
Things You Probably Didn’t Know About PHP - vladocar
http://www.devtheweb.net/blog/2010/01/12/things-you-probably-didnt-know-about-php/
======
smanek
As a first couple of notes:

 _1\. You can gzip strings before storing them in a DB_

But many modern Databases/Filesystems have the built in ability to achieve the
same effect - but faster and more transparently.

 _2\. Verify an email’s host address is a valid DNS record._

True, you can. But what's the point? I see two possibilities - either you want
to guarantee an address is legit or you don't. If you want a guarantee this
doesn't get you anything (you'll still have to send a confirmation email). If
you don't care, then what's the point (someone has to type joe@aol.com instead
of joe@klasjfklashf.com?). And (as a more minor concern) at sufficient scale,
it could cause performance problems. I remember some webserver used to
reverse-lookup IPs so it could log hostnames in its access log, and it was
brought to its knees by even minimal levels of traffic).

~~~
eli
Yes, it drives me nuts when people stress over picking the right regexp to
"verify" email addresses. As if they're ever going to be able to detect that
screw@you.com is not legit.

The goal should just be to identify common typos (comma instead of dot).
There's only one way to see if an email address is real.

~~~
cschneid
But there is great value in telling that new user "Hey this doesn't look like
an email address, please check it before continuing". Then accept whatever
they put in (because really, email addresses are stupidly complex).

------
martinp
_2\. You can check if a email is valid by the checkdnsrr() function. It checks
the email’s host address if it’s a valid DNS record._

Should this function really be used for email validation?

 _5\. Easily unpack numeric arrays using the well-know function list <snip>
Have you ever seen better code for swapping two variables’ values !?_

Yes, try Python: a, b = b, a

------
raffi
I'm a reasonably competent programmer by most standards and I was burned by
PHP once.

If you include a file with their include() function and have whitespace after
the closing ?> tag in the file--PHP will throw an error.

Except it gets better: whether this happens or not depends on a setting in
php.ini (output buffering I think).

This happens if you're trying to send header information from the parent file
but include a file that outputs whitespace on accident. The output buffering
delays sending the output (because it's buffered, duh :)) so the header info
can be sent, hence no error.

This is one of those things I didn't know and wish I did.

[http://stackoverflow.com/questions/1793482/php-error-
cannot-...](http://stackoverflow.com/questions/1793482/php-error-cannot-
modify-header-information-headers-already-sent)

The work around: omit the closing ?> tag from included files.

~~~
dutchflyboy
That's one of the most irritating problems with PHP due to the impossibility
to find the bug (well, it's a whitespace, it's not as if one could see it). On
my server, including a file with a whitespace after the ?> actually made the
server send the PHP source code as text, including the mysql passwords that
were included in the file.

~~~
andrewvc
Ouch, I generally try to put password files in directories not even in
www_root, that way if the web server config gets messed up this stuff isn't
even possible.

------
lt
_Have you ever seen better code for swapping two variables’ values !?_

Actually yeah. Ways that people reading the code would recognize right away.

I'm not sure if that's intuitive for someone who codes in PHP, but if it
belongs in a "PHP Tricks" article then it doesn't sound like the best way to
do it.

~~~
RyanMcGreal
Python:

    
    
        >>> a = 'apple'
        >>> b = 'banana'
        >>> a, b = b, a

------
RyanMcGreal
>7\. You can handle the situation when a class that doesn’t exist is
instantiated

I'm not a PHP programmer so maybe I just don't get it ... but why would you
ever want to instantiate a class that doesn't exist?

~~~
shaunxcode
This is actually how frameworks like Zend require_once the file which DOES
contain the class definition (and thus the ugly class names i.e.
Zend_Db_Table_Row etc. that correspond to the actual directory structure).
With proper namespaces most of this should go away.

------
encoderer
This is a good list for developers new to PHP. Most lists that target that
group tend to have a lot of outdated, wrong information; optimizations that
were important for PHP4 but irrelevant today.

This one seems to skirt that.

One change I would make is to use the very effective Filter Input library to
check an email address before you check it's DNS record. It would prevent a
costly DNS hit if the email address is just gibberish.

 _Edit: For the criticism below (and unexplicable down-mods), take note that I
didn't say this is a good list for new developers. I said this is a good list
for developers new to PHP_

~~~
mootothemax
I disagree, I think this kind of list is another reason why new developers
write poor PHP code. For example, as you highlight, there's no mention of
checking to see if the string is an email address _before_ taking the DNS hit.

Then number 1: what's the point of having a long string stored in the database
if it's compressed? Either put it there so you can search with it or store it
on the local filesystem.

5\. Why on earth should we be encouraging people to write code like this?

6\. The same point, and even the list's author doesn't know what's going on
here. He's using variable variables, e.g.

$cow = "ermintrude"; $dog = "wuffles";

$animal = "cow";

echo $$animal; //outputs ermintrude echo ${"dog"}; //output wuffles

As I say, new developers don't need these features and shouldn't be using
them. For that matter, I don't think any developer should be using the
features I mention above: am I wrong?

~~~
ddbb
The reason they write poor code is because they are beginners and beginners
always make mistakes, use functions incorrectly, etc. In any language they
code, not just PHP.

PHP is often more visible because it is more used and easier to write... But
if PHP wasn't that popular, we would see the same issue with Perl, Python,
etc.

~~~
mootothemax
I could have been clearer with what I meant there, and I agree with you: it's
not a problem specific to PHP, and in some ways it's unfair to label
beginners' mistakes as problems in the first place.

The point I wanted to emphasize is that by reading lists like these new users
might think that this is a good way to write PHP, whereas I strongly disagree
with this list existing in the first place.

There's also the slightly selfish point of view of not wanting to have to
clean up code like this should I come across it in future ;)

~~~
ddbb
I agree with you. But beginners need to learn from somewhere and most advanced
programmers are busy at work and not writing articles :)

Plus, did you ever read a PHP book? Most of them give bad examples and bad
code practices too... I just read one that said to disable all apache logging
(including error logging) for performance reasons.

