Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Toptal.com:
Data Encoding: A Guide to UTF-8 for PHP and MySQL
Jan 28, 2016 @ 13:22:56

The Toptal.com blog has posted a guide to data encoding in PHP and MySQL looking specifically at the use of UTF-8 and related handling. They talk about some of the updates you'll need to make to configurations, code and the MySQL settings to fully support this character set.

As a MySQL or PHP developer, once you step beyond the comfortable confines of English-only character sets, you quickly find yourself entangled in the wonderfully wacky world of UTF-8.

[...] Indeed, navigating through UTF-8 related data encoding issues can be a frustrating and hair-pulling experience. This post provides a concise cookbook for addressing these issues when working with PHP and MySQL in particular, based on practical experience and lessons learned (and with thanks, in part, to information discovered here and here along the way).

They start with the changes on the PHP side, updating the INI settings to make UTF-8 the default character set and which functions you'll need to update and replace. With those changes out of the way they move to the MySQL side, changing up settings in the my.cnf file and a few other things to consider on the database side (including that the MySQL support for UTF-8 is only a partial character set).

tagged: toptal data encoding mysql utf8 update configuration code

Link: http://www.toptal.com/php/a-utf-8-primer-for-php-and-mysql

Jordi Boggiano:
New Composer Patterns
Dec 21, 2015 @ 11:52:36

Jordi Boggiano, lead developer on the Composer has posted about some of the new Composer patterns that have been introduced into the tool this year, including some you might not even have realized.

Here is a short update on some nice little features that have become available in the last year in Composer.

He includes five of these features in his list (but something tells me these are just some of the more user-facing improvements the project has introduced):

  • Checking dependencies for bad patterns
  • Referencing scripts to avoid duplication
  • Defining your target production environment in composer.json
  • Excluding paths from the optimized classmap
  • Requiring packages easily and safely

For each item he includes the command (and sometimes optional arguments) that make it work and what kind of results you can expect. There's definitely some handy features in here and not just for the "power users" in the crowd.

tagged: composer feature update project patterns duplication environment classmap

Link: http://seld.be/notes/new-composer-patterns

Matthew Weier O'Phinney:
Secure PHAR Automation
Dec 15, 2015 @ 12:32:54

There's always been an issue with the creation of Phar packages in PHP and the security around them. There's been recommendations about creating signatures and only using secure connections for updates and rollbacks. Unfortunately there isn't an overly easy way to handle this yet. However, Matthew Weier O'Phinney has written up a post showing his workflow for doing these kinds of things, making use of the Box project to help with some of the more detailed parts.

For a variety of reasons, I've been working on a utility that is best distributed via PHAR file. As has been noted by others (archive.is link, due to lack of availability of original site), PHAR distribution, while useful, is not without security concerns, and I decided to investigate how to securely create, distribute, and update PHAR utilities as part of this exercise.

This is an account of my journey, as well as concrete steps you can take to secure your own PHAR downloads.

He starts by outlining the "roadmap" of the features he wants to include and the steps to take to create this more secure phar archive. It includes the use of both current, local tools and services (like Box and GitHub pages). He then walks through the steps in the full process:

  • Create an OpenSSL Key
  • Use Box to create the PHAR
  • Generate a version file
  • Create the gh-pages branch
  • Write self-update/rollback commands
  • Enable Travis-CI for the repository
  • Create an SSH deploy key
  • Archive and encrypt the secrets
  • Write a deployment script
  • Add the script to travis

While this seems like a lot of steps to just get a more secure phar set up, Matthew has done the hard work for you here and includes all of the commands, configuration examples and steps you'll need to take to fully set the process up. If all goes well, his example in his last "push and watch it work" section will go off without a hitch.

tagged: phar archive security signed https update rollback travisci tutorial

Link: https://mwop.net/blog/2015-12-14-secure-phar-automation.html

Developer Drive:
Looming PHP 7 and its effect on WordPress
Nov 26, 2015 @ 11:54:15

On the Developer Drive site they've posted an article for all of the WordPress users (and other curious folks) about the impact PHP 7 will have on the current WordPress system.

It’s no big secret now that PHP 7 is just on the horizon, and with that development comes questions on how it affects sites that run on WordPress. PHP 7 is a massive update to the server-side web development language called PHP, yet it’s also going to have an impact on any PHP-powered CMS like Drupal, Joomla and Magento.

They go through some of the major changes in PHP 7 and talk briefly about what kind of effects they'll have on those running this popular CMS including:

  • Performance upgrades
  • New and improved operators
  • Continuous 64-bit support
  • Anonymous class support

They recommend that you keep an eye out for messages from your host that they might be upgrading, backing up your site to prevent loss and update your plugins/themes prior to any PHP 7 switch over.

tagged: php7 wordpress features update recommendation hosting

Link: http://www.developerdrive.com/2015/11/looming-php-7-and-its-effect-on-wordpress/

Zend Framework Blog:
Zend Framework 3 Update and Roadmap
Nov 26, 2015 @ 09:47:33

On the Zend Framework blog they've posted the roadmap and latest updates on the work being done for the next major version of the framework: Zend Framework 3.

In October, while at ZendCon, I presented a talk on Zend Framework 3 entitled "Components, PSR-7, and Middleware: Zend Framework 3." You can view it online, but this post discusses current status, details some decisions, and points to the work still to be done. It's a long read; grab a warm beverage, maybe some popcorn, and take your time.

They start by outlining some of the major concepts that ZF3 integrates and are key to how it will handle requests:

  • the component-based system it's built on, making major use of Composer-style packages and installation techniques
  • using the PSR-7 standard for handling of HTTP requests and responses
  • the use of middleware to modify the request/response and add logic

Finally, they get into the overall view and roadmap for the framework. They talk about the ServiceManager/EventManager, the role middleware plays in the request dispatching and the goal of reducing dependencies. The post ends with a look at the improvements they're striving for with new and better documentation and the next steps in the roadmap for the coming months.

tagged: zendframework3 roadmap update overview psr7 middleware component documentation

Link: http://framework.zend.com/blog/zend-framework-3-update-and-roadmap.html

Freek Van der Herten:
Zero downtime deployments with Envoy
Nov 23, 2015 @ 10:52:36

In this post to his site Freek Van der Herten shares an Envoy script that can be used to deploy an application to a remote server with (or without I suppose) one key thing: downtime.

Envoy is Laravel’s official task runner. Using a Blade style syntax tasks can be defined that can be run both locally and remotely. At Spatie, we’ve been using Envoy for quite some time to deploy code on production servers. [...] [Our trusty Envoy scriot] had a big downside: the application would be down for close to a minute. This week I took the time to solve that issue.

He talks about the changes he made to their deployment process towards using a symlink-based system as suggested by this guide. The result is an updated script that follows the same flow. He steps through the changes he made to the script and tweaks used to get the best performance out of the deploy process.

tagged: downtime deployment laravel envoy automation symlink update script

Link: https://murze.be/2015/11/zero-downtime-deployments-with-envoy/

Cal Evans:
Announcing The CFP Report
Nov 06, 2015 @ 09:12:20

Whether you're an aspiring speaker or one that's presented many times, it can be difficult to keep track of which conferences have open Call for Papers and what they're offering to speakers who are selected. Cal Evans has started up a new project that provides a curated listing of conferences in the form of a mailing list to keep you up to date and informed - The CFP Report.

I want to talk about a new project I have called "The CFP Report" and invite you to join. [...] A few months ago, I was chatting with my good friend Brandon Savage when he posited an idea. "What if we setup a mailing list for people who wanted to know about open CFPs?"

[...] The more I thought about it, the more I kinda liked the idea. I did some research and yes, there are other good services that are doing similar things. However, I couldn’t find anything that would do the job I wanted done. Specifically, I wanted not only to know about CFPs, I wanted to know if they were CFPs to which I would want to submit.

He talks about his though processes for wanting to create the mailing list and what it provides. The list (or a "push notification service" as he calls it) is only delivered via email to those subscribed and covers not only PHP CFPs but also Python, Javascript and Ruby. The service is free and all it takes is a quick signup and you're good to go. If you've been interested in getting out and trying your hand speaking at a conference, this is the perfect way to keep up to date right in the same inbox you use every day.

tagged: callforpapers cfp cfpreport mailinglist push notification update

Link: http://blog.calevans.com/2015/11/05/announcing-the-cfp-report/

Laravel News:
Laravel 5.2 - A Look at what’s coming
Nov 02, 2015 @ 11:06:05

The Laravel News site has posted a look ahead at Laravel 5.2, the next minor version release of the popular framework.

ravel 5.2 development is underway and so far a few nice additions have been announced. Let’s take a look at everything we know is coming to the release.

Among the things mentioned are improvements/features like:

  • Implicit model binding
  • Form Array Validation
  • Collections Wildcards
  • Database Session Driver updates

This version isn't released yet (as of the time of this post) but it's coming soon. Keep an eye on the main Laravel site for more information.

tagged: laravel minor version update enhancement feature framework

Link: https://laravel-news.com/2015/11/laravel-5-2-a-look-at-whats-coming/

PHP.net:
PHP 5.6.15 is available
Oct 30, 2015 @ 09:43:44

The PHP.net site has an announcement about the release of the latest version on the PHP 5.6x series: PHP 5.6.15:

The PHP development team announces the immediate availability of PHP 5.6.15. Several bugs have been fixed. All PHP 5.6 users are encouraged to upgrade to this version.

Bugfixes in this update include changes in closure handling, DateTimeImmutable, mcrypt_encrypt and segfaults in the opcache handling (gc_remove_from_buffer). You can get this latest release from either the main downloads page (source) or from the windows.php.net site for the Windows binaries.

tagged: php language release php56 bugfix update

Link: http://php.net/archive/2015.php#id2015-10-29-2

PHP.net:
PHP 5.5.30 & 5.6.14 Released
Oct 02, 2015 @ 11:16:57

The PHP.net site has announced the release to two new versions of PHP in the 5.5.x and 5.6.x series: PHP 5.5.30 and PHP 5.6.14:

he PHP development team announces the immediate availability of [these versions]. This is a security release. Two security bugs were fixed in this release. All PHP [5.5 and 5.6] users are encouraged to upgrade to this version.

As always, you can grab these latest stable versions from the main downloads page or the windows.php.net site for the Windows binaries. If you're interested in the bugs fixed here, check out the full Changelog.

tagged: language release bugfix security update php55 php56

Link: http://php.net/archive/2015.php#id2015-10-01-3