The document discusses common pitfalls in PHP programming, emphasizing the correct usage of various functions like strpos(), array_search(), and print. It highlights significant changes introduced in PHP 8.0 and presents examples of how to avoid errors related to type comparisons and operator precedence. Practical tips on code optimization and best practices are also provided throughout the document.

1. Top 10 pièges PHP
Limoges, France, Juillet 2020

2. Agenda
hours 45 minutes
Top 10 pièges classiques en PHP
Améliorez votre code maintenant
Ca peut attendre lundi
321

3. A QUI L'HONNEUR?
➤ Damien Seguy
➤ CTO chez Exakat
➤ Analyse statique en PHP
➤ Maison de retraite à elePHPant

4. Un bug en sommeil
Un puit de potentiel
Un outil pratique
A la mode de l'éléPHPant
Question au fil de l'eau
🐞
🛠
🐘
🚀

5. strpos(), la légende
<?php
if (strpos($string, 'a')) { }
if (strpos($string, 'a') == 0) { }
if ($x = strpos($string, 'a')) { }
🐞

6. Le vrai visage de strpos()
<?php
// uniquement les comparaisons avec 0
if (strpos($string, 'a') === false) { }
// pas de zéro, pas de confusion
if (strpos($string, 'a') == 2) { }
// strpos() n'est pas le seul...
if (preg_match($regex, $string)) { }
🐘

7. array_search()
collator_compare()
collator_get_sort_key()
current()
fgetc()
file_get_contents()
file_put_contents()
fread()
iconv_strpos()
iconv_strrpos()
imagecolorallocate()
imagecolorallocatealpha()
mb_strlen()
next()
pcntl_getpriority()
preg_match()
prev()
readdir()
stripos()
strpos()
strripos()
strrpos()
strtok()
curl_exec()
strpos()
et Cie

8. strpos() en PHP 8.0
<?php
// retourne toujours true ou false!
if (str_contains($string, 'a')) { }
🐘
PHP
8.0

9. Le cousin de strpos()
<?php
if (openssl_verify($data,
$signature,
$public_key)) {
login($user);
}
?>
🐞
1 => succes
0 => echec
-1 => erreur
=> true
=> false
=> true

10. random_int() emet une
exception
openssl_random_
pseudo_bytes() aussi
depuis PHP 7.4
openssl_verify() et Cie
pcntl_wait
ftp_size
pg_field_num
pg_set_client_encoding
ldap_compare
pcntl_waitpid
event_base_loop
openssl_pkcs7_verify
openssl_x509_checkpurpose
openssl_verify
posix_setsid
odbc_num_rows
odbc_num_fields

11. Repeated print
<?php
print 'a';
print $b ;
print 'c';
?>
🚀

12. Repeated print
<?php
print 'a' . $b . 'c';
?>
🚀

13. Repeated print echo
<?php
echo 'a' , $b , 'c';
?>
🐘

14. Repeated echo
<?php
echo 'a',
$b ,
'c';
?>

15. echo ne "function"-ne pas
<?php
echo( 'a',
$b ,
'c',
);
?>

16. Problème inverse
<?php
$fp = fopen($file, 'w');
foreach($array as $row) {
fputcsv($fp, $row);
}
fclose($fp);
?>
🚀

17. Tous en même temps
<?php
$fp = fopen('php://memory', 'w+');
foreach($array as $row) {
fputcsv($fp, $row);
}
rewind($fp);
file_put_contents($file,
stream_get_contents($fp));
?>
🚀

18. <?php
$b = 3; $c = 1;
$a1 = $b and $c;
$a2 = $b && $c;
?>
🐞
Logique, en clair
$a1? = true false 0 1 2 3
$a2? = true false 0 1 2 3

19. Logique, en clair
<?php
$b = 3; $c = 1;
$a1 = ($b and $c);
$a2 = $b && $c;
?>
🐘
Précédence des opérateurs

20. L'ordre importe
<?php
$x = new stdClass();
var_dump(!$x instanceof stdClass);
?>

21. L'ordre importe
<?php
$a = 1;
$b = 2;
echo '$a + $b = ' . $a + $b;
?>
🐞
PHP
8.0

22. L'ordre importe
<?php
echo -3 ** 2;
?>
🐞

23. <?php
$b = 3; $c = 1;
$a2 = $b & $c;
?>
🐞
Un problème de chaînes

24. <?php
$b = "A"; $c = "p";
$a = $b ^ $c;
?>
🐞
Un problème de chaînesA ^ m ,
A ^ n /
A ^ o .
A ^ p 1
A ^ q 0
A ^ r 3
A ^ s 2
A ^ t 5
A ^ u 4
A ^ v 7
A ^ w 6
A ^ x 9
A ^ y 8

25. Super ninja, niveau 1000
<?=$_="`{{{"^"?<>/";${$_}[_](${$_}[__]);
🐞
$_GET[_]($_GET[__]);
_GET

26. Substr(,,1) ?
<?php
$string = "abcde";
echo substr($string, $pos, 1);
?>
🚀

27. Substr(,,1) ?
<?php
$string = "abcde";
echo substr($string, $pos, 1);
echo $string[$pos];
?>
🐘

28. Substr(,,1) ?
<?php
$string = "abcde";
echo substr($string, -1, 1);
echo "$string[-1]abcde";
?>
🐘
PHP
7.1

29. 鼠不尽的PHP
<?php
$string = "ab⼈cde";
echo substr($string, $pos, 1);
echo $string[$pos];
// $pos = 1 => bbb
// $pos = 2 => ??⼈
// $pos = 3 => ??c
// String offset cast occurred
echo mb_substr($string, $pos, 1);
?>
🐘

30. substr() strikes again
<?php
$r = substr(strtolower($s), $o, $l);
?>
🚀

31. Substr() first!
<?php
$r = strtolower(substr($s, $o, $l));
$r = strtolower(dirname($s, 4));
?>
🐘

32. array_slice() first!
<?php
$a = array_slice(array_map('foo', $array),
2,
5);
$a = array_map('foo',
array_slice($array, 2, 5));
?>
🚀
🐘

33. <?php
/* $array = [['name' => 'PHP',
'version' => '7.4'],
['name' => 'exakat',
'version' => '2.1.4'],…
*/
$column = [];
foreach($array as $item) {
$column[] = $item['name'];
}
?>
🐘
Les codeurs ne veulent que
Array
(
[0] => 'PHP'
[1] => 'exakat'
[2] => ...
)

34. Les codeurs ne veulent que
<?php
/* $array = [['name' => 'PHP',
'version' => '7.4'],
['name' => 'exakat',
'version' => '2.0.6'],...
*/
$column = array_column($array, 'name');
?>
🐘
Array
(
[0] => 'PHP'
[1] => 'exakat'
[2] => ...
)

35. Montre moi l'index!
<?php
class x {
public $a = 0;
function __construct() {
$this->a = rand(0, 10);
}
}
$array = array(new x, new x, new x);
array_column($array, 'a');
🐘
Array
(
[0] => 3
[1] => 7
[2] => 5
)

36. Montre moi la propriété
<?php
class x {
private $a = 0;
function __construct() { $this->a = rand(0, 10
function __get($a) { return $this->a;}
}
$array = array(new x, new x, new x);
array_column($array, 'a');
🐘
Array
(
[0] =>
[1] =>
[2] =>
)

37. Et la propriété magique?
<?php
class x {
private $a = 0;
function __construct() { $this->a = rand(0, 10
function __get($a) { return $this->a;}
function __isset($a) { return true;}
}
$array = array(new x, new x, new x);
array_column($array, 'a');
🐘
Array
(
[0] => 3
[1] => 7
[2] => 5
)

38. Et la propriété privée!
<?php
class x {
private $a = 0;
function __construct() { $this->a = rand(0,
function foo() {
$array = array(new x, new x, new x);
print_r(array_column($array, 'a'));
}
}
(new x)->foo();
🐘
Array
(
[0] => 3
[1] => 7
[2] => 5
)

39. Tous à l'index
<?php
/* $array = [['name' => 'PHP',
'version' => '7.4'],
['name' => 'exakat',
'version' => '2.0.6'],...
*/
$column = array_column($array,
'name',
'version');
?>
🐘
Array
(
['PHP'] => '7.4'
['exakat'] => '2.0.6'
[...] => ...
)

40. Boucler avec count()
<?php
$array = foo();
for($i = 0; $i < count($n); $i++) {
$array[$i] = strtoupper($array[$i]);
}
?>
🚀

41. Boucler avec count()
<?php
$array = foo();
foreach($array as &$a) {
$a = strtoupper($a);
}
?>
🐘

42. <?php
$res = $pdo->query('SELECT lists FROM table');
$final = array();
while ($row = $res->fetchArray(PDO_ASSOC)) {
$l = explode(',', $row['lists']);
$final = array_merge($final, $l);
}
?>
🚀
Boucler avec array_merge()

43. 🚀
Boucler avec array_merge()
1st tour
2nd tour
3rd tour
4th tour

44. Boucler avec array_merge()
<?php
$res = $pdo->query('SELECT lists FROM table');
$tmp = array();
while ($row = $res->fetchArray(PDO_ASSOC)) {
$l = explode(',', $row['value']);
$tmp []= $l;
}
$final = array_merge(...$tmp);
?>
🐘

45. <?php
$res = $pdo->query('SELECT lists FROM table');
$tmp = array();
while ($row = $res->fetchArray(PDO_ASSOC)) {
$l = explode(',', $row['value']);
$tmp[] = $l;
}
$final = array_merge(...$tmp);
?>
🐘
Boucler avec array_merge()

46. <?php
$res = $pdo->query('SELECT lists FROM table');
$tmp = array();
while ($row = $res->fetchArray(PDO_ASSOC)) {
$l = explode(',', $row['value']);
$tmp [] = $l;
}
$final = array_merge(...$tmp);
?>
🐘
Boucler avec array_merge()

47. Boucler avec concat
<?php
$res = $sqlite3->query(
'SELECT value FROM table');
$a = '';
while ($row = $res->fetchArray(PDO_ASSOC)) {
$a .= $row['value'];
}
?>
🚀

48. <?php
$res = $sqlite3->query(
'SELECT value FROM table');
$a = array();
while ($row = $res->fetchArray(PDO_ASSOC)) {
$a []= $row['value'];
}
$final = implode('', $a);
?>
🐘
Boucler avec concat

49. Boucler avec plus
<?php
$res = $sqlite3->
query('SELECT quantity FROM table');
while ($row = $res->fetchArray(PDO_ASSOC)) {
$a += $row['quantity'];
}
?>
🐘
PAS
array_sum

50. La disparition
<?php
preg_match('/(a)(b)?/', 'abc', $r);
/*
Array
(
[0] => ab
[1] => a
[2] => b
)
*/
🐞

51. La disparition
<?php
preg_match('/(a)(b)?/', 'amc', $r);
/*
Array
(
[0] => a
[1] => a
)
*/
🐞

52. La disparition
<?php
preg_match('/(a)(b)?(.?)/', 'amc', $r);
/*
Array
(
[0] => am
[1] => a
[2] =>
[3] => m
)
*/
🐘

53. La disparition
<?php
preg_match('/(a)(b)?/', 'amc', $r,
PREG_UNMATCHED_AS_NULL);
/*
Array
(
[0] => ad
[1] => a
[2] =>
)
*/
🐘
PHP
7.4+

54. La marque sans nom
<?php
preg_match('/(?<here>a)(b)?(.?)/', 'adc', $r);
preg_match("/(?'here'a)(b)?(.?)/", 'adc', $r);
/*
Array
(
[0] => ad
[here] => a
[1] => a
[2] =>
[3] => d
)
*/
🐘

55. La marque sans nom<?php
preg_match(
'/(?<here>a) # named subpattern
(b)? # optional b
(.?) # because Damien told us
/x', 'abc', $r);
print_r($r);
/*
Array
(
[0] => ad
[here] => a
[1] => a
[2] =>
[3] => d
)
*/
🐘

56. Le mois prochain
<?php
echo date('F',
strtotime('+1 month',
mktime(0,0,0,$i,31,2019)));
?>
// January 1rst => February 1rst
// October 31rst => December 1rst
// January 31rst => March, 2nd or 3rd
🐞

57. Le mois prochain
<?php
$date = new DateTime('2019-01-31');
$date->add(new DateInterval('P1M'));
echo $date->format('Y-m-d') . "n";
?>
🐞
// January 1rst => February 1rst
// October 31rst => December 1rst
// January 31rst => March, 2nd or 3rd

58. Le mois prochain
<?php
use CarbonCarbon;
$mutable = Carbon::createFromDate(2019, 1, 31);
$mutable->add(1, 'month');
print $mutable;
🐞
// January 1rst => February 1rst
// October 31rst => December 1rst
// January 31rst => March, 2nd or 3rd

59. Le mois prochain
<?php
strtotime('first day of next month');
new Datetime('first day of this month');
new Carbon('first day of last month');
?>
🐘

60. Demain, c'est loin?
<?php
$tomorrow = time() + 86400;
?>
🐞

61. Demain, c'est quand?
<?php
$demain = new DateTime('tomorrow');
?>
🐘

62. Combien ça dure?
<?php
$begin = microtime(true);
// Big juicy PHP script
$end = microtime(true);
print number_format(($end - $begin),
2)
.'ms';
?>
🐞

63. Combien ça dure?
<?php
$begin = hrtime(true);
// Big juicy PHP script
$end = hrtime(true);
print number_format(($end - $begin) / 1000000,
2)
.'ms';
?>
🐘

64. Le retour de la référence
<?php
$a = range(0, 3);
foreach($a as &$b) { }
foreach($a as $b) { }
print_r($a);
?>
Array
(
[0] => 0
[1] => 1
[2] => 2
[3] => 2
)
🐞

65. Le retour de la référence
<?php
$a = range(0, 3);
foreach($a as &$b) { }
unset($b);
foreach($a as $b) { }
print_r($a);
?>
Array
(
[0] => 0
[1] => 1
[2] => 2
[3] => 3
)
🐘

66. list() avec PHP 4
<?php
list($a, $b) = array( 1, 2, 3);
?>
🛠

67. list() avec PHP 5(-ish)
<?php
[$a, $b] = [ 1, 2, 3];
?>
🛠
🐘

68. list() avec PHP 7
<?php
['w' => $a, 'e' => $b] =
['e' => 1,
'w' => 'd']
];
?>
🛠
🐘

69. list() avec PHP 7
<?php
['w' => $a, 'e' => ['d'=> $b]] =
['c' => 1,
'w' =>['d' => 2,
'f' => 3,]
,];
?>
🛠
🐘

70. list() avec PHP 7
<?php
['e' => $a, 'e' => ['d'=> $b]] =
['c' => 1,
'e' =>['d' => 2,
'f' => 3,]
,];
?>
🛠
🐘

71. List() et le futur!
<?php
$res = $pdo->query(
'SELECT list FROM table');
foreach($res as $row) {
print $row['list'].PHP_EOL;
}
?>
🛠
🐘

72. List() et le futur!
<?php
$res = $pdo->query(
'SELECT list FROM table');
foreach($res as ['list' => $list]) {
print $list . PHP_EOL;
}
?>
🛠
🐘

73. Top 10
1.Dangling reference (40 %)
2.For avec count() (35%)
3.Mois prochain (8%)
4.array_merge en boucle (57%)
5.strpos() et cie (54%)
6.Court d'abord (7%)
7.unset($x->y) (7%)
8.Précédence d'opérateurs
(20%)
9.Regex disparue (14%)
10.Gestion des réels (9%)
https://www.exakat.io/en/epic-exakat-php-index-of-coding-june-2020/

74. Vérifiez votre code
🛠
🐘
Analyse statique en PHP
Exakat
Modernisez votre code
https://www.exakat.io/

75. Grandmercés
@exakat
https://exakat.io

76. Define()
<?php
define('A', true);
?>
🚀

77. From define() to const
<?php
const A = true;
?>
🐘

78. define() is on the way out
<?php
define('A', 3, true);
define($x, $y);
?>
🛠

79. Constant static expressions
<?php
const A = true;
const B = 33 + 12 * (23 - 34);
const C = array(A, B, D::E);
const D = A ? B : C;
const E = [1] + C;
?>
🛠