News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Basic TDD in Your New PHP Package
January 28, 2015 @ 12:27:17

The SitePoint PHP blog continues their "How to Build Your Own PHP Package" series with their latest post (part two of the series) covering the use of test-driven development while working on the package code.

In part 1, we set up our development environment, baked in some rules as inherited from The League, and created two sample but useless classes - Diffbot and DiffbotException. In this part, we'll get started with Test Driven Development.

He starts by briefly introducing PHPUnit, a PHP-based unit testing tool, and how to use it to generate the HTML version of the code coverage report. He helps you define a good phpunit.xml configuration file and how to execute a first sample test (code provided) from inside PHPStorm. From there he adds one some more complex testing of exception handling and checking the class types. With this foundation, he moves into the test-driven development (TDD) practices. TDD means writing the tests before writing the code to make those tests pass. He gives an example of this and shows how test abstract classes too. He then comes back around and writes the code to satisfy the test.

0 comments voice your opinion now!
tdd package bestpractice unittest testdriven development tutorial

Link: http://www.sitepoint.com/basic-tdd-new-php-package/

SitePoint PHP Blog:
PHP Tips, Resources and Best Practices for 2015
January 05, 2015 @ 09:59:18

The SitePoint PHP blog has shared a list of their suggestions of the best tips, resources and best practices for 2015. This includes tips about your environments, tools and techniques you can use to improve your everyday work.

PHP has had many reputations over the years, but being insecure as a language never really was one of them. The core team, all its faults notwithstanding, is rather quick in pouncing on all security matters, and updating PHP to the latest version will often allay all worries. But the end users, such as we are, tend to mess things up. We don't update, we use outdated packages or packages with holes in them we're not aware of, we use ancient extensions… we expose ourselves to risk in some truly creative ways.

Some of the things mentioned include:

  • Keeping your PHP up to date
  • Adopt HTTPS
  • Secure your PHP
  • Stay on the Right Way
  • Avoid Bad Packages
  • Dodge common mistakes
  • Use Virtualization

Each section comes with a description and plenty of links to point you in a good direction and get you started off right for 2015.

0 comments voice your opinion now!
bestpractice tips resources list 2015 tools

Link: http://www.sitepoint.com/php-tips-resources-best-practices-2015/

VitalFlux.com:
Top 10 PHP Code Review Tips
September 10, 2014 @ 11:15:31

On the VitalFlux site there's a recent post sharing a few tips (a Top 10 list) of things to think about when doing code reviews.

This article represents top 10 areas to consider while you are taking up the task to do the code review of a PHP project. The other day, I had a discussion with one of the PHP senior developers who asked me about where to start on the task related with reviewing a PHP web application and, we brainstormed and came up with the list. Interestingly, apart from few, most of them can be pretty much applied to applications written with other programming languages as well.

Their top ten list of things to look for during code reviews extend beyond just the syntax of the code and good coding practices. They also suggest things like:

  • Adherence to Business Functionality
  • Object-Oriented Principles
  • Security
  • Integration Patterns/Protocols

Code reviews, if done effectively and efficiently, can be a major benefit for producing quality code that not only adheres to standards but also follows good practices and principles (like SOLID).

0 comments voice your opinion now!
code review tips top10 list syntax bestpractice business

Link: http://vitalflux.com/top-10-php-code-review-tips/

Wojciech Sznapka:
Type Hinting is important
June 12, 2014 @ 09:41:51

In his latest post Wojciech Sznapka reminds us that type hinting is important in your PHP applications and can help provide more structure and better overall code practices.

One of my favorite PHP interview questions, is: what is Type Hinting and why it's important? Putting definition in one sentence, Type Hinting is a way to define type of parameter in function signature and it's a sine qua non to leverage polymorphism. [...] So given the fact, that Type Hinting is optional and we don't need to specify types of parameters passed to the method - why bother? Answer is easy: well prepared method signatures defines your model and are part of the "contract" that your code reveals to its consumers. It also prevents many silly errors and keeps codebase clean and coherent.

He talks about the best practices on using type hinting including where to put them (in an interface or base class or child class?) and some of the pros and cons of each. He also points out that some practices around type hinting, like overriding the hint and calling the method with unexpected/variable input, should be avoided (see the L in SOLID).

0 comments voice your opinion now!
typehint importance bestpractice liskov substitution principle solid

Link: http://blog.sznapka.pl/type-hinting-is-important

SitePoint.com:
Best Practice for Code Examples
August 14, 2013 @ 10:29:55

If you've ever thought about including code examples in your (blog/site/etc) posts and were wondering how to least frustrate your site's visitors, check out these suggestions from one of SitePoint's UX authors, James Edwards.

The majority of articles about web development include code examples, and across the web we see great variation in how they're formatted and presented. But a lot of them are not very good - because the code is badly formatted, hard to read, or can't be copied-and-pasted without unwanted junk. So in this article I'd like to take a hard look at code examples, to investigate the common problems they have, and try to establish some best practice for how they should be done.

He talks first about the whole point of including code examples in a post and five basic principles for what they should be like:

  • Code examples should use good semantic markup.
  • Tabs in code should not be converted to spaces.
  • Code should have basic syntax highlighting.
  • Code examples can have horizontal scrolling, but shouldn't have vertical scrolling.
  • Code examples should have line numbers, which are not included in text selection.

There's some examples of code markup included as well as some CSS rules you can drop in to help follow his suggestions.

0 comments voice your opinion now!
bestpractice code sample ux example

Link: http://www.sitepoint.com/best-practice-for-code-examples

Phil Sturgeon:
Building a Decent API
July 16, 2013 @ 09:32:46

Phil Sturgeon has posted a set of best practices he follows when building out new APIs. It covers a wide range of topics at a high level, but it's a good checklist to get you started.

PHP developers are increasingly moving over to API development, as are a lot of server-side developers. It's a trend thats been happening for the last few years and it's getting to the point where everyone and their dog are putting articles showing off how to build "awesome" API's. Unfortunately most of these are either woefully inadequate or are promoting bad practices.

His recommendations include:

  • Use the URI sparingly, and correctly
  • Resources are EVERYTHING
  • Authentication
  • Background all the things
  • Version your API like an adult

Each item in his list has some points to back it up and provide a bit more detail on what it's all about.

0 comments voice your opinion now!
api development recommendations list bestpractice

Link: http://philsturgeon.co.uk/blog/2013/07/building-a-decent-api

NetTuts.com:
How to Write Testable and Maintainable Code in PHP
May 16, 2013 @ 11:53:18

NetTuts.com has a new tutorial posted suggesting a few ways you can make testable and maintainable code in PHP applications.

Frameworks provide a tool for rapid application development, but often accrue technical debt as rapidly as they allow you to create functionality. Technical debt is created when maintainability isn't a purposeful focus of the developer. Future changes and debugging become costly, due to a lack of unit testing and structure. Here's how to begin structuring your code to achieve testability and maintainability - and save you time.

There's a few concepts they cover in the tutorial including DRY (don't repeat yourself), working with dependency injection and actually writing the tests with PHPUnit. They start with a bit of code that needs some work and use the tests to help refactor it into something that can be easily mocked (using Mockery).

0 comments voice your opinion now!
testable maintainable code tutorial bestpractice mock object

Link: http://net.tutsplus.com/tutorials/php/how-to-write-testable-and-maintainable-code-in-php

Reddit.com:
Login Security (Best Practices Recommendations)
August 14, 2012 @ 12:20:08

On Reddit.com there's a good conversation going on in the PHP category about login security and best practices surrounding it.

So I was handed an ancient project which was up to me to fix / improve. About a week later I am about done but there is 1 thing I left...Login security. As it is now, it's just md5(password) that's saved in the database. Better then nothing, but far from good enough. My plan was to have a constant pepper in the class which handles the logins, then do something like crypt(pepper . $password) to store it, since that should generate a random salt and is slower then sha1 / md5 / etc. I feel this should be save enough, do any of you have any ideas on how to improve it (without non-standard extensions)?

There's lots of comments so far and a lot of them are following along the same lines - use a better method of encryption, something like crypt with Blowfish or something similar as well as some hashing (like HMAC).

0 comments voice your opinion now!
security password hash encrypt bestpractice discussion


PHPMaster.com:
PHPMaster Security Roundup
July 18, 2012 @ 09:22:07

Security has become more of a hot topic in the PHP community recently and PHPMaster.com has pulled together a list of resources you can read up on to get some great ideas for securing your application.

The unfortunate truth of the matter is there's no excuse for [the LinkedIn, Yahoo!, eHarmony and Last.fm] leaks; they would not have been possible if simple, well-known security precautions were taken. Are you protecting yourself and your applications by guarding against SQL-injection attacks? Are you filtering and validating user input? Are you properly hashing user passwords? I hope so! If not, read some of the security-focused articles PHPMaster has published throughout the past year and apply these best practices to your code today!

Articles in their list include:

Check out the rest of the post for links to other great articles.

0 comments voice your opinion now!
security list article resource bestpractice


Jonas Hovgaard's Blog:
How I stopped writing awesome code
June 14, 2012 @ 11:55:21

In this recent post to his blog Jonas Hovgaard talks about how he "stopped writing awesome code" by dropping a few things from his usual development practices - like unit tests and interfaces.

If writing awesome code is using all the best practices I can find, writing interfaces, unit tests and using top notch IoC containers to control my repositories and services all over my application's different layers - Then I'm not writing awesome code at all! I've been that guy, the one writing the awesome code, but I stopped. I'm not awesome any more. Instead, I'm productive, I'm so damn productive!

He talks about how not writing unit tests (which "customers don't care about") gave him extra time to work on other code and how not using things like interfaces, ORMs and how he follows DRY, but only so far.

My personal result of doing all of this is productivity and better products. I can't tell if I did it all wrong, and that's why I'm writing better code now, but I truly believe that I'm not alone. In fact I think that most of us regular web developers, tend to do the same "mistakes" as I did.

The post has turned into flame bait and has pulled in lots of comments discussing his decisions and other sympathetic souls that feel the same way he does about some of the complexity of the "best practices" promoted in development today.

0 comments voice your opinion now!
opinion development practices bestpractice unittest interface orm dry



Community Events

Don't see your event here?
Let us know!


extension community development series api library introduction version podcast unittest php7 opinion framework language laravel security laravel5 voicesoftheelephpant release interview

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework