Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP

Posted by Helen Carr
Helen Carr
526 Points

If you are a beginner at web design, don't use PHP for the following reason.

If you are a newbie to developing websites, I would highly recommend you stay away from MySQL, a commonly used plugin for PHP. Website hackers use SQL injection to hack websites, so using MySQL when you are unfamiliar with protection against being hacked is highly discouraged. I would recommend you stick to HTML, JAVASCRIPT, CSS, RUBY and JQUERY.

6 Answers

John Steer-Fowler
PLUS
John Steer-Fowler
Courses Plus Student 11,734 Points
John Steer-Fowler
John Steer-Fowler
Courses Plus Student 11,734 Points

Hi Helen,

I would disagree with this actually. Personally, I found that PHP and MySQL gave me a better understanding of how databases and web systems work. By gaining an understanding of this, it helps to improve website security.

I love Ruby on Rails, but I personally think that it doesn't allow you to get as 'raw' and close with databases as PHP does. I agree that SQL injection can be a problem, but sometimes beginners need to experience this to gain valuable knowledge for security.

Also, HTML and CSS are required whatever you are creating websites with. PHP and Ruby add extra dynamics to a website.

I guess this is personal opinion, but I would recommend PHP and MySQL to anyone.

Richmond Lauman
Richmond Lauman
28,793 Points
Richmond Lauman
Richmond Lauman
28,793 Points

Once familiar with HTML and CSS though, a person can take the PHP and Mysql courses offered by Treehouse and learn how to prevent SQL injection.

Until then you can learn and use PHP without a database. You do bring up a good point to consider though Helen. If you are using PHP with a database, you need to make sure SQL cannot be injected via user input.

Richmond Lauman
Richmond Lauman
28,793 Points
Richmond Lauman
Richmond Lauman
28,793 Points

I guess I should also mention that if you are using PHP (even without a database) you need to be aware of how PHP code can be injected with user input. Treehouse also shows you what to watch for there and how to sanitize user input in order to prevent that.

Helen Carr
Helen Carr
526 Points
Helen Carr
Helen Carr
526 Points

That's cool, I didn't realise Treehouse taught you how to protect your self from those sorts of things.

stuart robson
stuart robson
3,597 Points
stuart robson
stuart robson
3,597 Points

Hi

Helen Carr
Helen Carr
526 Points
Helen Carr
Helen Carr
526 Points

Thanks for the replies guys. I guess it's true that beginners will have to experience it happening and just learn to stop it. PHP and MySQL are great to use, but SQL injection is just one of those things that is hard to avoid.

John Steer-Fowler
John Steer-Fowler
Courses Plus Student 11,734 Points

This is true, I think that the key to success with SQL and PHP is understanding how everything works. If you understand the languages fully, and understand exactly how your script is working then it's easier to be secure.