From 100 PHP Mistakes and How to Avoid Them by Trevoir Williams

This book will upgrade your PHP code by highlighting the errors, antipatterns, and security weaknesses common to PHP applications.


PHP is one of the best programming languages to begin the journey as a web application developer. The most basic website can be referred to as a static website and it is generally composed of HTML, CSS and some JavaScript. By adding a server-side language like PHP, we can make the content a little more dynamic and better control the content without always needing to modify the HTML code. PHP’s syntax is easy to adopt and the tooling is free. These factors have made it the most popular web programming language across the internet and there are many free hosting platforms that can be used to publish a PHP website.

With all that said, it is important to note that PHP’s syntax is relatively easy to pick up on and there are many fundamental programming concepts that are not enforced. Although this makes it an excellent selection for beginners, it can also be a potential nightmare for bigger projects. Given how easy it is to do certain things, without following best practices, we run the risk of introducing code smells.

A code smell can be seen as a blip in application code that can be traced back to poor or misguided programming practices. In other words, when we fail to adhere to certain best practices and standards. Code Smells can inhibit one’s ability to extend code and scale an application in the future. We want to be able to detect these as early as possible.

This book focuses on detecting code smells and the best ways to fix them. The end result will be that you, a PHP developer, will be able to write cleaner and more maintainable code and make fewer mistakes in many areas of the language.

Too many nested conditions

PHP is arguably the most prevalent and popular web programming language in use today. It has actually lost some steam and popularity in more recent times, due to the prevalence of viable alternative frameworks and languages. Even then, it retains its crown as a popular language among startups and beginners.

There is good reason for this popularity; factors that make PHP a good language to begin programming with include:

Open Source: Building on the fact that the toolset is free, we cannot ignore PHP’s open-source nature. There are thousands of developers who use PHP and this has led to a large community for support and suggestions to make the language better. Its open nature has also led to frameworks (like Laravel and Symfony to name a few), numerous third-party packages/components, and other development tools that make it easier to use this language.

Fast: PHP contributes to speedy delivery in many ways. For developers, it is easy to deliver a working prototype of a solution, which spells well for both developer and client. The language also makes efficient use of system resources, leading to a generally quick execution time and reduced latency for end-users.

Cost Effective: Since PHP is open-source, many projects can be delivered on a small startup budget. It is no wonder that many companies started here, even if they migrated away at some point. It is an excellent first language to use for an underfunded company or web application idea.

Ongoing Support: PHP is constantly being improved on and is becoming more stable and secure with each passing day.

Versatility: It supports Object Oriented Programming and is capable of supporting modern programming paradigms with a little discipline.

Despite these qualities being in PHP’s favor when it comes to being a great language to pick up and start using, some of these qualities can become a hindrance for developers who are looking to move into larger and more advanced projects.

Downsides of an Easy Language

We love when things are easy, don’t we? In mathematics, we would often be encouraged to show our work. This was bothersome sometimes because we could easily run some calculations mentally and write down the answer. Our instructor would find this less valuable than if we showed the actual working and thought process on paper.

The same is true for programming languages that can be considered as easy. There are a number of relaxed rules and bypasses to doing certain things and this leads us to develop generally poor habits and approaches to writing code. This also makes it more difficult to transition to more strict languages effectively.

PHP, for instance, does not require you to declare a variable with a specific data type. This earns the classification of weakly-typed language. In contrast to a strongly-typed language, you are allowed to declare a variable without specifying the data type that it is expected to store.

Given that a variable is a temporary storage area for values between operations, we need to make sure that we know what we are storing. Strong typing means that you need to state what data type the variable is expected to store upon declaration and then you are only allowed to store values of that type thereafter. In PHP, we can define a variable and it will assume its data type based on the value assigned. This becomes a problem because this same variable can be used for anything further down in the code.

PHP in general has had a mixed reception in the programming world. Some people appreciate the perceived flexibility and others despise it. It is safe to say that exposure will always dictate your approach and exposure will mold your perception. That being said, there are clear and irrefutably incorrect ways of approaching code solutions to certain things.

Mistakes appear in all shapes and sizes, and it is important to know about the most common ones and how we can avoid them.

Common PHP Mistakes

It is easy enough to go and read a book that teaches you the best practices from the get-go, but both our own experience and scientific studies testify that it is more effective to learn not just conceptually, but by seeing something in action. This way, it deepens impressions and concretizes concepts for us. When we see what can go wrong and then see the corrected version, the context of the mistake and its solution gets imprinted in our minds. This is why learning from mistakes is very important.

Each mistake will be presented in the context of a real-world scenario. Scenarios and contexts do help us to appreciate what we are applying a bit more and help us to develop foresight on future projects and avoid mistakes upfront.

Mistakes can be classified into a few main categories:

  • Readability
  • Security
  • Code Organization
  • Maintainability
  • Performance

These mistakes generally make it difficult to maintain a PHP application as time goes on. It is important to note that we all make mistakes and the mistakes highlighted throughout this book might happen in other languages as well.

Who this book is for

This book assumes that you already have a fundamental understanding of PHP syntax and is easy to follow even if you have only just started learning. By the time you are finished with this book, you should be able to review your existing code, identify code smells, and apply the best solution possible.

What readers will learn

This book collates 100 common mistakes made by PHP developers. We tackle core aspects of the language like code organization, control structures, built-in methods, extensions, testing, optimizations, and deploying to production. We explore each potential mistake, why it is not the best approach, and then explore a better approach.

Readers can expect to learn the following:

  1. How to recognize and avoid common PHP mistakes
  2. How to fix bugs and errors with clean PHP coding
  3. How to apply best practices when writing PHP code
  4. How to assess potential flaws in your PHP application
  5. How to avoid common security flaws in PHP

If you want to learn more, check out the book here.