Decided to bite the bullet and learn PHP, which is used for nearly everything at my job. My starting voyage was to mess around with “pure php”, as in, no frameworks, no libraries, not even javascript, just the basic server with v8.3 running and some (currently very shitty) CSS styling.
So, I decided to go with a 2 step process: first, a site for me to post my stuff, with the possibility for external users to make accounts and leave comments. Step 2 would be making a forum where said users can interact. Before I began coding anything, I wrote down the database specification, though it’s still “open for debate”. I also didn’t pay attention and made all tables as MyISAM initially instead of InnoDB, which made me lose all foreign keys, thankfully easily remedied given the small size of the project.
Thus far, I’ve got the user creation, listing, login (with hashed password), post creation and post viewing working. Visitors, normal users and admin see different links and forms, depending on pages, all with inline php code in appropriate pages - for instance, (unlogged) visitors don’t see a comment box when reading a post. I’m currently working on the user edit page.
Anyway, why do I think I’m doing a lot of “wrongs”? For starters, I’m not using classes. At all. Functions are being added “globally” to one of 3 include somepage.php; that are in every page; every database related function - select all, select 1, update, are all in the db.php file. So, every page load is also loading the entire list of database functions, plus a bunch of html-automation related functions, even when none of them are used. Since PDO::fetch() returns an array with mapped keys (ie: $result['column1']), I feel like I have “no good reason” to use classes, especially as I’m still putting some finishing touches on the tables. I mean, I can access the relevant data with $bla['column_name'];, which is all I need thus far.
A lot of the resulting html comes from echo, some of it from functions to handle it more easily, like passing an array so a “global” function of mine returns it as neatly organized <td> elements.
There is no MVC, just good ol’ <a href> and <form method=post> where they need to be. All my forms’ actions call a separate php page that’s just code to handle the form, always as POST, in order to check blank fields, size and character constraint, etc.
I’ve no doubt that, as is, my project has a number of security holes, though cross-site scripting and session poisoning are not among them. I did try sql injection and couldn’t get it to work, so good on me.
As awful as this project might be against “the real world” use, I feel weirdly proud of what I’m achieving. Is there a name for this feeling, of pride for something you know is subpar?
It has been a very long time since I’ve worked with PHP, so I can’t help you with specific runtime stuff, like what the cost of module imports is.
But not using classes is a perfectly valid approach. The only issue is ofc that you need to hardcode column names, but it sounds like that’s at a manageable place for you right now.
Organizing things into classes makes things easier once the operations you’re doing on data get more complex. There are no good rules for this, you kinda have to develop a feel for it on your own as you gain experience.
For the specific case of SQL results, you’ll typically be better off using what’s known as an ORM library. Here’s a random one I found on GH as an example. But for your small project, what you’re doing right now is fine.
All those patterns and frameworks and things people use are meant to make a codebase more manageable or flexible. ORMs are a good example: they have a lot of benefits, but they are by no means required.
With that said, your zero guardrails approach is likely to end up an unmaintainable spaghetti mess as you add more and more features. There is a point at which you really should sit down and learn about those more advanced techniques and practices. They actually do have value, especially if you ever want to build something bigger than what you have now.
You should feel proud. You accomplished something 99% of the population hasn’t. You leveled up. You’re a real motherfucking software engineer. You’ve used your brain in ways those AI slop coders never will. There is no “subpar”. When you break your 1RM record at the gym, is it “subpar” just because the guy next to you can do twice the weight?
Fuck no, because you’re fighting your fights, he’s fighting his. All that matters is that you’re winning.
And you are winning.
You’re a winner.
You’re my winner.
I love you.
Reading your post just made me remember my php journey 20 years ago… I miss that days but I cant imagine myself not using some framework nowadays… I use to build the wheel everytime I started a project