52
he clearPHP reference Amsterdam, the Netherlands. May 21st 2015 T

Clear php reference

Embed Size (px)

Citation preview

he clearPHP reference

Amsterdam, the Netherlands. May 21st 2015

T

Agenda

clearPHP reference

Focus on PHP

Make your own

Speaker

Damien Seguy

CTO at exakat

"Ik ben een boterham" : I'm a recent resident

Automated code audit services

Something wrong?<?php

function f($a, $a, $a) { echo $a;}

f('b', 'c', 'd');

?>

Won’t work in

PHP 7

Will work in

Python

clearPHP : all-unique-arguments

Coding standardsSymfony

Wordpress

Drupal

Typo3

Atoum

CakePHP

PEAR

PSR

Rafael Dohms

Wordpress StandardsSingle and Double Quotes

Indentation

Brace Style

Regular Expressions

No Shorthand PHP Tags

Remove Trailing Spaces

Space Usage

Formatting SQL statements

Database Queries

Naming Conventions

Self-Explanatory Flag Values for Function Arguments

Ternary Operator

Yoda Conditions

Clever Code

Error Control Operator @

Don’t extract()

Coding conventions

Conception

PHP coding reference

PHP gotcha

Something wrong?<?php

class w extends v { function f($a, $b = 2, $c) { echo $a; }}

?>

Still works

in PHP 7

clearPHP : argument-with-default-at-the-end

Something to avoid ?<?php

if (($h = file_get_contents($uri)) == '') { print "Error : couldn't access site\n";} else { process_html($h);} ?>

clearPHP : strict-comparisons

Something to avoid ?• array_search• collator_compare• collator_get_sort_key• current• fgetc• file_get_contents• file_put_contents• iconv_strpos• iconv_strrpos• imagecolorallocate• imagecolorallocatealpha

• mb_strlen• next• pcntl_getpriority• preg_match• preg_match_all• prev• readdir• stripos• strpos• strripos• strrpos• strtok

clearPHP : strict-comparisons

Something to trip on ?<?php

$array = array('a', 'b');$array2 = array('c', 'd');

foreach ($array as &$f) { }

foreach ($array2 as $f) { }

print_r($array);print_r($array2);

clearPHP : no-dangling-reference

Something to avoid ?Array( [0] => a [1] => d)Array( [0] => c [1] => d)

clearPHP : no-dangling-reference

Something to trip on ?<?php

$array = array('a', 'b');$array2 = array('c', 'd');

foreach ($array as &$f) { }unset($f);foreach ($array2 as $f) { }

print_r($array);print_r($array2);

clearPHP : no-dangling-reference

Something to trap you ?<?php

$x = true;$y = false;

$z = $x and $y;$z = $x && $y;

?>

clearPHP : no-letter-logical

Something wrong ?<?php

try {

} catch (\Unresolved\Class $e) {

} catch (\Not\An\Exception $e) {

}

this is dead code too

clearPHP : no-unresolved-catch

this is dead code too

Something wrong ?<?php

namespace X;try {

} catch (Exception $e) {

}

?> this is still dead code

clearPHP : no-unresolved-catch

Something wrong ?

<?php

if ($x instanceof \Some\Klasse) { $y = $x->convert();}

?>Unresolved classes are not notified :

this is dead code

clearPHP : no-unresolved-instanceof

Performances

Something slow ?<?php

define('DAY_IN_SECONDS', 24 * 60 * 60);

define('DAY_IN_SECONDS', 86400);

const DAY_IN_SECONDS = 86400;

?>

clearPHP : always-preprocess

Something slow ?<?php

$x = [];$x['id'] = 0;$x['username'] = 'bibi';$x['creation'] = time();

?>

clearPHP : always-preprocess

<?php $x = [ 'id' => 0, 'username' => 'bibi', 'creation' => time(), ];

?>

Something slow ?

<?php

echo "<p>";echo $paragraph;echo "</p>";

?>

clearPHP : no-repeated-print

Something slow ?<?php

$array = $source->fetchData();$array = array_unique($array);

?>

clearPHP : avoid-those-slow-functions

<?php $array = $database->fetchData();$array = array_keys( array_count_values($array));

?>

Something slow ?

clearPHP : no-array_merge-in-loop

<?php

$merged = []; foreach($array as $id => $row) { $array[$id][4] = VAT * $row[2]; $merged = array_merge($merged, $row);}

?>

<?php

foreach($array as &$row) { $row[4] = VAT * $row[2];}unset($row);$merged = array_merge($merged, $array);

?> clearPHP : use-reference-to-alter-in-foreach

PHP tricks

Something wrong ?<?php

switch ($x) { default : // something useful break; default : // something else and useful break; }

this is still dead code

clearPHP : no-switch-with-multiple-defaultWon’t work in

PHP 7

Something wrong ?<?php

switch ($x) { case 1 : // something useful break; case 1 : // something useful break; }

this is still dead code

clearPHP : no-duplicate-case

Something wrong ?<?php

$array = ['png' => 'image/png', 'jpg' => 'image/jpg', 'jpeg' => 'image/jpeg', 'gif' => 'image/gif', 'webp' => 'image/webp', 'wbmp' => 'image/wbmp', 'png' => 'image/png', ];

?>clearPHP : no-duplicate-key

Something wrong ?<?php

$array = [ 1 => 2, '1' => 4, 5 => 6, 7 => 8, 9 => 10, 11 => 12, 1.3 => 14 ];

two of them

is dead code

clearPHP : no-duplicate-key

Something insane

<?php

$content = @file_get_contents($uri);

?>

clearPHP : no-noscream

Something insane<?php

class user { public static getName() {

return $this->name; }}

?>

clearPHP : no-static-this Still works

in PHP 7

Not so specific to PHP

Something insane ?

<?php$credit = ( !is_array($_credit)) ? PtoBR(propre($_credit)) : ( $_credit['url'] ? '<a href="' . $_credit['url'] . '">' : '') . $_credit['nom'] . ( $_credit['url'] ? '</a>' : '');?>

clearPHP : no-nested-ternary

Something hardcoded<?php

$ftp_user = 'foo';$ftp_pass = 'bar';

// set up a connection$conn_id = ftp_connect('ftp.example.nl');// authenticationftp_login($conn_id, $ftp_user, $ftp_pass); ?>

clearPHP : no-hardcoded-credential

Something weird<?php

class user { public static countReal($array) {

return count(array_filter($array,

function ($x) { return !empty($x);});

}}?>

clearPHP : not-a-method

Something useless<?php

interface i { function getI(); }

class x implements i {function getI() { return rand(0, 10); }}

?>

clearPHP : no-useless-interfaces

Something useless<?php

function negateI(i $x) { return - $x->getI();}

function sumI(array $a) {$r = 0;foreach($a as $b) {if ($x instanceof i) {$r += $x->getI();

}} return $r;}

clearPHP : no-useless-interfaces

clearPHP

https://github.com/dseguy/clearPHP

109 rules for clear coding in PHP

clearPHPName

Explanations

Examples

Do and don't

More reading material

Single and Double Quotes

Indentation

Brace Style

[Regular Expressions]

no-short-tags

Remove Trailing Spaces

Space Usage

Formatting SQL statements

Database Queries - (always-prepare-statement)

Naming Conventions

Self-Explanatory Flag Values for Function Arguments

[Ternary Operator]

yoda-condition

No-implied-if

No-scream

Know-your-variables

Wordpress Standards

Sources

PHP Manual

Articles

Common practices

Feedback on clearPHP's repo

Something greedy ?

<?php

echo ("<p>" . $paragraph . "</p>");

?>

Something greedy ?

<?php

echo "<p>" . $paragraph . "</p>";

?>

clearPHP : no-parenthesis-for-language-construct

Something greedy ?

<?php

echo "<p>", $paragraph, "</p>";

?>

clearPHP : no-unnecessary-string-concatenation

Build your own referenceRead the reference

Cherry pick the rules you like

Ignore the rules you don't like

Herald this as your own reference

More rules to come

Do not use the 'else' keyword

Do not use 'else if' but make it one else if

Do wash your hands before hitting the keyboard

Texte

Thanks!@faguo, [email protected], https://github.com/dseguy/clearPHP

clearPHP

Rules to write good PHP code

Rules to write PHP code

Largest list of recommendations

Cherry pick your selection

No one knows why

Looks like old PHP 4

Bad for performance

Bad for security

Bad for maintenance

Newbie mistake

Bad for testing