Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Laravel Random Keys with Keygen
Jan 27, 2017 @ 12:44:13

On the Scotch.io site they've posted a new Laravel-related tutorial covering the use of the keygen package to generate random keys via four generator types. These keys can be used for just about anything in your application and can be customized to fit your length and complexity requirements. One thing to note, however, is that the strings it generates are random but should not be considered strong enough to use for actual encryption purposes.

When developing applications, it is usually common to see randomness come into play - and as a result, many programming languages have built-in random generation mechanisms.

[...] When your application is required to generate very simple random character sequences like those enumerated above, then the Keygen package is a good option to go for. Keygen is a PHP package for generating simple random character sequences of any desired length and it ships with four generators, namely: numeric, alphanumeric, token and bytes.

For their example they chose to create a simple REST API service that allows for user creation, viewing users and generating a random (temporary) password using the Keygen package. They start by helping you get the package installed (via Composer) and adding an alias to your Laravel config for "Keygen" to make it easier to access. They then create the user model and add in a "setEmailAttribute" method to verify the email value submitted (for format and uniqueness). Next up is the route definition for the "user" endpoints, creation of the API controller and implementing the Keygen tool to create a random eight digit code for the user. They also include a few strategies to ensure the code generated (and the resulting hash) is unique across all users. The reminder of the post shows the full user creation, and implementing the remaining methods required to view the user's details.

tagged: laravel random key keygen tutorial package rest api

Link: https://scotch.io/tutorials/laravel-random-keys-with-keygen

Adam Wathan:
Customizing Keys When Mapping Collections
Jul 19, 2016 @ 10:52:29

Adam Wathan has a new post to his site talking about mapping with collections and customizing the keys when injecting new data into your Laravel collections.

People often ask me, “how do I specify keys when I’m mapping a collection?”

It actually ends up being a pretty interesting topic, so I decided to cover it in a short screencast, as well as in written format below.

He shows how to translate a simple set of data into a much more slimmed down version. He points out that the "map" function could be used but it doesn't allow for setting keys. Instead he talks briefly about how the problem could be solved in Javascript (returning an object instead of an array) and how to use the "reduce" method to filter and reset the data as it goes through the array. He finishes out the post talking about learning from other languages, the "toAssoc" macro on Laravel collections and mapping the data back to an array with a custom macro.

tagged: customize key mapping collection laravel object javascript example screencast

Link: https://adamwathan.me/2016/07/14/customizing-keys-when-mapping-collections/

SitePoint PHP Blog:
How to Encrypt Large Messages with Asymmetric Keys and phpseclib
Jan 20, 2015 @ 11:40:51

On the SitePoint PHP blog today David Brumbaugh shows you how to encrypt large messages with phpseclib and asymmetric keys. phpseclib is a PHP library specifically designed to handle encryption and decryption in an easy-to-use way.

Most of us understand the need to encrypt sensitive data before transmitting it. Encryption is the process of translating plaintext (i.e. normal data) into ciphertext (i.e. secret data). During encryption, plaintext information is translated to ciphertext using a key and an algorithm. To read the data, the ciphertext must be decrypted (i.e. translated back to plaintext) using a key and an algorithm. [...] A core problem to be solved with any encryption algorithm is key distribution. How do you transmit keys to those who need them in order to establish secure communication? The solution to the problem depends on the nature of the keys and algorithms.

He talks some about the difference between symmetric and asymmetric algorithms and some advice about the selection of the right one (or ones) to use in your app. He also talks briefly about the problem with RSA keys, mostly that it has limits on the amount of text it can encrypt. His solution is to "encrypt the message with a symmetric key, then asymmetrically encrypt the key and attach it to the message". He explains the encryption/decryption process step by step and starts in showing the code to make phpseclib do the work. He shows how to generate the keys, build the encrypt function and the decrypt function with about 30 lines of code each.

tagged: encrypt decrypt large message asymetric key phpseclib tutorial

Link: http://www.sitepoint.com/encrypt-large-messages-asymmetric-keys-phpseclib/

Stanislav Malyshev:
Objects as keys
Dec 15, 2014 @ 09:18:50

In his latest post Stanislav Malyshev looks at a RFC he's proposed to allow array keys to be objects including some of his thoughts behind the proposal and how he sees it being helpful to the language.

I’m going to put to vote soon another of my RFCs, namely one about “objects as keys“. So, I want to outline the case for it here and address some criticisms and questions raised while discussing it.

He starts off by answering the "why" question, mentioning specially the introduction of things like GMP numbers and how, despite them seeming to work like numbers, other things can be done with them. He talks about how you'd use this functionality "the right way" and how that'd relate back to value objects. He answers a few other questions about the proposal including why it's better than just using __toString or spl_object_hash instead. He spends the rest of the post looking at some of the implementation problems, disadvantages and some of the possible names (function names) for the handling.

tagged: object array key rfc proposal gmp number

Link: http://php100.wordpress.com/2014/12/14/objects-as-keys/

Login with LinkedIn
Jun 25, 2014 @ 10:47:16

The WebLessons.info site has a new tutorial posted showing you how to use the LinkedIn authentication handling to allow your users to log in with their own account information.

LinkedIn is a business-oriented social networking service. It is mainly used for professional networking. So if you are having an application or website that serves working professionals then its very important for you to implement login with LinkedIn in your application. By this way you can able to access the data of your users like email, work history, education etc. So now let’s dive into the coding part.

They walk you through the various steps, providing screenshots or code where applicable:

  • Creating a LinkedIn Application
  • Get the API Key and Secret Key
  • Create the database and set up the PHP configuration to connect
  • finally, the PHP code for the login form and making the request to LinkedIn

A live demo can be found here (but if you're paranoid about your credentials, I wouldn't use it) and you can download all files included in the tutorial.

tagged: linkedin login tutorial application api key secret

Link: http://weblessons.info/2014/06/25/login-with-linkedin-tutorial-php/

Ulf Wendel:
PHP Memcache access to MySQL 5.7, faster? Redis?
Dec 13, 2013 @ 12:56:50

In a new post to his site Ulf Wendel shows an alternative use for the PHP Memcache functions - using them to query MySQL tables (InnoDB) in much the same way. He also tosses in Redis as another version to compare the performance against (for fetching key/value pairs).

PHP users can use two client protocols to query MySQL 5.6 and later. Not only standard SQL access but also faster key-value access to InnoDB tables is possible using the Memcache protocol. The MySQL benchmark team reports crazy figures. Of course, on hardware that makes the average PHP meetup visitor roll his eyes and say “yeah, Oracle, *yawn*…”. I’ve repeated my plain PHP benchmarks on an i3 desktop. And, I’ve added Redis to the game.

He goes through and compares a few different things with some simple benchmarks around operations per second:

  • MySQL 5.6 Memcache vs. MySQL 5.7 Memcache vs. Memcache vs. SQL
  • MySQL vs. Memcache vs. Redis

For each he's graphed out the results of the benchmarking with some surprising results for those that may thing MySQL isn't as suited as Redis for something like this.

tagged: mysql redis innodb memcache benchmark key value

Link: http://blog.ulf-wendel.de/2013/using-phps-memcache-interface-to-query-mysql-5-7/

Jeremy Kendall:
API Query Authentication With Query Auth
Aug 15, 2013 @ 09:41:46

Jerermy Kendall has written up a post for his site showing the use of his QueryAuth library for API authentication, complete with plenty of examples. The library makes it simple to sign and verify requests based on a key, secret and parameters given.

Most APIs require some sort of query authentication: a method of signing API requests with an API key and signature. The signature is usually generated using a shared secret. When you’re consuming an API, there are (hopefully) easy to follow steps to create signatures. When you’re writing your own API, you have to whip up both server-side signature validation and a client-side signature creation strategy. Query Auth endeavors to handle both of those tasks; signature creation and signature validation.

He includes code examples showing how to create a signed request, validate the signature from an incoming request and generate randomized keys and secrets. He's also created a sample implementation as a Vagrant box that sets up a Slim framework based application and uses Guzzle to make requests. He briefly looks at some of the code that makes it work and what the raw HTTP request and response look like for the result.

tagged: queryauth api authentication signature parameter key secret tutorial

Link: http://jeremykendall.net/2013/08/13/api-query-authentication-with-query-auth

Bob Majdak:
May 16, 2013 @ 10:11:29

In a new post to his site Bob Majdak looks at using SQL in PHP and some of the challenges he's come across (some of them with his own tools). He talks about things line inline SQL, loading SQL by unique key or creating a "build object".

There is no right or wrong way, but no matter what there is no *pretty* way to do SQL inside of a PHP application. I have been having a personal debate with myself all week about how to make SQL statements nicer in an application without going to a huge DBAL package like Doctrine.

He looks at each idea and provides some of the pros and cons about each of them, noting that he hasn't quite decided on which is the best method. Some sample code is included to help clarify the points, showing the "find by unique key" version and how a more complex query might be created with the "builder object."

tagged: sql load unique key build object pros cons method inline

Link: http://catch404.net/2013/05/on-sql-in-php

Google API - Get contact list
Jul 26, 2012 @ 09:26:27

In this new tutorial on the Script-Tutorials.com site, they show you how to use the Google API (and OAuth) to access contacts information from your Gmail account.

In our new tutorial I am going to tell you about inviting friends. I think that this is the most important part for every website, a key to success. Today I will show you how to create simple and effective Gmail contact importer using OAuth authorization and API. Also, I will tell about obtaining Google API access too.

Screenshots show you how to get to the access token information you'll need to connect and the full code is included to help you get authenticated and pull down the contacts list to display in the page's HTML output.

tagged: tutorial google gmail api oauth key contacts


Zend PHP Certification Blog:
PHP Sorting Functions
Dec 21, 2011 @ 11:39:06

On the "Zend PHP Certification" blog (study notes), there's sort and natsort).

In all the countless hours I’ve spent with php, I’ve maybe used three or four of these sorting functions. I really had no idea that there is a total of eleven functions used for sorting arrays. Anyway, I’m betting that it may be useful to have these memorized before I take the Zend PHP Certification Exam so here is a brief overview of each one.

He talks about the various flags that can be used in the sorting (for regular, numeric, string and locale-based string handling) and the parameters to call for normal sorting, "natural" sorting, reverse key sorting and others. You can find specifics on these array sorting methods in the PHP manual.

tagged: sorting function array natural reverse key user