Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Peter Steenbergen:
How to use PHP solarium in a Laravel project
Jul 29, 2016 @ 10:22:09

In this post to his site Peter Steenbergen shows you how to integrate SOLR searching into your Laravel application via the PHP Solarium library.

This is my second blog in a series about SOLR with the PHP Solarium library. My first blog was about the usage of OR filters to create Multi-Select facets with SOLR. With this blog item I will show you how easy it is to implement the PHP Solarium library in the Laravel framework.

He starts off with a fresh Laravel install and configures it to connect to a local SOLR server (he assumes you already have one running at this point). The he installs the Solarium library through Composer and makes a new service provider to create the client and bind it to the dependency injection container (app). To test the connection he makes a basic controller with one endpoint and an injected version of the Solarium client. With this working, he introduces the code from his previous post allowing for multi-select facet searching to return matching results.

tagged: solarium laravel project introduction solr search multiselect facet

Link: http://petericebear.github.io/laravel-php-solarium-integration-20160725/

IBM Developer Blog:
Get Started With CouchDB Using PHP and Guzzle
Jul 28, 2016 @ 13:07:48

On the IBM Developer Blog they've posted a new article from Lorna Mitchell helping you get started with CouchDB and Guzzle, making use of this popular HTTP client package to interface with CouchDB's HTTP interface quickly and easily.

In today’s post, we’ll look at how we can use CouchDB in our PHP applications, using the excellent PHP HTTP library Guzzle. Guzzle is a modern, PSR-7 compliant object-oriented PHP library that handles all aspects of HTTP in a correct and — importantly, a scalable — way. So it’s a great way to add any HTTP-interfaced services into your application (PHP 5.5 and later, does support PHP 7).

She then starts off with the installation of Guzzle via Composer and some sample code to make the initial connection to the CouchDB server (either local or remote). With the connection up and working and a "welcome" banner returned, she shows some simple operations like:

  • getting a list of all databases
  • creating a new database
  • inserting and selecting data
  • updating and deleting data

Code is provided for each of these and, thankfully, Guzzle makes it a pretty simple process and handles most of the heavy lifting on the HTTP requests for you.

tagged: couchdb guzzle introduction database http install connect crud

Link: https://developer.ibm.com/clouddataservices/2016/07/27/get-started-with-couchdb-php-guzzle/

Joseph Silber:
The new Closure::fromCallable() in PHP 7.1
Jul 26, 2016 @ 10:20:47

In a new post to his site Joseph Silber looks at a new feature that will be coming with the next release in the PHP 7.x series - PHP 7.1 - the ability to convert a callable type into an actual Closure instance.

With PHP 5.5 going EOL earlier this week and the PHP 7.1 beta expected later this month, now sounds like a good time to look into a neat little feature coming in 7.1: easily converting any callable into a proper Closure using the new Closure::fromCallable() method.

He starts with a quick refresher on what closures/callables are in PHP (or an introduction for those not already familiar) including a simple example with the reject handling on a Laravel collection. He then modifies the example to try to pass in a base PHP function. This doesn't work directly (as it's not technically "callable" how it's expecting) so he wraps the is_float in a closure instead. This is a bit of a hassle and not as reusable so he updates it for PHP 7.1 and uses the Closure::fromCallable handling to make it automatically. He follows this with another example use case: calling a private method with the array of object/method name from inside the class.

tagged: closure callable fromcallable php7 example introduction

Link: https://josephsilber.com/posts/2016/07/13/closure-from-callable-in-php-7-1

IBM Security Intelligence:
The Webshell Game Continues
Jul 20, 2016 @ 11:50:15

On the IBM Security Intelligence site there's a new article posted talking about webshells. For those not familiar with webshells, they're scripts that can be used to control servers or work as a platform to access other systems put in place by attackers. In this article they introduce some of the basics around webshells and the rise they're seeing in their use.

The IBM X-Force Research team reported an increase in PHP C99 webshell attacks in April 2016. More recently, webshells dubbed b374k made their mark with attacks that the team has been tracking over the past few months.

Although this blog highlights some features of the b374k shell, the main objective is to call your attention to the fact that PHP applications are becoming an increasingly popular choice for attackers aiming to glean your data and deface your website without much hard work. This threat should be pushed to the top of your priority list — primarily because of the power of the tool used for this type of attack, but also because of the startling increase in this attack type this year.

They start off with some of the basics of webshells, more related to the PHP versions: what they are, what kind of functionality they commonly provide and an example of the UI of a shell. They then talk about some of the common delivery methods, potential entry points of these attacks and some of the "indicators of compromise" you can use to detect them. They also include mitigations you can perform to rid yourself of these webshells including adding additional plugins/software and locking down features of PHP itself.

tagged: webshell game introduction example features attack security

Link: https://securityintelligence.com/the-webshell-game-continues/

Matt Allan:
Understanding Dependency Injection Containers
Jul 18, 2016 @ 11:54:54

In this recent post to his site Matt Allan introduces a concept that's become an integral part of most major PHP frameworks and applications recently: dependency injection containers.

If you are writing modern PHP, you will run across dependency injection a lot. Basically all dependency injection means is that if an object needs something, you pass it in. So if you have a class [...] you would pass in (inject) the object it needs (the dependency) instead of instantiating it in the class. Dependency injection makes your code more flexible and easier to test. If you want to learn more about dependency injection in general, check out this summary in the PHP The Right Way guide.

He then breaks down the main concept, the container, and how it is usually used to store instances of various objects and other functionality. He includes the code to create a simple container, allowing for closures to be set to "entries" values. He also shows how to update the simple container to allow for singleton handling, creating an object once and returning it over and over (useful in some cases).

tagged: dependency injection container tutorial introduction

Link: http://mattallan.org/2016/dependency-injection-containers/

Thijs Feryn:
What are Type Errors in PHP 7?
Jul 15, 2016 @ 09:58:19

In a new post to his site Thijs Feryn has shared an overview of the different types of type errors that can pop up in PHP 7. This includes both a text-based and video based versions depending on your preference.

PHP 7 has a concept called Type Errors. These errors are thrown on a type mismatch when interacting with functions. They can be caught just like exceptions. I created a video that explains the situation. This blog post goes into more detail and has some code examples.

The post gets into the details of the type errors including topics like:

  • new type hints that were introduced
  • how you can manually throw type errors
  • when PHP itself would throw the errors
  • type coercion

There's also a brief section about strict typing and how that changes what errors PHP might throw in your scripts.

tagged: type error php7 introduction overview video tutorial

Link: https://blog.feryn.eu/type-errors-php-7/

Helge Sverre:
Database migrations in PHP with Phinx
Jul 04, 2016 @ 11:14:55

Helge Sverre has put together an introduction of a tool perfect for anyone that's been looking for a framework-agnostic way to handle database migrations: Phinx.

Phinx is a database migration tool written by Rob Morgan in PHP, what that means is that you can tell Phinx that you want to create a new database table, add a column or edit the properties of a column by writing “migrations”.

You can then run this migration using the Phinx tool and it will connect to your database with the configuration that you specified and perform the database updates for you automatically.

He then walks you through a full introduction to the tool, breaking it down into sections:

  • Getting Phinx installed (via Composer)
  • Configuring it via a YAML file
  • Writing your first simple migrations
  • Creating database seeders (including the use of Faker data)
  • Rolling back your migrations

All of these topics come with plenty of code, configuration and output examples, helping you ensure you're on the right track.

tagged: database migration phinx library introduction faker tutorial

Link: https://helgesverre.com/blog/database-migrations-in-php-with-phinx/

Freek Van der Herten:
A package to log activity in a Laravel app
Jun 30, 2016 @ 09:46:17

In a new post to his site Freek Van der Herten shares information about a logging package they've developed for Laravel-based applications to make activity logging simpler throughout the app: laravel-activitylog.

n your apps there’s probably a lot going on. Users log in and out, they create, update and delete content, mails get sent and so on. For an administrator of an app these events provide useful insights. In almost every project we make at Spatie we log these events and show them in the admin-section of our site. [...] We made a new package called laravel-activitylog that makes logging activities in a Laravel app a cinch. In this blogpost I’d like to walk you through it.

He then goes through the basics of using the library, complete with code examples:

  • simple activity logging with messaging
  • providing the "acted on" object information
  • logging the information about who the actor was

There's also a section with details on automatic model logging, making it easier to see the changes on you data without having to log each one individually. He also shows you how to use multiple logs, providing a method to narrow down log records by type.

tagged: laravel application logging package example introduction model

Link: https://murze.be/2016/06/package-log-activity-laravel-app/

TutsPlus.com:
Internationalizing WordPress Projects: The Introduction
Jun 28, 2016 @ 10:38:01

The TutsPlus.com site has kicked off a new set of posts today with he first part of their series covering internationalization in WordPress applications.

A few years ago, I wrote about the process of internationalizing WordPress-based projects. Though I think there are some times when tutorials don't necessarily need updating, refreshing, or revisiting, there are other times in which we can all benefit from revisiting the topic.

After all, software changes from year to year, and we also gain experience as we continue to work with a given piece of software. WordPress is no different.

They'll be covering what internationalization is, how it works within WordPress, the difference between internationalization and localization and more. In this first part of the series, though, they briefly cover some of the functions and functionality you might see as a part of WordPress already to make internationalization possible.

tagged: internationalization wordpress tutorial series part1 introduction

Link: http://code.tutsplus.com/tutorials/internationalizing-wordpress-projects-the-introduction--cms-26636

Laravel News:
Easily Test Email with MailThief
Jun 24, 2016 @ 11:50:56

The Laravel News site has a post that gives you a quick introduction to MailThief, a library created by the developers at Tighten Co. to make mail testing simpler.

MailThief is a new package by Tighten Co. that provides a fake mailer for your Laravel application. This makes it easy to test email without actually sending any.

They include a simple example of a script that sends an email on user registration using Laravel's own Mail library. They also include a test for the registration action showing how MailThief can be used to "hijack" the mailer and make it simpler to get information about the mail being sent. You can find out more about the tool and what prompted it in this video from Adam Wathan.

tagged: mailthief testing unittest mailer email example introduction

Link: https://laravel-news.com/2016/06/mailthief/