Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Tomas Votruba:
How to Load --config With Services in Symfony Console
May 15, 2018 @ 09:11:43

On his site Tomas Votruba continues his look at the Symfony/Console component of the Symfony framework. In this latest article he walks through the loading of configuration options from a file provided by a --config option on the command line.

PHP CLI apps usually accept config, to setup their behavior. For PHPUnit it's phpunit.xml, for PHP CS Fixer it's .php_cs, for EasyCodingStandard it's easy-coding-standard.yml, for PHPStan it's phpstan.neon and so on.

In the first post about PHP CLI Apps I wrote about poor DI support in PHP CLI projects.

Today we look on the first barrier that leads most people to prefer static over DI - how to load config with services.

He starts off talking about the "chicken and egg" issue when it comes to loading configuration: needing a configuration to create an Application instance which then needs the config (and so on...). He then walks through three possible solutions:

  1. Not using a container to manage dependencies for the application
  2. Setting up a container in a command
  3. Using the ArgvInput input helper to pull directly from the arguments

He gets into more detail on this last method, providing code examples and input/output examples of it in use. Unfortunately this method also introduces some undesired dependencies between commands. He finishes the post with an alternative: setting up option definitions in the getDefaultInputDefinition method of the main application and having them available to all commands.

tagged: symfony console service argument commandline tutorial application

Link: https://www.tomasvotruba.cz/blog/2018/05/14/how-to-load-config-with-services-in-symfony-console/

Exakat Blog:
EPIC : Exakat PHP Index of Coding (May 2018)
May 04, 2018 @ 11:46:36

The Exakat blog has an interesting post to their site sharing some statistics from the applications they've scanned related to commonly used coding styles. In this PHP Index of Coding (for 2018) they share a listing of practices in the order of popularity according to the results of over 1700 projects.

Not using @ is the poster child of good practices. It’s also looked upon, as an impossible goal. Did you know that the @ operator is only merely used by 50% of PHP applications ? Same for parenthesis with include (and co) : don’t use them, like 50% of the developpers. This is how the Exakat PHP Index of coding was born.

Every month, Exakat runs thousands of analysis on half a billion lines of PHP code. This is primarily for testing purpose, a kind of torture test that checks the engine runs on any kind of code. And it is very useful to ensure all situations are correctly handled.

We also extracted the following stats out of 1700+ projects, analysis by analysis. This way, any issue may be ranked from ‘wide spread’ to ‘very unusual’. In fact, ‘wide spread’ may also be understood as : ‘almost a feature’.

The results are ranked by frequency of appearance with the top five being:

  • Uses Default Values
  • Used Once Variables (In Scope)
  • Unused Methods
  • Method Could Be Private Method
  • Should Use Local Class

For each item in the list there's a link to more information about the check and how much it has changed since the last time the index was generated.

tagged: exakat indexofcoding review application codingstyle rating 2018

Link: https://www.exakat.io/exakat-coding-index-2018-05/

Michaelangelo van Dam:
Testing your e-commerce PHP application
May 02, 2018 @ 10:10:45

Michelangelo van Dam has a new post on his site sharing some helpful hints you can use to test your e-commerce application, be it WooCommerce or other popular PHP-based e-commerce packages.

I'm participating (as much as possible) in the #30daysoftesting challenge organised by Ministry of Testing and SauceLabs. If you're interested, read the full 30 Days of E-Commerce Testing article and join this fun and educational challenge.

The 2nd challenge on the list was to read and share interesting blog articles about E-commerce testing. Since I'm working as a PHP professional I thought it would be great if I oriented my focus on testing PHP based E-commerce platforms. I picked WooCommerce as it's an easy to install and use E-commerce solution. For Magento, PrestaShop and others I've added useful links at the bottom of this article.

He then gets into the details of WooCommerce and what it has available from a testing perspective. He also includes links to a few resources for more general WordPress testing too. The remainder of the post consists of links to more information about testing the other popular e-commerce packages: Magento, PrestaShop, OpenCart, Sylius and Laravel-based packages.

tagged: testing ecommerce application woocommerce magento prestashop

Link: https://www.dragonbe.com/2018/05/testing-your-e-commerce-php-application.html

Learnk8s.io Blog:
How to deploy Laravel to Kubernetes
Apr 30, 2018 @ 13:10:24

The Learnk8x.io blog has a tutorial they've posted showing you how to deploy a Laravel application to Kubernetes. Kubernetes is a system created to make it simpler to deploy containerized applications in a clustered context.

Vagrant is very good with setting up a local environment similar to a remote server. However, in production, you will most likely require more than just one web host and one database. You’ll probably have separate services for several requirements. You also need to have mechanisms in place to ensure that the application is always online and that the servers can efficiently balance the load.

In this article, I’ll explain how to deal with the simple requirement of running a Laravel application as a local Kubernetes set up.

The article then gets into the "whats" and "whys" of using Kubernetes and an introduction to the Minikube local Kubernetes environment. It runs through some of the prerequisites to getting the deployment set up and provides the Docker configuration to create and link the containers together. With that defined it provides the commands to get the environment up and running and the application deployed. The final part of the tutorial covers the scaling of the system and allowing ingress to the application through a certain URL.

tagged: kubernetes tutorial deploy laravel application docker container

Link: https://learnk8s.io/blog/deploying-laravel-to-kubernetes

Matthias Noback:
Combing legacy code string by string
Apr 18, 2018 @ 09:15:59

In a new post to his site Matthias Noback takes a look at legacy applications and two things that most of them seem to have in common: classes that are too large and too generic methods. In this post he discusses these two topics and some of the tactics you can use to help refactor and resolve them.

I find it very curious that legacy (PHP) code often has the following characteristics:
  • Classes with the name of a central domain concept have grown too large.
  • Methods in these classes have become very generic.

He starts by tackling the "classes too large" problem, suggesting that it's usually just a matter of developers slowly adding to existing functionality rather than introducing large chunks of code all at once. Moving on to the "generic methods" issue, he lays out a common scenario showing how a method evolves over time to repurpose it for other uses thank its original intent. He recommends "taking a step back" and picking apart the code to make the functionality more specific in the places it's used.

tagged: legacy application generic method large class tutorial

Link: https://matthiasnoback.nl/2018/04/combing-legacy-code-string-by-string/

Michael Dyrynda:
Sharing databases between Laravel applications
Apr 13, 2018 @ 09:39:16

Michael Dyrynda has a new post to his site showing the Laravel users out there how to share a database between your applications. In his case one of the applications is a legacy app and the other is a newer Laravel application.

As a contractor, I had a sanitised copy of the database, and I managed to reverse engineer the Eloquent models from the database schema, creating factories along the way, in order to be able to write tests for the members application.

In late 2017, we started migrating our CRM to Laravel as well, in order to modernise the code base a bit, give it a standard structure, and make it easy to make changes to it moving forward. Now that we had two Laravel applications, we started looking at how best to share data between them.

He starts by talking about reverse engineering the models from the database structure and the use of migrations to manage the database schema. In the end he created a stand-alone tool, Nomad, that helps to keep things in sync between the two databases. He includes examples of it in use and how it helped to keep the database in sync despite permissions issues and connection problems. He also mentions how they used it to take care of some testing issues, database configuration changes and how to use it in a continuous integration pipeline.

tagged: share database laravel application nomad tool migration schema

Link: https://dyrynda.com.au/blog/sharing-databases-between-laravel-applications

Fortrabbit Blog:
Your responsibility: App security
Apr 09, 2018 @ 11:45:17

On the Fortrabbit blog there's a post from Oliver Stark about securing your PHP application based on an experience they had with a recent support ticket.

A few days ago, late in the evening, we received a support ticket with the [message asking if their site had been hacked]. The support team started the conversation with the client and checked the domain routing first. It quickly became clear that the redirects to the phishing domain happened on our platform, so they searched the access logs for suspicious requests.

As they searched the logs, other similar requests showed up pointing back to a root.php file that seemed to be taking commands from URL parameters. This kind of script is called a "webshell" and is usually uploaded via a vulnerability with a plugin, poorly guarded upload forms or bad input validation. After some additional tracking, the vulnerability was located in the site's "vendor" folder that was web accessible. The post finishes with some recommendations to keep this from happening to you and your application including keeping dependencies up to date and preventing direct "vendor" folder access.

tagged: application security fortrabbit webshell experience

Link: https://blog.fortrabbit.com/app-sec

TutsPlus.com:
Deploy PHP Web Applications Using Laravel Forge
Mar 20, 2018 @ 11:09:46

The TutsPlus.com site has posted a new tutorial showing you how to make use of the Laravel Forge service to deploy your PHP applications. Laravel Forge provides the configuration and automation tools to deploy your applications to servers on your own accounts (like DigitalOcean or AWS).

Developers love to automate things—for every process between development and production, they are keen to have a script that makes their workflow easier. This is also the case with deployment. The process of pushing the final build and deploying the app should be as easy as pressing a Deploy now button, but that is not what happens most of the time.

[...] Don't let the Laravel brand name mislead you. Apart from Laravel, you can use the service to host WordPress, Symphony, Statamic, or any other web project as long as it's PHP. Personally, I like Laravel Forge for its simplicity and ease of getting used to.

In this tutorial, I am going to take you through the steps to hook Laravel Forge with AWS and explore what it has to offer.

The tutorial starts with an overview of the service and what kind of setup and configuration the resulting servers have (by default). It then covers the various configuration options available and walks you through the process of setting it up with your AWS account. It also includes details about the server management system Forge provides, site management, SSH key addition and PHP/MySQL configuration. A few other helpful hints are also tossed in at the end covering task scheduling, daemons, monitoring and network/firewall configuration.

tagged: application deployment laravelforge laravel tutorial aws introduction

Link: https://code.tutsplus.com/tutorials/deploy-php-web-application-using-laravel-forge--cms-30329

Exakat Blog:
Largest PHP applications (2018)
Mar 19, 2018 @ 11:35:46

On the Exakat blog there's a new post that includes the details of the largest PHP applications currently available (and popular) based on their own scanning of Open Source Projects.

When testing the exakat static analysis engine, I need to run it on real code. Open Source projects are a real blessing there, since they come in different shapes and stripes. [...] Nowadays, code bases tends to be smaller, compared to more ancient applications. Components are the norm, and they impact both the development of the application, and its extension.

[...] For this survey, we collected 1885 Open Source applications, and counted only their tokens. Tokens are PHP atomic elements, that are needed to understand and run code. Comments, white spaces and delimiters were not counted, leaving only the useful tokens. Then, the more the larger is the application.

The post lists out the top 100 largest PHP applications (by tokens, not by line) including:

  • Magento2 (#6)
  • Drupal (#12)
  • Yii (#21)
  • Joomla (#36)
  • Symfony (#52)
  • Apigility (#80)

The list comes with the count of tokens and is an update of their 2016 largest PHP applications post.

tagged: large application token size project opensource scanner

Link: https://www.exakat.io/largest-php-applications-2018/

Algotech Solutions:
Converting to another web framework: Basic apps in Symfony and Django
Mar 08, 2018 @ 11:19:34

On their Medium.com site Algotech Solutions has a post that does a side-by-side comparison of two web applications frameworks from two different languages: Symfony in PHP and Django in Python.

Many times have I heard the following from a developer: “I am scared to change technologies”, “I am excited but I’m afraid it will be entirely different”, “I only know , I’ve never seen any code in my life!”. Sounds familiar? This article will show you that different web frameworks are not in fact that different.

With the advent of open source software, modern frameworks have inspired each other in adding and improving features for easier and more efficient usage. I will try to explain the abstract notions under MVC Web frameworks and how you can easily implement them through any framework and programming language needed.

The article then walks through the basic setup and creation of a web application in each, going through:

  • Installation
  • Generating the sample application (Jobeet)
  • Configuring the controllers and views
  • Creating the view output

All of the code and command line calls are included in the post too. If finishes out with an overview of the similarities between the two frameworks and briefly mentions some of the differences (like when it comes to model handling).

tagged: framework convert symfony python django similarities application tutorial

Link: https://medium.com/algotech-solutions/converting-to-another-web-framework-basic-apps-in-symfony-and-django-f55332030c44