Writing Portable PHP code

1. Keep the configuration centrally placed.

As a general guideline, it is recommended to keep most of the information in one location (possibly a file) so that all necessary modifications can be made in the same location when the information needs to be modified.

2. Write reusable code;

If you have just finished developing other sites or applications, you should be aware that you already have the county-seat code that can be easily applied to new projects. The best approach is to write object-oriented code using the idea of creating reusable builds or feature slices.

There are a number of important issues to consider when balancing the possibility of code reuse:

(1) What happens when there is a change in the requirements of the project?

(2) Is it easy to add new functionality to your code?

(3) For a period of time, can you understand the code?

(4) is the code easy to inherit from other applications?

(5) Can the assumptions be applied to work on other sites?

As an experienced PHP developer, you have a primary responsibility: to constantly understand the more esoteric knowledge of software development, such as design patterns, enterprise application architectures, as a way to improve development skills, and, more importantly, a time-saving approach. The wider your knowledge, the less risk of failure when you start your next big project.

3. Always use the full PHP tag;

PHP supports a variety of style tags to identify code sections, including short tags (<??>) and ASP style tags (<%%>). The marker style can be controlled by Short_open_tag and Asp_tag in the php.ini. Note, however, that although these configurations can be toggled, other server administrators may not be able to make modifications, which can cause problems. When PHP is mixed with the XML guard, the short markup style can cause problems.

4. Always use super global variables, do not use register_globals;

Confirm that the following code is included in the php.ini file: register_globals = off; This forces you to listen to a special predefined super global variable (for example, $_get[' username ') to access the input data, ensuring that it does not conflict with the variables created in the script.

6. Always check the magic quotes.

Magic quotes is a feature PHP provides to help PHP beginners to prevent the development of the site in the presence of security vulnerabilities. The Magic quotes feature automatically adds escape characters (backslashes) to these values before the script can access the incoming URL query string, form post articles, and cookie data, indicating that the string should include quotation marks rather than quotes that represent the end of the string. If the data is inserted directly into the database and the Magic quotes feature is turned on, there is no risk that a malicious user might tamper with the database.

However, I prefer to turn off the magic quotes and handle the escaped data of the SQL statement myself.

Writing Portable PHP code