight PHP.

You can listen or watch the entire presentation where Rasmus shows the performance losses with PHP frameworks. In short, the Rasmus shows that performance takes a major hits when your use of a PHP framework as opposed to using pure PHP.

[Note:if You has the use of a PHP framework, Rasmus likes Code igniter the best, as it's "least like a framework"]

9. Use Batch processing? Jack D. Herrington.

Jack Herrington is no. stranger to PHP and the development world. On top of writing through articles for the prestigious IBM DeveloperWorks, Jack have also published programming books like PHP Hacks. Jack is a bona fide expert.

Herrington recommends using batch processing and cron to tackle those tasks, the can process in the background. Web users don ' t want to wait a long for tasks to complete on the web. There is some jobs that take longer that is much more suited to being do in the background.

Certainly, in some small cases, it's a bit easier to fire off of a helper thread to handle small jobs. But it's easy-to-see which with the use of conventional tools? Cron, MySQL, Standard object-oriented PHP, and Pear::D b? Creating batch jobs in PHP applications are easy-to-do, easy-to-deploy, and easy-to-maintain.

Jack believes in simplicity, and instead of using threading on servers, he uses the simple combination of cron, PHP and My SQL to process tasks in the background.

I ' ve done both, and I think Cron have the advantage of the "Keep It Simple, Stupid" (KISS) principle. It keeps the background processing simple. Instead of having a multithreaded job-processing application that runs forever and, thus, can never leak memory, you have A simple batch script, that Cron starts. The script determines whether there's anything to does, does it, then exits. No need to worry about memory leaks. No need to worry on a thread stalling or getting caught in an infinite loop.

Turn on Error Reporting Immediately? David Cummings

David Cummings runs his own software, the specializes in content management systems, and have won several awards. If anyone knows how to develop a PHP application efficiently, it ' s Dave.

David wrote in a SitePoint article about the both PHP tips he wished he ' d learned in the beginning. One of the Tips:turn on error reporting immediately. It ' ll save a great deal of time in the long run.

The single most important thing I-tell people who use PHP are to turn error reporting to their maximum level. Why would I want? Generally the error reporting is set at a, that would hide many little things like:

Declaring a variable ahead of time, referencing a variable that isn ' t available in that segment of code, or using a define That isn ' t set.

These factors might not seem like that big a deal? Until develop structured or object oriented programs with functions and classes. Too often, writing code without error reporting turned up high would cost you hours as you scoured long functions it did N ' t work because a variable is misspelled or not accessible.

Error reporting can make finding the reason for an error much easier. A tiny bug in the code can be quickly identified if PHP's error reporting is turned on high. Save yourself some time and hair pulling by letting PHP find your bugs for you.

