News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

HHVM Blog:
HHVM 3.0.0
March 31, 2014 @ 10:15:00

The HHVM blog has an exciting new post for those using the HHVM and Hack language - they've officially released version 3.0.0 with complete Hack support.

At our last major version bump (2.0.0), we basically became a whole new project. We switched from a "PHP -> C++" translator to a virtual machine. This version bump (3.0.0) is a much less dramatic code shift (we're still a VM, don't worry), but this time the big announcement is that we support a new language, Hack.

They take a step back in time and look at the changes since 2.0.0 in organization, technology and community involvement. From there, they get into "the business" of what's in this new release including:

  • The old webserver is gone. If you get something like Uncaught exception: no factory for server type "libevent", you need to switch to fastcgi.
  • We are moving from .hdf config files to .ini.
  • Our most requested extension, mysqli is now in. (there's currently a bug, but the fix will be in 3.0.1).

You can find out more about the HHVM on the project's main website.

0 comments voice your opinion now!
hhvm release hack support v3 project facebook

Link: http://hhvm.com/blog/4349/hhvm-3-0-0

Liip Blog:
HHVM and New Relic
March 28, 2014 @ 09:04:00

In this new post to the Liip blog Christian Stocker talks about how they use the popular application and server monitoring service New Relic with the HHVM (despite no official support).

As discussed in one of my last blog posts, we really like New Relic for performance metrics and use it a lot. Unfortunately there isn't an extension for HHVM (yet) and HHVM is becoming an important part in our setup. But - a big great coincidence - New Relic released an Agent SDK and with that, an example extension for HHVM and WordPress. That was a great start for me to get behind the whole thing.

He talks about writing a HHVM extension and includes an example of the implementation. Christian also talks about the challenges around profiling data and finding out where the requests "spend their time" in the execution. There's two solutions he suggests, but they each have their tradeoffs (a recompiled/patched version or a performance hit). He provides the extension they've built in this github repository.

0 comments voice your opinion now!
hhvm newrelic patch extension support agentsdk

Link: http://blog.liip.ch/archive/2014/03/27/hhvm-and-new-relic.html

Ulf Wendel:
The performance penalty of the early MySQL Fabric support for PHP
March 13, 2014 @ 12:16:23

In his latest post Ulf Wendel looks at the performance issues around the recently introduced MySQL Fabric support included in the mysqlnd extension.

PECL/mysqlnd_ms 1.6 is currently being modified to support sharding and fully automatic server and client failover when using MySQL Fabric (slides) to manage a farm of MySQL servers. PECL/mysqlnd_ms is a mostly transparent load balancer that works with all PHP MySQL APIs (PDO_MySQL, mysqli, ...). The idea is, that if, for example, a MySQL server fails, the plugin talks to MySQL Fabric to learn about alternative servers that Fabric has provisioned automatically. This "talks to" gives implies a performance penalty for applications.

He takes a look at what's happening "behind the scenes" when it comes to using the Fabric functionality and sharding (based on the use of mysqlnd_ms_select_shard). He traces through the execution path and how much slower then end result is. He includes some results from the connection debugging and the number of queries a single request makes.

0 comments voice your opinion now!
mysqlnd performance penalty mysql fabric support

Link: http://blog.ulf-wendel.de/2014/the-performance-penalty-of-the-early-mysql-fabric-support-for-php/

Pádraic Brady:
Thoughts on Composer's Future Security
March 06, 2014 @ 11:09:06

Pádraic Brady has a new "let's watch Paddy think aloud in a completely unstructured manner blog post" about the future of security when it comes to the popular PHP package manager Composer. It's recently come under criticism around its lack of package signing and TLS/SSL support.

The Composer issue, as initially reported by Kevin McArthur, was fairly simple. Since no download connection by Composer was properly secured using SSL/TLS then an attacker could, with the assistance of a Man-In-The-Middle (MITM) attack, substitute the package you wanted to download with a modified version that communicated with the attacker's server. They could, for example, plant a line of code which sends the contents of $_POST to the attacker's server.

He's been working on some updates to the project, one of with is TLS/SSL support as defined in this pull request currently pending. It enables peer verification by default, follows PHP 5.6 TLS recommendations and uses local system certificates in the connection. He talks some about other additional TLS/SSL measures that could be added in the future and how, despite it being safer than nothing, TLS/SSL is not the "cure all" for the problem.

He then moves on to package signing and suggests one method for implementation - signing the "composer.phar" executable and signing "everything else" (packages to be downloaded) to verify their validity.

The flaw in Composer's installer isn't that it's unsigned, it's that it doesn't afford the opportunity for the downloader to read it before it gets piped to PHP. It's a documentation issue. You can go down the route of using a CA, of course, but that's further down the rabbit hole than may be necessary. Signing the composer.phar file is another matter.
0 comments voice your opinion now!
composer package signing tls ssl support security

Link: http://blog.astrumfutura.com/2014/03/thoughts-on-composers-future-security

Johannes Schlüter:
On rumors of "PHP dropping MySQL"
February 24, 2014 @ 13:44:21

There's been some rumors floating around about the possibility of PHP's MySQL support going away in upcoming versions of the language. In his latest post Johannes Schlüter tries to bring a bit of clarity to these rumors and what's actually being removed.

Over the last few days different people asked me for comments about PHP dropping MySQL support. These questions confused me, but meanwhile I figured out where these rumors come from and what they mean. The simple facts are: No, PHP is not dropping MySQL support and we, Oracle's MySQL team, continue working with the PHP community.

He suggests that the confusion might have come from the recent changes to "soft deprecate" the oldest ext/mysql functionality and warn users against using it in their applications. He talks about the history of MySQL support in PHP and one project that removing it could adversely effect (WordPress).

0 comments voice your opinion now!
mysql support remove rumor extmysql deprecate wordpress

Link: http://schlueters.de/blog/archives/177-On-rumors-of-PHP-dropping-MySQL.html

Phil Sturgeon:
Composer now supports PSR-4
January 06, 2014 @ 09:59:36

As Phil Sturgeon notes in a recent post to his site, the Composer, the popular PHP package management tool, now supports the PSR-4 autoloading standard as defined by the PHP-FIG.

PSR-4 was voted in as an "accepted" PSR by the FIG in December. It took a little while to get done and went through a series of painful rewrites but when we have in the end is a document that reflects what this truly is: an improvement on PSR-0.

Today Jordi Boggiano merged a pull request by Andreas Hennings into master branch of Composer that contained support for PSR-4. Andreas was a massive help to the FIG while we were trying to shake the issues out of PSR-4 during Draft and Review stages, so he really outdone himself by providing the code too.

Phil makes a few suggestions about moving to PSR-4 including: not moving immediately, making a "psr4" branch to test it out and points to an example of how to do it. More information on PSR-4 and Composer can be found in the official documentation.

0 comments voice your opinion now!
composer psr4 autoload standard phpfig support

Link: http://philsturgeon.co.uk/blog/2014/01/composer-now-supports-psr4

Mikko Koppanen:
Memcached protocol support
November 15, 2013 @ 11:15:38

Mikko Koppanen has posted about some updates he's making to the PECL memcached extension, more specifically around binary protocol support.

There are quite a few things still missing and only binary protocol is supported at the moment, but the code seems to work reasonably well in small-scale testing. I am not sure whether this is useful for anyone, but at least it allows things such as quick prototyping of network servers, exposing sqlite database over memcached protocol etc.

An example of code using this new functionality is included in the post showing how to create both a simple sever with attached "get" and "set" handlers and a client to connect to it and enable the binary protocol.

The code is still work in progress but it's available in github: https://github.com/mkoppanen/php-memcached/tree/feature-server. Note that you need to compile libmemcached with -enable-libmemcachedprotocol and the PECL memcached extension with -enable-memcached-protocol.
0 comments voice your opinion now!
memcached binary support protocol pecl update

Link: http://valokuva.org/memcached-protocol-support/

Kevin Schroeder:
Google finally acknowledges that PHP exists
July 22, 2013 @ 11:53:10

Kevin Schroeder has an interesting post to his site about how Google is finally acknowledging PHP exists and how it's "exploding on Google App Engine"...but it's only happening just now.

How is it that one of the most despised programming languages in the word is running (as Google claims) up to 75% of the web? Many nay-sayers will say "oh it's just WordPress" or "oh, it's just PHPbb". But in doing that they are completely missing the point. [...] In the article Venture Beat says "PHP is moving to the Enterprise very quickly". This is not true. PHP IS in the enterprise and has been for a long time. People just either don't know it or refused to admit it.

He talks about the things that PHP does, including something interesting - it exposes the focus on the theoretical (the "ivory tower" as he puts it) and puts the focus back on the practical, real-life world of just getting things done. He suggests that Google's reasoning behind taking so long to get PHP up and running on the App Engine was just someone with "their blinders on" to the world of the practical that PHP fills so well.

0 comments voice your opinion now!
google appengine support exist enterprise theoretical practical

Link: http://www.eschrade.com/page/google-finally-acknowledges-that-php-exists

PHPMaster.com:
Google App Engine and a Plea for Phalcon
June 20, 2013 @ 10:42:42

On PHPMaster.com today there's a new tutorial that talks about running PHP applications on the Google App Engine and makes a suggestion for an extension-based framework (Phalcon) that might work well there...if they allowed you to enable extensions.

While a full discussion of GAE is outside the scope of this article, suffice it to say that GAE is neither a private server nor a virtual private server - it's a platform. As such, it has some limitations. You cannot simply install extensions in it, nor can you write to disk freely. You cannot alter resource limits on your own and you cannot install custom system tools. It isn't your average Linux box; it's a fully managed colossal environment for enterprise-level applications.

He talks some about the transition over from a typical hosting solution to the Google App Engine platform and points out some resources that can help you get started. He also restates the need for extension configuration on the platform, noting that some extensions needed for some common functionality in PHP frameworks (or the framework itself in the case of Phalcon) can't be enabled or used.

0 comments voice your opinion now!
google appengine extension support phalcon framework

Link: http://phpmaster.com/google-app-engine-and-a-plea-for-phalcon

PHPClasses.org:
5 Reasons Why the Web Platform War is Over PHP Won with 75% says Google
May 22, 2013 @ 09:06:11

In this new post to the PHPClasses.org blog Manuel Lemos talks some about the recent introduction of PHP into Google's App Engine offerings.

During Google I/O 2013 event a Google manager said PHP runs on 75% of the Web sites. So they decided to finally support PHP as in their AppEngine hosting service. Read this article to understand why this puts an end to years of false claims that PHP was losing market, as well what it means to Web developers using PHP or other languages.

He looks at the App Engine PHP offering and looks at whether or not its a good platform to use for hosting your application. He points out some advantages and disadvantages (including no local file system access and no remote resource access). He also includes five reasons why the "web platform war is over" and why PHP has come out victorious:

  • Google Knows Because They Crawl the Whole Web
  • Google Does Not Influence Web Developers so much
  • Wordpress is the Dominant Blog Platform (not Blogger)
  • Programming Does Not Have to Be Beautiful
  • PHP Detractors Have the Wrong Focus

He admits, though, that PHP may not be dominant forever - it's not perfect, but there will always be a need for something that does what it can do (and does it well).

0 comments voice your opinion now!
google appengine support advantages disadvantages mysql platform war

Link: http://www.phpclasses.org/blog/post/208-5-Reasons-Why-the-Web-Platform-War-is-Over-PHP-Won-with-75-says-Google.html


Community Events











Don't see your event here?
Let us know!


language symfony2 series facebook podcast opinion unittest hhvm release framework package composer introduction hack dependency application install security component overview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework