In this recent post to his blog Anson Cheung provides a set of helpful hints for sysadmins to follow when installing (or just securing) the PHP installations on their systems.

PHP is widely used for various of web development. However, misconfigured server-side scripting would create all sorts of problem. And here are php security best practices that you should aware when configuring PHP securely. Nowadays most of the web servers are operated under Linux environment (like: Ubuntu, Debian...etc). Hence, in the following article, I am going to use list top 10 ways to enhance PHP Security Best Practices under Linux environment.

His tips include:

• Reducing the built-in PHP modules
• Logging all PHP errors
• Disabling remote code execution
• Disabling dangerous PHP functions
• Write protection on Apache, PHP & MySQL configuration files

Jason Gilmore has put together a list of sixteen best practices and tools you can use to help make your PHP development life easier and the quality of your code better.

[I spent so] much time in fact that in 2010 I penned more than 130 articles. Many of these articles focused on PHP-specific best practices and productivity, two topics which should resonate closely with anybody involved in building websites for a living. So I thought it would be useful to compile a list of the sixteen tutorials which touch upon these topics. In this list you'll find tutorials introducing testing, debugging, advanced object-oriented features, code profiling, security, enforcing coding standards, and more.

His list of articles includes:

• 10 Productive PHP Tools for Testing and Debugging
• Three Advanced Object-Oriented PHP Features You Need to Know
• Four Sane Solutions for PHP Debugging
• Enforcing Coding Standards with PHP_CodeSniffer
• Use PHPUnit to Implement Unit Testing in Your PHP Development

The Zend Developer Zone has posted their latest episode in the ZendCon Sessions series of podcasts today as recorded at the Zend/PHP Conference 2010. This new episode is Shahar Evron's talk Best Practices in PHP Application Deployment.

Welcome to the ZendCon 2010 edition of the ZendCon Sessions. The ZendCon Sessions are live recordings of sessions that have been given at previous Zend Conferences. Combined with the slides, they can be the next best thing to having attended the conference itself. [...] This episode of The ZendCon Sessions was recorded live at ZendCon 2010 in Santa Clara, CA and features Shahar Evron giving his talk: "Best Practices in PHP Application Deployment"

This new episode can be listened to in a few ways - either in-page, downloaded or by subscribing to their feed. You can also find the slides on SlideShare.

On NetTuts.com today there's a new (slightly inflammatory) post about why you're a bad PHP programmer - really why some of the practices you follow might be in the "bad things to do" playbook.

We all have our bad habits. In this article, we'll go over a list of bad practices that are worth examining, reevaluating, and correcting immediately.

In his list of things to avoid are suggestions like:

• not planning before coding
• opting for brevity over clarity
• no coding standards
• code duplication
• practicing "Not Invented Here" (NIH)
• not working on side projects to introduce yourself to new technology

From LearnComputer.com there's a few hints they've put together that might help you with that next PHP-related job interview.

So you've been slinging resumes for a while and now you have an interview for an awesome PHP job. While part of the interview will be the typical job interview, you should also be prepared for a technical interview. Technical interviews are often given to determine how well you truly know the technologies with which you'll be working. There are numerous books and articles to help you prepare for the job interview portion but very little has been said on preparing for a PHP technical interview.

They've broken down their advice into a few different sections including some sample PHP questions you might get asked about both PHP and MySQL, a quick look at frameworks and the recommendation of the book PHP and MySQL Web Development to help round out your knowledge.

Ralph Schindler has put together a new post for his blog about some of the best practices for using exceptions in PHP 5.3 - specifically dealing with some of the new functionality that comes with this latest PHP version.

Exception handling in PHP is not a new feature by any stretch. In this article, we'll discuss two new features in PHP 5.3 based around exceptions. The first is nested exceptions and the second is a new set of exception types offered by the SPL extension (which is now a core extension of the PHP runtime). Both of these new features have found their way into the book of best best practices and deserve to be examined in detail.

Some of the features he talks about were pre-PHP 5.3, but the focus is largely on these new features. He gives a bit of a background on exception handling in PHP and how custom exceptions could be thrown. He then moves on to the new features - first nesting exceptions and then some about the new core exception types (found here). All that being said, he includes some code to show the dynamic/logic/runtime exceptions in action including a look at best practices in library exception handling.

The TEKX conference is now in full swing and one attendee, Chance Garcia has already shared some of what he's learned at the tutorial days - being the bad guy and best practices.

Chance Garcia was in the "Bad Guy For a Day" session given by Arne Blankerts

This will be interesting since this will be stream of thought on the tutorial as it goes on. [...] Remember to secure your infrastructure. Anecdote about a setup with default root of database was given. Keep in mind how you train users. Example error alerts training people to accept errors as ok and to click through.

He "live blogs" the rest of the session that mentions infrastructure issues, user interface problems and some of the more popular attack vectors.

His other "live blog" covered Matthew Weier O'Phinney and Lorna Mitchell's Best Practices talk, complete with mentions of version control practices, design patterns, unit testing and more.

New on the CatsWhoCode blog today there's a post from Jean-Baptiste Jung for all of the WordPress-ers out there with some best practices to help you in your theme or plugin development.

Coding a WordPress theme or plugin can seem to be an easy task at first, but if you want to produce work that is more professional, you have to worry about things such as internationalization and security. In this article, I'm going to show you the best practices I have learned in 3 years of developing with WordPress.

There's six main tips he share including "Think International", "Speed up development using community tools and templates" and "Make use of hooks, actions and filters". Each tip also comes with a few links to some resources where you can find out more details on the technology involved.

Jayson Maynard (recently taking over as the Editor-in-Chief of the Zend Developer Zone) has resolved to make the resource into a better place for PHP developers to find both the introductory content and information on more advanced topics. He talks about it in a recent post:

We will be rebuilding ZDZ from the ground up and in full public view of the community -- to act as a learning experience and a showcase for PHP best practices. [...] And the best way for it to be a showcase is for us to make all of the process of working on the infrastructure completely transparent; to make the artifacts (code, scripts, configuration, machine images) readily available and to allow contributions from the community.

There's some more specific topics he mentions that the site will cover including new features on articles and community interaction, a new infrastructure and new processes including things like Agile development, testing and deployment. In one of his first steps to better the site, however, he learned a lesson the hard way when he tried to upgrade a package and it brought the site to a grinding halt.

On NETTUTS.com today Burak Guzel has written up some good tips on how to make your code much more readable (and easier to maintain in the future. Not all of them are directly PHP related, but they are general enough to be applied in other places in your development.

Code readability is a universal subject in the world of computer programming. It's one of the first things we learn as developers. Readable and maintainable code is something to be proud of in a finished product. We can share it with others, contribute to other projects, and reuse code from applications we wrote months or even years ago.

Tips included in the list cover topics like:

• comments & documentation
• code grouping
• avoiding deep nesting
• using consistent temporary names
• using object-oriented code versus procedural
• effective refactoring