Common PHP mistakes to avoid

Just a quick bite size piece outlining common PHP mistakes that you need to avoid!

There are a ton of mistakes PHP coders generally make, whether due to lack of experience, time or just being plain lazy, from not securing code to hiding errors, here’s the top 3 common php mistakes.

1 – Not securing your code. This is a big one as it leaves you vulnerable to an SQL injection. An SQL injection is when a hacker uses your vulnerable form fields, for example, to inject some malicious code into your database.

This allows a hacker to extract information from your database such as vulnerable data or extract the setup of your database to enable the hacker to take control of your website.

Some developers “blacklist” certain word to try and prevent an SQL attack, this isn’t the best solution as some blacklisted characters such as the semi-colon are used in everyday language and may actually be used by genuine website visitors.


2 – Hiding Errors. PHP provides you with pretty detailed error reporting, however, it can also be easily hidden.

The errors come at different levels of severity so hiding things such as Warning errors is ok, as long as you are not covering up fundamental errors. Hiding errors related to versions of PHP can be hidden.


3 – Not having backups! – Most PHP developers code and code away for hours and hours deep into the night and early morning, without saving/backing up their work.

Code can be difficult at times and removing bits and pieces of code and performing tweaks here and there across a few hours can significantly alter your websites code.

That’s why a backup is needed.

Backups will save you those hours re-coding when you are trying to figure out complex issues, you should also keep backups as standard for your clients anyway, keeping local backups of code for yourself makes life so much easier.

Hopefully you find the above useful, 3 common PHP mistakes to avoid, feel free to email me with any questions: and remember should you need a web developer in the Birmingham area, then call us on 0121 663 0202