PHP

Write solid PHP avoiding type juggling traps, array quirks, and common security pitfalls.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "PHP" with this command: npx skills add ivangdavila/php

Quick Reference

TopicFile
Loose typing, ==, ===, type juggling, strict_typestypes.md
Associative arrays, iteration, array functionsarrays.md
Traits, interfaces, visibility, late static bindingoop.md
Encoding, interpolation, heredoc, regexstrings.md
Exceptions, error handling, @ operatorerrors.md
SQL injection, XSS, CSRF, input validationsecurity.md
PHP 8+ features, attributes, named args, matchmodern.md

Critical Rules

  • == coerces types: "0" == false is true — always use === for strict comparison
  • in_array($val, $arr) uses loose comparison — pass true as third param for strict
  • strpos() returns 0 for match at start — use === false not !strpos()
  • Never concatenate SQL — use prepared statements with PDO
  • htmlspecialchars($s, ENT_QUOTES) all output — prevents XSS
  • isset() returns false for null — use array_key_exists() to check key exists
  • foreach ($arr as &$val) — unset $val after loop or last ref persists
  • static:: late binding vs self:: early binding — static respects overrides
  • @ suppresses errors — avoid, makes debugging impossible
  • Catch Throwable for both Error and Exception — PHP 7+
  • declare(strict_types=1) per file — enables strict type checking
  • strlen() counts bytes — use mb_strlen() for UTF-8 character count
  • Objects pass by reference-like handle — clone explicitly with clone $obj
  • array_merge() reindexes numeric keys — use + operator to preserve keys

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Agent Causal

Helps decide to ship, continue, or roll back changes from A/B test and DiD data by providing statistical analysis, decisions, and audit trails.

Registry SourceRecently Updated
900zhumorris
Security

Code Review Inspector

Automated code review checking for bugs, security issues, best practices, performance problems, and code style

Registry SourceRecently Updated
250Profile unavailable
Security

Docker Optimizer

Optimize Dockerfiles with multi-stage builds, layer caching, security best practices, and size reduction techniques

Registry SourceRecently Updated
260Profile unavailable
Security

Skill Auditor

Audit core: a classification taxonomy and a severity scoring function, kept orthogonal. Operates on the whole skill bundle (SKILL.md plus any referenced scri...

Registry SourceRecently Updated
1250Profile unavailable
PHP | V50.AI