There are a number of good practises that you should follow when developing web applications in PHP. Most of these are extremely easy to pick up and some of them will even apply to web application development in general.

1. Redirect after a successful POST request.
2. Don’t use the mysql_* functions.
3. Do not close your PHP tags.
4. Guard against XSS (a.k.a. Cross-site scripting)!
5. Don’t echo out HTML!
6. Separate your logic from your output!
7. Learn what DRY is.
8. Never trust your users!
9. Do not run queries inside loops!
10. Hash user passwords!
11. Use prepared statements!
12. “or die()” needs to die…
13. Email validation.
14. Avoid short tags.
15. Avoid micro-optimizations.
16. Learn about database normalization.
17. Be consistent.
18. Version control.
19. Bytecode caching.
20. Learn about common design patterns.
21. When in doubt, use UTF-8!
22. Know about the advantages of using an MVC Framework.
23. Get a grasp on some of the fundamentals of web application security.
24. Know what database column types to use.
25. Don’t parse HTML with regular expressions.
26. var_dump, don’t echo.
27. Testing your application.
28. Storing uploaded images.
29. Re-size your images on upload.
30. Documentation.
31. Understand the difference between == and ===
32. Object Caching.
33. HTML does NOT provide validation!
34. JavaScript validation is not a substitute for server-side validation!
35. Learn about error reporting in PHP.

Read the article!

Laracasts series.

Think about how many hours each week you spend within your editor. Doesn't it make sense to unlock every inch of its capabilities? I certainly subscribe to that idea! Why don't you come along, and I'll teach you everything I know about PHPStorm.

This tutorial will show you how to encrypt arbitrarily large messages with asymmetric keys and a PHP library called phpseclib.

Introduction

Most of us understand the need to encrypt sensitive data before transmitting it. Encryption is the process of translating plaintext (i.e. normal data) into ciphertext (i.e. secret data). During encryption, plaintext information is translated to ciphertext using a key and an algorithm. To read the data, the ciphertext must be decrypted (i.e. translated back to plaintext) using a key and an algorithm.

An encryption algorithm is a series of mathematical operations applied to the numerical value(s) of the key and the numerical values of the characters in a string of plaintext. The results are the ciphertext. The larger the key, the more secure the ciphertext.

A core problem to be solved with any encryption algorithm is key distribution. How do you transmit keys to those who need them in order to establish secure communication?

The solution to the problem depends on the nature of the keys and algorithms.

There are two basic types of encryption algorithms:

1. Symmetric Algorithms that use the same key for both encryption and decryption.
2. Asymmetric Algorithms that use different keys for encryption and decryption.

Read the full article

First, if you don’t have it installed already, let’s install Redis:

sudo apt-get install redis-server

After we get Redis installed (and/or verified that it was installed), we can install the PHP module for Redis:

sudo apt-get install php5-redis

After the module is done installing, you will want to restart your webserver and/or process manager (php-fpm, spawncgi, et cetera). Once you’ve restarted, you can check phpinfo() for a new section labeled Redis.

In addition to the Redis interface, you will also gain the ability to use Redis as a save handler. For more information you can check out my post on using Redis as a PHP Session Handler.

Tested on Ubuntu 14.04 LTS

Usage:

The sessionStorage object has five methods:

• getItem(key) – retrieves the value for the given key or null if the key doesn’t exist.
• setItem(key, value) – sets the value for the given key.
• removeItem(key) – removes the key completely.
• key(position) – returns the key for the value in the given numeric position.
• clear() – removes all key-value pairs.

There is also a single property, length, which indicates how many key-value pairs are currently stored in sessionStorage. Some example usage:

//save a value
sessionStorage.setItem("name", "Nicholas");

//retrieve item
var name = sessionStorage.getItem("name");

//get the key name for the first item
var key = sessionStorage.key(0);

//remove the key
sessionStorage.removeItem(key);

//check how many key-value pairs are present
var count = sessionStorage.length;

Additionally, proper implementations allow you to read, write, and remove values from sessionStorage as if it were a regular object. For example:

//save a value
sessionStorage.name = "Nicholas";

//retrieve item
var name = sessionStorage.name;

//remove the key
delete sessionStorage.name;

Full Article