Tips for Programming and PHP
Community member “a_v58″ sent me a short list of PHP tips. These days, people are rabid in their thirst to learn more about PHP. If you want to become a programmer, you should know what you’re doing when it comes to PHP. The following tips were sent in to me by Andrew. They are solid tips, so I wanted to pass them along to all of you.
- Don’t be tempted to use packets such as WAMP or XAMPP that install and configure Apache, PHP, MySQL for you automatically. You’ll learn more by installing them one-by-one and configuring them manually. After a quick Google search, you’ll find a list of recommended configurations for PHP and/or Apache – depending whether your machine is a server or a development machine. I recommend installing in this order: MySQL, Apache, PHP.
- A small suggestion to check if all 3 were installed and configured correctly: place a small PHP script in the .htdocs directory of Apache in which you call the phpinfo function, as well as one function from every extension (MySQL, cURL, Java, etc.). If there are no warnings or errors, everything should be fine.
- For fewer headaches and happier programming, I also strongly recommend using an IDE such as EclipsePHP (which can be found at eclipse.org) or Zend. You might also look into xDebug.
- Remember to sanitize your database inputs. To avoid this, understand what this is and how this works. Google or read on Wikipedia for “SQL injection.” Use functions such as ‘addslashes’ and ‘get_magic_quotes_gpc.’
- When you think you did everything right and you don’t understand why something isn’t working, look at your code carefully, debug it, and possibly run a ‘var_dump’ on all the variables to see whether something is faulty. If you still can’t figure it out, take a break and get some fresh air. Come back to the problem with a clear mind.
- Don’t be afraid to ask on forums or the community questions. Remember: there are no stupid questions. However, if for every little mistake you ask, and you don’t figure a couple of questions on your own… no offense: programming may not be right for you.
- Why choose PHP? It has a syntax similar to C/C++ (which are some of the used frequently for desktop applications. PHP.net has almost everything you might need to know – including examples and user-contributed notes (which may contain exactly what you need).
- When somebody asks you a question, don’t be afraid to answer. You’ll either help that person by teaching him or her something new (or be corrected by someone with more experience – in which case, you’ll learn something new).
Sure, it’s a starter list of tips – extremely rudimentary for some. That’s where you have the opportunity to suggest your own PHP starter tips in the comments stream below. :)
8 Comments
John Grissom
June 30th, 2009
at 6:37pm
Also Dont be afraid to try something PHP will give you the errors and what line they are on and the reason it is throwing the error.
I have found that http://phpfreaks.com/ is a good website (Forum), with very good PHP developers that are there to help you. also dont be afraid to google your errors, there are many web sites out there with people that either have or gotten the same error with a correct way to fix the error.
if you are a beginner with php I recommend grabbing a few books from your local library or book store.
There are many websites on the internet that have wonderful tutorials
http://www.w3schools.com
http://www.tutorialized.com
or you could google for PHP tutorials.
I have been messing with PHP for about 5 years now and still use google or look into books for references when I have problems.
I hope that this could help someone that would like to learn PHP
~John Grissom 3
JV
June 30th, 2009
at 6:44pm
Not a pro, but have done installs manually as well as via XAMPP & WAMP on windows, and the automated installers on Linux (Ubuntu). Definitely good to learn, but can’t emphasize how much better it is to have an automated installer do the job right, and if you need to, uninstall and do it again if (when) you screw up. All other advice is fine, but not very useful for really learning. Get a good book or 3, and if you can, hang with a PHP pro to learn more. Some are actually helpful, tho you’ll find some to be tough on “newbies”, as I’ve learned, so you’ll need thick skin. Google for help and hit forums, like http://groups.google.com/group/alt.php/topics
Most of all, relax and enjoy the wild ride.
Mike Rogers
June 30th, 2009
at 7:04pm
Good article, however I disagree with a few of your points.
I think newbies to PHP should install programmes such as XAMPP and when they are confident, they can move on to the fun of installing PHP and Apache.
Asking help from communities is good, but some “professional coders” use forums incorrectly and end up asking questions in a stupid manor. For example they may not provide problem code or may just try to get someone to do their work for free.
Jim Rubenstein
June 30th, 2009
at 7:26pm
I was surprised to see a post like this on your site Chris..knowing that you’re not exactly of programmer background – having said so yourself. I’m a full time developer, and while most of these tips are very basic, there are two that I’d like to “add more” to.
Firstly, as for detecting if PHP is set up correctly..use the php -i command from the command line, or phpinfo() function on a php file loaded through your web server. This will allow you (the setter-upper) to tell if all the modules you expected to be loaded, are loaded properly. For example, when you load the MySQL extension into php, there will be a section of `php -i` or phpinfo() labeled “mysql” and will show some default server variables for the module, letting you know that the MySQL client library is loaded and available to php.
Secondly, in reference to using “addslashes” and “magic_quotes_gpc.” DON’T! The “addslashes” function is *absolutely not suitable* for sanitizing database input. It does not do anything more than add backslashes before apostrophes in a string, and does not take into account the databases’ character set collation. As for the “magic_quotes_gpc” setting, it is not guaranteed to be ON in all server configurations, in fact, I turn it OFF in EVERY server configuration I do. It causes more headaches than it’s really worth. With PHP, you can use the PDO library to prepare your SQL statements, and sanitize the input in a MUCH MORE secure manner than either of the two methods Andrew mentions.
Finally, I don’t want to come off as a conceited, or look like I’m downing Andrew – I appreciate him trying to contribute to the community, and help new developers out – the community definitely benefits from these sorts of people. So, thank you Andrew for sending chris your tips! Without you sending them, I probably wouldn’t have been prompted to share what I am about to share.
I have a few more methodological type points of advice for new developers.
1. Never, ever trust what a user of your site gives you, ever.
Always error check, and sanitize your field inputs. ESPECIALLY when you are outputting that data on the page, or interacting with a file that exists on your file system. Its TRIVIAL for a user to type in some html in their text box, or “../../../../../../../../../../../../etc/passwd” to access your server password file.
So, a few tips when dealing with those types of fields:
1. If you’re going to output the stuff a user types in, always, always, yes even if you don’t feel like it, call htmlspecialchars on the data, and sanitize it using the *sql functions of php (mysql_real_escape_string, PDO bind param, whatever).
2. If you’re dealing with the name of a physical file, call the function basename on the input (as well as using a regular expression checking for illegal characters in the filename)
On some related notes:
3. If you don’t know what regular expressions are, time for some googling. There are lots of sites offering tutorials and other help with them (regexlib.com comes to mind). Regular expressions are incredibly powerful, and despite what anyone says, absolutely awesome and appropriate when used in moderation.
4. Get in the habit of commenting, and ORGANIZING your code! Nothing is more frustrating than when you come back to a project 3 months after not working with it – and not understanding a lick of what it does! Organization and comments will ALSO help you explain any problems you’re having to another developer (meaning, you’ll get better help – faster). Once you’ve made it a habit, you won’t ever have to worry about it again – because you’ll do it automatically!
5. If you’re unsure, ask for help. Use IRC (efnet, freenode), read blogs, read the comments on php.net documentation pages (they’re astonishingly helpful), stackoverflow.com has some resident php geniuses even.
Finally, remember, the community is only as good as the people inside it. If you come across a real you-know-what, don’t bother fighting, be the bigger person and move on. Someone knows the answer, there is no reason you have to deal with someone who is hurting the community of developers when there are thousands of people willing to help you. You just have to know who to ask.
I hope these tips are useful to someone, thanks for reading them and Good Luck!
James Savage
July 1st, 2009
at 6:49am
Another good tip is always look around when debugging, if you have an error on line 8, be sure you ended line 7 with a ; and user an editor with bracket sense to check that you close all () and {}.
Cal Evans
July 2nd, 2009
at 12:37am
Jim,
Spot on on all of your corrections. I write PHP advice and tutorials for web sites as part of my day job and know all too well that advice posted at a reputable site like this will live on in code for years, whether it’s good advice or not.
Thanks for taking the time to post corrections
=C=
Austin
July 2nd, 2009
at 2:19am
Just take it step-by-step. Just start from scratch with “Hello World!” or take a simple script and mess around with it. Examine the code and look-up each one. Think of why they put it there, why should it be there, why would it be there, and why is it there.
Angela Hayden
August 5th, 2009
at 9:05am
Where’s the “For Dummies” section. I’d love a “one click install everything button”!