Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Shopify App Development Made Simple with HTTP APIs and Guzzle
Oct 27, 2016 @ 11:51:09

The SitePoint PHP blog has posted a tutorial from author Wern Ancheta digs into the Shopify API and shows you some simple methods to use it with Guzzle.

In this tutorial, you’re going to get started with developing Shopify apps. You’re going to create a simple app that lists out products from a Shopify store. [...] Shopify apps are a way of extending the functionality of a Shopify store or to provide ecommerce capabilities to websites or mobile apps.

The tutorial then starts in, showing you how to set up a Shopify Partner Account and create the "Store" instance you'll be using for the development. With that created, you'll have to set up a new application inside the store - this is what the script will actually connect with. From there they start in on the demo application, installing Twig, Slim, Guzzle and a few other libraries. They show the code to set up the simple Slim application along with a handful of routes, views and some SQL interaction. The tutorial includes the code for:

  • authenticating users against the API (and your store)
  • making requests to the API for product information
  • outputting the results to a simple page

If you're short on time or just want to jump to the end, you can get the code for this example in this GitHub repository.

tagged: shopify tutorial api http guzzle client shop application

Link: https://www.sitepoint.com/shopify-app-development-made-simple/

SitePoint PHP Blog:
From HTTP Messages to PSR-7: What’s It All About?
Oct 06, 2016 @ 11:57:03

The SitePoint PHP blog has a new tutorial posted hoping to demystify some of the confusion around HTTP and PSR-7, a standard from the PHP-FIG group around the handling of request and response messages in PHP applications.

The PHP Framework Interoperability Group (PHP-FIG) has relatively recently approved another proposal, the PSR-7: HTTP Messages Interface. The document crystallizes HTTP messages into 7 interfaces which a PHP library should implement if they subscribe to the specification. In PSR-7 By Example, Matthew Weier O’Phinney, editor of the PSR, gives an interesting overview of the specification. So what is it?

They start with the HTTP side of things, briefly covering what HTTP messages are and the format they're transmitted in. Using some example curl requests they show requests and responses involving normal responses, redirects and how they're broken down into objects implementing the MessageInterface, RequestInterface and ResponseInterface. They outline the PSR-7 specification in a UML diagram and talk about some of the challenges associated with PSR-7's handling (including the use of immutable objects and how it fits in with middleware handling).

The post ends with a listing of a few of the frameworks/libraries that already make use of the PSR-7 structure including Symfony, Slim, Guzzle and the HTTPlug client.

tagged: psr7 http messages tutorial introduction phpfig standard

Link: https://www.sitepoint.com/from-http-messages-to-psr-7-whats-it-all-about/

JoliCode.com Blog:
The journey of writing an API Client with PHP and some wise advices
Aug 25, 2016 @ 10:49:01

On the JoliCode.com blog there's a post sharing the experience of writing an API client with PHP including some advice to those out there considering doing the same.

My (love-)story with Docker started in December 2013, after having lost a 2 years long battle against Chef. I had been attracted to Docker for a couple of months, and I finally made the switch the day when I learned that it was built on a REST API. This meant that I could control all my infrastructure from PHP, which is the language I’m most partial to.

After some research, I found the library docker-php built by ubermuda, but, like all the things around Docker at that time, there was only a very limited support of the API. Like any decent developer (yes, it’s a troll), I started to write pull requests to fulfill my needs, and it was both the greatest and the worst thing that happened to me.

The post starts off with a brief history of PHP libraries working with HTTP requests (and the difficulties he had with Guzzle). This includes the fast pace that the library was changing at the time, making it difficult to keep the code maintained. He took a "step back" and decided to look more into HTTPlug and some changes to help bring it up to date. With that choice made, he got into the automation portion and using it work with the Docker API. He talks about some of the other technologies and tools he investigated along the way including Jane for working with JSON message schemas.

Maintaining an open source library is hard and takes time. However, these last years made me realize that we can control it, by moving features into other projects, trust people behind it, and by reducing the feature sets.
tagged: api client library advice http httplug jane json schema

Link: https://jolicode.com/blog/the-journey-of-writing-an-api-client-with-php-and-some-wise-advices

IBM Developer Blog:
Get Started With CouchDB Using PHP and Guzzle
Jul 28, 2016 @ 13:07:48

On the IBM Developer Blog they've posted a new article from Lorna Mitchell helping you get started with CouchDB and Guzzle, making use of this popular HTTP client package to interface with CouchDB's HTTP interface quickly and easily.

In today’s post, we’ll look at how we can use CouchDB in our PHP applications, using the excellent PHP HTTP library Guzzle. Guzzle is a modern, PSR-7 compliant object-oriented PHP library that handles all aspects of HTTP in a correct and — importantly, a scalable — way. So it’s a great way to add any HTTP-interfaced services into your application (PHP 5.5 and later, does support PHP 7).

She then starts off with the installation of Guzzle via Composer and some sample code to make the initial connection to the CouchDB server (either local or remote). With the connection up and working and a "welcome" banner returned, she shows some simple operations like:

  • getting a list of all databases
  • creating a new database
  • inserting and selecting data
  • updating and deleting data

Code is provided for each of these and, thankfully, Guzzle makes it a pretty simple process and handles most of the heavy lifting on the HTTP requests for you.

tagged: couchdb guzzle introduction database http install connect crud

Link: https://developer.ibm.com/clouddataservices/2016/07/27/get-started-with-couchdb-php-guzzle/

Community News:
HTTPoxy Vulnerability Announcement
Jul 19, 2016 @ 12:40:10

Recently a major security vulnerability was announced centering around the the HTTP "Proxy" header and how incorrect handling could result in major issues with external requests. In the PHP ecosystem, a major HTTP library - Guzzle - was vulnerable (along with any application using it). However, according to Michael Dowling, a lead developer on the project, a new release has already been made to correct the problem.

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict [between the "Proxy" and "HTTP_Proxy" headers]. This leads to a remotely exploitable vulnerability. If you’re running PHP or CGI, you should block the Proxy header now. Here’s how.

The main HTTPoxy site as more information about how you can test to see if your application is vulnerable and what software/server configurations are typically vulnerable. There's also more language-specific information on the page as well as some immediate mitigations for various web server types.

tagged: httpoxy http proxy header vulnerability announcement guzzle webserver

Link: https://httpoxy.org/

Alejandro Celaya:
Dispatch REST-like requests with a single controller class in Zend Expressive
Jun 27, 2016 @ 10:21:25

In a new post to his site Alejandro Celaya shows you how to dispatch REST-like requests in Zend Expressive using a single-controller method.

I was digging into Zend Expressive and how to use controllers that allow me to share dependencies between different routes, instead of having to use different middlewares every time. Abdul wrote a great article on this subject that you can find here, which also became part of Expressive's cookbook some time later.

This is a perfect approach that easily allows to reuse some code, but then I thought how to do something similar in a rest environment, having a single class with different dispatchable methods that will be called depending on the request's HTTP method. This is a possible solution based on ZF2's AbstractRestfulController.

He starts by creating an AbstractRestController class to handle the basics of the REST handling, essentially matching verbs to their actions. He then extends this with a RestUserController class that overrides the necessary methods for only the HTTP verbs you want to change. He then shows how to register the route so it can be used by any request verb type (GET, POST, PUT, etc).

tagged: zendexpressive tutorial rest request verb http zendframework2 abstractcontroller

Link: http://blog.alejandrocelaya.com/2016/06/24/dispatch-rest-like-requests-with-a-single-controller-class-in-zend-expressive/

Rob Allen:
Slim 3.4.0 now provides PSR-7!
May 09, 2016 @ 09:48:10

Rob Allen has a post to his site announcing the latest release of the Slim Framework - v3.4.0 - and an update that allows for full PSR-7 support, telling Composer that the framework fully supports it now as well.

I've been neglecting Slim's PR queue recently, so this weekend I dedicated a lot of time to merging all the good work that our contributors have done. As a result, I'm delighted to release version 3.4.0! This release has a larger set of changes in it than I would have ideally liked which is a direct consequence of having gone two months between releases rather than one.

One particularly interesting addition that we have a made this release is adding a provide section to our composer.json file. [...] This means that we have informed Composer that Slim provides a valid implementation of the interfaces in psr/http-message-implementation virtual package that defines the PSR-7 interfaces.

This basically means that if you're using other libraries/tools that require a PSR-7 compatible system to work correctly, they'll detect that Slim fully supports it.

tagged: slimframework slim3 psr7 support http message implementation composer

Link: https://akrabat.com/slim-3-4-0-now-provides-psr-7/

Lorna Mitchell:
OAuth2 with PHP's built in Streams Functions
Jan 07, 2016 @ 10:56:54

In a quick post to her site Lorna Mitchell reminds us that you can modify the options on the internal PHP streams (like for HTTP requests), more specifically to add a "Bearer" token value for OAuth2 integration.

For OAuth2, all I had to be able to do was to send an Authorization header with my web request from PHP. My second-favourite way of making API calls from PHP is to use PHP's stream handling, so I did that. It's not code you see very often but it's super-simple and it works on every PHP platform I've tried so far

She gives a few lines of code to show how to modify the options to add in the token value, basically using an array of options and a call to stream_context_create to create the context. This can then be used in future calls (like the file_get_contents she shows) to automagically send this information along with the request.

tagged: oauth2 http stream request builtin options bearer tutorial

Link: http://www.lornajane.net/posts/2016/oauth2-phps-built-streams-functions

SitePoint PHP Blog:
Breaking Free from Guzzle5 with PHP-HTTP and HTTPlug
Nov 09, 2015 @ 09:35:41

In a new tutorial from the SitePoint PHP blog editor Bruno Skvorc shows you how to "break free" from using the Guzzle HTTP client (which has become, by far, the most popular) and make it simpler to go with another option. He highlights the HTTPlug library that makes it easy to do just that.

In a previous series, we built a PHP client for Diffbot. The client works well and is in relatively widespread use – we even tested it on a live app to make sure it’s up to par – but it depends heavily on Guzzle 5.

There are two problems with this: Guzzle 6 is out, and supports PSR 7. [...] Someone implementing our client in their app might already have a preferred HTTP client in use, and would like to use theirs rather than Guzzle. [...] Coincidentally, there is a new project allowing us to do just that: HTTPlug.

He walks you through the installation of the library via Composer and covers what all kinds of functionality it contains. HTTPlug provides an "entry point" and unified interface for the HTTP client of your choosing, complete with interface packages to wrap the most common functionality. He shows how to refactor his Diffbot code to use the package, replacing the previous Guzzle dependency using the virtual package definition HTTPlug provides. He also updates some of the tests to use the HTTPlug package types rather than relying on Guzzle's object return types.

tagged: guzzle http client httplug library abstract tutorial

Link: http://www.sitepoint.com/breaking-free-from-guzzle5-with-php-http-and-httplug/

Cees-Jan Kiewiet:
ReactPHP: HTTP Client
Nov 05, 2015 @ 12:05:14

Cees-Jan Kiewiet has a post on his site focusing on the HTTP client side of the functionality offered by the ReactPHP. In this post he covers the basics of installation and usage with plenty of code examples (and screencasts of it in action).

Aside from a HTTP component ReactPHP also has a HTTP Client component that lets your send out HTTP requests. It is incredibly handy when you need to communicate with for example elasticsearch's REST API, AWS platform through their SDK or the RIPE Atlas API.

He walks you through the simple installation of the library (via Composer) and the code to send a simple request to an example.com domain, returning the HTML contents of the page. He then gets to some more complex examples: sending two requests at the same time, streaming the response body as it arrives and an example based on community feedback - streaming Twitter data. He ends the post with a community example showing the use of the Buzz HTTP client to make simple requests.

tagged: reactphp http client example stream twitter screencast

Link: http://blog.wyrihaximus.net/2015/11/reactphp-http-client/