News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Top 10 Z-Ray Features to Check Out
March 26, 2015 @ 09:50:23

The SitePoint PHP blog has a new post today from Daniel Berman (of Zend) with the top 10 features of Z-Ray to be sure to check out. Disclaimer: Z-Ray is a tool provided by Zend, a part of their Zend Server product.

Necessity is the mother of invention goes the famous saying. For PHP developers, there is no greater need than visibility. But developers today have a tough choice to make as they develop and debug their apps. Either use crude methods such as printing, debugging information, or storing it in a log file, or - use multiple debugging/profiling tools that are awkward and require a lot of work from the developer's side. [...] This article introduces the top 10 features of Z-Ray - an innovative new technology from Zend that makes PHP development a whole lot quicker and easier by giving developers unprecedented insight into their code - and the visibility they need to develop top-notch apps.

Among the items on their Top 10 list are things like:

  • Viewing information about page requests
  • Execution time and memory consumption
  • Showing errors and warnings
  • Viewing functions called during execution
  • Debugging features for mobile apps and APIs

Check out the full post for a list of more features and screenshots/detail on each one.

0 comments voice your opinion now!
zend zray zendserver top10 list features screenshot

Link: http://www.sitepoint.com/top-10-z-ray-features-check/

ServerGrove Blog:
Security tools for PHP projects
March 23, 2015 @ 12:19:13

On the ServerGrove blog there's a new post looking at some of the currently available PHP security tools you can use to help keep your applications safe.

Security is getting more and more important, and the PHP community has been doing great improvements in this topic during the last few years. From better configuration settings to provide some level of security by default to frameworks providing functionality to avoid common attacks such as XSS, CSRF or SQL injection. [...] Well, any piece of software can have bugs, and obviously open source projects are not an exception. The good point is that security researchers, once they find a vulnerability, it is reported and added to a database of known vulnerabilities. We basically need to find a way to avoid using code with known vulnerabilities, and there are some interesting tools out there to help us.

They list four tools that focus on different areas of the security of your application to help provide good basic coverage:

One thing to note, these are all automated tools so they shouldn't be relied upon exclusively to ensure the security of your application. Testing and evaluation of the codebase with these and other testing tools should always be done as well.

0 comments voice your opinion now!
security tools list checker advisories roave composer iniscan versionscan

Link: http://blog.servergrove.com/2015/03/23/security-tools-php-projects/

Phil Sturgeon:
PHP 7 Feature Freeze
March 16, 2015 @ 09:04:44

Phil Sturgeon has a new post to his site looking at the PHP7 feature freeze for this upcoming major PHP release (implemented as of yesterday, the 15th). In it he provides a list of features, their related RFCs and how likely they are to make it into PHP7.

Today was the feature freeze for PHP 7. That means no new votes can be started for a feature that is aimed at PHP 7.0, and would instead have to go into PHP 7.1. Instead of heading out to St Patric's Day with a bunch of New Yorkers making dubious claims about their tenuous connection to Irish ancestry as an excuse to drink, I thought it would be a good time to review some of the more recent RFCs that made it in, and those that didn't.

His list includes:

  • Remove PHP 4 Constructors
  • Spaceship Operator
  • Replacing current json extension with jsond
  • Skipping Optional Parameters for Functions
  • Constructor behaviour of internal classes
  • Reclassify E_STRICT notices

Each one has a link to the current version of the RFC, the current status and Phil's own opinion of the feature (usually just one word).

0 comments voice your opinion now!
php7 feature freeze rfc list status opinion

Link: https://philsturgeon.uk/php/2015/03/15/php-7-feature-freeze/

NetTuts.com:
What's New in Laravel 5
February 13, 2015 @ 10:24:47

The NetTuts.com site has a new post today sharing some of what's new in Laravel 5, the latest release of the popular PHP framework. Version 5 was announced back on February 5th.

The PHP community has recently been blessed with a new release of one of its most loved frameworks, Laravel. Version 5.0.1 is a major release, so not only are there some great new features available, but the architectural foundations of the framework have also been altered to some extent. So, without any further ado, I am going to dive right into the framework and show you all the good things the latest release has to offer.

He touches on a few of the main differences between version 5 and the previous versions including:

  • Differences in directory structure
  • How method injection is handled
  • The use of contracts (interfaces)
  • Route caching and middleware
  • Authentication changes
  • Events and commands

There's more on his list, each with a description and sometimes a bit of code to help explain the changes. Check out the full post for the remainder of the list and details on those listed above.

0 comments voice your opinion now!
laravel5 framework version whatsnew update upgrade list

Link: http://code.tutsplus.com/tutorials/whats-new-in-laravel-5--cms-21842

Resonant Core:
Building Secure Web Applications in PHP
February 09, 2015 @ 10:26:19

The Resonant Core blog has a post today with a selection of tips and techniques you can use to help build secure applications in PHP, preventing several of the most common issues (several as mentioned in the OWASP Top 10).

There are but two causes for the unintentional creation of insecure web applications: A lack of knowledge about security [and] bad development habits. Developers who don't know about the risks involved with writing a widget a certain way are unlikely to make the secure choice. Thanks to the work of MITRE and OWASP, the most common vulnerabilities (and their consequences) are widely known and accessible. However, when teams are under pressure to meet a tight deadline, bad habits and insecure development practices may still emerge.

Most of the examples (at least the solutions) center around a framework they've created (Tuner) but the concepts are all there and could be adapted to other tools easily. They talk about the "pain" that can come with secure coding and how the right tools can make it much easier for the developer. He talks about how the framework offers a better database interface based on PDO and prepared statements to prevent SQL injection issues (with examples for each of the CRUD operations). He also shares a list of pre-existing PHP libraries that can help make the rest of you application secure too including:

He also mentions a PHP extension that adds in scrypt support, another option for hashing strings and passwords as an alternative to bcrypt.

0 comments voice your opinion now!
secure application database sqlinjection library recommended list

Link: https://resonantcore.net/blog/2015/02/building-secure-web-applications-in-php

Phil Sturgeon:
Developer Fallacies of 2014
January 12, 2015 @ 10:50:47

Phil Sturgeon has a post with several "developer fallacies" of 2014, a tongue-in-cheek list of things that some people were sharing as facts that just weren't.

Let's take a look back at some of the silly, shortsighted or patently false things people have been saying around the PHP community, and the development community in general, starting from January 1st 2014 and going through in rough chronological order.

Included in his list are things like:

  • No programmers ever get hired by recruiters
  • Framework agnostic code takes drastically longer to develop and release than framework specific code
  • Micro-services should probably always be .jar files instead
  • PHP 7.0 is a better name than PHP 6.0 because 7 is lucky in China
  • PHPNG is Zend's response to HHVM and they are the same thing
  • Maintaining CodeIgniter - when actively used by thousands of people - is a waste of time

Of course, all of these (and the rest of the list) are false and several of them are just based on things spread word of mouth or misinterpreted when shared from one person to another.

0 comments voice your opinion now!
developer fallacies 2014 opinion list

Link: https://philsturgeon.uk/php/2015/01/10/developer-fallacies-2014/

SitePoint PHP Blog:
PHP Tips, Resources and Best Practices for 2015
January 05, 2015 @ 09:59:18

The SitePoint PHP blog has shared a list of their suggestions of the best tips, resources and best practices for 2015. This includes tips about your environments, tools and techniques you can use to improve your everyday work.

PHP has had many reputations over the years, but being insecure as a language never really was one of them. The core team, all its faults notwithstanding, is rather quick in pouncing on all security matters, and updating PHP to the latest version will often allay all worries. But the end users, such as we are, tend to mess things up. We don't update, we use outdated packages or packages with holes in them we're not aware of, we use ancient extensions… we expose ourselves to risk in some truly creative ways.

Some of the things mentioned include:

  • Keeping your PHP up to date
  • Adopt HTTPS
  • Secure your PHP
  • Stay on the Right Way
  • Avoid Bad Packages
  • Dodge common mistakes
  • Use Virtualization

Each section comes with a description and plenty of links to point you in a good direction and get you started off right for 2015.

0 comments voice your opinion now!
bestpractice tips resources list 2015 tools

Link: http://www.sitepoint.com/php-tips-resources-best-practices-2015/

Laravel News:
75 Laravel Tutorials, Packages, and Resources from 2014
December 30, 2014 @ 10:32:57

The Laravel News site has posted their own kind of wrap-up of 2014 in this latest post sharing a monthly list of tutorials, packages and resources they've found useful for the Laravel community.

2014 is coming to a close and to celebrate I put together this post of all the greatest hits each month. This features cool packages, resources, and tutorials that came out over the year.

Among the items on their list are things like:

Check out the full post for the complete list.

0 comments voice your opinion now!
laravel news top75 list package resource tutorial 2014

Link: https://laravel-news.com/2014/12/75-laravel-tutorials-packages-resources-2014/

Cal Evans:
Five influencers you should thank this year for making the PHP community so awesome
December 22, 2014 @ 11:47:56

Cal Evans, PHP community member extraordinaire, has a new post sharing his suggestions of the top five influencers in the PHP community that "make it awesome" and help make it one of the best he's been involved in.

It is no surprise to anyone who has talked to me for more than five minutes that I think the PHP community is the most vibrant and engaging developer community out there. So as we approach the end of the year, I am going to list out the influencers that help keep this community at the top. These are the people that you need to seek out and thank because without them, the PHP community would not be what it is today.

He goes with categories rather than mentioning names (because, really, there's way too many too name them all):

  • 5: Core Developers
  • 4: User Group Leaders
  • 3: Conference Organizers
  • 2: Conference Speakers, Bloggers, and Teachers
  • 1: Any developer using PHP

That last one, while it might seem like an "everyone else" kind of category, is one of the most important in my opinion. After all, what is a language without its users. Core developers and community group/event leaders wouldn't have anything to talk about if no one was there to talk. There would be no one to teach or be taught to and the core developers wouldn't have any reason to drive the language forward. Even if you're not well-known in the PHP community, you and your code are making a contribution to the community, even if only in a small way.

0 comments voice your opinion now!
top5 influencers thank opinion list core usergroup conference users blogger teacher

Link: http://blog.calevans.com/2014/12/21/five-influencers-thank-year-making-php-community-awesome/

Christoph Rumpel:
10 Things That Will Make You a Better Developer
December 15, 2014 @ 10:56:19

Christoph Rumpel has posted a list of ten things he thinks will help you be a better programmer overall.

It is easy to become a web developer these days. The only things you need is a computer and Internet. But I believe there is big difference between a developer and a good one. Good developers are like little heroes. They are awesome in what they do and are there when you need them. A real benefit to the our world and definitely someone you can look up to! I believe everyone can make this step and start being a better developer today. This is why I asked great developers from all around the world what they think makes someone a really good developer.

His list covers more than just good coding practices too. He suggests things like:

  • Experimentation
  • Reading the code of other good developers
  • Just build websites
  • Contribute to other projects
  • Watch out for the Hypetrain
  • Never give up

He includes a quick summary of each of these and the rest of the top ten list too. Be sure to check out the full post for more.

0 comments voice your opinion now!
top10 better developer opinion list

Link: http://christoph-rumpel.com/2014/12/10-things-that-will-make-you-a-better-developer/


Community Events

Don't see your event here?
Let us know!


unittest framework introduction voicesoftheelephpant library version laravel laravel5 language series extension interview security opinion release php7 api community development podcast

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework