With the recent release of Laravel 4, PHP developers have at their disposal one of the finest frameworks for application development. As with all new frameworks, it is always good to write some quick code to get a feel for the underlying architecture. The following post shows a simple authentication application using Laravel.

He walks you through the creation of the simple "users" table, the configuration the Auth class will need to connect and authenticate and the form for the login. He also shows the steps for the actual authentication process as well as the code for the routes to make it all work. Additionally, he shows how to restrict pages to only those with the "admin" level access via an auth filter. You can download the example code here.

Openbiz Cubi is a robust PHP application framework giving developers the ability to create business applications with minimal effort. In this two-part series I'll explain the concepts and steps necessary to create your own business web applications with Cubi. We'll look first at the challenges web developers face and how Openbiz Cubi can help, and then how to install Cubi. In part 2 we'll see how to create our own modules.

They start off by describing the tool and some of the features that come with it (including user management and the XML data object structure). Complete installation instructions are included and a screenshot is included of the end result. They include a "quick tour" of Cubi's features and some of the modules that come with it like the System, Menu and User modules. In part two of the series, they'll show you how to create a custom module.

I think it goes without saying, forms are one of the central elements of any web-based application. They're used for everything from logging in, to searching content and managing information. Given that, they should be first-class citizens, able to be developed and reused with relative ease. [...] However, given the amount of options, configurability and flexibility required, this isn't always easy. [...] In today's post, I'm going to assume you have a basic understanding of how forms work now. [...] I'm going to show you how to create flexible, reusable forms in one module and by the power of the ServiceManager reuse them throughout your application.

He starts with the inclusion of a dependency needed for his example - the ZfcUser component (installed via Composer). He then moves on to the actual code for the form creating a reusable module, an entity class for the User and the Fieldset/Form classes for the contents of the form. He also includes the code for the controller action and the view that outputs the form itself and handles the repopulation automagically (and includes a CSRF token).

Mozilla Persona is built upon the BrowserID technology also developed by Mozilla. You can find an expanded explanation of the concepts in the article How BrowserID Works by Lloyd Hilaiel. [...] An email address is an identity and it's verified by the email provider [then the] authentication takes place in the browser.

He talks about the three steps in the process (certificate provisioning, assertion generation and assertion verification) and includes some sample code that does the work for you with some PHP, HTML and Javascript. In his example he just authenticates the user and returns the success/fail back to the calling script. You could take it one step further and integrate it with the session handler as well.

In a previous article, I talked about some common security vulnerabilities that can affect your PHP web application. But there are other things besides those ten (okay, seven) attacks to think about when you're developing. And so, this article offers a compendium of miscellaneous things that are security related; things you should do, things you shouldn't do, things that other people might try to do, whatever it takes to make an article long enough for my editor to be satisfied with it.

He talks some about the settings that you might need to tweak in your "php.ini" server-side configuration file, some hints on filtering data (like using filter_input) and what to watch out for with error reporting. He also mentions session fixation and the protection of user data and passwords to keep them out of the hands of would-be attackers.

The question, however, has always been "how useful is this feature really and does it bring more harm than good?". It's not that easy to answer since there are so many notes submitted by a wide range of users and some will likely go unnoticed while others seem to get undue attention due to their positioning near the top of the user-notes section of a particularly trafficked page.

The poster proposes a few things that could help make them a bit more effective (and useful overall) including voting on the note contents, flagging potential issues and sorting the notes based on popularity/age. He's put together a proof of concept as seen here with some of the new features.

There is [still] one big piece written in a less than ideal system. Its still PHP, but much more hacked together. It is our backend CMS system for controlling the website. It is painful to use, and we get many complaints all the time about it. [...] on Twitter, I saw a link for a talk Paul M. Jones gave at the Nashville PHP Usergroup. It was entitled: "It Was Like That When I Got Here: Steps Toward Modernizing a Legacy Codebase." I couldn't think of a better title for that talk, nor a better talk to listen to at this very moment.

He mentions the steps he taking to further advance his own project towards a better, non-legacy state including an audit of the current functionality and getting input from users as to which features give them the most pain.

Using these lists to decide what to refactor, we can get the biggest gains for the least amount of work. If we were to rebuild, we would get the smallest gains (if any) of barely having something functional with the greatest effort.

This week on /dev/hell is "let's talk about arguments Chris got into on Twitter" week. Most of the discussion revolves around how we interact with users, both developer-types and average joes.

You can listen to this latest episode either via their in-page player, by grabbing the mp3 directly or by subscribing to their RSS feed.

Starting with PHP 5 the object model was rewritten to add features and bring PHP in line with languages such as Java and Visual Basic .NET. In this article I'll discuss interfaces, which is among the most important features in PHP 5. Other important features include abstract and final classes, methods and additional magic methods. You will learn how to define your own interfaces and how to work with them using different object model mechanisms.

The introduce you to some of the basic concepts behind using interfaces and how to create a basic one - a simple definition of a string class with one method, "getString". They then show how to extend a different example (a RandomNumber interface) and add on an additional method. He also shows how to extend multiple interfaces and integrate functionality from multiple sources, overloading and overrides.

In this Nettuts+ mini-series, we'll build a web application from scratch, while diving into a great new PHP framework that's rapidly picking up steam, called Laravel. In this lesson, we'll be working on an integral part of any web application: the Models. Along the way, we'll learn about Laravel's amazing ORM implementation: Eloquent.

The tutorial introduces you to the concept of "Models" and some of the conventions that surround them in the Laravel framework. They show some of the most common operations (CRUD) and how to define relationships between the models (has many, has one, etc). They apply this to their "Instapics" example application, creating the interfaces for the users, profiles, relationships, photos and comments. They include the code to create the controllers/views to go along with them, making a simple interface to show users and their photos.

You can find out more about the Eloquent ORM in this section of the Laravel manual.