Unfortunately there is no single source that has all the best practices right. This is especially true of PHP, where too many tutorials are written for absolute beginners and not enough for advanced users. You just have to read a lot of stuff from many sources and stay tuned to the latest developments. (Avoid any PHP tutorial that is more than 3 years old. PHP development has really picked up in the last few years.)
phpbestpractices.org is definitely above average, but it seems light on security-related stuff. It's also getting a little long in the tooth in some parts. Possible modifications:
- Replace phpass with password_hash(), it has an even simpler interface.
- Don't close the ?> tag if possible. (Follow the PSR-0, PSR-1 and PSR-2 coding standards.)
- Use htmlspecialchars() instead of htmlentities()
- Know when not to use the resource-intensive DateTime class.
- Know that PHP 5.5 introduces a new opcode cache that isn't APC.
- This is down to personal preference, but I think SwiftMailer is more "modern" than PHPMailer and integrates better with third-party mailing APIs.
phpbestpractices.org is definitely above average, but it seems light on security-related stuff. It's also getting a little long in the tooth in some parts. Possible modifications:
- Replace phpass with password_hash(), it has an even simpler interface.
- Don't close the ?> tag if possible. (Follow the PSR-0, PSR-1 and PSR-2 coding standards.)
- Use htmlspecialchars() instead of htmlentities()
- Know when not to use the resource-intensive DateTime class.
- Know that PHP 5.5 introduces a new opcode cache that isn't APC.
- This is down to personal preference, but I think SwiftMailer is more "modern" than PHPMailer and integrates better with third-party mailing APIs.
- Learn to use Composer.