(Original post by amazingtrade)
I am learning PHP next semester and looking foward to it, I don't like the VB script syntax because it seems so unstructured and its too easy to be lazy and produce unstructured code. (i.e not declaring variables) to be C++ seems to much more logical. I've not seen much PHP code but I've heared in its structure its very similar to Java and C++.
Well you still don't have to declare variables first in PHP, mainly because it's an interpreted language so it can work things out as it goes along anyway and to simplify the experience.
I think the syntax is actually closer to Perl than C++/Java, but with better object orientation (well easier to do concisely). One of the main problems is that all the functions are just there and not in an object orientated structure like Java. That said the documentation of the functions is great and easier to use than the Java APIs.
They've thrown away the '%' and '@' prefixes from Perl too, which does make things odd sometimes, but generally doesn't matter.
Variable variables still exist, though it is considered bad style to actually use them!
Although PHP provides POSIX compatible regexps you tend to be better of using the Perl compatible PCRE lib. Most webservers have that these days.
Some tips for next semester:
unset($var, $array, $etc);
Unset _all_ variables you use in the script first, this serves to prevent attacks through the fact you used to be able to easily alter the initial values of variables because of 'register globals'. That should be getting less important, but it allows you to keep track of how many variables you're using and guards against your script being used on an ancient version (or insecure version) of PHP.
On servers running PHP v4.1.0 and above only accept user input from the correct autoglobal.
such as: $_GET, $_POST, $_COOKIE, $_SERVER etc
Validate all user input, use regexps where it's complicated. Don't let the user ever post any scriptable stuff... converting symbols straight to html character codes seems the easiest way of doing that.
The PHP manual is your friend