In this discussion, we will use best practice programming with PHP to building secure web application. It’s not easy to develop web based application more secure without knowing detail the problem of the various aspects. For this reason, in this discussion we will be presented in the best practice sample to building web based application.

Web developer know that good name of variable, function or others name in web application is conveys meaning related to the name of variable, function, class, etc. So, the web based application code become maintainability and not difficult to understand for everyone in the team developer. For example, follow this code bellow how we create good name of the web application.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
<?php
 
	/* Get Action */
	public function postAction() {
 
		$request = $this->getRequest();
		$post_id = $this->getRequest()->getQuery(‘id’);
 
		/* if action is new post */
		if ($request->isNew()) {
			…….
			…….
                }
 
               /* if action is save the post */
               if ($request->isSaved() {
	               ……..
	               ……..
              }
 
	}
 
?>

Let’s look how we can use names for variables that it’s easy to understand, use the following question when we create new variable or function.

What is the purpose of this variable ..?
What is the descriptive name of this variable ..?
Use title casing for each word in multiwords names. For example, $postBody is a better name than $postbody.
Use all capital letter to name of constant, for example $THEME_NAME, $THEME _DIR and etc.
Use verbs such as get, set, edit and update in the name of function or method, for example getPost() is better than accessPost().

Most application use database to store any information and create dynamical content, so we must know about some best practice that will make our code efficient, effective and stable. For example, if we want to get data from table, we use select statement.

1
2
3
4
5
6
 
<?php
	$query = “select * from tb_post”;
	$result  = $db->query($query);
	$result->fetchRow();
?>

With example above, web application become slower and use much more resources. The best code for example above, follow this code bellow.

1
2
3
4
5
6
 
<?php
	$query = “select id, title, keyword, body from tb_post”;
	$result  = $db->query($query);
	$result->fetchRow();
?>

To handle situations where resulting from no data or missing data, we must avoid by ensuring that the $result object is not null before calling the fetchRow() method of the $result object, the best code can seen at the following code.

1
2
3
4
5
6
7
8
9
 
<?php
	$query = “select id, title, keyword, body from tb_post”;
	$result  = $db->query($query);
 
	if ($result != null) {
		$result->fetchRow();
	}
?>

See next tips and tricks, how to create web based application more secure, effective and stable.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • Slashdot
  • Technorati
  • YahooMyWeb