Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Implementing the Range Operator in PHP
Mar 07, 2016 @ 12:55:47

The SitePoint PHP blog has a new tutorial posted (a repost from this article used with permission) about implementing a new operator in the PHP core language: a "range" operator. This operator allows the definition of a range of values (integer/float) as an internal PHP representation.

In the post below, Thomas Punt implements the range operator in PHP. If you’ve ever been interested in PHP internals and adding features to your favorite programming language, now’s the time to learn! This article will demonstrate how to implement a new operator in PHP. The following steps will be taken to do this: updating the lexer, updating the parser, updating the compilation stage and updating the Zend VM. This article therefore seeks to provide a brief overview of a number of PHP’s internal aspects.

He starts with a look at the range operator and how the intended functionality would work (including when the errors would be thrown). He then goes through the steps listed above and makes additions to the source, complete with the C code to make each change. The article is not only a good look at how to add a custom operator but also gives a good overview of the internals of PHP and how things fit together.

tagged: range operator implementation language c thomaspunt tutorial

Link: http://www.sitepoint.com/implementing-the-range-operator-in-php/

Alejandro Celaya:
How to properly implement persistent login
Feb 10, 2016 @ 10:55:37

In his latest post to his site Alejandro Celaya shares some suggestions about how to make a good, safe persistent login feature for your application. This is usually referred to as the "remember me" handling and is widely used to help improve the overall user experience.

I'm sure you are familiar with those "remember me" checkboxes in login forms. They are a common way to allow a user to keep his/her session in a web application for an extended period of time when he is in a trusted computer.

One could think that it is a small and easy-to-implement feature, but it has indeed a lot of considerations. [...] In this article I’m not going to show you how to implement a persistent login in one or another programming language, but what are the good practices that should be followed when you implement it in the way you want.

He starts off with some thoughts about the wrong way to handle the persistent login (like just making a long-life cookie) and what some of the consequences could be. Instead he suggests using a cookie (with a random generated token) that's long running, maybe 2 weeks. The difference here is that this token is then refreshed once the token is validated and reset. This reduces the risk of an older token being used on another source too. He also shares some other security concerns to think about in this setup including the use of one-time tokens, potential multiple persistent sessions and when it might be good to re-prompt for the password.

tagged: persistent login security rememberme implementation advice options

Link: http://blog.alejandrocelaya.com/2016/02/09/how-to-properly-implement-persistent-login/

Evert Pot:
The problem with password_hash()
Feb 25, 2015 @ 10:51:04

Evert Pot has shared some of his thoughts about why he has a problem with password_hash (and friends). His thoughts are initially about this particular feature but they're actually wider than that.

The initial introduction and rfc for these functions made me uneasy, and I felt like a lone voice against many in that I thought something bad was happening. I felt that they should not be added to the PHP engine. I think that we should not extend the PHP engine, when it's possible to write the same API in userland, or there are significant benefits to do it in PHP, such as performance. Since the heavy lifting of the password functions is done by underlying libraries that are already exposed to userland-PHP, it didn't make sense to me to expose it as well in the core.

He includes a list of things he sees as drawbacks for new C-based functionality in PHP including the fact that it extends the "PHP specification" and forces other projects to implement it (like HHVM). He does include a few positives, though, such as the increased visibility and legitimacy, but still thinks they don't outweigh the negatives.

tagged: password hash core language c implementation opinion userland

Link: http://evertpot.com/password-hash-ew/

Nikita Popov:
PHP's new hashtable implementation
Dec 26, 2014 @ 10:20:10

In his latest post Nikita Popov gives a detailed look at PHP's new hashtable implementation and what kinds of improvements it offers over the previous methods. The "hashtable" handling is how the language references array values created during the execution of a script.

About three years ago I wrote an article analyzing the memory usage of arrays in PHP 5. As part of the work on the upcoming PHP 7, large parts of the Zend Engine have been rewritten with a focus on smaller data structures requiring fewer allocations. In this article I will provide an overview of the new hashtable implementation and show why it is more efficient than the previous implementation.

He starts with an introduction to the concept of hashtables, describing them as "ordered dictionaries" of key/value pairs that (internally) reference values in an array. He looks at the old method PHP used to make these links and how the new version, with the help of zval handling, is different. He talks about how it handles the order of elements, does lookups and the introduction of "packed" and "empty" hashtables. He ends the post with a look at this new implementation's memory utilization and what kind of performance gains we can expect with its introduction in PHP7.

tagged: hashtable array implementation php7 performance memory lookup

Link: http://nikic.github.io/2014/12/22/PHPs-new-hashtable-implementation.html

SitePoint PHP Blog:
Create a Movie Recommendation App with Prediction.io – Implementation
Sep 16, 2014 @ 10:54:16

The SitePoint PHP blog continues their series about creating a movie prediction engine with Prediction.io in this second part focusing on implementation. In the first part of the series they set up the server and configuration to make the jump into the code. This second part gets more into the application side and features working code linking the prediction engine with the TheMovieDB API.

He jumps right into the code, showing how to:

  • Fetch the data from the TMDB (via Flight and Guzzle)
  • Populate the data back into the Prediction.io database
  • Picking a random movie from the list (and outputting it to a page)
  • Get movies the engine predicts as recommendations

The recommendations are based on ratings on other movies in the database with most of that logic happening behind the scenes instead of in the PHP script. The results are then output to the page along with the other movie data.

tagged: movie recommendation predictionio server tutorial api implementation

Link: http://www.sitepoint.com/create-movie-recommendation-app-prediction-io-implementation/

PHP Town Hall:
Episode 30: Specs, Implementations, and New Engines OH MY!
Aug 26, 2014 @ 15:23:59

The PHP Town Hall podcast has posted their latest episode today with hosts Phil Sturgeon and Ben Edmunds with a few special guests: "Specs, Implementations, and New Engines OH MY!"

This week Ben and Phil are joined by core PHP developer extraordinaires Andrea Faulds and Levi Morrison. We discuss the new PHP engine spec, various RFCs, and all things internals. Also PHP 6 is officially dead, let’s have a moment of silence.

You can check out this latest episode either through the in-page audio player, by downloading over on YouTube.

tagged: phptownhall ep30 specs implementation engine podcast

Link: http://phptownhall.com/blog/2014/08/25/episode-30-specs-implementations-and-new-engines-oh-my/

SitePoint PHP Blog:
Best Practices REST API from Scratch – Implementation
Jul 24, 2014 @ 13:11:22

PHPMaster.com has posted the second part of their best practices in REST APIs series with this new post focusing more on the implementation part of things.

We ended the first part of this tutorial with all the basic layers of our API in place. We have our server setup, authentication system, JSON input/output, error management and a couple of dummy routes. But, most importantly, we wrote the README file that defines resources and actions. Now it’s time to deal with these resources.

They move on and add more functionality for creating (POST) and updating (PUT/PATCH) contacts in the system. They also show how to list contacts and add in some search handling allowing for sorting and returning only certain data. There's also some code for pagination handling, locating a single contact record, basic caching and simple rate limiting.

tagged: rest bestpractices api tutorial implementation contacts

Link: http://www.sitepoint.com/best-practices-rest-api-scratch-implementation/

SitePoint PHP Blog:
IronMQ and Laravel: Implementation
May 29, 2014 @ 12:11:07

The SitePoint PHP blog has posted the latest tutorial in their "IronMQ and Laravel" series (part two of two) showing you the actual implementation of the queue handling, building on the configuration and structure from the previous post.

Welcome back to the IronMQ and Laravel series – this is the second and final part in which we finalize our background-job enabled web app. [...] We will make a jobs table which has job_id, and the status of the job. When you put a job on the queue, the job status will be queued and when we receive the job, we set the status to running. Accordingly, after finishing it we will mark it finished.

They start out by creating the "jobs" table in MySQL (via a migration) and follow it with the matching model. A basic template is also included for viewing the current job information and populating its data. Finally, a "run" method is created in the controller to actually execute a job. Using this, they set up the image resize functionality, creating the "photo" table, model and template to output the results of the image manipulation. They've also included a simple version of the editing of the image, allowing the user to resize based on the inputted height and width.

tagged: orinmq laravel tutorial part2 implementation

Link: http://www.sitepoint.com/ironmq-laravel-implementation/

SitePoint PHP Blog:
Implementing Multi-Language Support
Apr 16, 2014 @ 12:18:39

The SitePoint PHP blog has a new post from Jacek Barecki talking about a few ways you can include multi-language support in your PHP applications. There's not much in the way of actual code here, but there are links to some other tools that can help get the job done.

Setting up a multilingual site may be a good way to attract new customers to your business or gain more participants in your project. Translating a simple site with a few static pages probably won’t probably be complicated, but more complex PHP web applications may require a lot of work when launching multiple language support. In this article I’ll present different types of content that need to be taken under consideration when internationalizing a site.

He breaks it down into five different types of content that you might want to translate:

  • Multi-language Static Content
  • Database content
  • User submitted content
  • Resources (images, videos, etc)
  • Other types of content

He wraps it up with a few recommendations including making a checklist of the things you want to translate to figure out what tools you need to use.

tagged: multilanguage support implementation content type

Link: http://www.sitepoint.com/implementing-multi-language-support/

HHVM Blog:
Implementing MySQLi
Feb 27, 2014 @ 11:15:39

On the HHVM blog today a new post talks about some of the work they've been doing to introduce one of the common PHP extensions, MySQLi, into the HHVM system. The post walks you through some of the process the author followed to work up the implementation.

To prepare for what was to be my big project, I rewrote the ini parser to better match Zend. [...] After warming up with the parser, I was ready to start my big project: implement MySQLi. This has been a long requested feature for HHVM. And, this extension is required to help meet our compatibility goals.

He walks you through some of the preparation steps for the work integrating the extension and the tools used for these initial steps. He briefly steps through the actual implementation and the testing of the feature (and some changes made to allow the tests to run faster). He mentions a few roadblocks hit along the way, the current status of the effort (182 passing tests, 114 failing) and some of the missing pieces yet to be worked.

tagged: mysqli hhvm hiphop facebook virtualmachine implementation

Link: http://www.hhvm.com/blog/3689/implementing-mysqli