Home » PHP developer

Category Archives: PHP developer

Vetting form input using PHP

Forms provide a really good way for a hacker to try and fiddle with the internal ‘gubbings’ of your PHP code both in a normal PHP software development situation and customising WordPress with PHP.

The following functions allow a PHP developer to clean up the form’s data before they start to process it with their PHP code.

  • trim –
  • stripslashes
  • htmlspecialchars

Typically you can cascade the piece of data from the form through these functions.

$formvalue = trim($formvalue);
$formvalue = stripslashes($formvalue );
$formvalue = htmlspecialchars($formvalue );

They can obviously be nested into one line for brevity:

$formvalue = htmlspecialchars(stripslashes(trim($formvalue)));

Using the above will  remove  characters  such as  space, tab and  newline. It will then take out any ‘\’ characters. Finally any html tags are neutralised by characters such as <> being  replace by their respective PHP escape codes. For example: &gt for the greater than symbol >.


Checking if a URL has certain string within it using PHP

This PHP example checks the url has ‘fabbro.uk’ in it.

Alternatively you can shorten this to

if (strpos($_SERVER[‘REQUEST_URI’], “car”) !== false){
echo ‘string found’;

Optimisation by unrolling a PHP loop

A good PHP programmer or developer will use a number of techniques to ensure the code produced is efficient.

This optimisation technique is a space-time tradeoff.  The technique is used to  optimise  PHP program’s run-time speed, but at the expense of the size of the code or code length.

Instructions that control loops (branching penalties) can be time consuming so the idea is to excute as much as you can in each PHP programs interation cycle. Loops are re-written, by a PHP programmer to repeated similar statements.

The techniques advantages for a PHP program are:

  • Significant gains PHP execution speed that will surpass any loss in speed due to the  progam  or  performance reduction due to program’s size.
  • Branching penalties are kept to a minimum.
  • The technique allows for pseudo parallel PHP statements execution

The techniques disadvantages for a PHP program are:


  • Increased is size of the PHP program with an attendant performance loss
  • The code may become less readable adding to maintenance issues
  • Use of functions may be compromised
  • Applying if statements  in the unrolled PHP code may also lead to loss in performance.

Example PHP 5 Code

Original PHP code

for ($x = 0; $x <= 1000; $x++) {
     echo "Sales figures: $x, $sales[$x} <br>";

Unrolled version

for ($x = 0; $x <= 1000; $x+5) {
    echo "Sales figures: $x, $sales[$x} <br>";
    echo "Sales figures: $x, $sales[$x+1} <br>";
    echo "Sales figures: $x, $sales[$x+2} <br>";
    echo "Sales figures: $x, $sales[$x+3} <br>";
    echo "Sales figures: $x, $sales[$x+4} <br>";






MySQL is owned by Oracle Corporation. It is is a full-featured database management system that is the world’s second most widely used. MySQL is now deprecated. It’s important that PHP developer use MySQLi on new website so they will continue to work after the next version of PHP is released. It may be advisable to upgrade the code of any current web site to use MySQLi

What is LAMP?

LAMP is simply an acronym made up of for the four components of a solution stack, the collection of software that is used to build a software project usually open-source software. In this case they are: Linux, Apache, MySQLi and PHP/Perl/Python

What to look for in a good Freelance PHP developer and things to avoid

Some LAMP/PHP developers use short tags, a sort of short hand. However, you may find that the PHP code works on your current web server, but problems arise when you migrate to a new one. This feature is best avoided.

mySQL has already been mentioned, ensure your developer uses MySQLi or PDO when developing any database applications otherwise you may find you have a headache in the future. MySQLi Extension, which stands for MySQL Improved, is preferred database driver for PHP developers to use in the when providing interactions with a MySQL database.

A good Freelance LAMP/PHP developer will have a good knowledge of the PHP Core Functions and Classes. Some data processing tasks are common and therefore there is a good probability there is a PHP function or class that can accomplish the task, saving development time.

Defensive programming – data enter by people on web forms can be poisoned with SQL injection. This allows a hacker to access your database in not very friendly ways. A good Freelance, PHP developer will vet data that has been entered on a from against this. PHP has built in functions that can help.

Self-documentation code is an easily spotted the mark of a good PHP developer. By using meaningful variable names and comment, the PHP code becomes easily understood by any future PHP developers/programmers that may be employed to update the code.

The Freelance PHP developer uses a PHP application frame work. This again helps in the future maintenance of the code,