PHP Best Practices PowerPoint Presentation, PPT - DocSlides

Download dstech | 2018-03-13 | General Writing conventions Type safe code Exceptions, being E_STRICT Documentation Security Performance Deployment ID: 649297

PowerPoint PHP Best Practices PowerPoint Presentation, PPT - DocSlides Slideshow

http://academy.telerik.com


  • Views 2835
Download this presentation

PHP Best Practices PowerPoint Presentation, PPT - DocSlides

Click below link (As may be) to download this presentation.

Download Note - The PPT/PDF document "PHP Best Practices PowerPoint Presentat..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentations text content in PHP Best Practices PowerPoint Presentation, PPT - DocSlides

Slide1

PHP Best Practices

Nikolay Kostov

Telerik Corporation

www.telerik.com

Slide2

Summary

Writing conventions

Type safe code

Exceptions, being E_STRICT

Documentation

Security

Performance

Deployment

Slide3

Writing conventions (2)

Can you read and understand your old code? Can others read your code?

Don't invent standards and conventions

Use established styles

Use naming conventions

Example: use

PascalCaseClassNames

Consider converting underscores to slashes when packaging classes:

Spreadsheets_Excel_Writer.php

becomes Spreadsheets/Excel/

Writer.php

Slide4

Writing conventions (2)

Name variables

camelCased

, with first letter lower case

Constants names should be ALL_CAPS_WITH_UNDER_SCOPES

Prefix private methods and properties of classes with an _underscope

Use four spaces instead of tabs to indent the code

Keeps viewing consistent across viewers

Slide5

Type safe coding

PHP is loosely typed

May lead to unexpected results and errors

Be careful when using normal comparison operators

Replace with type-safe where needed

Use type casting and explicit type conversions

Slide6

Short open tags

<?

,

<?=

and

<%

are being deprecated

<?

is XML opening tag

<?=

is complete invalid XML

<%

is ASP style tag

If there is code in more than one language in one file, short open tags may lead to confusion of parsers

Use

<?php

instead

Slide7

Exceptions

Handling exceptions and warnings is cool but dangerousIf exceptions are misused may lead to more problems that solveUse only when really neededExceptions may leak memoryThe memory, allocated for the for-loop does not get freed

for ($

i

= 10000; $

i

> 0; $

i

–-)

throw new Exception ('I Leak Memory!');

Slide8

Being E_STRICT

A lot of functions are being deprecatedIn PHP 5 using certain functions will raise E_STRICT errorIn PHP 6 those will become E_FATALExample:Function is_a is deprecatedUse instanceof instead

if (is_a($obj, 'FooClass')) $obj->foo();

if ($

obj

instanceof

'

FooClass

')) $

obj

->foo();

Slide9

Source Documentation

phpDocumentor tags are similar to Javadoc

Standard for generating documentation

Describes functions and classes, parameters and return values

Tools use them to generate code-completion, technical documentation and others

Slide10

Source Documentation

Example of phpDocumentor tagsFollow to next page

/**

*

MyClass

description

*

* @category

MyClasses

* @package

MyBaseClasses

* @copyright

Copyright

© 2008

LockSoft

* @license GPL

**/

class

MyClass

extends

BaseClass

{

Slide11

Source Documentation

/*

* Easily return the value 1

*

* Call this function with whatever

* parameters you want – it will

* always return 1

*

* @

param

string $name The name parameter

* @return

int

The return value

** /

protected foo ($name) {

return 1;

}

}

Slide12

Source Documentation

Example how Zend utilizes the tags at runtime

Slide13

Source Documentation

Tools can generate sophisticated documentation based on the tags

Slide14

Security

Never use variables that may not be initializedNever trust the user inputAlways be careful about the content of $_POST, $_GET, $_COOKIEUse white list of possible values

if (valid($_POST['user'], $_POST['pass'])) $login = true;if ($login) …

<form action="<?=$_GET['page']"> …

require $_GET['action'].'.

php

';

Slide15

Security

Always hide errors and any output that may contain system information

Knowledge about paths and extensions may make it easier to exploit the system

Never leave

phpinfo()

calls

Turn off

display_errors

on deployment server

Turn off

expose_php

Slide16

Security

Check file access rights

No writeable and executable files should be kept in the web root

No writeable PHP files

Disallow access to files that contain configuration on a file system level

Never give permission to OS accounts that do not need access

Slide17

Security

Always check for and turn off magic quotes

Use

add_slashes

and other escaping functions

Pay special attention to user input that goes into SQL statements

Consider using prepared statements

Always check for and turn off

register_globals

Slide18

Performance

PHP internal function are much faster than user functions

Because they are inbuilt and coded in C

Read the manual and check if you reinvent the wheel

If you have slow functions, consider writing them in C and adding them as extensions to PHP

Slide19

Performance

Simple optimizations save a lot timeUse echo with multiple parameters instead of multiple calls or concatenationOptimize loops

echo 'Hello', $world;

for ($

i

= 0; $

i

< count($

arr

); $

i

++)

for ($

i

= 0, $n = count($

arr

); $

i

<$n; ++$

i

)

Slide20

Performance

Keep objects and classes in limit

PHP 5 adds cool OO features

Each object consumes a lot memory

Method call and property access take twice more time than calling function and accessing variable

Do not implement classes for everything, consider using arrays

Don't split the methods too much

Slide21

Performance

Most content is static content

Always check your site with tools like YSlow and IBM Page Detailer

Apply caching for all the static content

Use

Last-Modified

for database content with the date of the record last update

Consider using PHP optimizers

Compiles the code and uses it instead, until source file changes

Slide22

Performance

Use

mod_gzip

when you can afford it

Consumes a lot CPU, because it compresses the data on the fly

Saves up to 80% data transfer

Be careful – some browsers may have issues if some file formats are delivered with

gzip

compression

Example: Internet Explorer 6 and PDF

Slide23

Performance

Think about every regular expression – do you need it?

Takes a lot of time because of the back tracking

Use only when necessary

Check if it can be optimized with possessive operators and non-capturing groups

If the expression is simple, use

ereg

, instead of

preg

Slide24

Design Patters

Always check what is out there

PEAR, Zend Framework and others are proven

Issues have been cleared

Object Oriented, slower

Use standard architectures like MVC

Strip the database abstraction layer and object from the core logic and the view (the HTML files)

Slide25

Deployment

NEVER

edit files on a production server, live site or system

Use source repositories with versions and deployment tags

When developing, use development server

Must match the production one

Even better – get a staging server that mimics the deployment environment

Deploy there for testers

Slide26

Deployment

Never override files on the server

Use symlinls, create a separate directory with the new files, link to it

Never manually interact with the server

Write a script that deploys the files without human interaction

Always run a second test on the deployed project

Slide27

PHP Best Practices

Questions?

?

?

?

?

?

?

?

?

?

?

http://academy.telerik.com

Next Slides

Best Practices page  of  How to Become a LEED Accredited Professional Contributed by the AIA Knowledge Resources staf f June  The AIA collects and disseminates Best Practices as a servic e to AIA mem

Best practices page of how to become a leed accredited pro

The Fair Debt Collection Practices Act is a federal statute that curtails unfair abusive or outrageous practices and tactics by collection agencies

The fair debt collection practices act is a federal statute

An Oracle Best Practice Guide March  Best Practices for Chat Deployments  Best Practices for Chat Deployments Introduction

An oracle best practice guide march best practices for chat

Investor Bulletin e Foreign Corrupt Practices Act Prohibition of the Payment of Bribes to Foreign Ocials The Foreign Corrupt Practices Act FCPA gener ally prohibits the bribing of foreign ocials

Investor bulletin e foreign corrupt practices act prohibitio

Best Practices for Rich Media Ads in Asynchronous Ad Environments Released October  IAB Best Practices for Rich Media Ad s in Asynchronous Ad Environments   Interactive Advertising Bureau    These Bes

Best practices for rich media ads in asynchronous ad environ

Fair Debt Collection Practices Act Background The Fair Debt Collection Practices Act FDCP A  USC  et seq

Fair debt collection practices act background the fair debt

Okorie African Widowhood Practices 79 AFRICAN WIDOWHOOD PRACTICES: THE

Okorie african widowhood practices 79 african widowhood prac

FINANCIAL STABILITY FORUM FSF Principles for Sound Compensation Practices  April   FINANCIAL STABILITY FORUM FSF Principles for Sound Compensation Practices Table of Contents Introduction

Financial stability forum fsf principles for sound compensat

Best practices from  r eal

Best practices from r eal

Best Practices

Best practices

Recommended
By Jeanne Acton, UIL &amp; ILPC Journalism Director
  • 16

By Jeanne Acton, UIL & ILPC Journalism Director

The Martyrdom of  Nadezhda
  • 18

The Martyrdom of Nadezhda

The Martyrdom of the Prophet Joseph Smith
  • 12

The Martyrdom of the Prophet Joseph Smith

The basics of web programming
  • 1700

The basics of web programming

St. MARCIANUS &amp; MERCURIUS
  • 23

St. MARCIANUS & MERCURIUS

Reading  â  Please ensure that you spend the equivalent of
  • 18

Reading – Please ensure that you spend the equivalent of

Welcome  to The  Dahlicious
  • 18

Welcome to The Dahlicious

Marxism Understanding the Times chapter 5
  • 22

Marxism Understanding the Times chapter 5

BYFO Mascot Handbook 2017
  • 21

BYFO Mascot Handbook 2017

Report this Document.