Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Christian M. Mackeprang:
4 forgotten code constructs: time to revisit the past?
Feb 10, 2017 @ 09:30:44

Christian M. Mackeprang has a recent post to his site sharing a few possibly forgotten code constructs whose use has faded in recent years. He revisits them, complete with code examples, and why he thinks they should be resurrected.

Some things in the programming world are so easy to misuse that most people prefer to never use them at all. These are the programming equivalent of a flamethrower: You might rarely be in the position to really need one, but every once in a while it turns out that you need to take down a forest. In that case, there’s no easier way than going Rambo on your codebase.

[...] That’s where a few of the old, forgotten code constructs come into play. Creative use of features such as goto, multiple inheritance, eval, and recursion may be just the right solution for experienced developers when used in the right situation.

The four constructs he recommends are: goto, multiple inheritance, eval and recursion. For each item in the list he provides a basic look at the concept and follows it up with "the right way" of doing things to prevent common issues with the feature.

tagged: code constructs past top4 list examples

Link: http://chrismm.com/blog/4-forgotten-code-constructs-time-to-revisit-the-past/

Paragon Initiative:
Securing a PHP Application in 2016: The Pocket Guide
Jul 11, 2016 @ 12:45:11

The Paragon Initiative has posted a new tutorial giving you a pocket guide version to securing your PHP application in 2016.

Please set aside most of what you've heard over the years; chances are, most of it just muddies the water. Security is not a product. Security is not a checklist. Security is not an absolute.

Security is a process. Security is an emergent property of a mature mindset in the face of risk.

Perfect security is not possible, but attackers do have budgets. If you raise the cost of attacking a system (your application or the networking infrastructure it depends on) so high that the entities that would be interested in defeating your security are incredibly unlikely to succeed, you'll be incredibly unlikely to be compromised.

The post talks about the "essence of security" and how most prevention methods don't even add much processing overhead or overall development time. He makes four recommendations of things to do in current and future development to help secure your applications:

  • Use PHP 7 in All New Development
  • Use HTTPS Everywhere
  • Use Security Headers
  • Use Trustworthy Reference Material

The post ends with a few other things to think about when building secure applications including raising the "cost" of attacking your system and keeping in mind that your platform may not be the attacker's "end game".

tagged: paragoninitiative secure application pocket guide top4 php7 https headers references

Link: https://paragonie.com/blog/2016/07/securing-php-application-in-2016-pocket-guide

Matt Stauffer:
Things I didn't know Laravel could do
Jun 03, 2016 @ 10:47:51

Matt Stauffer has a post to his site sharing a few things he didn't know Laravel could do as discovered during his work on his book Laravel Up & Running.

It turns out that there's a long road between "I have a book contract" and "I know everything there is to know in order to write this book."

It doesn't matter how much of an expert you feel like. It doesn't matter how much time you've spent learning and teaching. Across the board, every tech author I've talked to has described just how much they learned—had to learn—when they wrote a book.

I learned a lot in writing Laravel: Up and Running. And I want to share it with you.

He includes a list of four of the interesting things he learned during his writing:

  • The Cookie Facade is one special cookie
  • Attaching files to emails is easier than you think
  • You can chain more Scheduler methods than the docs show
  • You can assert that a view gets passed certain data

Each item also comes with a brief code example showing it in action. If you'd like more information about the book and a free sample, be sure to sign up using the form in the post or you can just pre-order the book and get the whole thing as soon as it's released.

tagged: oreilly book laravel interesting feature top4 free sample

Link: https://mattstauffer.co/blog/things-i-didnt-know-laravel-could-do

SitePoint PHP Blog:
4 Best Chart Generation Options with PHP Components
Jun 26, 2015 @ 08:30:29

The SitePoint PHP blog has a new article posted sharing four of the best charting libraries they've seen for use in your PHP applications. Options include both server and client side tools, making finding one for your situation easier.

Data is everywhere around us, but it is boring to deal with raw data alone. That’s where visualization comes into the picture. [...] So, if you are dealing with data and are not already using some kind of charting component, there is a good chance that you are going to need one soon. That’s the reason I decided to make a list of libraries that will make the task of visualizing data easier for you.

He starts with a brief comparison of the server side versus client side options, pointing out some high level advantages and disadvantages of each. He then gets into each of the libraries, giving an overview, an output example and some sample code to get you started:

  • Google Charts (Client Side)
  • FusionCharts (Client Side)
  • pChart (Server Side)
  • ChartLogix PHP Graphs (Server Side)

He ends with a wrapup of the options and links to two other possibilities you could also evaluate to find the best fit.

tagged: chart generation option component top4 list example output code

Link: http://www.sitepoint.com/4-best-chart-generation-options-php-components/