Two members of the Hologram engineering team pair programming in the Hologram office

Here at Hologram, we use two main programming languages for our backend stack: PHP and Python. Our PHP component is the one that is the most visible to users since that is our entire REST API.

We do get some questions on why we use PHP in such a major role because the conventional wisdom is that PHP is outdated or clunky. My contention is that PHP suffers from this view because of two reasons:

  1. People learned it back in 2005 when it was a younger language and was lacking a lot of really useful or common features like classes
  2. In order to maintain compatibility, many popular applications *cough* Wordpress *cough* didn’t take advantage of a lot of the newer stuff and people had to keep hacking on old-fashioned PHP well past the time a lot of great new features were introduced.

Because of this, I want to defend PHP as a really useful language and a great fit for our needs.

I think a lot of people already know that PHP has some good built-in web server features, like a global array for getting HTTP headers or built-in session cookie support, but they may not know about a lot of other features that make it a solid language overall.

Here are some of the great pieces of PHP:

Classes!

Yes, back in the day PHP didn’t have classes and things could get messy very quickly. I recall long lists of include calls to pull in all the functions you’d need and having to keep passing tons of arguments around to functions with really long names.

Well, have no fear; PHP has great object support these days. Classes, constructors, destructors, namespaces, inheritance, and all that good stuff.

But it goes beyond that into what is a great feature that is more unique to PHP:

The Autoloader

PHP has a useful feature where it can automatically load the file for a class if the class hasn’t been loaded already. This means no more blocks of include/require statements at the top of all your files. If you use a class then it gets loaded.

On its own, this is already really nice, but what makes this a game changer is that the specific autoloading logic can be totally customized in your application and multiple autoloaders can be chained together. This means that all of your third party libraries get autoloaded as well.

In your code, you just create your classes or call their methods and everything gets pulled in for you. No need to include anything manually or fight with include paths like in other languages. In the entire Hologram codebase outside of test code, we call include() or require() maybe twice.

But speaking of those third party libraries…

Package Management

PHP has package management systems to rival those of other languages. The one we use at Hologram is called Composer, which is the most popular one. It’s incredibly simple to use and stores all settings in JSON files. You can give it version ranges to use for each package and it’ll generate a lockfile that could be checked into the repo if you want to be extra careful about making sure everyone is using the exact same package revision.

To add a new package into the JSON file and install it, it’s as simple as

composer install somepackage


Frameworks

PHP has a great developer community around it these days and so not only are there a ton of individual libraries to use, but full frameworks that can help make building an app much easier. At Hologram, we use the Slim Framework which has a very simple router for defining our API calls as well as other useful features, like an easy method for adding middleware which comes in handy for authentication and rate limiting code.

Other popular frameworks include Laravel and Symfony.

PDO

PHP has the best database integration of any language I’ve used and PDO is the cornerstone of that. PDO stands for PHP Database Objects and it is the preferred way to execute your SQL queries.

It includes all the usual functions for running queries and paging through the results. Rows can be returned as PHP associative arrays which means that all columns are properly labelled in the array itself.

The best part is that it supports parameterized queries and automatically sanitizes the inputs for you. This means that you can do something like this:

// define $database as a PDO object $stmt = $database->prepare("SELECT * FROM users WHERE id = ?;"); $result = $stmt->execute([$idnumber]); $rows = $result->fetchAll();

PDO will automatically replace that “?” with the value in $idnumber and it will properly escape things to prevent SQL injection attacks for you.

You can also do cool things like named parameters:

// define $database as a PDO object $values = ['id' => 10, 'email' => 'someemail@hologram.io']; $stmt = $database->prepare('SELECT * FROM users WHERE id = :id AND email = :email;'); $result = $stmt->execute($values); $rows = $result->fetchAll();

In this case, PDO will replace the parameters properly from that array while still sanitizing them.

PDO also exposes all the same interfaces regardless of the underlying database engine. There are of course the occasional SQL differences between engines, but most of the time you simply specify the type of database when you initially connect and then make all the same function calls you would for anything else.

Phinx

Speaking of databases, I want to mention a fantastic third party library we use called Phinx to do all of our database migrations. Anytime we need to make a schema change, we define it entirely using PHP code that Phinx then runs on the database. Migrations look like this:

$orders = $this->table('orders'); $orders->addColumn('invoice_text', 'string', ['length'=>256, 'default'=>'']) ->update();

Check them out at phinx.org

Lots of useful built-in functions

One final aspect that makes things easier and faster in PHP is all of the great built-in utility functions.

Let’s say you have a result set from a database which would be an array of row arrays. You want to pull the name column from each one. You could of course do this with a map function, which PHP supports as well, but why not do this the easy way:

$names = array_column($rows, 'name');

That’s it. And it’s very fast, as that would all be running in PHP’s C internals.

There are dozens more like that, for everything from doing more array operations to parsing XML to manipulating uploaded files and PHP has great documentation on all of them.

A few useful ones that we like:

array_chunk - Break an array into smaller chunks of any size

array_unique - Remove all duplicate values from an array

DateTime - A whole class for handling dates that can also parse plain English date descriptions like “midnight first day of next month”

fpassthru - Reads a file and sends it right back out to the user

str_getcsv - Part of built-in CSV parsing, this reads a CSV row from a string

urlencode - URL encode a string

And don’t forget useful operators like ?? which allows you to check for index existence in an array while specifying a default value.

$a = $some_array[$x] ?? 500;

Conclusion

Consider PHP for your projects! It’s better than you think.

Further Reading

Modern PHP by Josh Lockhart (The author of the Slim Framework)

phptherightway.com (Also by Josh Lockhart and Phil Sturgeon)


Get online in under a week

Start conquering the entire globe with a simple SIM swap. We’re here every step of the way.