Course Philosophy: Each project takes one to two days and builds incrementally on previous concepts. Similar scope across projects, but increasing complexity in implementation details.
You have a solid foundation in JavaScript, web development fundamentals, and the MERN stack. This course bridges your existing knowledge with PHP-specific concepts, introducing server-side PHP development through twelve progressively challenging projects.
Vanilla PHP Course
At this point you should know enough JavaScript to understand server-side concepts. We're going to bridge that knowledge to PHP by building a personal dashboard that demonstrates how PHP handles requests differently from Node.js and Express.
Goal: Understand PHP syntax differences from JavaScript and server-side rendering
php -v. Create a project folder and start the built-in server with php -S localhost:8000.
index.php file. Unlike Node.js where you need Express to handle routes, PHP files are accessed directly through URLs. Your index.php will be the homepage at http://localhost:8000.
DateTime class and DateTimeZone. Remember, this runs on the server, not in the browser.
$_SERVER superglobal. Display PHP version with phpversion(), loaded extensions, and other server details. This is your first look at how PHP provides request data differently than Express's req object.
$_POST superglobal and display the result. Add server-side validation for empty fields and division by zero.
Key Differences from JavaScript/Node.js:
There's no event loop in PHP, so execution is synchronous. Each request is isolated rather than maintaining persistent connections. Variables use $ prefix. String concatenation uses . instead of +. The built-in server runs without needing an Express-like framework.
Vanilla PHP Course
Now that you understand basic PHP syntax, it's time to work with PHP's powerful array system and file operations. Unlike JavaScript's simple arrays and objects, PHP has both indexed and associative arrays with rich built-in functions.
Goal: Master PHP arrays (associative arrays) and basic file operations
data directory and a books.json file to store your data. This simulates a simple database before we move to MySQL.
['title' => 'Book Name', 'author' => 'Author Name'].
file_get_contents() to read the JSON file and json_decode() to convert it to a PHP array. Use json_encode() and file_put_contents() to save new data. This is similar to Node.js's fs.readFileSync but built into PHP.
foreach loop. Unlike JavaScript's forEach or map, PHP's foreach can iterate through both keys and values simultaneously with foreach ($books as $key => $book).
array_filter(). This is PHP's equivalent to JavaScript's filter() method but with different syntax.
usort() for custom sorting logic. Add clickable column headers that trigger different sort orders.
array_reduce(), array_map(), and array_count_values().
Vanilla PHP Course
As your PHP applications grow, mixing all logic in one file becomes messy. Time to learn proper code organization with functions and file separation, similar to how you'd organize an Express app with routes and controllers.
Goal: Learn to organize code with functions and separate concerns
includes, data, and views. This mirrors the MVC pattern you'd use in Express.
functions.php file for all your logic. Write functions for generating short codes (random 6-character alphanumeric strings), saving URLs, retrieving URLs, and tracking clicks. Use type hints like function saveUrl(string $longUrl): string.
config.php file to store constants like your data file path, base URL, and short code length. Use define() or const for configuration values.
require_once to include your functions file at the top. This is PHP's version of import or require.
redirect.php file that takes a short code from the URL (using $_GET['code']), looks up the long URL, increments the click count, and uses header('Location: ...') to redirect. Remember to call exit() after header redirects.
filter_var($url, FILTER_VALIDATE_URL) to ensure submitted URLs are valid before saving.
?? throughout your code for default values. For example: $page = $_GET['page'] ?? 'home'. This is cleaner than using isset().
Vanilla PHP Course
You're familiar with JavaScript classes from your work with React and Node.js. PHP's OOP is similar but with some syntax differences and additional features like visibility modifiers and abstract classes.
Goal: Transition from procedural to OOP, similar to JavaScript classes
Task class that has properties for title, description, priority (high/medium/low), due date, and completion status.
__construct(). Unlike JavaScript's constructor(), PHP uses magic methods with double underscores. Set default values for optional parameters.
private and create public getter and setter methods. This enforces encapsulation better than JavaScript's approach.
Project class that contains multiple tasks. Use composition: private array $tasks = [];. Add methods to add tasks, remove tasks, and get all tasks.
$this so you can chain calls like $task->setTitle('Title')->setPriority('high')->save().
private static int $nextId = 1; and public static function getNextId().
save() and load() methods that serialize the object to JSON and store it. Use json_encode($this) to serialize objects.
spl_autoload_register() to automatically load class files when they're first used.
Vanilla PHP Course
JSON files work for learning, but real applications need databases. Time to replace file storage with MySQL using PDO, PHP's database abstraction layer. This is similar to using Mongoose with MongoDB, but for relational databases.
Goal: Replace file storage with MySQL using PDO
task_manager. Design a schema with tables for projects and tasks with a foreign key relationship.
database.php file that establishes a PDO connection. Unlike Mongoose's simple connect, PDO requires a DSN (Data Source Name): new PDO('mysql:host=localhost;dbname=task_manager', $user, $pass). Set error mode to exceptions.
migrations folder with numbered SQL files. Build a simple PHP script that runs these migrations in order and tracks which ones have been applied.
$stmt = $pdo->prepare('SELECT * FROM tasks WHERE project_id = :id'). Never concatenate user input into SQL strings.
:project_id instead of question marks for clarity.
FETCH_ASSOC or FETCH_OBJ to get results as arrays or objects.
LIMIT and OFFSET. Create previous/next page links and calculate total pages.
$pdo->beginTransaction(), $pdo->commit(), and $pdo->rollBack() on error.
Vanilla PHP Course
Unlike Node.js where you'd use Passport or JWT, PHP has built-in session management. You'll learn how to implement authentication from scratch, understanding the fundamentals before using libraries.
Goal: Implement stateful user sessions and basic authentication
users table to your database with fields for id, email, password (hashed), and created_at. Add a user_id foreign key to the projects table.
password_hash() with BCRYPT algorithm, and insert the new user.
password_verify($inputPassword, $hashedPassword) to check credentials. Never store or compare plain-text passwords.
session_start() at the beginning of every page that needs session access. Store user data in $_SESSION after successful login: $_SESSION['user_id'] = $userId.
$_SESSION['user_id'] exists and redirects to login if not. Call this at the top of protected pages.
session_destroy() and redirects to the login page.
Vanilla PHP Course
Time to level up your OOP skills with inheritance, interfaces, and design patterns. You'll build a blog CMS that demonstrates professional PHP architecture patterns.
Goal: Learn inheritance, interfaces, and common design patterns
Content class with common properties (id, title, body, author_id, created_at, updated_at) and abstract methods that child classes must implement.
Post and Page classes that extend Content. Posts have categories and tags, while Pages have parent-child relationships for navigation.
Sluggable interface with a generateSlug() method. Both Post and Page should implement this to create URL-friendly slugs from titles.
Timestampable trait with methods for automatically setting created_at and updated_at. Use this trait in your content classes with the use keyword.
PostRepository and PageRepository classes that handle all database operations for their respective content types. This separates data access from business logic.
public function __construct(PDO $db).
App\Models, repositories in App\Repositories, etc. Use PSR-4 autoloading.
deleted_at timestamp. Modify queries to exclude soft-deleted records by default.
Vanilla PHP Course
You've built Express APIs before. Now build one in vanilla PHP to understand how frameworks like Laravel implement their API features under the hood.
Goal: Build a JSON API similar to Express, but in vanilla PHP
api folder separate from your web pages. All responses should be JSON, no HTML rendering.
$_SERVER['REQUEST_METHOD'] and $_SERVER['REQUEST_URI'] to route requests.
jsonResponse($data, $status = 200) that sets proper headers (Content-Type: application/json) and encodes data.
$_POST which only works for form data, read raw JSON from file_get_contents('php://input') and decode it.
Access-Control-Allow-Origin, Access-Control-Allow-Methods, etc. Handle OPTIONS preflight requests.
Vanilla PHP Course
Learn to handle file uploads securely and manipulate images using PHP's GD library. This is more complex than using npm packages in Node.js, giving you deeper understanding of file handling.
Goal: Handle file uploads, validation, and image manipulation
uploads folder with proper permissions (755) and add it to .gitignore.
enctype="multipart/form-data" and multiple attribute. Access uploaded files through $_FILES superglobal.
mime_content_type(), and verify actual image format. Never trust client-provided filename or type.
uniqid() or combine timestamp with random string. Keep original extension after validation.
imagecopyresampled().
exif_read_data(). Display camera model, settings, GPS coordinates if available. Handle missing data gracefully.
imagettftext() or imagecopy().
Vanilla PHP Course
Learn to send emails and handle operations that shouldn't block HTTP requests. Unlike Node.js where everything is async, PHP requires different approaches for background tasks.
Goal: Send emails and handle time-consuming operations
composer require phpmailer/phpmailer. This is PHP's equivalent to Nodemailer.
subscribers table with email, token, verified, and subscribed_at fields.
mail() function for production.
jobs table to store pending email sends. When sending to many subscribers, queue jobs instead of sending immediately.
Vanilla PHP Course
Security is critical in PHP applications. Learn to protect against XSS, CSRF, SQL injection, and other common vulnerabilities. This knowledge applies to any backend technology.
Goal: Implement comprehensive security measures
htmlspecialchars($data, ENT_QUOTES, 'UTF-8') on all output. Create a helper function. Never output raw user data to HTML.
bin2hex(random_bytes(32)), store in session, include as hidden input, and verify on submission.
filter_var() with appropriate filters (FILTER_VALIDATE_EMAIL, FILTER_VALIDATE_INT, etc). Validate types, formats, and ranges.
Content-Security-Policy header that disallows inline scripts and limits resource origins.
session.cookie_httponly = 1, session.cookie_secure = 1 (for HTTPS), and session.use_strict_mode = 1 in php.ini or via ini_set().
Vanilla PHP Course
This final project synthesizes everything you've learned. You'll build a complete project management application that could be used in production with some polish.
Goal: Combine all learned concepts into a complete application
project_members junction table.
activities table. Display a chronological feed.
$argv to parse arguments.
Next Steps After Completion:
Once you finish this project, you'll have a solid foundation in vanilla PHP. You're ready to explore Laravel (the most popular PHP framework), Symfony (enterprise-grade), API development with modern tooling, PHPUnit for testing, and DevOps practices with Docker and CI/CD.