Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

KnP University:
Introducing Guard: Symfony Security with a Smile
Jul 14, 2015 @ 09:15:05

The KNP University site has a post that talks about a new library they've created (and matching tutorial series) about an easier method to handle authentication in your Symfony applications: Guard.

Symfony’s authorization system - the stuff related to voters and roles - is awesome. It’s simple, it kicks butt, and it’s one of my favorite things, just behind fresh-baked cookies.

But then there’s that other part: authentication. This is how you login: maybe with a form or via OAuth, like Facebook login. This part is probably the single worst part of Symfony. It’s over-engineered, hard to customize and no fun to work with. [...] This problem was screaming for a solution. If we could make Symfony’s authentication system simple and fun, the whole security system would go from a pain, to a powerful tool.

The library they've created, Guard centralizes the authentication handling into one place (via an interface) and makes the basics of authentication handling simpler. In their tutorial they walk you through the use of Guard as a part of a bundle complete with examples of login form and API token authentication handling. He ends the post with a quick comment about a "secret goal" he has to try to have Guard included in symfony itself.

tagged: guard symfony authentication library bundle tutorial simple

Link: http://knpuniversity.com/blog/guard-authentication

Symfony Finland Blog:
PHP and Symfony: Structure, Stability and Flexibility
Jul 03, 2015 @ 09:12:45

On the Symfony Finland blog they've posted a look at Symfony's past, present and future in terms of its structure and goals of stability and flexibility. This also includes some of the origins of PHP itself and how it evolved to the stage where creating framework made sense.

I like to think of modern PHP frameworks as glue to put together components to form something that is more than the sum of it's parts. [...] The Symfony Framework is a standard way (and framework code) to create applications using components. The application is always built with a specific structure, which allows code reuse of complete functionalities (Bundles in Symfony lingo) across projects. If you build using a collection of components, you'll need to invest time in learning how that software has decided to use the available components.

He talks more about the idea of components and how they make up a greater whole (like Symfony) and how they relate to the idea of "bundles". He then looks forward to the future of the framework, its long-term support and its work towards being fully PHP7 compatible.

The combination of the PHP language at 20 years and the Symfony framework at 10 years offers a stable platform with flexibility to adapt and grow in the future.
tagged: symfony framework past present future component bundle stability structure flexibility

Link: https://www.symfony.fi/entry/php-and-symfony-structure-stability-and-flexibility

Marc Morera:
Visithor, Testing Your Routes Without Pain
May 05, 2015 @ 09:25:55

In his latest post Marc Morera shares a new tool he's created to help with testing routes for specific HTTP code responses and other attributes of your "HTTP layer" - Visithor.

Many years ago I was thinking about a simple and fast tool to test specific routes, expecting specific HTTP codes and providing an easy environment of ensuring properly your HTTP layer. So... I present you Visithor, a PHP based library that provides you this functionality, with a simple configuration definition and a very easy way of installation.

He starts with a few quick commands to get the library installed (either globally or local to the project) and how to create the first configuration file. This file defines the tests to execute as a set of URLs with allowed HTTP response codes. He also shares a Symfony2 bundle that can be used to integrate it with your current application, allowing for more flexibility in route check configuration and environment settings. He also includes a quick example of integrating it with your Travis-CI build as a "script" command to be executed.

tagged: visithor library testing http response code symfony2 bundle integration

Link: http://mmoreram.com/blog/2015/05/04/visithor/

Programming Are Hard:
Structuring my applications, Cont'd
Mar 09, 2015 @ 12:03:16

The Programming Are Hard site continues its look at structuring Symfony-based applications in part two (it's just two parts) building on the structure and foundation laid out in part one.

It really irks me when I see some design/architecture decisions other developers have made but there's no technical explanation. What packages did they use? What challenges did they face? What trade-offs were made? I'll go over some more specifics in this post.

He recaps some of the things covered in the previous post first, ensuring everyone is on the same page. He then gets into the concept of "bundles" and how they encapsulate functionality. From there he talks about commands, controllers, dependency injection and lots of other topics, each with their own summary and a bit of code where needed for clarification.

tagged: structuring application symfony bundle command controller di form provider repository resource serialize

Link: http://programmingarehard.com/2015/03/05/structing-my-application-contd.html

SitePoint PHP Blog:
Grumpy Programmer’s Testing Bundle: Review
Feb 09, 2015 @ 13:18:22

The SitePoint PHP blog has posted a book review of a book bundle from the "Grumpy Programmer" (aka Chris Hartjes) with content about testing - how to test, what to test and creating testable applications.

After having gotten some constructive feedback regarding my testing practices on the basic TDD in your new PHP package tutorial, I decided to read Chris Hartjes “Grumpy Testing Bundle”, a set of two books consisting of The Grumpy Programmer’s Guide To Building Testable PHP Applications and The Grumpy Programmer’s PHPUnit Cookbook. It was my hope that those books will prevent me from using the shoddy practices I displayed in that original post and which originally prompted Matthew Weier O’Phinney’s critique. In this post, I’d like to share with you what I’ve learned, and how much this helped me, if at all.

He breaks down the bundle and talks about each of the two books separately, pointing out places he thought were most useful and others where he felt it needed updates/more clarification. He includes examples of some of the code shared in the books as illustrations and what kind of overall rating he gives it (in elePHPants naturally).

tagged: book review grumpyprogrammer chrishartjes review bundle

Link: http://www.sitepoint.com/grumpy-programmers-testing-bundle-review/

Joshua Thijssen:
Deepdive into the symfony2 security component: part 1
Oct 20, 2014 @ 10:26:33

On the latest post on his site Joshua Thijssen has kicked off a series taking a deep dive into the Symfony security component, a key piece in the security of Symfony-based applications. In this first part of the series he introduces the component and starts in on some of the features it offers.

Once in a while I like diving into code and see how things work under the hood. And as the symfony2 framework consists of many different components, bundles and bridges, there is a lot to discover. But ultimately, the code itself mostly isn’t really as complex as it might seem from the outside world: just like a good magic trick, once unraveled, it all seems very simple and makes sense.

However, this is not true for one of those components: the security component. This black box full of dark magic doesn’t like to give up its secrets, and after some (miserably) failed attempts, I am trying to unravel it once more in a few blog posts. Either we achieve complete victory, or fail yet again.. At this point, I will give both fair odds.

He starts off with an overview of the component, pointing out the two main things is handles: authentication and authorization. He also pulls in a few other things to do with security in Symfony to give a more complete, well rounded picture - the component itself, the security bundle and security bridges. He gets into a bit more detail about this last one and describes their specific use.

tagged: symfony security bundle component overview deepdive series part1

Link: https://www.adayinthelifeof.nl/2014/10/19/deepdive-into-the-symfony2-security-component-part-1/

Mathias Noback:
Semantic versioning for bundles
Sep 30, 2014 @ 11:26:40

In a recent post to his site Mathias Noback looks at the use of semantic versioning, introducing some of its basic concepts and how it can relate to the work done in Symfony bundles.

Semantic versioning is an agreement between the user of a package and its maintainer. The maintainer should be able to fix bugs, add new features or completely change the API of the software they provide. At the same time, the user of the package should not be forced to make changes to their own project whenever a package maintainer decides to release a new version.

He breaks down what the version numbering represents (major, minor and patch versions) and how they work with Symfony's "semver" to handle issues that come with backwards compatibility concerns. He then looks at a few things to consider when versioning your bundles and how it relates to the underlying libraries it might use:

  • Bundles expose an API themselves
  • The API of a bundle leads a life on its own
  • A library may contain bugs that are totally unrelated to the bundle
  • A library may contain features that are not implemented by the bundle

Ultimately, he suggests that bundle versioning should have nothing to do with the underlying libraries/packages. It's his opinion that they should only be reversioned when there is a change in the actual bundle.

tagged: semantic versioning symfony bundle package library opinion

Link: http://php-and-symfony.matthiasnoback.nl/2014/09/semantic-versioning-for-bundles/

Mattias Noback:
Backwards compatible bundle releases
Sep 29, 2014 @ 12:31:09

In his latest post Matthias Noback talks about a problem common to Symfony bundles (and, well, software in general) - dealing with backwards compatibility and breaks that could be introduced with new changes.

With a new bundle release you may want to rename services or parameters, make a service private, change some constructor arguments, change the structure of the bundle configuration, etc. Some of these changes may acually be backwards incompatible changes for the users of that bundle. Luckily, the Symfony DependenyInjection component and Config component both provide you with some options to prevent such backwards compatibility (BC) breaks.

He breaks the post up into a few different kinds of backwards compatibility breaks that could happen and code examples of each:

  • Renaming things
  • Changing visibility
  • Changing values

Each topic also includes methods for preventing issues with older users who maybe aren't using the new features. This includes things like sane default values for new settings, renaming services and creating new extensions for working with new properties.

tagged: symfony bundle backwards compatibility changes prevent rename visibility values

Link: http://php-and-symfony.matthiasnoback.nl/2014/09/backwards-compatible-bundle-releases/

SitePoint PHP Blog:
Understanding Symfony Bundle Configuration and Service Container
Feb 04, 2014 @ 10:46:03

The SitePoint PHP blog has a post today for those that may be new to the Symfony framework or just wanting to get into it and having trouble understanding bundle configuration. In this new post Carl Vuorinen walks you through this process, combining an example bundle with its configuration.

In this post we’ll cover different ways on how to configure Bundles in Symfony2 and how the dependency injection container works with the configuration. The Bundle configuration and Symfony dependency injection container (also known as service container) can be difficult concepts to grasp when first starting development with Symfony2, especially if dependency injection is not a familiar concept beforehand. [...] I am used to working with YAML because I think it’s more readable than XML, but you do get the benefit of schema validation when using XML.

He briefly introduces the concepts behind "bundles" in Symfony and two ways to create one - either via the generator on the command line or manually. He also shows two ways to get a bundle's configuration loaded. There's the "easy way", configuring it inside the main "confix.yml", or the slightly harder way of adding a configuration file inside the bundle structure itself and using the "get" method to grab the values manually. With the location(s) of the configuration defined, he gets into the contents of the file and its structure. Finally, he shows the complete example, an "ExampleBundle" with a "greet" method that accepts the configuration value from the "cvuorinen_example.greeter" setting.

tagged: symfony bundle configuration container service tutorial introduction

Link: http://www.sitepoint.com/understanding-symfony-bundle-configuration-service-container

Matthias Noback:
Symfony2: Add a global option to console commands and generate a PID file
Nov 26, 2013 @ 14:06:11

Cal Evans has pointed out a post by Matthias Noback related to Cal's "Signaling PHP" book and an idea presented in one of the appendices - working with PID files as a global option. Mattias writes:

Recently I read the book Signaling PHP by Cal Evans. It’s a short book, yet very affordable and it learned me a couple of things. First of all it explains about how you can “capture” a Ctrl+C on your long-running command and do some necessary cleanup work before actually terminating the application. In the appendix it also mentioned the interesting concept of a PID file. [...] In Appendix A of “Signaling PHP”, Cal writes about a way to extend a Symfony command to automatically create such a PID file before executing its task, and to delete this file afterwards.

Mattias shares what he calls a "hack" to make it happen globally - using the eventing system built into the Symfony Console functionality and the "console.command" event. He creates a bundle to help with the reading/writing of the PID file and shows how to implement it as a part of the event handling. He does point out one problem with this method (that the "input" object isn't available) so he works around it with the "ArgvInput" component and some manual handling to grab the PID file location provided.

tagged: symfony2 console option command pid file tutorial bundle

Link: http://php-and-symfony.matthiasnoback.nl/2013/11/symfony2-add-a-global-option-to-console-commands-and-generate-pid-file/