1,和PHP手册成为好朋友
2,打开Error Reporting
Error reporting 在 PHP 开发时是很有帮助的. 你可以在你代码中发现先前你没有发现的错误,因为并不是所有的BUG都会让程序运行不了的。当产品正式使用时,才有必要关掉错误报告,不然顾客看到一堆奇怪的字符不知道那是什么意思。
3,使用IDE
IDE (集成开发环境,Integrated Development Environments)对于开发者来说是很有帮助的工具.
荒野在这里推荐netbeans IDE 。
4. 试着使用一个PHP 框架
5.学习DRY方法
DRY 代表 Don't Repeat Yourself,它是一个有价值的编程概念,不管是什么语言。DRY编程,顾名思义,是确保你不写多余的代码。
6.使用空格缩进代码来提高可读性
7. “Tier” your Code
给你的应用程序分层,分成不同部位的不同组成部分的代码。这使得您可以轻松地在未来改变你的代码。 如常用的MVC模式。
8. 总是使用 <?php ?>
9.使用有意义的,一致的命名约定
10.注释、注释、注释
11.安装MAMP/WAMP
12.给你的脚本限制运行时间
通常PHP脚本的运行时间被限制为30秒,超过这个时间PHP将抛出一个致命错误。
13.使用OOP
14.知道双引号和单引号的不同
15.不要在网站的根目录放phpinfo()
16.永远不要信任你的用户
17.加密存储密码
Rebuttal:
Keep in mind, however, that MD5 hashes have long since been compromised. They're absolutely more secure than not, but, with the use of an enormous “rainbow table,” hackers can cross reference your hash. To add even more security, consider adding a salt as well. A salt is basically an additional set of characters that you append to the user's string.
18.使用可视化数据库设计工具
如 DBDesigner 和 MySQL Workbench
19.使用输出缓冲
Rebuttal: Though not required, it's generally considered to be a good practice to go ahead and append the “ob_end_flush();” function as well to the bottom of the document. P.S. Want to compress the HTML as well? Simply replace “ob_start();” with “ob_start(‘ob_gzhandler')”;
Refer to this Dev-tips article for more information.
untitled20.保护你的代码避免SQL注射
$username = mysql_real_escape_string( $GET['username'] );
$id = $_GET['id'];
$statement = $connection->prepare( "SELECT * FROM tbl_members WHERE id = ?" );
$statement->bind_param( "i", $id );
$statement->execute();
By using prepared statements, we never embed the user's inputted data directly into our query. Instead, we use the “bind_param” method to bind the values (and escaping) to the query. Much safer, and, notably, faster when executing multiple CRUD statements at once.
21.尝试ORM (object relational mapping)
ORM libraries for PHP like Propel, and ORM is built into PHP frameworks like CakePHP.
22.缓存数据库驱动页面
如:
// TOP of your script
$cachefile = 'cache/'.basename($_SERVER['SCRIPT_URI']);
$cachetime = 120 * 60; // 2 hours
// Serve from the cache if it is younger than $cachetime
if (file_exists($cachefile) && (time() - $cachetime < filemtime($cachefile))) {
include($cachefile);
echo "";
exit;
}
ob_start(); // start the output buffer
// Your normal PHP script and HTML content here
// BOTTOM of your script
$fp = fopen($cachefile, 'w'); // open the cache file for writing
fwrite($fp, ob_get_contents()); // save the contents of output buffer to the file
fclose($fp); // close the file
ob_end_flush(); // Send the output to the browser
23.使用缓存系统
$description = strip_tags($_POST['description']);
echo $description;
可以写成如下:
echo strip_tags($_POST['description']);
Rebuttal: In reference to the comment about “doubling the memory,” this actually is a common misconception. PHP implements “copy-on-write” memory management. This basically means that you can assign a value to as many variables as you like without having to worry about the data actually being copied. While it's arguable that the “Good” example exemplified above might make for cleaner code, I highly doubt that it's any quicker.
也就是说PHP实现“copy-on-write” 的内存管理方式,上面第一种代码并不会存在占用双倍内存的情况。因此Rebuttal严重怀疑第二种方式的代码是否真的比前面的快。
30.更新到最新版本的PHP
31.减少数据库查询次数
32.勇敢地提问
像StackOverflow等都是好去处。
5789
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
