Many web developers consider PHP a second-class language. The truth is, as DHH puts it: “You can build the best web application in the world with any language you want”. We are here not to start a religious war but to help beginner PHP developers get better. Here is some of the best advice from season PHP programmers.
First steps
- Get into the habit of commenting your code thoroughly from the outset, your future self will thank you https://www.phpdoc.org/
- Ignore any online tutorials, stack-overflow solutions or any other PHP code snippets on the internet that are older than 3 or 4 years (use Google’s advanced search date tools to filter out older content). PHP had evolved dramatically in the last few years, and much of what is out there is wrong, insecure and bad practice. When you Googled something click ‘Search tools’, then ‘Any time’, then ‘Custom range’ and enter starting date.
- Read every single article here: http://www.phptherightway.com/
- Version all your code using GIT or BitBucket
- Familiarize yourself with the PSR standards
- Learn and understand design patterns. Understanding design patterns will help you in any OO language you work with in the future.
- Learn xdebug. Use it. echo and var_dump can be useful too but not as .
- If you know an earlier version of PHP, forget it. Move to PHP7. The benefits of PHP7 are so tremendous on code execution performance that it makes sense to migrate to it immediately and to use all of its new features. So, read up on all the new features of PHP7 and try to put them into context.
- Find an IDE editor that you love. There are several to choose from.
Digging deeper
- You should learn the differences between MVC (the most popular)as well as MVVM and HMVC.
- I recommend trying to code your own lightweight MVC framework so that you get a sense of why it’s important. So, using an .htaccess file on Apache (or the equivalent on NGINX), throw things at your front-controller for parsing and routing to your page controllers. Then, load a bootstrap so that you can autoload model components super easy, load a $view object so that you can inject variables into it, load your view with those variables inside, and voila. Here’s a super simple one to help teach you.
- The #1 bottleneck I’ve seen in the trenches has been database speed. When people complain about a slow website or web application, make certain the database has enough RAM and the MySQL (or whatever you’re using) is tweaked with all the latest performance tweak suggestions. Also, a heavily normalized database is great for write performance, but TERRIBLE for read performance. What many big companies do is to split the database into two databases — one that’s slightly normalized a couple degrees but not outrageously complex, and then one that’s for archive, history, and reporting tasks that is not normalized very much at all. It’s a delightful day when you move from an 8GB database server to a 32GB RAM database server, and when it’s fully optimized. Many websites and web apps speed up tremendously by doing that — or even going from 4GB to 16GB RAM.
- Apache is most documented as far as a web server, but NGINX is where you want to be until a faster cross-platform web server comes along that’s just as capable. There’s no .htaccess file in NGINX, but you can do similar things with it if you read the docs.
- If you don’t know Linux and docker, learn those. Also learn the differences between CentOS, Fedora, and Ubuntu.
- Learn vagrant, chef, and composer.
- I recommend you get a tutorial on C, C++, and how to make a PHP extension with a skeleton template. Then, load it through PHP and pass strings, integers, and floating point numbers to/from it so that you get an idea what’s all involved. It’s a great way to optimize PHP for extremely slow code in some use cases. There may come a time when you might need this. Plus, having C and C++ in your skillset definitely won’t hurt you.
- I prefer to code on a Mac because it’s less virus-prone than Windows and has much better hardware and system performance, and longer battery life (although things are rapidly changing in PC laptops). I recommend that you consider this for your PHP coding. Also, I install VirtualBox and Ubuntu for when I need to do something in Linux.
- Learn the Meld tool for Linux – lifesaver! It lets you do 2 and 3 way diff reports on files. You may also find a suitable tool fro Windows or Mac.
- Learn git. Some old fogies may want you to also learn svn as well. Not only learn git, but learn how to bring up a nice git server and web front-end manager for it.
- Learn WordPress and Drupal, as well as under the hood, and how to make plugins and themes for each.
- Learn some of the new PHP-based site generators out there, which are growing in popularity because, well, WordPress and Drupal are great if you stay on top of the security updates on a daily basis, but a site generator can often give you a more secure website that looks just as great, which clients can update themselves just as well as in WordPress.
- Every quarter in a year, read up on the latest techniques for blocking XSS, SQL Injection, and other data validation because the hackers are intense and new loopholes are discovered. This affects every programming language, and some more than others — especially web programming.
- The latest trend seems that a LOT of web developers have moved to Laravel or a lightweight version named Lumen. I definitely recommend considering these, but only after you have coded your own lightweight MVC framework so that you know what’s involved and why Laravel or Lumen might be a better platform. Other popular ones are Cake, Code Igniter, and Zend Framework.
- Learn jQuery.
- Learn Bootstrap, Zurb Foundation, and Semantic UI as well as custom templates built on top of these. Visit themeforest.net if you haven’t done so already.
- Some may advise you to learn frameworks like Angular JS or something similar. I’m not a fan of these — I think they can be hacked too easily and also it creates messier programming.
- I know everyone rages about the performance of PostgreSQL, but the sad thing is that web hosting providers won’t help you much with it, while they will with MySQL. In a heavy production environment where I’m on Digital Ocean, RackSpace, or Amazon hosting and tech support, MySQL (or Aurora on Amazon) is where it’s at. It’s what they understand and can help you scale.
- I know people brag up and down about NoSQL and platforms like that, but there are actually ways you can tweak a MySQL table to give you just as good or better performance than the NoSQL.
- Learn how to bring up a high-performance, fault-tolerant tiered production architecture where you have 2 or more web servers behind a single IP address with a load balancer, speaking to the same database server (although it should be one with lots of disk space and RAM).
- Have your company send you to Linux and web security training once you know Linux pretty well after a couple of years. Or, perhaps a white hat hacking class.
- Learn the best crypto standards in PHP such as the best method to store a password in the database. Read up about PII (Personally Identifiable Information) definition and what you can do to safe-keep your customer data.
- Get used to setting up payment gateways with TokenPay or OmniPay APIs with Stripe, 2Checkout, and BraintreePayments, among others. Learn the difference between high risk payment gateways and regular payment gateways. Also learn why it’s best to use a token-based API so that you have very little PCI requirements because your payment gateway is managing the most of those PCI concerns. (You’ll want to read up on what PCI credit card stuff is.)
- Health. As a coder, you’ll be doing brutal things to your body. Get into a workout program that involves you for anywhere from an hour to two hours every 2-3 days. And don’t overdo it — some things can damage your hands, elbows, etc. Also, give your eyes a rest by using a larger display that you attach to your laptop over HDMI, a dark IDE editor theme, and turn down the brightness and increase the contrast. As I approach 50, more and more I use glasses now, which I loathe.
- You don’t have to work for The Man all the time. You can freelance. It’s the web, man — you can work from anywhere in the world with good Internet. Try it on the side a little with some local small businesses just to get your feet wet. I now do full-time freelancing.
- Have some fun with your new, mad PHP skills. Think up some kind of SaaS project on the side that might only take 2 to 3 months to code and try out. Learn from that experience. Launch some Google Adwords and (to a lesser degree) a Facebook ad campaign. Write some articles about your SaaS project and put it in some free article directories, giving you lots of nice backlinks. Make some nice side income. Then, think up another one and launch that too. Imagine between these two that you had $20/month per customer coming in, and 5 new customers a month on each website. That’s $200/month and it compounds such that if you don’t lose any of those customers, by two years you’d have a regular $4800/month coming in. Then, add another payment tier with more features on each website.
- After a few years, consider bringing up a small business webhosting company on the side with your skillset, using reseller cPanel hosting. Charge a rate slightly higher than A2 Hosting and advertise it, as well as get good backlinks for it (even if you have to pay for those). You’ll get a trickle of side income to make your life more comfortable. The support needs aren’t that intense with these. Often you can rephrase the questions and pose them to the company you’re reselling for in order to get an answer on anything you’re stumped on, or you can ask on sites like serverfault.com. Eventually, you can do offshore outsourcing to help you with trouble tickets.
- Read up on Code Smells.
- Learn about CloudFlare web application firewall or services like that. They are valuable for mitigating DDoS issues.
- Learn OpenCart. I know there are Magento jobs out there, but man it’s slow.