Professional PHP Development Blog

As a PHP developer, I work quite a bit with MySQL database tables, having worked with several in the 40 Million + record range, as well as having to do several complex projects involving, in one case, interactions between over 60 different tables (not something I hope to do again, believe me).

One thing that always surprises me when working on code written by others is how frequently the code is subject to what is called MySQL Injection Attacks.

Although some servers handle it automatically (which is highly undesirable, for several reasons), anytime you use any user-submitted data in a MySQL query, you MUST “escape” the data to ensure that it is safe from an “Injection Attack”.

For those of you who are programmers and are unfamiliar with what I mean, you can read up on the subject more at the PHP Manual, but regardless of which database abstraction library you use (or if you directly use PHP’s MySQL class/funtions), always ensure that you have the database secured by escaping everything.

I won’t post examples here, as the link above has several excellent examples of ways to prevent it, and all decent database abstraction libraries should have their method of escaping the data implemented and documented. Just ensure that you use the methods provided!

P.S. I am currently able to accept a limited number of additional clients for my PHP Development services. Interested in discussing the possibility of my handling your project for you? Contact me!

Although this is not necessarily related to PHP development, the subject of time management and productivity is one that affects everyone. In my experience, those of us who work fulltime online (doing site development, internet marketing, or related work) often make poor use of our time.

The nature of the work is that it often exposes us to many distractions, ranging from email (always log out of email when you’re working!) to chat (same here…) to an interesting link you happen to stumble upon.

Although I have read many productivity and time management books through the years, many of which were helpful, there are a few things that are unique to fulltime web professionals, a group that none of the books I read specifically targeted.

However, late yesterday afternoon, I got an email with a link to a half-hour video put out by Eben at Guru MasterMind titled Becoming a Productive Modern Guru, which had some very helpful advice.

If you have read or studied the subject in the past, you will likely hear some familiar techniques, but if you take the time to watch it, you will hopefully pick up some new “tools” to improve your productivity.

P.S. I am currently able to accept a limited number of additional clients for my PHP Development services. Interested in discussing the possibility of my handling your project for you? Contact me!

As I work on programming projects, I am constantly looking for ways to boost productivity, decrease the development time, and, most importantly, to increase the quality of the code I produce.

To those ends, I came across the family of MVC (model-view-control, a class design pattern) frameworks for PHP early in my “productivity quest”, and have never looked back.

Although there are several other frameworks, such as the Zend Framework, and CakePHP, my current favorite framework would have to be the CodeIgniter framework.

This framework, like the others mentioned above, uses the MVC design pattern, similar to the popular Rubies on Rails (ROR programmers shouldn’t have much trouble jumping over to a MVC PHP framework, as the syntax is in many ways, very similar).

I now start most new projects with a copy of CodeIgniter using the Smarty library for templating (I prefer that to the default CodeIgniter templating system), and have noticed an increase in development speed of new projects since using it.

It is possible to simply plug in different libraries (in addition to the libraries that come with CodeIgniter), and I have done that with graphing libraries, image libraries, and a host of other third-party solutions in my applications, to significantly speed up the development of new sites.

For those of you who are currently using another framework or are not even using a framework, CodeIgniter is definitely worth a look, to see if it fits with your programming style. It’s not the only solution out there, but it has done well for my projects.

P.S. I am currently able to accept a limited number of additional clients for my PHP Development services. Interested in discussing the possibility of my handling your project for you? Contact me!

Today, I thought I would knock out a relatively light subject before tackling heavier stuff in the upcoming weeks and months. That topic is implementing header redirects with PHP.

Header redirects are redirects that are handled instantaneously and transparently by the browser, and come in two common forms: 301 redirects and 302 redirects.

The difference between the two is that a 301 redirect is used to tell users that a particular page has permanently moved, and a 302 redirect is used to tell users that a page has only been moved temporarily.

To implement a redirect, the following code must be placed in your PHP script before it prints out any output. Because the redirect is sent in the HTTP header, if the PHP script outputs anything before the redirect header is set, PHP will automatically send headers along with the data that is printed out, and it is impossible to add other headers after data is printed.

301 Redirect:

header("HTTP/1.1 301 Moved Permanently");
header("Location: http://www.prophpdevelopmentblog.com/");

302 Redirect:

header("HTTP/1.1 302 Moved Temporarily");
header("Location: http://www.prophpdevelopmentblog.com/");

One important thing to keep in mind when considering putting up a redirect, is that search engines will generally follow and pass link popularity on through 301 redirects, but not 302 redirects, so if the redirect is more or less permanent and you would like the search engine indexing/ranking to reflect that, then a 301 is the way to go.

P.S. I am currently able to accept a limited number of additional clients for my PHP Development services. Interested in discussing the possibility of my handling your project for you? Contact me!

A question that is often asked by new PHP programmers is:

“How do we compress the (HTML) page output?”

First of all, why would anyone want to compress their webpages? There are really two reasons why it is useful:

1. The page loads faster, especially for users with slower internet connections
2. The site uses less bandwidth, which means that the site, especially if it gets lots of traffic, is cheaper to run

The downside to compressing page output is that it uses more CPU processing power, but the benefits usually outweigh the extra processing that needs to take place server-side.

Techniques for Compressing Page Output

There are several ways to compress page output, which we will discuss below:

First of all, it is possible to activate it for all content (both PHP and non-PHP) served by your Apache web server by changing the configuration of Apache. However, for this post, we will focus on doing it with PHP, as that is the subject of this blog.

If you have access to your php.ini configuration file, the preferred method of compressing all PHP output is to do it by modifying the following configuration settings in that file to have these values:

zlib.output_compression = On
zlib.output_compression_level = 5

In the above code, “zlib.output_compression_level” should be set to a value between 1 and 9, with the higher values giving more compression, but using more server (CPU) resources.

Alternatively, if you don’t have access to the php.ini file on your server, you can put the compression code directly in your PHP scripts. To do that, put the following line at the top of all of your PHP pages that you want compressed:

Either way you use, once you think you have everything in place, you can use one of many compression testing websites in order to verify that your site is indeed sending compressed output to browsers.

Is it worth it to set up page compression? In most cases, yes.

For example, on one site I was recently working on, we were serving up about 2 Million pages/month without compression. We had complaints of the site loading slowly for some users (the pages were large), as well as the bandwidth getting expensive, so I took steps to set up page compression using the (first) php.ini method.

After getting it configured, I saw a noticeable decrease in page loading time, even for me with my fast internet connection, and the bandwidth bill dropped to only around 30% of what it was before. At the same time, the load on the dual Xeon processor didn’t move up noticeably, so in this case, I considered it to be a success.

P.S. I am currently able to accept a limited number of additional clients for my PHP Development services. Interested in discussing the possibility of my handling your project for you? Contact me!