Category: You’re not doing it right

Wrong: mix HTML and PHP

Do you have such code in your app?

<?php
session_start();
$mysqli = mysqli_connect("localhost", "user", "pwd", "db");

if (mysqli_connect_errno($mysqli)) {
    echo 'MySQL connection error: '.mysqli_connect_error();
    die;
}
?>

<div>
    <h2>Articles</h2>

    <?php
    $result = mysqli_query($mysqli, "
        SELECT a.id, a.title, a.content, u.username
        FROM article a
        JOIN user u ON a.user_id = u.id
    ");
    while($row = mysqli_fetch_assoc($result)): ?>
        <div>
            <h4>
                <a href="article.php?id=<?= $row['id'] ?>"?>
                    <?= $row['title'] ?>
                </a>
            </h4>
            <p>Written by <?= $row['username'] ?></p>
            <div>
                <?= substr($row['content'], 0, 100).'...' ?>
            </div>
        </div>
    <?php endwhile ?>
</div>

Here you’re mixing HTML, PHP and SQL which different things with different purposes.

Never do that anymore.

It’s messy, hard to read, hard to debug, hard to maintain, and won’t land you a job anywhere with such an approach to PHP. In this language it’s easy to make mistakes as it’s easy to “make things work”, but it’s not a reason to do it.

Solution

  • Isolate your code into functions such as init(), getDatabase(), getArticles(), render(), and boot()
  • Put all these functions into a functions.php file
  • Put your HTML into a view.html.php file
  • In your render() function, use ob_start() and ob_get_clean() to render your view into a string and return it
  • Echo your render() function
  • Launch boot() function to launch your app

Even better solution

Procedural code is not modern programming. You should only code with OOP and take advantage of PHP’s ecosystem.

Most projects should use Composer and at least those 4 Symfony components:

More

Read the series You’re not doing it right to step up your PHP game.

Wrong: use of superglobals

If you uses these in your code, stop.

$GLOBALS
$_SERVER
$_REQUEST
$_POST
$_GET
$_FILES
$_ENV
$_COOKIE
$_SESSION

While it’s important to know how PHP handles the request, server, or environment variables, it’s a big mistake to use them directly.

Don’t use low-level PHP. There’s just not any good reason for it. Sticking with low-level PHP is a clear sign of misundersting of the language, its ecosystem and your ability to keep up with the technology.

Solution

PHP has evolved very quickly in the 2010’s and layers of reusable components have emerged. One of them is HttpFoundation. If your project needs to access superglobals, then you need HttpFoundation. Follow the installation instructions in the documentation.

Then, instead of using your superglobals, use this:

use Symfony\Component\HttpFoundation\Request;

$request = Request::createFromGlobals();

You need $_GET['param']? Use $request->query->get('param').
You need $_POST['param']? Use $request->request->get('param').

Explore the documentation to know more on how to use this component. But don’t ever use superglobals anymore in your code.

More

Read the series You’re not doing it right to step up your PHP game.

Wrong: absence of composer.json

If you don’t see composer.json at the root of your project, it means that it’s stuck in the past, somewhere before 2012.

Every PHP project, whatever its size, MUST be based on Composer. Even if it’s a small project. Ironically, the most used software in PHP history is WordPress and doesn’t rely on Composer. WordPress is the only acceptable exception to the rule as it’s heavily relying on legacy code and backward compatibility. There are however plenty of projects to make WordPress work as a Composer dependency, to allow modern PHP development with WordPress.

Solution

Install Composer on your machine.

Then at the root of your project, enter these simple commands in your terminal.

composer init
composer dumpautoload

More

Read the series You’re not doing it right to step up your PHP game.