Page 1 of 1

Is it bad practice to handle all requests via index.php?

Posted: Tue Feb 05, 2008 7:22 pm
by sheepy
This is my first post, so before we begin, it might be polite to introduce myself! My name is Luke and I have been a working as web developer for nearly 2 years full-time. I am self taught and have been learning various programming languages for several years. I mostly develop websites with bespoke content management systems and/or e-commerce facilities.

Because these websites are large applications dealing with varied requests with a number of functions, the design pattern I have adopted is as follows. I have an index.php in the root that handles all of the requests, and I use .htaccess to make se friendly urls using mod_rewrite. This index.php file receives and sanitizes all $_GET['variables'], it then includes a settings file that includes all the default variables, and includes an includes file that includes all the php files for the functions the website uses. It then handles the request to send to the appropriate function for processing, then generates the HTML. In summary:

Start -> Receive Request -> Sanitize Request -> Load Settings -> Include Functions -> Handle Request -> Send to appropriate Function for Processing -> Generate HTML -> End

Now then, I am concerned this approach is not efficient on server resources, thus will not scale well if the application were to be used by a lot of users. If I am correct, could someone please suggest a better design pattern to approach my work with. Thank you for your time. :)

Re: Is it bad practice to handle all requests via index.php?

Posted: Tue Feb 05, 2008 7:59 pm
by Chris Corbyn
Sounds like you've got it all put together beautifully to me. Having one common entry point (i.e. index.php) is a common (and good) practise. Have a read around on the FrontController pattern :) I'm glad your flow explicitly generates HTML at the end too, and doesn't just imply that PHP code is a mish-mash of HTML and PHP ;)

EDIT | And just to bring something up about "scaling well". I agree that such a design can potentially use more memory per page request... but it will scale horizontally far more gracefully than a load of separate files :)

Re: Is it bad practice to handle all requests via index.php?

Posted: Tue Feb 05, 2008 8:02 pm
by Christopher
Look into the Front Controller and related Action Controller, which modularizes you 'Functions' into loadable classes using the Command pattern. You are on the right path!

Re: Is it bad practice to handle all requests via index.php?

Posted: Tue Feb 05, 2008 9:58 pm
by Kieran Huggins
I'm sort of a proponent of the return value of the "action" just being sent directly to the browser. Inside a try / catch block of course. Makes things like encoding an array to JSON (i.e. for an ajax request) is simply a matter of calling json_encode() and being done with it. Also simplifies the logic considerably, IMO.

You may also want to look into using a "route mapper" rather than passing "controller" and "action" to every request.

Keep going - you sound like you have a great start!

Re: Is it bad practice to handle all requests via index.php?

Posted: Wed Feb 06, 2008 3:04 am
by sheepy
cheers for the replies guys, I suppose to combat the potential problem regarding server resources I could re-arrange my pattern to this:

Start -> Receive Request -> Sanitize Request -> Load Settings -> Handle Request -> Include Only the Functions Required for this Particular Request -> Send to appropriate Function for Processing -> Generate HTML -> End

Re: Is it bad practice to handle all requests via index.php?

Posted: Wed Feb 06, 2008 3:15 am
by Chris Corbyn
How about:

Handle Request -> Send to appropriate Function for Processing -> Generate HTML

As in, let the "function for processing" load in its dependencies.

Re: Is it bad practice to handle all requests via index.php?

Posted: Wed Feb 06, 2008 3:22 am
by sheepy
Chris Corbyn wrote:How about:

Handle Request -> Send to appropriate Function for Processing -> Generate HTML

As in, let the "function for processing" load in its dependencies.
That sounds better, pretty much what I was trying to say! :)

Re: Is it bad practice to handle all requests via index.php?

Posted: Wed Feb 06, 2008 4:37 am
by Mordred
Depending on what you call "sanitize $_GET variables" you may have a security problem or dataflow bugs. Data cannot be made "clean" or "secure" without knowing its purpose first. So either some of the subsystems receive potentially bad input, or they receive "secure" but wrong input (i.e. additional slashes in HTML output). Also, the other superglobals ($_POST, etc) need processing as well. Post a sample or explain more what you do.