Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Maatwebsite:
Laravel Excel - Lessons Learned
Mar 20, 2018 @ 15:49:33

On the Maatwebsite Medium.com site they've posted a retrospective of their last several years of work on the Laravel Excel Open Source package.

Laravel Excel (https://github.com/Maatwebsite/Laravel-Excel) turned 4 years last November and has reached almost 6 million Packagist downloads. A good time to reflect on 4,5 years of open source development.

The article starts with a bit of history behind the initial development of the package as a simple wrapper around PHPExcel. It covers some of the initial syntax of the tool and features included from the start. The project moved on to v1.x with a complete rewrite and then into v2.x with support for the Laravel v5.x framework releases. It then talks about their "support conundrum" as they reached 1 (then, later, 6) million package downloads. They cover some of the usual project support issues, a reduction in their work on the package and how they worked to "fix it for everyone".

The post also talks about their "open source rehab" and how it changed their view from its recent "because 1 million people use it" back to making a difference in developers' lives. It finishes up talking about some of the "lessons learned" in how it worked with Laravel, a retrospective on its current state and a look forward at Laravel Excel v3.0.

tagged: laravel laravelexcel package opensource lesson learn motivation

Link: https://medium.com/@maatwebsite/laravel-excel-lessons-learned-7fee2812551

Anthony Ferrara:
A Lesson In Security
Nov 03, 2014 @ 15:11:49

In his most recent post Anthony Ferrara gives a lesson in security prompted by the recent major issue with a SQL injection vulnerability in Drupal. He gets into detail about the vulnerability itself and the ultimate question: "how could this happen?"

Recently, a severe SQL Injection vulnerability was found in Drupal 7. It was fixed immediately (and correctly), but there was a problem. Attackers made automated scripts to attack unpatched sites. Within hours of the release of the vulnerability fix, sites were being compromised. And when I say compromised, I'm talking remote code execution, backdoors, the lot. Why? Like any attack, it's a chain of issues, that independently aren't as bad, but add up to bad news. Let's talk about them: What went wrong? What went right? And what could have happened better? There's a lesson that every developer needs to learn in here.

He details (complete with code examples) where the vulnerability was, how it could be exploited and what the resulting SQL would look like when it was abused. Fortunately, the fix for the issue was relatively simple, but fixing is easy - distributing that fix is much more difficult.

How did this happen? Everyone makes mistakes. Everyone. It's going to happen sooner or later. Heck, this vulnerable code was in the database layer since 2008, and was just discovered two weeks ago. That says something about how complex vulnerabilities can be.

He suggests that the bigger lesson here isn't about who made the mistake or even the code that caused it. It's more about how it was handled, and that, in using any kind of CMS/framework like this there's always risk. People are human, people make mistakes - "the key is how you deal with it".

tagged: security drupal vulnerability detail lesson risk handle

Link: http://blog.ircmaxell.com/2014/10/a-lesson-in-security.html

Aaron Jorbin's Blog:
Commit: The Story of Writing a WordPress Patch
Aug 09, 2010 @ 17:57:17

For those that have considered contribute back to the WordPress project but weren't sure what the experience might be like, you should check out this helpful post from Aaron Jorbin with his story.

Hanging out in the #WordPress irc channel or on the wp-hackers mailing list, a question that comes up from time to time is “How do I get a bug patched”. I recently had a patch committed, so I thought I would detail the process from start to finish to help others get an idea of the process.

He shares three lessons he learned during the experience - make it easy for non-coders to see the change, getting suggestions from other developers on the patch and realizing that sometimes, a small change in one place can break other things too.

tagged: wordpress patch experience lesson

Link:

Smashing Magazine:
Lessons Learned from Maintaining a WordPress Plugin
Aug 02, 2010 @ 16:08:05

On Smashing Magazine today there's a new article from Joost de Valk about some of the things he learned from maintaining a WordPress plugin - one to help easily track your site via Google Analytics.

Recently I released a WordPress plugin for Google Analytics that adds a tracking code and dozens of various pieces of meta data to blogs. Since the release of version 4, I’ve updated it 6 times, to the point where it’s now at version 4.0.6. In this article I would like to share with you my experiences in maintaining this and other WordPress plug-ins and common good practices that I’ve distilled from that work.

He breaks it up into a few different categories:

  • Website and Account Configuration
  • Versioning Option Arrays
  • Don't Release Too Soon
  • Know Which Version People Are On
  • URLs in WordPress
  • Writing to the Root Directory
  • Rethink Your Filters
  • Never Assume
tagged: wordpress plugin learn lesson experience wordpress plugin

Link:

Matrin Rusev's Blog:
Building a PHP Framework - Lessons Learned
Feb 26, 2009 @ 18:02:32

If you're thinking of trying your hand at creating your own PHP framework, you might want to check out this post from Matrin Rusev about some of the lessons he learned (the hard way) about framework construction.

After using Codeigniter, CakePHP and Zend Framework for a while I decided to build my own framework. I wanted to include some features that I couldn’t find the way I like them in none of the projects I tested. These are some lessons I learned the hard way. I hope you’d find some useful tips for your software projects.

The post looks a a few different topics - doing good planning before development starts, using third-party libraries, planning out the syntax the components inside of your framework will use, how to handle debugging and two tools you can use to benchmark the end result.

tagged: build framework custom lesson plan thirdparty library syntax debug benchmark

Link:

Deasil.com:
Lessons to be learned from PHP
Jan 13, 2008 @ 02:04:00

In a new post to the blog at deasil.com, they talk about some of the lessons they see that can be learned from PHP and how it works/is packaged up.

PHP, though, came along with a breakthrough idea - mod_php was an everything in one install. Unlike mod_perl, mod_php gave you a programming language, templating language and extension all in one.

He advocates the PHP language developer's decisions to include everything into the core of the language which (while maybe not the best of decisions) has made PHP into one of the most practical development languages and has helped to make it one of the most popular and widely used languages on the web.

tagged: lesson learn core community popular practical lesson learn core community popular practical

Link:

Deasil.com:
Lessons to be learned from PHP
Jan 13, 2008 @ 02:04:00

In a new post to the blog at deasil.com, they talk about some of the lessons they see that can be learned from PHP and how it works/is packaged up.

PHP, though, came along with a breakthrough idea - mod_php was an everything in one install. Unlike mod_perl, mod_php gave you a programming language, templating language and extension all in one.

He advocates the PHP language developer's decisions to include everything into the core of the language which (while maybe not the best of decisions) has made PHP into one of the most practical development languages and has helped to make it one of the most popular and widely used languages on the web.

tagged: lesson learn core community popular practical lesson learn core community popular practical

Link:


Trending Topics: