Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

QaFoo:
How to Perform Extract Service Refactoring When You Don't Have Tests
Mar 22, 2017 @ 10:42:39

On the QaFoo blog they've posted an article sharing advice about refactoring to extract logic to services when there's no testing to cover the code.

When you are refactoring in a legacy codebase, the goal is often to reduce complexity or separate concerns from classes, methods and functions that do too much work themselves. Primary candidates for refactoring are often controller classes or use-case oriented service classes (such as a UserService).

Extracting new service classes is one popular refactoring to separate concerns, but without tests it is dangerous because there are many ways to break your original code. This post presents a list of steps and checklists to perform extract service when you don't have tests or only minimal test coverage. It is not 100% safe but it provides small baby-steps that can be applied and immediately verified.

The article talks about some of the primary risks when performing this kind of refactoring and how their extract method recommendations could case some of those issues. The tutorial then breaks down the process into the small steps:

  • Step 1: Create Class and Copy Method
  • Step 2: Fix Visibility, Namespace, Use and Autoloading
  • Step 3: Check for Instance Variable Usage
  • Step 4: Use New Class Inline
  • Step 5: Inline Method
  • Step 6: Move Instantiation into Constructor or Setter
  • Step 7: Cleanup Dependency Injection

While that seems like a lot of steps to take, they're all pretty small. They include a series of code snippets giving you an example to work from, making these small steps to refactor current functionality into a Solr service class.

tagged: tutorial refactor extract service tutorial unittest example code

Link: https://qafoo.com/blog/099_extract_service_class.html

Nicola Malizia:
Understanding Laravel’s HighOrder Collections
Mar 14, 2017 @ 09:11:59

Nicola Malizia has written up a tutorial that helps to explain Laravel's HighOrder collection functionality, a feature that was added in Laravel 5.4.

A new version of Laravel is available from 24 January 2017 and, as usual, it comes with a lot of new features.

Among them, there is one that takes advantage of the dynamic nature of PHP. Some out of there will contempt this, but I find it awesome!

He talks briefly about what the normal Collection class provides and provides an example of creating a collection and using the "map" function to return an average. With the new functionality the methods can be called directly on the collection with a simplified format. With the example out of the way he then dives into the source code for the feature, showing how it defines the "proxy" methods allowed and uses the __get and __call magic methods to map the method calls back to a collection.

tagged: laravel highorder collection tutorial introduction code

Link: https://unnikked.ga/understanding-laravels-highorder-collections-ee4f65a3029e#.uo1gmhbgu

Ian Cambridge:
Code Review: Single Responsibility Principle
Feb 23, 2017 @ 13:24:05

Ian Cambridge has put together a new post for his site focusing on the Single Responsibility Principle, one of the more well-known (and well understood) parts of the SOLID design principles.

Single Responsibility Principle (SRP) is probably one of the most well-known principles from SOLID. At its core is a desire to prevent classes from becoming overwhelming and bloated. While enabling the ability to change how a single thing works by only changing a single class. So the benefits of SRP are that you have an easier codebase to maintain since classes are less complex and when you wish to change something you only have to change a single class. In this blog, I will go through some ways to try and help avoid breaching SRP while doing code review.

He gives two examples and the code they might contain, breaking the SRP mentality. The first is a "manager" (or service) class that, while good in principle, usually ends up performing way too many operations than it should. The second is a "from usage" instance where the return of one method is being used as a parameter for another method in the same class. For each he talks about the problem with the current implementation and offers a suggestion or two of things to fix to make it adhere more to SRP ideals.

tagged: singleresponsibilityprinciple srp solid example code review

Link: http://blog.humblyarrogant.io/post/2017-02-21-code-review-single-responsibility-principle/

Christian M. Mackeprang:
4 forgotten code constructs: time to revisit the past?
Feb 10, 2017 @ 09:30:44

Christian M. Mackeprang has a recent post to his site sharing a few possibly forgotten code constructs whose use has faded in recent years. He revisits them, complete with code examples, and why he thinks they should be resurrected.

Some things in the programming world are so easy to misuse that most people prefer to never use them at all. These are the programming equivalent of a flamethrower: You might rarely be in the position to really need one, but every once in a while it turns out that you need to take down a forest. In that case, there’s no easier way than going Rambo on your codebase.

[...] That’s where a few of the old, forgotten code constructs come into play. Creative use of features such as goto, multiple inheritance, eval, and recursion may be just the right solution for experienced developers when used in the right situation.

The four constructs he recommends are: goto, multiple inheritance, eval and recursion. For each item in the list he provides a basic look at the concept and follows it up with "the right way" of doing things to prevent common issues with the feature.

tagged: code constructs past top4 list examples

Link: http://chrismm.com/blog/4-forgotten-code-constructs-time-to-revisit-the-past/

Laravel News:
Checking the Code Complexity of your App
Jan 11, 2017 @ 11:52:58

On the Laravel News site there's an article posted showing you how to determine the complexity of your application using the phploc tool from Sebastian Bergmann.

Yesterday, Taylor made a post comparing the code complexity between Laravel and other frameworks. The tool he used to generate these reports is called phploc and it’s very easy to run on your own code base.

I decided as a means of comparison I would run that on the codebase for this site and just see what the results are.

The tutorial walks you through the installation of the tool (as a globally installed Composer package), how to execute it and what the results look like. These results include a lot of data including:

  • Average Class Length
  • Average Complexity per LLOC
  • (Use of) Global Constants
  • (Number of) Namespaces

phploc is useful for getting the overall numbers but he wanted something a bit more specific. For that he chose the PhpMetrics package that allows for deeper introspection into files and classes in your code to locate the complexity and find spots for refactoring.

tagged: code complexity tool phploc phpmetrics example composer tutorial

Link: https://laravel-news.com/code-complexity-tools

Medium.com:
Framework Code Complexity Comparison
Jan 10, 2017 @ 11:29:30

On Medium.com Taylor Otwell, lead developer and creator of the Laravel framework, has posted some results about framework code complexity based on his own research and information gathering.

Last week as I was refactoring and cleaning Laravel for the 5.4 release, Graham Campbell showed me some code complexity statistics for the framework. I decided to compare this against some other PHP frameworks to see how Laravel stacks up.

[...] I was pleased to see Laravel has the lowest average method complexity of any of the frameworks measured. In addition, Laravel does not contain any method longer than 13 lines of code. [...] The primary goal of this comparison is to compare how I personally write code vs. how other projects are writing code. All project’s measured have a large enough sample size of pure, first-party code to accurately measure that.

He then shares the cyclomatic complexity numbers for several different (and popular) frameworks in the PHP ecosystem:

  • Laravel
  • Symfony
  • Zend Framework
  • Cake
  • Slim

He also compares just the Eloquent ORM and the Doctrine ORM components. For each he provides stats like: lines of code, average method complexity and percentage of methods that are non-static. The results are interesting but most are pretty much expected (like the Slim microframework being lowest on several of the statistics mostly due to its size).

tagged: code complexity framework comparison laravel taylorotwell

Link: https://medium.com/@taylorotwell/measuring-code-complexity-64356da605f9#.j719oq8ue

TutsPlus.com:
Building Your Startup: Security Basics
Dec 20, 2016 @ 11:55:58

The TutsPlus.com site has continued their "Building Your Startup" tutorial series with this latest article covering the "security basics" you'll need to adequately protect your application. This tutorial touches on both the server-level and code-level security aspects.

In today's episode, we'll dive into the basics of web server security. I'll cover securing the Linux VPS running Meeting Planner and some basic Yii security. In the next episode, I'll dive more into programmatic Yii application security.

The article starts off with the server side of things, introducing hosting options, keeping the server updated, configuring SSH for logins, setting up a firewall and SSL. With that solid base in place, it then starts on the code side covering the built-in functionality used to secure the backend and frontend functionality.

tagged: tutorial series yii2 startup security basics server code

Link: https://code.tutsplus.com/tutorials/building-your-startup-security-basics--cms-26702

Leonid Mamchenkov:
Quick and easy introduction into PHP Mess Detector (PHPMD)
Dec 13, 2016 @ 10:07:54

Leonid Mamchenkov has posted a "quick and easy introduction" to PHPMD, the "PHP mess detector" tool. PHPMD automatically scans your code looking for potential issues including "suboptimal code, overcomplicated expressions and unused parameters, methods, properties".

PHP Mess Detector is yet another one of those tools that help to keep the code base manageable and clean. Here is how you can jump right in. It’s super easy. It only takes 6 steps.

He gives an example of it in use on a CakePHP plugin showing the process to install, execute and view the report it provides. He looks in detail at one of the issues it found, an unused local variable, and how he fixed the issue and pushed the result back to the main repository. He finishes up with some suggestions about ways to run the tool, integrating it into your automated workflow and using it on other Open Source projects to find "low hanging" issues to fix and contribute back.

tagged: phpmd mess detector tool automation introduction tutorial code quality

Link: http://mamchenkov.net/wordpress/2016/12/12/quick-and-easy-introduction-into-php-mess-detector-phpmd/

Medium.com:
The Three Pillars of Static Analysis in PHP
Dec 12, 2016 @ 13:06:03

In this post over on Medium.com Ond?ej Mirtes looks at what he calls the "Three Pillars of Static Analysis in PHP" - three kinds of testing you can do to catch errors "at rest" in your codebase.

My credo is that everything that can be automated should be automated. Computers are really good at repeating tedious tasks and they don’t usually make mistakes while us squishy humans are defined by making mistakes everywhere we go.

[...] In the following article, I’d like to introduce three tools that will help you to find errors and inconsistencies in your codebase. If your build integrating these tools finishes successfully, you can be pretty sure your application is in a good shape.

His list of three tools covers checking for:

He covers some of the things the last option verifies and links to another introductory article about the tool to help you get started.

tagged: static analysis pillars lint codesniffer phpstan code

Link: https://medium.com/@ondrejmirtes/three-pillars-of-static-analysis-in-php-f3f5d7bfd61b#.etoa1rfkq

Christian Mackerprang:
How terrible code gets written by perfectly sane people
Nov 30, 2016 @ 12:16:26

Christian Mackerprang has an interesting post to his site sharing some of his thoughts about why terrible code gets written by sane people - developers that know what they're doing but, for other reasons, write code that's a mess of anti-patterns and inconsistency.

What I discovered after some months working there [on a legacy Python project], was that the authors were actually an experienced group of senior developers with good technical skills. What could lead a team of competent developers to produce and actually deliver something like this? What I’ve come up is a list. These are some bad habits that even experienced teams can get into which will severely affect your end product, more than any static code checker or development methodology could rescue it from.

His list of reasons covers six of the reasons he sees for the "good people, bad code" situation happening:

  • Giving excessive importance to estimates
  • Giving no importance to project knowledge
  • Focusing on poor metrics such as “issues closed” or “commits per day”
  • Assuming that good process fixes bad people
  • Ignoring proven practices such as code reviews and unit testing
  • Hiring developers with no “people” skills

For each item in the list he briefly covers why it's a bad thing for your engineering group and references to other sources on good suggestions to fix the situation.

tagged: terrible code sane people opinion reasons

Link: http://chrismm.com/blog/how-terrible-code-gets-written-by-perfectly-sane-people/