Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Building Your Startup:
Securing an API
May 22, 2017 @ 13:16:19

The TutsPlus.com site has continued their "Building Your Startup" tutorial series with a new post about APIs and security. In this series, they've been using the Yii2 framework to create a calendaring "startup" site. Now they're to the point of adding a "RESTful" API to the system and want to be sure it's secure.

Recently, I introduced you to Yii's simple REST API generation and Meeting Planner's new "RESTful" service API. At that time, I mentioned that these APIs were only loosely secured. Sure, there was a shared secret between the client and the server, but there were a couple of problems.

First, the secret key and user tokens were repeatedly transmitted in query parameters of SSL calls. And there was no other authenticity check for the data, allowing a middle-person attack. In today's episode, I'll guide you through how I secured the API against these weaknesses for a more robust API.

They start off looking at the API security that was previously put in place using an "app ID" and "app secret" values to identify the user. To improve on this, the system is updated to use the "app secret" value to sign the outgoing data via a HMAC hash that is sent along with the request.

tagged: api security tutorial yii2 build startup series hmac rest

Link: https://code.tutsplus.com/tutorials/building-your-startup-securing-an-api--cms-27867

TutsPlus.com:
Programming With Yii2: Building Community With Voting, Comments, and Sharing
May 19, 2017 @ 10:27:21

The TutsPlus.com site has posted the latest in their "Programming with Yii2" series of tutorials with this new article looking at features for the application useful to build community around the site.

In today's tutorial, I'm going to show you how to extend Yii to easily mimic a site like Reddit with voting, comments, and sharing.

[...] I built some my latest Twitter API episodes on the early version of this platform, following friends on behalf of users and analyzing our followers. The site I described in those, Twixxr, forms the foundation of my Yii customization work.

So adding core functionality like voting, comments and sharing makes so much sense. As you expand your Yii codebase with these kinds of features, building new sites becomes faster, easier and increasingly powerful.

He then spends the rest of the article showing how to use three Yii2 plugins to help provide the community functionality he needed: a voting extension, a plugin for integrating Disquis and a "social extension" for other social plugins and widgets. He shows how to get these extensions installed and what code updates you'll need to make to use them across the application. This also includes screenshots of the results so you can be sure that you're on the right track.

tagged: tutorial series yii2 community voting comment disquis sharing

Link: https://code.tutsplus.com/tutorials/programming-with-yii-building-community-with-voting-comments-and-sharing--cms-27798

CloudWays Blog:
Turbocharge Yii Development Through These Best Practices
May 04, 2017 @ 13:39:54

On the CloudWays blog author Saquib Rizwan has written up a post sharing some best practices with Yii2 applications, the third part in a series, to help you "turbocharge" your development using included features.

Yii is a popular PHP development framework that has managed to hold its own in the fierce world of PHP framework. In effect, Yii is still a popular development framework for all categories of PHP projects.

[...] Whichever PHP framework you opt for (I personally prefer Yii2), the success of the project depends entirely upon the quality of the code. In all instances, following the Yii development best practices ensures that your code is of the highest quality and that the overall project confirms to the quality specifications. The following Yii best practices are the result of the experiences of the Yii developers from all over the world.

Included in his list of recommendations are practices like:

  • Follow the Code Standards
  • Optimized Overheads for Yii
  • (Avoiding) Cache Heavy Processes
  • Profile and Test Applications

These and the other items in the list include a brief summary of the practice and, on some, links to other resources for more information or tools to help.

tagged: yii2 framework bestpractices improve development tutorial

Link: https://www.cloudways.com/blog/yii-best-practices/

NetTuts.com:
Building With the Twitter API: Analyzing Your Followers
Apr 10, 2017 @ 12:18:14

On the TutsPlus.com site Jeff Reifman has posted the latest article in his "Building with the Twitter API" series. In this latest tutorial he shows how, with the Yii2 application they've been building, to analyze your followers and get information like followers, tweets, favorites, etc.

Welcome to the latest episode of our Twitter API series. In our last episode, I built Twixxr.com which will let you discover influential women on Twitter for your account to follow. Today, I'm going to turn the focus inward to look at my own followers.

[...] For a long time I've wanted to look more closely at my Twitter followers and answer some questions: Who exactly is following me? And why aren't they more interactive? Is it possible that only 10% of my followers are real people? [...] The Twitter API is a good tool to investigate this. Yet it has a ton of rate limits which make even something simple like analyzing your followers quite complex. In today's episode, I'll show you how I worked with the rate limits to assess and build a scoreboard of my followers.

He starts with a screenshot of the ultimate result of gathering the information for each follower from the API and describes what the overall goals are. From there's it's all about the code:

  • creating database migrations for the related tables
  • making the connection to the Twitter API to gather follower data
  • saving the data to the database
  • creating the "score" for each based on if the account is verified, protected, and follower/friend count

The post ends with the code to show the "scoreboard" presented in the original screenshot having all of the information populated for his follower set.

tagged: tutorial yii2 framework analyze follower score tutorial series

Link: https://code.tutsplus.com/tutorials/building-with-the-twitter-api-analyzing-your-followers--cms-27523

TutsPlus.com:
Programming With Yii2: Building a RESTful API
Apr 06, 2017 @ 10:30:05

The TutsPlus.com site has posted the latest article in their "Programming with Yii2" series today, this time focusing on the creation of a RESTful API with the built-in framework support.

In this Programming With Yii2 series, I'm guiding readers in use of the Yii2 Framework for PHP. You may also be interested in my Introduction to the Yii Framework, which reviews the benefits of Yii and includes an overview of what's new in Yii 2.x.

In today's tutorial, I will review how to build a REST API in Yii to connect your application to the cloud, mobile apps, and other services. I'll guide you through Yii's REST API quick start guide and provide context and examples of common requests.

He starts off with some of the benefits of having a REST API for your Yii2 application and some of the functionality that comes included with the framework. He then starts in on building the base functionality of the API with a controller, a "tree" for the endpoints and configuration of the URL routing. The rest of the post is a set of example requests made to the API with the help of both cURL and the Postman app for Chrome.

tagged: yii2 framework series tutorial build rest api example

Link: https://code.tutsplus.com/tutorials/programming-with-yii2-building-a-restful-api--cms-27513

TutsPlus.com:
How to Program With Yii2: Running Cron Services
Mar 30, 2017 @ 12:19:26

TutsPlus.com has posted the latest tutorial in their "Programming with Yii2" series showing you how to work with cron services to periodically run scripts in your application.

In this Programming With Yii2 series, I'm guiding readers in use of the Yii2 Framework for PHP. In today's tutorial, I'll share with you how to take advantage of Yii's console capacity to run cron jobs.

In the past, I've used wget in my cron jobs—a web accessible URL would run my background tasks. This raised security issues and has some performance problems. While I addressed some ways to mitigate risks in our startup series' episodes on security, I had hoped to transition to console-driven commands. And with Yii2 it's fairly straightforward.

He starts with a brief look at what a "cron" is for those that may not be familiar and how it works on linux-based systems. He then gets into the use of console "cron" commands using the Yii2 framework's own functionality to create a "cron controller" that performs Twitter operations on "frequent", "quarter" and hourly measurements. He shows how to update the crontab file to call the commands instead of making the web requests. He ends this tutorial with an issue to consider regarding different namespaces when using the commands versus web requests.

tagged: programming yii2 series cron services tutorial

Link: https://code.tutsplus.com/tutorials/how-to-program-with-yii2-running-cron-services--cms-27508

TutsPlus.com:
Building With the Twitter API: Creating Friends to Follow
Mar 23, 2017 @ 12:32:04

The TutsPlus.com site has posted the latest tutorial in their "Building with the Twitter API" series showing how to, in a Yii2 application, automatically add friends to a Twitter account via the Twitter API. You've probably seen this in several services that offer suggestions of followers to add to your list.

Today I'll guide you through using the Yii2 Framework for PHP to access the Twitter API and automate adding friends to people's Twitter accounts. (If you'd like to learn more about Yii2, check out our parallel series Programming With Yii2.)

And, I've created a website, Twixxr.com, which will let you demonstrate the feature by adding prominent women on Twitter for your account to follow.

The tutorial starts with links to some of the other Twitter tutorials that have been posted in the past and how things have evolved to make it easier in a Yii2 application. He starts by helping you get the Twitter OAuth PHP Library installed and lists some of the goals of the end result. The code is included to authorize the user and handle the callback once they've approved the app in the normal OAuth flow. It then shows how to connect via the API using that user's information, load profiles for the suggested users and link them as a friend. The tutorial finishes with a look at performance and a bit of code used to handle the backend processing of the request instead of performing it in real time.

tagged: twitter tutorial api oauth2 friends follow suggestion yii2

Link: https://code.tutsplus.com/tutorials/building-with-the-twitter-api-creating-friends-to-follow--cms-27492

TutsPlus.com:
Building Your Startup: Running Multiple Domains
Mar 17, 2017 @ 10:53:11

The TutsPlus.com site has posted their latest tutorial in their "Building Your Startup" series today. In this new article they show you how to update the application to support multiple domains in one Yii2 application.

The Yii2 advanced template allows you to run a number of sites in one code tree. I used its front-end tree to build Meeting Planner and its back-end tree to build the administrative suite of tools for the service. Today, however, I'll focus on launching another domain on top of the existing front-end tree—and all the small and large complexities that go along with this.

[...] I presumed it would be fairly simple (no pun intended) to launch Simple Planner, but it ended up taking a few days of work.

He points out that the work to get the frontend of the application working with a different domain name was relatively simple. It was the update to the email handling that took the most time (the application is very email-driven). He then shows the configuration changes required to add multiple domains, how to change the homepage for each domain and update images/links/etc to match the new domain. He then moves on to configuring the services used for each domain and, finally, the pieces that need to be updated to have the emails support the multiple domains.

tagged: startup build tutorial series yii2 multiple domain

Link: https://code.tutsplus.com/tutorials/building-your-startup-running-multiple-domains--cms-27459

Cloudways Blog:
User Authentication In Yii2 With Email Verification
Mar 13, 2017 @ 13:54:47

The Cloudways blog has a new tutorial posted showing you how to set up a system for user authentication via email in a Yii2-based application. The concepts would be the same in just about any other framework, it's just the code to implement it would be slightly different.

User authentication is an essential component of every web app. Whether it is a simple to-do list or a complex corporate portal, user authentication remains a common factor across all types of PHP applications.

[...] In this tutorial, I will show you how to develop a user authentication component in Yii2 that features a SMTP email verification. If you are new to Yii2, you must first read previous tutorials to get an introduction to Yii2. Next read about form handling in Yii 2 and database management in Yii 2.

The tutorial makes use of this extension for the traditional user handling as a more flexible option than the built-in framework features. They then walk you through the process of creating the new Yii2 project and getting the component installed. It also helps you:

  • run the migrations to create the required tables
  • set up the SMTP mailer
  • update the navigation with the links for logged in/logged out users
  • configuring the email settings

The end result is a signup form that, when submitted will send an email to the user's email address to verify it and allow the user to continue the registration process.

tagged: user authentication yii2 framework tutorial signup package

Link: https://www.cloudways.com/blog/user-authentication-yii2/

TutsPlus.com:
How to Program With Yii2: ActiveRecord
Mar 09, 2017 @ 12:07:53

In the latest tutorial in their "Programming with Yii2" series the TutsPlus.com site shows you how to work with the ActiveRecord functionality included with the framework.

In this Programming With Yii2 series, I'm guiding readers in use of the Yii2 Framework for PHP. In today's tutorial, I'll walk you through using Yii's object-relational mapping, known as ORM, for working with databases. It's called Active Record and is a key aspect of programming database applications efficiently in Yii.

Yii offers different ways to work with your database programmatically, such as direct queries and a query builder, but using Active Record offers a complete set of benefits for object-oriented database programming.

The article goes on from there and defines some of the basics around what Active Record is and how it works. It then starts on the code, showing how to create an ActiveRecord model and execute queries to:

  • locate single or multiple records
  • build queries
  • counting records
  • and accessing the records returned

They also talk about mass assignment, saving data via model instances, deleting records and creating relationships between the models.

tagged: yii2 framework series activerecord database tutorial introduction

Link: https://code.tutsplus.com/tutorials/how-to-program-with-yii2-active-record--cms-27434