Yii is a popular PHP development framework that has managed to hold its own in the fierce world of PHP framework. In effect, Yii is still a popular development framework for all categories of PHP projects.
Whichever PHP framework you opt for (I personally prefer Yii2), the success of the project depends entirely upon the quality of the code. In all instances, following the Yii development best practices ensures that your code is of the highest quality and that the overall project confirms to the quality specifications. The following Yii best practices are the result of the experiences of the Yii developers from all over the world.
Follow the Code Standards
Every framework has its own internal standards that are intended to prevent projects from turning into an unmanageable mess. Yii 2 framework uses the PSR-2 coding standards. The following are the essential recommendations of the PSR-2 coding standard:
- Files MUST use either <?php or <?= tags.
- There should be a newline at the end of the file.
- Files MUST use only UTF-8 without BOM for PHP code.
- Code MUST use 4 spaces for indentation. NO TAB!
- Class names MUST be declared in StudlyCaps.
- Class constants MUST be declared in all upper case with underscore separators.
- Method names MUST be declared in camelCase.
- Property names MUST be declared in camelCase.
- Property names MUST not start with an initial underscore if they are private.
- Always use elseif instead of else if.
Keep Yii Packages Updated
To upgrade Yii 2 framework, make sure you have a global installation of the latest version of the composer asset plugin and a stable version of Composer, so that everything works properly on your PHP website hosting.
composer self-update composer global require "fxp/composer-asset-plugin:^1.3.1" --no-plugins
The easiest way of updating Yii 2 is by running the composer require command with the proper version number. For instance, to update to version 2.0.10, use the following command.
composer require "yiisoft/yii2:~2.0.10" --update-with-dependencies
This command will only update Yii 2 and its direct dependencies, if necessary. Without –update-with-dependencies switch, the update will most likely fail because the Yii version you chose might have different dependencies than the version you have already installed. Because of security considerations, Composer require will, by default, not update any other packages.
Another way of updating the framework is to require the composer.json file the new Yii version and then run composer update by specifying all packages that are allowed to be updated.
composer update yiisoft/yii2 yiisoft/yii2-composer bower-asset/jquery.inputmask
The above command will only update the specified packages and leave the versions of all other dependencies intact. This updates packages step by step without causing a lot of package version changes that might cause dependency-related problems.
Optimized Overheads for Yii
When working with PHP frameworks and especially Yii, overheads should be avoided. For instance, image resizing should be done in a separate PHP script in order to avoid the extra overhead.
Use Active Record Instead of Query Builder and SQL
In a typical application, there is little need of using query builder because Active Records already provides very comprehensive functionality and a similar level of database abstraction. Generally, Active Records is most useful when adding and editing records, as it adds a convenient validation layer.
Cache Heavy Processes
Ideally, you should always avoid executing heavy process in every page load. However, if you have to use heavy process, use a cache. For instance, it is good practice to cache results of parsing the markdown text. Handling too much processing on a page can cause a lot of problems. For example, sending e-mails is a resource intensive process. This process should be placed into a queue and processed using cron or other scheduler/queue management tools.
Prevent SQL Injections
SQL injection attacks are used by attackers to execute malicious SQL statements at database level. These attacks involve actions such as changing the privilege/access levels and direct damage to the data items. You can prevent SQL injections by using Active Records because Active Records in Yii uses PDO prepared statements which are not vulnerable to SQL injections.
Profile and Test Applications
Even if you follow all the best Yii development practices, you still may not be able to see the best performance for your application. This is because of problems that still plague the code. The best way of dealing with these bottlenecks and problems is to avoid assumptions and always test and profile the code before trying to optimize it. You can use Tideways or Blackfire.io for easy profiling and monitoring the performance of the application.
Yii Performance Tuning
To ensure optimal performance for Yii applications, experts recommend that you use Nginx as your web server with a static level cache such as Varnish. You can also configure Memcache(d) or Redis for database level cache to boost the performance of database queries. Fortunately, Cloudways already provides this combination in its ThunderStack, thus offering an optimized environment for your Yii application. To try out ThunderStack firsthand, sign up for a free Cloudways trial account.
In this article, I discussed several basic but very important tips for the best development practices for Yii based apps. These Yii best practices ensure that the project complies to the accepted standards of code development. If you think I have missed out an important practice or would like to contribute to the discussion, do leave a comment below.