Wednesday, 22 July 2015

Top 10 PHP Code Review Tips




Top 10 PHP Code Review Tips

This article represents top 10 areas to consider while you are taking up the task to do the code review of a PHP project. The other day, I had a discussion with one of the PHP senior developers who asked me about where to start on the task related with reviewing a PHP web application and, we brainstormed and came up with the list. Interestingly, apart from few, most of them can be pretty much applied to applications written with other programming languages as well. Please feel free to comment/suggest if I missed to mention one or more important points. Also, sorry for the typos.

Following are the key points described later in thisarticle:

    Business functionality
    Framework-related coding guidelines
    Object-oriented principles
    PHP-specific standards
    Programming-related best practices
    Design patterns
    Code coverage
    Security
    Exception-handling
    Integration patterns

Before moving into the details, I would have to mention that I considered following 8 parameters (ISO 25000 SQUARE standards) to come up with different code-review criteria to cover every aspect of code quality.

    Functional Suitability
    Maintainability
    Usability
    Security
    Efficiency
    Reliability
    Portability
    Compatibility

Adherence to Business Fnctionality

The first and foremost important thing is to try and see if you could validate and verify if the code delivered the required business functionality. This may need you to talk to business analyst and get yourself clear with business functionality. For legacy project, this is very difficult to catch hold of the business analyst. However, for ongoing project, it is simpler. Checking on business functionality actually applies to other programming languages as well apart from PHP.

Framework-related Coding Guidelines

There are several frameworks such as some of the following that could be used to create PHP-based web apps. You may want to review if the code written for a particular framework satisfies the coding guidelines and best practices specified as part of that framework.
    Zend
    YII
    CakePHP
    CodeIgnitor
    Laravel

Object-Oriented Principles

This is applied to other programming languages as well. You may want to review PHP code against object oriented principles such as some of the following and, point oout code smells and opportunities for code refactoring.
    SOLID
    DRY
    YAGNI
    Law of Demeter

PHP-specific Standards

You may want to keep handy PHP programming language standards and best practices and review code against the list.

Programming-related Best Practices

Then, there are areas such as usage of data structures, McCabe code complexities that you would want to consider while reviewing code against programming-related best practices. This is applied to other programming languages as well.

Usage of Design Patterns

There are several PHP design patterns that could be used to structure your code in a standard manner. You may want to review the code from that perspective and suggest appropriate design patterns that could be applied. I found this page as decent enough mentioning several design patterns applied to PHP.

Code Coverage

This is standard code review practise and one may want to check the code coverage of the underlying code and emphasize on important of the writing unit tests. This is applied to other programming languages as well.

Security

As of today, security is an important area that one need to consider while doing code review, given the importance security carries from business continuity and reputation perspective. You may want to emphasize the usage of PHP OWASP libraryfor applying application level security in PHP-based applications. You may also want to keep PHP security cheat sheet handy with you.

Exception-handling

This is very important aspect considering the reliability aspect of the application. It may be good idea to review the exception/error handling mechanism/practices used in the code and suggest appropriately. This is applied to other programming languages as well.

Integration Patterns/Protocols

You may want to determine integration standards/protocols used in the application and review the design/code for adherence to that standard. You may also want to review the readiness of the application to be exposed as API if there is a requirement for integrating application with other applications in the future. This is applied to other programming languages as well.
Posted by at No comments:

Top 10 PHP Tips for Developers



Top 10 PHP Tips for Developers

I have always wanted to write an article like this, because I think about it all the time - what 10 things would I deem the most important to pass on to someone else? Well, after literally years of thought I think I have come up with the best list that I can think of. So, without further a do, let's get to it.

1) Go OOP

If you have not yet entered the realm of Object Oriented Programming, then you are at a disadvantage, and you are falling behind fast.OOP is essentially a method of programming with the use of classes, or Objects, which tie like things together, remove the need for repetition of code and perform the basic tasks of production very simply. Objects are essentially classes that collect a bunch of functions together and wrap them in a wrapper that can be reused over and over again without the need to rewrite functionality or procedures every time you need to do something.Procedural Programming works by following a routine from the top to the bottom of each page as the server reads every file on your server. With OOP, there could be one or two objects being instantiated, which, in turn could instantiate a few, a hundred or a thousand other objects which could all perform certain tasks depending on variables passed into the objects. OOP is faster, simpler, easier to debug, uses less server resources, less code, is faster loading and more logical to work with once you figure out the basic principles. Go OOP - It changed my development style forever.

2) Stay Away from Anything Ending With _once()

We all know that include() simply gives us a warning if it fails, while require() kills the script with a fatal error when it fails. What we don't forget is that include_once() and require_once() is extremely hard on server resources. There is nothing we can do about it, it's how PHP is set up. Just remember that these things kill your server resources, specially on a huge framework, and if you plan your code properly you won't even need it anyway.

3) Develop With Error Reporting On

 The very first thing you do when starting a new project is to turn error reporting to E_ALL, and you should only turn it off ten seconds before going to production mode. I do this with every project that I build and there is nothing better than running a project in full production mode and not even getting one error. Besides that, with error reporting on, you pick up any small errors that will eventually grow up to bite you in the... well, you get my point.

4) Use A Framework If You Need One

Ok, so Rasmus Lerdorf says you shouldn't use a framework because he could quite conclusively prove that a framework is much slower than normal PHP code when it came to printing a simple "Hello World" application. Two things to mention here though: you are not Rasmus Lerdorf and I bet you won't be building a "Hello World" application every time you program something. Frameworks that help you do the tedious things can help, although you will have to learn how the frameworks function first in order to make things simple, but that's the only real trade-off. Plus you stand less chance of writing bad code when someone else has written most of it for you, but let's pretend I didn't say that.

5) Use PHP's Inbuilt Functions

Ok, you want to count the amount of keys in an array? You can loop through the array and simply increment a value for each iteration, right? Or you can just use the built in PHP function count(), which does just what it should. PHP has many built-in functions that can do what you need them to, so check out the manual to make sure you are doing it in the best way possible.

6) Protect Your Database

The best and safest way is to use mysql_real_escape_string() for all database before it is added to the database. This function makes all strings safe in terms of quotes and other functions that can harm your database or contain malicious code, so use it to be sure you have taken the first step against protection of your data. Another thing you can do is validate all POST and GET strings, never use $_REQUEST, and make sure all form submitted data is of the right type and value before adding it to a database query.

7) Use POST Not GET

Ok, this isn't always possible, but when its really not necessary, don't use GET, use POST. The reason is simple - GET is simple to emulate, all I need to do is add something to my address bar and I can hack your project. Obviously GET is the easy way to do pagination and permalinks, but when using form submission especially, stay with POST, it's safer.

8) Draw Before You Code

A good practice to get into is to wireframe your projects, even if you are just scribbling a few notes on a piece of paper. It is very important to actually give the mechanics of you application some thought before sitting down to start coding, because in the process of planning it you will actually iron out the difficulties in your head and avoid the major headache that comes with the facepalm when you realize that everything you just did is either wrong, not needed, or just silly.

9) Understand Your Project

An artist cannot draw something that he has not seen before. A singer cannot sing a song that he has not heard before. You cannot code a project that you do not fully understand. If you do not understand exactly what it needs to do, and how it needs to it, you cannot build it.

10) Code Code Code

If I could get one thing through to anyone reading this, this is it. You cannot become a good developer by reading. You cannot become a good developer by watching someone develop. The one and only tried and trusted method, is to actually write code. But - and here is the trick - build real things! Do not go and code something that you have no interest in, or will never use. Build what you like, and you will be excited and interested by it, and you will learn. Then, make it awesome, build upon it, and make it better.
Posted by at No comments:

5 Powerful PHP Code Generators



5 Powerful PHP Code Generators

Writing a simple database application in PHP and mySQL can take a lot of time and effort – you will have to design the HTML form, write queries, implement validation/error handling, test the application, etc. You can save yourself a lot of time and reduce development cost if you use a PHP code generator. Code generators are desktop or web-based applications that once installed will allow you to define your database and it will automatically generate all the required HTML, CSS and PHP files. You can then simply update these files to your server and get complete running applications in a few minutes.

Here’s our showcase of the top 5 PHP code generators onHotScripts:

ScriptCase

ScriptCase is a complete PHP Code Generator. Through a friendly web interface, the developer can generate rich web applications extremely fast, such as: web forms, html reports, container applications, pdf reports, menus, editable grids, webhelp pages, FLASH charts, auto-complete components using JQUERY technology, master/detail forms and grids.

PHP MySQL Wizard

PHP MySQL Wizard is a smart PHP code generator, with absolute zero knowledge of coding the wizard can generate a functional web application driven from your MySQL database, saving you hours of tedious programming. Using the generated application both administrator and/or users will be able to view, search, sort, edit and delete records from your MySQL Database . The wizard has many friendly and easy to use features such as: fully customizable appearance of the generated application, validation rules, custom error messages, etc.

PHPMaker

PHPMaker is a powerful automation tool that can generate a full set of PHP quickly from MySQL, PostgreSQL, Microsoft Access and Microsoft SQL Server databases. Using PHPMaker, you can instantly create web sites that allow users to view, edit, search, add and delete records on the web. PHPMaker is designed for high flexibility, numerous options enable you to generate PHP applications that best suits your needs. The generated codes are clean, straightforward and easy-to-customize.

AppGini PHP Generator For MySQL

AppGini helps you develop web database applications instantly. You do not need to have any programming background to use it. Just define your database, set some options, click the Generate button, and you’re done! Applications generated will allow your users to view, search, edit data as well as allow administrator to access permissions. The application can then be easily customized using CSS and HTML templates.

ScriptArtis

ScriptArtist is a PHP & AJAX code generator software for MySQL. It helps helps you save a lot of developing times to create the completed CRUD operations (Create, Read, Update, & Delete), easily generates web forms (email or contact form) retrieved information from either database fields or user-defined fields and many more.

Posted by at No comments:

Top 10 PHP frameworks worth looking forward to in 2015

Top 10 PHP frameworks worth looking forward to in 2015


1.CakePHP 3.0

?Considered as a contemporary framework for PHP development, CakePHP 3.0 comes loaded with remarkable features including enhanced components and helpers, improved session management, improved consistency of conventions, ORM improvements and many more. CakePHP 3.0 comes with increased modularity, allowing you to create more standalone libraries in addition to reducing coupling. Plus, there are tools like PSR-0, PSR-1 and composer which have helped in improving the interoperability.
•    Practical CakePHP Projects (Expert’s Voice in Web Development)
•    CakePHP 2 Application Cookbook
•    Beginning CakePHP: From Novice to Professional (Expert’s Voice in Web Development)
•    CakePHP 1.3 Application Development Cookbook

2. Laravel

Laravel is yet another brilliant PHP Framework that’s equipped with tons of interesting features including RESTful routing, native PHP or light weight tempting engine and many more. Built using several Symfony components, Laravel offers you web application an amazing foundation of reliable and well-tested code. Some other interesting features of Laravel include: a powerful queue library, an amazing ORM, painless routing and a simple authentication.
Books
•    Getting Started with Laravel 4
•    Laravel Application Development Cookbook
•    Laravel Design Patterns and Best Practices

3. Phalcon
 
Considered as one of the fastest PHP Frameworks, Phalcon has been implemented as a C extension coupled with lower resource consumption. Some of the excellent features included within this PHP Framework are: translations, security, assets management, universal auto-loader and many more. You can use Phalcon for developing full MVC applications viz: single-module, multi-module and micro applications.

4. Symfony 2

Available in its version 2, Symfony is an excellent PHP Framework for creating websites and web applications. It has been built on top of Symfony components such as Drupal, Ez Publish and phpBB. With over 300,000 developers on-board, Symfony has witnessed over 1,000,000 downloads till date. There have been more than 1000 code contributors for Symfony till date. Backed by a huge community of Symfony fans, it is believed that the framework will go to a whole new level in the forthcoming years.

5. Codeigniter

If you’re a web developer who’s in need of a simple and an elegant toolkit for creating feature-loaded and visualling impressive web applications, then Codeigniter is the framework for you. Currently available in its version 2.2.1, Codeigniter comes with clear documentation. Some other interesting features of this PHP framework include: nearly zero configuration, no large-scale monolithic libraries, compatibility with standard hosting, no restrictive coding rules, no need for template language and many more.
Books
•    CodeIgniter 2 Cookbook
•    Professional CodeIgniter
•    CodeIgniter for Rapid PHP Application Development

6. Yii Framework

Considered as a fast, stable, secure and high-performing PHP framework, Yii has worked wonders for developing Web 2.0 applications. It provides the basis and advanced application installations based on the project requirement. Equipped with Model-View-Controller(MVC) design pattern, rich feature layered caching scheme, Role based access and authentication, Database Access Objects(DAO), Ajax-enabled widgets and a detailed documents; Yii serves as an ideal framework for developing enterprise web applications, social media applications, SaaS, PaaS and a lot more.
Books
•    Yii Application Development Cookbook
•    Web Application Development with Yii and PHP
•    Yii Project Blueprints

7. Aura 

Aura is a PHP Framework that provides independent library packages for PHP 5.4+. You may opt for using these packages alone, in collaboration with one other or as combined into a separate full-stack framework. As the second major version of Solar(a PHP framework), Aura has been reimagined and rewritten into the form of a library collection with a dependency injection. Aura has been specially developed to leverage the features available in PHP 5.4+.

8. Zend

Considered as one of the most popular PHP Frameworks for building high performing web applications, Zend comes with cryptographic and secure coding tools which allow you to execute web app development projects in a flawless manner. Some interesting features of Zend framework include: modularity, extensibility, enterprise ready and a vibrant community.
Books
•    Zend Framework 2 Application Development
•    Learn ZF2: Learning By Example
•    Zend Framework 2 Cookbook

9. FlightPHP

Flight is an extensible micro-framework for PHP. It enables you to build RESTFul web applications in a quick and simple way. Compatible with PHP version 5.3 and above, Flight can be installed quite conveniently.

10. FuelPHP

FuelPHP is a simple and highly flexible MVC(Model View Control) framework specially created for PHP web developers. Irrespective of whether you’re an experienced PHP developer or an amateur; using FuelPHP framework can turn to be your best decision. PHPFuel supports a router-based approach. That means, you are directly navigated to a closure which deals with input uri, offering the closure a complete control over any further execution.
Books
•    Learning FuelPHP for Effective PHP Development
•    FuelPHP Introduction (2012)
•    FuelPHP Application Development Blueprints





















Visit Our Website

                                               http://infocampus.co.in/


Posted by at No comments:
Subscribe to: Posts (Atom)