phpWrite solid PHP avoiding type juggling traps, array quirks, and common security pitfalls.
Install via ClawdBot CLI:
clawdbot install ivangdavila/phpRequires:
| Topic | File |
|-------|------|
| Loose typing, ==, ===, type juggling, strict_types | types.md |
| Associative arrays, iteration, array functions | arrays.md |
| Traits, interfaces, visibility, late static binding | oop.md |
| Encoding, interpolation, heredoc, regex | strings.md |
| Exceptions, error handling, @ operator | errors.md |
| SQL injection, XSS, CSRF, input validation | security.md |
| PHP 8+ features, attributes, named args, match | modern.md |
== coerces types: "0" == false is true — always use === for strict comparisonin_array($val, $arr) uses loose comparison — pass true as third param for strictstrpos() returns 0 for match at start — use === false not !strpos()htmlspecialchars($s, ENT_QUOTES) all output — prevents XSSisset() returns false for null — use array_key_exists() to check key existsforeach ($arr as &$val) — unset $val after loop or last ref persistsstatic:: late binding vs self:: early binding — static respects overrides@ suppresses errors — avoid, makes debugging impossibleThrowable for both Error and Exception — PHP 7+declare(strict_types=1) per file — enables strict type checkingstrlen() counts bytes — use mb_strlen() for UTF-8 character countclone $objarray_merge() reindexes numeric keys — use + operator to preserve keysGenerated Mar 1, 2026
Building an online store with product listings, shopping cart functionality, and secure payment processing. This scenario requires strict type checking to avoid bugs in pricing calculations and robust security measures like prepared statements to prevent SQL injection during order management.
Developing a CMS for publishing articles with user authentication and content editing features. It involves handling arrays for dynamic content structures, using htmlspecialchars to prevent XSS in user-generated content, and implementing error handling for file uploads and database interactions.
Creating RESTful APIs to serve data to mobile apps, such as user profiles or real-time notifications. This requires leveraging PHP 8+ features like attributes for routing, strict typing to ensure data consistency, and secure input validation to protect against CSRF and injection attacks.
Developing a tool for generating financial reports with data aggregation and export capabilities. It demands precise array manipulation for data sets, avoiding type juggling in calculations, and using prepared statements to securely query transaction databases.
Building a learning management system that includes quiz functionality, score tracking, and user progress dashboards. This scenario involves string handling for question formatting, error management for user inputs, and object-oriented design with traits for reusable quiz logic.
Offering a subscription-based web application, such as a project management tool or CRM, built with PHP. Revenue is generated through monthly or annual fees, with features like user management and data analytics requiring secure coding practices and modern PHP features for scalability.
Providing bespoke PHP development services for clients across industries, from small businesses to enterprises. Revenue comes from project-based contracts, focusing on delivering secure, maintainable code with adherence to best practices like strict comparisons and error handling to reduce long-term support costs.
Operating an online marketplace where third-party sellers list products, with PHP handling the core platform. Revenue is earned through transaction fees, commissions, and premium listings, relying on robust security measures to protect user data and prevent fraud in payment processing.
💬 Integration Tip
Integrate this skill by setting up a local PHP environment with strict_types enabled and using version control for code management to apply best practices like prepared statements and error handling consistently.
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
Provides a 7-step debugging protocol plus language-specific commands to systematically identify, verify, and fix software bugs across multiple environments.
A comprehensive skill for using the Cursor CLI agent for various software engineering tasks (updated for 2026 features, includes tmux automation guide).
Write, run, and manage unit, integration, and E2E tests across TypeScript, Python, and Swift using recommended frameworks.
Control and operate Opencode via slash commands. Use this skill to manage sessions, select models, switch agents (plan/build), and coordinate coding through Opencode.
Coding style memory that adapts to your preferences, conventions, and patterns for consistent coding.