Since then, PHP has become the most popular programming language for Web applications. Many popular websites are powered by PHP, and an overwhelming majority of scripts and Web projects are built with the popular language. Because of PHP’s huge popularity, it has become almost impossible for Web developers not to have at least a working knowledge of PHP. This tutorial is aimed at people who are just past the beginning stages of learning PHP and are ready to roll up their sleeves and get their hands dirty with the language.
Use an SQL Injection Cheat Sheet
This particular tip is just a link to a useful resource with no discussion on how to use it based on custom php application development. Studying various permutations of one specific attack can be useful, but your time is better spent learning how to safeguard against it. Additionally, there is much more to Web app security than SQL injection. XSS (Cross-Site Scripting) and CSRF (Cross-Site Request Forgeries), for example, are at least as common and at least as dangerous.
Know the difference between Comparison Operators
This is a good tip, but it is missing a practical example that demonstrates when a non-strict comparison can cause problems. If you use strops to determine whether a substring exists within a string (it returns FALSE if the substring is not found), the results can be misleading.
Shortcut the else
This tip accidentally stumbles upon a useful practice, which is to always initialize variables before you use them. Consider a conditional statement that determines whether a user is an administrator based on the username .This seems safe enough, because it’s easy to comprehend at a glance. Imagine a slightly more elaborate example that sets variables for name and email as well, for convenience. If a user provides a username that triggers the else if condition, $admin is not initialized. This can lead to unwanted behaviour, or worse, security vulnerability. Additionally, a similar situation now exists for $moderator, which is not initialized in the first condition.