Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

AppDynamics PHP Blog:
Introduction to PHP Security – Part 2
Jul 22, 2015 @ 08:33:01

The

AppDynamics PHP blog has posted the second part of their series looking at some of the basics of PHP security. In part one they talked about some of the most common attacks and how to remediate them. In this latest part they "dive deeper" and get into some of the more advanced issues.

Truth be told, there are potentially an infinite number of ways in which a software product can be compromised and have its security breached. [...] New security flaws are regularly found, and routine patches are immediately released for most of the major software applications you utilize in your application stack. No matter whether your web or database server, your operating system, your PHP runtime, or even the MVC framework that your time adopted, your point(s) of exposure may exist anywhere within the various components that make up your application ecosystem.

They start with a few more advanced best practices including using SSL and keeping error messages away from the public eye. They briefly discuss other kinds of injection types (besides just SQL) and offer some tips about securing the data that lives in the application as well.

tagged: security introduction series part2 advanced bestpractice injectiondata

Link: https://blog.appdynamics.com/php/introduction-to-php-security-part-2

Mattias Noback:
Refactoring the Cat API client (3 Part Series)
Jul 16, 2015 @ 11:25:54

Mattias Noback has posted a three part series of tutorial articles around the refactoring of a "CatApi" class. These articles take the class from a jumbled mess of functionality with both direct file access and remote requests mixed in into something much more maintainable and flexible.

t turned out, creating a video tutorial isn't working well for me. I really like writing, and speaking in public, but I'm not very happy about recording videos. I almost never watch videos myself as well, so... the video tutorial I was talking about won't be there. Sorry! To make it up with you, what follows is a series of blog posts, covering the same material as I intended to cover in the first episodes of the tutorial.

In part one he introduces the current state of the "CapApi" class and some of the problems with it, both in testing and in structure. He does some basic refactoring to split out some of the logic here and moves on to part two. In the second part of the series he focuses on refactoring the HTTP request and the local file system functionality into abstract, injectable objects. Finally in part three he adds in some verification around the data being passed back and forth between objects including both simple checking and the use of value objects.

tagged: refactor api class series part1 part2 part3 filesystem http request xml validation

Link: http://php-and-symfony.matthiasnoback.nl/2015/07/refactoring-the-cat-api-client-part-1/

BitExpert Blog:
Think About It: Loop Iteration Per
Jul 15, 2015 @ 09:30:16

On the BitExpert.com blog Florian Horn continues his "Think About It" series (part 2) looking at performance enhancements that can be made when using the PHPExcel library and in their overall data processing. In this article they build on part one and share a few more handy performance tweaks.

This article is the second of a three-part series and describes how we optimized our data processing and reached performance improvements tweaking our code. Make sure you covered the first article about how we tweaked PHPExcel to run faster while reading Excel and CSV files.

He shows how they replaced some repeated looping and generating entities with an index-cached set. This set uses the ID of the element as the index and makes it faster and easier to reference the value. This dropped their overall loop handling of the imported data by half.

tagged: phpexcel performance update tweak part2 series indexcached set

Link: https://blog.bitexpert.de/blog/think-about-it-loop-iteration-performance-part-2/

Scotch.io:
Token-Based Authentication for AngularJS and Laravel Apps (continued)
Jul 06, 2015 @ 11:57:54

Scotch.io has posted the second part of their series (here's part one) continuing their look at using tokens for authentication in an AngularJs+Laravel application. They pick up where they left off in the previous part and focus on adding more of the systems around the token.

In the tutorial on Scotch.io we created a new app called jot-bot to look at how to implement token-based authentication in AngularJS and Laravel by using jwt-auth and Satellizer together. On the Laravel side, jwt-auth let’s us generate JSON web tokens when the user inputs their credentials. [...] There were a few things for a complete authentication solution that we didn’t get to in the last tutorial, including: Setting the logged-in user’s data (such as name and email address) and their authentication status, a way to redirect the user to the login page if they become logged out and how to log the user out and the implications of token-based authentication on logout.

He starts by updating the AuthenticateController to handle getting the authenticated user based on the token information. He also adds the matching route and show the kind of data it should return. He then switches to the Angular side and creates the controller to hook into the backend and get the current user information. The tutorial then shows how to relay user information back to the view and what it might look like. He then goes through a similar process for adding the logout handling including redirecting the user when logged out. Finally, he shows how to initialize the user on the frontend when the application loads, pulling the data from localstorage and checking for a valid existing session.

tagged: scotchio token authentication angularjs laravel application series part2

Link: http://ryanchenkie.com/token-based-authentication-for-angularjs-and-laravel-apps/

SitePoint PHP Blog:
Turning a Crawled Website into a Search Engine with PHP
Jul 06, 2015 @ 10:19:43

The SitePoint PHP blog has posted the second part of their "Powerful Custom Search Engines with Diffbot" series with part two showing how to take the Diffbot results and make them searchable.

In the previous part of this tutorial, we used Diffbot to set up a crawljob which would eventually harvest SitePoint’s content into a data collection, fully searchable by Diffbot’s Search API. We also demonstrated those searching capabilities by applying some common filters and listing the results. [...] In this part, we’ll build a GUI simple enough for the average Joe to use it, in order to have a relatively pretty, functional, and lightweight but detailed SitePoint search engine. What’s more, we won’t be using a framework, but a mere total of three libraries to build the entire application.

For those interested in the end result, you can skip to the demo. Otherwise, they'll walk you through the full process:

  • Bootstrapping the environment and needed libraries
  • Creating a simple "home" page with a Diffbot client
  • Creating the frontend interface (a form allowing for various search terms)
  • Making the Javascript to catch the form submission
  • Adding CSS to style the page
  • Building out the PHP backend to perform the different search types (author and keywords)

Finally he ties it all together and create the output of the search results, providing links to each of the matching pages, posting date, author information and a brief summary. He ends the post with a look at paginating the results via a "PaginationHelper" class that will drop a navigation item at the bottom of the results and handle moving from page to page, interfacing with the Diffbot client.

tagged: search engine diffbot tutorial series part2 results crawled website

Link: http://www.sitepoint.com/turning-crawled-website-search-engine-php/

NetTuts.com:
Create a Custom API in Magento: Part Two
Jul 03, 2015 @ 10:54:02

NetTuts.com has posted the second part of their series showing how to create a custom API in Magento. In part one of the series they focused on creating a custom module that worked with the core APIs and system. In this new post they approach it from the other side and show how to use those APIs created in part one.

In this series, we're discussing custom APIs in Magento. In the first part, we created a full-fledged custom module to implement the custom API, in which we created the required files to plug in the custom APIs provided by our module. In this second and last part, we'll go through the back-­end section to demonstrate how to consume the APIs.

They start with a quick recap of the things created in the first part of the series and how to ensure it's set up correctly to be accessed as an API endpoint. Next they set up the user and role configurations that you'll need to access the new API through the administration panel. Finally, they show you how to use the API through a simple SoapClient request.

tagged: magento custom api series tutorial part2 usage

Link: http://code.tutsplus.com/tutorials/create-a-custom-api-in-magento-part-two--cms-23821

DigitalOcean Community Blog:
How To Deploy a Basic PHP Application using Ansible, Part2
Jun 26, 2015 @ 09:53:33

Digital Ocean has continued their series about deploying "advanced PHP applications" on an Ubuntu instance via Ansible in part two of the series. If you missed the first part of the series, you can check it out here.

This tutorial is the second in a series about deploying PHP applications using Ansible on Ubuntu 14.04. The first tutorial covers the basic steps for deploying an application, and is a starting point for the steps outlined in this tutorial.

In this tutorial we will cover setting up SSH keys to support code deployment/publishing tools, configuring the system firewall, provisioning and configuring the database (including the password!), and setting up task schedulers (crons) and queue daemons. The goal at the end of this tutorial is for you to have a fully working PHP application server with the aforementioned advanced configuration.

You'll need to finish the first tutorial if you want to follow along here. They pick up where they left off to finish the whole process, starting with a switch to a more advanced example repository. They modify the Ansible configuration and run the playbook to update the host. From there they break things down into several more steps:

  • Setting up SSH Keys for Deployment
  • Configuring the Firewall
  • Installing the MySQL Packages
  • Setting up the MySQL Database
  • Configuring the PHP Application for the Database
  • Migrating the Database
  • Configuring cron Tasks
  • Configuring the Queue Daemon

While a good bit of these steps relate to something Laravel needs (what they use for the sample application), it's still a good overview of the wide range of things you can do with Ansible during deployment.

tagged: deploy ansible digitalocean setup tutorial configure laravel framework part2

Link: https://www.digitalocean.com/community/tutorials/how-to-deploy-an-advanced-php-application-using-ansible-on-ubuntu-14-04

Laravelista.com:
Build an API with Lumen and Fractal
Jun 17, 2015 @ 10:16:58

On the Laravelista.com site there's a recent tutorial posted showing you how to create an API with Lumen and Fractal, a combination of the popular Laravel-based microframework and Fractal, an output handling library that makes it simpler to transform data to your needs. This is the second part of his series (part one is here), making some improvements on his previous examples.

In the previous post I used Larasponse to get Fractal working with Laravel, but recently I have switched to native Fractal package. One thing to notice is that in this post I will be showing you parts of code from a real project that I am working on called Treeline, instead of just example code like in the previous post. Be sure to check the Treeline repository if you're unclear on something.

He goes back through some of the setup process, getting Fractal installed via Composer and the creation of an ApiController to handle basic things like setting the status code and transforming the response to JSON. He shows how to add in the necessary routes for the "projects" path and creates the matching controller, collection and item classes that integrate the Fractal transformers to format their output as JSON. He also includes the code for the transformer classes themselves, showing you how to pull in and modify the data for the API's needs. He ends the post showing how to integrate other data (the "notes" into a "project" instance) and the resulting JSON output.

tagged: lumen fractal api tutorial series part2 transform project note

Link: http://laravelista.com/build-an-api-with-lumen-and-fractal/

Loïc Chardonne:
Symfony Differently - part 2: Bootstrap
Jun 16, 2015 @ 10:46:03

Loïc Chardonne has posted the latest part in his "Symfony Differently" series (part one is here) with a focus on bootstrapping the application and configuring the environment that it will live in.

Our goal in this post is to bootstrap an application to then create a search endpoint for items. We've decided to use Symfony for a single reason: our company Acme used it since the beginning and the API developers team has Symfony and PHP skills.

He walks through the steps you'll need to get the application up and running:

  • Creating a new Symfony Standard Edition project
  • Configuring Apache
  • Moving the tests to a different directory, including Composer updates
  • Creating scripts for builds, testing and deployment

With all this structure in place, the next part of the series will start in on the functionality of the search endpoint and returning the results.

tagged: symfony bootstrap differently tutorial series part2 project apache scripts tests

Link: http://gnugat.github.io/2015/06/10/sf-differently-part-2-bootstrap.html

Christopher Pitt:
Making Dependable #2 (Series)
May 27, 2015 @ 09:25:01

Christopher Pitt has posted the second part of his series about creating "Dependable", a Laravel-based application with a focus on Composer use and customization. In part one he laid the foundation, creating a new project, database and setting up migrations to create the tables. In part two he builds on this and creates additional functionality to store a GitHub user's repositories.

One of the ideas we’ve had is to create an application; which can build a custom Composer dependency map, and deploy that to a new server. It would also be great if there was an interface for deciding which dependencies are included, and a unique URL for each installation.

He starts with a brief mention of testing and why he hasn't included that in his current work. Then he gets into the new models for storing repositories and the migration to create the matching table. He also includes the code that will be needed to link a Developer to a Repository. He finishes the post with an endpoint that can be called to refresh the data from GitHub and pull the repository information down and populate it into the database.

tagged: tutorial series part2 dependable laravel github repositories developer

Link: https://medium.com/laravel-5-tutorials/making-dependable-2-36411b64b958