diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a795ab9..3c69b84 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -62,7 +62,7 @@ included in the project: git checkout -b ``` -4. Install the [Jekyll](https://github.com/mojombo/jekyll/) gem to preview locally. +4. Install the [Jekyll](https://github.com/jekyll/jekyll/) gem to preview locally. 5. Commit your changes in logical chunks. Please adhere to these [git commit message guidelines](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) diff --git a/README.md b/README.md index e262049..2c0dcf5 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,7 @@ developers know where to find good information! * [English](http://www.phptherightway.com) * [Bulgarian](http://bg.phptherightway.com) * [Chinese (Simplified)](http://wulijun.github.com/php-the-right-way) +* [Chinese (Traditional)](http://laravel-taiwan.github.io/php-the-right-way) * [French](http://eilgin.github.io/php-the-right-way/) * [German](http://rwetzlmayr.github.io/php-the-right-way) * [Indonesian](http://id.phptherightway.com) @@ -58,11 +59,13 @@ If you are interested in translating _PHP: The Right Way_, fork this repo on Git To avoid fragmentation and reader confusion, please choose one of these options: -1. We link to your GitHub Pages fork with `[username].github.com/php-the-right-way` +1. We link to your GitHub Pages fork with `[username].github.io/php-the-right-way` 2. We link to your GitHub Pages fork with a subdomain (e.g. "ru.phptherightway.com") If you use a subdomain, enter the subdomain into the `CNAME` file, and ask us to setup DNS for you. If you do not use a subdomain, remove the `CNAME` file entirely else your fork will not build when pushed. +Add information about your translation in the [wiki page](https://github.com/codeguy/php-the-right-way/wiki/Translations). + When your translation is ready, open an issue on the Issue Tracker to let us know. ## Why diff --git a/_config.yml b/_config.yml index caa75bc..8f818c5 100644 --- a/_config.yml +++ b/_config.yml @@ -1,7 +1,4 @@ -safe: true baseurl: / -url: http://localhost:4000 - highlighter: pygments markdown: kramdown permalink: date @@ -11,3 +8,15 @@ maruku: png_engine: blahtex png_dir: images/latex png_url: /images/latex + +gems: + - jekyll-sitemap + +defaults: + - + scope: + path: "" + values: + sitemap: false + +exclude: ['CNAME', 'CONTRIBUTING.md', 'LICENSE', 'README.md', 'pages/example.md'] diff --git a/_includes/welcome.md b/_includes/welcome.md index be648d8..8828773 100644 --- a/_includes/welcome.md +++ b/_includes/welcome.md @@ -18,11 +18,12 @@ and examples as they become available. ## Translations -_PHP: The Right Way_ is (or soon will be) translated into many different languages: +_PHP: The Right Way_ is translated into many different languages: * [English](http://www.phptherightway.com) * [Bulgarian](http://bg.phptherightway.com/) * [Chinese (Simplified)](http://wulijun.github.com/php-the-right-way) +* [Chinese (Traditional)](http://laravel-taiwan.github.io/php-the-right-way) * [French](http://eilgin.github.io/php-the-right-way/) * [German](http://rwetzlmayr.github.io/php-the-right-way/) * [Indonesian](http://id.phptherightway.com/) diff --git a/_layouts/default.html b/_layouts/default.html index e8a0e02..55a6527 100644 --- a/_layouts/default.html +++ b/_layouts/default.html @@ -12,7 +12,7 @@ - + @@ -95,14 +95,14 @@
  • New Media Campaigns

    • - Creative Commons License
    PHP: The Right Way by Josh Lockhart is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
    Based on a work at www.phptherightway.com. + Creative Commons License
    PHP: The Right Way by Josh Lockhart is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
    Based on a work at www.phptherightway.com.

    - + diff --git a/_layouts/page.html b/_layouts/page.html index ed25cc7..0396cb8 100644 --- a/_layouts/page.html +++ b/_layouts/page.html @@ -12,7 +12,7 @@ - + @@ -42,7 +42,7 @@ Return to Main Page diff --git a/_posts/01-04-01-Mac-Setup.md b/_posts/01-04-01-Mac-Setup.md index 0dceb5e..f437efa 100644 --- a/_posts/01-04-01-Mac-Setup.md +++ b/_posts/01-04-01-Mac-Setup.md @@ -18,6 +18,26 @@ There are multiple ways to install PHP on OS X. At this point, you can install `php53`, `php54`, `php55` or `php56` using the `brew install` command, and switch between them by modifying your `PATH` variable. +### Install PHP via Macports + +The [MacPorts] Project is an open-source community initiative to design an +easy-to-use system for compiling, installing, and upgrading either +command-line, X11 or Aqua based open-source software on the OS X operating +system. + +MacPorts supports pre-compiled binaries, so you don't need to recompile every +dependencies from the source tarball files, it saves your life if you don't +have any package installed on your system. + +At this point, you can install `php53`, `php54`, `php55` or `php56` using the `port install` command, for example: + + sudo port install php54 + sudo port install php55 + +And you can run `select` command to switch your active php: + + sudo port select --set php php55 + ### Install PHP via phpbrew [phpbrew] is a tool for installing and managing multiple PHP versions. This can be really useful if two different @@ -38,6 +58,7 @@ you and tie them all together, but ease of setup comes with a trade-off of flexi [Homebrew]: http://brew.sh/ [Homebrew PHP]: https://github.com/Homebrew/homebrew-php#installation +[MacPorts]: https://www.macports.org/install.php [phpbrew]: https://github.com/phpbrew/phpbrew [mac-compile]: http://php.net/install.macosx.compile [xcode-gcc-substitution]: https://github.com/kennethreitz/osx-gcc-installer diff --git a/_posts/01-05-01-Windows-Setup.md b/_posts/01-05-01-Windows-Setup.md index 27fb89d..547f8c8 100644 --- a/_posts/01-05-01-Windows-Setup.md +++ b/_posts/01-05-01-Windows-Setup.md @@ -10,7 +10,7 @@ could use a '.msi' installer. The installer is no longer supported and stops at For learning and local development you can use the built in webserver with PHP 5.4+ so you don't need to worry about configuring it. If you would like an "all-in-one" which includes a full-blown webserver and MySQL too then tools such -as the [Web Platform Installer][wpi], [Zend Server CE][zsce], [XAMPP][xampp], [EasyPHP][easyphp] and [WAMP][wamp] will +as the [Web Platform Installer][wpi], [XAMPP][xampp], [EasyPHP][easyphp] and [WAMP][wamp] will help get a Windows development environment up and running fast. That said, these tools will be a little different from production so be careful of environment differences if you are working on Windows and deploying to Linux. @@ -22,7 +22,6 @@ there is a [dedicated area on iis.net][php-iis] for PHP. [php-downloads]: http://windows.php.net [wpi]: http://www.microsoft.com/web/downloads/platform.aspx -[zsce]: http://www.zend.com/en/products/server-ce/ [xampp]: http://www.apachefriends.org/en/xampp.html [easyphp]: http://www.easyphp.org/ [wamp]: http://www.wampserver.com/en/ diff --git a/_posts/03-02-01-Programming-Paradigms.md b/_posts/03-02-01-Programming-Paradigms.md index 9271541..772f27c 100644 --- a/_posts/03-02-01-Programming-Paradigms.md +++ b/_posts/03-02-01-Programming-Paradigms.md @@ -21,10 +21,10 @@ interfaces, inheritance, constructors, cloning, exceptions, and more. PHP supports first-class function, meaning that a function can be assigned to a variable. Both user-defined and built-in functions can be referenced by a variable and invoked dynamically. Functions can be passed as arguments to -other functions (feature called Higher-order functions) and function can return other functions. +other functions (a feature called _Higher-order Functions_) and function can return other functions. -Recursion, a feature that allows a function to call itself, is supported by the language, but most of the PHP code -focus on iteration. +Recursion, a feature that allows a function to call itself, is supported by the language, but most PHP code +is focused on iteration. New anonymous functions (with support for closures) are present since PHP 5.3 (2009). diff --git a/_posts/03-03-01-Namespaces.md b/_posts/03-03-01-Namespaces.md index dee41d7..48e69c1 100644 --- a/_posts/03-03-01-Namespaces.md +++ b/_posts/03-03-01-Namespaces.md @@ -16,11 +16,11 @@ two PHP classes with the same name may co-exist in separate PHP namespaces. It's It is important for you to namespace your code so that it may be used by other developers without fear of colliding with other libraries. -One recommended way to use namespaces is outlined in [PSR-0][psr0], which aims to provide a standard file, class and +One recommended way to use namespaces is outlined in [PSR-4][psr4], which aims to provide a standard file, class and namespace convention to allow plug-and-play code. -In December 2013 the PHP-FIG created a new autoloading standard: [PSR-4][psr4], which one day will probably replace -PSR-0. Currently both are still usable, as PSR-4 requires PHP 5.3 and many PHP 5.2-only projects currently implement +In October 2014 the PHP-FIG deprecated the previous autoloading standard: [PSR-0][psr0], which has been replaced with +[PSR-4][psr4]. Currently both are still usable, as PSR-4 requires PHP 5.3 and many PHP 5.2-only projects currently implement PSR-0. If you're going to use an autoloader standard for a new application or package then you almost certainly want to look into PSR-4. diff --git a/_posts/03-04-01-Standard-PHP-Library.md b/_posts/03-04-01-Standard-PHP-Library.md index a81e7c5..6275976 100644 --- a/_posts/03-04-01-Standard-PHP-Library.md +++ b/_posts/03-04-01-Standard-PHP-Library.md @@ -11,6 +11,8 @@ primarily of commonly needed datastructure classes (stack, queue, heap, and so o over these datastructures or your own classes which implement SPL interfaces. * [Read about the SPL][spl] +* [SPL video course on Lynda.com(Paid)][spllynda] [spl]: http://php.net/book.spl +[spllynda]: http://www.lynda.com/PHP-tutorials/Up-Running-Standard-PHP-Library/175038-2.html diff --git a/_posts/03-05-01-Command-Line-Interface.md b/_posts/03-05-01-Command-Line-Interface.md index 5bc19e6..825e1c3 100644 --- a/_posts/03-05-01-Command-Line-Interface.md +++ b/_posts/03-05-01-Command-Line-Interface.md @@ -6,10 +6,10 @@ anchor: command_line_interface ## Command Line Interface {#command_line_interface_title} PHP was created to write web applications, but is also useful for scripting command line interface (CLI) programs. -Command line PHP programs can help automate common tasks like testing, deployment, and application administrivia. +Command line PHP programs can help automate common tasks like testing, deployment, and application administration. CLI PHP programs are powerful because you can use your app's code directly without having to create and secure a web -GUI for it. Just be sure not to put your CLI PHP scripts in your public web root! +GUI for it. Just be sure **not** to put your CLI PHP scripts in your public web root! Try running PHP from your command line: @@ -26,7 +26,7 @@ Let's write a simple "Hello, $name" CLI program. To try it out, create a file na {% highlight php %} pear-channel/Package diff --git a/_posts/05-05-01-PHP-and-UTF8.md b/_posts/05-05-01-PHP-and-UTF8.md index 0066fba..578656b 100644 --- a/_posts/05-05-01-PHP-and-UTF8.md +++ b/_posts/05-05-01-PHP-and-UTF8.md @@ -38,8 +38,7 @@ Explicitly defining the encoding of your strings in every script will save you a Additionally, many PHP functions that operate on strings have an optional parameter letting you specify the character encoding. You should always explicitly indicate UTF-8 when given the option. For example, `htmlentities()` has an -option for character encoding, and you should always specify UTF-8 if dealing with such strings. Note that as of PHP 5. -4.0, UTF-8 is the default encoding for `htmlentities()` and `htmlspecialchars()`. +option for character encoding, and you should always specify UTF-8 if dealing with such strings. Note that as of PHP 5.4.0, UTF-8 is the default encoding for `htmlentities()` and `htmlspecialchars()`. Finally, If you are building an distributed application and cannot be certain that the `mbstring` extension will be enabled, then consider using the [patchwork/utf8] Composer package. This will use `mbstring` if it is available, and @@ -86,7 +85,7 @@ $string = mb_substr($string, 0, 15); // Connect to a database to store the transformed string // See the PDO example in this document for more information -// Note the `set names utf8mb4` commmand! +// Note the `charset=utf8mb4` in the Data Source Name (DSN) $link = new PDO( 'mysql:host=your-hostname;dbname=your-db;charset=utf8mb4', 'your-username', @@ -150,3 +149,4 @@ header('Content-Type: text/html; charset=UTF-8'); * [Stack Overflow: Best practices in PHP and MySQL with international strings](http://stackoverflow.com/questions/140728/best-practices-in-php-and-mysql-with-international-strings) * [How to support full Unicode in MySQL databases](http://mathiasbynens.be/notes/mysql-utf8mb4) * [Bringing Unicode to PHP with Portable UTF-8](http://www.sitepoint.com/bringing-unicode-to-php-with-portable-utf8/) +* [Stack Overflow: DOMDocument loadHTML does not encode UTF-8 correctly](http://stackoverflow.com/questions/8218230/php-domdocument-loadhtml-not-encoding-utf-8-correctly) diff --git a/_posts/07-03-01-Databases_PDO.md b/_posts/07-03-01-Databases_PDO.md index 60a960f..da20237 100644 --- a/_posts/07-03-01-Databases_PDO.md +++ b/_posts/07-03-01-Databases_PDO.md @@ -50,13 +50,16 @@ FROM users` which will delete all of your users! Instead, you should sanitize th prepare('SELECT name FROM users WHERE id = :id'); -$stmt->bindParam(':id', $_GET['id'], PDO::PARAM_INT); // <-- Automatically sanitized by PDO +$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); // <-- filter your data first (see [Data Filtering](#data_filtering)), especially important for INSERT, UPDATE, etc. +$stmt->bindParam(':id', $id, PDO::PARAM_INT); // <-- Automatically sanitized for SQL by PDO $stmt->execute(); {% endhighlight %} This is correct code. It uses a bound parameter on a PDO statement. This escapes the foreign input ID before it is introduced to the database preventing potential SQL injection attacks. +For writes, such as INSERT or UPDATE, it's especially critical to still [filter your data](#data_filtering) first and sanitize it for other things (removal of HTML tags, JavaScript, etc). PDO will only sanitize it for SQL, not for your application. + * [Learn about PDO] You should also be aware that database connections use up resources and it was not unheard-of to have resources diff --git a/_posts/07-04-01-Interacting-via-Code.md b/_posts/07-04-01-Interacting-via-Code.md index 251f788..8f21311 100644 --- a/_posts/07-04-01-Interacting-via-Code.md +++ b/_posts/07-04-01-Interacting-via-Code.md @@ -65,7 +65,7 @@ include 'views/foo-list.php'; {% highlight php %} * @link http://www.phpdoc.org/docs/latest/index.html - * @package helper */ class DateTimeHelper { /** * @param mixed $anything Anything that we can convert to a \DateTime object * - * @return \DateTime * @throws \InvalidArgumentException + * + * @return \DateTime */ public function dateTimeFromAnything($anything) { @@ -59,10 +59,9 @@ class DateTimeHelper } {% endhighlight %} -The documentation for the class as a whole firstly has the [@author] tag, this tag is used to document the author of -the code and can be repeated for documenting several authors. Secondly is the [@link] tag, used to link to a website -indicating a relationship between the website and the code. Thirdly it has the [@package] tag, used to categorize the -code. +The documentation for the class as a whole has the [@author] tag and a [@link] tag. The [@author] tag is used to +document the author of the code and can be repeated for documenting several authors. The [@link] tag is used to link to +a website indicating a relationship between the website and the code. Inside the class, the first method has an [@param] tag documenting the type, name and description of the parameter being passed to the method. Additionally it has the [@return] and [@throws] tags for documenting the return type, and @@ -78,7 +77,6 @@ results in the same (no return) action. [PHPDoc manual]: http://www.phpdoc.org/docs/latest/index.html [@author]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/author.html [@link]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/link.html -[@package]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/package.html [@param]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/param.html [@return]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/return.html [@throws]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/throws.html diff --git a/_posts/16-08-01-Sites.md b/_posts/16-08-01-Sites.md new file mode 100644 index 0000000..a5189dc --- /dev/null +++ b/_posts/16-08-01-Sites.md @@ -0,0 +1,22 @@ +--- +isChild: true +anchor: other_resources +title: Other Useful Resources +--- + +## Other Useful Resources {#other_resources_title} + +### Cheatsheets + +* [PHP Cheatsheets](http://phpcheatsheets.com/) - for variable comparisons, arithmetics and variable testing in various +PHP versions +* [PHP Security Cheatsheet](https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet) + +### More best practices + +* [PHP Best Practices](https://phpbestpractices.org/) +* [Best practices for Modern PHP Development](https://www.airpair.com/php/posts/best-practices-for-modern-php-development) + +### PHP universe + +* [PHP Developer blog](http://blog.phpdeveloper.org/) diff --git a/_posts/16-09-01-Videos.md b/_posts/16-09-01-Videos.md new file mode 100644 index 0000000..d021b2e --- /dev/null +++ b/_posts/16-09-01-Videos.md @@ -0,0 +1,18 @@ +--- +isChild: true +anchor: videos +title: Video Tutorials +--- + +### Youtube Channels +* [PHP Academy](https://www.youtube.com/user/phpacademy) +* [The New Boston](https://www.youtube.com/user/thenewboston) +* [Sherif Ramadan](https://www.youtube.com/user/businessgeek) +* [Level Up Tuts](https://www.youtube.com/user/LevelUpTuts) + +### Paid Videos + +* [Standards and Best practices](http://teamtreehouse.com/library/standards-and-best-practices) +* [PHP Training on Pluralsight](http://www.pluralsight.com/search/?searchTerm=php) +* [PHP Training on Lynda.com](http://www.lynda.com/search?q=php) +* [PHP Training on Tutsplus](http://code.tutsplus.com/categories/php/courses) diff --git a/_posts/16-08-01-Books.md b/_posts/16-10-01-Books.md similarity index 100% rename from _posts/16-08-01-Books.md rename to _posts/16-10-01-Books.md diff --git a/banners.md b/banners.md index b4a06bb..c809b7f 100644 --- a/banners.md +++ b/banners.md @@ -2,6 +2,7 @@ layout: default title: Website Banners description: "Spread the word! Use these banner to let new PHP programmers know about PHP: The Right Way" +sitemap: true --- # Web Banners diff --git a/index.html b/index.html index 5fdb78f..7fd22cb 100644 --- a/index.html +++ b/index.html @@ -1,6 +1,7 @@ --- layout: default description: "An easy-to-read, quick reference for PHP best practices, accepted coding standards, and links to authoritative PHP tutorials around the Web" +sitemap: true --- {% capture welcome_content %}{% include welcome.md %}{% endcapture %} diff --git a/pages/Design-Patterns.md b/pages/Design-Patterns.md index 5c54d9a..231eccc 100644 --- a/pages/Design-Patterns.md +++ b/pages/Design-Patterns.md @@ -1,6 +1,7 @@ --- layout: page title: Design Patterns +sitemap: true --- # Design Patterns diff --git a/pages/Functional-Programming.md b/pages/Functional-Programming.md index b625a84..85bb97f 100644 --- a/pages/Functional-Programming.md +++ b/pages/Functional-Programming.md @@ -1,6 +1,7 @@ --- layout: page title: Functional Programming in PHP +sitemap: true --- # Functional Programming in PHP diff --git a/pages/The-Basics.md b/pages/The-Basics.md index 75221e3..9628b60 100644 --- a/pages/The-Basics.md +++ b/pages/The-Basics.md @@ -1,6 +1,7 @@ --- layout: page title: The Basics +sitemap: true --- # The Basics @@ -35,6 +36,7 @@ if (strpos('testing', 'test') !== false) { // true, as strict comparison was * [Comparison operators](http://php.net/language.operators.comparison) * [Comparison table](http://php.net/types.comparisons) +* [Comparison cheatsheet](http://phpcheatsheets.com/index.php?page=compare) ## Conditional statements @@ -283,7 +285,7 @@ EOD; // closing 'EOD' must be on it's own line, and to th * [Heredoc syntax](http://php.net/language.types.string#language.types.string.syntax.heredoc) -### Which is quicker? +### Which is quicker? There is a myth floating around that single quote strings are fractionally quicker than double quote strings. This is fundamentally not true. @@ -295,7 +297,7 @@ If you are concatenating multiple strings of any type, or interpolate values int results can vary. If you are working with a small number of values, concatenation is minutely faster. With a lot of values, interpolating is minutely faster. -Regardless of what you are doing with strings, none of the types will ever have any noticable impact on your +Regardless of what you are doing with strings, none of the types will ever have any noticeable impact on your application. Trying to rewrite code to use one or the other is always an exercise in futility, so avoid this micro- optimization unless you really understand the meaning and impact of the differences. diff --git a/sitemap.xml b/sitemap.xml deleted file mode 100644 index ff86f72..0000000 --- a/sitemap.xml +++ /dev/null @@ -1,15 +0,0 @@ - - - - http://www.phptherightway.com/index.html - 2012-07-07T01:00:00-05:00 - daily - 1 - - - http://www.phptherightway.com/banners.html - 2012-07-08T14:11:00-05:00 - weekly - 0.5 - -