Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Matthias Noback:
Reusing domain code
Sep 05, 2018 @ 09:38:01

Matthias Nobak has continued his series of posts covering software architecture and class structure. In a previous article he talked about using interfaces and in this latest tutorial he covers the reuse of "domain code", the main logic of your application (rather than the structure).

Last week I wrote about when to add an interface to a class. The article finishes with the claim that classes from the application's domain don't usually need an interface. The reason is that domain code isn't going to be swapped out with something else. This code is the result of careful modelling work that's done based on the business domain that you work with. And even if you'd work on, say, two financial software projects in a row, you'll find that the models you produce for each of them will be different in many subtle (if not radical) ways. Paradoxically you'll find that in practice a domain model can sometimes be reused after all. There are some great examples out there. In this article I explain different scenarios of where and how reuse could work.

He then goes on to cover three "reuse" situations, providing a summary for each:

  • Reuse-in-the-small
  • Reuse-in-the-large and software diversity
  • Reuse-in-the-even-larger: reusing entire subdomains

He finishes up the article sharing some thoughts about which of the types seems more obtainable and, in his experience, useful.

tagged: domain code reuse tutorial small large larger subdomain

Link: https://matthiasnoback.nl/2018/09/reusing-domain-code/

Christian Maioli Mackeprang:
Strategies for dealing with poor code in limited time
Aug 17, 2018 @ 12:52:49

Christian Maioli Mackeprang has a new post to his site sharing some of his recommendations of how you can deal with poor code in limited time when making changes (or adding new features) to an older codebase.

You’ve been given the task of implementing a new feature on an old codebase, but the code looks awful. How can you understand it as quickly as possible? Here are several shortcuts to help learn the important parts of new code without getting lost in the irrelevant details.

His list includes both technical and "people" related suggestions including:

  • Ask for help
  • Make it easy to reproduce bugs
  • Prepare for automated testing
  • Get on familiar ground before tackling critical code

For each item in the list he includes a summary of what's involved along with "dos" as well as "donts".

tagged: strategy code poor quality suggestion tutorial

Link: https://chrismm.com/blog/strategies-for-dealing-with-poor-code-in-limited-time/

Matthias Noback:
More code comments
Aug 16, 2018 @ 10:06:58

In response to a comment he saw on Twitter about comments in code, Matthias Noback has written up a post with some of his own thoughts.

Recently I read a comment on Twitter by Nikola Poša. [...] He was providing us with a useful suggestion, one that I myself have been following ever since reading "Clean Code" by Robert Martin. The paraphrased suggestion in that book, as well as in the tweet, is to consider a comment to be a naming issue in disguise, and to solve that issue, instead of keeping the comment. By the way, the book has some very nice examples of how comments should and should not be used.

Matthias starts with the suggestion that, when correctly written, code shouldn't need comments to be clear about what's happening. He encourages the use of the "refactor for clarity" method to remove comments and make the code more clear. He finishes the post by breaking down the types of comments (explanatory, todo and "wtf"), what they are/examples and in what situations they can be useful for.

tagged: code comment refactor opinion clarity types usefulness

Link: https://matthiasnoback.nl/2018/08/more-code-comments/

php[architect]:
August 2018 Issue Release - Masterful Code Management
Aug 06, 2018 @ 11:51:15

php[architect] magazine has posted the announcement of the release of their August 2018 issue: Masterful Code Management.

This issue includes articles like:

  • "Debugging PHP With Xdebug" by Mark Niebergall
  • "Pro Parsing Techniques with PHP, Part Three: Using Regular Expressions" by Michael Schrenk
  • "MySQL Generated Columns, Views, and Triggers" by Dave Stokes

All of the usual columns are back too including tips for using PhpStorm, using gitflow, secure token management and PHP community. You can pick up a copy to call our own from the php[architect] site and, if you're curious about the contents and want to "try before you buy", they've posted a free PDF of the "Using Regular Expressions" article to give you a taste.

tagged: phparchitect magazine release august2018 masterful code management

Link: https://www.phparch.com/magazine/2018-2/august/

Matthias Noback:
Negative architecture, and assumptions about code
Aug 06, 2018 @ 10:16:42

In a post to his site Matthias Noback looks at an interesting idea when it comes to the structure of your code: the idea of negative architecture and making assumptions.

In "Negative Architecture", Michael Feathers speaks about certain aspects of software architecture leading to some kind of negative architecture. Feathers mentions the IO Monad from Haskell (functional programming) as an example, but there are parallel examples in object-oriented programming. For example, by using layers and the dependency inversion principle you can "guarantee" that a certain class, in a certain layer (e.g. domain, application) won't do any IO - no talking to a database, no HTTP requests to some remote service, etc.

[...] A negative architecture is what's "between the lines". You can look at all the code and describe a positive architecture for it, but given certain architecture or design rules, there's also the background; things we can be sure will never happen.

He goes on to give a few examples of "negative architecture":

  • "An object does nothing meaningful in its constructor"
  • "An object doesn't also fetch dependencies statically if it also gets any number of dependencies injected"
  • "If a class is not marked final, it has at least one subclass"
  • "If a property is not marked "private", it's used by at least one subclass"
  • "An abstract class won't use methods that aren't part of its published interface"
  • "If an object has one public method, it won't have any public static methods"

For each item in the list there's a summary (and sometimes code) included to help clarify the point.

tagged: tutorial negative architecture assumption code

Link: https://matthiasnoback.nl/2018/08/negative-architecture-and-assumptions-about-code/

Matt Stauffer:
Introducing Laravel Nova: A Tool for Building Admin Panels and Custom CMSes
Jul 27, 2018 @ 10:16:01

Matt Stauffer has a new post to his site that takes a "deep dive" into Laravel Nova, the recently announced administration panel that's developed by the Laravel project. This is the first post in a new series.

These are my notes that I took during the announcement on 2018-07-25. I hope to go back later and update this after a more careful re-watching of the YouTube recording that's now up, so I could get some of my code samples more exact and catch anything I missed.

If you notice anything I missed or got wrong, please let me know on Twitter! And please check back in a few days so I have time to fix this up. :)

The post reads more like a live stream than a formal write up, but the good stuff is all there:

  • the basics of what Nova provides
  • how it works
  • defining a resource
  • working with fields
  • actions/filters
  • lenses
  • searching
  • auditing

...and much more. The post goes through each item, providing screenshots, context and code to show off the feature. If you want to see the announcement for yourself, check out the video over on YouTube.

tagged: laravel nova administration dashboard indepth features code

Link: https://mattstauffer.com/blog/introducing-laravel-nova-a-tool-for-building-admin-panels-and-custom-cmses/

TechBeacon:
9 ways to master awful code, fast
Jul 25, 2018 @ 10:24:58

On the TechBeacon site there's a new tutorial posted sharing a list of nine ways to master awful code and make it more efficient, easier to maintain and clearer.

You've been given the task of implementing a new feature on an old codebase, but the code looks awful. How can you understand it as quickly as possible? Here are several shortcuts to help learn the important parts of new code without getting lost in the irrelevant details.

Their suggestions range from technical to non-technical and include:

  • Ask for help
  • Make it easy to reproduce bugs (add version control, build environments)
  • Prepare for automated testing
  • At first, work on a small task

For each item in the list there's an explanation and links (or screenshots) of other resources to help illustrate their point.

tagged: master awful code refactor top9 list suggestion developer

Link: https://techbeacon.com/9-ways-master-awful-code-fast

Robert Basic:
Legacy code is 3rd party code
Jul 19, 2018 @ 09:43:50

In a post to his site Robert Basic makes an interesting suggestion about older codebases (legacy code) and how they should be handled. He suggests treating legacy code like 3rd party code.

Within the TDD community there’s an advice saying that we shouldn’t mock types we don’t own. I believe it is good advice and do my best to follow it. [...] This hidden advice is that we should create interfaces, clients, bridges, adapters between our application and the 3rd party code we use.

[...] What if we start looking at our legacy code the same way we look at the 3rd party code? This might be difficult to do, or even counterproductive, if the legacy code is in a maintenance-only mode, where we only fix bugs and tweak bits and pieces of it. But if we are writing new code that is (re)using legacy code, I believe we should look at legacy code the same way we look at 3rd party code, at least from the perspective of the new code.

He suggests that legacy code and new code should live in different parts of the application's structure and that, in order to use the legacy code, the new code should use interfaces to it rather than using it directly. He gives an example, showing the use of a User class from the legacy code and interfaces that could be used from the new code to work with it.

tagged: legacy code 3rdparty opinion interface separation

Link: https://robertbasic.com/blog/legacy-code-is-3rd-party-code/

RIPSTech.com:
WARNING: WordPress File Delete to Code Execution
Jun 27, 2018 @ 10:29:26

On the RIPSTech.com site they've posted a warning to the WordPress users out there about a vulnerability that would allow a malicious user to delete any file in the WordPress installation, not just file uploads.

At the time of writing no patch preventing this vulnerability is available. Any WordPress version, including the current 4.9.6 version, is susceptible to the vulnerability described in this blogpost.

For exploiting the vulnerability discussed in the following an attacker would need to gain the privileges to edit and delete media files beforehand. Thus, the vulnerability can be used to escalate privileges attained through the takeover of an account with a role as low as Author, or through the exploitation of another vulnerability/misconfiguration.

The post includes more details around the impact of the issue and where in the code the problem lies. It also offers a temporary "hotfix" as a way around the issue by adding a new filter that uses the basename function to reset the thumbnail data.

tagged: security wordpress delete file vulnerability code execution

Link: https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/

Matt Stauffer:
How to count the number of lines of code in a PHP project
Jun 25, 2018 @ 10:50:37

In this post to his site Matt Stauffer shares several methods you can use to count the total number of lines of code in a PHP project.

I'm giving a talk soon about Laravel and "the enterprise", and the concept of LOC (lines of code) keeps coming up. It turns out that's actually a much harder number to discover than you might think, so I figured I would write up a few options here.

For what it's worth, I'm not a big fan of LOC as a measure of any importance, but it can at least give us some broad foundations to use to talk about broad differences in project size. If you were to ask me, I would say we shouldn't even think about it. But we don't always have that luxury.

He starts with a tl;dr for those that want the quick win (use PHPLOC) but shares other options with different tools too:

He shares answers to a few FAQs about finding lines of code and the output of each tool/command on the same project to show the differences.

tagged: linesofcode code lines count tutorial phploc cloc phpstorm sublimetext silversearcher

Link: https://mattstauffer.com/blog/how-to-count-the-number-of-lines-of-code-in-a-php-project/