I'm not sure if this should be a series or not, but I've recently come across a lot of bad PHP. No, seriously baaaaad PHP. So bad that I don't think they were serious. Couldn't have been.
For instance, when you're looking to redirect from one page to another, and no headers have been issued yet (juuuust running through the business logic...) , use header('Location: .'$uri); exit;. It's really that simple. PHP 101. Javascript redirects - EVERYWHERE - are what I found recently. As in, depend on the Web browser to issue this request and make sure everything's behaving. And that included the http_referer check as the only form of security. Just horrendous. I swear I'm going to stop looking at the code of others someday.
On another note, I recently finished looking at an osCommerce install for a friend. Again, horrendous. And not at the developer level, either - out of the box bad. I can't believe that little ecommerce engine is still chugging along with such a devout following. It is NOT a framework. It is NOT a CMS (though they don't intend or pretend to be); it is good at letting you load products and sell them. Don't try to move the column_right content over beneath the column_left content, and heaven forbid you want a fixed-width site. Got time to make thirty changes? OH, and the joy of hunting & pecking just to add an item to the INFORMATION_BOX area for a stupid link. I swear, I will never, ever, ever, neva-eva-eva-ever touch osCommerce again.
There are so, so many examples. Maybe this WILL be a series...
0 comments on Baffling PHP Practices