One of the best things about PHP is that it's a great language to just "dive into", thanks to its wide-ranging popularity. Anyone with the ability to hit "Search" on Google can quickly create a program. However, this also lends to a major criticism of PHP: it's almost too easy to find and reproduce bad code.
Here are 10 PHP mistakes that any programmer, regardless of skill level, might make at any given time. Some of the mistakes are very basic, but trip up even the best PHP programmer. Other mistakes are hard to spot (even with strict error reporting). But all of these mistakes have one thing in common: They're easy to avoid.
Take the time and make sure that your PHP is secure, clean and running smoothly by checking your site for these common PHP blunders.
1. Single quotes, double quotes
It's easy to just use double quotes when concatenating strings because it parses everything neatly without having to deal with escaping characters and using dot values. However, using single quotes has considerable performance gains, as it requires less processing.
Consider this string:
$howdy = 'everyone';
$foo = 'hello $howdy';
$bar = "hello $howdy";
$foo outputs to "hello $howdy" and $bar gives us "hello everyone". That's one less step that PHP has to process. It's a small change that can make significant gains in the performance of the code.
2. Semicolon after a While
Recently in some code I was writing, I had a while loop, which looked something like this:
$i = 0;
while($i < 20); {
//some code here
$i++;
}
See that semicolon there? This will cause PHP to silently fall into an infinite loop. You will not get any errors even with E_ALL|E_STRICT error levels – beware of this mistake!
3. NOT Using database caching
If you're using a database in your PHP application, it is strongly advised that you at least use some sort of database caching. Memcached has emerged as the most poplar caching system, with mammoth sites like Facebook endorsing the software.
Memcached is free and can provide very significant gains to your software. If your PHP is going into production, it's strongly advised to use the caching system.
4. Missing Semicolon After a Break or a Continue
Like #2, a misused semicolon can create serious problems while silently slipping off into the shadows, making it quite difficult to track the error down.
If you're using a semicolon after a "break" or "continue" in your code, it will convince the code to output a "0" and exit. This could cause some serious head scratching. You can avoid this by using braces with PHP control structures (via CodeUtopia).
5. Not Using E_ALL Reporting
Error reporting is a very handy feature in PHP, and if you're not already using it, you should really turn it on. Error reporting takes much of the guesswork out of debugging code, and speeds up your overall development time.
While many PHP programmers may use error reporting, many aren't utilizing the full extent of error reporting. E_ALL is a very strict type of error reporting, and using it ensures that even the smallest error is reported. (That's a good thing if you're wanting to write great code.)
When you're done developing your program, be sure to turn off your reporting, as your users probably won't want to see a bunch of error messages on pages that otherwise appear fine. (Even with the E_ALL error reporting on they hopefully won't see any errors anyway, but mistakes do happen.)
6. Not Setting Time Limits On PHP Scripts
When PHP scripts run, it's assumed that they'll eventually finish in a timely manner. But every good programmer knows that nothing should be assumed in a piece of code. Nothing makes a program crankier than an unresponsive script.
You can get around this issue by simply setting a time limit on the script (set_time_limit). While it may seem like a trivial thing, it's always clever to prepare for the worst.
7. Not Protecting Session ID's
A very common PHP security mistake is not protecting session ID's with any sort of encryption. Not protecting these Session ID's is almost as bad as giving away a user's passwords. A hacker could swoop in and steal a session ID, potentially giving him sensitive information. Here is an example of how to protect Session ID's with sha1:
if ($_SESSION['sha1password'] == sha1($userpass)) { // do sensitive things here}
Adding the sha1 to the ($userpass) gives an added bit of security to the session. Sha1 isn't a bulletproof method, but it's a nice barrier of security to keep malicious users at bay.
8. Not Validating Cookie Data
How much trust do you put into cookies? Most people don't think twice about the seemingly-harmless bit of data that's passed by a cookie. The name "cookie" itself is associated Milk, nap time and Santa, for crying out loud! How could a cookie possibly harmless?
If you're not validating cookie data, you're opening your code to potential harmful data. You should use htmlspecialchars() or mysql_real_escape_string() to validate the cookie before storing it in a database.
9. Not Escaping Entities
Many times PHP programmers are too trusting with data, especially data generated by user. It's imperative to sanitize data before it goes into any sort of storage, like a database.
To correctly escape entities in things like forms. Instead of using this:
echo $_GET['username'];
You can validate the data by using htmlspecialchars() (or htmlentities()) like so:
While comparison operators are an extremely basic part PHP programming, mixing these up in your code is certain to bork your program. As the German proverb states, the Devil is in the details.
Being familiar with the often-misused operators like =, ==, != , are absolutely critical to PHP programming. Taking the time to really understand the differences will greatly speed up your programming and yield less bugs to debug.
Top Recommended Freelancers
More than 1,000,000 freelancers ready to tackle any kind of project
Now days, Freelancing is simplest, easiest and best way to Hire PHP developers for full-time or part-time.
Once you've decided to hire dedicated PHP developer instantly, you need to follow some basic steps to Hire PHP developer for website design & development. The first place to start with is your outsourced project itself, define outline of your website concept with complete requirement and summarizing the vital elements and analyze your requirement for determine the employment type (individual/agency), budget and share your requirement on freelance platform. Within 24 hours you get top PHP developers proposals, you need to scan their portfolio and shortlisted them, preferred only experienced PHP developer because hiring experience person is always better deals. And finally invite them for interview to assess their abilities. If you aren't from a technical background, seek someone proficient to conduct a technical interview of PHP developers.
What are the benefits to hire a php developer near me?
Hire PHP developer to build a website as per the requirement of your business in a convenient manner.
A team of professionals can undertake the requirement of your business and can turn your ideas into reality.
Hiring PHP experts is a must for you if you want to build a best PHP based site with a professional look. Top Web developers from all over the world are opting for this software to build a site because of its cost effectiveness, flexibility, simplicity and free availability. Top PHP developers for hire to accomplish your business projects.
Flexible option: Our multiple models are designed to give you the flexibility in hiring your team at your own budget and project requirements.
Build your own team: Choose from a variety of technologies and create your dream team or your own IT team.
Transparency at all levels: Options to choose from a pool of talented resources, interviewing them as per your own standards and hiring the right resource.
Complete control: Assign tasks at your own will or give the control to the team to lead the development.
How to create a website using PHP for new company?
If you decide to create a website in PHP and you don't know PHP programming and website design. Freelance market is best choice for development of an attractive and fully functional website. You just focus on your business and define the primary purpose of your website, your specific user experience and fundamental goal of your website. Following points are step by step guide for creating a website for business.
Define primary goal and complete requirement of your website.
Define domain name, it is one of the most important features of your PHP website (i.e. URL).
Choose a great experienced PHP website developer for web page design.
Choose your favourite website template.
Test and publish your website.
What are php developers?
PHP (Hypertext Pre-processor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML.
PHP Programming Languages most commonly used for web site and web Application Development. PHP could be use for a general purpose, server-side scripting language run a web server that is designed to form dynamic pages and applications.
PHP as a web development option is secure, quick and a reliable that gives lots more advantages to form it accessible to a lot of people. It is to be given a thought on what has made PHP Programming as one of the most commonly programming language for the online business.
Mistakes while hiring the Top PHP Developers
Common mistake that need to be avoided while hiring a PHP developer
Not examining the previous work effectively:Basically, you have to judge the work of the PHP Developer when you are trying to hire them. Of course, you'll have some idea of the skills that are required for the task and some assumptions on how you would like to proceed additional.
Looking within the region: 'I would prefer to hire a PHP Developer who belongs to my region' this can be the fact that the majority of the businesses think and work in this direction. Well, most of them think that this the simplest way; communication becomes straightforward, problems may be solved with ease and at a faster rate.
Ignoring support and communication: Make sure that your communication is perfect. A proper mode of communication should be selected by the company for solving and reviewing the latest updates and problems. So, while interviewing, test their analytical, decision-making, and problem-solving ability, and also check whether the developer is able to understand and implement the requirements in the project easily or not.
Pricing issue: Do you agree on variable pricing? You never know how much money are going to be spent throughout the process and how many months it would take for the website to go live. This problem arises when working with an offshore. So, in the first interview itself, talk about all the issues clearly. Make sure you provide the detailed contract which is duly signed by the offshore company.
Now a days, PHP is the most popular server-side web programming language, so it’s important to know how to resolve any errors that may occur when PHP code is executed.Here, we will look at the basics of how to do error handling in PHP, using the built-in funct...
YouTube is currently world’s most popular video sharing web site. Over 1 billion hours of videos are watched every day and over 300 hours of video content is uploaded every minute. It also provides offline facility in which you can watch video offline once you...
In PHP, the implode() method joins array elements and outputs them as a single string. This is useful when we need to create one string out of a set of array values.The function can be invoked in two ways:implode( string $glue , array $pieces ) ...