PHPDeveloper.org

Lorna Mitchell: What Goes in Source Control?

Tue, 30 Apr 2013 10:31:26 -0500

As developers, one of the best things you can do for a project is to use version control (or "source control") for your code. Lorna Mitchell suggest using it on a wider scale, though. She sees it as a great place for all sorts of other things around a project too.

Short answer: everything! However we need some good directory structures and source control configuration to make that a really practical answer, so this article is a quick outline of my usual advice for a good source control structure for a standard web project. The examples are for a PHP project but I'm sure you could apply this to your own language of choice, also.

These "other things" she suggests that should end up in source control including things like:

The actual "web root" of your application
Library code
Build scripts
Configuration files
Database patches
Tests (unit, functional, integration, etc) Link: http://www.lornajane.net/posts/2013/what-goes-in-source-control

NetTuts.com: Round Table #1: Should Exceptions Ever be Used for Flow Control?

Thu, 28 Mar 2013 10:20:39 -0500

On the NetTuts.com site today they've posted the transcript of a panel discussion they had with several developers about exceptions and whether or not they should be used for flow control.

I'm pleased to release our first ever round table, where we place a group of developers in a locked room (not really), and ask them to debate one another on a single topic. In this first entry, we discuss exceptions and flow control.

The opinions vary among the group as to what exceptions should be used for (even outside of the flow control topic). Opinions shared are things like:

Exceptions are situations in your code that you should never reach
Errors cause Failures and are propagated, via Exceptions.
So, essentially, exceptions are an "abstraction" purely to model the abnormality.
Personally, I envision exceptions more as "objections."
Exceptions like this should be caught at some point and transformed into a friendly message to the user.

There's lots more than this in the full discussion so head over and read it all - there's definitely some good points made.

Richard Rodger: Why I Have Given Up on Coding Standards

Wed, 05 Dec 2012 13:17:48 -0600

In a recent (controversial) post Richard Roger talks about why he's given up on coding standards and includes a few of the reasons that might make you think about your own proceses.

Every developer knows you should have a one, exact, coding standard in your company. Every developer also knows you have to fight to get your rules into the company standard. Every developer secretly despairs when starting a new job, afraid of the crazy coding standard some power-mad architect has dictated. It's better to throw coding standards out and allow free expression. The small win you get from increased conformity does not move the needle. Coding standards are technical ass-covering.

He walks through the evolution of the average developer, the trip from their infancy of "just writing code" to the point of understanding that there needs to be standards to make code easier to read and understand. He includes a list of five "sins of control" that might make coding standards more desirable.

There are worse sins than these. You only need one of them to end up with a coding standard. The truly evil thing about coding standards is what they do to your heart, your team's heart. They are a little message that you are not good enough. You cannot quite be trusted. Without adult supervision, you'll mess up.

As you'd expect, there's plenty of comments on the post, so enjoy reading and maybe contribute some of your own.

Developer.com: Creating a Custom ACL in PHP

Fri, 11 May 2012 10:53:23 -0500

On Developer.com there's a recent tutorial showing you how to create a basic access control list in PHP (not in any specific framework). It allows you to define not only user permissions but groups and group permissions as well.

So, what are the advantages of an ACL model? The first advantage is security. Using this model will make your application more secure and less vulnerable to exploits. When securing any program, it is good to give to the user only the privileges he/she needs. That means that, for example, you should not give super administrator privileges to someone who will only manage website content. The ACL security model allows you to do just that. The second advantage is the easiness of user management. You can divide users into groups, while each group has certain access permissions. Also, you can easily add new user groups, delete the old ones or change group permissions.

They include the database structure you'll need to make the backend work (four tables) and the code to create an "Acl" class with methods to check a user+group for a permission, get the permissions for a user and get the permissions for a group. It's a pretty simple system and has a lot more that could be added to it to make it more robust, but it's a good start.

Refulz.com: CakePHP AclComponent - ACOs, AROs and Mapping

Wed, 29 Feb 2012 11:38:12 -0600

On the Refulz blog they've posted the next in their series about access control in CakePHP applications. In this new article they look at Access Request Objects (AROs) and Access Control Objects (ACOs) and how they can be managed via the built-in ACL functionality.

Continuing with Access Control Lists, we will read about the two Access Control Lists and their mapping. The Access Request Objects (AROs) are a list of the things that seek permissions and the Access Control Objects (ACOs) are the resources on which permissions are required. Both the lists are maintained in the tow tables, namely aros and acos respectively.

Included in the post is the SQL you'll need to create the tables for the system to use as well as some basic code to use the AclComponent with the ACOs/AROs. They also show how to use the parentNode method to create parent/child relationships between the objects.

Devis Lucato's Blog: Select: Inversion of Control

Wed, 14 Dec 2011 13:34:53 -0600

In a recent post to his blog Devis Lucato introduces the "Inversion of Control" design pattern and shares an implementation he's created as an illustration - a Service Locator called Select.

[In a Service Locator] all the dependencies are provided by a builder, which serves as a registry of dependencies and/or service definitions. The service locator knows how to instantiate each dependency. Such service exposes methods like 'getMailer()', 'getLogger()' etc. A service locator centralises the configuration detailing classes and parameters involved on objects instantiations.

He includes some sample code showing the structure of a Select implementation using a "Mailer" identifier and definitions of the classes to load for it. He also includes a bit of documentation of the (simple) API you can use to work with the tool - setting namespaces, replacing class definitions, creating definitions and finding the resource associated with a definition (to name a few).

Community News: PHP version control to move to git

Thu, 08 Sep 2011 06:27:08 -0500

A little while back, the PHP development group posted a survey of developers asking them which version control system they'd like to see the PHP project use. By an overwhelming margin, git has won and things are already in motion to move parts of the project away from subversion.

In his mailing list post, David Soria Parra explains:

After 2 weeks of voting and discussion, I closed the votes today. The results are fairly straightforward. Most of the users want to move to a decentralized version control system. [...] I don't want to make a difference of who voted for what. I think the results are overwhelming in favor of Git.

He'll be working on the spec to make the move for the PHP source over to git and is planning a cut over some time in December. Stay tuned to the php.internals mailing list for more details about the move as they come up.

Ibuildings techPortal: DPCRadio: Database Version Control without Pain

Tue, 01 Mar 2011 13:21:13 -0600

The Ibuildings techPortal has posted their latest episode in their DPCRadio podcast series as recorded at the Dutch PHP Conference 2010. This latest episode is Harrie Verveer's talk about database version control.

We've all read the textbooks and are using version control systems for our code, but our databases are left out in the cold. Every team has their own workaround, ranging from patch files to SQL snippets in the bugtracker, but none is really robust. Unfortunately there is no silver bullet, but there are several tools and best practices that can help you to make your life easier. This talk shows several approaches that can help you to overcome this problem and to control database structure changes in a more sophisticated way.

You can either listen in-page on their player or you can download the mp3 and listen whenever you'd like. You can find his slides here and, as an extra bonus, an article on the same topic also on the techPortal.

Ibuildings techPortal: Database Version Control

Tue, 11 Jan 2011 12:42:08 -0600

On the Ibuildings techPortal today Harrie Verveer has a new post looking at database version control - one of the more difficult topics for development groups - and some of the technology that can be used to help make it a bit simpler.

Database version control is something that most developers have to deal with regularly, yet only a few have actually thought about what solution might be best for them. Most people have a solution that sort of works for them, but when you ask them about the subject they are pretty convinced that there must be some better way to manage database changes, they're just not entirely sure what that solution is - but the silver bullet must be out there somewhere, right?

He starts where most developers start - their own custom script. It usually will take in a series of patch files and apply them one by one. In this case a "patch level" is stored somewhere (file/database) and is checked when the deployment is done. He points out a few issues with this method including patch naming issues and branching. Taking a step up the technology tree, he looks at other solutions like Phing+DBDeploy, Liquibase, and Doctrine migrations to try to help you find your project's "silver bullet".

Gonzalo Ayuso's Blog: Keep our PostgreSQL databases synchronized with PHP. Database version control

Mon, 13 Dec 2010 09:26:49 -0600

In this new post to his blog today Gonzalo Ayuso looks at how he's set up a system that uses PHP to synchronize their PostgreSQL databases' schemas when things changed.

We create source code at development server and push the changes to production. It's really easy to keep synchronized all our code. But with databases it's different. [...] It's a recurrent problem working with databases. We create database objects (tables, views, ..) in the development server and when our application is ready to go live we push the changes to production server. If we are smart developers we save all database scripts in a file and when we deploy them to production we execute the script.

He mentions tools like dbdeploy and phing to help make these migrations a bit more automatic. He needed something a little different though - a command-line script that would, based on an ini file, sync two or more databases. He's created the basic script that includes the actions to show the differences between the databases, a summary of the differences and an execution method to bring them into sync. He gives a basic example of how it would handle the sync between his example production and development databases.