As opposed to best practices, we may as well take this as a collection of worst practices of PHP programming.
I have been a PHP coder for 1 and a half years. Not an expert myself, but I learn as much as I can and try to code to the highest standard possible. Below are some worst practices I absolutely vote against. If you are ever going to learn PHP or just starting as a PHP novice, taking my advice would make you feel a lot better in the days to come.
What you shouldn’t do in PHP:
- Relying on register_globals or too many global variables across the application or using global $xxx too much in function definitions.
- Using double quotes instead of single quotes for plain strings that don’t have anything inside to be evaluated such as variables.
- Using whatever the user inputs without checking for malicious attempts or never validating user provided data before using it.
- Mixing HTML, PHP and SQL in a total mess that you can’t tell the logic from the presentation.
- Suppressing errors by @ without using isset() in a conditional logic to check resource availability first.
- Using a resource without first checking its availability.
- Suppressing errors with error_reporting(0) in development. Actually even in production phase, it’s highly frowned upon.
- Falling in love with eval().
- Using <? … ?> instead of <?php … ?> just for convenience.
- Copying redundant logic (code) here and there which basically does the same thing.
That’s all for me. So if you are a PHP developer, what’s the worst practice in your opinion?