PHP学习指南
http://www.binarytides.com/category/php-2/tutorial/
In this series we are going to look into some useful tips and techniques that can be used to improve and optimise your php code. Note that these php tips are meant for beginners and not those who are already using mvc frameworks etc.
The Techniques 1. Do not use relative paths , instead define a ROOT pathIts quite common to see such lines :
require_once('http://www.cnblogs.com/lib/some_class.php');
This approach has many drawbacks :
It first searches for directories specified in the include paths of php , then looks from the current directory.
So many directories are checked.
When a script is included by another script in a different directory , its base directory changes to that of the including script.
Another issue , is that when a script is being run from cron , it may not have its parent directory as the working directory.
So its a good idea to have absolute paths :
define('ROOT' , '/var/www/project/');require_once(ROOT . 'http://www.cnblogs.com/lib/some_class.php');//rest of the code
Now this is an absolute path and will always stay constant. But we can improve this further. The directory /var/www/project can change , so do we change it everytime ? No instead we make it portable using magic constants like __FILE__ . Take a closer look :
//suppose your script is /var/www/project/index.php//Then __FILE__ will always have that full path.define('ROOT' , pathinfo(__FILE__, PATHINFO_DIRNAME));require_once(ROOT . 'http://www.cnblogs.com/lib/some_class.php');//rest of the code
So now even if you shift your project to a different directory , like moving it to an online server , the same code will run without any changes.
2. Dont use require , include , require_once or include_onceYour script could be including various files on top , like class libraries , files for utility and helper functions etc like this :
require_once('lib/Database.php');require_once('lib/Mail.php');require_once('helpers/utitlity_functions.php');
This is rather primitive. The code needs to be more flexible. Write up helper functions to include things more easily. Lets take an example :
function load_class($class_name){ //path to the class file $path = ROOT . '/lib/' . $class_name . '.php'); require_once( $path ); }load_class('Database');load_class('Mail');
See any difference ? You must. It does not need any more explanation.
You can improve this further if you wish to like this :
function load_class($class_name){ //path to the class file $path = ROOT . '/lib/' . $class_name . '.php'); if(file_exists($path)) { require_once( $path ); }}
There are a lot of things that can be done with this :
Search multiple directories for the same class file.
Change the directory containing class files easily , without breaking the code anywhere.
Use similar functions for loading files that contain helper functions , html content etc.
During development we echo database queries , dump variables which are creating problems , and then once the problem is solved , we comment them or erase them. But its a good idea to let everything stay and help in the long run
On your development machine you can do this :
define('ENVIRONMENT' , 'development');if(! $db->query( $query ){ if(ENVIRONMENT == 'development') { echo "$query failed"; } else { echo "Database error. Please contact administrator"; } }
And on the server you can do this :
define('ENVIRONMENT' , 'production');if(! $db->query( $query ){ if(ENVIRONMENT == 'development') { echo "$query failed"; } else { echo "Database error. Please contact administrator"; } }4. Propagate status messages via session
Status messages are those messages that are generated after doing a task.
<?phpif($wrong_username || $wrong_password){ $msg = 'Invalid username or password';}?><html><body><?php echo $msg; ?><form>...</form></body></html>
Code like that is common. Using variables to show status messages has limitations. They cannot be send via redirects (unless you propagate them as GET variables to the next script , which is very silly). In large scripts there might be multiple messages etc.
Best way is to use session to propagate them (even if on same page). For this there has to be a session_start on every page.
function set_flash($msg){ $_SESSION['message'] = $msg;}function get_flash(){ $msg = $_SESSION['message']; unset($_SESSION['message']); return $msg;}
and in your script :
<?phpif($wrong_username || $wrong_password){ set_flash('Invalid username or password');}?><html><body>Status is : <?php echo get_flash(); ?><form>...</form></body></html>5. Make your functions flexible
function add_to_cart($item_id , $qty){ $_SESSION['cart'][$item_id] = $qty;}add_to_cart( 'IPHONE3' , 2 );
When adding a single item you use the above function. When adding multiple items , will you create another function ? NO. Just make the function flexible enough to take different kinds of parameters. Have a closer look :
function add_to_cart($item_id , $qty){ if(!is_array($item_id)) { $_SESSION['cart'][$item_id] = $qty; } else { foreach($item_id as $i_id => $qty) { $_SESSION['cart'][$i_id] = $qty; } }}add_to_cart( 'IPHONE3' , 2 );add_to_cart( array('IPHONE3' => 2 , 'IPAD' => 5) );
So now the same function can accept different kinds of output. The above can be applied in lots of places to make your code more agile.
6. Omit the closing php tag if it is the last thing in a scriptI wonder why this tip is omitted from so many blog posts on php tips.
<?phpecho "Hello";//Now dont close this tag
This will save you lots of problem. Lets take an example :
A class file super_class.php
<?phpclass super_class{ function super_function() { //super code }}?>//super extra character after the closing tag
Now index.php
require_once('super_class.php');//echo an image or pdf , or set the cookies or session data
And you will get Headers already send error. Why ? because the "super extra character" has been echoed , and all headers went along with that. Now you start debugging. You may have to waste many hours to find the super extra space.
Hence make it a habit to omit the closing tag :
<?phpclass super_class{ function super_function() { //super code }}//No closing tag
Thats better.
7. Collect all output at one place , and output at one shot to the browserThis is called output buffering. Lets say you have been echoing content from different functions like this :
function print_header(){ echo "<div id='header'>Site Log and Login links</div>";}function print_footer(){ echo "<div id='footer'>Site was made by me</div>";}print_header();for($i = 0 ; $i < 100; $i++){ echo "I is : $i <br />';}print_footer();
Instead of doing like that , first collect all output in one place. You can either store it inside variables in the functions or use ob_start and ob_end_clean. So now it should look like
function print_header(){ $o = "<div id='header'>Site Log and Login links</div>"; return $o;}function print_footer(){ $o = "<div id='footer'>Site was made by me</div>"; return $o;}echo print_header();for($i = 0 ; $i < 100; $i++){ echo "I is : $i <br />';}echo print_footer();
So why should you do output buffering :
You can change the output just before sending it to browser if you need to. Think about doing some str_replaces , or may be preg_replaces or may be adding some extra html at the end like profiler/debugger output Its a bad idea to send output to browser and do php processing at the same time. Have you ever seen a website where there is a Fatal error in the sidebar or in a box in the middle of the screen. You know why that happens ? Because processing and output are being mixed. 8. Send correct mime types via header when outputting non-html contentLets echo some xml.
$xml = '<?xml version="1.0" encoding="utf-8" standalone="yes"?>';$xml = "<response> <code>0</code></response>";//Send xml dataecho $xml;
Works fine. But it needs some improvement.
$xml = '<?xml version="1.0" encoding="utf-8" standalone="yes"?>';$xml = "<response> <code>0</code></response>";//Send xml dataheader("content-type: text/xml");echo $xml;
Note that header line. That line tells the browser that the content is xml content. So the browser can handle it correctly. Many javascript libraries also rely on header information.
Similarly for javascript , css , jpg image , png image :
Javascript
header("content-type: application/x-javascript");echo "var a = 10";
CSS
header("content-type: text/css");echo "#div id { background:#000; }";9. Set the correct character encoding for a mysql connection
Ever faced a problem that unicode/utf-8 characters are stored in mysql table correctly , phpmyadmin also shows them correct , but when you fetch them and echo on your page they do not show up correctly. The secret is mysql connection collation.
$host = 'localhost';$username = 'root';$password = 'super_secret';//Attempt to connect to database$c = mysqli_connect($host , $username, $password); //Check connection validityif (!$c) { die ("Could not connect to the database host: <br />". mysqli_connect_error());} //Set the character set of the connectionif(!mysqli_set_charset ( $c , 'UTF8' )){ die('mysqli_set_charset() failed');}
Once you connect to the database , its a good idea to set the connections characterset. This is a must when you are working with multiple languages in your application.
Otherwise what will happen ? You will see lots of boxes and ???????? in non english text.
10. Use htmlentities with the correct characterset optionPrior to php 5.4 the default character encoding used is ISO-8859-1 which cannot display characters like À â etc.
$value = htmlentities($this->value , ENT_QUOTES , 'UTF-8');
Php 5.4 onwards the default encoding will be UTF-8 which will solve most problems , but still better be aware about it if your application is multilingual.
11. Do not gzip output in your application , make apache do thatThinking of using ob_gzhandler ? No dont do that. It doesnt make sense. Php is supposed to write your application. Dont worry about how to optimise data transfer between server and browser inside Php.
Use apache mod_gzip/mod_deflate to compress content via the .htaccess file.
12. Use json_encode when echoing javascript code from phpThere are times when some javascript code is generated dynamically from php.
$images = array( 'myself.png' , 'friends.png' , 'colleagues.png');$js_code = '';foreach($images as $image){$js_code .= "'$image' ,";}$js_code = 'var images = [' . $js_code . ']; ';echo $js_code;//Output is var images = ['myself.png' ,'friends.png' ,'colleagues.png' ,];
Be smart. use json_encode :
$images = array( 'myself.png' , 'friends.png' , 'colleagues.png');$js_code = 'var images = ' . json_encode($images);echo $js_code;//Output is : var images = ["myself.png","friends.png","colleagues.png"]
Isn't that neat ?
13. Check if directory is writable before writing any filesBefore writing or saving any file , make sure you check that the directory is writable or not , and flash an error message if it is not. This will save you a lot of "debugging" time. When you are working on a linux , permissions have to be dealt with and there would be many many permission issues when directories would not be writable , files would not be readable and so on.
Make sure that your application is as intelligent as possible and reports the most important information in the shortest time.
$contents = "All the content";$file_path = "/var/www/project/content.txt";file_put_contents($file_path , $contents);
That is totally correct. But has some indirect problems. The file_put_contents may fail for a number of reasons :
Parent directory does not exist Directory exists , but is not writable File locked for writing ?So its better to make everything clear before writing out to a file.
$contents = "All the content";$dir = '/var/www/project';$file_path = $dir . "/content.txt";if(is_writable($dir)){ file_put_contents($file_path , $contents);}else{ die("Directory $dir is not writable, or does not exist. Please check");}
By doing this you get the accurate information that where is a file write failing and why
14. Change permission of files that your application createsWhen working in linux environment , permission handling can waste a lot of your time. Hence whenever your php application creates some files do a chmod over them to ensure they are "accessible" outside. Otherwise for example the files may be created by "php" user and you are working as a different user and the system wont let you access or open the file , and then you have to struggle to get root privileges , change the permissions of the file and so on.
// Read and write for owner, read for everybody elsechmod("/somedir/somefile", 0644);// Everything for owner, read and execute for otherschmod("/somedir/somefile", 0755);15. Don't check submit button value to check form submission
if($_POST['submit'] == 'Save'){ //Save the things}
The above is mostly correct , except when your application is multi-lingual. Then the 'Save' can be many different things. How would you compare then. So do not rely on the value of submit button. Instead use this :
if( $_SERVER['REQUEST_METHOD'] == 'POST' and isset($_POST['submit']) ){ //Save the things}
Now you are free from the value the submit button
16. Use static variables in function where they always have same value//Delay for some timefunction delay(){ $sync_delay = get_option('sync_delay'); echo "<br />Delaying for $sync_delay seconds..."; sleep($sync_delay); echo "Done <br />";}
Instead use static variables as :
//Delay for some timefunction delay(){ static $sync_delay = null; if($sync_delay == null) { $sync_delay = get_option('sync_delay'); } echo "<br />Delaying for $sync_delay seconds..."; sleep($sync_delay); echo "Done <br />";}17. Don't use the $_SESSION variable directly
Some simple examples are :
$_SESSION['username'] = $username;$username = $_SESSION['username'];
But this has a problem. If you are running multiple applications on the same domain , the session variables my conflict. 2 different applications may set the same key name in the session variable. Take for example , a frontend portal , and the backend management application , on the same domain.
Hence use application specific keys with wrapper functions :
define('APP_ID' , 'abc_corp_ecommerce');//Function to get a session variablefunction session_get($key){ $k = APP_ID . '.' . $key; if(isset($_SESSION[$k])) { return $_SESSION[$k]; } return false;}//Function set the session variablefunction session_set($key , $value){ $k = APP_ID . '.' . $key; $_SESSION[$k] = $value; return true;}18. Wrap utility helper functions into a class
So you have a lot of utility functions in a file like :
function utility_a(){ //This function does a utility thing like string processing}function utility_b(){ //This function does nother utility thing like database processing}function utility_c(){ //This function is ...}
And you use the function throughout your application freely. You may want to wrap them into a class as static functions :
class Utility{ public static function utility_a() { } public static function utility_b() { } public static function utility_c() { }}//and call them as $a = Utility::utility_a();$b = Utility::utility_b();
One clear benefit you get here is if php has inbuilt functions with similar names , then names will not conflict.
Another perspective , though little advanced is that you can maintain multiple versions of the same class in the same application without any conflict. Its basically encapsulation , nothing else.
if($a == true) $a_count++;
Its absolutely a WASTE.
Write
if($a == true){ $a_count++;}
Dont try to make your code shorter by eating up syntax. Rather make your logic shorter.
Use a proper text editor which has code highlighting. Code highlighting helps to create lesser errors. 20. Process arrays quickly with array_mapLets say you want to trim all elements of an array. Newbies do it like this :
foreach($arr as $c => $v){ $arr[$c] = trim($v);}
But it can more cleaner with array_map :
$arr = array_map('trim' , $arr);
This will apply trim on all elements of the array $arr. Another similar function is array_walk. Check out the
documentation on these to know more.
Have you been using to regex to validate values like email , ip address etc. Yes everybody had been doing that. Now lets
try something different, called filters.
The php filter extension provides simple way to validate or check values as being a valid 'something'.
22. Force type checking$amount = intval( $_GET['amount'] );$rate = (int) $_GET['rate'];
Its a good habit.
23. Write Php errors to file using set_error_handler()set_error_handler() can be used to set a custom error handler. A good idea would be write some important errors in a file for logging purpose
24. Handle large arrays carefullyLarge arrays or strings , if a variable is holding something very large in size then handle with care. Common mistake is to create a copy and then run out of memory and get a Fatal Error of Memory size exceeded :
$db_records_in_array_format; //This is a big array holding 1000 rows from a table each having 20 columns , every row is atleast 100 bytes , so total 1000 * 20 * 100 = 2MB$cc = $db_records_in_array_format; //2MB moresome_function($cc); //Another 2MB ?
The above thing is common when importing a csv file or exporting table to a csv file
Doing things like above can crashs scripts quite often due to memory limits. For small sized variables its not a problem , but must be avoided when handling large arrays.
Consider passing them by reference , or storing them in a class variable :
$a = get_large_array();pass_to_function(&$a);
by doing this the same variable (and not its copy) will be available to the function. Check documentation
class A{ function first() { $this->a = get_large_array(); $this->pass_to_function(); } function pass_to_function() { //process $this->a }}
unset them as soon as possible , so that memory is freed and rest of the script can relax.
Here is a simple demonstration of how assign by reference can save memory in some cases
<?phpini_set('display_errors' , true);error_reporting(E_ALL);$a = array();for($i = 0; $i < 100000 ; $i++){ $a[$i] = 'A'.$i;}echo 'Memory usage in MB : '. memory_get_usage() / 1000000 . '<br />';$b = $a;$b[0] = 'B';echo 'Memory usage in MB after 1st copy : '. memory_get_usage() / 1000000 . '<br />';$c = $a;$c[0] = 'B';echo 'Memory usage in MB after 2st copy : '. memory_get_usage() / 1000000 . '<br />';$d =& $a;$d[0] = 'B';echo 'Memory usage in MB after 3st copy (reference) : '. memory_get_usage() / 1000000 . '<br />';
The output on a typical php 5.4 machine is :
Memory usage in MB : 18.08208
Memory usage in MB after 1st copy : 27.930944
Memory usage in MB after 2st copy : 37.779808
Memory usage in MB after 3st copy (reference) : 37.779864
So it can be seen that in the 3rd copy which was by reference memory was saved. Otherwise in all plain copies memory is used up more and more.
25. Use a single database connection, throughout the scriptMake sure that you use a single connection to your database throughout your script. Open a connection right in the beginning and use it till the end , and close it at the end. Do not open connections inside functions like this :
function add_to_cart(){ $db = new Database(); $db->query("INSERT INTO cart .....");}function empty_cart(){ $db = new Database(); $db->query("DELETE FROM cart .....");}
Having multiple connections is a bad idea and moreover they slow down the execution since every connection takes time to create and uses more memory.
Use the singleton pattern for special cases like database connection.
26. Avoid direct SQL query , abstract it$query = "INSERT INTO users(name , email , address , phone) VALUES('$name' , '$email' , '$address' , '$phone')";$db->query($query); //call to mysqli_query()
The above is the simplest way way of writing sql queries and interacting with databases for operations like INSERT, UPDATE, DELETE etc. But it has few drawbacks like:
All values have to be escaped everytime manually Manually verify the sql syntax everytime. Wrong queries may go undetected for a long time (unless if else checking done everytime) Difficult to maintain large queries like thatSolution: ActiveRecord
It involves writing simple functions that abstract the generation of sql queries, hence avoid writing of direct sql queries.
A very simple example of an activerecord insert function can be like this :
function insert_record($table_name , $data){ foreach($data as $key => $value) { //mysqli_real_escape_string $data[$key] = $db->mres($value); } $fields = implode(',' , array_keys($data)); $values = "'" . implode("','" , array_values($data)) . "'"; //Final query $query = "INSERT INTO {$table}($fields) VALUES($values)"; return $db->query($query);}//data to be inserted in database$data = array('name' => $name , 'email' => $email , 'address' => $address , 'phone' => $phone);//perform the INSERT queryinsert_record('users' , $data);
The above example shows how to insert data in a database, without actually having to write INSERT statements. The function insert_record takes care of escaping data as well. A big advantage here is that since the data is being prepared as a php array, any syntax mistake is caught instantly (by the php interpreter ofcourse).
This function can be part of a database class, and callable like this $db->insert_record(). Similar functions can be written for update, select, delete as well. Should be a good practise.
27. Cache database generated content to static filesPages that are generated by fetching content from the database like cms etc, can be cached. It means that once generated, a copy of it can be writted to file. Next time the same page is requested, then fetch it from the cache directory, dont query the database again.
Benefits :
Save php processing to generate the page , hence faster execution Lesser database queries means lesser load on mysql database 28. Store sessions in databaseFile based sessions have many limitation. Applications using file based sessions cannot scale to multiple servers, since files are stored on a single server. But database can be access from multiple servers hence the the problem is solved there. Also on shared hosting, the session files reside in the tmp directory, which is readable by other accounts. This can be a security issue.
Storing session in database makes many other things easier like:
Restrict concurrent logins from same username. Same username cannot log in from 2 different places at same time Check online status of users more accurately 29. Avoid using globals Use defines/constants Get value using a function Use Class and access via $this 30. Use base url in head tagQuick example :
<head> <base href="http://www.domain.com/store/"></head><body> <img src="happy.jpg" / alt="40+ Useful Php tips for beginners ? Part 1" ></body></html>
The base tag is like a 'ROOT' url for all relative urls in the html body. Its useful when static content files are organised into directories and subdirectories.
Lets take an example
www.domain.com/store/home.php
www.domain.com/store/products/ipad.php
In home.php the following can be written :
<a href="home.php">Home</a><a href="products/ipad.php">Ipad</a>
But in ipad.php the links have to be like this :
<a href="../home.php">Home</a><a href="ipad.php">Ipad</a>
This is because of different directories. For this multiple versions of the navigation html code has to be maintained. So the quick solution is base tag.
<a href="home.php">Home</a><a href="products/ipad.php">Ipad</a>