News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Barry vd. Heuvel:
CSRF Protection in Laravel explained
February 23, 2015 @ 11:52:59

Barry vd. Heuvel has a recent post to his site explaining how the Laravel framework has implemented CSRF protection natively. CSRF is short for Cross-site request forgery and is a type of security vulnerability.

In this blog we take a closer look into CSRF protection in Laravel. We compare the difference between the CSRF filter in Laravel 4 and the current VerifyCsrfToken middleware in Laravel 5.

He start with a quick look at why CSRF protection is even needed and what kind of problems it can cause. He shows how the CSRF protection was enabled in the Laravel 4 routing and how, in Laravel 5, the token evaluation was updated to use the hash_equals to prevent timing attacks. He then gets into the details of the middleware and how it handles the protection for you (including detection and use of the X-CSRF-TOKEN header).

0 comments voice your opinion now!
csrf protection laravel laravel5 middleware xcsrftoken header

Link: http://barryvdh.nl/laravel/2015/02/21/csrf-protection-in-laravel-explained/

Barry vd. Heuvel:
Using StackPHP middleware in Laravel5
February 19, 2015 @ 09:49:24

Barry vd. Heuvel has a new post sharing a method he's found for using StackPHP middleware with Laravel 5 and provides a library of his own to make moving between the middleware types easier.

In version 4.1, Laravel introduced compatibility with StackPHP middleware. [...] In Laravel 5, a lot of things changed. And with those changes, Laravel also removed the support for StackPHP middleware and introduced its own middleware contract.

As the two types of middleware have interfaces that slightly conflict, he shows how to convert from one to the other (a relatively simple change). He then shows how to use the middleware in a Laravel 5 application, but brings up a "chicken and the egg" situation where a wrapper for the HttpKernelInterface is needed for correct injection. To that end he created two simple wrappers, the ClosureMiddleware and ClosureHttpKernel handlers that can be used to simplify this middleware translation.

0 comments voice your opinion now!
stackphp middleware laravel5 convert wrapper closure

Link: http://barryvdh.nl/laravel/2015/02/18/using-stackphp-middleware-in-laravel-5/

Matthew Weier O'Phinney:
PSR-7 By Example
January 29, 2015 @ 09:13:20

As a part of his involvement in the PHP-FIG standards group, Matthew Weier O'Phinney has been contributing to the PSR-7 proposal. This proposal defines a standardized structure for HTTP message handling. In his latest post he gets into a bit more detail on what this means for the PHP developer and how it might be implemented.

PSR-7 is shaping up nicely. I pushed some updates earlier this week, and we tagged 0.6.0 of the http-message package last week for implementors and potential users to start coding against. I'm still hearing some grumbles both of "simplify!" and "not far enough!" so I'm writing this posts to demonstrate usage of the currently published interfaces, and to illustrate both the ease of use and the completeness and robustness they offer.

He starts with a base definition of what the proposal, well, proposes around HTTP messaging, both the incoming and outgoing. He describes the basic structure of an HTTP message and what each part represents. He talks about message headers, bodies and how the current library could return that content. He then looks at requests vs responses, server-side requests and some various uses cases and more practical examples:

  • HTTP Clients
  • Middleware
  • Frameworks

With the PSR-7 standard in place, all of these different tools could have interchangeable interfaces for HTTP request/responses, easily swappable with any other implementation.

0 comments voice your opinion now!
psr7 http message request response summary tool framework middleware client

Link: https://mwop.net/blog/2015-01-26-psr-7-by-example.html

Hari KT:
Conduit The Middleware for PHP
January 22, 2015 @ 10:22:16

In his latest post Hari KT looks at Conduit, a middleware system that lets you build PHP applications out of various pieces (the middleware) according to the PSR-7 specification (for HTTP messaging).

Long back, I happened to talk with Beau Simensen about stackphp on #auraphp channel. It was hard for me to digest when I noticed it need symfony/http-kernel and its dependencies. After a few months, I started to like the middleware approach of slim framework and wanted to push it to aura. But nothing happened there. Conduit is a Middleware for PHP built by Matthew Weier O'Phinney lead of Zend framework. Conduit supports the current PSR-7 proposal. I believe like the many PSR's, PSR-7 will be a revolution in the PHP world. Conduit is really a micro framework and can grow with your project.

Hari walks you through getting the tool installed and includes an example route that just echoes "Hello conduit!"back to the user. With that in place, he shows how to add in some middlewares, chosing the Aura router and dispatcher for more complex route handling, and integrating them into a simple controller/action microframework structure.

0 comments voice your opinion now!
conduit middleware psr7 proposal mwop tutorial auraframework

Link: http://harikt.com/blog/2015/01/21/conduit-middleware-for-php/

Matthew Weier O'Phinney:
On HTTP, Middleware, and PSR-7
January 09, 2015 @ 11:38:17

Matthew Weier O'Phinney has a new post to his site today with a thought about how to make the Zend Framework (both ZF1 & ZF2) easier for developers to get into and use. He suggests that middleware might be the answer.

As I've surveyed the successes and failures of ZF1 and ZF2, I've started considering how we can address usability: how do we make the framework more approachable? One concept I've been researching a ton lately is middleware. Middleware exists in a mature form in Ruby (via Rack), Python (via WSGI), and Node (via Connect / ExpressJS); just about every language has some exemplar. Even PHP has some examples already, in StackPHP and Slim Framework.

[...] The idea is that objects, hashes, or structs representing the HTTP request and HTTP response are passed to a callable, which does something with them. You compose these in a number of ways to build an application.

He gives some examples of current frameworks and libraries that make use of the middleware idea, showing both object and callable methods. He points out that, while middleware is approachable and makes a developer's life easier, it's not something PHP can internally handle. He covers the things a PHP developer would need to access just to get the complete details about a HTTP request and that what's really needed is good HTTP abstraction handling, something the PHP-FIG group has been working on as a part of PSR-7. He includes some examples of how it might be used and where middleware would fit into the picture.

Too often, I feel as PHP developers we focus on the tools we use, and forget that we're working in an HTTP-centric ecosystem. [...] If PSR-7 is ratified, I think we have a strong foot forward towards building framework-agnostic web-focused components that have real re-use capabilities -- not just re-use within our chosen framework fiefdoms.
0 comments voice your opinion now!
middleware http psr7 abstraction language handling

Link: https://mwop.net/blog/2015-01-08-on-http-middleware-and-psr-7.html

Matt Stauffer:
Laravel 5.0 - Middleware (replacing Filters)
October 15, 2014 @ 10:18:00

In a new post to his site Matt Stauffer looks at a feature of the upcoming version 5 of the Laravel framework, middleware, and how it will replace the current Filter handling. This is part nine in a series about the new features coming in Laravel (the rest are linked at the top of the article).

If you've been following along with my previous blog posts about Laravel 5.0, you may have noticed that route filters were first moved to be their own directory and class structure, and then eventually they mysteriously disappeared. You may have even noticed that references to Middleware showed up in their place.

He starts off by defining what "middleware" actually is and how it fits into the overall execution flow of the application. He describes it as "a series of wrappers around your application that decorate the requests and the responses in a way that isn't a part of your application logic." He then gets into the code examples, showing how to write a simple Laravel-friendly middleware that blocks odd port requests to the application. He includes the configuration updates to integrate it, how to control where it runs and using before and after "filters" inside the middleware.

0 comments voice your opinion now!
series part9 tutorial laravel framework filter middleware introduction

Link: http://mattstauffer.co/blog/laravel-5.0-middleware-replacing-filters

Lorna Mitchell:
OAuth Middleware for Slim
October 09, 2013 @ 11:53:37

Lorna Mitchell has posted about some middleware for the popular Slim (micro)framework that helps with OAuth functionality.

OAuth can be anything you want it to be, the standards are lax and give you plenty of room for getting the right implementation for your system. However you proceed, though, you'll need to check an access token on every request - and in a Slim application, a middleware can help enormously since it hooks in to every request by design. I've recently implemented this and thought I would share.

She's created a basic middleware component that can be easily dropped into the framework to handle the checking of the tokens via an "AuthService" object. She also includes a brief snippet of how she generates the codes, combining the output of bin2hex and openssl_random_pseudo_bytes.

0 comments voice your opinion now!
oauth middleware slim access token validation generate

Link: http://www.lornajane.net/posts/2013/oauth-middleware-for-slim

Gonzalo Ayuso:
Bundles in Silex using Stack
July 17, 2013 @ 11:10:34

Gonzalo Ayuso has a recent post to his site showing you how to use Stack to create bundles for your Silex-based applications. Stack is a structure that allows for the reuse of HttpKernelInterface middleware to create a custom "stack" of functionality.

Nowadays almost every modern framework/applications implements HttpKernelInterface (Symfony, Laravel, Drupal, Silex, Yolo and even the framework that I'm working in ;) ) and we can build complex applications mixing different components and decorate our applications with an elegant syntax. The first thing than come to my mind after studying Stack is to join different Silex applications in a similar way than Symfony (the full stack framework) uses bundles.

In his example, he shows an example of a simple GET endpoint for a blog and API. In the first version, he calls the "run" method to execute the handling of the request. The second example, however, includes the attachment of a simple "MyKernel" middleware to the stack and calls "handle" to apply and send the modified Response back to the user.

0 comments voice your opinion now!
silex stack tutorial introduction middleware httpkernelinterface

Link: http://gonzalo123.com/2013/07/15/bundles-in-silex-using-stack

Igor Wiedler:
Introducing Stack
June 04, 2013 @ 12:46:42

Igor Wiedler has started up a new project that helps you combine "stacks" of middleware related to the HttpKernelInterface from Symfony as a sort of decorator to its base functionality - Stack.

In the post titled HttpKernel middlewares I brought up the idea of bringing rack middlewares to Symfony2. In order to solidify this effort I would like to announce a new project: Stack. Stack is a convention for composing HttpKernelInterface middlewares. The name and logo are based on the idea of building a stack of middleware layers, each of which handles a particular piece of logic. [...] The main goal of stack is to give the idea of "HttpKernel middlewares" a name, so that we can more easily talk about it.

There's a stackphp organization on Github that has the start of this set of middleware pieces including tools to help you build other features. The project is focused around the Symfony HttpKernelInterface because it was the simpler, more standardized option for now. He notes that there's no reason that, in the future, when things are more standardized it couldn't broaden out to PHP as a whole.

0 comments voice your opinion now!
symfony httpkernelinterface stack middleware project

Link: https://igor.io/2013/05/23/introducing-stack.html

PHPMaster.com:
Working with Slim Middleware
February 21, 2013 @ 09:23:24

On PHPMaster.com Timothy Boronczyk has written up a tutorial about using the Slim microframework as a sort of "middleware" in your application - a wrapper around other functionality with an easier to use interface.

Slim is a microframework that offers routing capabilities for easily creating small PHP applications. But an interesting, and powerful, feature is its concept of Middleware. [...] I've found middleware to be an eloquent solution for implementing various filter-like services in a Slim app, such as authentication and caching. In this article I'll explain how middleware works and share with you a simple cache example that highlights how you can implement your own custom middleware.

He talks about what "middleware" is (complete with illustration) and how Slim can be used as a layer in the middleware stack. His example is a caching layer, based on Slim, that takes a request, checks the cache for it and returns it if it exists. If not, it saves the content to a database. He also includes code examples of how to use the "add" method to introduce your middleware libraries into the Slim application.

If you'd like more examples, the Slim project has several middleware examples provided in their "extras" github repository.

0 comments voice your opinion now!
slim middleware tutorial cache layer microsframework



Community Events

Don't see your event here?
Let us know!


api interview release podcast version community laravel5 video php7 laravel security opinion example framework series language introduction extension voicesoftheelephpant library

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework