It’s a big step from proficiency at PHP programming to being capable of developing commercial applications. As Fred
Brooks estimated in his classic book, The Mythical Man Month (Addison-Wesley, 1995), “a programming product costs
at least three times as much as a debugged program with the same function.”
My goal in writing this book is to help you take that big step.
What do you have to know beyond PHP programming? Well, there’s project organization (including staffing
and scheduling), keeping the customer satisfied, identifying requirements (being agile but not sloppy), choosing the
development and production platforms, designing the database, structuring the application to handle forms and
buttons, dealing with security and error handling, and converting data from the old system to the new. That’s also the
top-level list of topics in this book.
Pick up any of the many PHP/MySQL books in any large bookstore and you’ll find chapters on installing PHP,
variables, statements, functions, string processing, arrays, objects, file handling, debugging, and, probably, a toy
e-commerce site. Not this book! I assume you already know all that stuff, or can find it somewhere if you don’t.
Instead, I tried to cover essential topics that I’ve never seen in any book, such as choosing between shared hosting
and a virtual machine in the cloud, updating a live application, translating MySQL constraint errors to something the
user can understand, protecting passwords the right way (hashed, salted, and stretched), implementing two-factor
authentication, making your web site invulnerable to attack (via SQL injection, cross-site scripting, cross-site request
forgery, or clickjacking), implementing validation with database triggers, developing reports as CSV files or PDFs,
converting data with variant name spellings, avoiding legal disputes, and lots more that PHP/MySQL programmers
struggle with every day as they develop industrial-strength applications.