Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

php[architect]:
September 2017 Issue Release - Embracing Change
Sep 06, 2017 @ 13:18:34

php[architect] magazine has released their latest issue for September 2017: Embracing Change

Articles included in this issue include:

  • How I Git Along by Jason McCreary.
  • Karl Hughes shares True Tales of Building PHP Microservices.
  • Learn about Learning Machine Learning, Part One: Begin with What You Know by Edward Barnard.
  • How to evaluate a job offer in Jumping Ship: A Holistic Approach to Changing Jobs - Part Two by Andrew Koebbe.

...as well as many of the usual columns you know and love. You can check out the full list of articles on the php[architect] site and check out the free article for a sample of the issue's content.

tagged: phparchitect magazine september2017 embracing change issue release

Link: https://www.phparch.com/magazine/2017-2/september/

php[architect]:
August 2017 Issue Released - Who Goes There
Aug 09, 2017 @ 11:56:33

php[architect] magazine has released their latest issue with a focus on security, authentication and authorization for August 2017 - Who Goes There:

You’ve no doubt heard HTTP is stateless, meaning a web server doesn’t know anything from one request to the next for the same client. Beyond news and information sites, however, a web application typically will need to know who you are and what you can do with it to be useful. In this issue, we look at effectively handling authentication and authorization.

The issue also includes articles like:

Many of the usual columns are back this month including the Education Station, Security Corner and the Community corner. Head over to the php[architect] website for more information about this latest issue and to pick up a copy of your very own!

tagged: phparchitect magazine august2017 security whogoesthere issue release

Link: https://www.phparch.com/magazine/2017-2/august/

php[architect]:
Education Station: Simple, Compact Time Range Creation with Period
Jul 18, 2017 @ 10:08:48

php[architect] magazine has shared a column from their July 2017 issue, "Education Station" by Matthew Setter, looking at the use of Period for date and time handling.

For the longest time, I’ve enjoyed using PHP’s DateTime library. I’ve always found it to be relatively straightforward in creating DateTime objects for use with various applications I’ve written.

However, one thing that isn’t very simple, nor intuitive, is the ability to create time ranges—especially ones requiring some degree of sophistication, such as fiscal quarters, for financial reporting requirements. [...] It’s for [code reuse] reasons that I’m going to spend the [end] of the column introducing Period, a Time range API for PHP, maintained by The League of Extraordinary Packages.

He starts off by showing how to do things "the hard way" with the built-in PHP DateTime handling and how difficult it can be to work with ranges. In his example he tries to get the dates for a "quarter", a portion of a year usually used for business reporting purposes. He works through some of the issues he faced during the date calculations and things lie leap years and odd date ranges. He then introduces Period as a way to help solve some of these problems. He lists out the main goals of the project, installing the package and using it to get the same "quarter" dates as his attempt before.

tagged: educationstation column matthewsetter phparchitect july2017 issue period datetime

Link: https://www.phparch.com/2017/07/education-station-simple-compact-time-ranges/

php[architect]:
July 2017 Issue Released - Safe at Speed
Jul 12, 2017 @ 12:07:57

php[architect] magazine has posted their latest issue, the July 2017 edition of the magazine - Safe at Speed:

“Safe at Speed” includes articles on:
  • Setting up infrastructure from Zero to Cloud in One Hour With the Google Cloud by Robert Aboukhalil.
  • Geogriana Gligor writes on Smart, Scalable Content Distribution.
  • Brush up your front end skills with Modern JavaScript: Moving Beyond jQuery by Derek Binkley.
  • Learn how and why we must of safety first when writing code in The Train Wreck: When Safety Is Discretionary by Ed Barnard .

The regular columns are all returning too including Community Corner and a new column from Chris Tankersley called "The Dev Lead Trenches". You can get more information about this latest issue, pick up a free article and get a copy of your own from the php|architect site.

tagged: phparchitect magazine july2017 safe speed issue release

Link: https://www.phparch.com/2017/07/safe-at-speed-july-2017/

php[architect]:
June 2016 Issue Released - Secure By Design
Jun 02, 2017 @ 13:36:27

php[architect] magazine has announced the release of the latest issue for June 2017: Secure By Design:

In this issue, focused on security and secure development, articles include:

  • Analyzing for security in "Nuclear Powered Software Security" by Chris Riley.
  • Mark Niebergall surveys the "Cybersecurity State of the Union".
  • "Make your site anonymous via Tor in The Digital Speakeasy: Secure and Anonymous Access to Your Website" by Dustin Younse.
  • "High performance data exchanges using Googles Protocol Buffers" by Christopher Mancini.

There's also the usual set of columns returning this month covering topics like image manipulation, burnout and spurring community involvement. If you're interested in the magazine but want a "try before you buy", check out the free article for this month (the "State of the Union"). If you enjoy the article or just want to pick up a copy of the issue to call your own, you can order a print or digital copy directly from the php[architect] site.

tagged: phparchitect magazine june2016 security securebydesign issue release

Link: https://www.phparch.com/magazine/2017-2/june/

php[architect]:
May 2017 Issue Released - Uncanny PHP
May 04, 2017 @ 10:53:01

php[architect] magazine has announced the release of their latest issue - the February 2016 edition. Articles in this issue include:

  • Using PHP, Vue.JS for Visualization of Workflows in an Event Sourced Application by Dustin Wheeler.
  • John Congdon writes on getting started with Vue.js in Look at the Vue From Here.
  • Keep your site secure by following Cryptography Best Practices in PHP by Enrico Zimuel.
  • Scaling to handle high-volume login with PHP Prepared Statements and MySQL Table Design by Ed Barnard.
Also this month, Matthew Setter shares how to use Qafoo Quality Analyzer, to measure how good your committed code is. David Stockton outlines why you should be doing Code Reviews and different ways of implementing them with your team. Community Corner is about the importance of being a better listener. Joe Ferguson continues accelerating your project setup so you can hit the ground running. Chris Cornutt reviews the proposed OWASP Top 10 update in Security Corner. To cap off the issue, Eli White explains why Happiness is a Boring Stack.

You can find out more about this issue on the php[architect] site or just head over and pick up your issue right away.

tagged: phparchitect magazine may2017 uncanny issue release

Link: https://www.phparch.com/magazine/2017-2/may/

php[architect]:
April 2017 Issue Released - Spring Renewal
Apr 07, 2017 @ 10:55:54

php[architect] magazine has posted an announcement about the release of their latest issue for April 2017: Spring Renewal:

Hot off the virtual presses, the April issue of the magazine is available to download. This month, we look at new things to make your application code better and more secure.

[...] In our regular columns for April, Matthew Setter evaluates using Rocketeer, a PHP-based deployment tool. David Stockton will explain Value Objects and how they can make your code less ambiguous. Cal Evans writes on why training is important in Community Corner. Joe Ferguson will get you started on using Homestead for easily setting up a local development environment. In his finally{}, this month Eli White analyzes the results of a recent Stack Overflow developer survey.

Other articles included in this month's' issue cover topics like multifactor authentication, making remote API requests and PSR-7. You can get a copy of this issue (or subscribe for a year's worth of PHP goodness) on the php[architect] site.

tagged: phparchitect magazine april2017 springrenewal issue release

Link: https://www.phparch.com/2017/04/back-to-the-drawing-board-march-2017-copy/

php[architect]:
March 2017 Issue Released - Back to the Drawing Board
Mar 06, 2017 @ 12:51:53

The php[architect] site has announced the release of their March 2017 issue - Back to the Drawing Board:

The March issue of the magazine is ready for you to download. In this issue, we look at some server related technologies to keep your PHP application humming.

Articles featured in this issue include:

  • Chris Pitt looks at using WebSockets and asynchronous PHP to build a multiplayer code school by manipulating a Minecraft server.
  • Chris Tankersley looks at the evolution of deployment solutions for Docker containers in Deploying to Docker Swarm.
  • Jack Polifka shares his advice on Pursuing a Graduate Degree as Professional Development. He’ll explain the skills you’ll learn and how they’re applicable throughout your career.

You can find out more about this issue and pick up a copy of your own directly from the php[architect] website. You can either get just the single issue or subscribe for a year, either print, digital or a combination of the two.

tagged: phparchitect magazine march2017 drawingboard issue release

Link: https://www.phparch.com/2017/03/back-to-the-drawing-board-march-2017/

Mattias Geniar:
Mitigating PHP’s long standing issue with OPCache leaking sensitive data
Feb 28, 2017 @ 11:39:33

In a new post to his site Mattias Geniar looks at an old security issue in PHP, opcache information leakage and how to mitigating the issue.

A very old security vulnerability has been fixed in PHP regarding the way it handles its OPCaches in environments where a single master process shares multiple PHP-FPM pools. This is the most common way to run PHP nowadays and might affect you, too.

He starts by talking about the vulnerability itself, that the PHP process doesn't validate the userid when fetching cached bytecode. This could result in information from other operations/scripts being exposed to other processes in a PHP-FPM pool. His solution? Upgrade PHP (the bug is fixed back in PHP 5.6.5) and set a few additional opcache ini settings to enforce the validation. Besides 5.6.29, it was also corrected in the PHP 7 releases (7.0.14 and 7.1.0). The post then talks about the potential exploit - an indirect local privilege escalation to root where the shared memory is read and access to outside information is possible.

tagged: opcache bytecode security issue leak sensitive information mitigation

Link: https://ma.ttias.be/mitigating-phps-long-standing-issue-opcache-leaking-sensitive-data/

php[architect]:
January 2017 Issue Released - Blueprints for Success
Jan 04, 2017 @ 11:29:12

php[architect] magazine has released their first issue of 2017 with their January edition - Blueprints for Success.

Happy New Year, dear reader! Let’s get ready to take on the challenges of the next 12 months. As always, a new year brings a sense of a “fresh slate” for our personal and professional goals. This month, we’ve collected articles that will help you in planning before you dive into your code editor.

Articles in this month's edition include:

  • "Mirror, Mirror on the Wall: Building a New PHP Reflection Library" (by james Titcumb)
  • "Writing Better Code with Four Patterns" (by Joseph Maxwell)
  • "Capturing an API’s Behavior With Behat" (by Michael Heap)

...and, of course, the columns you know like "Education Station" and "Community Corner". You can find out more about these articles and columns on this page for the issue and pick up a copy of your own.

tagged: issue blueprint january2017 magazine phparchitect release

Link: https://www.phparch.com/magazine/2017-2/january/