Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Codevate.com:
Securing client-side public API access with OAuth 2 and Symfony
Jul 18, 2016 @ 12:30:26

On the Codevate.com blog there's a tutorial posted by Chris Lush showing you how to secure your client-side public API with OAuth 2 (based on the Symfony platform).

Say you’ll be developing a web application for a customer to create and manage restaurant bookings, exposing restaurant information (name, opening times, menu contents etc.) and booking creation as RESTful API endpoints, which are consumed by secure admin backend. You’ll need to authorise access to the API, but there is no end-user involved since the web app is its own resource owner, so the previous flow doesn’t apply.

[...] However, you also need to develop a booking widget that will be embedded in a company or restaurant’s website for visitors to use. In this case, the client-side is no longer trusted enough to share the OAuth client secret that’s required to authenticate with your API. [...] We encountered a similar use-case for a client project recently, and this blog post details the steps taken to address it.

He then shows how to integrate the FOSOAuthServerBundle bundle into your current Symfony-based application and the updates you'll need to make to your security.yml file. He includes the code needed to create a "client" and associating it with a company already in the customer list. Next is the creation of access tokens and linking them to the restaurants in their system (a unique identifier to use externally for the restaurant rather than an ID). He shows an example of handling the token requests and the code/config changes needed to set it up. Finally he talks about scoping API requests down to certain functionality and an example cURL call to the API to show the results of it all combined.

tagged: clientside api access security oauth2 symfony tutorial bundle

Link: https://www.codevate.com/blog/12-securing-client-side-public-api-access-with-oauth-2-and-symfony

SitePoint PHP Blog:
Quick Tip: Testing Symfony Apps with a Disposable Database
Jul 14, 2016 @ 11:12:16

On the SitePoint PHP blog author Andrew Carter has shared a "quick tip" about using a disposable database in the testing of your Symfony-based applications.

Testing code that interacts with a database can be a massive pain. Some developers mock database abstractions, and thus do not test the actual query. Others create a test database for the development environment, but this can also be a pain when it comes to continuous integration and maintaining the state of this database.

In-memory databases are an alternative to these options. As they exist only in the memory of the application, they are truly disposable and great for testing. Thankfully, these are very easy to set up with Symfony applications that use Doctrine.

He talks first about the built-in functionality Symfony has to use different configuration files for different environments. This allows for easier testing in a more isolated setup than replicating development. He then shows how to use Doctrine with a SQLite in-memory database with a simple update to the config_test YAML configuration file. He also includes the code for a DatabasePrimer class that gets the Doctrine entity manager and executes the the schema tool to set up the schema in the database and "prime" it with any fixtures you might need.

tagged: tutorial symfony sqlite database inmemory testing schema fixture

Link: https://www.sitepoint.com/quick-tip-testing-symfony-apps-with-a-disposable-database/

SitePoint PHP Blog:
Can Symfony Apps Be Fast on Vagrant? Let’s Check with SuluCMS!
Jun 28, 2016 @ 12:13:15

On the SitePoint PHP blog they've posted a new tutorial looking at the combination of Symfony applications (well, one specific one) and Vagrant to optimize it for the best performance possible.

In this short tutorial, we’ll set up Sulu, a new Symfony based CMS, and optimize it on a Vagrant environment. Why a dedicated tutorial handling this? Besides the fact that Sulu has a rather complex initialization procedure, it is based on Symfony which is infamously slow on virtual machines with shared filesystems, and thus needs additional optimizations post-install. The performance hacks in this post, while Sulu-specific, can be applied to any Symfony application to make it faster on Vagrant.

The rest of the post walks you through the steps to get the box set up and the Sulu application up and running:

  • New Box and Folder Sharing
  • App Type and Vagrant Boot (configuration)
  • Installing Sulu

Then they get into the speed improvements and "hacks" to make the overall system perform better. They make updates to the log/cache directory fetching, moving the "vendors" folder into the VM (non-synced) and enabling the APC caching on autoloading. The tutorial also includes a few helpful troubleshooting tips of things to check if a problem does happen to pop up.

tagged: tutorial symfony application vagrant sulucms performance

Link: https://www.sitepoint.com/symfony-on-vagrant-performance-hacks-sulucms-case-study/

Symfony Finland:
Cache enhancements in Symfony 3.1 and 3.2: PSR-6 and tag invalidation
Jun 23, 2016 @ 09:17:04

On the Symfony Finland site there's a post talking about caching enhancements in Symfony 3.1 & 3.2 using the PSR-6 structure as defined by the PHP-FIG standard.

Symfony 3.1 was the first version of the new Symfony3 family to offer new features. The first 3.0 release had feature parity with the last of the Symfony2 series. Symfony 3.1 was launched in May 2016, with a moderate list of added individual features, but one that was a big step in terms of caching: [an] implementation of the cache PSR (PSR-6). The new component is also automatically wired in FrameworkBundle and Symfony Standard Edition."

He talks about how following the PSR-6 standard allows for caching tools to only need to worry about the underlying implementation, not the interface. The post also talks about a new feature coming in Symfony 3.2 around caching: cache tagging. This allows you to "link" cache entries together using tags as related items. One potential use of this is invalidating cache records linked to a specific resource or page in the application without having to check each entry.

tagged: symfony cache invalidation tagging psr6 phpfig

Link: https://www.symfony.fi/entry/cache-enhancements-in-symfony-3-1-and-3-2-psr-6-and-tag-invalidation

Yappa Blog:
Symfony Components in a Legacy PHP application
Jun 21, 2016 @ 12:50:13

On the Yappa Tech blog Joeri Verdeyen has written up a post covering the integration of modern Symfony components into a legacy application with a relatively simple container setup and configuration.

Symfony Components are a set of decoupled and reusable PHP libraries. They are becoming the standard foundation on which the best PHP applications are built. You can use any of these components in any of your applications independently from the Symfony Framework.

[...] The purpose of this post is to roughly describe how to implement some of the Symfony Components. I've created a set of gists to get started. You should already know how Symfony Components work in the Symfony Framework.

He starts with an example Composer configuration pulling in some of the more popular Symfony packages (like VarDumper and FormBuilder). He then includes the code to bootstrap the container instance and the services.yml he's come up with to bootstrap and integrate all of the components. The tutorial ends with examples of putting some of these components to use in resolving controllers, using the FormBuilder, using the command line and outputting errors with the VarDumper.

tagged: symfony component legacy application tutorial container example

Link: http://tech.yappa.be/symfony-components-in-a-legacy-php-application

SitePoint PHP Blog:
Your Own Custom Annotations – More than Just Comments!
Jun 21, 2016 @ 11:04:14

The SitePoint PHP blog has posted a new tutorial from author Daniel Sipos showing you how you can use custom annotations in your Symfony-based application. You can also do annotation parsing outside of Symfony but that requires other external libraries to accomplish.

In this article, we are going to look at how we can create and use our own custom annotations in a Symfony 3 application. You know annotations right? They are the docblock metadata/configuration we see above classes, methods and properties. You’ve most likely seen them used to declare Controller routes (@Route()) and Doctrine ORM mappings (@ORM()), or even to control access to various classes and methods in packages like Rauth. But have you ever wondered how can you use them yourself?

[...] In this article we are going to build a small reusable bundle called WorkerBundle. [...] We’re going to develop a small concept that allows the definition of various Worker types which “operate” at various speeds and which can then be used by anyone in the application. The actual worker operations are outside the scope of this post, since we are focusing on setting up the system to manage them (and discover them via annotations).

He then gets into the code, creating the WorkerInterface the workers will implement and a sample worker class with an annotation describing it. Next up he creates the WorkerManager to create and get the current set of workers. Then comes the discovery process and the creation of a simple class that looks through files and finds those with the @Worker annotation and makes them available as a worker instance. Finally he "wires it all together" in the services configuration and shows an example of a basic worker instance and using it by calling its work method.

tagged: custom annotations worker example symfony application tutorial

Link: https://www.sitepoint.com/your-own-custom-annotations/

Stefan Koopmanschap:
Command or Controller
Jun 20, 2016 @ 12:04:18

In a post to his site Stefan Koopmanschap takes a look at the technical term "command" and tries to clear up some of the confusion around its use and how it differs from the idea of a "controller".

A couple of weeks ago while walking towards lunch with Jelrik we were having a bit of a discussion about the use of the term Command. Not long before that, Jelrik had asked a question about naming of Commands in our Slack channel, which led to some confusion.

He starts off by defining what a command is and why it's called a "command" instead of a controller (hint: it "just works" with the Symfony Console). He then gives an example of a command in a Symfony bundle structure and how a CLI "controller" can extend the Command and automatically be integrated into the command structure.

tagged: command controller clarification example difference symfony bundle

Link: http://leftontheweb.com/blog/2016/06/18/Command-or-Controller/

Vic Cherubini:
Writing Functional Tests for Services in Symfony
Jun 16, 2016 @ 12:35:07

Vic Cherubini has written up a tutorial on his site showing you how to write functional tests for Symfony services in your application. He provides a practical example of testing a basic Symfony service and the configuration/code to go with it.

The dependency injector is an amazingly simple and flexible addition to Symfony, and one you should be using to properly structure your application. But what happens when you want to write a functional (or integration) test for a service that depends on another service? This article will show you an easy way to test complex services.

He sets up a simple InvoiceGenerator service that takes in a Doctrine entity manager and a "payment processor" instance. He stubs out a simple PaymentProcessor class and shows the configuration needed to set it all up for correct injection. He then gets into the testing of this setup, creating a simple test case that requests the invoice generator from the service container. In this call the services_test definition overrides the default and injects the test payment processor instead of the actual one.

tagged: symfony functional test services example tutorial configuration container injection

Link: https://viccherubini.com/2016/06/writing-functional-tests-for-services-in-symfony

Marc Scholten:
Accidental Complexity Caused By Service Containers In The PHP World
May 24, 2016 @ 11:25:30

In this post to his site Marc Scholten talks about something that's become a side effect of using the inversion of control design pattern in PHP applications (specifically related to dependency injection): added accidental complexity.

Modern PHP development favors the use of inversion of control to keep software more configurable and flexible. This leads to the problem that one now has to create a big graph of objects to use the application. As a solution to avoid redundant setup code, service containers like the symfony2 dependency injection component are used.

The goal of a service container is to centralize the construction of big object graphs. [...] Simple, right? Actually it’s not. Commonly used service containers are complex solution for simple problems.

He illustrates with an example using the Symfony services container, a piece of the framework that allows the definition of dependency relationships via a YAML formatted file. While this configuration seems simple enough, he points out that more complex dependencies (ones that could easier be set via a "set" method) become more difficult to define when limited by the service container config structure. He also points out that it makes static analysis of the code much more difficult with dependencies being dynamically fetched from the container instead of directly related. He offers an alternative to this complex container setup, however: a simple method (or methods) inside of a factory class that creates the objects, injects the required dependencies. This makes it much easier to call from the service container instance and configuration and even a "create container" call to set all of the dependencies up at once. He ends the post with some advantages of this approach and a takeaway or two to keep in mind when managing your object dependencies.

tagged: complexity service container accidental configuration simplex complex example symfony

Link: https://www.mpscholten.de/software-engineering/2016/05/21/accidental-complexity-caused-by-service-containers-in-the-php-world.html

SitePoint PHP Blog:
Benchmarking: Can AppServer Beat Symfony’s Performance?
May 19, 2016 @ 10:45:51

The SitePoint PHP blog has posted a new article comparing AppServer and Symfony on a performance level and wonders if the AppServer platform can outperform the framework on some base level functionality.

After the release of the first part of our Appserver series, it was clear through the ensuing discussions on both SitePoint and Reddit that we had touched a nerve for a good number of PHP channel’s devoted readers. I also quickly realized this new (for PHP) technology had a good number of serious doubters. One of the most poignant responses in the discussions was something along the lines of,

Needless to say, those doubtful and critical comments sounded like a real challenge. I was also very interested in finding out where appserver would land, if it were to be benchmarked against another well known PHP framework. [...] I decided to use my favorite framework, Symfony, to make the comparison. This is because appserver, as a stock PHP application server, also offers a good bit of important application functionality similar to Symfony.

They start with the approach they took to the comparison and how they set up the systems to evaluate the difference between the two (including hardware specs). The remainder of the post shares the results of several Apache Bench runs - the raw command line output - and more graphical versions of the same information (bar graphs). While there are a few "wins" on the AppServer side, overall it came in a bit slower (mostly because of the technologies involved in every request, however).

tagged: appserver appserverio performance symfony comparison benchmark results

Link: https://www.sitepoint.com/benchmarking-can-appserver-beat-symfonys-performance/