In this new post to her site Lorna Mitchell shares a handy tip for those using Ubuntu (or a Debian-based distribution) about how to manage your PHP 5.4 extensions and the "php5enmod" tool.

My shiny new VPS* runs Ubuntu 12.10 (official subtitle: Quantal Queztal. Local nickname: Quirky Kestrel) and therefore has PHP 5.4 installed. It's very new so every command I type is missing, and today I realised that included a PECL module (pecl_http, of course). [...] What's happened here is that all debian-flavoured unixes have adopted this standard for their PHP 5.4 packages, so if you're using debian, ubuntu, or any of their relatives with PHP 5.4, you'll see a directory structure like this. When you add a module to PHP, you'll add a file to the mods-available directory enabling the module and adding any config specific to it.

She points out that the "phpenmod" command, accompanied by the PECL extension to install, is the newer way to correctly get these extensions downloaded and configured correctly.

There's a new project on Github that wants to help making your phar archives for your PHP applications. The process is a little obtuse right now and Box wants to simplify it.

Box is a library and command line application for simplifying the PHAR creation process. [Features include] creating new PHARs with a simple configuration file, add and replace files in existing PHARs, extract existing PHARs, with option to cherry pick files and verify PHAR signatures.

The project is still relatively young but it looks like it's off to a good start. Phar files are a powerful tool to have in a PHP developer's arsenal but developing them can be a pain. Hopefully something like this can make life easier.

Henri Bergius has a new post to his blog showing you how to use the popular Composer package management tool to manage dependencies in Heroku applications.

While Heroku got its start from hosting Ruby on Rails applications, it nowadays supports many different environments in the Cedar stack. Node.js is what many use, but they also do support PHP. Dependency management is easy for Node.js applications as Heroku recognizes your package.json files and automatically installs the libraries needed via NPM.

Until now PHP developers haven't had this convenience, but as Composer is emerging as the default PHP package manager, I've now added support for it. Before the pull request gets accepted, Composer dependency handling can already be used by specifying my custom PHP buildpack when creating Heroku apps.

He shows you how to get it up and running with a sample application - creating the new git archive, creating the Heroku app with the custom backapack (and a "composer.json" file), setting up the main "index.php" file and push it all to Heroku. You can view his sample application here (a simple URL encoding form).

Alessandro Nadalin has a new post to his blog looking at the Composer project and using it to manage packages and dependencies in PHP applications.

Managing dependencies between pieces of software, in PHP, hasn't always been a relief: we had PEAR and PECL with their workflows and problems while, in other ecosystems, the solution to this problem has been solved in better ways, like NodeJS's NPM.

He takes a first look at the tool, describing how to get it set up, create a sample configuration (describing each section inside it) and an example of the tool's output. He also briefly touches on the Packagist website/repository and links to the instructions on how to create your own.

Stuart Herbert has put together a series of posts detailing how to get the Phix component creation and management tool installed on various operating systems.

Phix makes it extremely easy to create and maintain your own PEAR-installer compatible components for reuse in your PHP applications. Installation takes just seconds, and it's both open-source and framework-agnostic!

The OS guides help you get it installed for:

• OSX
• Fedora
• Ubuntu
• Debian
• CentOS

For more information about Phix (including helpful "getting started" details) check out the project's website.

Jason Gilmore gets "back to basics" in a new tutorial with a look at managing configuration in your ini file to tune it to just what you need.

While PHP's configuration capabilities are indeed powerful, the sheer breadth and different ways in which these configuration directives can be set are often confusing and downright intimidating to newcomers. So in this article it worth meandering from the typically intermediate-level discussion and instead offer some insight into PHP's configuration-specific infrastructure.

He starts by mentioning the phpinfo function that generates the complete list of current settings for your installation. With that in hand and an idea of what settings are out there, he starts going through some of the basics of working with ini settings - updating the php.ini, setting values via a .htaccess file and chancing them directly in the executing script.

Chris Jones has a new post to his OTN blog today pointing to two new articles by Eli White about managing malicious website use:

The techniques Eli covers will always be applicable in one form or another. They should be a fundamental part of any website architect's bag of tricks.

The first article focuses more on methods for preventing and dealing with the inevitable spamming that comes with running a larger site. Eli's experience at Digg has provided him with recommendations like creating hurdles for spammers to get past and evaluating the content (services like Defensio or Akismet are useful for this).

The second article talks about something a bit harder to deal with - when users "game the system" and find the loopholes. His recommendations to combat this sort of abuse include rate limiting, pattern matching and leaving "traps" by tracking user usage.

New on NetTuts.com there's a tutorial about using cron with PHP and how to manage the jobs your server currently runs.

The cronTab, or "Cron Table", is a Linux system process / daemon which facilitates the scheduling of repetitive tasks thereby easing up our day to day routine. In this tutorial, we'll create a dynamic PHP class that, using a secure connection, provides us with a means to manipulate the cronTab!

They explain the cron format (time and script to run) and how to set up a crontab management class that uses the ssh extension for PHP to communicate with the remote server. Their class includes methods for setting up jobs, writing them out to the cron file, removing existing jobs and dropping the entire cron file at once.

Till Klampaeckel has posted a few suggestions for you if you'd like the take the reigns of a PEAR package when it's not maintained.

One of the more frequent questions I see on the mailing lists and IRC is, "How do I take over a package?". Very often people start to use a PEAR package and then at some point encounter either a bug or they miss a certain feature. The package's state however is inactive or flat unmaintained.

He recommends a few different courses of action - first asking if there's a way to help out, then stepping it up and pushing the fixes in yourself and, finally, deciding if you really do want to maintain the package (and show it by contributing).

Brian Moon has a new post to his blog that pulls together some of his thoughts on monitoring PHP applications and how to handle the error that might be thrown.

PHP errors are just part of the language. Some internal functions throw warnings or notices and seem unavoidable. A good case is parse_url. The point of parse_url is to take apart a URL and tell me the parts. Until recently, the only way to validate a URL was a regex. You can now use filter_var with the FILTER_VALIDATE_URL filter. But, in the past, I would use parse_url to validate the URL. It worked as the function returns false if the value is not a URL. But, if you give parse_url something that is not a URL, it throws a PHP Warning error message. The result is I would use the evil @ to suppress errors from parse_url. Long story short, you get errors on PHP systems. And you don't need to ignore them.

He talks about the two-step process he's upgraded to to help monitor and handle the errors that pop up - an error handler that logs human-readable and json versions of the errors and something like Circonus to do metric tracking. He also mentions some external services recommended on twitter - HopToad and Loggly.