Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

php[architect]:
Security Corner: PHP, meet Libsodium
Jan 22, 2018 @ 11:02:33

On the php[architect] site they've posted an article that appeared in their December 2017 issue, an article that introduces Libsodium (by Eric Mann), a new addition to PHP's "security toolbelt" for encryption.

By the time you read this, the PHP community should have introduced the world to the newest version of our favorite language. This latest version adds better support for type annotations, allows trailing commas in lists (just like JavaScript and other dynamic languages) and introduced several security improvements. The most notable security addition, however, is the introduction of the Sodium cryptographic library as a core extension.

In the article he covers the basics of the Sodium library (that libsodium is built on top of) and what makes it different from other encryption methods. He also talks about what's been done to support it on pre-PHP 7.2 versions including the sodium_compat polyfill library and the PECL extension for PHP 7.0+. Example code is included showing how to use this new functionality via native functions once support for it has been compiled in.

tagged: phparchitect magazine securitycorner introduction libsodium encryption

Link: https://www.phparch.com/2017/12/security-corner-php-meet-libsodium/

php[architect]:
January 2018 Issue Released - Setting up to Succeed
Jan 08, 2018 @ 11:27:15

php[architect] magazine has posted about the release of their first issue for 2018 - "Setting Up to Succeed" for January.

Setting Up to Succeed includes articles on:
  • Background Processing & Concurrency With PHP by Matthew Schwartz
  • Securing Your Site in Development and Beyond by Michael Akopov
  • Don’t Wait; Generate! by Ian Littman
  • PHP Sessions in Depth by Jeremy Dorn

    Joe Ferguson’s looks at Laravel’s Collection class in Artisanal: Using Data Collections. If you’re looking to hire this year, read The Dev Lead Trenches: Finding Someone New by Chris Tankersley. In Education Station, Edward Barnard takes over and looks at What is a Real Programmer? James Titcumb says Thank You, OSS Maintainers in Community Corner. Eric Mann explains why logging is an OWASP Top Ten 2017 ASR in Security Corner: Updates to the OWASP Top Ten—Logging. To start 2018, Eli shares his New Year’s Resolutions in finally{}.

As with all previous issues, if you'd like to "try before you buy" they've offered a free sample article, the tutorial from Jeremy Dorn covering PHP sessions in depth. You can pick up a copy of this issue for your own on the php[architect] site or subscribe for a full year of PHP goodness with either a digital or print subscription.

tagged: phparchitect magazine january2018 success issue release

Link: https://www.phparch.com/magazine/2018-2/january/

php[architect]:
December 2017 Issue Released - Talking Code
Dec 05, 2017 @ 11:56:35

The php[architect] magazine has released their latest issue for December 2017 - Talking Code. Articles in this latest issue include:

  • "Chatbots and PHP" by Katy Ereira
  • "Artificial Intelligence (AI) - The Future of Internet Services" by Kesha Williams
  • "Command and Query API Design in Magento 2" by Michiel Rook
  • "Learning Machine Learning, Part Three: Data Wrangling" by Edward Barnard

The usual columns are all returning including the Education Station, he Dev Lead Trenches and Security Corner. You can check out this issue and the rest of the articles on the issue's page on the php[archtect] website. If you'd like a sample of what's inside, be sure to check out this free article from (Eric Mann* covering one of the latest security-related features added in PHP 7.2: native libsodium support.

tagged: phparchitect magazine december2017 talkingcode issue release

Link: https://www.phparch.com/magazine/2017-2/december/

php[architect]:
November 2017 Issue Released - Modern Magento
Nov 07, 2017 @ 11:30:20

php[architect] magazine has released their latest issue - the November 2017 edition, "Modern Magento".

Articles in this month's issue include:

  • 11 Debugging Tricks in Magento by Sergii Kovalenko
  • Editing the Magento Core For Fun and Profit by Joshua Warren
  • Command and Query API Design in Magento 2 by Igor Miniailo
  • Headless and Serverless: Writing Modern PHP Applications by Eugene Tulika

All of the usual columns are returning too including the "Education Station", "Community Corner" and "Artisanal". This month's issue is completely free to give you an idea of what kind of content you can expect from the magazine. You can pick up a copy of your own (or subscribe for the year) over on the php[architect] site.

tagged: phparchitect magazine november2017 modern magento issue release

Link: https://www.phparch.com/magazine/2017-2/november/

php[architect]:
October 2017 Issue Released - Composing Software
Oct 04, 2017 @ 11:19:48

php[architect] magazine has an announcement on their site about the release of the latest edition of the publication, the October 2017 issue: Composing Software.

Articles in this month's edition include:

  • Managing Private Dependencies by Andrew Cassell.
  • Alain Schlesser writes about Uncommon Ab(Uses) of Composer.
  • Read about Building Software that Lasts by Susanne Moog.
  • Continue Building Software that Lasts by Edward Barnard.

The usual columns return as well - Education Station, Artisanal, The Dev Lead Trenches (and many more). You can pick up a copy of your own directly from the site, either opting to get the single issue or a year-long subscription. If you want to "try before you buy" and see what the content is like, you can check out this free article about managing private Composer dependencies.

tagged: phparchitect magazine october2017 composing software issue release

Link: https://www.phparch.com/magazine/2017-2/october/

php[architect]:
September 2017 Issue Release - Embracing Change
Sep 06, 2017 @ 13:18:34

php[architect] magazine has released their latest issue for September 2017: Embracing Change

Articles included in this issue include:

  • How I Git Along by Jason McCreary.
  • Karl Hughes shares True Tales of Building PHP Microservices.
  • Learn about Learning Machine Learning, Part One: Begin with What You Know by Edward Barnard.
  • How to evaluate a job offer in Jumping Ship: A Holistic Approach to Changing Jobs - Part Two by Andrew Koebbe.

...as well as many of the usual columns you know and love. You can check out the full list of articles on the php[architect] site and check out the free article for a sample of the issue's content.

tagged: phparchitect magazine september2017 embracing change issue release

Link: https://www.phparch.com/magazine/2017-2/september/

php[architect]:
Single Sign On - You’re Probably Doing It Wrong
Aug 15, 2017 @ 13:28:32

The php[architect] site has a new post today sharing an article from their August 2017 issue by author (and member of thePHP.cc) Arne Blankerts: "Single Sign On - You’re Probably Doing It Wrong ".

Requiring users to log in individually to all the websites they need for their work is more than merely annoying: It wastes a lot of time and turns maintaining log-in credentials and permissions into a nightmare for the administrative staff. Let’s see if we can fix that with a single sign-on service.

The article talks about the basics of single sign on and what kind of benefits it brings to the table. They also talk about the single point of failure it introduces and some of the problems that can cause. The article then discusses the choices involved in implementing it: Should it support authentication, authorization or both? Should OAuth be involved? What about SAML? Other alternatives are also offered including JWTs, tokens/callbacks and client side certificates. The article ends with the suggestion that a proxied approach, one that authenticates on the first request but the session is then trusted by other services, is one of the better ways to go (but isn't without its own issues either).

tagged: singlesignon article phparchitect magazine arneblankerts security

Link: https://www.phparch.com/2017/08/single-sign-on-youre-probably-doing-it-wrong/

php[architect]:
August 2017 Issue Released - Who Goes There
Aug 09, 2017 @ 11:56:33

php[architect] magazine has released their latest issue with a focus on security, authentication and authorization for August 2017 - Who Goes There:

You’ve no doubt heard HTTP is stateless, meaning a web server doesn’t know anything from one request to the next for the same client. Beyond news and information sites, however, a web application typically will need to know who you are and what you can do with it to be useful. In this issue, we look at effectively handling authentication and authorization.

The issue also includes articles like:

Many of the usual columns are back this month including the Education Station, Security Corner and the Community corner. Head over to the php[architect] website for more information about this latest issue and to pick up a copy of your very own!

tagged: phparchitect magazine august2017 security whogoesthere issue release

Link: https://www.phparch.com/magazine/2017-2/august/

php[architect]:
July 2017 Issue Released - Safe at Speed
Jul 12, 2017 @ 12:07:57

php[architect] magazine has posted their latest issue, the July 2017 edition of the magazine - Safe at Speed:

“Safe at Speed” includes articles on:
  • Setting up infrastructure from Zero to Cloud in One Hour With the Google Cloud by Robert Aboukhalil.
  • Geogriana Gligor writes on Smart, Scalable Content Distribution.
  • Brush up your front end skills with Modern JavaScript: Moving Beyond jQuery by Derek Binkley.
  • Learn how and why we must of safety first when writing code in The Train Wreck: When Safety Is Discretionary by Ed Barnard .

The regular columns are all returning too including Community Corner and a new column from Chris Tankersley called "The Dev Lead Trenches". You can get more information about this latest issue, pick up a free article and get a copy of your own from the php|architect site.

tagged: phparchitect magazine july2017 safe speed issue release

Link: https://www.phparch.com/2017/07/safe-at-speed-july-2017/

php[architect]:
Cybersecurity State of the Union
Jun 13, 2017 @ 09:25:20

On the php[architect] site today they've posted an article from their latest issue, "Secure By Design" (June 2017) by Mark Niebergall - the "Cybersecurity State of the Union".

The cybersecurity landscape is continuously changing as new threats appear and attackers adapt. Data breaches, cyber attacks, identity theft, and scams show up regularly in the news and can have a significant negative impact to those affected by them. Keeping up with the latest cyber security trends, understanding the threats, and keeping applications secure takes an investment of time and effort.

In this article, we will review the current state of cybersecurity. Notable attacks will be highlighted, trends in attacks will be analyzed, strategies to secure projects will be identified, and PHP security-related features that can help increase application security will be covered.

You can read the article either there on the site or as a free PDF. If you enjoy the article, be sure to check out the other topics in this latest issue and pick up a copy of your own.

tagged: phparchitect magazine cybersecurity stateoftheunion markniebergall

Link: https://www.phparch.com/2017/06/cybersecurity-state-of-the-union/