Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Paragon Initiative:
The 2018 Guide to Building Secure PHP Software
Dec 12, 2017 @ 12:16:13

On the Paragon Initiative blog has a new post that shares some of their own tips and tricks of how to building secure PHP applications moving forward in to 2018.

As the year 2018 approaches, technologists in general—and web developers in particular—must discard many of their old practices and beliefs about developing secure PHP applications. This is especially true for anyone who does not believe such a feat is even possible.

This guide should serve as a complement to the e-book, PHP: The Right Way, with a strong emphasis on security and not general PHP programmer topics (e.g. code style).

The guide covers a wide rang of topics that can help you secure your applications (and not just PHP ones either) including:

  • working with security headers
  • safely handling file uploads
  • effective password hashing
  • general-purpose cryptography
  • searchable encryption
  • event logging with Chronicle

Each item in the list is a link to another part of the guide where the topic is discussed. In each there's plenty of good information about prevention and implementation as well as links to other tutorials and packages that can help.

tagged: secure application development guide 2018 introduction

Link: https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software

Dhurim Kelmendi:
SOLID Principles made easy
Dec 08, 2017 @ 12:55:13

In a post on the Dev.to site Dhurim Kelmendi shares an introduction to the SOLID principles of software development, a set of guidelines that can help to make your software more robust, flexible and testable in the long run.

This article aims to give a solid explanation of SOLID Principles and give some insight on their benefits and potential issues when applying them. Let’s go through each of them briefly.

He then goes through each of the principles and describes the basics behind them:

  • Single Responsibility Principle
  • Open-Closed Principle
  • Liskov Substitution Principle
  • Interface Segregation Principle
  • Dependency Inversion Principle

The post isn't language specific so you won't find any code examples but it is a great introduction to the principles for those that are just starting out.

tagged: solid development principles introduction easy

Link: https://dev.to/dhurimkelmendi/solid-principles-made-easy-1pg

Peter Lafferty:
TDD On A Silex Controller
Oct 31, 2017 @ 11:25:17

On his Medium.com site Peter Lafferty shares a method he uses for test-driven development on Silex controllers, something made difficult by the way the dependencies are injected into the controllers automatically.

“TDD it’s so easy” that’s what they tell us. There’s not trick to it, it’s just a simple trick. This article shows one way to unit test Silex controllers.

The way to implement TDD on a Silex controller is composition, low coupling and dependency injection. At its most basic a Silex controller has no relationship to Silex. However its easy to end up with controllers tightly coupled to the Application and Request classes.

He talks about the two main issues around effective TDD with Silex: the way the dependency injection controller is injected automatically and how the controller "resolver" enforces certain method names. He's figured out tricks to help get around these issues, though. The first involves creating the controller as a service and the second is to only pass the parts of the request the method needs. He includes code showing this in action to help clarify his points.

tagged: tdd testdriven development silex controller tutorial

Link: https://medium.com/@peter.lafferty/tdd-on-a-silex-controller-13b47ed4319b

DeveloperDrive:
How to Speed Up WordPress Development and Maintenance with WP-CLI
Oct 05, 2017 @ 11:20:51

The DeveloperDrive site has posted a tutorial for the WordPress users out there showing them how to enhance their workflow with WP-CLI, the command line tool that can be used to administer your WordPress instance without needing to log into the web UI.

As a WordPress developer, you’ve probably installed the WordPress CMS, updated it, and activated themes and plugins hundreds of times. And although these routine development and maintenance tasks are fairly easy to do with WordPress’ graphical user interface, doing them over and over again isn’t very efficient.

The good news is that you can easily and effectively speed up WordPress development and maintenance with the WordPress Command Line Interface (WP-CLI). With this in mind, in this post, we’ll explore the different ways you can use WP-CLI and offer some helpful WP-CLI commands to help you get started with a step in the right direction.

The post starts with a brief introduction to the WP-CLI tool and shows how to get it installed on your system in a Unix-based environment (basically grabbing a phar). It then walks you through some of the features of the tool including:

  • installing a new WordPress instance from scratch
  • keeping it updated
  • managing themes and plugins
  • creating custom post types

Examples of each command line call are included as well as some details about options and what's happening behind the scenes.

tagged: wordpress development wpcli commandline tool tutorial

Link: http://www.developerdrive.com/2017/10/how-to-speed-up-wordpress-development-and-maintenance-with-wp-cli/

Gonzalo Ayuso:
PHP application in SAP Cloud Platform. With PostgreSQL, Redis and Cloud Foundry
Sep 25, 2017 @ 09:25:01

Gonzalo Ayuso has a tutorial posted to his site showing you how to create a PHP application on a SAP platform that includes PostgreSQL and Redis via Cloud Foundry.

Keeping on with my study of SAP’s cloud platform (SCP) and Cloud Foundry today I’m going to build a simple PHP application. This application serves a simple Bootstrap landing page. The application uses a HTTP basic authentication. The credentials are validated against a PostgreSQL database. It also has a API to retrieve the localtimestamp from database server (just for play with a database server). I also want to play with Redis in the cloud too, so the API request will have a Time To Live (ttl) of 5 seconds. I will use a Redis service to do it.

He then walks you through the process of setting up both the platform and the application:

  • creating the services in cloud foundry
  • create our application (with either Silex or Lumen)
  • built out the features
  • running the application locally for testing
  • connecting to the cloud servers for PostgreSQL and Redis
  • set up logging
  • set up basic authorization

Full code and configuration is included for each step of the way (with Lumen examples included because Silex is "dead").

tagged: application tutorial development sap cloud platform postgresql redis

Link: https://gonzalo123.com/2017/09/25/php-application-in-sap-cloud-platform-with-postgresql-redis-and-cloud-foundry/

Delicious Brains Blog:
XAMPP vs MAMP vs Local vs DesktopServer: A Comparison Guide to Local Dev Envi
Sep 19, 2017 @ 10:28:01

On the Delicious Brains blog there'a a post that compares four different products for creating local PHP development environments: XAMPP, MAMP, DesktopServer and Local. Both package provide similar functionality but with slight differences.

An easy-to-use local testing server is one of the most important tools in a WordPress developer’s utility belt. Developing in a local environment lets you make changes to dev sites quickly and easily without having to transfer files anywhere and greatly reduces the risk of making breaking changes on a live server.

While many computers are capable of hosting a WordPress site without needing to install any extra packages, there are a few advantages that a dedicated local development environment can offer.

[...] There are quite a few different applications and tools that fit this bill, but for now we’ll be comparing the 4 GUI-based tools that seem to me to be the largest players in this space: XAMPP, MAMP (Pro), DesktopServer, and Local By Flywheel.

The post then walks through each piece of software, covering the installation and getting it up and running with a WordPress application. There's also a mini-review for each with good/bad comments and an overall rating.The post ends with some comments about the author's own preferences, which they use now and which they'd choose in the future.

tagged: xampp mamp local flywheel desktopserver development environment wordpress comparison

Link: https://deliciousbrains.com/xampp-mamp-local-dev/

Laravel News:
Testing With PhpSpec
Sep 18, 2017 @ 10:22:26

On the Laravel News site there's a new tutorial posted introducing you to testing with PhpSpec, a specification-driven testing tool that helps you model the specification your application needs to match.

PhpSpec is a testing tool based on the concept of emergent design using specification. You may have heard of Behavior Driven Development (BDD), and PhpSpec is a tool to use at the spec level or SpecBDD. We also mentioned PhpSpec in our recent roundup of Laravel Testing Resources, which includes ways you can incorporate PhpSpec into your Laravel workflow if you are interested in trying out SpecBDD.

If you’ve never tried PhpSpec, one of the things that I love about PhpSpec is that the process generates code for you and guides you through the SpecBDD process through the command line. Let me show you what I mean with a quick tutorial.

The tutorial then walks you through the installation of PhpSpec and how to run it from the command line before making any tests. They then walk through the configuration of the tool and share a sample workflow with seven steps including describing a specification, writing out expected behavior and verifying the behavior. Code examples (and command line calls) are included in each step of the way, defining an example "calendar" specification with the common functionality (add, subtract, divide, etc). The post finishes with some links to where you can find more information about PhpSpec and spec driven development.

tagged: phpspec specification testing calculator tutorial development

Link: https://laravel-news.com/testing-with-phpspec

Alejandro Celaya:
The PhpStorm plugins of my choice
Sep 18, 2017 @ 09:17:33

In a new post to his site Alejandro Celaya has shared some of the PhpStorm plugins he makes use of in his day-to-day development on PHP applications. Some of them have to do with PHP itself but several help with more generic development needs.

Earlier last week I found a github repository which collects different resources related with the full post for more information.

tagged: phpstorm plugin development tool favorite opinion

Link: https://blog.alejandrocelaya.com/2017/09/16/the-phpstorm-plugins-of-my-choice/

SitePoint PHP Blog:
Game Development with React and PHP: How Compatible Are They?
Sep 15, 2017 @ 12:43:52

The SitePoint PHP blog has posted a new tutorial from Christopher Pitt that tries to answer the question wondering if React and PHP are compatible for game development.

“I’d like to make a multiplayer, economy-based game. Something like Stardew Valley, but with none of the befriending aspects and a player-based economy.”

I started thinking about this the moment I decided to try and build a game using PHP and React. The trouble is, I knew nothing about the dynamics of multiplayer games, or how to think about and implement player-based economies. I wasn’t even sure I knew enough about React to justify using it.

I once watched a talk by dead_lugosi, where she described building a medieval game in PHP. Margaret inspired me, and that talk was one of the things that led to me writing <a href="https://www.amazon.com/dp/1484224922>a book about JS game development. I became determined to write about my experience. Perhaps others could learn from my mistakes in this case, too.

With the foundation laid, he starts in on the setup of the backend for the game: a PHP server running a server compatible with multiple websocket (React) requests. He chose Aerys for the HTTP and websocket functionality and includes the code to create the server and the packages he required. He shares some of the code to create the server and a "Hello world" endpoint the frontend will use. He then moves over to the frontend side of things, showing the packages he installed via NPM and the Laravel Mix configuration to use Webpack to bundle up the files required. He then walks through the integration of the front and back end code including the connection of the websockets.

For those that want to see the end result all together he has posted it to GitHub in a complete form for this part of the series.

tagged: react tutorial reactphp game development part1 series websocket

Link: https://www.sitepoint.com/game-development-with-reactjs-and-php-how-compatible-are-they/

SitePoint PHP Blog:
Rapid Development of Zend Expressive Modules
Sep 07, 2017 @ 11:49:43

The SitePoint PHP blog has a new post from Kirk Madera sharing some of the things he's learned about creating modules in Zend Expressive. His goal is to make it as easy as possible and enable "rapid development" in your application. This is the second part of a series on rapid development with Zend Expressive from Kirk (part one is here).

I have learned a few tricks when writing Zend Expressive modules that I want to share with you.

Please follow the previous post first to set up a proper working environment. I explained how to install and configure Zend Expressive with Doctrine, Gulp, and an abstract reflection factory – it’ll take a total of 10 minutes.

In this tutorial, we’ll build a simple read-only blog module (a page listing blog posts from a database) in minutes, demonstrating the kind of rapid development one is capable of with Zend Expressive.

He then shows how to use the command line tooling to create the module and how it is registered with Composer. He then shows the creation of the "blog" entity and database tables followed by the routing changes. Next he fleshes out the actions that will respond to the requests on each route and the templates that will be served as a part of the response.

tagged: rapid development application zendexpressive zendframework tutorial module

Link: https://www.sitepoint.com/rapid-development-zend-expressive-modules/