Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Toptal.com:
The Vital Guide to PHP Interviewing
Jan 22, 2016 @ 12:20:27

On the Toptal PHP blog they've posted what they call the "vital guide" to PHP interviewing, a set of questions (and answers) that you could potentially ask a candidate you're looking to interview for that open PHP role in your organization. Obviously, since interviewing is all relative to the organization, this guide is just that - a series of example questions you could ask to determine overall competency.

Ubiquitous…that is definitely one word you could use to describe PHP in relation to the web. It really is everywhere. [...] But therein lies much of the challenge of finding highly-skilled PHP developers. PHP’s relatively low barrier-to-entry and 20 year history means that PHP developers have become practically as ubiquitous as the technology itself. Yet while many can legitimately claim to “know” PHP, those who are true experts in the language are capable of producing software that is much more scalable, functional, robust, and maintainable.

[...] Toward that goal, this guide offers a sampling of effective questions to help evaluate the breadth and depth of a candidate’s mastery of PHP.

There's quite a few questions in their guide, touching on a wide range of PHP-related topics both more intermediate and advanced. This includes questions like:

  • "Explain the use and purpose of the global keyword in PHP. Provide an example of a case where its use would be appropriate, as well as one where it would not be."
  • "Describe namespacing in PHP and why it is useful."
  • "Describe the relationship between php://input and $_POST. How would you access the php://input stream?"
  • "Explain the purpose and usage of the __get, __set, __isset, __unset, __call, and __callStatic “magic” methods. When, how, and why (and perhaps why not) should each be used?"
  • "Describe one or more Standard PHP Library (SPL) data structures. Give usage examples."
  • "How does PHP build an array internally?

Each question includes a correct answer (or guidelines to verifying their answer in some of the more open ended questions) so you can ensure the interviewee is competent in the language and its use. Keep in mind, however, that this should not be considered required knowledge for a developer - that's up to what the organization needs and what level they're trying to fill.

tagged: vital interview guide questions answers developer assessment

Link: http://www.toptal.com/php#hiring-guide

Zend Blog:
Running a PHP Cluster on AWS
Dec 24, 2015 @ 10:33:17

On the Zend Blog they've posted a new guide showing you how to create a PHP cluster in AWS using the Zend Server software to help make things easier.

Running a cluster of PHP servers on AWS can be a complex task to say the least, and in this article we will look into the various tasks involved in managing a PHP clustered environment. We will look into why it can be a complex and tricky task and how Zend Server help alleviate the pain involved.

They start by introducing the guidelines of the challenge, easily creating the set of PHP nodes with simpler maintenance abilities, monitoring and session sharing included. While this isn't a step-by-step guide per-se, it does give you a good idea of some of the technology needs around clustering PHP instances (and how Zend Server (Cluster) helps solve some common issues). This includes screenshots of the interfaces used for these common tasks like:

  • Upgrading and synchronizing PHP code
  • Propagation of changes in PHP configuration
  • Monitoring of PHP log and events
  • PHP sessions sharing
tagged: zendserver zend guide aws amazonwebservices cluster zendservercluster

Link: http://blog.zend.com/2015/12/22/running-a-php-cluster-on-aws/#.Vnv0ypMrLyI

Joshua Thijssen:
My guide to commenting on joind.in
Dec 21, 2015 @ 10:44:16

If you've been to any PHP conference (or attended a PHP-related online event) in recent years, you probably have heard of the speaker/event feedback site Joind.in. The concept is simple: when you attend a talk or event you go to the site, give the speaker a star rating and leave them comments. This gives the speakers direct feedback on how they did and where they can improve. There's a a trick to giving valuable feedback, though, and Joshua Thijssen has posted some helpful tips to guide you and your comments in the right direction.

The joind.in website can be considered a presenter’s portfolio: it contains a list of talks they have done in the past (and where), plus it contains reviews from attendees. [...] This is why many conferences and presenters will talk about joind.in and ask you to rate and comments on their talks: it gives them feedback on how you experienced the talk, what can be improved to make it even better, and gives the presenters more chance to get accepted on even the larger conferences, where sometimes there are only 50 slots, but over 500 people submitted talks).

[...] Even though commenting and rating talks by itself isn’t really difficult and is quick to do so, there are some common “mistakes” and pitfalls which I’d like to discuss.

He breaks it down into five main points, elaborating on each as he goes through them:

  1. Stars don’t tell you everything
  2. Rate the presentation and speaker, not your expectations.
  3. Don’t punish the presenter for external faults
  4. Comment anonymously
  5. Give suggestions on how to improve

For each one he also gives examples of good feedback versus comments that aren't as helpful to the speaker. Each one of these is an easy trap to slip in to, so remember them next time you're giving a speaker feedback (even if it's not on Joind.in!).

tagged: speaker feedback useful commenting joindin event conference guide

Link: https://adayinthelifeof.nl/2015/12/17/commenting-on-joindin.html

Community News:
A Field Guide to ElePHPants
Dec 02, 2015 @ 09:13:51

If you've been around the PHP community (or language) for any amount of time, you've noticed that the mascot for the language is an elephant. Back in the mid-2000s this mascot made a move into the real world and the first blue elePHPants were released as plush toys. Since then several different groups and companies have produced their own versions with their own colors and logos. There's several of them out there and the Field Guide to ElePHPants site lists them all.

The PHP elephpant, Elephpas hypertextus, was first sketched by Vincent Pontier in 1998. For ten years it was only seen in drawings. The plush elephpant was first sighted in 2007. Since that time a large number of variations have been observed in the wild.

The site covers fun facts about their overall appearance, identification of the generations, their "natural habitat" and how they're distributed. They then list each of the elePHPants including pictures, talking about the origins of each and several that are "coming soon" from other groups/conferences. Some of the elePHPants are more rare than others (like the Gold of which only one was produced) but more and more are coming on the scene all the time, usually as a part of Kickstarter campaigns.

tagged: field guide elephpant color company group

Link: http://afieldguidetoelephpants.net

Paragon Initiative:
How to Safely Implement Cryptography Features in Any Application
Oct 07, 2015 @ 11:51:41

The Paragon Initiative blog has posted a new article showing you how to safely implement cryptography in any PHP-based application (or really just about any application) with the help of libsodium.

Why not {Mcrypt, OpenSSL, Bouncy Castle, KeyCzar, etc.}? These cryptography libraries are really building blocks that by and large must be used, with expert care, to build the interfaces you want developers to use. In most cases, libsodium is the interface you want developers to use. [...] By default, these libraries don't provide [authenticated encryption](https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken). Most of them force developers to use RSA (or ECDSA but certainly not EdDSA), which is [hard to get right](http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html) and for which [index calculus attacks are improving each year](https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2501/original/20141227.pdf).

He goes on to talk about NaCI as a possible option (libsodium is from a fork of it) but points out that NaCI isn't as easily available as libsodium to non-C/Python developers. He shares a few reasons why he thinks "libsodium is so great" and a few reasons not to use it (mostly dealing with outside limitations, not technical ones). Finally he points you in the right direction to help you get started using libsodium for PHP as a PECL extension.

tagged: cryptography feature safe guide tutorial introduction pecl extension

Link: https://paragonie.com/blog/2015/09/how-to-safely-implement-cryptography-in-any-application

Rob Allen:
The beginner's guide to contributing to a GitHub project
Sep 24, 2015 @ 12:08:10

If you've ever wanted to contribute to an open source project but didn't have any idea where to begin, Rob Allen has a few suggestions to help you get started. His guide is a bit more on the technical level than others that talk more about finding a project or community to be a part of, though.

This is a guide to contributing to an open source project that uses GitHub. It's mostly based on how I've seen Zend Framework, Slim Framework and joind.in operate. However, this is a general guide so check your project's README for specifics.

He walks you through a four step process to getting ready to contribute and make that first submission to the project of your choice:

  • Set up a working copy on your computer
  • Do some work
  • Create the PR (Pull Request)
  • Review by the maintainers

Naturally, some of this depends on the process that the project follows to take in new submissions, either from an issues list or just random buxfixes. It's a pretty standard GitHub-centric guide to follow though. He also recommends reading this article from Lorna Mitchell about code reviews and what the maintainers of most open source projects will look for in submissions.

tagged: beginner guide opensource github contribute project

Link: http://akrabat.com/the-beginners-guide-to-contributing-to-a-github-project/

Paragon Initiative:
Using Libsodium in PHP Projects
Sep 02, 2015 @ 13:25:18

The Paragon Initiative site has posted a new guide to helping you integrate libsodium into your application to provide additional cryptographic functionality in addition to things like mcrypt and crypt

You shouldn't need a Ph.D in Applied Cryptography to build a secure web application. Enter libsodium, which allows developers to develop fast, secure, and reliable applications without needing to know what a stream cipher even is.

After reading this brief electronic manual, you should know what libsodium is, what features it has, and how to install it (both the library and the PHP extension from PECL). [You should also] generally understand which cryptography tool to use for a specific scenario [and] be capable of writing production-quality code that uses libsodium.

The guide (still a work in progress) starts by explaining what libsodium is and what it has to offer over other encryption methods. It talks about the role of random data in encryption, a few basic crypto concepts (like key-based encryption and hashing) and finally gets into some of the more advanced features of the libsodium extension.

Additionally, the guide is also open source so if you'd like to contribute, just submit a pull request for consideration.

tagged: paragoninitiative libsodium guide introduction advanced encryption

Link: https://paragonie.com/book/pecl-libsodium

PHP.net:
PHP7 Migration Guide Posted
Aug 17, 2015 @ 11:29:48

The official PHP.net has posted their PHP 7 migration guide for those already on PHP 5.6.x and wanting to prepare their applications for PHP7.

Despite the fact that PHP 7.0 is a new major version, efforts were put in to make migration as painless as possible. This release focusses mainly on removing functionality deprecated in previous versions and improving language consistency. There are a few incompatibilities and new features that should be considered, and code should be tested before switching PHP versions in production environments.

The guide includes links to other pages showing things like:

  • Backward incompatible changes
  • New features
  • Deprecated features in PHP 7.0.x
  • New functions/classes/interfaces/global constants
  • Removed Extensions and SAPIs

There's also a link to some other various changes that's not completely fleshed out yet, but is evolving as PHP 7 gets closer to a final release.

tagged: php7 migration guide php56 changes update deprecation remove features

Link: http://php.net/manual/en/migration70.php

UserSnap Blog:
A Practical Guide to Building Fast Web Applications in the Cloud
Aug 14, 2015 @ 10:44:58

On the UserSnap blog Luciano Mammino has provided a guide to building fast applications in the cloud using PHP and several tools and techniques. He offers a list of six rules to follow to make building the applications fast (and fast applications).

In this post Luciano highlighted some of the most common principles you should consider while building high performing web applications (specifically on the backend part). The following concepts discussed here can be applied to any language and framework. Though this post will cover some concrete examples, design patterns and tools that are mostly used in the PHP ecosystem.

His list of rules includes tips like:

  • Avoid premature optimization
  • Defer the work you don’t need to do immediately
  • Use cache when you can
  • Prepare your app for horizontal scalability when possible

Each point comes with a paragraph or two of explanation as to why it's an issue to watch out for and some tips to help prevent it as well as tools that can help.

tagged: guide practical fast application top6 tips tools

Link: http://usersnap.com/blog/building-web-applications-cloud/

StarTutorial.com:
PHP Object-Oriented Programming Beginner's Guide
Aug 12, 2015 @ 09:45:14

For those working to move from procedural PHP into a more object-oriented world but may be having some trouble with the transition, the Star Tutorial site has a great beginner OOP in PHP guide you should check out.

They cover all of the basics you'll need to get started with objects in PHP including:

  • classes versus objects
  • visibility
  • inheritance
  • polymorphism
  • interfaces versus abstract classes

Each section is a quick definition and a bit of code to help illustrate the point. This isn't going to be a hand-holding kind of tutorial showing you each step to making an OOP application. Instead, it provides quick, high level summaries of the main OOP concepts to get you on the right road.

tagged: oop object beginner concepts guide tutorial section concepts

Link: http://www.startutorial.com/homes/oo_beginner