30 Symfonybestpractices

30 Symfony Best Practices

SymfonyDay 09, Cologne, Germany September 4th, 2009
Nicolas Perriault
Best Practices?
A Best practice is a technique, method, process, activity, incentive or reward that is believed to be more effective at delivering a particular outcome than any other technique, method, process, etc.The idea is that with proper processes, checks, and testing, a desired outcome can be delivered with fewer problems and unforeseen complications. Best practices can also be dened as the most efcient (least amount of effort) and effective (best results) way of accomplishing a task, based on repeatable procedures that have proven themselves over time for large numbers of people. -- Wikipedia, august 2009
Nicolas Perriault
Best Practices?
Making. Stuff. Efcient.
Nicolas Perriault
Best Practices?
Moreover, best practices in software development and symfony are all about:
improving communication between developers through standardization enhancing security, maintainability, portability and interoperability by increasing code quality
4
Nicolas Perriault
Disclaimer

These best practices are not sorted by importance, nor criticality All best practices listed here are debatable, at least because theyre based on my own experience There are always exceptions Some best practices are not symfony-specic ; Zake Igniter developers, you can take some notes too.
5
Nicolas Perriault
Lets begin...
Nicolas Perriault
#0
Always write symfony starting with a small cap.
Nicolas Perriault
#0

Always write symfony starting with a small cap. Or maybe not (mostly depends on the result of rand(0,
1))
Nicolas Perriault
#1
Manage the View within the View
View is intended to be handled in templates Try to avoid the use of the view.yml le Try to avoid handling the view from the controller (eeeek) or the model (youre red) Slots can help (a lot)
8
Nicolas Perriault
#1
For example, handling <title> tag and assets:
Note: here the value of $defaultTitle could (should) be handled in an app.yml conguration le
Nicolas Perriault
#1
Remember this: if youre a graphic designer/
integrator, you dont want to deal with YAML or complex PHP code to manage the presentation
Nicolas Perriault
10
#2
Always enable output escaping and CSRF
protection
starting with symfony 1.3, theyre enabled

by default
Nicolas Perriault
11
GOOD
Nicolas Perriault
12
#3
Always call a redirect after posting data for security purpose for ergonomy to avoid duplicates in database dont forget to add a ash message to the
end user after every transaction made
Nicolas Perriault
13
BAD
Nicolas Perriault
14
GOOD
Nicolas Perriault
15
#4

No Propel Criteria or Doctrine_Query instances, SQL queries and any ORM/RDBMS specic calls should ever be found neither in the templates nor in the actions. The more you couple your model to your controllers and views, the more itll be hard to change your persistence backend or strategy.
16
Nicolas Perriault
BAD
Doctrine_Collection
Nicolas Perriault
17
BETTER
Array
Nicolas Perriault
18
GOOD
Array (ideally)
Nicolas Perriault
19
#5
Symfony core les should never be
modied to add or change the features they provide, but replaced through the autoloading mechanism, or way better: extended. catching native symfony events can help a lot achieving this goal.
20
Tweaking the factories.yml le and

Nicolas Perriault
BAD
Unused
Nicolas Perriault
21
GOOD
Nicolas Perriault
22
#6
The templates must contain PHP
alternative templating syntax, for readability and ease of use.
Nicolas Perriault
23
BAD
Nicolas Perriault
24
GOOD
Nicolas Perriault
25
#7
Verify cache settings, especially that the If you use cache, create a staging
cache is actually enabled in prod environment. Dont laugh, it happened quite a lot. environment to test the caching strategy if it doesn't exist.
Better: avoid using cache. No kidding.

Nicolas Perriault
26
GOOD
Nicolas Perriault
27
#8
Use routes instead of raw module/action
couple in url_for(), link_to() and redirect() calls.
Also, default routes should be deactivated
by default (at least in apps which dont run admin-generator 1.0 modules)
Nicolas Perriault
28
#9
All code comments, phpdoc, INSTALL,
CHANGELOG and README les, variables,
functions, classes and methods names and more generally the developer documentation, should be written in English.
Nicolas Perriault
29
BAD
Nicolas Perriault
30
GOOD
Nicolas Perriault
31
#10
Catch and log exception messages, display
human readable error messages to the end user
Nicolas Perriault
32
BAD
Nicolas Perriault
33
GOOD
Nicolas Perriault
34
#11
Only deploy production front controllers in
production
Nicolas Perriault
35
BAD
Nicolas Perriault
36
BAD
Nicolas Perriault
37
#12
Ideally: A typical controller method should never
exceed ~30 lines.
A typical controller class should never

have more than ~15 action methods.
Nicolas Perriault
38
Nicolas Perriault
x
BAD
~2000 lines on this actions class (the slidescreen size was to short to list them all). Unmaintenable.
39
#13
Always apply consistent coding
standards.
Always apply Symfonys coding standards.
http://trac.symfony-project.org/wiki/HowToContributeToSymfony#CodingStandards
Nicolas Perriault
40
BAD
Nicolas Perriault
41
GOOD
Nicolas Perriault
42
#14
Session persistence logic should
reside in sfUser derived class methods, and only them.
Nicolas Perriault
43
BAD
Nicolas Perriault
44
GOOD
Nicolas Perriault
45
#15
Never serialize objects in the session
Nicolas Perriault
46
BAD
Nicolas Perriault
47
GOOD
Note: of course, a setRecentlySeenProducts() method could have been implemented in the myUser class.
Nicolas Perriault
48
#16
Always create customized 404 error and
500 error pages
Nicolas Perriault
49
BAD
Nicolas Perriault
50
GOOD
Nicolas Perriault
51
#17
There should never be any direct use of sfContext inside the Model layer (eg. sfContext::getInstance())
Because the sfContext instance you get can differ a lot regarding the used env (cli, test, dev, prod...) It would make your code quite untestable
Yes, its hard.

52
Nicolas Perriault
BAD
Nicolas Perriault
53
BAD
Nicolas Perriault
54
GOOD
Nicolas Perriault
55
GOOD
Nicolas Perriault
56
#18
Avoid creating a big generic utility class
with many static methods
It's like reinventing procedural Write specialized classes

Nicolas Perriault
programming or using functions
57
#19
Use sfLogger for debugging instead of
echoing variable or debug messages
FirePHP(1) or FireSymfony(2) custom loggers can be more than helpful to debug your app (webservices for example)
(1) http://rephp.org/ (2) http://resymfony.org/
Nicolas Perriault
58
GOOD
factories.yml
The FireSymfony Firebug extension for Firefox in action
Nicolas Perriault
59
#20
If source code is managed through a SCM tool, versioned les should NEVER contain passwords, local paths, etc.
Files containing them should be added to the ignore directive Typical example: the databases.yml le Distribute platform-dependent conguration les
60
Nicolas Perriault
BAD
Nicolas Perriault
61
GOOD
Nicolas Perriault
62
#21
Write unit and functional tests: test your (please Unit test symfony business logicits dont or Doctrine again,
already done)
Functionally test the user interface

when its important (eg.
404/403/401 HTTP codes, security and user authentication, transactions and forms, etc.)
Nicolas Perriault
63
#21
Hint: you can write your own functional browser/ tester to avoid duplicate test code
Nicolas Perriault
64
#22

Never use absolute paths in code, or at least put them in YAML conguration les. Make your symfony project portable: use dirname(__FILE__) to point at the symfony libs in the project conguration class. You can put symfony lib in a lib/vendor dir.
Nicolas Perriault
65
BAD
Nicolas Perriault
66
GOOD
Nicolas Perriault
67
#23
Data objects should always be represented
by a slug in urls, not a primary key
For security: numeric PKs are easily

guessable, whereas slugs are not
/article/symfony-rulez.html
For URL usability and SEO:

than /article/123.html
Nicolas Perriault
is sexier
68
#24
Every application or project specic You can share project-wide (crossconguration variable should be stored in its app.yml le applications) settings by putting an app.yml le within the root config/ folder of the project
69
Nicolas Perriault
BAD
Nicolas Perriault
70
GOOD
Default value
Nicolas Perriault
71
#25
Avoid versioning any generated Base* class
le, especially if you want to write reusable plugins or redistribute your work. behaviors to your model classes.
Maybe people will want to extend or add

Nicolas Perriault
72
#26
Use symfony tasks system for CLI batch
scripts
Tasks have access to all the symfony

facilities
Tasks are designed for the CLI Text output Pretty printing
Nicolas Perriault
73
#26
Nicolas Perriault
74
#27
Alter request and response
programmatically by using lters. and response.filter_content events too. whereas events are more clean and powerful. Matter of taste.
You can use the request.filter_parameters Filters are easy to setup and to debug,
Nicolas Perriault
75
GOOD
Nicolas Perriault
76
GOOD
Nicolas Perriault
77
#28

Always write a README, an INSTALL and a CHANGELOG le at the root of the project (or the plugin). If open sourced, a LICENSE le is appreciated too. And please dont release plugins under the terms of the GPL license. Symfony Plugin != Operating System
Nicolas Perriault
78
#29
Share features and modules across
applications by writing plugins
If its really cool, release it publicly

Nicolas Perriault
79
#30
Study other frameworks code! They might have good, even better ideas
to solve the problem you have
Even frameworks written in other

languages than PHP (Django, Rails, Spring...)
Nicolas Perriault
80
Questions?
Nicolas Perriault
nperriault@gmail.com +33 660 920 867
prendreuncafe.com | symfonians.net | symfony-project.org
Nicolas Perriault

30 Symfonybestpractices

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

30 Symfonybestpractices

Uploaded by

Copyright:

Available Formats

30 Symfony Best Practices