Anti-Pattern¶
An anti-pattern is a common but counterproductive solution to a recurring problem. Unlike a mistake made once, an anti-pattern is a response that appears reasonable or even familiar, is applied repeatedly, and systematically produces negative consequences: increased complexity, fragility, poor performance, or security vulnerabilities.
The term was coined in 1995 by Andrew Koenig and popularised by the 1998 book AntiPatterns by Brown, Malveau, McCormick, and Mowbray. It draws an explicit parallel with design patterns: where a design pattern documents a proven good solution, an anti-pattern documents a proven bad one, together with the root cause, the symptoms that reveal it, and the refactored solution that replaces it.
Anti-patterns appear at every level of software development:
Architectural anti-patterns: big ball of mud, god object, spaghetti code
Design anti-patterns: singleton overuse, service Locator, magic container
Coding anti-patterns: copy-paste programming, premature optimisation, magic numbers
PHP-specific anti-patterns: suppressing errors with
@, usingeval()for configuration,register_globals-era dynamic variable injection
Recognising anti-patterns is a key skill in code review and static analysis. Exakat detects a wide range of PHP anti-patterns through dedicated rules.
<?php
// Anti-pattern: God Object — one class that knows and does everything
class Application {
public function connectDatabase() { /* ... */ }
public function renderHtml() { /* ... */ }
public function sendEmail() { /* ... */ }
public function validateInput() { /* ... */ }
public function logError() { /* ... */ }
// ... dozens more methods
}
// Anti-pattern: error suppression hiding real problems
$result = @file_get_contents('data.json'); // silences warnings instead of handling them
// Anti-pattern: magic numbers with no explanation
if ($status === 3) { // What does 3 mean?
redirect();
}
?>
See also Anti-pattern — Wikipedia and AntiPatterns book (Brown et al., 1998).
Related : Pattern, Fat Controller, Static Application Security Testing (SAST), Analysis