Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Zend Framework Bites:
Episode 1 (Zend Expressive & Middleware)
Mar 30, 2016 @ 11:51:40

There's a new podcast to add to the mix that's posted its first episode: Zend Framework Bites from Matthew Setter of the Free The Geek podcast.

Quick bites of Zend Framework. Find out what's going on, what's new, and how to use it, in less time than it takes to drink a coffee. [...] Today let’s look at the latest iteration of Zend Framework - Zend Expressive. Specifically, I'm talking about one of the core concepts - middleware.

You can listen to this quick bite of quality Zend Framework content using the in-page audio player or you can subscribe a few different ways including iTunes and RSS.

tagged: zendframeworkbites ep1 zendexpressive middleware briefsfm

Link: https://www.briefs.fm/zend-framework-bites/2

Inviqa Blog:
An Introduction to PSR-7 in Symfony
Mar 18, 2016 @ 09:58:44

The Inviqa blog has posted a tutorial that gets in to the details of using PSR-7 compatible functionality in Symfony through the introduction of middleware into your application.

The PSR-7 standard, which describes common HTTP message interfaces, is a big step towards interoperability across different PHP libraries. The standard was introduced not long ago, but you can already use libraries compatible with this recommendation within your Symfony-based application.

[...] A step toward more homogeneity was achieved when the PHP Framework Interop Group accepted PSR-7 in May 2015. This recommendation describes common HTTP message interfaces. The biggest benefit the PHP community gets from the standard is a potential for interoperability across different PHP libraries. You can already use libraries compatible with this recommendation within your Symfony-based application thanks to the Symfony PSR-7 Http Message Bridge.

The tutorial then shows how to use this message bridge to convert the current Symfony HTTP request and response instances over to follow the PSR-7 structure (essentially a wrapper around it). They then show how to use this functionality in a simple Symfony controller, taking advantage of an event listener to automatically convert the request based on type hinting in the controller method. Finally they talk about middleware, what they are and how they fit into the flow of a web request/response structure.

tagged: psr7 symfony introduction middleware bridge request response controller

Link: http://inviqa.com/blog/2016/3/3/an-introduction-to-psr-7-in-symfony

Matthew Weier O'Phinney:
Expressive 1.0 in the Wild!
Jan 29, 2016 @ 09:33:08

In a new post to his site Matthew Weier O'Phinney has announced the release of Expressive v1.0 from Zend. The Expressive framework is PSR-7 based with a heavy emphasis on middleware and the reuse of other components to make a basic framework structure.

A few hours ago, we pushed Expressive 1.0.

This is a huge milestone for the ZF3 initiative; I've even called it the cornerstone. It signals a huge shift in direction for the project, returning to its roots as a component library. Expressive itself, however, also signals the future of PHP applications we envision: composed of layered, single-purpose PSR-7 middleware.

He also links to this post on the Zend Framework blog with more information about the release including what's new in 1.0.0 (hint: not much) and what you can look forward to in the future from the framework. He mentions some of the other PSR-7 frameworks out in the PHP ecosystem right now and some of the reasoning behind the project being created in the first place. He also talks some about how it was started and some of the feedback/contributions they've received since then.

tagged: expressive zend release stable framework psr7 middleware component

Link: https://mwop.net/blog/2016-01-28-expressive-stable.html

Abdul Malik Ikhsan:
Using Routed Middleware class as Controller with multi actions in Expressive
Jan 06, 2016 @ 11:54:38

In this post to his site Abdul Malik Ikhsan shows you how to use a middleware class that does some extra routing as a "controller" in your Zend Expressive application.

If you are familiar with frameworks with provide controller with multi actions functionality, like in Zend Framework 1 and 2, you may want to apply it when you use ZendExpressive microframework as well. Usually, we need to define 1 routed middleware, 1 __invoke() with 3 parameters ( request, response, next ). [...] What if we want to use only one middleware class which facilitate [multiple] pages?

He shows how to take a sample route configuration for an "album" endpoint and handle it via an AbstractPage class that performs a bit of reflection on the request to route things the right way. Then the "controller" is created by extending this abstract class and functions are defined for each action, complete with access to the request, response and next middleware objects.

tagged: zend zendexpressive routing middleware controller reflection actions tutorial

Link: https://samsonasik.wordpress.com/2016/01/03/using-routed-middleware-class-as-controller-with-multi-actions-in-expressive/

Matt Stauffer:
Middleware groups in Laravel 5.2
Dec 23, 2015 @ 09:28:31

In the next part of his series spotlighting features in the most recent release of the Laravel framework (5.2), Matt Stauffer continues with a look at middleware groups.

When you are creating a site of any significant size in Laravel, your routes file will often get pretty large. One of the first things I do in a new site is group my routes by logically distinct sections like "admin", "auth", "public". Usually each of these groups get their own set of middleware—admin, for example, gets auth. Maybe the API group gets a different auth middleware, and it might get an API-specific rate limiter or something else.

Laravel 5.2 has introduced something called middleware groups, which are essentially a shortcut to applying a larger group of middleware, using a single key.

He takes his example above and makes an "admin" middleware group that lets you combine individual middlewares into a single callable set. He shows how to update your HttpKernel.php file with the new "auth" group and nest the "web" and "auth" middleware inside. He talks briefly about how this handling has changed from 5.1, pointing out that things without the "web" middleware will not have access to cookies/sessions/CSRF handling. He then includes an example showing how to use this "admin" grouping in your routes, either directly on a route or through a route grouping.

tagged: laravel route middleware group tutorial

Link: https://mattstauffer.co/blog/middleware-groups-in-laravel-5-2

Matt Stauffer:
API rate limiting in Laravel 5.2
Dec 21, 2015 @ 09:34:33

Matt Stauffer continues his series looking at the improvements in Laravel 5.2 with this new post talking about the included rate limiting functionality.

More and more of my work in Laravel lately has been creating APIs. I have a manual rate limiter class I've been using, but I've had a sense that there's a cleaner way to do it. Unsurprisingly, when Taylor set out to write a rate limiter middleware for Laravel, he did it cleaner and better than I had.

Matt briefly introduces the concept of rate limiting and how some optional headers (in the X- family) can be used to let the end user/script know when their requests will be rate limited: X-RateLimit-Limit, X-RateLimit-Remaining and Retry-After. He then gets into the example of it in use, showing how to simply add the middleware to the routing and the results in the HTTP response. He ends the post with a bit on customizing the middleware, updating both the times per minute setting and a "block" time limit for when to completely block out the user.

tagged: rate limit laravel v52 api middleware tutorial example

Link: https://mattstauffer.co/blog/api-rate-limiting-in-laravel-5-2

BitExpert Blog:
Using Prophiler with zend-expressive
Dec 16, 2015 @ 10:27:02

On the latest post on the BitExpert blog Stephan Hochdörfer has a post about using the Prophiler tool with a Zend Expressive application to add simple profiling and metric output to your application. Zend Expressive is the latest framework release from Zend that makes heavy use of middleware and interoperable components to make a simple, lightweight framework.

A few weeks back we released a Prophiler PSR-7 middleware which we created during a hack session on Adroit, our little, clever ADR middleware implementation. I`d like to show you how to integrate the Prophiler middleware in a zend-expressive application. As it turns out this is super simple.

The post includes the code you'll need to implement the middleware as a part of the execution flow in the Expressive request handling. It also includes the simple Factory class you'll need to hook into the middleware system to return a new Profiler middleware instance.

tagged: prophiler zendexpressive framework middleware psr7 example

Link: https://blog.bitexpert.de/blog/using-prophiler-with-zend-expressive/

Zend Framework Blog:
Zend Framework 3 Update and Roadmap
Nov 26, 2015 @ 09:47:33

On the Zend Framework blog they've posted the roadmap and latest updates on the work being done for the next major version of the framework: Zend Framework 3.

In October, while at ZendCon, I presented a talk on Zend Framework 3 entitled "Components, PSR-7, and Middleware: Zend Framework 3." You can view it online, but this post discusses current status, details some decisions, and points to the work still to be done. It's a long read; grab a warm beverage, maybe some popcorn, and take your time.

They start by outlining some of the major concepts that ZF3 integrates and are key to how it will handle requests:

  • the component-based system it's built on, making major use of Composer-style packages and installation techniques
  • using the PSR-7 standard for handling of HTTP requests and responses
  • the use of middleware to modify the request/response and add logic

Finally, they get into the overall view and roadmap for the framework. They talk about the ServiceManager/EventManager, the role middleware plays in the request dispatching and the goal of reducing dependencies. The post ends with a look at the improvements they're striving for with new and better documentation and the next steps in the roadmap for the coming months.

tagged: zendframework3 roadmap update overview psr7 middleware component documentation

Link: http://framework.zend.com/blog/zend-framework-3-update-and-roadmap.html

Rob Allen:
Writing PSR-7 middleware
Nov 05, 2015 @ 13:48:58

In this new post to his site Rob Allen talks about PSR-7 compatible middle ware and shows examples of writing it to work with frameworks that support the PSR-7 structure. His examples revolve around Slim 3 but could be used in other supporting frameworks just as easily.

Within Slim 3's Request object, there's a method called getIp() which is determines the client's IP address. However it's rather simplistic and potentially risky as it checks the X-Forwarded-For header with no ability to ignore this header or whitelist whether we trust the final proxy in the chain. Determining the client's IP address is an ideal use-case for middleware as we can inspect the headers in the request and then set an attribute so that middleware further down the chain can use it.

With this goal in mind, he shows how to create the middleware that uses the __invoke method to execute the required logic and call the next middleware in the chain. In his example he makes use of a pseudo-method determineClientIpAddress that does the work of detecting the IP address and then sets the value as a part of the request object (as an attribute). He also shows how to configure the middleware to select an attribute name and how to attach the middleware to a few different framework types.

tagged: pst7 middleware slim3 framework ipaddress tutorial

Link: http://akrabat.com/writing-psr-7-middleware/

Joshua Sampia:
CORS Slim PHP Setup
Nov 05, 2015 @ 10:38:47

In this post to his site Joshua Sampia shows how to set up and configure CORS in your Slim-based application. CORS or Cross-Origin Resource Sharing, lets you further lock down what sources can access your application and some requirements around the ones that can.

Ok, another PHP post but this time it’s about setting up some middleware for a slim PHP application.

Let me set this up. We are building a simple REST API for use with a basic phone native app (both Android and iOS). Me being new to this, I wasn’t sure if the native app domain call is considered cross browser or not, plus there are some outside companies we are working with who MAY access the API as well. [...] I setup some middleware by extending the Slim Middleware class and adding them via the app.

He talks about the steps he had to take in the middleware to set up an AccessControlOrigin middleware (and two others requiring HTTPS and HTTP Basic Auth). He includes the simple code to send the required HTTP headers to support CORS on the response object and the update to his Javascript to include credentials with every request.

tagged: cors slim framework security middleware https httpbasic authentication crossorigin

Link: http://joshuasampia.com/2015/11/05/cors-slim-php-setup/