Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Matt Stauffer:
Using SparkPost for Transactional emails with Laravel
Apr 27, 2016 @ 10:54:42

Matt Stauffer has a post to his site for the Laravel users out there wanting to seed "transactional emails" from their applications. In this tutorial he shows you how to use the SparkPost service to send emails with very little effort.

Recently, Mandrill announced that they'd be sunsetting their transactional email service and instead rolling it in to a secondary service for paid MailChimp users. That's fine for them, but many of us were using it for small one-off apps and weren't interested in all of a sudden paying money to send 100 emails a month.

[...] But right when Mandrill announced their pricing change, a new transactional email provider came out of nowhere: SparkPost. [...] So let's walk through the process of signing up and moving Giscus, my app for notifying you of comments on your gists, from Mandrill to SparkPost.

First he walks you through the process of getting a SparkPost account set up and configured to receive messages from your application. He then moves over to the Laravel side, upgrades his installed version and configures it with the "secret" value SparkPost provides and changes the MAIL_DRIVER value - that's basically it.. He also includes some screenshots of other parts of the SparkPost admin interface to show some of the other functionality included.

tagged: tutorial laravel sparkpost service transaction email send

Link: https://mattstauffer.co/blog/using-sparkpost-for-transactional-emails-with-laravel

SitePoint PHP Blog:
What is SparkPost?
Apr 25, 2016 @ 13:50:47

The SitePoint PHP blog has a post to their site introducing SparkPost, an email delivery service (in the same vein as Mandrill) that you can hook into your PHP applications to prevent the need to run your own mail servers.

I’ve used Mandrill for as long as I can remember. It sends transactional email, like the kind you receive when you sign up for a new account. Like me, many have been happy to use a free account for sending a relatively low number of emails a month. That is, until recently, when Mandrill caused a bit of a stir. The heart of the matter is that Mandrill removed their free tier. Anybody wishing to send mail through Mandrill now requires a paid-for MailChimp account

[...] Mindful that people are looking for alternatives (to power their personal newsletters or whatever), I spoke to Aydrian Howard. Aydrian is the Developer Advocate at SparkPost, whom I met at FluentConf. We talked for a bit about SparkPost and what makes it different from MailChimp.

After the little bit of Q&A about the service, the tutorial gets in and shows you how to get SparkPost set up for your application. They help you install their own client library and send a first test email using your account. Code is provided showing the configuration of the client with your key and the options you can define when sending the message.

tagged: sparkpost email send tutorial introduction mandrill

Link: http://www.sitepoint.com/what-is-sparkpost/

Jelle Raaijmakers:
Dissecting a spammer’s spam script
Apr 19, 2016 @ 13:48:37

In this post to his site Jelle Raaijmakers dives into a script that's commonly injected into vulnerable sites and used by spammers to send messages without the knowledge of the site owner.

Let’s take a look at a PHP script used to send spam. These types of scripts run on servers all over the world and might give you some insight into a spammer’s dedication to annoy the hell out of you. Spammers abuse known flaws in unsecured websites and applications to break into a server and install scripts that are able to send loads of spam.

[...] Everyone running a mildly popular WordPress site knows that exploits can be really easily introduced by installing plugins from a less than reputable source – or by not keeping your plugins up to date. Sometimes, a zero-day exploit for a popular WordPress plugins becomes known and thousands of installations worldwide are infected at once.

He then goes through a script he found in an infected WordPress instance of his own on a shared hosting provider. He talks about what these kinds of scripts usually look like (an encoded eval injected into current scripts) and the process he followed to dissect it:

  • Step 1: determine method of obfuscation
  • Step 2: introduce newlines
  • Step 3: replace the $j10 values
  • Step 4: concatenate constant strings
  • Step 5: replace function invocations
  • Step 6: prettify the PHP code
  • Step 7: remove default $j10 argument
  • Step 8: decode the $pate payload
  • Step 9: replace $_POST references
  • Step 10: map function and variable names

It's not a super simple process, but in the end he's left with the complete PHP script that loads a remotely defined configuration, tries to send the emails and even retries if there's a failure. He includes a few noteworthy things about the script including STMP connection auto-detection and DNS lookups over UDP.

tagged: spammer script dissection reverse engineer email spam security

Link: https://jelleraaijmakers.nl/2016/04/dissecting-spammers-spam-script

php[architect]:
Mandrill Alternatives for PHP Applications
Apr 19, 2016 @ 12:07:16

With the recent (well, not too recent) announcement from MailChimp about the shift to a paid model for their Mandrill email service, PHP developers have been busy looking for alternatives. In this post to the php[architect] site Sandy Smith explores some of the other options out there, how they compare and what they have to offer.

n case you might have missed the announcement, MailChimp is changing Mandrill to be an add-on to paid MailChimp accounts, thus eliminating the generous free tier. We’re big fans of MailChimp and use its mailing list service for our own announcements, but a full MailChimp account isn’t going to be for everybody. [...] Many people also know Mandrill by reputation and will need options in the future. For you, we’ve put together this list of viable transactional email alternatives with PHP and major PHP application support.

Included in their list are services like:

For each service he includes a paragraph talking about what integrations and libraries there are for their use as well as what's included in their "free" levels.

tagged: mandrill alternative email service options sdk overview

Link: https://www.phparch.com/2016/04/mandrill-alternatives-for-php-applications/

Scotch.io:
The Ultimate Guide to Sending Email in Laravel
Apr 01, 2016 @ 12:35:21

On the Scotch.io site today there's a new tutorial giving you the ultimate guide to sending emails in Laravel - from choosing your provider out to sending both text and HTML emails (some with attachments).

Sending emails in web applications has become so essential. Marketing, notifications, newsletters, adverts, etc are some of the reasons why we send emails to our clients. I'd say the majority of websites send automated emails at least via a "Contact us" form.

Let's explore the many possible ways to send emails in a Laravel application.

They start off with a brief look at three different services you can set up out of the box with Laravel: Mailgun (for regular sending), Mailtrap (for debugging) and Mandrill (for bulk emails). They show you how to configure each service in Laravel and setting one of them up as the default. The tutorial then gets into sending the actual emails through a simple EmailController::send endpoint. They show the code to set up the Mail. They show examples of what the resulting emails look like and how they show up in the related mail services. There's also instructions on attaching files, using queues to optimize email sending and a "bonus" about sending bulk emails with MailChimp.

tagged: send email laravel tutorial ultimate guide mailchimp mailtrap mailgun

Link: https://scotch.io/tutorials/ultimate-guide-on-sending-email-in-laravel

Scotch.io:
Why Laravel Queues Are Awesome
Mar 18, 2016 @ 10:08:42

In a new tutorial to the Scotch.io site they take a look at Laravel's queuing functionality and explain why they think it's awesome for handling asynchronous operations in your applications.

Otwell took his time to build Laravel and it's documentation and one of the major features that really amaze me is what we are going to experiment with, Queues.

Queues in Laravel are used to make a smooth sailing application cycle by stacking heavy tasks to be handled as jobs and dispatching these jobs when it is asked to or when it does not disrupt the user's experience.

They then show how to use the queuing system to send out emails asynchronously rather than waiting for them to send via the application and making the user wait. First they show how to send them a bit more manually, making use of the Mailtrap service for testing the emails being sent. They set up a basic controller with a "send" endpoint that uses the Mail functionality to send a simple HTML email. Next they show how to refactor this into something that uses queues to handle the email sending via a SendWelcomeEmail job. He talks about performance differences between the queued and non-queued version and links to a demo repository if you'd like to see it all working together.

tagged: laravel queue tutorial introduction email mailtrap

Link: https://scotch.io/tutorials/why-laravel-queues-are-awesome

Tighten.co:
Creating a password-less, Medium-style, email-only authentication system in Laravel
Mar 14, 2016 @ 09:29:55

On the Tighten.co blog Matt Stauffer shows how to make a password-less authentication system similar to what the popular site Medium uses centered around emails sent to the account for the user.

Recently I was working on a project where one of our major pain points was users' passwords. Users were added to the application by administrators, so they didn't have passwords when they were first added, and forcing them to set and remember passwords was a big hitch on the project's usability.

So, we decided to try out a Medium/Slack-inspired password-less login. If you've never had the chance to work with this, the login system works like this: enter your email address on the login page, get emailed a login link, click the link, and now you're logged in. Access to your email address proves your identity without the need for a password.

He walks you through the process of disabling the current password-based flow by creating and modifying the default "make:auth" results. When the user comes to the site, they're asked to log in via sending an email. This email contains a unique token attached to a link that matches one on the server side related to the user. He shows how to build out this relation table, the matching model and the endpoint used to verify the hash once the user clicks on the link.

tagged: laravel password email login medium link random hash tutorial

Link: http://blog.tighten.co/creating-a-password-less-medium-style-email-only-authentication-system-in-laravel

Sylius Blog:
Sending configurable e-mails in Symfony
Oct 05, 2015 @ 11:15:46

In a post to the Sylius blog Mateusz Zalewski shows you how to create configurable emails in your Symfony-based application with help from a custom bundle they've released to help make it a much simpler process.

Every developer, during their adventure with PHP programming has been struggling with sending emails in a web application. However using PHP send() function is often insufficient for common web applications, when you need templates, variables, configurations etc.Fortunately, Sylius provides SyliusMailerBundle and Mailer component, with some awesome features. [...] Of course, this bundle and component are fully decoupled and can be used in any Symfony application.

They walk you through the installation (via Composer) and configuration of the bundle, adding it's dependencies to the kernel of your application. He shows how to configure the container with connection information (like the name and from values) and update your database with the tool's migrations. From there he shows how to customize your emails, making use of the Twig template handling to define the body contents. The bundle also makes it possible to define custom email types with different settings for each. Finally they show how to send the emails, grabbing the sender information and sending the email, either more manually or via a custom defined email type.

tagged: symfony email configurable tutorial bundle customize template sender

Link: http://sylius.org/blog/sending-configurable-e-mails-in-symfony

Marc Morera:
Re-thinking Event Listeners
Aug 21, 2015 @ 09:17:34

Marc Morera has posted an interesting article to his site suggesting a re-thinking of how event listeners are used in applications and libraries.

Let’s talk about Event Listeners. Do you know what an Event Listener is? Well, if you are used to working with Symfony, then you should know what is intended for. If you don’t, don’t hesitate to take a look at the Symfony documentation. This post aims to start a small discussion about how an Event Listener should look like if we really want to keep things decoupled.

The starts with a brief summary of the post (tl;dr) for those in a hurry but goes on to explain things in a bit more detail too. He starts by laying a foundation, introducing what event listeners are. He also shows how they're commonly implemented and used (in Symfony2 specifically but it applies more generally too) to trigger actions in applications. He suggests decoupling things a bit more from the flow of the action and allowing, in this case, access to both the order and the customer (on a "order created" action). He takes it one step further and decouples the sending of an email into a service and then creates an instance of this when needed in the event and not before.

tagged: event listener decouple ecommerce email order action

Link: http://mmoreram.com/blog/2015/08/20/re-thinking-event-listeners

Coding.bmail.net Blog:
Advanced logging system in PHP for careful developers
Aug 05, 2015 @ 12:19:51

On the Coding.bmail.net blog they've posted a guide to what they've called an advanced logging system in PHP for careful developers - essentially a logging system that's as "error proof" as possible and that works with as little user exposure as possible.

Being aware of all the activity and problems under the hood is essential when running big websites with lots of users, many features and, as it is usual in such cases, weak spots that must not be left untracked.

In order to be the first in knowing when errors or other events of interest happen we need a well designed logs manager. My code will provide such a feature, for PHP based websites.

They briefly outline how the complete setup will work, failing back to email if the database connection isn' available and logging based on environment. It also includes error levels and, on development only, a method for showing the errors being logged. While a good bit of this functionality could be handled by something like Monolog they do include some additional features like the email fallback, output of the errors in development mode and custom error/exception handlers.

tagged: logging advanced system custom database email environment tutorial

Link: http://coding.bmain.net/tutorials/php/advanced_logging_system_in_php_for_careful_developers