Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I've been developing in PHP for about 8 years as a hobby. In 2009, I picked up codeigniter and since then I've not managed to get a single project developed.
I find it slows me down trying to work out how to modify it to work the way I want, when if I was working in pure PHP, I'd know, or I'd be able to quickly find a snippet for.
I've tried CodeIgniter, Kohana and Symfony. I love the ease of use (and I've also started using doctrine as an ORM which massively sped up my database work), but I find projects are taking me 3-4 times the amount of time it took in pure PHP. I get bored and frustrated when I can't find a solution to a problem I've previously solved in pure PHP.
Has anyone gone back from using frameworks to a no-framework approach. Is there anything like a basic security framework (prevent XSS, filter posted data, provide a cleaning function for use with databases)? I think something like that would benefit me much more than a full scale framework. I think learning to work with frameworks has taught me a lot, but I'd be happier working with my own code.
Current versions of PHP5 include much of the security framework you're looking for as part of the standard library.
Use filter_input_array to declaratively sanitize stuff coming in from the outside.
Access your database via PDO with parameterized SQL to prevent SQL injection attacks.
Use the following PHP settings to make your site more resistant to session fixation and cookie theft:
session.use_only_cookies (Prevents your session token from leaking into the URL)
session.cookie_httponly or the httponly attribute to session_set_cookie_params() (Protects against scripts reading the session cookie in compatible browsers)
More suggestions and PHP example code available on Wikipedia.
You can also use the httponly attribute with setcookie().
Nothing fancier than basic templating and header-setting is required for new HTTP and HTML5 features:
HTTP Strict Transport Security (Helps protect against WiFi exploits.)
X-Frame-Options (Restrict embedding of your pages. Good against phishing.)
HTML5 IFrame Sandbox Attribute (Sandbox 3rd-party ads/badges/videos. Already in WebKit. Likely to be at least partially implemented in Firefox 11.)
Content Security Policy (Firefox 4's new security framework, complimentary to the sandbox attribute. Now also being implemented in Chrome.)
If you're accepting HTML as input, I recommend grabbing HTML Purifier and calling it via a FILTER_CALLBACK line in your filter_input_array setup. Its whitelist-based approach to input security makes a great (and very powerful) first line of defense against XSS.
As far as I can tell, PHP doesn't come with a mechanism for protecting against cross-site request forgery, but I'm sure Google can help you with that one. The OWASP Security Cheatsheets include a section on it if you want to implement your own protection.
Out of curiosity, I decided to also start looking at standalone components and here's what I've found so far:
Templating:
PHP Template Inheritance (Regular PHP plus template inheritance)
TWIG (Django/Jinja2/Liquid-style syntax including autoescape and sandboxing. Compiles to cached PHP for speed.)
Dwoo (A faster, more featureful, PHP5-ish successor to Smarty. Includes a compatibility system for existing Smarty templates.)
Stuff I still haven't looked into properly:
Route dispatching (Only found RouteMap and Net_URL_Mapper so far. Thanks, cweiske.)
ORM (Just in case bare PDO isn't your thing)
I don't believe in frameworks... I have worked in many of them.
Reasons for hating MVC frameworks:
1) Code bloat, I purchase premium classes that assist me in development. Such as form classes or SQL classes.
2) I believe that MVC frameworks are not easily portable especially when using dependency managers.
3) I believe that you actually write more code with a MVC framework then if you had to use a boilerplate with a ton of useful classes that handle authentication etc.
4) Most frameworks also cater for just one or two databases natively.
I would suggest finding a form framework with authentication and text editor & a sql framework like madoo + a email class...
90% of your application is always forms , sql & ajax CLASSES - the rest can just be acquired when needed
I am a minimalist and I struggle with the idea of having code in my application that is not doing anything ... just in case I need it does not work for me.
With that much experience behind you, you must have your own set of favorite libraries, hand pick them and come up with your own simple framework. Framework or no framework (and which one at that) depends on the kind of project at hand, no glove fits all. So i would strongly suggest that if you feel that the existing frameworks are slowing you down, spend sometime and come up with a framework which works as per your needs.
Based on your statement that you've been using PHP as a hobby, as well as your profile statement "Slowly getting there", this seems like a learning curve issue. You don't appear to have the depth and breadth of experience to a) understand how to work within the structure that the framework imposes and b) you are thus unable to benefit from the efficiencies that the framework enables.
I urge you to stick with it. Go back to the beginning with the video tutorials. Find and read other peoples code until you understand it. Build your projects from the bottom up - start simply, and add functionality. Follow the forums, trying to answer questions yourself before reading replies.
I've been programming professionally for almost 20 years, across a variety of platforms, and it still took me a while to become comfortable with CI. But now that I am, I wouldn't go back to pure PHP (for my own projects) unless I had a site of sufficient scale that it exposed quantifiable performance issues (think Twitter).
Zend Framework is really super for that. You can use as much or as little as you want. Its all coded in php and open sourced so you can just hack at it and make it your own. The different component are not dependant on eachothers as much as in other frameworks.
You could build yourself a simple framework using some components from Zend without any problems.
Check it out!
I Know exactly the way you feel. I started 4~5 years ago in PHP (I came from Delphi, lol), and started in pure php. What I had back them was a "CMS Panel like" wich just read all tables fields and create the form. After sometime I reached somehow in the knowledge of PHP Frameworks, I tried CakePHP for first and didn't liked, after, got into Yii wich in my opinion is pretty intuitive and easy-use (With it's Gii generator it rocks pretty much). I Tried Symfony, ZF2, Laravel, Yii2-Beta and some frameworks for RAD, but still I wasn't feeling fast enough like before the frameworks.
Happened that I developed my own framework (It was naturally, not exactly that I woke up some day and said "I'm going to create a new framework", happened with the time) . I Know it's a bad bad bad practice and "wheel reinvention" move, BUT, I now develop my projects much faster (more than PHP only).
Since it's code is a total MESS, I started about one month ago to reformulating my framework, now it uses composer, follows common rules that exists between the php frameworks, is MVC.
Why I'm reformulating ? Because if someone needs to repair a project of mine it will not be a another world thing.
So I Understand you.
My Advice is, prepare your tools (call it a framework, a preset-app or whatever people names it), and use it the way you feel better, but still follow some common rules (Like MVC, "easy to module" things wich you can replace in case of broken.
For basic security, I use a custom filter method that wraps up my superglobals. Its syntax needs some getting used to, but is simpler than the PHP filter_var() API and doesn't let you slip sanitization:
$_GET->text("inputvar") or $_POST->name["field"]
It also allowed inline $_REQUEST->sql() escaping. But for database work keep using parameterized SQL, or your DAL/ORM of choice.
I did a one day study of ToroPHP and found it quite nice. It is a minimalist framework targetted to RESTful applications. This makes it possible to keep the server side code modular, without having to deal with bloat of any framework.
I don't know what is troubling you but codeigniter is a great framework.It has nice documentation and since lots of people use codeigniter you will find all the help in its documentation,or forum or on stackoverflow.I have worked on many frameworks (Codeigniter,CakePHP,Zend,Spring 3.0, Ruby on Rails),but I must say codeigniter has the best documentation.There are lot of things in codeigiter which are automatically handled and you don't have to worry about security.
Working on core PHP is like re-inventing the wheel. Well the most important thing is that moving from a core to framework will need lots of your effort once you are used to it, you will start loving it.Also Ruby on rails is also a great framework once you know its ins and outs you can have double speed.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I intend to develop a Content Management System (CMS) like shown in the figure below;
Figure: Intended CMS design
Is it possible to completely develop it using PHP's standard library?
Do I need to use a PHP web framework? If so, why and what framework is ideal?
I hope to use MySQL as backend.
I hope to use below technologies as front end;
HTML5 and CSS3 - hard code by myself (Is there any framework or something make it easy? I heard something lesscss.org)
jQuery - to make HTML elements functional
Ajax - to avoid page refreshing
Bootstrap - to make my CMS responsive
Are there any technologies I do use, or any suggestions?
I prefer to improve my HTML, CSS, PHP and other technologies by learning and hard coding. So I hope not to use CMS like
joomla, WordPress, etc. Am I right?
Please note: I've already searched Google extensively before I put my questions here. But I am unable to confirm what I do next. Your comments are appreciated.
Your questions really look well researched and I think everybody with the intention of building a custom-made CMS has come to this point where they ask themselves these fundamental questions (in other words: good questions!). Now to some answers:
1) Yes it is possible.
2) Although building a CMS in pure, native, hard-coded PHP is possible, I wouldn't recommend it for production. You could do it, and you would largely profit from the experience, but there are many little problems (like Routing / User-Management / Authentication / Communicating with Database / Form-Building (like in your screenshot) / etc.) that are already solved by a good Framework.
Also as you are a beginner, you are naturally overwhelmed by the problems and decisions you have to solve/make. This is also a good point why a framework would be a good starter. Although some solutions are sometimes a little too opinionated, they still give you a good structure to start with and most of the times follow best practices of our industry.
Which framework is the most ideal for your project, you'll have to decide on your own, based on your requirements, but some common ones are:
Symfony (probably the most known and most used php-framework, but also very abstract / I would recommend this on a really big project, where you work in a team and you are aiming for flexible maintainability)
Laravel (excerpt from their website: An amazing ORM, painless routing, powerful queue library, and simple authentication give you the tools you need for modern, maintainable PHP.)
Silex (the little brother of Symfony, info from their website: Silex is a PHP microframework for PHP. It is built on the shoulders of Symfony2 and Pimple and also inspired by sinatra.)
FatFreeFramework (from their website: A powerful yet easy-to-use PHP micro-framework designed to help you build dynamic and robust web applications - fast!)
As I used Silex myself many times and also when I began with best-practice PHP, I recommend to start with it, if you decide to write your own CMS. I pretty fast did some Management-CMS similar to your screenshot with it (with their Form-Builder) and was happy with the result.
3) Again this is up to you. For the backend you will probably use MySQL anyway, if you just need a database. In the frontend using HTML5/CSS you could try jQuery and Bootstrap (and then here their less or sass implementation).
If you really don't have too much logic for your JavaScript, you could also try to just use native JS, without jQuery. This way you will also learn more about the language and have less vendor-dependencies the user has to download.
4) If you are really up to learning a lot, then yes, you should probably hand-code everything yourself. This way you also have total control of what code gets delivered to your user. That's a problem with most common CMS: they pollute your code through some other plugins or something and you quickly loose control over your output.
But if you need to be fast there are also CMS that address this issue by giving you total control over your output and giving you creative freedom, like MODX does.
In the end it is up to you and especially the needs of your project. If it's a simple website and you conveniently want to edit the content and also have some starter-help, then I recommend to use a CMS.
If you really want to learn about all this stuff and you have some special needs, then go on and code your custom-coded application. In any way: good luck! :)
I'm a beginner php developer who is trying to build a social network for my school students. Knowing that the school has over 1000 students who are already active, I must have a plan of expanding / scale the code that I write.
Earlier it was just the LAMP Stack, now the modern web development is way more than that as I see, I'm truly kind of lost in what technologies to use and how to incorporate them to build a scalable app. I'm hoping to divide this application into 3 layers.
Application layer (phalcon,reddis,apache,php)[mvc api centric]
Database layer(mysql)
UI layer - (html/css/js/)
This is where i need help, is this design approach good for a scalable app ? where can i improve ? any explanations, links for further reading will be a highly appreciated.
Welcome to SO. I cannot think of a particular reference guide to direct you to (although the PHP manual is a good place if you end up stuck with how to do something specific). I would suggest reading a bit of several results when you search "Getting started with MVC in PHP" and noting what they agree on. That said, take a look at what I say below (and then ignore it as much as you please ;) ).
Firstly, you are wiser than many in sorting out a scalable design before launching into the project...
I'm excited to see Phalcon in your list there already. However, as DevDonkey suggested, start with something simpler first (Phalcon is very powerful but to really get to grips with it you need a good grasp of PHP, particularly object-orientated programming).
If you are completely new to PHP...
... try building a small app (products table, view/add/edit/delete functionality) and learn the beginnings of the language that way, as this answer suggests. Things will go wrong and you'll discover lots of headaches when you want to change one feature and it affects everything else but that will help you to understand the importance of...
MVC design
From your question I can see you have at least heard of this. This is really where the layers of your application lie:
Model - interactions with the database (retrieving/editing data) are handled through this. So you could have a MYSQL database and then your models provide a nice interface to interact with the data (generally you have one model for each table).
View - this is the last layer, what the user sees. So you will make use of your html/css/js knowledge here. On this topic, unless you really want to do your own css consider using a CSS Framework such as Bootstrap. It will really help speed up making your site look good and there are loads of free templates out there to use with it.
Controller - this is the application logic. The controllers request/manipulate data through the models and then decide what to send to the views for rendering.
Use a framework?
Using a good framework can make your application more reliable and quicker to build. But using a framework without understanding it will be frustrating, slow and possibly result in worse code than if you didn't use one to begin with (as you employ hacks to get around the pieces of the framework you don't understand). My current favourite is Phalcon but as a relative beginner to PHP I would suggest something more like CakePHP although both Laravel and Symfony are also popular.
Summary
Start small, learn, test ideas out and then build up to a bigger project.
Get comfortable using PHP (including OOP style) before using a framework.
Use an MVC framework
The layers you laid out in your question are good, but I would split it slightly differently (considering that MVC is the 3 layers)
Application Layer - controllers, written in PHP, handles logic/manipulation, often the biggest layer
Database Layer - models, written in PHP, you will also need a database which could be in your favourite database language - MySQL ;)
UI Layer - views, possibly written in PHP (depending on the framework) but also HTML, CSS and JS as well as well as a templating language if you wish (e.g. Twig or Volt), essentially a way to make the response from the controller nice for a human
First Project (for CakePHP)
This blog tutorial is a good place to start if you decide to use CakePHP.
Getting started with Phalcon
Phalcon is more powerful/verstile, but to get started with it I feel you have to be a better PHP developer than you do to get started with something like CakePHP. Take your time to understand each new concept with Phalcon, particularly Dependency Injection.
Even having used CakePHP for the past 2 years and being familiar with MVC patterns and PHP, I still worked my way through all 7 of the tutorials in Phalcon.
Having said this, my favourite thing about Phalcon is that it is highly decoupled - so it is fairly easy (after a while) to replace bits of it with your own extensions if it doesn't quite do what you want.
Note about Phalcon: It is not as popular as many other frameworks (although popularity is growing) and so you may have to spend some time digging around when you get stuck. However, the docs are improving all the time and the forum is very active. Unfortunately the number answering questions about it on StackOverflow is still small compared to many other frameworks.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
Discussed this with a developer as I suggested to use CodeIgniter framework over standard PHP.
Their response was as follows:
Advantages of Code Igniter include standardised MVC structure.
Disadvantages include the fact that you need the whole framework even if you dont need to use it all and also a bit slower for the team to roll out the project. Advantages of our normal Custom PHP framework - fast to develop and totally flexible, only need the code that is relevant.
Would you agree with their response and why?
I always though CI was quicker to roll out due to the use of short tags and freely available modules.
CodeIgniter has a learning curve but that curve is likely to be quicker than your custom framework. That's because CodeIgniter is well documented.
CodeIgniter is a fairly comprehensive library. Once you learn the framework, you can employ any of its libraries not only in the current project but in various other projects.
The work is already done for you. You may not even know that a XSS or CSRF exploit exists in your code because you haven't done a thorough security audit. But a community framework is under constant audit.
You can extend CodeIgniter to your own needs and still have custom functionality.
After using CodeIgniter for a sufficient period of time, you'll inevitably pick up some great programming practices and improve your overall knowledge since the framework employs many best practies.
It is likely that if you encounter a problem situation, someone else has already solved it. CodeIgniter also has a good community through which you could save yourself hours of debugging.
That said, CodeIgniter is not the only framework but I really do like that fact that with the newer release they have moved to PHP5. In general, open source frameworks are the way to go.
I would strongly disagree.
The details of the project would be very helpful, but in general frameworks are very helpful and speed up the work (not necessarily the application) significantly.
Consider the fact, that 'Custom PHP Framework' (whatever they think of) is... custom. That means it is not tested as eg. Zend Framework, it has not proven to be efficient and successful in thousands of projects, and it is probably something very simple (as large frameworks have been developed for years by big teams of developers plus the developers of companies that use them).
Of course coding PHP can be quite good option, when you really need speed (of the application), have time to build it and money to pay the developers that will be developing it quite extensively (because they will be implementing many features that come with almost every PHP framework). But you have to be sure, that you really need to take that non-standard approach (as 'non-standard' I mean not using some reliable framework).
It is up to you. If you can give some details about the application that has to be created, the answers may be more relevant.
Non-Business projects: Standard PHP.
Business projects: CI.
Trying to build you own Framework is very educative and will help you a lot; it will also let you create a framework that fit your needs instead of a general one. But that could be done only if you are managing to create a non Business projects because Business ones requires stability that you may not get from a home-made framework. By creating your own framework you might loose a lot of time (which is expensive when working with business stuff) and money for nothing.
It basically depends on your project type.
I have some experience with writing my own CMS, and I must admit, that this was very educating, but from financial point of view, totally uneconomic decision.
In my opinion, those developers should try to write some specification. Very detailed specification of what they need to implement. Then they should calculate time needed to code such functionality so they can compare this work to elements already included in CI and decide which option is more viable in terms of time to code, time to learn, and of course time to test.
If they don't mind teaching their custom framework, then it's probably the best fit (especially if the guy who wrote it is still around).
However, custom frameworks can turn into unsupportable nightmares. CI has the advantage of a small community and thorough documentation. Once you roll out a few projects with it, I'm sure the roll-out time will be as fast as the custom framework.
We ditched our own custom framework in favour of CI. Financially it was a tough decision as weve spent 1000's of hours on it and have a lot of projects running on it.
CI has allowed us to develop faster and has standardised our projects. The architecture also allows us to extend easily without concerns about 'damaging' the core framework.
CI is the way forward IMO
Their response was quasi-correct...
Disadvantage: also a bit slower for the team to roll out the project.
This is generally untrue, and infact, it's probably quite the contrary in many cases. Personally, I am able to crank out projects much faster using a framework. I haven't used MVC in a team environment but I would imagine that by dividing work into Models, Views and Controllers workflow seperations would promote development speed.
What are you building? This is the crucial question.
If you're building a dynamic web application, frameworks will save you hours and hours of work because you won't have to reinvent the wheel over and over again. If the point of your project is basic, then indeed... frameworks add too much overhead. I'd say, as a general rule, if you're project will require greater than 5 .php files, then start using a framework, because that's what it's purpose is - to separate the logic.
Use CodeIgniter or another framework for larger projects where you suspect your code will start to get disorganised. The MVC pattern prevents this disorganisation.
It sounds as if you've never used a framework before. The first step in making decisions on whether or not a framework will suit the task is to get familiar with one. You'll then be in a much better position to make this call. I do not recommend you write your own right away; you will gain a lot of insight after playing around with CI, Cake, or Zend.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I have learned extremely basic PHP (I think so) using Lynda Tutorial. After that, I feel, I got some grip on that language. My ambition is to become a web developer! After some googling, I planned to learn some more advanced and practical php by using websites like PHPSCripts, Webapps etc..
But, now I'm in a confusion! After my studies, when I seek for a web developer position & got selected, how will I work, by just knowing some language basics?
Can you guys help me to become a good web developer, what will I have to learn & how to learn?
Also, can I get the steps to do a practical PHP project.
As a web developer it is important to have client and server side skills. But there are few web developers which are excellent at both... But knowing the basics and where to look for info is definitely a good starting point.
I would recommend to work through the following list(s) in the order presented. If you feel comfortable with a topic, move one. Even though that in reality you will often have to go back and forth during the learning process...
Client Side
HTML / XHTML
CSS
a JavaScript Library (e.g. jQuery, prototype/scriptaculos, etc.)
Server Side - Infrastructure
familiarize yourself with shell scripting if working on Linux (e.g. bash, etc.)
Webserver (e.g. Apache)
PHP Server
Databases (e.g. MySQL, PosgreSQL, etc.)
Server Side - Programming
PHP
SQL
Advanced Topics
After getting familiar with the basics...
AJAX (this is placed here because it is a client/server topic, not because it is advanced...)
Object Oriented Programming (OOP)
Security issues
Source Control Management (SCM) -> (e.g. git, etc.)
Model View Controller (MVC) software architecture
PHP Frameworks (Zend Framework, Symphony, CakePHP, Agavi)
Unit Testing (e.g. PHPUnit)
Object Relational Mapper (ORM) for PHP (doctrine, Propel)
Usually this keeps you busy for a while. At least it kept and still keeps me busy... ;)
Here are few suggestions:
Read these advanced/practical php articles on phpro.org
Learn the basics of OOP
Familiarize yourself with php frameworks and CMS
Familiarize yourself with HTML/CSS/Javascript
Try to make clones of other websites
Try to volunteer in open source projects, you may get started at:
openhatch
sourceforge
Im my opinion, A good webdeveloper MUST know:
HTML
CSS
JavaScript
After this, it's important to know:
Jquery
XHTML
Crossbrowsing (diferences of IE X Firefox x Chrome, etc)
Rationale:
HTML: it's the base of web.
CSS: in 2010, it's the base of web.
JavaScript: only the basic, to understand jquery after.
Jquery: you can solve a lot of problems quickly and it's large used.
XHTML: because your page may broke in modern browsers, if has a <br>, not a <br/>
Crossbrowsing: there is more than one browser in the world.
Just keep on practising. You will likely need solid HTML / CSS skills as well as PHP since the two go hand-in-hand - it's also useful to learn MySQL. Spend lots of time going through the tutorials on the excellent tizag.com as well as Lynda.
Once you're comfortable with all that and you're ready to move onto something more advanced, it's worth looking into Wordpress customisations and plugin development - that has the advantage of being pretty easy to use, with an awesome support community, and a whole bunch of mature code that you can look through yourself to get more familiar with how the language is used in the real world.
After that, try a framework like CodeIgniter or CakePHP - these are awesome for your productivity but do make sure you're comfortable with the basics first as the learning curve can be pretty steep and you want to reduce frustration as much as you can. :-) Learning design patterns will also be helpful at this stage.
One thing that will always be important to you, your users, your applications, and your potential employers is code security. I can't stress this enough. As soon as you put an application into real-world use, you have a moral and professional obligation to make that application secure. http://www.addedbytes.com/writing-secure-php/ <- read, digest, read other guides. Security is the single most important thing that a PHP developer can learn.
Above all, have fun! The best developers tend to be the ones that get genuine enjoyment out of what they're doing. You might find yourself eventually leaning in a different direction and using completely different technologies, so always keep your eyes open and be prepared to learn new things even if they don't necessarily 'fit' your current skillset. Also the more general knowledge you have about programming patterns, the better you will become in individual languages. Remember that it's an organic process so you will need to let it develop naturally - but help it along by exposing yourself to as much as possible (foreign language teachers call this 'immersion' :-) )
Regarding PHP
Make a small project using PHP, so you know that you know.
Learn a (MVC) framework like CakePHP or Agavi.
Read this SO answer.
Regarding Web Development in General
Know about CSS, XML, XHTML, XSLT, W3C validation, HTML5, JavaScript, AJAX (and most other acronyms you come across).
You will find there are various libraries which make your life easy, use them. And there will be one browser that will make your life difficult, but you will have do deal with it.
A solid web developer needs an understanding of HTML, CSS, JavaScript, and the server-side scripting language of her choice. But still more important is a solid foundation in programming. You don't have to be an expert computer scientist, but you need to understand how to structure a program and how to solve problems in a sensible way.
Most professional web development involves database access of some sort. Teach yourself SQL, and use a real SQL -- not Access -- for the effort. You can run MySQL or Postgres on a laptop these days, and it's free.
Learn to design databases well. Learn about normal forms, and indexes, and so forth. The time you spend on that will pay off in spades.
Take a while to study up on security. Look at the security bugs that have afflicted high-profile projects and sites. (Hint: they're pretty much mostly about trusting untrustworthy data, or else relying on old out-of-date infrastructure, but the consequences include site defacement and the compromise of valuable information.)
And then, take on a charity project somewhere. You won't get turned down, and you'll cut your teeth, so to speak. Just make sure you're not storing social security numbers or something crazy like that, because charity workers are often vulnerable to social engineering attacks.
the very very first thig to do is to learn Object Orientated Programming (if you haven't).. then you might want to start learning the MVC pattern... and then you must decide either you star using frameworks (like cakePHP, Symphony,Zend) or you prefer using CMS (like joomla or wordpress)... on the process you might also want to learn javascript using a framework (mootools, jquery or prototype)...
Edited: i forgot about databases and sql!! wow.. there's a lot to learn!
The only way to become a good programmer on a certain platform, is to study something more than just tutorials. Read a book, at least. Then the rest comes with practice.
A good way is to also learn a specific platform (depending on what they work with). Some work with Wordpress, so once you know basic PHP and how to use it with databases, and how to work with databases, you would be able to quickly make some basic information websites. Others use Joomla, Drupal, DLE, to quickly build websites, without having to hurt their heads with full backend and frontend architecture. If you need a more general approach, to be able to make more specific web applications, use frameworks like Zend, CakePHP, Symfony, CodeIgniter.
Also, besides knowledge of PHP, to build a small website by yourself, you will also need to know HTML, JavaScript (with AJAX, possibly a framework like jQuery), SQL.
And last but not least, you will need to learn how to protect the site against XSS, SQL Injection and other security threats.
Learn Object Orientated Programming (OOP for short).
Watching any programming tutorial is different than watching any movie. You need to have practice and have experiments form different angle of codes. Prentice and research is only way to get into the deep of any language. If you think you have well understanding about php then try to make some small application like phonebook which have database connection. After that you can move for any frame work like laravel, cakephp. But I always recommend to do at least one small project with raw php before move for any framework because when you come from raw php you will start loving working with frameworks otherwise you will may feel boring to learn again something new as my point of view.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
The question has been asked: No PHP for large projects? Why not? It's a recurring theme and PHP developers--with some cause--are forced to defend PHP.
All of these questions are valid and there have been some responses but this got me thinking. Based on the principle that you can write good code in any language and bad code in any language, I thought it worth asking a positive rather than negative question. Rather than why you can't, I wanted to ask how you can use PHP for large projects.
So, how do you write a large, complex, scalable, secure and robust PHP application?
EDIT: While I appreciate that the organizational aspects are important, they apply to any large project. What I'm primarily aiming for here is technical guidance and how to deal with common issues of scalability. Using an opcode cache like APC is an obvious starter. Cluster-aware sessions would be another. That's the sort of thing I'm getting at.
For the most part, the problems with php are not so much with the language. The problems come from the coupling of a low barrier of entry and the lack of any infrastructure to avoid common programming problems or security problems. Its a language that, by itself, is pretty quick-and-dirty. Nevertheless, it still has many advantages for large-scale web apps. You'll just need to know how to add in some level of infrastructure to avoid a lot of the common web programming blunders. See - What should a developer know before building a public web site for help with this.
You need to learn about the reasons php can make your web app to be insecure or problematic and learn to mitigate those problems. You should learn about how to use php to securely access your database. You should learn about avoiding SQL injection. You should learn about evil things like register_globals and why you should never ever use them. In short, you should do your homework about your tool before just diving in for a real-world, large-scale, web app.
Once you are educated, it comes down to you'll probably want to build a framework or use a preexisting framework that will mitigate these problems. Popular frameworks include PEAR and Zend.
Also, useful questions that might help:
What should every php programmer know?
What should a developer know before building a public web site
Using PHP for large projects isn't different than with any other language. You need experience and knowledge in writing maintainable and extendable source code. You need to be aware of security pitfalls and performance concerns. You need to have researched your problem domain and be well familiar with it.
In the end, same as any other language - what you need are high-quality and well-motivated developers.
i know, this is a little out of date, but still, i'll tempt an answer ...
use Haxe/PHP ... i could delve into details ... but if you look at the language, its features, and the nice way the PHP API is encapsulated into something rather consistent, you will soon see, what PHPs problems are ... and also, you have all the benefits of Haxe in the end ...
edit: this was a serious answer ... Haxe/PHP automatically solves a lot of problems mentioned in the post flagged as answer ...
register_globals is turned off ... you get your parameters through the php.Web
using the SPOD-layer (same API for php) for the database automatically takes care of escaping (and will automatically provide your model (and templo is quite a good template engine, so that should help for your views))
having a typed language, you are more likely to write better code ... plus language features as generics and enums are very powerful ... and there is a lot of compile time magic in Haxe that is also of interest ... a more powerful language is always good to adress complex problems ...
if you want to use other PHP frameworks, you only need to write the external classes and everything will work as expected ...
i think Haxe is a very good answer to "large", "complex", "secure" and "robust" ... scalability does not come from Haxe itself of course ... but still, if you check out haxelib, then you find many things, that would help for scalability ... such as memcached (you will have to change neko.net.Socket to php.net.Socket in memcached.Connection) ...
if you really want to use the PHP language, and not just the platform, Haxe won't help you of course ...
You do as you would in any other language or any other enviornment.
There are a couple of simple steps in project development:
Organization; You need to organize everything, having documentation, uml diagrams and other pre-work done, before you start programming.
Structure; Before you start coding and also aftter starting, you need to have a focus on structure, meaning that you always need to do it correctly and not do any spagetthi solutions. Keep code simple and well commented.
These two points, are simple and apply in all development areas, despite the language. Keep it simple and well documented and you will find that developing a large scale web app in PHP is as easy as it would be in ASP.NET, Ruby or whatever.
However when we come to the development stage, you need to get a nice IDE, use a good database, use a repo., get an MVC / Template system, this runs in the "Structure"-part though.
Just as a side point, splitting the application into different layers: DLF ( Data, Logic, Front ). Use at least these three layers and you will find that the development will go easy.
Use Model-View-Controller framework. It's been said, yes. And, have at least one engineer for each part.
Model: Your DBA should write the Model code. No should else should be allowed to write SQL statements.
View: The one with the best knowledge of CSS and Javascript should do the view part. He/she should write the least PHP code, he is the one using PHP variables.
Controller: She's the real PHP coder, and also back-end server engineer, hopefully, with or without using other script languages.