Introduction
PHP is a complex language that has suffered years of twists, bends, stretches, and hacks. It's highly inconsistent and sometimes buggy. Each version has its own unique features, warts, and quirks, and it's hard to keep track of what version has what problems. It's easy to see why it gets as much hate as it does sometimes.
Despite that, it's the most popular language on the web today. Because of its long history, you'll find lots of tutorials on how to do basic things like password hashing and database access. The problem is that out of five tutorials, you have a good chance of finding five totally different ways of doing something. Which way is the "right" way? Do any of the other ways have subtle bugs or gotchas? It's really hard to find out, and you'll be bouncing around the internet trying to pin down the right answer.
That's also one of the reasons why new PHP programmers are so frequently blamed for ugly, outdated, or insecure code. They can't help it if the first Google result was a four-year-old article teaching a five-year-old method!
This document tries to address that. It's an attempt to compile a set of basic instructions for what can be considered best practices for common and confusing issues and tasks in PHP. If a low-level task has multiple and confusing approaches in PHP, it belongs here.
What this is
It's a guide suggesting the best direction to take when facing one of the common low-level tasks a PHP programmer might encounter that are unclear because of the many options PHP might offer. For example: connecting to a database is a common task with a large amount of possible solutions in PHP, not all of them good ones—thus, it's included in this document.
It's a series of short, introductory solutions. Examples should get you up and running in a basic setting, and you should do your own research to flesh them out into something useful to you.
It points to what we consider the state-of-the-art of PHP. However, this means that if you're using an older version of PHP, some of the features required to pull off these solutions might not be available to you.
This is a living document that I'll do my best to keep updated as PHP continues to evolve.
What this isn't
This document is not a PHP tutorial. You should learn the basics and syntax of the language elsewhere.
It's not a guide to common web application problems like cookie storage, caching, coding style, documentation, and so on.
It's not a security guide. While it touches upon some security-related issues, you're expected to do your own research when it comes to securing your PHP apps. In particular, you should carefully review any solution proposed here before implementing it. Your code is your own fault.
It's not an advocate of a certain coding style, pattern, or framework.
It's not an advocate for a certain way of doing high-level tasks like user registration, login systems, etc. This document is strictly for low-level tasks that, because of PHP's long history, might be confusing or unclear.
It's not a be-all and end-all solution, nor is it the only solution. Some of the methods described below might not be what's best for your particular situation, and there are lots of different ways of achieving the same ends. In particular, high-load web apps might benefit from more esoteric solutions to some of these problems.