Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Tomas Votruba:
New in Symplify 5: Generate Rich, Precise and Smart Changelog in Seconds
Oct 02, 2018 @ 10:21:45

In a new post to his site Tomas Votruba talks about how to use Simplify to generate a changelog for your project's updates and output it into a CHANGELOG.md file.

ChangelogLinker started as a small tool to complete links to PRs, authors, and versions in CHANGELOG.md. Then it started to generate the CHANGELOG.md.

Where is now and how to start using it?

He starts by showing how to install the package via Composer and how to use it for:

  • Multiple CHANGELOG.md for Smaller Versions
  • [using] Smarter Last Change Detection
  • Removing Dead Links
  • Improved Category Detection

The last one is quite handy as it gives more context to the items in the resulting Changelog rather than just a list of commits.

tagged: symplify changelog tutorial generate output

Link: https://www.tomasvotruba.cz/blog/2018/10/01/new-in-symplify-5-generate-rich-precise-and-smart-changelog-in-seconds/

Tomas Votruba:
Stylish and Standard Console Output with Symfony Style
Aug 07, 2018 @ 10:28:12

Tomas Votruba has continued his series covering the use of the Symfony Console component with a new tutorial. In this latest article he shows how to get "stylish and standard console output" using the output formatting included with the package.

Even if you don't use any component from Symfony or even installed one, you can use this trick in your PHP CLI App.

It's simple, provides standard and makes your output look like a design from Apple - useful and nice at the same time.

He starts by introducing the OutputInterface that the Symfony Console package includes and shows a few screenshots of the difference between normal console output and the Console component's look. He also covers the SymfonyStyle functionality that allows for even more fine-grained control over the input and output handling of your application. He finishes the post showing a few tips on integrating these styles into your command line application and setting it up to fetch SymfonyStyle as a service.

tagged: symfony console component tutorial series style output input

Link: https://www.tomasvotruba.cz/blog/2018/08/06/stylish-and-standard-console-output-with-symfony-style/

Christoph Rumpel:
Laravel Response Caching and CSP
Mar 19, 2018 @ 10:55:41

Christoph Rumpel has posted a guide for the Laravel users out there that have wanted to implement a Content Security Policy (CSP) in their application. A CSP helps to prevent cross-site scripting issues by locking down the images, scripts, resources, etc. that can be used in your application.

Caching is lovely, and the Content Security Policy is incredible. But when you put them together... Let me show you the problems I encountered, and how I fixed them.

He starts by describing the setup he was working with and improvements he was making (using the Spatie Laravel ResponseCache package to improve the performance of his site). As a part of the refactor he decided to implement a CSP but had an issue where the nonces on the included scripts didn't change like they did in development. To resolve the issue he created a middleware that takes the response and, after calling the other middleware, append the header to the response instance. Full code for the solution is included in the post.

tagged: contentsecuritypolicy csp laravel cache output response middleware

Link: https://christoph-rumpel.com/2018/03/laravel-response-caching-and-csp

Rob Allen:
OuputBuffer Middleware for Expressive
Oct 25, 2017 @ 09:56:14

In a quick post to his site Rob Allen shares code for an OutputBuffer middleware for use with the Zend Expressive framework. Zend Expressive is a middleware-driven framework that makes use of several Zend Framework components to get the job done.

When developing an Expressive application, if you use var_dump(), echo, print_r(), etc when you get [an] error.

This occurs after your data has been displayed and makes perfect sense as Expressive is unable to send headers as you've already started sending the body. To solve this, you need some middleware.

He includes the code for the middleware that grabs the current output being pushed to the user and, using PHP's own output buffering, takes all output and pushes it into the body, preventing any messages about output before the rendering takes place.

tagged: zendexpressive outputbuffer output middleware example

Link: https://akrabat.com/ouputbuffer-middleware-for-expressive/

Rob Allen:
Displaying errors in Expressive with Twig
Oct 19, 2017 @ 12:47:36

Rob Allen has a quick post for the Twig and Zend Expressive users out there showing how to display errors if you're not using the Whoops error handler.

If you're not using the Whoops error handler with Expressive and are using the Twig renderer, then you are given no information about the problem that occurred, even in debug mode.

He includes the Twig template to output the error message and, if the application is in "debug" mode, show an optional block of extra information. This provides details about the exception thrown and some of the previous errors. The previous errors are looped about output to provide more context around the failure.

tagged: error twig zend zendexpressive tutorial output debug

Link: https://akrabat.com/displaying-errors-in-expressive-with-twig/

Zend Framework Blog:
Emitting Responses with Diactoros
Sep 15, 2017 @ 09:14:05

On the Zend Framework blog they've posted a tutorial from project lead Matthew Weier O'Phinney showing how to use the Diactoros package to create response emitters. These emitters are just methods of output related to HTTP handling (like headers, response codes and normal text output).

When writing middleware-based applications, at some point you will need to emit your response.

PSR-7 defines the various interfaces related to HTTP messages, but does not define how they will be used. Diactoros defines several utility classes for these purposes, including a ServerRequestFactory for generating a ServerRequest instance from the PHP SAPI in use, and a set of emitters, for emitting responses back to the client. In this post, we'll detail the purpose of emitters, the emitters shipped with Diactoros, and some strategies for emitting content to your users.

He starts by describing what "emitters" are in the context of PSR-7 applications and shows the code definition of the EmitterInterface, the base of all emitter classes. After covering some of the emitters that Diactoros includes he shows how to create one to emit file information and how you can mix and match them in a emitter "stack" to perform more that one operation on the output.

tagged: diactoros tutorial emitter response output example interface

Link: https://framework.zend.com/blog/2017-09-14-diactoros-emitters.html

Pawel Mikolajczuk:
Custom Caching for Twig
Aug 16, 2017 @ 11:07:07

In this post to his Medium blog Pawel Mikolajczuk shares some helpful tips for getting the most performance out of your Twig output with some custom caching techniques.

In Superdesk Publisher we have implemented Mutlitenancy with possibility to have multiple themes (but one activated). To make process of switching, uploading and updating themes for tenant we had to came up with solution to clear cache only for one particular theme not the whole instance (with many organisations and tenants).

To achieve that we created custom Twig Cache class.

He then shares the code for the class, extending the base Twig filesystem caching, to work with the multi-tenant architecture. It ensures that the output from one account is completely separate from another, preventing concerns of the wrong data being shown to the wrong user. He also shows how to enable it in the application configuration (Symfony) and a custom "compiler pass" class to finish the integration.

tagged: twig custom cache class output multitenant architecture

Link: https://medium.com/@pawel.mikolajczuk/custom-caching-for-twig-f9a7303cebdd

Laravel News:
Generate a JSON Feed with Laravel
May 24, 2017 @ 10:49:46

In a new tutorial posted to the Laravel News site Eric Barnes shows you how to easily create JSON feed output from the data in a Laravel application. JSON feed is a new standard that's been defined to try to bring more structure to JSON responses for feeds, following in the tradition of RSS feed structure.

JSON Feed is a new standard to formalize a JSON based RSS feed that aims to simplify creating feeds by doing away with the XML standard. Implementing a feed for your site is simple, and the spec is surprisingly clear.

[...] I just implemented this feed format for Laravel News, and you can find the results here. As a quick example let’s go through setting up a feed like this.

He then walks you through the code required to create the feed, sharing a listing of posts (the latest 20) from the Laravel News site. He then defines the main feed data, adds in each of the posts to the "items" set and returns the resulting array for translation into JSON output.

tagged: jsonfeed standard laravel tutorial output json feed

Link: https://laravel-news.com/generate-a-json-feed-with-laravel

Zend Framework Blog:
Context-specific escaping with zend-escaper
May 17, 2017 @ 09:44:25

The Zend Framework blog has continued their series spotlighting individual components of the framework and putting them to use outside of a ZF-based application. In the latest post they show how to use zend-escaper to handle context-specific escaping.

Security of your website is not just about mitigating and preventing things like SQL injection; it's also about protecting your users as they browse the site from things like cross-site scripting (XSS) attacks, cross-site request forgery (CSRF), and more. In particular, you need to be very careful about how you generate HTML, CSS, and JavaScript to ensure that you do not create such vectors.

As the mantra goes, filter input, and escape output.

They start with some of the main issues around escaping output in PHP (and some of the inconsistencies) and what zend-escaper can to to help. The tutorial then shows how to pull the component into your current application via Composer and set up a new Escaper instance. It briefly covers the built-in escaping methods and then provides some more real-world examples of how it can be used to protect your application.

tagged: zendescaper component tutorial introduction output escaping

Link: https://framework.zend.com/blog/2017-05-16-zend-escaper.html

Zend Framework Blog:
Caching middleware with Expressive
Apr 19, 2017 @ 12:12:32

On the Zend Framework blog Enrico Zimuel has posted a tutorial showing you how to use middleware caching in Zend Expressive to help increase the overall performance of your application.

Performance is one of the key feature for web application. Using a middleware architecture makes it very simple to implement a caching system in PHP.

The general idea is to store the response output of a URL in a file (or in memory, using memcached) and use it for subsequent requests. In this way we can bypass the execution of the previous middlewares starting from the second request.

Of course, this technique can only be applied for static contents, that does not require update for each HTTP request.

He shows how to implement the "cachable" middleware, starting with a version that caches the return content based on the URL requested. He then shows how to configure the caching system to specify settings like path, lifetime and the enabled/disabled state. This is stored as a PHP configuration where the autoloader can get to it and the class as a dependency on the middleware itself.

tagged: cache middleware output zendexpressive tutorial response content

Link: https://framework.zend.com/blog/2017-04-19-caching-middleware.html