Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PEAR Blog:
PEAR 1.10.0 with PHP7 support is out
Oct 07, 2015 @ 12:55:22

In a quick post on the PEAR blog there's an announcement about the release of a version of the tool with full PHP 7 support, version 1.10.0.

After a year of development, PEAR [version 1.10.0](http://pear.php.net/package/PEAR/download/1.10.0) has been released. It works on PHP7 and is [E_DEPRECATED](http://php.net/manual/en/errorfunc.constants.php#errorfunc.constants.errorlevels.e-deprecated-error) and [E_STRICT](http://php.net/manual/en/errorfunc.constants.php#errorfunc.constants.errorlevels.e-strict) compatible.

Apart from those big changes, a number of annoying bugs have been fixed and some features implemented – have a look at the release notes and the roadmap. Thanks to Ferenc Kovacs, Hannes Magnusson, Remi Collet and Ken Guest for their patches.

The post includes the commands you'll need to do to upgrade to this latest version, a simple two-step process of clearing the current cache and performing the upgrade. If you're installing PEAR for the first time, you can follow along with the documentation to get up and running quickly.

tagged: pear php7 support release announcement

Link: http://blog.pear.php.net/2015/10/07/pear-1-10-0/

Paragon Initiative:
How to Safely Implement Cryptography Features in Any Application
Oct 07, 2015 @ 11:51:41

The Paragon Initiative blog has posted a new article showing you how to safely implement cryptography in any PHP-based application (or really just about any application) with the help of libsodium.

Why not {Mcrypt, OpenSSL, Bouncy Castle, KeyCzar, etc.}? These cryptography libraries are really building blocks that by and large must be used, with expert care, to build the interfaces you want developers to use. In most cases, libsodium is the interface you want developers to use. [...] By default, these libraries don't provide [authenticated encryption](https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken). Most of them force developers to use RSA (or ECDSA but certainly not EdDSA), which is [hard to get right](http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html) and for which [index calculus attacks are improving each year](https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2501/original/20141227.pdf).

He goes on to talk about NaCI as a possible option (libsodium is from a fork of it) but points out that NaCI isn't as easily available as libsodium to non-C/Python developers. He shares a few reasons why he thinks "libsodium is so great" and a few reasons not to use it (mostly dealing with outside limitations, not technical ones). Finally he points you in the right direction to help you get started using libsodium for PHP as a PECL extension.

tagged: cryptography feature safe guide tutorial introduction pecl extension

Link: https://paragonie.com/blog/2015/09/how-to-safely-implement-cryptography-in-any-application

SitePoint PHP Blog:
Functional Prog, Distributed DBs, JSON-Patch and More!
Oct 07, 2015 @ 10:31:27

The SitePoint PHP blog has posted a wrapup/review of the WebCampZG conference that happened in Croatia back on October 3rd & 4th (2015). It's "an annual conference for web developers, held in Zagreb on the first weekend of October".

This weekend, Chris Ward (the mobile channel editor at SitePoint) and me attended [Webcamp ZG](http://www.sitepoint.com/webcamp-zagreb-2015-a-conference-you-must-not-miss), the annual international web-oriented conference in Zagreb, Croatia. [...] The conference is a two day event, each day spearheaded by a keynote type of talk before diving into the bulk of the content. The schedules of both days contained plenty of breaks with food, drinks and snacks scattered throughout, providing for both energy and excellent socialization and networking contexts.

He covers both days of the event, talking about the sessions that were presented (including one from SitePoint-er Chris Ward) and the evening activities that followed. Despite some missteps in session content and the wifi - always a problem at tech conferences - Bruno found the event "a blast" and plans on attending in the future.

tagged: webcampzg webcampzg15 zagreb croatia conference wrapup review

Link: http://www.sitepoint.com/functional-programming-distributed-databases-json-patch-and-more/

PHP Town Hall Podcast:
Episode 44: Live From PNWPHP
Oct 07, 2015 @ 09:26:26

The PHP Town Hall podcast has posted their most recent episode, Episode #44, where they were live from the Pacific Northwest PHP Conference that happened back in September (2015).

Live from [PNWPHP ‘15](http://pnwphp.com/), Ben and Phil are joined by guests [Ben Marks](https://twitter.com/benmarks), [Yitzchok Willroth](https://twitter.com/coderabbi) and later we are joined by returning guest [Sara Golemon](https://twitter.com/SaraMG) who popped in to talk about HHVM/Hack while Phil played waiter for the rest of the episode.

Ben talks about Magento and some of his conference traveling madness, as does Yitz, who got trapped in a hotel for a whole weekend due to some interesting combination of Jewish holidays and an argument over the interational date line in New Zealand. Phil also tells us all about his NZ speeding ticket, mowing down possums like it’s Carmageddon, and makes a few terrible jokes because he’s scarily sober.

You can listen to this latest episode either through watching it on the in-page video player, using the in-page audio player or just downloading the mp3 of the show. If you enjoy it, be sure to subscribe to their feed and follow them on Twitter to get updates on when new episodes are released.

tagged: phptownhall ep44 pnwphp conference live benmarks yitzchokwillroth saragolemon

Link: http://phptownhall.com/blog/2015/09/12/episode-45-good-evening-seattle/

Community News:
Recent posts from PHP Quickfix (10.07.2015)
Oct 07, 2015 @ 08:05:02

Recent posts from the PHP Quickfix site:



Community News:
Rogue Wave Software Acquires Zend
Oct 06, 2015 @ 14:57:39

Zend has posted a new press release about their acquisition by Rogue Wave Software, a company specializing in tools and services "making it easy to write, test, and run complex code."

Rogue Wave Software announced today that it has acquired Zend Technologies, the leader in end-to-end PHP web and mobile application development and deployment solutions. With 50 percent of the web workload running on PHP, including Magento, Drupal, and WordPress, Zend products drive PHP in the enterprise, from code creation through production deployment.

[...] “Today’s announcement expands Rogue Wave into PHP web and mobile application development, underscoring our goal to make developers heroes by accelerating their ability to create great code,” said Brian Pierce, CEO of Rogue Wave.

It's something that's definitely taken the PHP community by surprise and left many wondering what the future of the language my hold with Zend having been such a critical part of the engine that parses and executes the PHP code we write every day. Chris Tankersly has already shared some of his thoughts on the matter and why, as he puts it, this "doesn't matter" to PHP and it's community as much as some are thinking.

tagged: zend acquire roguewavesoftware roguewave company software tools code

Link: http://www.zend.com/en/resources/news-and-events/newsroom/press/3683_rogue-wave-software-acquires-enterprise-php-leader-zend-acquisition-broadens-enterprise-strength-across-top-five-development-languages

Exporting Drupal Nodes with PHP and Drush
Oct 06, 2015 @ 11:09:11

The php[architect] site has posted a tutorial showing you how to export Drupal nodes with Drush and a bit of regular PHP. Drush is a command line tool that makes working with Drupal outside of the interface simpler and easier to automate.

Drupal 8 development has shown that PHP itself, and the wider PHP community, already provides ways to solve common tasks. In this post, I’ll show you some core PHP functionality that you may not be aware of; pulling in packages and libraries via Composer is a topic for another day.

The tutorial walks through a more real-world situation of needing to export a CSV file that shows a list of nodes added to the site after a specific date. He points out some of the benefits of doing it the Drush way and starts in on the code/configuration you need to set the system up. He shows how to create the Drush command itself and update it with a method to export the newest nodes (after validating the date provided). He makes use of a SplFileObject to output the results from the EntityFieldQuery query out into to the CSV file. He makes use of PHP's generators functionality to only fetch the records a few at a time. Finally he includes the command to execute the export, defining the date to query the node set and how to push that output to a file.

tagged: export drupal node drush commmandline csv output query generator

Link: https://www.phparch.com/2015/10/exporting-drupal-nodes-with-php-and-drush/

Knp University:
Fun with Symfony's Console Component
Oct 06, 2015 @ 10:26:41

In a post to the Knp University blog they show you some of the fun you can have with the Symfony Console component in a single file including a few lesser known (and lesser used) features.

One of the best parts of using Symfony's Console component is all the output control you have to the CLI: colors, tables, progress bars etc. Usually, you create a command to do this. But what you may not know is that you can get to all this goodness in a single, flat PHP file.

They walk you through the creation of a ConsoleOutput object with a simple writeln output of a formatted method. They briefly mention the handling for changing up the output (OutputFormatter and OutputFormatterStyle) before getting into something a bit more complex - table layouts. They end the post with an interesting "hidden" feature inside the component, the Symfony track progress bar (animated gif included to show the end result).

tagged: symfony console component feature pretty output table track progressbar

Link: http://knpuniversity.com/blog/fun-with-symfonys-console

Loïc Faugeron:
Decouple from Frameworks
Oct 06, 2015 @ 09:48:23

In this recent post to his site Loïc Faugeron shows his support for a pretty common "battle cry" among developers that make use of one of the many PHP frameworks out there: decouple from your framework (including a few strategies how).

Frameworks solve infrastructure problems, for example how to create a HTTP or CLI application. While necessary, those concerns don't add any value to your project: the business need will not be fulfilled by creating an empty application. As always, different responsibilities mean also different reasons to change: frameworks have a history of Backward Compatibility (BC) breaks and they do so regardless of your project.

[...] Does that mean that we shouldn't use any frameworks? Should we just don't care and embrace fully frameworks? This article will explain how to avoid both extremes, by decoupling from the framework. It can be done by restricting the framework to its infrastructure responsibilities (HTTP, CLI), by only using its entry points (Controller, Command) and by using the Command Bus pattern.

He uses a simple application to illustrate his points, starting with a basic Symfony installation with PHPUnit and PHPSpec installed. He builds a listener to handle JSON encoded content input and sets up the initial "Quote" controller that will take in the new request. He follows the TDD mentality along the way, testing first then writing the code to match the test. With that system in place, he talks about the ideas of commands (from the "command bus" world) and how that could be used to refactor out the "submit" logic and make it less dependent on the framework it lives in. This lets the framework handle the low-level functionality (HTTP request/response, routing, etc) while the logic sits in a more abstract, contained location.

tagged: decouple framework opinion commandbus refactor encapsulate

Link: http://gnugat.github.io/2015/09/30/decouple-from-frameworks.html

Community News:
Latest PECL Releases (10.06.2015)
Oct 06, 2015 @ 08:05:01

Latest PECL Releases:

  • mongodb 1.0.0beta2
    * PHPC-442: report PHP version in debug info

    • PHPC-409: $readPreference is no longer sent to non-mongos nodes
    • PHPC-438: Debug handler should display null for no WC error
    • PHPC-436: Handle new writeConcernErrors array in mongoc_write_result_t
    • PHPC-415: Add testcase
    • PHPC-415: SSL/TLS already set-up for this stream
    • PHPC-393: Ignore non-public properties when encoding BSON
    • PHPC-430, PHPC-377: Do not convert Query filter arg to an object
    • PHPC-377: Eliminate object casting and whole lot of zend hash helpers
    • PHPC-373: Get rid of MAKE_STD_ZVAL() and use bson_t instead
    • PHPC-430: Regression tests for Query arg corruption
    • PHPC-379: I broke PHP5.3 build. Thats OK, since we don't support it.
    • PHPC-427: Fix parsing of null WC journal param for PHP 5.4
    • PHPC-428: Remove support for WriteConcern fsync option
    • PHPC-427: Do not set WC journal/fsync to false for NULL args
    • PHPC-423: WriteConcern should report default "w" option as null
    • PHPC-426: WC ctor should throw for invalid $w and $wtimeout args
    • PHPC-425: WC ctor should accept int/string $w args w/o casting
    • PHPC-412: HHVM does not do SSL peer verification like PHP
    • PHPC-410: Make BSON exception message consistent with HHVM
    • PHPC-410: zval_to_bson() should throw on non-Serializable Type objects
    • PHPC-410: object_to_bson() should throw on unsupported BSONType objects
    • PHPC-410: object_to_bson() should encode non-stdClass objects
    • PHPC-418: Getters for WriteConcern properties
    • PHPC-418: Getters for ReadPreference properties
    • PHPC-417: Return value objects from Manager RP/WC getters
    • PHPC-408: Ensure object_to_bson() always creates a BSON document
  • timezonedb 2015.7
    Updated to version 2015.7 (2015g)