Significance of Defensive Programming & Ways to do it in PHP
Defensive programmer is the one who predicts the pitfalls right before they happen and hence, try to prevent them in advance with clever programming techniques. It is said that prevention is better than cure and this is what rightly applies here in defensive programming technique. This is a technique of anticipating the failure points in a program at earlier stage before they happen and hence take defending steps earlier itself. Here we focus on few ways in which defensive programming techniques are used during PHP application development process. The article highlights four different ways to craft PHP programs wisely by preventing the loopholes that are likely to occur in the near times.
- User Input – Never Trust It:
Not all the users out there are hackers ready to steal your data or information, but still it’s true that you should never trust inputs from users. While programming, it is always better to assume that your users have no idea of what you have coded at the backend. They have no idea of how long and what of input you want from them. They are not aware of types of files to upload and what size of files are acceptable by the app coded by you. Yes, there could also be chances where users may try to hack your app and hence, may try to insert or run scripts through inputs. So, you never know when you can entrust things like authentication to provide you protection before users arrive at input forms. Hence, it is always a good practice to validate inputs from users before storing them to database or displaying crucial information to the users based on inputs.
- Conditional Statements:
Many times during the coding process for PHP application development you may encounter situations where you don’t need an else case. But, a better practice here is to always use else blocks. While the same thing can be applied in case of switch statements too, where using default statement is considered a reliable defensive programming technique. For example, say, you are coding a conditional statement with three possibilities and hence, would be using if statement followed by two else if clauses. Here, you might think that there are no other possibilities to occur. But still things may change and there are chances that other possibilities may creep in leading to erroneous coding. Hence, making use of else blocks to return or log an error is always a good practice.
- Code Assumptions:
Many programmers have a bad habit of assuming things. They often go into assumption and think that their users are aware of functional details of their program just like them. As a programmer, in order to get your code working well for efficient PHP application development process, you should always keep in mind the uncertainty arising out of user’s behavior and user input as backend as well. A better technique is to always document assumptions you are making about input, parameters, use cases or such similar things.
So, keeping the above defensive programming techniques in mind a programmer can code effectively while avoiding unexpected things to occur later on. For effective PHP application development, you need to stop making assumptions about anything in your code, start creating user error messages, log, alerts and every other thing you thought was not necessary and last but not the least just do it carefully with proper planning.