How to use PHP for large projects?

For the most part, the problems with php are not so much with the language. The problems come from the coupling of a low barrier of entry and the lack of any infrastructure to avoid common programming problems or security problems. Its a language that, by itself, is pretty quick-and-dirty. Nevertheless, it still has many advantages for large-scale web apps. You'll just need to know how to add in some level of infrastructure to avoid a lot of the common web programming blunders. See - What should a developer know before building a public web site for help with this.

You need to learn about the reasons php can make your web app to be insecure or problematic and learn to mitigate those problems. You should learn about how to use php to securely access your database. You should learn about avoiding SQL injection. You should learn about evil things like register_globals and why you should never ever use them. In short, you should do your homework about your tool before just diving in for a real-world, large-scale, web app.

Once you are educated, it comes down to you'll probably want to build a framework or use a preexisting framework that will mitigate these problems. Popular frameworks include PEAR and Zend.

Also, useful questions that might help:

  • What should every php programmer know?
  • What should a developer know before building a public web site

i know, this is a little out of date, but still, i'll tempt an answer ... use Haxe/PHP ... i could delve into details ... but if you look at the language, its features, and the nice way the PHP API is encapsulated into something rather consistent, you will soon see, what PHPs problems are ... and also, you have all the benefits of Haxe in the end ...

edit: this was a serious answer ... Haxe/PHP automatically solves a lot of problems mentioned in the post flagged as answer ...

  • register_globals is turned off ... you get your parameters through the php.Web
  • using the SPOD-layer (same API for php) for the database automatically takes care of escaping (and will automatically provide your model (and templo is quite a good template engine, so that should help for your views))
  • having a typed language, you are more likely to write better code ... plus language features as generics and enums are very powerful ... and there is a lot of compile time magic in Haxe that is also of interest ... a more powerful language is always good to adress complex problems ...

if you want to use other PHP frameworks, you only need to write the external classes and everything will work as expected ...

i think Haxe is a very good answer to "large", "complex", "secure" and "robust" ... scalability does not come from Haxe itself of course ... but still, if you check out haxelib, then you find many things, that would help for scalability ... such as memcached (you will have to change neko.net.Socket to php.net.Socket in memcached.Connection) ...

if you really want to use the PHP language, and not just the platform, Haxe won't help you of course ...


Using PHP for large projects isn't different than with any other language. You need experience and knowledge in writing maintainable and extendable source code. You need to be aware of security pitfalls and performance concerns. You need to have researched your problem domain and be well familiar with it.

In the end, same as any other language - what you need are high-quality and well-motivated developers.

Tags:

Php

Recent Posts