In this recent post to Reddit.com, people have been sharing some of the "worst practices" they've seen during their PHP development (or may even be guilty of).
For shits and giggles some colleagues and I are trying to write the crappiest PHP script we can think of, using as many bad practices as we can find. Alas, it's much harder then we thought, because we all have been trained to not do stupid stuff.
Things on the list so far include:
- Multiple class definitions in a single file
- Saving passwords unhashed and unencrypted in a database
- Using a global variable inside a class to get a database connection
- One letter variables
- Pointlessly setting the signup method to being static
- Using GET or POST vars directly from user input
- Mixing HTML and PHP like there's no tomorrow.
- make liberal use of extract() after running 'SELECT *'
- Define a custom exception class for each class and only throw it from that class.
- Make sure your DB connection is a singleton.
- Throw ugly constants everywhere
What are some of the worst things you've seen? Share them here.