News Feed

News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Rob Allen:
SSL certificate verification on PHP 5.6
December 23, 2014 @ 12:15:41

Rob Allen has a quick tip posted today about SSL certificate verification in PHP 5.6 and things that need to be updated thanks to recent improvements in PHP's SSL handling.

I recently updated my local OS X Zend Server installation to PHP 5.6 and when I ran composer self-update, I got this error message: "The "" file could not be downloaded: SSL operation failed" [...] Googling around, I finally worked out that there have been various SSL improvements in PHP 5.6 and that the problem was that it couldn't find any OpenSSL certificates on my system. This isn't a total surprise as OS X has been moving away from using OpenSSL internally in favour of its own libraries.

To resolve the issue he found where PHP was looking for certificates (using openssl_get_cert_locations) and how a quick "brew install" of the needed OpenSSL handling resolved the issue. Then, in the php.ini file a quick update to the "openssl.cafile" path points it to the right certificate.

0 comments voice your opinion now!
certificate validation ssl openssl php56 tip fix


Rob Allen:
Integrating ZF2 forms into Slim
August 26, 2014 @ 09:40:47

Rob Allen has a helpful post if you've ever wanted to take advantage of the simplicity of the Slim framework and the power of the Zend Framework 2 forms. In this latest post he walks you through the process of setting it all up and using the ZF2 elements outside of the main framework.

Let's say that you want to use Zend Framework 2′s Form component outside of ZF2 itself. In this case, a Slim application. It turns out that Composer makes this quite easy, though there's quite a lot of code involved, so this is a long article. Start with a really simple Slim Application...

His simple Slim application - just one route - handles both the GET and POST actions and uses several ZF2 components besides just the Form (dependencies mostly). He shows you the updates and additions you'll need to make to the service manager configuration and how to set up some custom validation and the form object in the controller. His example form only has two elements, an email field and a submit button and validation is done on the email address when it's submitted. Finally he includes the View object, extended from Slim's that combines some of the ZF2 and Slim handling to correctly render the form.

0 comments voice your opinion now!
form integration slim zendframework2 tutorial validation


Rob Allen:
Globally overriding validation messages for ZF2 forms
August 19, 2014 @ 10:46:27

Rob Allen has posted a quick hint about overriding validation messages in a Zend Framework v2 based application. This override is related to the output of a standard form and works globally instead of just on a single form.

One thing that I always do when creating a Zend Framework 2 form is override the validation messages for a number of validators - EmailAddress in particular. I recently decided that I should probably sort this one out once and be done with it. Turns out that it's quite easy assuming that you use the FormElementManger to instantiate your forms.

The post includes all the code you'll need to do the override: a custom validator example, the changes you'll need to make to the configuration and an example of a form that uses the custom handling. He explains each of the parts too, showing how they fit together in your module.

0 comments voice your opinion now!
zendframework2 override validation message form tutorial


SitePoint PHP Blog:
Data Validation in Laravel - Introduction & Custom Validators
August 12, 2014 @ 13:59:16

The SitePoint PHP blog has posted the first two parts of a new series looking at how to do data validation in Laravel, a popular PHP framework. Laravel comes with a set of included validators that can easily be used to check incoming data. This article series introduces them and the features they can provide.

If an app was a world then data would be its currency. Every app, no matter what its purpose, deals in data. And almost every type of app works with user input, which means it expects some data from users and acts on it accordingly. But that data needs to be validated to make sure it is of correct type and a user (with nefarious intent) is not trying to break or crack into your app. Which, if you are making an application which requires user input, is why you would need to write code to validate that data as well before you do anything with it.

In the first part of the series they start with an example of doing validation the "old way". They reproduce this same validation using the Laravel validators and show how to introduce it as a service to the overall application. Their "RocketCandy" validation service can then handle the same validations and make for a cleaner interface in the calling script. It's refactored even more to include exceptions when the validation fails and the HTML for outputting the error messages thrown. Unit tests are also included to ensure things are working as they should.

In the second part of the series they build on the examples from part one and introduce custom validators. An example of validation around dashes, spaces and alphanumeric data is included (using regular expressions) and how they can be defined as custom validation rules.

0 comments voice your opinion now!
data validation laravel introduction custom validator framework

Form Validation in Symfony 2
June 12, 2014 @ 10:15:29 has continued their screencast series introducing the Symfony 2 framework and some of the basic concepts around things like routing, templating and controllers. In this latest post they build on a previous post and show how to use the form validation already built into the framework in some custom forms.

Today we're going to continue where we left off last time, where we learned how to build reusable forms in Symfony 2. In this video, we'll learn how to validate the data that has been submitted to our form to ensure it is in the correct format, meets our data's requirements and then process the form submission accordingly. [Once finished we'll] now have a working form, which validates our data and displays the validation error messages back to the user.

The screencast (also viewable on YouTube) is only about ten minutes long and shows you how to validate a form with an email address and that the other field is "not blank". He does base it off of the form created in the previous tutorial so if you haven't done that one yet, it's better to start there and come back.

0 comments voice your opinion now!
form validation screencast symfony2 tutorial series

Did You Mean Advanced Email Validation in PHP
April 09, 2014 @ 11:50:21

In this most recent post to the blog Manuel Lemos talks about invalid email addresses and shows the use of this package to evaluate them.

When you take users' email addresses, for instance in a site sign-up form, there are great chances that the addresses may be incorrect because of a typing mistake or it is not possible to deliver the message to the specified address for some reason. This e-mail validation package can detect and prevent that users enter incorrect addresses even before you accept them.

He starts the post with a list of six types of invalid email addresses including everything from simple typing mistakes out to temporary rejection from "gray listing". He shows how set up the class and briefly covers some of its methods and what they do. Also included is an example if it in use to validate the address. There's also a brief section at the end talking about using OAuth to work around users not wanting "yet another account" or to share their details with an untrusted application.

0 comments voice your opinion now!
email validation tutorial package example


Lorna Mitchell:
OAuth Middleware for Slim
October 09, 2013 @ 11:53:37

Lorna Mitchell has posted about some middleware for the popular Slim (micro)framework that helps with OAuth functionality.

OAuth can be anything you want it to be, the standards are lax and give you plenty of room for getting the right implementation for your system. However you proceed, though, you'll need to check an access token on every request - and in a Slim application, a middleware can help enormously since it hooks in to every request by design. I've recently implemented this and thought I would share.

She's created a basic middleware component that can be easily dropped into the framework to handle the checking of the tokens via an "AuthService" object. She also includes a brief snippet of how she generates the codes, combining the output of bin2hex and openssl_random_pseudo_bytes.

0 comments voice your opinion now!
oauth middleware slim access token validation generate


Urban Legends and Error Handling
June 27, 2013 @ 09:23:16

In this new post to the blog, Stefan Priebsch looks at the relationship between urban legends and error handing in PHP.

Ending up in such a situation [as the tourists in the urban legend] is not the fault of the underpass: the error, made somewhere upstream, merely shows up right when approaching the underpass, and is usually difficult (or at least tedious) to handle. PHP as a programming language, just like any dynamic language, may at first appear to not need overly strict validations of data. Validation of data, however, is directly related to error handling: If data is invalid, this should be an error or an exception (if you write OOP code, which you should be doing). This error needs to be handled somewhere.

He talks about how things like field and value validation can help prevent errors further down the road. He mentions the split between application and domain logic and suggests that it's the role of the app logic to prevent bad data from making it thorough to the domain.

In software development, it is crucial that you handle any errors as soon as they occur. This requires you to actually realize that an error has occurred.
0 comments voice your opinion now!
urban legend error handling domain application logic validation


Elijah Horton:
Sandboxing Untrusted Code With PHPSandbox
April 29, 2013 @ 11:56:37

Elijah Horton has a recent post to his site sharing a tool he's developed to sandbox and validate PHP code of user-contributed code.

Few quotes related to the PHP language are as pithy and resoundingly accurate as the phrase: "Eval is evil." The reasons are myriad: the eval() function basically gives whatever code is passed to it unlimited control of the parser, and this freedom makes eval() both a temptation for developers, who may need to dynamically control PHP at runtime, and a panacea for hackers who are ever-searching for more servers to add to their botnets. So, how does one make use of the extreme power available through runtime evaulation of PHP, without exposing one's server to near-certain rooting? Through a sandbox.

His tool - PHPSandbox, uses the PHP-Parser library to deconstruct the PHP code its given and look for issues. He gives an example of a call to mail and how it would catch the issue. He shows how to install it via Composer, how to configure it with whitelisted methods/functions. It also includes a way to overwrite function calls with a bit safer alternative.

0 comments voice your opinion now!
sandbox protection contributed code validation function


Vance Lucas:
Valitron The Simple Validation Library That Doesn't Suck
March 05, 2013 @ 11:43:24

Vance Lucas has created a "validation library that dosen't suck" and posted about it to his site - his Valitron library.

Valitron is a simple, minimal and elegant stand-alone PHP validation library with NO dependencies. Valitron uses simple, straightforward validation methods with a focus on readable and concise syntax.

He created the library because of frustration with other tools that had (sometimes major) dependencies on other packages. All he wanted was something lightweight and easy to use that was flexible about how it handled its validation rules. Valitron lets you apply a validation (like "required") against multiple fields in the provided data and includes checks for things like length, valid IP, active URL, alpha-numeric, date format and regular expression match. You can also add custom validation rules via a callback/closure.

0 comments voice your opinion now!
validation library valitron simple dependencies

Community Events

Don't see your event here?
Let us know!

version release framework threedevsandamaybe language interview introduction unittest community opinion voicesoftheelephpant podcast symfony composer configure list laravel conference series api

All content copyright, 2015 :: - Powered by the Solar PHP Framework