News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Pádraic Brady:
PHP 5.6 and SSL/TLS Getting Better But Will PHP Programmers Actually Use It?
January 31, 2014 @ 11:24:32

In his latest post Pádraic Brady looks at a new addition to PHP (well, to be included in the next release) related to the SSL/TLS handling it provides in streams. He's happy to report that things are improving. This commit integrated an RFC allowing for TLS perr verification in PHP streams.

The RFC reverses PHP's course and provides PHP streams with defaults that enable both peer verification and host verification. The patch implements the RFC and it lets PHP leverage the local system's own certificate stash (e.g. Debian's ca-certificates) where possible to avoid PHP having to distribute a bundle of its own and while also assisting in backwards compatibility. [...] Once we have a PHP streams/sockets system with a passable level of default security, the rest will be left to programmers on the ground to change their practices.

With this new functionality coming in PHP 5.6, he strongly encourages developers to change how they're currently doing things and embrace this new verification to keep their code safer.

0 comments voice your opinion now!
ssl tls php56 programmer peer verification rfc

Link: http://blog.astrumfutura.com/2014/01/php-5-6-and-ssltls-getting-better-but-will-php-programmers-actually-use-it/

PHP Town Hall:
Episode 12 Awesome RFCs and Yolo
September 12, 2013 @ 11:54:43

The PHP Town Hall podcast has released their latest episode, #12, Awesome RFCs and YOLO:

Silex and PHP contributor Igor Wiedler joins Ben and Phil to talk about his recently accepted RFC: Importing namespaced functions along with a bunch of other super-nerdy things that he has been working on.

There's also mentions of other RFCs like the variadics and argument unpacking proposals. You can listen to this latest episode either through the in-page player or by downloading it directly. You can also subscribe to their feed to get the latest episodes.

0 comments voice your opinion now!
ep12 rfc yolo igorwiedler podcast phptownhall

Link: http://phptownhall.com//blog/2013/09/11/episode-12-function-autoloading/

Phil Sturgeon:
Potential Variadic Function Syntax for PHP 5.6
September 03, 2013 @ 11:55:37

Phil Sturgeon has another post to his site about a recently proposed RFC for PHP. This time it's about implementing a variadic function syntax in the language. This kind of handling would allow for a variable number of parameters on a function/method and not having to use func_get_args to pull in the list.

An awesome RFC popped up the other day: Syntax for variadic functions, developed by Nikita Popov. I read through it and I loved it, but I did have to Google to see what the hell a variadic function was. This is what happens when you teach yourself how to code. You know how to do things, but don't know any of the words. Variadic functions are already possible in PHP and have been throughout 4.x and 5.x in the form of func_get_args(), which is pretty gross.

He includes an example of how it would work and some of the pros and cons of implementing it in the language including:

  • Type hinting (pro)
  • Argument unpacking (con)
  • Easier documentation in docblocks (pro)
  • Keeping up with the "Joneses" (con)
0 comments voice your opinion now!
variadic function syntax rfc proposal

Link: http://philsturgeon.co.uk/blog/2013/08/potential-variadic-function-syntax-for-php-56

Phil Sturgeon:
Named Parameters in PHP
September 02, 2013 @ 10:52:40

in a new post to his site Phil Sturgeon talks about a new (old?) proposal to introduce named parameters into PHP.

Named Parameters for PHP is not a new conversation. It's reared its head several times - so much so that the named parameters RFC says: "Since the topic continually gets re-raised, and now PHP has an RFC process, the discussion should be recorded in an RFC (Note this is yet to be done) so the same arguments don't have to be revisited."

He notes the negative attitude that seems to currently be shown in the RFC and has made the offer to rewrite it to be more impartial to the subject at hand. In the comments of the post there's also some feedback about the different syntaxes and varying levels of support for the proposal.

0 comments voice your opinion now!
named parameter language feature rfc rewrite

Link: http://philsturgeon.co.uk/blog/2013/09/named-parameters-in-php

PHPClasses.org:
26 Ways to Show that PHP Can Be Better Than PHP
March 21, 2013 @ 11:14:33

In a new blog post on PHPClasses.org today Manuel Lemos has gathered together some of the things that PHP doesn't have (yet). Most of them are things that developers have expressed a desire for in the core and either have yet to make it into a RFC or are still just being implemented in "userland" code.

The PHP development process is still a bit frustrating. Many developers hoped that PHP had certain features but those are still missing due to several reasons. One way to see those features happen is to write code to implement the features and then submit the code to the PHP core. However that is not a guaranteed process. Even if you provide the necessary code, other developers may object to the addition of those features and the effort is wasted.

Among the things he lists as features that are desired but not implemented yet are things like:

  • Aspect oriented programming
  • Annotations
  • Class generics
  • Introspection of private variables and functions
  • Named parameters

There's a summary of each of the features mentioned and in some cases links to RFCs that presented the same ideas. If you're interested in presenting your own ideas to the PHP project for inclusion, you can "demystify" the RFC process by checking out this post from Chris Jones with lots of good suggestions and the flow of how the process (usually) works.

0 comments voice your opinion now!
language better rfc feature proposal missing


Chris Jones:
The Mysterious PHP RFC Process and How You Can Change the Web
February 13, 2013 @ 10:31:19

For anyone that's wondered how some of the features they use every day get into the PHP language, Chris Jones has written up a post making the RFC (Request for Comments) process they follow a bit more transparent for the average developer.

The PHP RFC process has been in place for a while, and users new to core PHP development are starting to use RFCs to propose desirable features. Here are some personal observations and suggestions that show how I have seen feature acceptance and the (newish) RFC process work in practice. These notes augment the steps in How To Create an RFC. I hope they help set expectations about the PHP RFC process and feature acceptance in the PHP language.

He lists the steps in the process from start to finish including things like:

  • Avoid presenting an RFC idea to the "internals" mail list with email that begins "I don't know much about ... but ...". Do some research first.
  • Your RFC should talk about all PHP areas that will be affected: php.ini, different SAPIs, engine, extensions, etc. List similar features. List similar features in other languages. Link to references. Give an estimate of the actual positive impact to user code.
  • If you do have an implementation, make it clear whether the implementation is a simple prototype or is expected to be the final code. This is specially important during the vote.
  • There is no need to respond to every discussion email individually. You should batch up your responses and manage the discussion intelligently.
  • With long, fragmented discussions, not everyone will read every email. Update the RFC at regular intervals, and let people know what has changed.
  • Some areas of PHP are complex or niche. Sometimes feature suggestions will be greeted by an apparent lack of interest. Don't be discouraged. This just means you need to take a stronger leadership role, and also prove your credentials by first working on the existing code base.
  • During the voting period, it is common for people to continue mail list discussion. You may need to halt the vote and address any issues.

Obviously, there's a lot more to it than that - his post does a great job of letting you know what to expect and includes useful tips on helping you get your idea across.

0 comments voice your opinion now!
rfc requestforcomments porposal language feature tips process


Phil Sturgeon:
PHP 6 Pissing in the Wind
January 28, 2013 @ 10:42:16

With some of the recent talk about the consistency of naming methods in PHP (or lack thereof) Phil Sturgeon has put together some ideas about why this (and unicode) changes aren't happing in the language.

PHP is well known for having an inconsistent API when it comes to PHP functions. Anyone with an anti-PHP point of view will use this as one of their top 3 arguments for why PHP sucks, while most PHP developers will point out that they don't really care. [...] Another big thing that anti-PHP folks laugh about is the lack of scalar objects, so instead of $string->length() you have to do strlen($string). ANOTHER thing that people often joke about is how PHP 6.0 just never happened, because the team were trying to bake in Unicode support but just came across so many issues that it never happened.

He shares an "obvious answer" to the problems and shares a theory as to why it's not happening - that no one is really working on out (outisde of this POC) and some of the handling with the recent property accessors RFC. He finishes off the post with three more points, all related to the results of the voting - little points seem to get voted in easier, the representation of developers in the process and that at least one of the "no" votes had to do with not wanting to maintain the results.

Making changes to this language should not be blocked just because a quiet minority of the core team don't like the idea of being asked to do stuff.

Be sure to check out the comments on the post - there's lots of them, so be sure you have some good time to read.

0 comments voice your opinion now!
opinion php6 unicode property accessors rfc voting


Pádraic Brady:
PHP Escaper RFC Consistent Escaping Functionality For Killing XSS
September 19, 2012 @ 13:02:59

There's been a lot of chatter about a recent RFC from Pádraic Brady on the php.internals maling list - his proposal to add native escaping to the PHP core. He shares some of his own thoughts about the proposal in a new post to his site.

A short time ago today, I submitted a PHP RFC for discussion which proposes adding an SPL Escaper class and, quite possibly, a related set of functions dedicated to escaping data for output to HTML/XML to PHP: https://wiki.php.net/rfc/escaper. The RFC itself should be a good read if you want to understand why I'm proposing this but the basics are quite simple. Cross-Site Scripting (XSS) is one of the two most common security vulnerabilities in web applications - the other being SQL Injection. Despite this, PHP's offering of escaping functions is extremely limited.

He talks about what problems the proposed solution solves and how it could help protect PHP programmers more effectively than the more complicated methods they have to go through now. If you're interested in reading the conversations so far, you can start here and walk through the messages.

0 comments voice your opinion now!
rfc proposal escaping core proposal phpinternals discussion


Miro Svrtan:
PHP Fatal errors into exceptions natively
August 28, 2012 @ 10:08:39

Miro Svrtan has a new post today proposing something that could be added to help handle bad method calls in PHP apps - using the BadMethodCallException (pre-existing) instead of throwing fatal errors.

Using getter method that is not implemented will get you fatal error saying how undefined method is called and request will stop. [...] On the other hand if you would use public property all you would get is a notice saying how this property does not exist and rest of request would be completed. [...] I know that this is due to dynamic typing behavior of PHP and no I am not suggesting raising a notice if undefined method gets called but since 5.1.0 there is a BadMethodCallException class which would be perfect for this situation.

There's been other people that have proposed the same idea as a bug, but nothing formal has been submitted as an RFC to make the change. Miro is looking for feedback to find if others would be interested in this feature and want to make the proposal (leave comments here).

0 comments voice your opinion now!
exception native badmethodcallexception fatal error rfc


Sherif Ramadan:
Finally Getting finally In PHP?
August 09, 2012 @ 10:53:55

In this recent post to his site Sherif Ramadan looks at a proposal that's currently under view (RFC) to add the "finally" keyword to PHP.

It's quite possible that PHP may finally be getting the addition of the finally block in its try/catch block. [...] It also solves a simple, but overlooked problem for the developer. With finally we offer the user-space code a chance to do any clean up work that may be necessary after a try block has terminated execution and with clear semantics.

He includes a use case for this feature - an example showing exception handling on multiple levels and writing to log files when the cleanup of the exception is finished (without the potential for another method to trigger the exception itself). "Finally" allows you to take this logic out of the exception handling and put it at the end, removing the possibility of it triggering an exception for the wrong reason. There's a few other examples showing some other quirks with its usage - like calling die will not make it end up in the "finally".

0 comments voice your opinion now!
finally rfc keyword exception handling proposal



Community Events











Don't see your event here?
Let us know!


database introduction unittest support hhvm component package language application hack release framework facebook podcast performance install opinion composer security symfony2

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework