神刀安全网

The PHP Community Needs Help

The issue that I currently have with being a PHP developer is in the community aspect. The core of the PHP community is filled with plenty of amazing, talented people who create some of the best, most unique web applications today!

However, the majority of the community is built up of very vocal people who don’t know what they are doing and beginners. Those who don’t what they’re doing seem to be the ones writing tutorials, articles, and posts designed to help people learn the language. In reality, these people do not know what they are talking about.

Why is W3Schools Still Around?

Just having this site as the top search result for major search engines is an issue in itself when you are looking to learn PHP and/or trying to reference the official manual. I’d rather see more accurate, up-to-date information as a top search result than information that is over two years old.

This drives me insane when I am teaching someone PHP and they link the reference code and documentation from W3Schools instead of the PHP manual. To me, it proves that people do not know what they are doing. Besides that site, people are just offering bad advice and deprecated coding techniques and ideas. People are still using MySQL functions in their tutorials and articles!

Database Access and Tutorials

I understand at one time that MySQL functions were used in coding in PHP. But honestly, they are not recommended at all. They also have the need to be replaced by PDO and MySQLI which give:

  • Prepared statements
  • Encryption with SSL
  • Compression
  • Transactions
  • Works with MSSQL, PostgreSQL, SQLite, etc.

What Are We Seeing in Search Results?

Deprecated tutorials that are totally and morally wrong. I am still seeing tutorials which are over ten years old for PHP database connections.

Sadly, we are not seeing properly designed tutorials to explain why to use PDO, how to connect to it with spaghetti code or class design. We see half-finished tutorials that say throw this and this together for a database connection and query information from the database. Even then, most of the time, it doesn’t even work in an actual test environment.

Let me point out that a lot of this issue stems from   tutorial writers just being half-assed. They don’t even mention error handling or throwing exceptions correctly. Even then, they are explaining how things are done in a development environment over a production environment. Giving out database details is morally wrong and leads to having your code exploitable and hackable.

Where are all of the good tutorials to explain database handling with handling errors and throwing exceptions correctly? If we had these, then the security of PHP would increase tenfold and allow developers to feel confident that their code is not exploitable. It is possible to do things right the first time around if something is explained well.

Building a Framework, MVC, or CMS With PHP

There are actually a few good articles on how to design the three of these around on the web if you are willing to look for them… but you have to look pretty hard.

The bare-bone basics just aren’t good enough a providing a full understanding of what one is getting themselves into when they are starting a project like this or learning how these are designed. There is way more to it than just throwing a few classes together, calling functions here and there, and building a blogging platform.

When building a production-based (also known as a live site) web application, you have to consider the three most important things when it comes to serving people on the web.

  1. Security : One needs to make sure that their code is as secure possible and exploitation free. Validate input, trust nobody, and try to be one step ahead of those who wants to exploit websites.
  2. Performance Driven : Code needs to operate and load extremely fast. I try to keep all queries for loading information from a database in a web application at 10 queries or under. The better the code performs, the better off the web application is going to be.
  3. Web Design : I am horrible at this, but I stick to what I know. I tend to use Bootstrap for my web design with a few general color changes, making it mobile-ready. This web design framework is a win-win for everyone from a mobile phone user to those on the desktop.

Good Resources for PHP

I have managed to find some good tutorials for helping people do PHP the right way . These tutorials, resources, and articles show several ways to get started in PHP from Database Access to building an MVC framework for a web application.

  1. Roll your own PDO PHP Class

  2. Programming your own PHP framework

  3. PHP: The Right Way

There is even one more way to learn how to code in PHP. It may work for some people or it may not, it just depends on the individual. You just need to take a look at different web applications— XenForo, WordPress, IP.Board, and many others—to see how they were built. They should give you a really good idea of how to structure your files/folders, how to do an MVC design, and how to handle database, member accounts, and other common features found in web applications.

How to Solve These Issues?

The community is large enough to make a site dedicated to spreading accurate information, tutorials, and updating these regularly… like a wiki but with better information and input into how to connect to a database, query information, designing a framework, and much more.

When I teach people PHP, I try to give the most accurate, up-to-date information as possible for them to design their simple content management systems, forum, or blogging software so that it’s secure, performance driven, and visually pleasing.

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » The PHP Community Needs Help

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址