Menu
I have been learning php, by just plugging away at it.
I was hoping someone could point me in the right direction in regards to security, flow and general best practices?
Thanks.
edit--
I suppose a better way to phrase what i am trying to ask is..
What is the best practice:
1.) when processing forms with php, get vs post, $_REQUEST vs $_GET & $_POST
2.) when dynamically creating HTML files (example below)
3.) logins & authentication in the same file as the form creator
4.) Sending e-mail with php
From #2 above
<?php
echo "<h1> Welcome </h1>";
if ($_SESSION['type'] == "admin")
{
//lots of html in the echo statment
echo "tables and admin interface here";
} else
{
//lots of html in the echo statment
echo "tables and user dashboard here";
}
?>
--VS--
<h1> Welcome </h1>
<?php
if ($_SESSION['type'] == "admin")
{
?>
lots of html in the echo statment
tables and admin interface here
<?php
} else
{
?>
lots of html in the echo statment
ables and user dashboard here
<?php
}
?>
--VS--
<?php if($_SESSION['username']): ?>
<p>You are logged in as <?=$_SESSION['username']?></p>
<p><a href="?logout=1">Logout</a></p>
<?php endif; ?>
ps: Thanks to everyone who already responded. Can I also inquire where does a framework fit? I took a class in OOP and we didn't become familiar with any frameworks.
I read lot on the Symfony and zend frameworks but am still confused.
thanks again.
753
Good programming is irrelevant of language. I suggest you start studying software development concepts such as object oriented programming, design patterns, separation of concerns, reuse, encapsulation, testing and refactoring. Start at any of those and keep "plugging" away at the list and you will get better.
PHP specific - learn the accepted coding standard, such as PEAR's or Zend's. After you've assimilated some of the concepts, pick up a good reference such as one of the top frameworks mentioned in the other answers - Zend Framework, CakePHP, Symfony among others.
124
The PHP community has never really been strong at offering up any development guidelines or advocating best practices. In the pre-framework days typical php code written by most devs was very amateurish and disorganized - see the Wordpress source code. But PHP is a good language for web apps. It was made for the web and you can write good professional code with it if you want to. It's trendy to bash it but disregard that stuff.
Anyway, like the others have said here your best bet is to use a framework. Being a newbie, it will be important for you to pick a framework that is well documented and has a strong community to help you get over the hump. Here's my rundown of the major php frameworks:
Codeigniter => popular, fast, good docs and community. very easy to learn. v2.0 hasn't officially been released but is ready for production use and is php5 only. You can use the same documentation that is on the CI site for v1.7. The versions are very similar except 2.0 drops php 4 support finally. here is the download for 2.0: http://bitbucket.org/ellislab/codeigniter/
YII => Really gaining momentum despite it's goofy name. It's a fast performer with GREAT documentation and a ton of features. A new book is out too. The community is so-so but growing. This framework imo takes a lot from rails. There a web-based code generation tool and it uses active record. http://yiiframework.com/
you can build apps a lot quicker with YII due to the code-gen and active record but it will be a bit harder to learn than CI. You may find it getting in your way a bit more too as you try to do everything the YII way. CI is more flexible - gives you the foundation you need w/o getting in your way. So for now i'd recommend codeigniter.
good luck!
40
Use a freely available framework such as:
and follow the standards specified by that framework.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
