I’ve been doing a significant amount of PHP development lately. There were two projects in particular that made me think about PHP best practices.
The first was just a website with a login feature that stopped working when it was moved from one server to another. The problem turned out to be how the query was being assembled to check the users credentials. The query was created by interpolating values into a string. The string, when assembed with PHP on the new server, was malformed SQL.
In PHP, a literal string is terminated by single quotes. It’s pretty straight forward:
$my_string = 'This is my string';
This is best when all you need is a simple string. But, you also have the option of using an interpolated string, which is kind of cool. Note the double quotes instead of single quotes.
$my_name = 'Doug';
$my_string = "My name is $my_name.";
When you use $my_string, it becomes ‘My name is Doug.’ Interpolation is a useful feature, but it can be misused or become confusing. When it comes to SQL queries, using prepared statements are the preferred way. Prepared statements are more secure and can actually perform better.
PHP prepared statements are a little tedious, but not bad. If you’re using MySQL version 4.1.3 or better, it is recommended that you use the mysqli PHP extension. The following is an example of a prepared statement using mysqli.
$handle = new mysqli('server', 'user', 'pword', 'db_name');
$query = $handle->prepare("update table1 set field = ? where ID = ?");
$query->bind_param('si', $variable1,$variable2);
$query->execute();
With the above example, you create a handle to the database server and one of its databases. Then, using the prepare method, you create a string template for your query. The bind_param method’s first argument is a string of characters that indicate what datatype the variables contain. The ‘s’ is for a string and the ‘i’ is for an integer. See? Not so bad!
The second project was a site we setup on our PHP server so we could examine it and add onto it. It turned out that the whole site was built with short tags. Up until now, I don’t think I’ve ever seen a website developed with short tags.
Your “normal” PHP mark up tags look like this:
<?php // some PHP code here. ?>
Short tags look like this:
<? // some PHP code here. ? >
PHP can also be configured to use ASP style tags:
<% // some PHP code here. %>
Now, there’s some conflict online as to where or if short tags should be used or not. One benefit of the short tag is you can output a string into HTML markup more concisely. Like so:
<?= $some_variable ?>
The long form looks like this:
<?php echo $some_variable; ?>
There’s also a concern that the simple ‘<?’ tag can cause issues with using PHP and XML. It is actually quite the hot topic online. However, the primary reason not to use short tags, in my opinion, is that short tag support will not be available in PHP6. Right or wrong, best get into the habit now!
While researching this post, I discovered some really cool things about PHP that I didn’t know. Check out the links below.
http://www.phpvs.net/2008/06/04/ten-php-best-practices-tips-that-will-get-you-a-job/
November 14, 2024
When you think about how Volano Software employees spend their time, you may envision one of our developers in jeans and their favorite gaming t-shirt-wearing headphones working on custom software. Well, that would probably be accurate. However, we also enjoy watching educational videos about workflow on YouTube in our free time. Yeah. We’re predictable. On […]
October 9, 2024
Volano Software further commits to the Omaha community by partnering with NAM to offer custom software solutions to nonprofits in Nebraska and Western Iowa. Omaha, NE, October 2024 — Volano Software, a custom software development company, is proud to announce its partnership with the Nonprofit Association of the Midlands (NAM). This partnership brings Volano Software […]
September 28, 2024
Finding a software solution to solving a business challenge can be overwhelming. We have been helping clients find the best approach for their industry challenges since 2007. The result has always been a solution based on your unique situation for a better workflow. One of the most popular questions we hear is whether to buy […]
August 21, 2024
Fall is nearly here. That means students return to school, parents settle into their routines, and summer vacations are distant memories. It also means that the Volano Summer Internship Program is now a wrap. Our two summer interns, Daniel and Micah have packed up and returned to their Fall Semester of school. Before they left, […]
August 20, 2024
OMAHA, NEBRASKA, Volano Software Company Applications for the Nebraska Innovation Fund (NIF) Prototype Grants are open now for Nebraska-based businesses searching to take their business tech from a napkin sketch to a full-blown prototype. At Volano Software, we are highly familiar with this program. In 2023, we were awarded the matching grant for our software […]
November 27, 2023
Volano Software – ESOP Company Volano Software Company based in Omaha, Nebraska announced recently the employees are now co-owners of the software development company. This transition ushers in continued confidence in the team during a challenging time for employee retention for many other software companies. Volano Software, celebrating its 16th year as of 2023, demonstrates […]