News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Paul Jones:
PSR-4 "Autoloader" Has Passed
December 04, 2013 @ 10:37:51

As Paul Jones mentions in his latest post, one of the latest proposals to the PHP-FIG (Framework Interoperability Group) has officially passed, PSR-4, providing a more strict standard for autoloading than the widely used PSR-0.

Counting from the date of that first formal proposal, it has taken exactly 8 months of discussions, one botched vote, one rescinded vote, an entirely new FIG workflow, and four or five rewrites to get PSR-4 passed. Maybe 8 months doesn't sound so long when you look back on it, but while you're in the middle of it, it's interminable.

Paul talks about some of the differences between it and PSR-0, making for "shallower" and more concise directory structures for packages. He also points to some of the packages from the Aura framework as examples of its implementation.

0 comments voice your opinion now!
psr4 autoloader phpfig proposal vote pass directory structure namespace

Link: http://paul-m-jones.com/archives/4804

Phil Sturgeon:
Potential Variadic Function Syntax for PHP 5.6
September 03, 2013 @ 11:55:37

Phil Sturgeon has another post to his site about a recently proposed RFC for PHP. This time it's about implementing a variadic function syntax in the language. This kind of handling would allow for a variable number of parameters on a function/method and not having to use func_get_args to pull in the list.

An awesome RFC popped up the other day: Syntax for variadic functions, developed by Nikita Popov. I read through it and I loved it, but I did have to Google to see what the hell a variadic function was. This is what happens when you teach yourself how to code. You know how to do things, but don't know any of the words. Variadic functions are already possible in PHP and have been throughout 4.x and 5.x in the form of func_get_args(), which is pretty gross.

He includes an example of how it would work and some of the pros and cons of implementing it in the language including:

  • Type hinting (pro)
  • Argument unpacking (con)
  • Easier documentation in docblocks (pro)
  • Keeping up with the "Joneses" (con)
0 comments voice your opinion now!
variadic function syntax rfc proposal

Link: http://philsturgeon.co.uk/blog/2013/08/potential-variadic-function-syntax-for-php-56

Phil Sturgeon:
Progress in the PHP-FIG
August 15, 2013 @ 11:13:55

Phil Sturgeon has a new post about some of the progress the PHP-FIG is making (the PHP framework interoperability group) and how some of the more recently proposed standards...and a workflow he thinks can help keep things from fading like they are now.

For the last two years the ML has been chock full of different discussions about potential PSRs that could be worked on. [...] This to me is the central point of the PHP-FIG as by defining these standards it can stop the need to build 6 different damn adapter classes for your composer package if you want it to work with Buzz, Guzzle, Zend HTTP, Curl, Whatever). [...] It became apparent to me that the PHP-FIG wasn't going to get all that far as things stood. I actually saw quite a few problems with the workflow.

To try to help resolve these problems, Phil has proposed a bylaw that aims to help (and has since been voted in as part of the process). The flow has several steps that a PSR proposal has to go through, all tracked by co-sponsors, one being the main coordinator. It goes through a pre-draft, draft, review and acceptance phases. There's also some points in there about attribution, the use of the voting protocol and the flow of the voting process.

0 comments voice your opinion now!
phpfig interoperability voting process flow bylaw proposal

Link: http://philsturgeon.co.uk/blog/2013/08/progress-in-the-phpfig

Community News:
PHP-FIG Proposal - Resource Location
June 19, 2013 @ 10:55:29

A new proposal has been made to the PHP-FIG group that would provide resource locator functionality as a standard part of an application's structure.

This specification proposes to refer to files and directories through URIs. [...] These URIs can have different schemes ("classpath", "file" etc.), but only the scheme "file" is specified in this document. The resource locator is able to turn URIs into file paths which can be read or included by PHP code. The general goal of this PSR is to locate files (PHP, XML, YAML, INI, JPG, etc.) and directories in a generic way. For example, there should be a unified notation to refer to the file of a class ABCD and other files located in the same directory (or nested directories).

Code snippets are included showing a pseudo-code interface to this locator with five requirements:

  • Locate files relative to classes
  • Locate both directories and files
  • Short identifiers when the context is known
  • Locate resources independent from PHP classes
  • Support resource overriding

There's also some definition as to what is meant by a "resource location" and how the URIs should be structured and located.

0 comments voice your opinion now!
phpfig proposal resource location framework interoperability standard psr

Link: https://github.com/bschussek/fig-standards/blob/master/proposed/resource-location.md

Pádraic Brady:
Publishing Security Disclosures In Consumable Formats
May 16, 2013 @ 09:03:59

Pádraic Brady has a new post today proposing that what the PHP ecosystem needs is a way to better publish security disclosures in a format that's easy to parse and deal with.

This is a branch off from a separate discussion on the PHP-FIG mailing list about other ways the Framework Interoperability Group can encourage and foster wider interoperability among its member projects (and by extension, the whole PHP community). I'll start by noting two interesting developments in recent months and one long standing best practice.

The two "interesting developments" he mentions are the relatively recently released SensioLabs Security Checker that uses you Composer file to find security issues and the new entry in the latest version of the OWASP Top 10 list for "Using Components with Known Vulnerabilities". The best practice he talks about is more around the timely/responsible disclosure of vulnerabilities and how some kind of decentralized tracking of these issues that puts the responsibility back on the developers of the tool and not on one tracking resource.

0 comments voice your opinion now!
security disclosure feed proposal sensiolabs checker owasp

Link: http://blog.astrumfutura.com/2013/05/publishing-security-disclosures-in-consumable-formats-for-simpler-aggregation-and-security-checking

PHPClasses.org:
26 Ways to Show that PHP Can Be Better Than PHP
March 21, 2013 @ 11:14:33

In a new blog post on PHPClasses.org today Manuel Lemos has gathered together some of the things that PHP doesn't have (yet). Most of them are things that developers have expressed a desire for in the core and either have yet to make it into a RFC or are still just being implemented in "userland" code.

The PHP development process is still a bit frustrating. Many developers hoped that PHP had certain features but those are still missing due to several reasons. One way to see those features happen is to write code to implement the features and then submit the code to the PHP core. However that is not a guaranteed process. Even if you provide the necessary code, other developers may object to the addition of those features and the effort is wasted.

Among the things he lists as features that are desired but not implemented yet are things like:

  • Aspect oriented programming
  • Annotations
  • Class generics
  • Introspection of private variables and functions
  • Named parameters

There's a summary of each of the features mentioned and in some cases links to RFCs that presented the same ideas. If you're interested in presenting your own ideas to the PHP project for inclusion, you can "demystify" the RFC process by checking out this post from Chris Jones with lots of good suggestions and the flow of how the process (usually) works.

0 comments voice your opinion now!
language better rfc feature proposal missing


Stuart Herbert:
Personal Thoughts On The PSR-3 Log Proposal
December 31, 2012 @ 10:46:13

In his latest post, Stuart Herbert has shared some thoughts about the recently proposed PSR-3 proposal for a unified logging interface for PHP projects.

PSR-3 is a proposed standard (voting has finished, it should appear as an accepted standard when the PSR folks recover from too much Christmas turkey) describing a common logging interface for PHP frameworks. It's based on a small subsection of RFC 5424, which describes the Syslog standard, which is a very sensible choice. Sysadmins think in terms of Syslog levels, and they utterly hate dealing with loggers that don't map cleanly onto Syslog.

He briefly introduces the PSR and the format of the logger with some of the main methods it should implement and what they do. He talk gets into some of his critiques about the proposal, namely the method naming, the exception handling parameter and the proposed LogLevel constants.

0 comments voice your opinion now!
psr3 proposal phpfig logger interface thoughts opinion


Ben Ramsey:
Writing an Effective Talk Proposal
December 03, 2012 @ 10:25:32

if you've ever considered contributing to a PHP (or any other technology conference) but weren't sure about how to even get started writing up a proposal for a session, you should check out this recent post from Ben Ramsey with a good guide (and some advice experienced speakers could use too).

Earlier today, I was asked "Any tips on how to write a proposal for a major conf?" I've never shared tips on this, and since the calls for proposals for Sunshine PHP and Midwest PHP both end tomorrow, I thought it would be a good idea to share my approach to writing conference proposals. Remember those standard, five-paragraph essays you used to write in high school? Remember how you thought they sucked and wouldn't provide any practical benefit to your life? Well, it turns out they do have some redeeming qualities.

He suggests that this "five paragraph essay" format helps you not only come up with a more fleshed out, full idea but also can provide you with the abstract to submit to the conference (possibly the first paragraph). He mentions the need for a "hook" and finishing off with an opinion that's the basis of the talk. He also has a reminder of a few things - don't talk down, don't use negative language and try not to use absolutes.

0 comments voice your opinion now!
talk proposal conference suggestion opinion session


Pádraic Brady:
PHP Escaper RFC Consistent Escaping Functionality For Killing XSS
September 19, 2012 @ 13:02:59

There's been a lot of chatter about a recent RFC from Pádraic Brady on the php.internals maling list - his proposal to add native escaping to the PHP core. He shares some of his own thoughts about the proposal in a new post to his site.

A short time ago today, I submitted a PHP RFC for discussion which proposes adding an SPL Escaper class and, quite possibly, a related set of functions dedicated to escaping data for output to HTML/XML to PHP: https://wiki.php.net/rfc/escaper. The RFC itself should be a good read if you want to understand why I'm proposing this but the basics are quite simple. Cross-Site Scripting (XSS) is one of the two most common security vulnerabilities in web applications - the other being SQL Injection. Despite this, PHP's offering of escaping functions is extremely limited.

He talks about what problems the proposed solution solves and how it could help protect PHP programmers more effectively than the more complicated methods they have to go through now. If you're interested in reading the conversations so far, you can start here and walk through the messages.

0 comments voice your opinion now!
rfc proposal escaping core proposal phpinternals discussion


Scott Mattocks:
LUCID Development
September 12, 2012 @ 08:14:46

Scott Mattocks has a new post to his site today about a set of development principles he's proposing called "LUCID" (similar in idea to SOLID) - Logs, Unit Tested, Configurable, has Isolated features and is fully Documented.

Building software with a clear set of use cases and requirements is a relatively straight forward process. Various design patterns exist to help you solve problems which others have come across already. You can use principles like SOLID to help separate your classes and simplify your code. [...] Using a set of guidelines like SOLID may make it easier to swap out a broken class for a new class, but they don't really help you identify the problem or fix any data corruption which may have occurred. Knowing you have a problem and being able to isolate and fix the problem is just as important, if not more so, than being able to rely on consistent interfaces from your factory method. That is why I am proposing an additional set of software development guidelines called "LUCID code."

He defines it as "code with understands that bugs are unavoidable" and is able to give developers feedback through its own logging, tests and documentation. With correctly isolated code, development can be segmented and worked at the same time and make changing requirements and updating functionality simpler in the long run.

0 comments voice your opinion now!
lucid development principles framework proposal



Community Events











Don't see your event here?
Let us know!


symfony2 install hack hhvm opinion composer application code package threedevsandamaybe release framework unittest language overview introduction facebook component podcast security

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework