PHPDeveloper.org

php[architect]: October 2014 Issue Released - Built with PHP

Wed, 10/22/2014 - 19:03

The php[architect] magazine has officially released their October 2014 edition of their publication: "Built with PHP".

This month's edition includes articles like:

  • "We Built DataSift on PHP" by Michael Heap
  • "Domain Modeling with PHP in Polyglot Systems" by Luis Atencio
  • "Test Fixtures Like a Boss" by Giulio De Donato
  • "Varnish: Just Plain Faster" by Dan Reif
  • "Laravel Tips: Deploying Applications Part 2: Automation" by Dirk Merkel

...and all of your favorite columns from the editors and staff of the magazine. You can pick up a copy for yourself directly from the php[architect] website or grab a full year's subscription (either in digital or print versions....or both).

Link: http://www.phparch.com/magazine/2014-2/october/

SitePoint PHP Blog: Book Review: Practical Design Patterns in PHP

Wed, 10/22/2014 - 18:17

The SitePoint PHP blog has posted a new book review from editor Bruno Skvorc about the "Practical Design Patterns in PHP" book from author Brandon Savage. The review talks both about some of Bruno's impressions of the content in the book and a bit about self-publishing too.

This review of Brandon Savage's Practical Design Patterns in PHP will include my own opinions and impressions about both the book, and the aspect of self-publishing. Many thanks to Brandon for giving me a review copy. "Design patterns are about common solutions to common problems. [...] They are concepts, not blueprints; ideas, not finished designs. [...] They add clarity to an otherwise difficult situation."

Bruno starts off with a look at the actual content of the book: its coverage of each of the patterns (17 in all), ones that he sees as missing and some of his "gripes" with the examples provided. He also talks about Brandon's choice around models being where primary functionality lives. He finishes the post talking about what he calls the "curse of knowledge" (for example, mentioning other advanced topics without knowing of the reader understands them) and the thoughts around self-publishing and some of the issues he has with it.

Link: http://www.sitepoint.com/book-review-practical-design-patterns-php/

Symfony Blog: The Symfony Project turns 9!

Wed, 10/22/2014 - 17:50

There's some major news from the Symfony project (with matching post on their blog) worth celebrating - the framework and project are celebrating nine years since the first commits were made by Fabien Potencier himself.

Where does the time go? This milestone reminds us all of how Symfony has become an important part of our professional lives and been changing the way we work with code for almost a decade! (We won't even talk about the whole "we're all getting older" thing!) [...] Over the last several years, the Symfony project has completely and continually reinvented itself. Originally a pure MVC framework with some auto-magical features, now it's both a set of decoupled components and a full-stack Request-Response framework backed by a vast development community.

They also talk some about the Symfony community and include a special thanks to all of the developers that have contributed their talents, both in code and documentation, to the framework over the years.

Link: http://symfony.com/blog/the-symfony-project-turns-9

NetTuts.com: Securing Your Server Login

Wed, 10/22/2014 - 16:43

While PHP developers usually pay more attention to the code level of things, it's good to know something about managing the servers their applications live on too. In this most recent tutorial from NetTuts.com they introduce you to some of the basic things you can do to help secure your server against potential attacks, more specifically around the logins.

Thanks to the growing abundance of useful self-hosted apps such as WordPress and the affordable growth of cloud hosting providers, running your own server is becoming increasingly compelling to a broader audience. But securing these servers properly requires a fairly broad knowledge of Linux system administration; this task is not always suitable for newbies.

They provide a list of seven things to look at (not a comprehensive list, but good none the less) to protect your system logins:

  • Update Your System Components
  • Change Your SSH Port From the Default
  • Activate a Firewall
  • Change Your Root Login Name
  • Activate Google Two-Factor Authentication
  • Switch to Using SSH Keys for Login
  • Manage Your Application Security

Each item includes a summary of the "why" and commands or links to other resources with more information.

Link: http://code.tutsplus.com/tutorials/securing-your-server-login--cms-22001

HHVM Blog: Hack: Recent Updates

Wed, 10/22/2014 - 15:37

On the HHVM blog today they've posted some updates about the language that helps power the HHVM (HipHop Virtual Machine), Hack, and the most recent changes and improvements made to the language.

One thing we haven't talked about much is the progress and evolution of the language itself. We've been busy driving the language forward, improving its PHP base as well as adding new features requested inside and outside Facebook to further increase developers' productivity. But unless you're the sort of person that reads every commit going into the HHVM github repository or every change to our docs site, you probably have no idea about any of these changes since we haven't talked much about them yet.

This post is a "kickoff" of a series of posts they'll be doing covering some of the major changes to the language including:

  • Typechecking new static()
  • First-class enums
  • Better understanding the type signatures of the PHP standard library
  • Covariance

Stay tuned to the blog for the full series.

Link: http://hhvm.com/blog/6443/hack-recent-updates

Community News: Packagist Latest Releases for 10.22.2014

Wed, 10/22/2014 - 14:01
Recent releases from the Packagist:

SitePoint PHP Blog: Drupal 8 Hooks and the Symfony Event Dispatcher

Tue, 10/21/2014 - 19:14

The SitePoint PHP blog has a new tutorial posted today showing the interaction between Drupal 8 hooks and the Symfony dispatcher in the last part of their series showing how to build a custom Drupal 8 module.

With the incorporation of many Symfony components into Drupal in its 8th version, we are seeing a shift away from many Drupalisms towards more modern PHP architectural decisions. For example, the both loved and hated hook system is getting slowly replaced. Plugins and annotations are taking away much of the need for info hooks and the Symfony Event Dispatcher component is replacing some of the invoked hooks. Although they remain strong in Drupal 8, it's very possible that with Drupal 9 (or maybe 10) hooks will be completely removed.

He starts off with a brief introduction to what the event dispatcher is and how it currently interacts with the Drupal 8 system. He uses a simple form example with two text fields and how to hook in the dispatcher to fire a "demo_form.save" event when the user submits the form. He ties this into a DemoEvent and sets up a simple subscriber. He ends the article with a look at using hooks to achieve the same kind of goal.

Link: http://www.sitepoint.com/drupal-8-hooks-symfony-event-dispatcher/

NetTuts.com: Building Advanced Email Features With IMAP and PHP

Tue, 10/21/2014 - 18:19

On the NetTuts.com site they've posted a tutorial showing you how to build advanced features with IMAP and PHP. He bases it on the SimplifyEmail project and incldues examples of three different features to get you started.

Analysis of my own email showed I was receiving email from more than 230 automated senders, far fewer actual people. I was tired of constructing filters in Gmail and filling in a myriad of unsubscribe forms. I wanted to have more control over managing my email and simplifying my life. Finally, this past year, I decided to build the features I needed. The result is Simplify Email (SE), a small web app you can host yourself which offers a variety of cool new email features all of which you can check out on the project website. The coolest thing about SE is that it's a platform for reading, analyzing, routing and managing your email - the possibilities abound. Simplify Email is essentially a programmable playground for "hacking" your own email.

His three examples show you how to:

  • Checking your inbox and filter messages
  • Implement a Whitelist challenge to unknown senders
  • Reporting unanswered email

Each of these comes with plenty of code examples, screenshots and output examples (as well as some places where you might need to change some SE configuration values).

Link: http://code.tutsplus.com/tutorials/building-advanced-email-features-with-imap-and-php--cms-22059

Anthony Ferrara: Educate, Don't Mediate

Tue, 10/21/2014 - 17:53

In his latest post Anthony Ferarra makes a suggestion about teaching developers how to solve problems via a "quick fix" versus educating them about the real problem: educate, don't mediate.

Recently, there has been a spout of attention about how to deal with eval(base64_decode("blah")); style attacks. A number of posts about "The Dreaded eval(base64_decode()) - And how to protect your site and visitors" have appeared lately. They have been suggesting how to mitigate the attacks. This is downright bad. The problem is that these posts have been suggesting things like "Disable eval()" and "Disable base64_decode()" as possible solutions. And while technically that would work, it completely misses the point, and does nothing to protect users

He suggests that developers shouldn't just look for a "quick fix" solution posted in a tutorial somewhere and go on their merry way. One danger in this is that those instructions could only be patching part of the problem, not all of it. In this case, the disable eval/base64 handling is only a code-level fix. If this exploit exists in your application, the attacker was able to get to the local file system - a much bigger problem.

Link: http://blog.ircmaxell.com/2014/10/educate-dont-mediate.html

Phil Sturgeon: PHP Wars: Attack of the Clones

Tue, 10/21/2014 - 16:18

In one of his recent posts Phil Sturgeon talks about what he calls the "Attack of the Clones" on Packagist. In this case, he's referring to the number of packages that all pretty much do the same thing, just in slightly different ways.

n the last article I said I wanted to write about when its a good idea to release a component. A lot of this comes down to: is there one out there that does what I want, and if so, can I use it. This blog post is going to touch on a lot of points already made well by Anthony Ferrera. His article Reinvent The Wheel! says many of the same things, so if you only have time to read one article right now, go and read that. I've been talking with various people on Twitter about how I see a lot of people building what I consider to be clones. [...] It should go without saying that I'm not trying to quash innovation; I just don't think building identical shit over and over again is innovation. I see people wasting their time, and I know that time could go to better use.

He talks about how he's not opposed to innovation and development for the sake of learning, but that often the packages released are lower-powered versions of already established, well-tested packages. These kinds of packages can clutter the results when the packages are searched and prevent developers from finding the best fit for what they need. He mentions frameworks, but doesn't dwell on them as they're a bit more "self-contained" than just packages. He also touches on the curation of packages (guiding people to the right ones) as a possible solution and looks at how some of the other communities out there handle this same problem.

Link: https://philsturgeon.uk/blog/2014/10/php-wars-attack-of-the-clones

Voices of the ElePHPant: Interview with Ross Tuck

Tue, 10/21/2014 - 15:27

The Voices of the ElePHPant podcast has released its latest community interview, this time with Ross Tuck, well-known PHP speaker and community member.

In this episode Cal and Ross talk about the speaking he does at conferences and various events. They talk about how developers can make the jump into speaking and how it's a way to "give back" to the community. They also talk about Ross' decision to move to the Netherlands and the community that's coming from that area. Finally, they talk about his wide range of conference types.

You can listen to this latest show either through the in-page audio player or by downloading the mp3. If you enjoy the interview, be sure to subscribe to their feed.

Link: http://voicesoftheelephpant.com/2014/10/21/interview-with-ross-tuck/

Community News: Packagist Latest Releases for 10.21.2014

Tue, 10/21/2014 - 14:07
Recent releases from the Packagist:

Community News: Latest PECL Releases for 10.21.2014

Tue, 10/21/2014 - 13:07
Latest PECL Releases:
  • pq 0.5.2 * Support PostgreSQL 9.0 and up * Make JSON support optional

  • pecl_http 2.1.3 * Fix build with libcurl < 7.26 (Remi)

  • uopz 2.0.6 fix builds with >= 50600 (zend_is_true changes)

  • pq 0.5.0 + Published documentation at http://devel-m6w6.rhcloud.com/mdref/pq + Added pqConnection::$params + Added pqConnection::declare(), pqConnection::declareAsync() and pqCursor + Added pqConnection::unlisten() and pqConnection::off() + Added pqConnection::$defaultFetchType, pqConnection::$defaultTransactionIsolation, pqConnection::$defaultTransactionReadonly and pqConnection::$defaultTransactionDeferrable + Added pqConnection::$defaultAutoConvert and pqResult::$autoConvert + Added pqResult::CONV_BOOL, pqResult::CONV_INT, pqResult::CONV_FLOAT, pqResult::CONV_SCALAR, pqResult::CONV_ARRAY, pqResult::CONV_DATETIME, pqResult::CONV_JSON and pqResult::CONV_ALL + Always declare pqTypes OID constants + Added pqResult::fetchAllCols() - Reverse arguments of pqResult::fetchCol() - Attempt to access properties of objects that have not been initialized by its constructor will throw E_RECOVERABLE_ERROR - Renamed pqConverterInterface to pqConverter - Added second argument "$type" to pqConverter::convertFromString() and pqConverter::convertToString() * Fixed wakeup of persistent connections to ping the server with an empty query and eventually reset the connection * Fixed possible invalid free and leak * Fixed a possible crash

  • pq 0.5.1 + Fixed build with PostgreSQL <= 9.2

SitePoint PHP Blog: PHP and RabbitMQ: Advanced Examples

Mon, 10/20/2014 - 20:19

On the SitePoint PHP blog Miguel Ibarra Romero continues his series looking at the use of RabbitMQ with PHP in part two. He builds on the code (and setup) from the first part of the series and gets into some more advanced examples this time.

In part 1 we covered the theory and a simple use case of the AMQP protocol in PHP with RabbitMQ as the broker. Now, let's dive into some more advanced examples.

The remainder of the post includes two examples of more advanced operations:

  • Example 1: send request to process data asynchronously among several workers
  • Example 2: send RPC requests and expect a reply

Each example includes a diagram of the overall flow of the process, the code to make it happen both for the sender and receiver.

Link: http://www.sitepoint.com/php-rabbitmq-advanced-examples/

NetTuts.com: Design Patterns: The Facade Pattern

Mon, 10/20/2014 - 19:17

NetTuts.com has continued their series covering common design patterns and their implementation in some example PHP scripts today. In their latest post they focus on the Facade pattern, a member of the "structural" family of patterns.

When it comes to design patterns, you may have questions: Why should we use design patterns in programming? Our code can work just fine without it. [...] Code that employs design patterns is easy to understand, easy to maintain, and easy to extend.[...] In this tutorial, we are going to cover the facade design pattern. It falls under the category of structural patterns because it deals with how your code should be structured to make it easily intelligible and keep it well maintained in the long term.

They start with a UML layout of a typical Facade and include a typical problem/solution where it could be used. They get into a code example that creates a simple checkout process. In this process, they use the Facade pattern to create a more maintainable, extensible ordering workflow.

Link: http://code.tutsplus.com/tutorials/design-patterns-the-facade-pattern--cms-22238

Quandidate.com Blog: Using the Accept Header to version your API

Mon, 10/20/2014 - 18:56

On the Qandidate.com blog today there's a new tutorial talking about the use of the Accept header in REST HTTP requests and, more specifically, working with it in a Symfony-based application.

I investigated different ways to version a REST API. Most of the sources I found, pretty much all said the same thing. To version any resource on the internet, you should not change the URL. The web isn't versioned, and changing the URL would tell a client there is more than 1 resource. [...] Another thing, and probably even more important, you should always try to make sure your changes are backwards compatible. That would mean there is a lot of thinking involved before the actual API is built, but it can also save you from a big, very big headache. [...] Of course there are always occasions where BC breaks are essential in order to move forward. In this case versioning becomes important. The method that I found, which appears to be the most logical, is by requesting a specific API version using the Accept header.

He shows how to create a "match request" method in his custom Router that makes use of the AcceptHeader handling to grab the header data and parse it down into the type and API version requested. He also includes an example of doing something similar in the Symfony configuration fil e but hard-coding the condition for the API version by endpoint.

Link: http://labs.qandidate.com/blog/2014/10/16/using-the-accept-header-to-version-your-api/

Laravel Podcast: Episode 18 - Laravel 5 Routing, the War over PHP Annotations, and The Secret Weapon

Mon, 10/20/2014 - 17:05

The Laravel Podcast has released their latest episode, Episode #18: Laravel 5 Routing, the War over PHP Annotations, and The Secret Weapon(tm). Join hosts Shawn McCool, Taylor Otwell and Jeffrey Way as they talk all things Laravel.

In this episode, we discuss new Laravel 5 features including annotated routing and middlewares. We discuss some motivations and guiding forces that make Laravel what it is. Also, hints about Jeffrey and Taylor's secret new project. The referenced article by @everzet can be found here: http://everzet.com/post/99045129766/introducing-modelling-by-example.

You can listen to this latest episode either by using the in-page audio player, by downloading the mp3 or by subscribing to their feed.

Link: http://www.buzzsprout.com/11908/212256-episode-18-laravel-5-routing-the-war-over-php-annotations-and-the-secret-weapon-tm

Joshua Thijssen: Deepdive into the symfony2 security component: part 1

Mon, 10/20/2014 - 16:26

On the latest post on his site Joshua Thijssen has kicked off a series taking a deep dive into the Symfony security component, a key piece in the security of Symfony-based applications. In this first part of the series he introduces the component and starts in on some of the features it offers.

Once in a while I like diving into code and see how things work under the hood. And as the symfony2 framework consists of many different components, bundles and bridges, there is a lot to discover. But ultimately, the code itself mostly isn't really as complex as it might seem from the outside world: just like a good magic trick, once unraveled, it all seems very simple and makes sense.

However, this is not true for one of those components: the security component. This black box full of dark magic doesn't like to give up its secrets, and after some (miserably) failed attempts, I am trying to unravel it once more in a few blog posts. Either we achieve complete victory, or fail yet again.. At this point, I will give both fair odds.

He starts off with an overview of the component, pointing out the two main things is handles: authentication and authorization. He also pulls in a few other things to do with security in Symfony to give a more complete, well rounded picture - the component itself, the security bundle and security bridges. He gets into a bit more detail about this last one and describes their specific use.

Link: https://www.adayinthelifeof.nl/2014/10/19/deepdive-into-the-symfony2-security-component-part-1/

Rob Allen: Setting up PHP & MySQL on OS X Yosemite

Mon, 10/20/2014 - 15:43

Rob Allen has posted a quick guide to help you get PHP and MySQL set up on Yosemite, the latest version of Apple's OSX operating system (just released last week).

t's that time again; Apple has shipped a new version of OS X, 10.10 Yosemite. Apple ships PHP 5.5.14 with Yosemite and this is how to set it up from a clean install. However, if you don't want to use the built-in PHP or want to use version 5.6, then these are some alternatives [including the Liip binary package, Homebrew or Zend Server 7.x).

He opts for the Homebrew method, installing it first then getting into the PHP and MySQL packages. This is all done from the command-line, so you'll need to be comfortable there. He includes the commands needed to install PHP, MySQL and Apache along with all configuration changes to make them work together. He also shows how to install Xdebug, PEAR, Composer and the Mcrypt & Intl extensions if needed.

Link: http://akrabat.com/php/setting-up-php-mysql-on-os-x-yosemite/

Community News: Packagist Latest Releases for 10.20.2014

Mon, 10/20/2014 - 14:01
Recent releases from the Packagist: