Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Paul Jones:
PECL Request Extension: Beta 1 Released!
Dec 21, 2016 @ 10:06:38

As Paul Jones has announced in this post to his site the PECL "Request" extension has reached the beta stage with the release of beta v1.

I am happy to announce that the PECL extension for server-side request and response objects has reached beta status! (Documentation here.)

[...] This completes the intended initial functionality of the extension. You should install it and try it out, because it might be make your work easier.

The post also lists out some of the new functionality introduced in this beta mostly focused around the fetching of the "forwarded for" information. You can find out more about the extension on the pecl.php.net website.

tagged: request extension beta release http

Link: http://paul-m-jones.com/archives/6461

Paul Jones:
The PHP 7 “Request” Extension
Nov 23, 2016 @ 14:37:09

Paul Jones has a new post to his site introducing the "Request" extension he and John Boehr have worked up to make working with HTTP requests in PHP simpler.

You’re tired of dealing with the $_GET, $_POST, etc. superglobals in your PHP 7 application. You wish $_FILES was easer to deal with. You’d prefer to wrap them all in an object to pass around to your class methods, so they’d be easier to test. [...] You could maybe adopt a framework, but why do that for your custom project? Just a pair of server-side request and response objects would make your life so much easer. Why can’t there be set of internal PHP classes for that?

Well, now there is. You can install the request extension from John Boehr and myself to get ServerRequest and ServerReponse objects as if PHP itself provided them.

He gives an example of using the extension to work with both the request and response (ServerRequest and ServerResponse). This includes cookie values, files handling, content length and much more. There's code examples showing it in use and a link to the repository for the extension where you can find out more.

tagged: request extension language serverrequest serverresponse

Link: http://paul-m-jones.com/archives/6416

Alejandro Celaya:
Dispatch REST-like requests with a single controller class in Zend Expressive
Jun 27, 2016 @ 10:21:25

In a new post to his site Alejandro Celaya shows you how to dispatch REST-like requests in Zend Expressive using a single-controller method.

I was digging into Zend Expressive and how to use controllers that allow me to share dependencies between different routes, instead of having to use different middlewares every time. Abdul wrote a great article on this subject that you can find here, which also became part of Expressive's cookbook some time later.

This is a perfect approach that easily allows to reuse some code, but then I thought how to do something similar in a rest environment, having a single class with different dispatchable methods that will be called depending on the request's HTTP method. This is a possible solution based on ZF2's AbstractRestfulController.

He starts by creating an AbstractRestController class to handle the basics of the REST handling, essentially matching verbs to their actions. He then extends this with a RestUserController class that overrides the necessary methods for only the HTTP verbs you want to change. He then shows how to register the route so it can be used by any request verb type (GET, POST, PUT, etc).

tagged: zendexpressive tutorial rest request verb http zendframework2 abstractcontroller

Link: http://blog.alejandrocelaya.com/2016/06/24/dispatch-rest-like-requests-with-a-single-controller-class-in-zend-expressive/

Phil Sturgeon:
Why Care About PHP Middleware?
Jun 02, 2016 @ 10:35:39

Phil Sturgeon has a post over on his site sharing some of his thoughts on PHP middleware and why he thinks it's worth paying attention to in your applications.

Recently there has been a lot of buzz about HTTP middleware in PHP. Since PSR-7 was accepted, everyone and their friend Sherly has been knocking out middleware implementations, some of them stunning, some of them half-arsed, and some of them rolled into existing frameworks. HTTP Middleware is a wonderful thing, but the PHP-FIG is working on a specific standard for middleware, which will standardise this mess of implementations, but some folks don't seem to think that would be useful.

Let's look into middleware a little closer, to show you why it's something to smile about.

He starts with a bit of background about the history of middleware in the PHP ecosystem and where they fit in the overall execution path. He lists out some of the middlewares that have already come out based on this surge in the community including CSRF protection, debugging and rate limiting handling. With various frameworks handling the request/response slightly differently, the PHP-FIG worked up a standard to make interoperability easier. He links to some other resources about middleware that have been posted and discussions he's had with other people about their usefulness.

HTTP Middleware is awesome. It lets frameworks do far less, it lets people distribute logic in a way often unseen popularly in PHP, it lets more of your application be reusable, and it lets PHP catch up with other popular languages used to build stuff on the web. PSR-7 was a great step towards this goal, but we need another PSR to get the whole way there.
tagged: middleware opinion psr7 request response phpfig example

Link: https://philsturgeon.uk/2016/05/31/why-care-about-php-middleware/

Matthew Weier O'Phinney:
Serve PSR-7 Middleware Via React
Apr 20, 2016 @ 12:07:56

Matthew Weier O'Phinney has a post to his site showing you how to combine PSR-7 request/response handling (his examples use Zend Expressive) with React and middleawre in your application.

I've been intending to play with React for some time, but, for one reason or another, kept putting it off. This past week, I carved some time finally to experiment with it, and, specifically, to determine if serving PSR-7 middleware was possible.

He starts with a brief introduction to React and what kind of functionality it brings to the table. He includes a bit of sample code showing it in use creating a basic HTTP server responding to any request with a simple "Hello World" message. He then starts on the React+PSR-7 integration, wrapping the request and response handling from one in the other to keep the expected responses the same. He also talks about serving up static files using the React+PSR-7 handling via a middleware on the Expressive side. Finally he shares the work he's done via a library to help make it easier to reuse in other situations. He shows the installation and usage of this library and sample requests you can use to test it out.

tagged: react psr7 request response example library handler static file tutorial

Link: https://mwop.net/blog/2016-04-17-react2psr7.html

Paul Jones:
PSR-7 and Session Cookies
Apr 12, 2016 @ 13:27:06

In this post to his site Paul Jones makes some suggestions about how to handle session cookies (PHP's default session handling mechanism) and requests/responses using the PSR-7 structure.

One of the great things about PHP is its session handling capabilities. One call to session_start() and a huge amount of heavy lifting is done for you. It’s a great aid when writing page scripts.

However, as you start to need finer control over the HTTP response in your project, some of the automatic session behaviors begin to get in the way. In particular, when you are using PSR-7 to build your HTTP response, you realize that session_start() and session_regenerate_id() both automatically do the equivalent of calling setcookie() to write headers directly to the output. This means you cannot buffer those calls into the Response object for later sending.

How then can we use PHP’s session handling, when we want finer control over when and how cookies get sent?

He suggests that you do two things. First, disable PHP itself from automatically sending the cookie via some ini_set calls. The second is to do the session ID comparison manually and perform the related action (either allowing or sending a new ID on failure). He includes example code showing it in action and also mentions some of the shortcomings of the approach around cache and limiter headers.

tagged: psr7 session cookie request response header disable tutorial

Link: http://paul-m-jones.com/archives/6310

Inviqa Blog:
An Introduction to PSR-7 in Symfony
Mar 18, 2016 @ 09:58:44

The Inviqa blog has posted a tutorial that gets in to the details of using PSR-7 compatible functionality in Symfony through the introduction of middleware into your application.

The PSR-7 standard, which describes common HTTP message interfaces, is a big step towards interoperability across different PHP libraries. The standard was introduced not long ago, but you can already use libraries compatible with this recommendation within your Symfony-based application.

[...] A step toward more homogeneity was achieved when the PHP Framework Interop Group accepted PSR-7 in May 2015. This recommendation describes common HTTP message interfaces. The biggest benefit the PHP community gets from the standard is a potential for interoperability across different PHP libraries. You can already use libraries compatible with this recommendation within your Symfony-based application thanks to the Symfony PSR-7 Http Message Bridge.

The tutorial then shows how to use this message bridge to convert the current Symfony HTTP request and response instances over to follow the PSR-7 structure (essentially a wrapper around it). They then show how to use this functionality in a simple Symfony controller, taking advantage of an event listener to automatically convert the request based on type hinting in the controller method. Finally they talk about middleware, what they are and how they fit into the flow of a web request/response structure.

tagged: psr7 symfony introduction middleware bridge request response controller

Link: http://inviqa.com/blog/2016/3/3/an-introduction-to-psr-7-in-symfony

Rob Allen:
Testing Slim Framework actions
Mar 14, 2016 @ 10:45:52

Rob Allen has a quick post to his site showing you how to test Slim actions using PHPUnit and some simple pieces of the Slim framework itself to set up the needed environment.

To test a Slim Framework action, you need a request and a response object and mock whatever is in the action. This is one way to do this.

He gives an example of a simple endpoint that just returns a JSON string. He shows the code for this endpoint and how it registers with the application for an /echo route. He then gets in to the testing on the route's matching class, making an instance of the Request class and an Environment for it to work in. He ends the post by sharing teh code to pull all of these pieces together in a simple PHPUnit test that uses the assertSame assertion to verify the JSON response output.

tagged: slimframework action unittest phpunit testing tutorial request environment

Link: https://akrabat.com/testing-slim-framework-actions/

Rob Allen:
PSR-7 file uploads in Slim 3
Feb 05, 2016 @ 11:08:23

In a post to his site Rob Allen explains how to handle file uploads in a PSR-7 structure, specifically illustrating with an example using the Slim (v3) framework.

Handling file uploads in Slim 3 is reasonably easy as it uses the PSR-7 Request object, so let's take a look.

He shows how to create a simple index route in a Slim application and render a view containing just a simple form with an upload field and submit button. When the form submits, he uses the getUploadedFiles method on the Slim Request object to get the file information for the upload. He also shows how to check for errors on the upload using the file data as an object and calling the getError method.

tagged: slim3 file upload tutorial handling error psr7 request

Link: https://akrabat.com/psr-7-file-uploads-in-slim-3/

Lorna Mitchell:
OAuth2 with PHP's built in Streams Functions
Jan 07, 2016 @ 10:56:54

In a quick post to her site Lorna Mitchell reminds us that you can modify the options on the internal PHP streams (like for HTTP requests), more specifically to add a "Bearer" token value for OAuth2 integration.

For OAuth2, all I had to be able to do was to send an Authorization header with my web request from PHP. My second-favourite way of making API calls from PHP is to use PHP's stream handling, so I did that. It's not code you see very often but it's super-simple and it works on every PHP platform I've tried so far

She gives a few lines of code to show how to modify the options to add in the token value, basically using an array of options and a call to stream_context_create to create the context. This can then be used in future calls (like the file_get_contents she shows) to automagically send this information along with the request.

tagged: oauth2 http stream request builtin options bearer tutorial

Link: http://www.lornajane.net/posts/2016/oauth2-phps-built-streams-functions