- Home
- Skills
- Jcastillotx
- Vibe Skeleton App
- Php Best Practices
php-best-practices_skill
- JavaScript
0
GitHub Stars
4
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill jcastillotx/vibe-skeleton-app --skill php-best-practices- metadata.json593 B
- package.json520 B
- README.md1.6 KB
- SKILL.md2.8 KB
Overview
This skill codifies PHP coding standards and best practices for writing, reviewing, and refactoring PHP code. It prioritizes security, error handling, and performance while covering type safety, OOP patterns, PSR standards, testing, and modern PHP features. Use it as a checklist to raise code quality across applications, WordPress plugins, and Laravel projects.
How this skill works
The skill inspects PHP tasks and recommends targeted rules based on priority categories such as security (critical), error handling, and performance. It maps common issues to concise rules (prefixed for clarity) and suggests concrete fixes like input validation, password hashing, OPcache usage, and strict typing. Results include actionable guidance you can apply immediately during development or code review.
When to use it
- Writing new PHP application code or modules
- Reviewing or refactoring existing PHP codebases
- Developing WordPress plugins, themes, or Laravel packages
- Implementing security hardening or performance tuning
- Preparing code for CI, testing, or deployment
Best practices
- Treat security rules as highest priority: validate inputs, escape outputs, avoid eval, and use password_hash()
- Use structured error handling: catch exceptions, define domain exceptions, and configure error reporting
- Optimize performance: enable OPcache, leverage Composer autoloading, and use generators for large data
- Enforce type safety: declare strict_types, explicit return types, and use nullable/union types where appropriate
- Follow PSR standards: PSR-12 for style, PSR-4 for autoloading, and PSR-7 for HTTP messages
- Prefer modern OOP: dependency injection, small interfaces, final classes, and constructor property promotion
Example use cases
- Audit a Laravel controller to add input validation, typed return signatures, and PSR-compliant logging
- Refactor a WordPress plugin to remove direct database queries, add prepared statements, and escape outputs
- Convert legacy scripts to use Composer autoloading, enable OPcache, and introduce strict_types for safety
- Add domain-specific exceptions and centralized error logging to improve observability
- Apply generator-based streaming to memory-heavy imports to reduce peak memory usage
FAQ
Security rules are critical: validate and sanitize inputs, escape outputs by context, avoid eval, and use strong password hashing.
How do I adopt these guidelines incrementally?
Start by enforcing security and error-handling rules, then add type declarations and PSR compliance. Tackle performance and modern PHP changes in smaller refactor iterations.