Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Codecourse.com:
Social Network with PHP: Introduction (Video Series)
Aug 28, 2015 @ 11:50:47

Codecourse.com has released a video series walking you through the creation of a simple social network site with PHP, Laravel and Bootstrap.

[This tutorial shows you how to create] a social network built with Laravel and Bootstrap. Authenticate, add and accept friend requests, post to a timeline, reply to and like statuses.

The videos are pretty "bite sized" at just a few minutes each, but they walk you through all of the code you'll need to get the site up and running as well. There's 36 videos in the playlist but with the playlist on auto-play you'll go through them quickly.

tagged: playlist video tutorial series screencast social network laravel bootstrap

Link: https://www.youtube.com/playlist?list=PLfdtiltiRHWGGxaR6uFtwZnnbcXqyq8JD

Laracasts.com:
PHP 7 Up and Running (Video Series)
Aug 28, 2015 @ 10:38:14

The Laracasts site has posted a set of videos that can help you learn all about PHP7 and get you up to speed before this next major release is available for download (well, a stable release anyway).

Slated for release in October, 2015, PHP 7 brings a wealth of new features, bug fixes, and performance improvements. If you're curious, come with me, as I demonstrate what's new!

The videos cover some of the major new features coming to the language including:

More videos are coming too, including one already listed showing how to use anonymous classes. Keep an eye on this series to learn all about PHP 7 before it's even released.

tagged: php7 video series introduction major version tutorial

Link: https://laracasts.com/series/php7-up-and-running

Piotr Pasich:
Putting all pieces together and shipping with Codeship (Continuous Deployment – part I
Aug 18, 2015 @ 12:45:01

Piotr Pasich continues his series covering the integration of Docker, Elastic Beanstalk and Codeship to create a workflow for shipping and releasing code. In the first two parts of the series he set up most of the technology involved and hooked some of it together. In this latest article he finishes the process, connecting CodeShip with GitHub and your tests.

Today I will walk you through combining all the pieces together and automating the process fully. A continuous integration system will be placed between developer’s environment and final servers. I’ll present how to achieve all of that with Codeship. What make me choose this particular mechanism? The simplicity of setting up, number of additional tools ready to use without installation and finally the fact that it isn’t time consuming.

He shows how to connect CodeShip with your GitHub repository. He shows how to create a new CodeShip project to handle the build complete with a screencast to ensure things are set up as they should be. He includes a bit of "magic" you'll need to do with the CodeShip configuration to get it to work with the Docker setup, but the change is minimal. He also shows you how to set up the execution of your tests and how to see what failed when a build is broken. Finally he shows the process for setting up the deployment to the hosting provider (in this case Digital Ocean) and how to configure your Amazon credentials right in the interface.

tagged: codeship elasticbeanstalk continuous deployment series part3 docker tutorial

Link: http://piotrpasich.com/putting-all-pieces-together-and-shipping-with-codeship-continuous-deployment-part-iii/

PHPClasses.org:
How to Create a PHP C Extension to Manipulate Arrays Part 2: Adding ArrayAccess and
Aug 13, 2015 @ 12:33:04

Dmitry Mamontov has posted the second part of his "How to Create a PHP C Extension to Manipulate Arrays" series on PHPClasses, building on part one and adding in the ArrayAccess and Traversable interface functionality.

In the first part of this article we learned how to create an extension for PHP written in C to create a class that works like arrays. However, to make the class objects really behave as arrays you need to implement certain interfaces in the class.

Read this article to learn how to make a PHP class defined by a C extension implement ArrayAccess and Traversable interfaces, as well understand how to solve problems that you may encounter that can make your extension slower than you expect.

He takes the class he defined in part one and walks you through the addition of the two interfaces. He shows you where they're defined in the PHP source, what the code looks like and how they integrate with the class. He also shows you how to customize the object class handlers, making it possible to use the custom class (object) as an array. Adding Traversable is easier, adding an iterator return method that allows for the data internal to the class to be iterated through.

tagged: phpclasses series part2 extension class array manipulate arrayaccess traversable

Link: http://www.phpclasses.org/blog/post/306-How-to-Create-a-PHP-C-Extension-to-Manipulate-Arrays-Part-2-Adding-ArrayAccess-and-Traversable-interfaces.html

PHPClasses.org:
How to Create a PHP C Extension to Manipulate Arrays Part 1: Basic Array Class Exten
Aug 11, 2015 @ 10:27:24

Dmitry Mamontov has posted a the first part of a series looking at manipulating arrays in the PHP source and enhancing performance for certain handing as a PHP extension.

In PHP projects, arrays are used every where because they are useful and flexible to store all sorts of data structures. However, when you need to maximize the performance the manipulation of arrays for specific purposes, you can achieve great gains if you implement a PHP extension written in the C language. Read this tutorial to learn how to build your own basic array manipulation extension in C.

He covers all the steps you'll need to get start building the extension, introduces a few key concepts and starts on the code for the extension:

  • Building PHP from the Source
  • Building a PHP Extension (overview)
  • Brief Introduction to zval and Functions
  • Defining a Class in Our Extension
  • D for Dynamic (working with dynamic array values)

The C code needed is included through out the post. The next part in the series will build on this and show how to implement interfaces like ArrayAccess and Traversable.

tagged: extension array manipulate part1 series introduction source

Link: http://www.phpclasses.org/blog/post/304-How-to-Create-a-PHP-C-Extension-to-Manipulate-Arrays--Part-1-Basic-Array-Class-Extension.html

Piotr Pasich:
Automated deployment with AWS Elastic Beanstalk (EB) – Part II
Aug 07, 2015 @ 09:14:31

Piotr Pasich has posted the second part of his series showing you how to set up an automated deployment process for an environment that includes an Elastic Beanstalk instance. In this part of the series be builds on the process created in part one and shows the setup and configuration of the Beanstalk instance.

In the previous part we set up a dedicated Symfony application on Docker virtual containers and prepared environments that may be transferred between developers during project cycle. The next step is to prepare the application for pushing into the cloud. There are many options available on the market – Heroku, DigitalOcean and, my favorite, AWS Elastic Beanstalk.

He walks you through the Amazon side of things first, getting the Beanstalk instance set up through the AWS control panel, selected from the AWS list of services. He goes through the options you'll need to configure to get the instance all set up and running including the resources to allocate and instance type (t1.medium is recommended). He then helps set up some of the necessary environment variables for configuration information and a bit of a hack to Symfony that lets you override local parameters with ones coming from the environment. Finally he configures the Beanstalk application and setting it up for automated deployment.

tagged: series part2 elasticbeanstalk aws deployment automated tutorial

Link: http://piotrpasich.com/automated-deployment-with-aws-elastic-beanstalk-eb-part-ii

Check Point Blog:
Finding Vulnerabilities in Core WordPress: A Bug Hunter’s Trilogy, Part I
Aug 06, 2015 @ 11:44:14

The Check Point blog has posted the first part of a series from one of their vulnerability researchers about finding security vulnerabilities in the core WordPress code (and some of the results along with CVE numbers).

In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only ‘Subscriber’ user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS attacks on 20% of the popular web.

In this first part he focuses on the concept of "identity" in a WordPress application. He focused on the "roles and capabilities" functionality to find bypass methods in operations like editing and adding new posts. As he works through his process, code is included from the WordPress core showing where the issue(s) lie and what would be needed to exploit the issue.

tagged: bug hunt wordpress vulnerability core code part1 series checkpoint

Link: http://blog.checkpoint.com/2015/08/04/wordpress-vulnerabilities-1/

SitePoint PHP Blog:
Appserver – a Production-ready PHP-based Server
Aug 06, 2015 @ 08:57:44

The SitePoint PHP blog has posted a new review of Appserver, a "production-ready PHP application server" that includes a web server written in PHP. Appserver is a downloadable project that can be run on any server that already has PHP installed.

You’re probably asking, “Why is appserver paradigm changing?” The answer is, because it tackles the last frontier of PHP application development: high performance for large applications from a server resource optimization and collaboration perspective. This is the realm of PHP development which a good number of professional PHP developers have been calling for, like Manuel Lemos in his “PHP7 Features and Release Date” blog (see the section about a “Standalone Multi-threading Web Server”) and Fabien Potencier, father of Symfony, in his presentation “My Take on PHP”, where he notes he is also working on such an application server solution himself. Well, look no longer Fabien, we already have a really good solution with appsever.io.

In this first part of a new series author Scott Molinari introduces some of the basic concepts behind an appserver in general and helps you get the software installed. He talks about threading and compares the typical PHP server stack against the appserver approach. The main difference is that, with the appserver, there's more control over what's destroyed for each request, allowing more control over the execution and reuse of components. He points out that it does require a bit of different kind of thinking to write code that works with an appserver. He finishes off the post with a few quick steps to getting the latest version of the Appserver build into a local VM via the apt-get package manager and starting it up.

tagged: appserver appserverio application server introduction part1 series concept installation

Link: http://www.sitepoint.com/appserver-a-production-ready-php-based-server

BitExpert Blog:
Think About It: PHP/PostgreSQL Bulk Performance (Part 3)
Jul 24, 2015 @ 10:46:06

On the bitExpert blog they've continued their "Think About It" series of posts looking at optimizations that can be made to different technologies in their stack to increase performance. In this third part of the series they focus in on the changes made to help speed things up with the PostgreSQL database backend.

This article is the last of a three-part series and describes how we optimized the persistence process of bulk data in our code in combination with PostgreSQL. Make sure you covered the first article about how we tweaked PHPExcel to run faster while reading Excel and CSV files and the second article about how we optimized our data processing and reached performance improvements tweaking our code.

They work from the example code provided at the end of part two and update the "update" handling to optimize it a bit. By default it executes an update query for each record so, instead, they modified it to perform a bulk update with an "update from values" format. They could then migrate to a "save all" handler with the complete set of records to save.

tagged: performance postgresql bulk series part3 tutorial phpexcel excel csv

Link: https://blog.bitexpert.de/blog/think-about-it-php-postgresql-bulk-performance-part-3/

AppDynamics PHP Blog:
Introduction to PHP Security – Part 2
Jul 22, 2015 @ 08:33:01

The

AppDynamics PHP blog has posted the second part of their series looking at some of the basics of PHP security. In part one they talked about some of the most common attacks and how to remediate them. In this latest part they "dive deeper" and get into some of the more advanced issues.

Truth be told, there are potentially an infinite number of ways in which a software product can be compromised and have its security breached. [...] New security flaws are regularly found, and routine patches are immediately released for most of the major software applications you utilize in your application stack. No matter whether your web or database server, your operating system, your PHP runtime, or even the MVC framework that your time adopted, your point(s) of exposure may exist anywhere within the various components that make up your application ecosystem.

They start with a few more advanced best practices including using SSL and keeping error messages away from the public eye. They briefly discuss other kinds of injection types (besides just SQL) and offer some tips about securing the data that lives in the application as well.

tagged: security introduction series part2 advanced bestpractice injectiondata

Link: https://blog.appdynamics.com/php/introduction-to-php-security-part-2