Defensive OO Programing in PHP
Posted by MatthewCastle (MatthewCastle), 27 June 2008
I have recently been introduced to PHP, an introduction that was a lot less painfull than i expected having a soild background in pre .net asp.
This introduction and general musings have lead me to the following question:
"Why is the vast majority of php code that i have come across not use defensive coding, custom error handling or object oriented techniques?"
I feel like i should be coding like:
$product = new product();
$product->id_set = 1;
$product = Null;
catch (e$ exception)
$errorhandler = new errorhandler();
public function id_set($value)
if (is_integer($value) $this->id = $value;
else throw new exception("Product->id_set value not integer $value");
public function name_get()
if (is_string($name)) return $name;
else throw new exception("Product->name_get() internal storage value not string! $name");
public function load()
do data retrieval shinanigens;
$this->name = retrieved name;
Are there good reasons why most stuff is bunged inline using includes rather than encapsulated into classes?
Why is there normaly little or no error handling in code?
Does wanting to write this way make me weird?
You comments appreciated before i run off writing loads of inappropriate code
Posted by admin (Graham Ellis), 30 June 2008Excellent question, Matt ... and deserving of a full and thorough answer which I'll prepare off line. I may well post my initial thoughts here and further detail in a longer item!
Posted by MatthewCastle (MatthewCastle), 30 June 2008
Thanks Graham, i dont want to add a lot of unnecessary complication to the implementation, but i do want to "do it right", what ever that means!
Posted by admin (Graham Ellis), 2 July 2008Matt, I've put together a very much fuller reply that just a short post - and it's here on my blog.
Actually, I'm using a "defensive" URL there in that I've provided a link to the blog archive so that you and anyone else will be able to get back via this forum post - my choice rather than choosing to highlight this one which takes you to the current blog entry and so will change when I write the next article, probably in just a few hours. And that's really the "heart" of it - to provide the service in a form that's robust, secure, easy to use and navigate, maintainable, enhanceable ... and to consider those aspects as you put the service together.
Suggestion - think about what YOUR standards should be from first principles; they're likely to be very different for (a) a small intranet application written by one programmer for a handful of users to use for a couple of months as a quick aid to their job and (b) a major application that's written by a team and represents your company on line to millions of customers, with a need to secure financial and personal data within the system.
And then explain the stanadrd to the team - if they know "why", they'll be more encouraged to follow your suggestions.
PH: 01225 708225 • FAX: 01225 793803 • EMAIL: firstname.lastname@example.org • WEB: http://www.wellho.net • SKYPE: wellho