News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Scotch.io:
A Beginner's Guide To Composer
March 31, 2015 @ 13:48:55

The Scotch.io site has posted a guide that can help you if you're just getting started in the world of PHP packages via Composer. In this new tutorial Daniel Pataki introduces you to the tool and how to use it to install the dependencies you need.

I'm sure there are plenty of coders out there who are wondering about the benefits of using composer and many who are afraid to make the leap into a new system. In this article we'll take a look at what exactly Composer is, what it does and why it is a great tool for PHP projects.

He starts with the basics of dependency management, why it would be used in a project and how it automates the installation and integration of 3rd party libraries. From there he helps you get Composer installed and starts in on a sample "composer.json" configuration file. In his example he installs Monolog, the popular PHP logging class. He talks some about how to specify versions, locking down the dependency versions to install and installing "developer only" requirements.

0 comments voice your opinion now!
composer package dependencies library introduction beginner guide

Link: https://scotch.io/tutorials/a-beginners-guide-to-composer

U
March 24, 2015 @ 10:51:13

Paul Jones has a new post to his site showing how to merge one of the components of the Aura framework with the templating library Plates, a part of the The League of Extraordinary PHP Packages. In this post he shows how to integrate the Plates rendering engine into the Aura.Html component for use as a view layer.

Aura has its own native PHP template package, Aura.View, a direct descendant of Savant and Solar_View, as well as a cousin to Zend_View. The v1 Aura.View package used to include a helper system. Once we realized that there was no reason to tie the helper system directly to the view system, we released the helpers as a standalone Aura.Html package. This means the helpers can be used in any PHP presentation code, framework-based or otherwise.

Plates lets you register functions against its own internal handling, referencing the different elements to be rendered. He includes a code example showing this integration and how they look used in a Plates template.

0 comments voice your opinion now!
aura framework league plates templating library tutorial register

Link: http://paul-m-jones.com/archives/6111

Piotr Pasich:
Ant, composer and code quality tools
March 18, 2015 @ 11:33:47

In his latest post Piotr Pasich shares some handy tips (and tools) to help you use Composer to do some of the common tasks you might use Ant or Phing for.

I decided to start with something uncomplicated - a simple solution that could help me solve a prosaic, but annoying issue. For instance, XML format. No, I won't fight with it. I see it as great and practical, however mostly I don't need so sophisticated code to cover my needs - the yaml usually fits the purpose. [...] Yet, do I really need this flexibility [of XML configuration] when I use vagrant or docker to maintain the same environment as on the production? For 90% of PHP projects probably I won't use all of the features of the virtualization tools. I only want to install necessary libraries, check the code quality before committing or introduce fixtures. Most of those points are easily feasible in composer.

He then shows how to execute these checks through the functionality included with Composer to run custom scripts. His example measures the quality of the code based on the results first from a single run of the PHP Mess Detector (phpmd) command. He then extends this with the open source contribution he mentions earlier with his CodeQualityThreshold library allowing not only for more checks (phpmd, phpcs, phpcpd, etc) but also allows you to configure the thresholds for each class if desired. He includes an example of it in action and screenshots of the results.

0 comments voice your opinion now!
ant composer code quality phpmd commandline library codequalitythreshold threshold

Link: http://piotrpasich.com/ant-composer-and-code-quality-tools/

MongoDB Blog:
Call for Feedback The New PHP and HHVM Drivers
March 12, 2015 @ 11:33:23

The MongoDB blog has a new post asking for feedback on what the user community thinks of their approach to supporting MongoDB functionality in PHP 5.x, HHVM and even out to PHP7.

Since the PHP driver first appeared on the scene, MongoDB has gone through many changes. [...] Beyond MongoDB's features, our ecosystem has also changed. [...] During the spring of 2014, we worked with a team of students from Facebook's Open Academy program to prototype an HHVM driver modeled after the 1.x API.

[...] Although the final result was not feature complete, the project was a valuable learning experience. The C driver proved quite up to the task, and HNI, which allows an HHVM extension to be written with a combination of PHP and C++, highlighted critical areas of the driver for which we'd want to use C. This all leads up to the question of how best to support PHP 5.x, HHVM, and PHP 7.0 with our next-generation driver.

They've shared the overview of the new driver structure including three layers: the system level functionality, the extensions themselves and a MongoDB userland library. They walk through the thinking on each of the pieces of the puzzle and how they all couple together to make for a more robust, flexible system that's also easy to use.

0 comments voice your opinion now!
mongodb drivers extension mongo userland library architecture opinion feedback

Link: http://www.mongodb.com/blog/post/call-feedback-new-php-and-hhvm-drivers

Paul Jones:
Bookdown DocBook-Like HTML Output From Markdown
March 05, 2015 @ 10:49:27

Paul Jones has posted about a new tool he's worked up specifically for authors looking to write using Markdown and wanting it to generate out like DocBook results. His tool, Bookdown, uses Markdown and JSON files instead of XML configurations.

Yes, I know, there's a ton of static site generators for PHP out there already [...but they're] not DocBook-like documentation. By "DocBook-like", I mean (among other things) numbered headers, auto-generated tables-of-contents on their own pages, hierarchical multi-page presentation, and the next/previous/up linking at the top and bottom of pages.

[...] So: Bookdown. This scratches my particular itch, with very few dependencies. Bookdown, although it can be used as a site generator, is only incidentally a site generator. What it really is is a page generator, with the idea that you can integrate the pages into any other site you want.

The library is separate from the project and is written to use a dependency injection methodology to keep things decoupled and well-structured. If this sounds interesting either for personal use or if you'd like to check out the code, head over to the project site for more information.

0 comments voice your opinion now!
markdown bookdown library project docbook output static generator

Link: http://paul-m-jones.com/archives/6088

Rob Allen:
Routing to a controller with Slim
February 18, 2015 @ 10:19:08

Rob Allen has a new post today sharing an extension for Slim he's written to make working with controllers easier.

In a couple of projects that I've written using Slim Framework, I've found it beneficial to organise my code into controllers with injected dependencies; probably because that's how I'm used to working with ZF2. To make this easier, I've written an extension to the main Slim class and packaged it into rka-slim-controller which will dynamically instantiate controllers for you for each route.

His library makes it easy to define controller "paths" instead of the typical closures Slim requires to direct the request to a controller file. He gives several example routes, the code that the controller needs and shows how you can inject objects into the constructor of the controller (dependency injection).

0 comments voice your opinion now!
slimframework slim library route controller dependency injection

Link: http://akrabat.com/slim-framework/routing-to-a-controller-with-slim-framework/

Laravel News:
Debug Your App with the Laravel Debugbar
February 10, 2015 @ 09:34:12

The Laravel News site has a post introducing a tool you can use in your Laravel applications to help debug issues and performance, the Laravel Debug Bar.

The Laravel Debugbar by Barry vd. Heuvel is a package that allows you to quickly and easily keep tabs on your application during development. With a simple installation and powerful features the Debugbar package is one of the cornerstone packages for Laravel. The debugbar is already updated for Laravel 5 and I wanted to show you all the great features it includes.

The post includes instructions to get the debugbar installed (via Composer) and add it to your Laravel providers list. They walk through the basics of its features and screenshots of each. He also links you to the project documentation to provide more detail on each of the features.

0 comments voice your opinion now!
laravel debug debugbar toolbar library provider tutorial introduction

Link: https://laravel-news.com/2015/02/laravel-debugbar/

Resonant Core:
Building Secure Web Applications in PHP
February 09, 2015 @ 10:26:19

The Resonant Core blog has a post today with a selection of tips and techniques you can use to help build secure applications in PHP, preventing several of the most common issues (several as mentioned in the OWASP Top 10).

There are but two causes for the unintentional creation of insecure web applications: A lack of knowledge about security [and] bad development habits. Developers who don't know about the risks involved with writing a widget a certain way are unlikely to make the secure choice. Thanks to the work of MITRE and OWASP, the most common vulnerabilities (and their consequences) are widely known and accessible. However, when teams are under pressure to meet a tight deadline, bad habits and insecure development practices may still emerge.

Most of the examples (at least the solutions) center around a framework they've created (Tuner) but the concepts are all there and could be adapted to other tools easily. They talk about the "pain" that can come with secure coding and how the right tools can make it much easier for the developer. He talks about how the framework offers a better database interface based on PDO and prepared statements to prevent SQL injection issues (with examples for each of the CRUD operations). He also shares a list of pre-existing PHP libraries that can help make the rest of you application secure too including:

He also mentions a PHP extension that adds in scrypt support, another option for hashing strings and passwords as an alternative to bcrypt.

0 comments voice your opinion now!
secure application database sqlinjection library recommended list

Link: https://resonantcore.net/blog/2015/02/building-secure-web-applications-in-php

Pádraic Brady:
A Secure Wrapper For Downloading HTTPS Resources Using file_get_contents()
February 05, 2015 @ 09:57:41

Pádraic Brady has a new post today sharing a tool he's created to enhance the current PHP file_get_contents function with a safer, more secure alternative, the humbug_get_contents library.

With the release of PHP 5.6, there was a significant security improvement in how PHP handled SSL/TLS protections, namely that it enabled a secure set of default options. Previously, SSL/TLS was disabled by default. No peer verification, no certificate checking, and a lack of configuration options had combined to create a serious problem. You can find this problem easily by searching for file_get_contents() on github and locating a call to this function used to retrieve any HTTP resource while also having zero configuration.

An excellent example of this is Composer which uses file_get_contents() instead of curl to ensure maximum compatibility with using systems. Of course, this beggars a question. If all the SSL/TLS protections are off by default in PHP 5.3-5.5…what's stopping some irksome hacker from injecting bad code into our Composer downloads? Answer: Nothing.

The package provides a drop-in solution to the possible man-in-the-middle issues that could be caused by the native functionality. It enhances the current function with additional TLS/SSL checking for HTTPS requests on current PHP versions.

0 comments voice your opinion now!
filegetcontents security wrapper https tls ssl library

Link: http://blog.astrumfutura.com/2015/02/a-secure-wrapper-for-downloading-https-resources-using-file_get_contents/

Laravel News:
Easy Image Processing in Laravel with Glide
January 30, 2015 @ 10:06:41

On the Laravel News site there's a new post sharing a video tutorial of how to use the Glide image handling library with your Laravel-based application.

Glide is a new package by Jonathan Reinink which is an on-demand image manipulation library. In this video he shows you how to set it up and the basic usage in Laravel 5.

In the tutorial Jonathan walks you through an introduction to the library and how it wraps around the Intervention image handling. He creates a basic application that, when an image endpoint is called, output the image with any given configuration options (like height and width). Glide is one of many packages making up The PHP League.

0 comments voice your opinion now!
laravel image processing glide library thephpleague screencast video

Link: https://laravel-news.com/2015/01/using-glide-laravel/


Community Events

Don't see your event here?
Let us know!


api series podcast laravel language release wordpress library example laravel5 php7 opinion version unittest framework extension introduction voicesoftheelephpant community interview

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework