News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

NetTuts.com:
Best Practices When Working With Sensitive Data Securing Your Application
July 21, 2014 @ 10:27:07

The NetTuts.com site has a new tutorial posted today sharing some tips about working with sensitive data in your applications and steps to secure it.

In my previous article, I showed you how to protect your server from attacks and malicious software. This part will focus completely on the third layer of security - your application itself. So here, I will show you techniques that you can use to protect your application from attacks and intrusions.

There's three main topics covered here, each with a few subpoints and some code examples:

  • Using a Database
  • Use a Salt When Hashing
  • POSIX: Drop Privileges When You Don't Need Them
0 comments voice your opinion now!
secure data application tutorial sensitive

Link: http://code.tutsplus.com/tutorials/best-practices-when-working-with-sensitive-data-securing-your-application--cms-21719

Qandidate.com Blog:
Fault tolerant programming in PHP
July 17, 2014 @ 10:44:04

The Qandidate.com blog has a new post today looking at fault tolerant programming in PHP applications. Essentially, this means writing your code so that error conditions are handled gracefully and with as little impact as possible.

In your application, every time you call an "external" service you are vulnerable to the failure in that service. That either might be a third party API being down, your database being unresponsive or unexpected errors from the 3rd party library you are using. With many developers and companies being interested in composing applications out of microservices at the moment, guarding for failures because of broken dependencies gets even more important.

They describe a situation where data is coming from an external source (an inventory service) and a timeout or connection failure occurs. They propose a sort of "circuit breaker" to be put in place to protect the application, fail fast on error and maybe even retry until the request is successful. They also point out a library from oDesk, Phystrix, that allows for fault tolerant execution through a wrapper that traps errors and deals with them instead of just breaking. This is the first part of a series, so in part two they'll show the library in use along with the React HTTP client.

0 comments voice your opinion now!
fault tolerant application phystrix library execution failure

Link: http://labs.qandidate.com/blog/2014/07/14/fault-tolerant-programming-in-php/

SitePoint PHP Blog:
8 Heroku Add-ons for Production Ready PHP Apps
July 14, 2014 @ 12:56:50

The SitePoint PHP blog has a new post from editor Bruno Skvorc with a list of eight Heroku add-ons for PHP applications. These add-ons (they call them "dynos") he lists help with things like logging, monitoring, working with CDNs and adding deploy hooks.

Heroku uses "dynos" as units of computing power which spin up your slugs. Dynos are lightweight, isolated containers for your apps which can execute any process type and can run and scale independently. There are two types of dyno - a web dyno, which handles web requests letting you serve more users as you increase your web dyno power, and worker dynos, which handle everything else like running your code and processing background tasks.

Bruno walks you through getting a sample Laravel-based application up and running on Heroku's PHP functionality and provides a list of add-ons from the Marketplace to get you started. His list includes:

These add-ons and more all come with descriptions, configuration settings/commands to enable them and some with screenshots showing the results.

0 comments voice your opinion now!
heroku addon production application list marketplace

Link: http://www.sitepoint.com/8-heroku-addons-production-ready-apps/

WebLessons.info:
Login with LinkedIn
June 25, 2014 @ 10:47:16

The WebLessons.info site has a new tutorial posted showing you how to use the LinkedIn authentication handling to allow your users to log in with their own account information.

LinkedIn is a business-oriented social networking service. It is mainly used for professional networking. So if you are having an application or website that serves working professionals then its very important for you to implement login with LinkedIn in your application. By this way you can able to access the data of your users like email, work history, education etc. So now let's dive into the coding part.

They walk you through the various steps, providing screenshots or code where applicable:

  • Creating a LinkedIn Application
  • Get the API Key and Secret Key
  • Create the database and set up the PHP configuration to connect
  • finally, the PHP code for the login form and making the request to LinkedIn

A live demo can be found here (but if you're paranoid about your credentials, I wouldn't use it) and you can download all files included in the tutorial.

0 comments voice your opinion now!
linkedin login tutorial application api key secret

Link: http://weblessons.info/2014/06/25/login-with-linkedin-tutorial-php/

SitePoint PHP Blog:
Autogenerate CRUD Apps with Phreeze
May 30, 2014 @ 12:45:02

On the SitePoint PHP blog today Taylor Ren has shared a tutorial about using Phreeze to easily create CRUD applications for a MySQL backend. Phreeze is made up of three parts: an MVC handler, an ORM for database interaction and the "Phreeze Builder" to generate the application code.

Back in the times of Symfony 1.x, the framework had a powerful backend module to help the developers and site administrators create a good enough app and provide necessary CRUD features to manage the database (and save us from using PHPMyAdmin). [...] In this article, we will take a look at Phreeze, a simple and easy to use PHP framework that can help us generate a MySQL CRUD backend app. I will use my book collection test site as the underlying database. Please refer to my Data Fixtures in Symfony2 article for more details on the database structure.

He walks you through the installation of Phreeze (downloaded from GitHub) and what the first page should look like when pulled up in a browser. The wizard helps with the database setup and lets you pick the tables to generate models for as well as a few other application options. He shows how to integrate this generated code with a simple Symfony2-based application and easily allow for working with the database contents. He modifies the Symfony2 code to handle some additional options to pass into the generated code and talks some about the API interface Phreeze generates automatically.

0 comments voice your opinion now!
phreeze generate code application symfony2 integration

Link: http://www.sitepoint.com/autogenerate-crud-apps-phreeze/

Clear Code Blog:
How to Manage Your Application Setup with Composer
May 27, 2014 @ 11:50:55

On the Clear Code blog today there's an article posted showing you how to manage your application with Composer, the PHP dependency manager that's taken the PHP community by storm.

Composer is a dependency management tool for PHP based projects. It allows you to declare, install, and then manage all of your dependencies in your project. Right, so you can manage the libraries that your project requires in order to work. But is that all you can really do with Composer? Definitely not! In fact, I believe this is a very small part of Composer and its possibilities. In this article, I'll try to show you how Composer can be used for performing more complex tasks in PHP based projects.

He shows how to set up a system where even the base parts of the applications become dependencies and can be built up as a part of the Composer install. He includes an example of pulling from a private version control source and the matching "composer.json" file the repository will need. He also includes the composer commands to get the install up and running as well as a warning about handling credentials as a part of the execution.

0 comments voice your opinion now!
tutorial application dependency management composer

Link: http://clearcode.cc/2014/05/manage-application-setup-composer/

Paul Jones:
Action-Domain-Response A Tentative MVC Refinement
May 07, 2014 @ 09:49:36

In his latest post Paul Jones has proposed a "tentative MVC refinement" as the structure behind your application. He suggests something called the action-domain-response pattern, focusing on some of the more common practices in web application development today instead of an ideal.

The term MVC has experienced some semantic diffusion from its original meaning, especially in a web context. Because of this diffusion, the Action-Domain-Response pattern description is intended as a web-specific refinement of the MVC pattern. I think ADR more closely fits what we actually do in web development on a daily basis. [...] We generally route and dispatch not to a controller class per se, but to a particular action method within a controller class. It is also partly revealed by the fact that we commonly think of the template as the View, when in a web context it may be more accurate to say that the HTTP response is the View. As such, I think ADR may represent a better separation of concerns than MVC does in a web context.

He goes through the structure he's worked up, showing the interaction between the parts and compares the flow to a typical MVC-based application. He also mentions a few other MVC pattern alternatives including Data-Context-Interaction and Model-View-ViewModel. He then gets into an actual code-based example using a typical blog application. He compares the directory structure and proposes that instead of one controller per file it becomes one action per file (and one response per file accordingly).

0 comments voice your opinion now!
modelviewcontroller mvc actiondomainresponse adr designpattern application

Link: http://paul-m-jones.com/archives/5970

Gonzalo Ayuso:
Token based authentication with Silex Applications
May 06, 2014 @ 10:56:32

Gonzalo Ayuso has put together a new post for his site showing how to do token-based authentication with Silex and the help of a few additional Symfony components.

What happens if we want to use a security layer [in a Silex application]? We can use sessions. Sessions are the "standard" way to perform authentication in web applications, but when our application is a PhoneGap/Cordova application that uses a Silex server as API server, sessions aren't the best way. The best way now is a token based authentication. The idea is simple. First we need a valid token. Our API server will give us a valid token if we send valid credentials in a login form. Then we need to send the token with each request (the same way than we send the session cookie with each request).

He includes all the code you'll need to follow along. His example shows a basic Silex application that fetches the token from the URL and uses middleware to handle the validation. There's a bit of CORS mixed in as well to make the cross-domain requests from the applications possible. He creates a service provider (for logins) and controller provider to handle each type of request.

0 comments voice your opinion now!
token authentication silex application tutorial

Link: http://gonzalo123.com/2014/05/05/token-based-authentication-with-silex-applications/

Three Devs & A Maybe Podcast:
Delving into Laravel
April 17, 2014 @ 09:46:43

The Three Devs and a Maybe podcast has release their latest episode hosted by Michael Budd, Fraser Hart, Lewis Cains and Edd Mann. In this new edition, Episode #20, Delving into Laravel, they talk about the Laravel framework in their continuing series covering web application frameworks.

In this weeks show we follow up the discussion on CodeIgniter with an introduction to Laravel. Introduced only a few years ago, the framework has been a 'breath of fresh air' in the PHP framework landscape. Starting with a brief history of the project and how it has evolved, we move on to highlight key features of the framework that set it apart. One such inclusion is the extensive use of an IoC container, and how Facades cater for an expressive code-base.

Other topics include PHP2Python, virtPHP and the history and philosophy of Laravel. You can listen to this latest episode either though the in-page player, grabbing the mp3 or by subscribing to their feed.

0 comments voice your opinion now!
threedevsandamaybe application framework laravel introduction podcast

Link: http://threedevsandamaybe.com/posts/delving-into-laravel/

SitePoint PHP Blog:
Can Great Apps Be Written in PHP - An Interview Series
April 15, 2014 @ 13:05:34

Matthew Setter has started off a series of posts on the SitePoint PHP blog with the first post interviewing community members to answer one main question, "can great apps be written in PHP?"

I read an old post, circa 2010, on the MailChimp blog a little while ago, about their experience using PHP. It struck a chord with me, because the sentiments they shared I've felt myself, and heard echoed many times over the years. [...] Despite its successes, or people's successes with it (a la Facebook, MailChimp, Hailo, Google, and others), it's inferred we should use languages which had their foundations as pure languages; not ones which came to be a language, as PHP evolved into over time.

He references some of the other comments in the Mailchimp article about their experience with the language along with mentions of a few others. He wonders if these negative comments are true and, to get some answers, searches out other developers and their opinions. In this first interview he talks with Bobby Deveaux about his background in the language, what he'd like to see added and more.

0 comments voice your opinion now!
application opinion mailchimp design language interview bobbydeveaux

Link: http://www.sitepoint.com/can-great-apps-written-php-interview-series


Community Events





Don't see your event here?
Let us know!


threedevsandamaybe list podcast community series introduction framework unittest interview refactor release developer testing code symfony2 laravel opinion install language configure

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework