News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Mike Bronner:
Run #AllTheCommands Outside of Homestead
March 04, 2015 @ 10:02:49

In this new post Mike Bronner shows you how to get the latest PHP5 and Mcrypt versions installed on OS X Yosemite to make ti easier on developers needing to run commands outside of Homestead.

Laravel Homestead has brought virtual machines for web development to the mainstream PHP developer: it makes setting up a development stack similar to XAMP extremely simple. [...] However, one of the drawbacks so far has been that you always needed to run Laravel Artisan commands from within homestead, as they depending on MCrypt being installed. [...] The accepted solution thus far has been to install newer versions of PHP alongside Apple's version using Homebrew or MacPorts. [...] However, there's another method I came across while research some non-related issues: install the latest version of PHP from a binary that includes the MCrypt extension.

He walks you through the complete process (well, except for getting Homestead - that needs to already be there) complete with each command you'll need. You'll need to be familiar with the command line to make this all happen and know how to edit configuration files. If all goes well, the "artisan" command will work correctly and no errors will happen during the compile. He also includes a fix you'll need to put in to get the database configuration working from outside Homestead too.

0 comments voice your opinion now!
laravel homestead command artisan mcrypt install configure database

Link: https://medium.com/@genealabs/run-allthecommands-outside-of-homestead-e2fc8d05251f

NetTuts.com:
Using Plugins to Speed Up WordPress
February 23, 2015 @ 09:54:06

On the NetTuts.com site today they've posted the first part of their "Speeding Up WordPress" series - Using Plugins to Speed Up WordPress. In this start to the series, they show you how to use two methods to speed up your WordPress installation: using caching and database optimization.

One of the most popular talking points in the WordPress community is speeding up WordPress and optimizing web pages. I don't think there is a WordPress blog without an "X Tips to Speed Up WordPress" article. Don't get me wrong, it's a good thing. But we need better articles about this topic instead of dull plugin round-ups. This may look like yet another "tips for speeding up WordPress" tutorial, but in this three-part series, we're going to go through every aspect of optimizing and speeding up your WordPress website.

They start with caching and show how do both client and server-side caching using techniques both inside and outside of WordPress itself. They also link to two plugins to help with the server-side handling. Following the caching talk they look at optimizing the database. They point you towards the WP-Optimize plugin as the best way to squeeze the most performance from your database (without breaking how WordPress works).

0 comments voice your opinion now!
plugin wordpress speed optimizae cache database

Link: http://code.tutsplus.com/tutorials/using-plugins-to-speed-up-wordpress--cms-22055

SitePoint PHP Blog:
Discover Graph Databases with Neo4j and PHP
February 16, 2015 @ 11:49:51

The SitePoint PHP blog has a post today about combining PHP and Neo4j, a popular graph database, and create a simple application.

In this post, we'll be learning about Neo4j, the leading graph database, and ways to use it with PHP. In a followup post, we'll be building a proper graph application powered by Silex. [...] For the newcomers, here is a short introduction to graph databases and Neo4j, apart from the theoretical glance we threw at it last year.

For those not familiar with some of the concepts behind graph databases, they start with a quick introduction. They illustrate the concept of relationships with a few helpful images. They also cover the basics of Cypher, the language used in Neo4j database queries. They then show how to get the Neoxygen components installed to talk with the Neo4j database (via an HTTP API) and configuring a basic connection. The remainder of the post shows how to insert data into the database, including relationships, and pulling that information back out via PHP.

0 comments voice your opinion now!
graph database neo4j tutorial introduction neoxygen series part1

Link: http://www.sitepoint.com/discover-graph-databases-neo4j-php/

Resonant Core:
Building Secure Web Applications in PHP
February 09, 2015 @ 10:26:19

The Resonant Core blog has a post today with a selection of tips and techniques you can use to help build secure applications in PHP, preventing several of the most common issues (several as mentioned in the OWASP Top 10).

There are but two causes for the unintentional creation of insecure web applications: A lack of knowledge about security [and] bad development habits. Developers who don't know about the risks involved with writing a widget a certain way are unlikely to make the secure choice. Thanks to the work of MITRE and OWASP, the most common vulnerabilities (and their consequences) are widely known and accessible. However, when teams are under pressure to meet a tight deadline, bad habits and insecure development practices may still emerge.

Most of the examples (at least the solutions) center around a framework they've created (Tuner) but the concepts are all there and could be adapted to other tools easily. They talk about the "pain" that can come with secure coding and how the right tools can make it much easier for the developer. He talks about how the framework offers a better database interface based on PDO and prepared statements to prevent SQL injection issues (with examples for each of the CRUD operations). He also shares a list of pre-existing PHP libraries that can help make the rest of you application secure too including:

He also mentions a PHP extension that adds in scrypt support, another option for hashing strings and passwords as an alternative to bcrypt.

0 comments voice your opinion now!
secure application database sqlinjection library recommended list

Link: https://resonantcore.net/blog/2015/02/building-secure-web-applications-in-php

Kevin Schroeder:
If you develop for Magento, know your indexes
February 02, 2015 @ 09:34:19

Kevin Schroeder makes a suggestion to all of the Magento developers out there - be sure to know your indexes and how to use them to your advantage.

When I first got into Magento development, in my mind, there were two ways of getting data from the database. You would either call Mage::getModel('catalog/product')->load($id) or you would work with the collection. If you wanted to get a filtered list of something you would use the ORM to get it. But as I've gained more experience (fairly quickly, I might add) I realized that there was more to the puzzle. A good portion of this is because I work with Magento ECG and some of the best Magento devs and architects can be found there and I'm a quick learner.

He gives an example of going beyond the usual one-to-one relationship most people use with Magento's models. He includes an example of wanting to fetch a list of all products in the same category as another and the "anit-pattern" that comes with it. Instead he offers the solution of an index, a simple one that merges the catalog category and product index ID. This makes using a custom query with a handy join much easier and much faster.

0 comments voice your opinion now!
magento database collection query index tutorial category

Link: http://www.eschrade.com/page/if-you-develop-for-magento-know-your-indexes/

SitePoint PHP Blog:
Getting Started with Medoo - Examples of Use
December 18, 2014 @ 09:45:26

On the SitePoint PHP blog, there's a new tutorial that introduces you to the Meedoo library, a tool to make working with databases even easier. In this tutorial Wern Ancheta walks you through some of the basics of the tool and shows you how to use it with a Pokemon-based example.

In this article I'm going to walk you through Medoo, a lightweight database abstraction library for PHP. Its main features include: support for multiple databases, being secure and easy to use. [...] While Medoo is nothing revolutionary, and the fact that it sports a very small filesize matters little to few, it's still an interesting project that went from being outright dismissed to vaguely accepted, as evident in these threads. It's on its way up, and that's our reason for taking a look at it.

Once installed (he recommends using Composer) you can follow along with his examples showing how to connect to the database, make a simple select and define something a bit more complex (like multiple other requirements in the SQL statement's "where"). He shows how to execute manual queries and handling more complex operations like joins. He then gets into the other parts of the usual CRUD handling - inserting new data, updating data and deleting data.He finishes the post by mentioning aggregate functions and some of the debugging options the tool includes.

0 comments voice your opinion now!
medoo database tutorial library tool crud complex

Link: http://www.sitepoint.com/getting-started-medoo-examples-use/

Rob Allen:
Registering Doctrine Type Mappings for standalone migrations
November 18, 2014 @ 10:50:47

In a previous post Rob Allen showed you how to use Doctrine migrations as a standalone tool in your applications. In this new post he takes that a step further and shows you how to use the type mapping functionality (allowing for more customized column handling).

Shortly after starting to use Doctrine Migrations as a standalone tool in my project, I came across this error message [about an unknown database type "bit"]. This means that I have a column in my database of type bit which is used for booleans in SQL Server, but confuses the MySQL platform as it's not a default mapping. To support this, you need to modify the database connection's Platform object to know about the new mapping. However, with the setup that I'm using, I didn't have access to the connection object that's automatically created in the Migrations AbstractCommand object. After poking around in the code for a bit, I discovered that the solution is to create the connection object myself and then attach it as a new helper to the ConsoleApplication object.

He includes the code you'll need to add to your "migrations.php" file to set up the mapping relating his "bit" type example back to a "boolean" type. While this specific example is for the "bit" mapping, it shows how any mapping type can be added in. Finally he adds the connection (the one he set the type on) to enable it to be included in the helper set collection.

0 comments voice your opinion now!
register type migration doctrine database tutorial custom mapping

Link: http://akrabat.com/php/registering-doctrine-type-mappings-for-standalone-migrations/

Anna Filina:
Reduce number of queries
October 29, 2014 @ 10:53:10

In her most recent post Anna FIlina makes a recommendation to those looking to increase the performance of an application, especially one that's already in place: simply reduce the number of queries. It sounds simple enough, but can sometimes prove to be difficult depending on the application.

Customers often call me because their site is slow. One of the most common problems I found was a high number of queries that get executed for every single page hit. When I say a lot, I mean sometimes more than 1000 queries for a single page. This is often the case with a CMS which has been customized for the client's specific needs.

In this article, aimed at beginner to intermediate developers, I will explain how to figure out whether the number of queries might be a problem, how to count them, how to find spots to optimize and how to eliminate most of these queries. I will focus specifically on number of queries, otherwise I could write a whole tome. I'll provide code examples in PHP, but the advice applies to every language.

She suggests starting from "the top", looking at the browser's own information on which pieces of data are taking the longest to return back to the client (the latency). This gives a starting direction and tells you where to look for the worst offenders. She talks about a technique to locate and count the queries being made and some common issues found in multiple kinds of software (hint: loops). Then she gets down to the optimization - combining similar queries and better queries through joins.

0 comments voice your opinion now!
query database performance join similar tips

Link: http://afilina.com/reduce-number-of-queries/

Fabien Potencier:
The PHP Security Advisories Database
October 27, 2014 @ 11:54:48

Fabien Pontencier has made an official announcement about a move to make the PHP Security Database the Symfony project started over a year ago. In the announcement he talks about the move to (hopefully) make it more widely adopted - pulling it out from under the Symfony namespace and into the FriendsOfPHP organization.

A year and a half ago, I was very proud to announce a new initiative to create a database of known security vulnerabilities for projects using Composer. It has been a great success so far; many people extended the database with their own advisories. As of today, we have vulnerabilities for Doctrine, DomPdf, Laravel, SabreDav, Swiftmailer, Twig, Yii, Zend Framework, and of course Symfony (we also have entries for some Symfony bundles like UserBundle, RestBundle, and JsTranslationBundle.)

[...] Today, I've decided to get one step further and to clarify my intent with this database: I don't want the database to be controlled by me or SensioLabs, I want to help people find libraries they must upgrade now. That's the reason why I've added a LICENSE for the database, which is now into the public domain.

The database has already been moved over to the FriendsOfSymfony organization and is still functioning with the SensioLabs security checker. You can find more on the database and its contents in this GitHub project.

0 comments voice your opinion now!
security advisories database public domain friendsofphp

Link: http://fabien.potencier.org/article/74/the-php-security-advisories-database

NetTuts.com:
How to Build Rate Limiting into Your Web App Login
September 22, 2014 @ 11:12:14

In this new tutorial on NetTuts.com, Jeff Reifman shows you how to build rate limiting into your application to help with issues on your login caused by possible brute force attacks.

Since one of the wealthiest corporations in the world [Apple] didn't allocate the resources to rate limit all of their authentication points, it's likely that some of your web apps don't include rate limiting. In this tutorial, I'll walk through some of the basic concepts of rate limiting and a simple implementation for your PHP-based web application.

He starts with a brief look at how (brute force) login attacks actually work and how that relates to the most common passwords used. He splits out the two main approaches to rate limiting in applications: limit based on failures by username or limiting by IP address. He then gets into the actual code examples, choosing a Yii framework-based application for his illustration. He creates a simple "failed login" database table, shows how to log the attempts and includes a snippet to purge items older than (by default) 120 minutes ago. Finally, he includes the code to check the table and see if the username has too many failures listen and, if so, denies them access.

0 comments voice your opinion now!
rate limiting login application tutorial mysql database

Link: http://code.tutsplus.com/tutorials/how-to-build-rate-limiting-into-your-web-app-login--cms-22133


Community Events

Don't see your event here?
Let us know!


library version api series language development interview php7 community podcast framework laravel5 video voicesoftheelephpant unittest release example introduction laravel opinion

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework