Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Loïc Faugeron:
Decouple from Frameworks
Oct 06, 2015 @ 09:48:23

In this recent post to his site Loïc Faugeron shows his support for a pretty common "battle cry" among developers that make use of one of the many PHP frameworks out there: decouple from your framework (including a few strategies how).

Frameworks solve infrastructure problems, for example how to create a HTTP or CLI application. While necessary, those concerns don't add any value to your project: the business need will not be fulfilled by creating an empty application. As always, different responsibilities mean also different reasons to change: frameworks have a history of Backward Compatibility (BC) breaks and they do so regardless of your project.

[...] Does that mean that we shouldn't use any frameworks? Should we just don't care and embrace fully frameworks? This article will explain how to avoid both extremes, by decoupling from the framework. It can be done by restricting the framework to its infrastructure responsibilities (HTTP, CLI), by only using its entry points (Controller, Command) and by using the Command Bus pattern.

He uses a simple application to illustrate his points, starting with a basic Symfony installation with PHPUnit and PHPSpec installed. He builds a listener to handle JSON encoded content input and sets up the initial "Quote" controller that will take in the new request. He follows the TDD mentality along the way, testing first then writing the code to match the test. With that system in place, he talks about the ideas of commands (from the "command bus" world) and how that could be used to refactor out the "submit" logic and make it less dependent on the framework it lives in. This lets the framework handle the low-level functionality (HTTP request/response, routing, etc) while the logic sits in a more abstract, contained location.

tagged: decouple framework opinion commandbus refactor encapsulate

Link: http://gnugat.github.io/2015/09/30/decouple-from-frameworks.html

JetBrains Blog:
PHP Annotated Monthly – September 2015
Sep 11, 2015 @ 11:19:16

On the JetBrains blog Gary Hockin has just posted the latest "PHP Annotated Monthly" edition for September 2015. These posts cover recent happenings in the PHP community, linking to more information and the people involved.

As the autumn conference season begins to ramp up, it’s time for the September edition of PHP Annotated Monthly – bringing you all the news, tips, tricks and tutorials from the PHP community.

He touches on three main topics - the PHP language itself, news about various frameworks and tools talked about over the month and happenings in the community itself. Some of the topics mentioned include:

...and lots more. Check out the full post for more topics and links to plenty of others. You can also check out some of the back issues on the Annotated Monthly archive page.

tagged: jetbrains phpannotated monthly sept2015 newsletter summary language community framework articles

Link: http://blog.jetbrains.com/phpstorm/2015/09/php-annotated-monthly-september-2015/

Community News:
Laravel 5 Now Includes Authorization
Sep 01, 2015 @ 10:50:41

In the latest release of the Laravel framework (v5.1.1) they've introduced authorization handling to the native framework. This allows you to integrate permissions checks and perform policy validation both on the backend and in the templates.

In addition to providing authentication services out of the box, Laravel also provides a simple way to organize authorization logic and control access to resources. There are a variety of methods and helpers to assist you in organizing your authorization logic.

The functionality includes the concepts of "abilities" (permissions, essentially) and validate the allow/deny status based on object properties, such as Users. The documentation shows how to perform the evaluations in the controllers, user model, form requests and even in the Blade templates. There's also a section on creating policies for more complex evaluations than just one-off permission checks.

To get a feel for what the community things of this new functionality, be sure to check out this Reddit thread with feedback, both positive and negative, on how it was implemented.

tagged: laravel framework authorization functionality permission policy allow deny

Link: http://laravel.com/docs/5.1/authorization

Zend Framework Blog:
Announcing Expressive
Aug 27, 2015 @ 09:41:21

The Zend Framework blog has posted an announcement about a new project they're offering to help make building PSR-7 middleware applications simpler - announcing Expressive.

We are pleased to announce the immediate availability of a new project, Expressive!

Expressive allows you to write PSR-7 middleware applications for the web. It is a simple micro-framework built on top of Stratigility, providing: dynamic routing, dependency injection via container-interop, templating and error handling.

The post helps you get a simple application using Expressive up and running via a Composer install and a bit of code. They talk about some of the goals behind Expressive, the interoperability it makes available and how it fits in with the Zend Framework ecosystem. They've released version 0.1.0 already and ask for testing (and bug reports) for this new framework. You can also check out the project documentation for more information about what it offers and the features currently implemented.

tagged: expressive framework psr7 middleware interoperability stratigility

Link: http://framework.zend.com/blog/announcing-expressive.html

Ahmad Hajjar:
Mocking Objects for Unit Testing in PHP Using Go! AOP
Aug 18, 2015 @ 11:55:01

In an interesting post to his blog Ahmad Hajjar shows you how to use to Go! PHP AOP framework to help mock objects in your unit tests. The Go! AOP framework provides some of the base functionality for using aspect-oriented programming techniques in your code.

These have been always very important questions in software development industry; what should I test in unit testing? And how can I make tests as small as possible, and how to avoid testing already tested code? or 3rd party libraries? [...] In principle, unit test must fail for one and ONLY ONE reason, this makes sense actually, as it complies with the S in the SOLID object-oriented design principles. [...] We can use mocks in the problem listed above, to make the unit test, real unit test, that is testing only the things that needs to be tested. [...] However, what we are going to do today is something different. OK! Why should we re-invent the wheel? the answer is : because it is simpler wheel ! also it is a wheel that uses different technology which is AOP.

He uses a simple Laravel application and the Go! framework for his testing examples. He uses the AOP functionality from Go! as the mock handling instead of something like PHPUnit's own mocking or Mockery. He shows how to configure the AOP functionality first, then creates a basic aspect class with a few interceptors for method calls. He creates an AopMocker class that adds the class requested to the mock configuration. Finally he improves the initial unit test example using these tools, building mocks for User and Post classes and making the same assertion.

tagged: unittest mock object aop aspectoriented programming goaop framework

Link: https://ashajjar85.wordpress.com/2015/08/16/mocking-objects-for-unit-testing-in-php-using-go-aop/

Dylan Bridgman:
Building a basic router
Aug 14, 2015 @ 09:37:45

Dylan Bridgman has posted a new tutorial talking about building one of the key pieces of any framework (and most applications) to help get requests to the right place - a basic routing system.

There is always value in learning about the internals of the frameworks and libraries we use. It allows for a deeper understanding of the problem being solved and appreciation of the work that has gone into these projects. So today I will be building a basic router to explore this fundamental part of even the smallest framework. The idea is not to create something complete or production-ready but rather the minimum set of features needed to be considered a router.

He creates a simple script that handles both static and variable routes as well as throw an error when a route match isn't found. He starts off talking about the structure of URLs and shows the setup of a rewrite rule to forward all requests to an index page (where the router lives to handle them). Then he talks about the structure of the routing table and how to structure the route-to-action formatting. He opts for a simple PHP array with a closure as the action portion as a starting place. He shows how this is useful for static route matching but upgrades to regular expression matching (passed through a preg_match) to allow variables.

tagged: basic router framework static variable regularexpression regexp

Link: https://medium.com/@dylanbr/building-a-basic-router-b43c17361f8b

SitePoint PHP Blog:
Rendering Data in Yii 2 with GridView and ListView
Aug 10, 2015 @ 10:18:16

The SitePoint PHP blog has posted a tutorial continuing their look at the features of the Yii2 framework. In this latest post author Arno Slatius covers the use of the GridView and ListView components to render tabular data.

In my previous article about Yii 2.0, I introduced the ActiveRecord implementation. Once you have some data in your database you’ll want to be able to show it. Yii uses DataProviders to interact with data sources and it provides some widgets to output the data. Of these, the ListView and GridView provide the most functionality.

In his example he shows how to render tags about authors, articles and related tags into a simple table with contents provided by a data provider. He talks about the three different types of providers, activedata, sqldata and arraydata, and briefly shows each in use. He shows how to configure the GridView element to use the provider and set up the column data. He also covers the use of the sorting and pagination functionality already built into the tool.

tagged: tutorial yii2 framework gridview listview configure dataprovider configure render

Link: http://www.sitepoint.com/rendering-data-in-yii-2-with-gridview-and-listview/

Easy Laravel Book:
How Laravel 5 Prevents SQL Injection, CSRF, and XSS
Jul 23, 2015 @ 16:05:15

Jason Gilmore has posted an article to the Easy Laravel Book site with a bit more detail about how the framework prevents some common security issues including SQL injection and cross-site request forgery.

A reader recently e-mailed me and asked about Laravel 5’s native security features. While I talk about various security-related matters throughout the book, this information isn’t consolidated into any particular chapter and so I thought it would be useful to do so in a single blog post. Laravel helps to secure your web application by protecting against three serious security risks: SQL injection, cross-site request forgery, and cross-site scripting.

He goes through each of the types and talks about the built-in functionality Laravel includes to protect against each one. A bit of code is tossed in when needed to help clarify the point too. Fortunately for the user, a good bit of the technical pieces of these protections are behind the scenes and don't need much effort to use.

tagged: laravel5 sqlinjection csrf xss prevention framework tools

Link: http://www.easylaravelbook.com/blog/2015/07/22/how-laravel-5-prevents-sql-injection-cross-site-request-forgery-and-cross-site-scripting/

Barry vd. Heuvel:
OAuth in Javascript Apps with Angular and Lumen, using Satellizer and Laravel Soci
Jul 22, 2015 @ 09:51:49

Barry vd. Heuvel has a post to his site sharing a step by step guide to setting up OAuth in a Lumen+AngularJS application via Socialite and Satellizer (an AngularJS library for OAuth and token based authentication).

In the last few weeks, Socialite was a popular topic to blog/tweet about. Coincidentally, I also needed Socialite for a project. But in my case, I wanted to use it in an Angular app, distributed using Cordova (Phonegap) as hybrid app on Android/iOS. There were some examples, but I couldn’t find much about it at the time. A few people asked to share my experience about it, so here it is!

He starts by linking to all of the tools you'll need to help get some background on them including a helpful guide to installing Satellizer. He then goes over the flow of the entire process, from the initial call from the AngularJS side to authenticate, through the backend Lumen/Socalite/Satellizer handling and then back out to the Javascript where the token is then stored. With this established, he gets into the implementation details starting with the Lumen code to make the API request to GitHub then working with the JWT tokens and responding back to the AngularJS frontend with the result.

tagged: angularjs lumen framework tutorial socialite satellizer oauth jwt token

Link: http://barryvdh.nl/laravel/lumen/angular/2015/07/19/oauth-in-javascript-apps-with-angular-lumen-using-satellizer-laravel-socialite/

Laravel and Vue JS: Advanced Frontend Webapp Architecture
Jul 17, 2015 @ 08:46:10

On Medium.com Russ Weas has posted a tutorial showing you how to get Laravel and Vue.js working together to create a well-structured, two-way application.

Do you use Laravel PHP and Vue JS? Do you wish there was a better way to structure your applications you build? This tutorial is just for you! In it, we set up simple two-way communication between the different components of your front-end app.

While he does provide the end result as a GitHub repository, he still walks through the full integration process to fill in the gaps. He starts with a brief introduction to a Vue.js application structure (based off of this video) and what parts need to be in play to follow along. From there he gets into the two-way communication aspect, showing how to create the bridge between the application, its views and components. He talks about some of the "missing pieces" of the current structure including an update to pass in a dependency injection "container" on the Vue side similar to how Laravel's IOC container works.

The remainder of the post is split into three parts, each with an update to the view layer (on the client side) to work with the new IOC structure:

  • using this.app in each view
  • setting data for a particular view from other views or the main app
  • calling view functions

He concludes the post with the full code for the two files they've been working with, showing everything working together: the HTML template (Laravel view) and the "app.js" Javascript for the Vue.js code.

tagged: laravel tutorial architecture vuejs frontend framework

Link: https://medium.com/laravel-news/advanced-front-end-setup-with-vue-js-laravel-e9fbd7e89fe2