The question has been asked: No PHP for large projects? Why not? It’s a recurring theme and PHP developers–with some cause–are forced to defend PHP.
All of these questions are valid and there have been some responses but this got me thinking. Based on the principle that you can write good code in any language and bad code in any language, I thought it worth asking a positive rather than negative question. Rather than why you can’t, I wanted to ask how you can use PHP for large projects.
So, how do you write a large, complex, scalable, secure and robust PHP application?
EDIT: While I appreciate that the organizational aspects are important, they apply to any large project. What I’m primarily aiming for here is technical guidance and how to deal with common issues of scalability. Using an opcode cache like APC is an obvious starter. Cluster-aware sessions would be another. That’s the sort of thing I’m getting at.
For the most part, the problems with php are not so much with the language. The problems come from the coupling of a low barrier of entry and the lack of any infrastructure to avoid common programming problems or security problems. Its a language that, by itself, is pretty quick-and-dirty. Nevertheless, it still has many advantages for large-scale web apps. You’ll just need to know how to add in some level of infrastructure to avoid a lot of the common web programming blunders. See – What should a developer know before building a public web site for help with this.
You need to learn about the reasons php can make your web app to be insecure or problematic and learn to mitigate those problems. You should learn about how to use php to securely access your database. You should learn about avoiding SQL injection. You should learn about evil things like register_globals and why you should never ever use them. In short, you should do your homework about your tool before just diving in for a real-world, large-scale, web app.
Once you are educated, it comes down to you’ll probably want to build a framework or use a preexisting framework that will mitigate these problems. Popular frameworks include PEAR and Zend.
Also, useful questions that might help: