How to code PHP

[masood104]

Hi, I'm working on a YouTube Channel that specifies in PHP programming, My Channel consists of video tutorials on basics to advanced PHP coding.

Check it out.

Please Subscribe for more, and Message me for any requests!

You must be registered to see links

I currently have only a few videos, since I just started but I will be making more every day!

 

[ChewBecca]

Moved from Portfolio

 

[Hexadecimal]

I think you should talk a bit louder. C;

Nonetheless, good job. Have fun.

 

[masood104]

Thanks, yeah I'm using my built in mic at the moment I'm going to buy a studio mic if I start getting good viewership and subscriptions!

 

[TimeBomb]

Moved from Portfolio

Aww, now he's going to get eaten alive >.<.


Please be aware that I am going to be approaching this as someone who enjoys teaching others, as someone who is a computer engineer by profession, and as someone who is somewhat of a perfectionist.
Note: I only watched your "Basic Forms" video.
Most of the following is going to be constructive criticism, albeit sometimes harsh.


The video itself:
- The music wasn't all that necessary, and the way it blended in to the video... well, it didn't. It surely shouldn't have ever overlapped with your voice. If you want to do something like that, make a full introduction and/or closing clip, and use that in your videos. Don't just fade in and out a sound clip.

- You need a better mic. You may want to have some sort of written script beforehand, and you may want to have the end result code already done somewhere else, so you know exactly what you are coding.

- Doing more than one take isn't a bad thing. Use an audio recorder, and record it paragraph by paragraph, minute by minute, or whatever you are comfortable with.
In general, stuttering, awkwardly long pauses, using words such as "like" or "umm", or coughing, sneezing, etc, is usually undesirable in most videos of this nature, and it is easily preventable from happening in the end result video by doing multiple tanks and combining the best ones together into the video.


The code:
- It's best to avoid shorthanded closing of HTML tags. This was noticeable in your HTML input boxes. While <tag type="value" /> is valid sometimes - DEPENDING on your chosen HTML document type and the actual tag itself - in more cases than not, it is invalid.
Note: In some HTML document types, there is no need to close the input tag at all, either shorthanded or not.

- For what the tutorial was trying to get across, the PHP was alright. To find out if a form was posted to or not, I would suggest using if ($_SERVER['REQUEST_METHOD'] == 'POST')


The idea behind a 'tutorial':
The point of a tutorial is to teach someone something, right? Well... I feel that all you did here was type up code on a video. You didn't explain much of anything, and thus all that people may get out of it, if anything, is the exact code that you wrote - not the knowledge, ideology, or 'how/why it works' behind it.

If someone tells me that four squared is 16, then great. Maybe now I know that four squared is 16. But I don't know why. If they teach me why, then maybe I will also know why five squared is 25, or two squared is four. If they don't tell me the 'why' or 'how', then I won't know. It's memory at that point, not knowledge.

 

[SomeRB]

- For what the tutorial was trying to get across, the PHP was alright. To find out if a form was posted to or not, I would suggest using if ($_SERVER['REQUEST_METHOD'] == 'POST')

Without meaning to offend or question what you have said, but I have to ask at what stage you feel this would be needed to be implemented?

Personally, I only use this way now, but when I started, I used something similar to what was wrote within the video.

On the basis that it is within the basics section of his tutorials, would it be wise to throw too much at someone viewing it, as they would have next to no knowledge of the language if they are looking at the basics section.

With that said, I am looking forward to what comes within the advanced section.

@masood

* Will that include OOP or will the tutorials be strictly procedural?
* Will you be including security procedures?
* Will you be type checking data?
* Will you be introducing regular expressions to validate data?
* Will you be implementing MVC logic?

I have a lot more questions, but I don't want you here answering me when you have tutorials to make

-----

My criticism:

You open and close the PHP tags twice, to echo a single result. You should keep logic together and move everything between the PHP tags to below the form, should you wish it to echo there.

Personally, I would write the page something like:

<h3>Form</h3>
<hr>
<form action="" method="post">
<input type="text" name="text" value="">
<input type="submit" value="">
</form>
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
  /*
    Let's assume at some point, this will go into a database
    etc. If we are teaching them the basics, we may as well
    try and make them learn some basic validation early on
    in their learning process, hadn't we?
		
    Just my thinking at least.
		
    So let's assume it is a user name which really, in most
    circumstances, requires only alpha-numeric characters
    with spaces, underscores and hyphens,
  */
  $text = (array_key_exists('text', $_POST) && 
           is_string($_POST['text']) && 
           preg_match("`[0-9a-z _-]+`i", $_POST['text'])) 
           ? $_POST['text'] : FALSE ;

  if($text) {
    echo '<h3>The text you entered was</h3>' . $text;
  }
}
// Again, as stated in my post before, this is not really basics
// but the outline should be somewhat the same.

Apologies for the lack of formatting on the $text line. Wanted it to fit within the forum php tags without issue

 

[TimeBomb]

Without meaning to offend or question what you have said, but I have to ask at what stage you feel this would be needed to be implemented?

Personally, I only use this way now, but when I started, I used something similar to what was wrote within the video.

The idea is to teach them the most efficient, effective, and functionally correct way of coding PHP. While there are numerous ways to handle checking if a form was posted to, the best way to make sure that the a POST request was sent to the server is through my aforementioned method.

There are other ways, some better than others, that a similar result can be achieved, and if he wants to explain those before he explains the correct one, or even explain the incorrect one initially, stating that he will talk more about the correct way to do it later, then fine. He didn't do any of this - as I said in my previous post, he didn't really explain how anything worked or why it worked.

My criticism:

You open and close the PHP tags twice, to echo a single result. You should keep logic together and move everything between the PHP tags to below the form, should you wish it to echo there.

Personally, I would write the page something like:

<h3>Form</h3>
<hr>
<form action="" method="post">
<input type="text" name="text" value="">
<input type="submit" value="">
</form>
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
  /*
    Let's assume at some point, this will go into a database
    etc. If we are teaching them the basics, we may as well
    try and make them learn some basic validation early on
    in their learning process, hadn't we?
		
    Just my thinking at least.
		
    So let's assume it is a user name which really, in most
    circumstances, requires only alpha-numeric characters
    with spaces, underscores and hyphens,
  */
  $text = (array_key_exists('text', $_POST) && 
           is_string($_POST['text']) && 
           preg_match("`[0-9a-z _-]+`i", $_POST['text'])) 
           ? $_POST['text'] : FALSE ;

  if($text) {
    echo '<h3>The text you entered was</h3>' . $text;
  }
}
// Again, as stated in my post before, this is not really basics
// but the outline should be somewhat the same.

Apologies for the lack of formatting on the $text line. Wanted it to fit within the forum php tags without issue

Meh, it's not worth criticizing that IMO. In reality, you should never display blocks of HTML and handle PHP in the same file, but that is not the first thing a PHP developer needs to learn.

Also. array_key_exists('text', $_POST) (which will usually return the same result as isset($_POST['text']) will, in the context of your PHP code, make the POST request check redundant.

In terms of validation, htmlentities is all you need unless it is going into a database. If that is the case, then either using the PDO or Mysqli PHP libraries will solve your issue much more efficiently then regex matching functions.

 

[SomeRB]

My apologies timezone:

maybe I should have clarified that my work is based within gaming systems and I use the same methods across any system I am building, so while on a small system like this it may seem overkill, it is not when you consider a form I normally handle is almost certainly going to update a database with multiple updates, so everything has to be checked, regardless of how much you value my method, it works and it would be hard to bypass.

For the isset(), I will just post here, what was discussed between me and my peers recently:

Using isset() instead of array_key_exists()

You often see code which tests to see if some key in an array exists; yet the
test is always almost isset() - why?

Quick demo of why this fails:

<?php
$table = array
(
    'tom' => false,
    'penis' => null,
    'harry' => '',
);

echo "Keys: " . implode(', ', array_keys($table)) . "\n\n";
foreach ($table as $key => $value) {
    echo "isset(\$table['$key']) = " . (isset($table[$key]) ? "true" : "false") . "\n";
}
echo "\n";
foreach ($table as $key => $value) {
    echo "array_key_exists('$key', \$table) = " . (array_key_exists($key, $table) ? "true" : "false") . "\n";
}

Yields

Keys: tom, penis, harry

isset($table['tom']) = true
isset($table['penis']) = false
isset($table['harry']) = true

array_key_exists('tom', $table) = true
array_key_exists('penis', $table) = true
array_key_exists('harry', $table) = true

So you can clearly see, that isset breaks on null values. It doesn't sound much but you are trying to determine whether a key in an array exists; at this stage you are not interested in what value it has, so use the correct tool for the job.

Edit:

I totally agree that HTML should never be inside PHP. I will not question that. All my work uses Twig.

All logic is split in my systems, but let's be fair here, people new to PHP development are not really going to use a template system on a basic form and nor would I question them on not doing so.

Basic HTML page from the first system I opened:

{% extends "internal.html" %}
{% block title %}{{config.game_name}} | Your Account Settings{% endblock %}
{% block content %}
<form action="" method="post">
<table width="100%" class="tableClass">
  <tr>
    <th colspan="2" class="heading">Your Account Settings</th>
  </tr>
  {% if update %}
  <tr>
    <th colspan="2" class="divide">> Update Notice</th>
  </tr>
  <tr>
    <td colspan="2">
    {% for updates in update %}
      {{ updates }}<br />
    {% endfor %}
    </td>
  </tr>
  {% endif %}
  <tr>
    <td width="50%" class="divide">> Change Password</td>
    <td><input type="text" name="pass" value="" class="input_text"></td>
  </tr>
  <tr>
    <td width="50%" class="divide">> Confirm Password</td>
    <td><input type="text" name="passc" value="" class="input_text"></td>
  </tr>
  <tr>
    <td width="50%" class="divide">> Change Email</td>
    <td><input type="text" name="email" value="" class="input_text"></td>
  </tr>
  <tr>
    <td width="50%" class="divide">> Current Password</td>
    <td><input type="text" name="current" value="" class="input_text"></td>
  </tr>
  <tr>
    <th colspan="2"><input type="submit" name="submit" value="Update Account" class="input_submit"></th>
  </tr>
</table>
</form>
{% endblock %}

 

[masood104]

I want to give people the basic idea of how to code PHP . . . I'll take your criticism though.

I will eventually get into efficiency . . . but what's the point if you don't know how to code the simplest things.

I'm going to be talking about advanced stuff in future videos, I'm going to have a projects section where I develop a CMS.

Without meaning to offend or question what you have said, but I have to ask at what stage you feel this would be needed to be implemented?

Personally, I only use this way now, but when I started, I used something similar to what was wrote within the video.

On the basis that it is within the basics section of his tutorials, would it be wise to throw too much at someone viewing it, as they would have next to no knowledge of the language if they are looking at the basics section.

With that said, I am looking forward to what comes within the advanced section.

@masood

* Will that include OOP or will the tutorials be strictly procedural?
* Will you be including security procedures?
* Will you be type checking data?
* Will you be introducing regular expressions to validate data?
* Will you be implementing MVC logic?

I have a lot more questions, but I don't want you here answering me when you have tutorials to make

-----

My criticism:

You open and close the PHP tags twice, to echo a single result. You should keep logic together and move everything between the PHP tags to below the form, should you wish it to echo there.

Personally, I would write the page something like:

<h3>Form</h3>
<hr>
<form action="" method="post">
<input type="text" name="text" value="">
<input type="submit" value="">
</form>
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
  /*
    Let's assume at some point, this will go into a database
    etc. If we are teaching them the basics, we may as well
    try and make them learn some basic validation early on
    in their learning process, hadn't we?
		
    Just my thinking at least.
		
    So let's assume it is a user name which really, in most
    circumstances, requires only alpha-numeric characters
    with spaces, underscores and hyphens,
  */
  $text = (array_key_exists('text', $_POST) && 
           is_string($_POST['text']) && 
           preg_match("`[0-9a-z _-]+`i", $_POST['text'])) 
           ? $_POST['text'] : FALSE ;

  if($text) {
    echo '<h3>The text you entered was</h3>' . $text;
  }
}
// Again, as stated in my post before, this is not really basics
// but the outline should be somewhat the same.

Apologies for the lack of formatting on the $text line. Wanted it to fit within the forum php tags without issue

OOP is going to be done later on. In my opinion if they don't get the basic idea of procedural than what's the point?

Also, my first few videos were extremely general I am going to be talking about validation when I create a registration and login system of some sort, again very basic. Later on I will make a system keeping efficiency and security in mind. In the future I may introduce javascript when doing validation.

 

[SomeRB]

Sounds like a good plan.

Good luck

 

[TimeBomb]

My apologies timezone:

maybe I should have clarified that my work is based within gaming systems and I use the same methods across any system I am building, so while on a small system like this it may seem overkill, it is not when you consider a form I normally handle is almost certainly going to update a database with multiple updates, so everything has to be checked, regardless of how much you value my method, it works and it would be hard to bypass.

For the isset(), I will just post here, what was discussed between me and my peers recently:

Using isset() instead of array_key_exists()

You often see code which tests to see if some key in an array exists; yet the
test is always almost isset() - why?

Quick demo of why this fails:

<?php
$table = array
(
    'tom' => false,
    'penis' => null,
    'harry' => '',
);

echo "Keys: " . implode(', ', array_keys($table)) . "\n\n";
foreach ($table as $key => $value) {
    echo "isset(\$table['$key']) = " . (isset($table[$key]) ? "true" : "false") . "\n";
}
echo "\n";
foreach ($table as $key => $value) {
    echo "array_key_exists('$key', \$table) = " . (array_key_exists($key, $table) ? "true" : "false") . "\n";
}

Yields

Keys: tom, penis, harry

isset($table['tom']) = true
isset($table['penis']) = false
isset($table['harry']) = true

array_key_exists('tom', $table) = true
array_key_exists('penis', $table) = true
array_key_exists('harry', $table) = true

So you can clearly see, that isset breaks on null values. It doesn't sound much but you are trying to determine whether a key in an array exists; at this stage you are not interested in what value it has, so use the correct tool for the job.

There's a reason why I had the isset remark in parenthesis, and used the word usually - it was just a minor note. I am very aware that isset will return false on a null value. This is what it is supposed to do. It checks if the variable is set, not if it exists. If it is null, then it is not set, and thus the isset function returns false.
In general, the array key exists function is what you will want to use. But a value should never be set to null in the _POST array. Maybe the number 0, or an empty string, but not null.

The point of that sentence was that the existence check combined with the POST check is redundant in the specific code block that you wrote out.

Edit:

I totally agree that HTML should never be inside PHP. I will not question that. All my work uses Twig.

All logic is split in my systems, but let's be fair here, people new to PHP development are not really going to use a template system on a basic form and nor would I question them on not doing so.

Basic HTML page from the first system I opened:

{% extends "internal.html" %}
{% block title %}{{config.game_name}} | Your Account Settings{% endblock %}
{% block content %}
<form action="" method="post">
<table width="100%" class="tableClass">
  <tr>
    <th colspan="2" class="heading">Your Account Settings</th>
  </tr>
  {% if update %}
  <tr>
    <th colspan="2" class="divide">> Update Notice</th>
  </tr>
  <tr>
    <td colspan="2">
    {% for updates in update %}
      {{ updates }}<br />
    {% endfor %}
    </td>
  </tr>
  {% endif %}
  <tr>
    <td width="50%" class="divide">> Change Password</td>
    <td><input type="text" name="pass" value="" class="input_text"></td>
  </tr>
  <tr>
    <td width="50%" class="divide">> Confirm Password</td>
    <td><input type="text" name="passc" value="" class="input_text"></td>
  </tr>
  <tr>
    <td width="50%" class="divide">> Change Email</td>
    <td><input type="text" name="email" value="" class="input_text"></td>
  </tr>
  <tr>
    <td width="50%" class="divide">> Current Password</td>
    <td><input type="text" name="current" value="" class="input_text"></td>
  </tr>
  <tr>
    <th colspan="2"><input type="submit" name="submit" value="Update Account" class="input_submit"></th>
  </tr>
</table>
</form>
{% endblock %}

Your previous criticism was that he should separate the HTML better. I stated that it doesn't (usually) matter much how you separate the HTML if you are not using a template class, and that his target audience did not need to know about that just yet. Your separated HTML code versus his - they are both equally 'bad', albeit perfectly fine for the intended purposes.


@masood104: My main recommendation is to not just give code to your viewers, but also to teach them how and why it works the way it does.

 

[SomeRB]

@timezone: I totally agree with what you said, in that specific code block, array_key_exists() was not needed. I will not argue that at all.

When you commented on the html, my initial reaction was to be a little "upset" at your comment, so I went away, looked at the html and decided I almost agree with what you said there too. Result? I am re-writing the whole HTML layout and removing all tables completely because I decided I dislike them again, even for form alignment (I know, lazy way to align, right? )

On a whole, I appreciate your post. It made me reconsider a few things and now I can adjust a few things.

Maybe one day I will offer you something you can use too

 

[TimeBomb]

@timezone: I totally agree with what you said, in that specific code block, array_key_exists() was not needed. I will not argue that at all.

When you commented on the html, my initial reaction was to be a little "upset" at your comment, so I went away, looked at the html and decided I almost agree with what you said there too. Result? I am re-writing the whole HTML layout and removing all tables completely because I decided I dislike them again, even for form alignment (I know, lazy way to align, right? )

On a whole, I appreciate your post. It made me reconsider a few things and now I can adjust a few things.

Maybe one day I will offer you something you can use too

Hehe, no worries.
It's timebomb by the way, not timezone.

The array_key_exists wasn't so much the cause of the redundancy as it was the if($_SERVER['REQUEST_METHOD'] == 'POST') {

The comment on the HTML was towards the initial code that you suggested to the OP, not towards the code you showed me that is used with your template system.

Everyone has their own coding style. All I offer are suggestions based on my personal experience--perhaps sometimes even ideas that are open to debate.
I am always open to hearing someone else's point of view. But if I feel that it is not the most correct solution for the scenario, then I may (attempt to) debate it, which some programmers do not very much so like(ex. "If it's not done my way, it's wrong").

 

[SomeRB]

I agree with the last paragraph, but mainly the "some programmers do not like very much".

I find it quite funny that even the ones who are learning take offence when you offer them some solid advice.

And after reading your "programming history", it seems we are somewhat alike in our approach to learning techniques. Sweet

We both seem to have got lucky with contacts made also - mine does not have 55+ years, only 30+ though

Edit And apologies on the incorrect name, Mr. TimeLock

 

[masood104]

@TimeBomb: Yeah your right I should give them the technical reasoning for what we are doing. I think I am rushing too much I'll take my time in other videos.

@SomeRB: Lol for calling him TimeZone?