Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Freek van Der Herten:
Breaking Laravel's firstOrCreate using race conditions
Jun 22, 2018 @ 14:46:52

In this new post to his site Freek Van der Herten shares a time when he was working on a data import that ended in some unexpected results thanks to an interesting race condition.

Recently I was working on a client project where a data import was performed via queues. Each record was imported in its own queued job using multiple queue workers. After the data import was done we had more rows than expected in the database. In this blogpost I'd like to explain why that happened.

He starts by digging into the code that made use of the firstOrCreate method in Laravel's Eloquent handling to find if an entry had already been created for the given data. The method uses two queries, one to determine if the record exists and another to create it if not. The issue was with the fact that it was being handled in a queue meaning that the select could happen and return false while another process was creating the record. He even created a demo app to show it happening and includes screenshots showing the result. He recommends moving the process to a separate queue and having only one worker executing at a time. There's not a good code-based solution for it as it's more of an issue with the architecture than the application itself.

tagged: laravel eloquent firstorcreate tutorial race condition

Link: https://murze.be/breaking-laravels-firstorcreate-using-race-conditions

Matt Stauffer:
Conditionally Loading Service Providers in Laravel 5
Mar 12, 2015 @ 15:16:35

Matt Stauffer has a new post to his site showing you how to conditionally load providers in your Laravel-based application with some additional code in the AppServiceProvider.

Since Laravel 5 flattened a lot of the environment-specific structures, much of the configuration that was once stored in different config directories for each environment has now moved into .env files. But one that can't just live in .env is the environment-dependent loading of service providers.

He starts with a look at the normal service provider loading process, using the application configuration and adding them to the "providers" list. This loads them every time a request is made, even if they're not needed. His solution adds some code to the "register" method in the AppServiceProvider class to check the environment (like "production" versus "dev") and loads different providers based on the result.

tagged: condition load service provider laravel5 appserviceprovider register

Link: https://mattstauffer.co/blog/conditionally-loading-service-providers-in-laravel-5

Community News:
XPath Explained (by Tobias Schlitt and Jacob Westhoff)
Feb 12, 2009 @ 16:28:04

Tobias Schlitt and Jacob Westhoff have written up and article (and posted it over on Tobias' blog) that wants to help you understand XPath better - whether you're a novice or have been using it for a while.

This paper will give an overview on XPath an addressing language for XML documents. XPath is a W3C recommendation currently in version 1.0. XPath was created in relation to the XSL recommendation and is intended to be used with XSLT and XPointer. Beside that, XPath can be used in a variety of programming languages, commonly in combination with a DOM API.

The article starts with an introduction to the concept of XPath, moves on to addressing, talks about XPath axes, mentions functions/operators/conditions and looks at styling XML with XPath and XSLT.

tagged: xpath xslt address axes function operator condition

Link:

Felix Geisendorfer's Blog:
Model::save() now returns an array!
Nov 07, 2007 @ 16:23:00

Felix Geisendorfer has a quick tip for CakePHPers out there today - an update to the framework that might cause a "gotcha" moment in your code:

Just got bitten by this one when updating to the latest version of CakePHP. If you use code [checking to see if the return from a save() is true] in your app, you're in for a surprise. Because as of revision 5895 Model::save() now returns Model::data on success if its not empty.

He notes that most developers don't seem to do it this way, but it tripped him up enough to where he wanted to share it with the CakePHP community so they'd know. Check out the comments on the post for other issues that might be caused by the change.

tagged: cakephp framework model save condition return array cakephp framework model save condition return array

Link:

Felix Geisendorfer's Blog:
Model::save() now returns an array!
Nov 07, 2007 @ 16:23:00

Felix Geisendorfer has a quick tip for CakePHPers out there today - an update to the framework that might cause a "gotcha" moment in your code:

Just got bitten by this one when updating to the latest version of CakePHP. If you use code [checking to see if the return from a save() is true] in your app, you're in for a surprise. Because as of revision 5895 Model::save() now returns Model::data on success if its not empty.

He notes that most developers don't seem to do it this way, but it tripped him up enough to where he wanted to share it with the CakePHP community so they'd know. Check out the comments on the post for other issues that might be caused by the change.

tagged: cakephp framework model save condition return array cakephp framework model save condition return array

Link:

Andy Bakun's Blog:
Race Conditions with Ajax and PHP Sessions
Nov 14, 2006 @ 15:49:00

Race conditions in applications can be one of the hardest things to work out the kinks on, especially in a more complex application you're adding the new functionality to. One such instance comes up when you add Ajax functionality into the mix. Because of its asynchronous nature, it can cause a race condition version easily. Andy Bakun has been there and done that in his code and has found some helpful hints he's sharing in this (info packed) post over on his blog.

One of the problem with race conditions is that it is often difficult to actually witness the ramifications of one when it happens, especially if you are not aware of it. If you've used PHP's built-in, default session handling (that uses files), you'll never come across the problem. However, things get interesting once you start using session_set_save_handler to write your own session handler.

He breaks it down into some more manageable chunks:

  • A Multi-processing but non-Threaded Environment
  • The Default PHP Session Handler
  • Observing the Race Condition
  • The Demo App Interface
  • Resource Contention
  • Minimizing Lock Holding Time
  • Why is per-variable locking important?
  • Rolling Your Own Session Handler
  • The Code
See? You didn't believe me when I said it was long...there's tons of great info in there about working with sessions in PHP and how to get Ajax to play nice when manipulating the data inside them. There's plenty of test code and some sidebars with additional information to keep you reading for a while. Be sure to check this one out, even if you're just working with PHP sessions and Ajax and don't have a race condition issue in your app - never hurts to be prepared.

tagged: ajax session threaded handler race condition tutorial lock ajax session threaded handler race condition tutorial lock

Link:

Andy Bakun's Blog:
Race Conditions with Ajax and PHP Sessions
Nov 14, 2006 @ 15:49:00

Race conditions in applications can be one of the hardest things to work out the kinks on, especially in a more complex application you're adding the new functionality to. One such instance comes up when you add Ajax functionality into the mix. Because of its asynchronous nature, it can cause a race condition version easily. Andy Bakun has been there and done that in his code and has found some helpful hints he's sharing in this (info packed) post over on his blog.

One of the problem with race conditions is that it is often difficult to actually witness the ramifications of one when it happens, especially if you are not aware of it. If you've used PHP's built-in, default session handling (that uses files), you'll never come across the problem. However, things get interesting once you start using session_set_save_handler to write your own session handler.

He breaks it down into some more manageable chunks:

  • A Multi-processing but non-Threaded Environment
  • The Default PHP Session Handler
  • Observing the Race Condition
  • The Demo App Interface
  • Resource Contention
  • Minimizing Lock Holding Time
  • Why is per-variable locking important?
  • Rolling Your Own Session Handler
  • The Code
See? You didn't believe me when I said it was long...there's tons of great info in there about working with sessions in PHP and how to get Ajax to play nice when manipulating the data inside them. There's plenty of test code and some sidebars with additional information to keep you reading for a while. Be sure to check this one out, even if you're just working with PHP sessions and Ajax and don't have a race condition issue in your app - never hurts to be prepared.

tagged: ajax session threaded handler race condition tutorial lock ajax session threaded handler race condition tutorial lock

Link:

Felix Geisendorfer's Blog:
Basic CakePHP templating skills
Oct 12, 2006 @ 12:44:00

From the ThinkingPHP blog today, Felix Geisendorfer has shared some of his experience to help those CakePHP users out there that are looking at doing more templating to their applications than just the normal index changes.

One of the things I don't see getting to much coverage is how to create good templates when working with CakePHP. Since those are written in plain PHP, this does not apply to CakePHP only. So I'm sure many people have already developed their own style that they are comfortable with and I don't ask for them to change it. However, maybe some people new to the framework / language can benifit by taking a look at the one I'm using.

He covers a few different topics:

    PHP tags
  • Conditions
  • Loops
  • the linebreak issue
  • avoiding multi-line statements
  • Creating Zebra striped table rows
The code included on some of the points (not the multi-line or the PHP tags items) is simple and is summed up in less than six lines.

tagged: cakephp templating skills basic framework condition loop linebreak zebra cakephp templating skills basic framework condition loop linebreak zebra

Link:

Felix Geisendorfer's Blog:
Basic CakePHP templating skills
Oct 12, 2006 @ 12:44:00

From the ThinkingPHP blog today, Felix Geisendorfer has shared some of his experience to help those CakePHP users out there that are looking at doing more templating to their applications than just the normal index changes.

One of the things I don't see getting to much coverage is how to create good templates when working with CakePHP. Since those are written in plain PHP, this does not apply to CakePHP only. So I'm sure many people have already developed their own style that they are comfortable with and I don't ask for them to change it. However, maybe some people new to the framework / language can benifit by taking a look at the one I'm using.

He covers a few different topics:

    PHP tags
  • Conditions
  • Loops
  • the linebreak issue
  • avoiding multi-line statements
  • Creating Zebra striped table rows
The code included on some of the points (not the multi-line or the PHP tags items) is simple and is summed up in less than six lines.

tagged: cakephp templating skills basic framework condition loop linebreak zebra cakephp templating skills basic framework condition loop linebreak zebra

Link:

Hardened-PHP Project:
Advisory - PHP open_basedir Race Condition Vulnerability
Oct 04, 2006 @ 14:10:00

The Hardened-PHP Project has released another vulnerability today, this time it's an issue with one of PHP's own internal functions - open_basedir.

The design of the open_basedir feature of PHP that is meant to disallow access to files outside a set of configured directories is vulnerable to race conditions.

It was discovered that this design flaw can be exploited with the usage of PHP's symlink() function in a very easy way. We believe that the only solution to this problem is disabling the function symlink() while open_basedir is used (this feature was therefore added to our Suhosin PHP Security Extension).

They also note, unfortunately, that the problem may not be fixable due to how it can be implemented. They provide a more detailed explaination and some PHP psuedo-code to help illustrate the point.

tagged: openbasedir vulnerability race condition openbasedir vulnerability race condition

Link:


Trending Topics: