10 things not to do in PHP 7

1. Don’t use the mysql_ function

The day has finally come, and from now on you not only “shouldn’t” use the mysql_ function. PHP 7 has removed them all from the core, which means you need to migrate to the much better mysqli_ function, or the more flexible PDO implementation.

2. Don’t write junk code

This one may be easy to understand, but it will become increasingly important because the speed increase of PHP 7 may hide some of your problems. Don’t just settle for your site speed because migrating to PHP 7 made it faster.

To understand how important speed is and how to do things better, take a look at our article Getting Started with Speed ​​Optimization.

As a developer, you should always make sure to load scripts on demand, connect them when possible, write efficient database queries, use caching when possible, and more.

3. Don’t use PHP closing tags at the end of the file

You can take a look, when a file ends with PHP code, most of WordPress’s core codes remove the PHP tag at the end. In fact, the Zend Framework specifically disables it. PHP does not require a closing tag at the end of the file, and we can ensure that no whitespace characters are added at the end by removing it.

4. Don’t do unnecessary pass-by-reference

I personally don’t like pass-by-reference. I know that sometimes it's useful, but other times it makes the code difficult to understand and the results harder to predict.

It is said that some people think it makes the code run faster, but according to some senior PHP programmers, this is not true.

An example of why quoting is bad is that PHP has built-in shuffle() and sort(). They modify the original array instead of returning the processed array, which is quite illogical.

5. Don’t execute queries in a loop

Executing queries in a loop is very wasteful. It puts unnecessary stress on your system and may be able to achieve the same results faster outside the loop. When I encounter a situation where I need something like this, I usually solve the problem with two separate queries that I use to build the data array. I'll then iterate over the array and not need to perform a query in the process.

Since WordPress is used here, it may have some exceptions. Although get_post_meta() will get a lot of data from the database, you can use it in a loop if you are looping through the metadata of a particular blog post. This is because WordPress actually gets all the metadata and caches it when you first call it. Subsequent calls use this cached data without making database calls.

The best way to understand this is to read the function documentation and use a tool like Query Monitor.

6. Don’t use * in SQL queries

Of course, this is more of a MySQL problem, but we are used to writing SQL code in PHP, so it’s pretty much the same. Regardless, don't use wildcards in SQL queries if you can avoid it, especially if the database has many columns.

You should explicitly specify which rows are required and only get them. This helps reduce resources used, protect data, and make things as clear as possible.

For SQL, you need to know all the available functions and test their speed as much as possible. When calculating means, sums, or similar numerical calculations, use SQL functions instead of PHP functions. If you're not sure about the speed of a certain query, test it and try some other compilations - then use the best one.

7. Don’t trust user input

Trusting user input is unwise. Always validate, filter, escape, check, and leave a way out. There are three problems with user data: we developers don't consider every possibility, it's often incorrect, and it could be deliberately compromised.

A well-thought-out system protects against these threats. Be sure to check for appropriate values ​​using built-in functions like filter_var(), and escape (or precompile) when dealing with the database.

WordPress has some functions to solve the problem. See the article Validating, escaping, and filtering user data for details.

8. Don’t be smart

Your goal should be to write elegant code that expresses your intentions more clearly. You might be able to optimize 0.01 seconds out of each page by shortening everything to a one-word variable, using multiple layers of ternary logic, and other means. But this will only create big problems for you and those around you.

Name variables wisely, document your code, and prioritize clarity over brevity. It's even better to use standard object-oriented code, which is more or less the document itself, without the need for a bunch of inline values.

9. Don’t reinvent the wheel

PHP has been around for a long time, and websites have been around even longer. Chances are, whatever you need to build, someone has already built it before. Don’t be afraid to ask for support from others, Github is your friend, so is Composer, and so is Packagist.

From logging tools to color correction tools, from performance analyzers to unit testing frameworks, from Mailchimp API to Twitter Bootstrap, everything is available at the press of a key (or typing a command), use them!

10. Don’t ignore other languages

If you are a PHP programmer, now is a good opportunity to at least understand HTML, CSS, JavaScript and MySQL. When you get better at handling these languages, it's time to relearn JavaScript. JavaScript is not jQuery, and you should learn JavaScript properly to use it more efficiently.

I am also going to recommend you to learn object-oriented PHP, it will save time and will get better when the code size is larger. For languages ​​like C# and Java, they are also easier to understand after you understand OOP.

Expand your knowledge by learning about package managers, build scripts, CoffeeScript, LESS, SASS, YAML, scripting engines, and other powerful tools. I highly recommend you to take a look at other frameworks, especially Laravel.

How about learning Ruby, RoR, Android, iPhone and Windows Phone app development while you use them to get the job done brilliantly? You might think this is pointless because they are outside of your comfort zone and what the job requires, but that’s what they are. Every language has some practical things to learn, as well as new things you've never encountered before. It's no accident that all top PHP developers know many other programming languages.