Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Michelangelo van Dam:
Speeding up database calls with PDO and iterators
Jul 27, 2015 @ 08:45:28

In a post to his site Michelangelo van Dam shows you how to speed up database calls with PDO and iterators in a "no framework" environment.

When you review lots of code, you often wonder why things were written the way they were. Especially when making expensive calls to a database, I still see things that could and should be improved.

When working with a framework, mostly these database calls are optimized for the developer and abstract the complex logic to improve and optimize the retrieval and usage of data. But then developers need to build something without a framework and end up using the basics of PHP in a sub-optimal way.

He points out some of the common issues with a simple approach using just PDO and simple arrays including performance issues. Instead he recommends the use of iterators that wrap a PDO connection and allow for much simpler fetching and iteration of the found results. He includes code examples for a base iterator instance and a way to extend it to get the customized results. He also includes a few benchmarks showing the difference between a foreach loop and this iterator method.

tagged: database pdo iterator foreach benchmark compare

Link: http://www.dragonbe.com/2015/07/speeding-up-database-calls-with-pdo-and.html

Reddit.com:
Are ORMs Inherently Limiting?
Jul 09, 2015 @ 11:43:37

On the /r/php subreddit on Reddit.com, TheSkilletHead wonders if ORMs are inherently limiting in PHP development. Their main point is that, in abstracting and simplifying the interface the developer has to work with, some of the power of the complex database handling is lost.

I don't feel like I'm asking too much from an ORM. I'm not asking for the ORM to manage database-side functions. I'm not asking it to manage database-side variables. I'm not asking it support every type of INSERT (like INSERT DELAYED). I'm OK that it doesn't support LOAD DATA INFILE. I'm even OK with the overhead. However, when I look up why Doctrine doesn't support UPDATE ... JOIN and the response is "it's too different across database engines", then I'm a bit disappointed because that seems to be why one would use an ORM in the first place. [...] Can an ORM be a useful tool to abstract the database or is it just a crutch for people who can't be bothered to learn SQL?

There's quite a few comments on the post already, most confirming his opinion that ORMs are limiting. Some, however, note that they don't have to be. There are some (like the CakePHP 3 ORM) that do have some more advanced features and are still easy to use. Despite this, most of the comments are about developers moving away from ORM use towards more specific, customized solutions that are a better fit for their needs and database systems.

tagged: orm limiting opinion database complexity doctrine

Link: https://www.reddit.com/r/PHP/comments/3cla9l/are_orms_inherently_limiting

David Lundgren:
SPL FileObject & LimitIterator
Jun 24, 2015 @ 08:04:24

In the latest post to his site David Lundgren takes a look at two pieces of PHP's SPL libraries - the FileObject and LimitIterator.

Over that last couple of weeks I've come to use the SPL far more than I have in the past. The SplFileObject for reading CSV files is far more convenient than the fgetcsv() function, and associated code needed for a CSV file. Using the LimitIterator allowed me to easily bypass the first row of the CSV, as they were headers and I knew the format of those headers.

He includes an example of using these two to read from a CSV file, processing the header information and each row following. He also gives another example of the LimitIterator handing the results of a database query, reducing the array set down to only the first twelve items. You can find out more about these two handy tools in their SPL documentation, FileObject and LimitIterator, as well as the rest of the SPL if you haven't looked into it before.

tagged: spl standardphplibrary fileobject limititerator csv database results

Link: http://davidscode.com/blog/2015/06/22/spl-fileobject-limititerator/

NetTuts.com:
Using Laravel 5's Authentication Facade
May 19, 2015 @ 11:26:34

The NetTuts.com site has a new tutorial posted today sharing more information about the authentication facade in Laravel 5 and how to use it to implement simple, custom authentication handling.

Authentication is a part of almost all the web applications you work with. It's really boring to keep repeating all the boilerplate code in every project. Well, the good news is Laravel 5 rids you of this boredom by providing a ready-to-use authentication facade. All you need to do is configure and customize the authentication service provider to your project's needs. In this quick tip, I am going to show you exactly how to do that.

It's a seven step process to get things up and running (it sounds like a lot but all the code is provided):

  • Setting Up the Environment
  • Setting Up the Migrations
  • Configuring the Registrar Service
  • Updating the User Model
  • Updating the View
  • Securing Your Routes
  • Modifying the Default Authentication Routes

Each step includes the code needed and a brief summary of what's happening and how it effects the overall authentication setup. He also ends the post with a brief mention of the "password reset" email functionality and where the content for that email is located.

tagged: laravel5 authentication facade custom tutorial database

Link: http://code.tutsplus.com/tutorials/using-laravel-5s-authentication-facade--cms-23461

SitePoint PHP Blog:
Efficient User Timelines in a PHP Application with Neo4j
Apr 15, 2015 @ 12:41:25

In the latest post to the SitePoint PHP blog Christophe Willensen shows you how to use PHP and the Neo4j graph database to make efficient user timelines in your application. In this case, "timeline" should be thought of as something like a Twitter or Facebook status update feed.

Any social application you encounter nowadays features a timeline, showing statuses of your friends or followers generally in a descending order of time. Implementing such a feature has never been easy with common SQL or NoSQL databases. Complexity of queries, performance impacts increasing with the number of friends/followers and difficulties to evolve your social model are points that graph databases are eliminating. In this tutorial, we’re going to extend the demo application used by the two introduction articles about Neo4j and PHP.

He starts off with a look at how to model the timeline in the graph database, showing different methods to create the relationships: one a direct user-to-post and the other via a linked list. He goes through the initial setup of the codebase and the sample dataset to populate the Neo4j database. He then includes code samples showing how to get the latest feed items for a user and displaying the results in a simple template (Twig-based). He also shows how to get the latest posts for the timeline and how to add a new post.

tagged: tutorial neo4j database graph user timeline socialmedia

Link: http://www.sitepoint.com/efficient-user-timelines-php-application-neo4j/

Mike Bronner:
Run #AllTheCommands Outside of Homestead
Mar 04, 2015 @ 10:02:49

In this new post Mike Bronner shows you how to get the latest PHP5 and Mcrypt versions installed on OS X Yosemite to make ti easier on developers needing to run commands outside of Homestead.

Laravel Homestead has brought virtual machines for web development to the mainstream PHP developer: it makes setting up a development stack similar to XAMP extremely simple. [...] However, one of the drawbacks so far has been that you always needed to run Laravel Artisan commands from within homestead, as they depending on MCrypt being installed. [...] The accepted solution thus far has been to install newer versions of PHP alongside Apple’s version using Homebrew or MacPorts. [...] However, there’s another method I came across while research some non-related issues: install the latest version of PHP from a binary that includes the MCrypt extension.

He walks you through the complete process (well, except for getting Homestead - that needs to already be there) complete with each command you'll need. You'll need to be familiar with the command line to make this all happen and know how to edit configuration files. If all goes well, the "artisan" command will work correctly and no errors will happen during the compile. He also includes a fix you'll need to put in to get the database configuration working from outside Homestead too.

tagged: laravel homestead command artisan mcrypt install configure database

Link: https://medium.com/@genealabs/run-allthecommands-outside-of-homestead-e2fc8d05251f

NetTuts.com:
Using Plugins to Speed Up WordPress
Feb 23, 2015 @ 09:54:06

On the NetTuts.com site today they've posted the first part of their "Speeding Up WordPress" series - Using Plugins to Speed Up WordPress. In this start to the series, they show you how to use two methods to speed up your WordPress installation: using caching and database optimization.

One of the most popular talking points in the WordPress community is speeding up WordPress and optimizing web pages. I don't think there is a WordPress blog without an "X Tips to Speed Up WordPress" article. Don't get me wrong, it's a good thing. But we need better articles about this topic instead of dull plugin round-ups. This may look like yet another "tips for speeding up WordPress" tutorial, but in this three-part series, we're going to go through every aspect of optimizing and speeding up your WordPress website.

They start with caching and show how do both client and server-side caching using techniques both inside and outside of WordPress itself. They also link to two plugins to help with the server-side handling. Following the caching talk they look at optimizing the database. They point you towards the WP-Optimize plugin as the best way to squeeze the most performance from your database (without breaking how WordPress works).

tagged: plugin wordpress speed optimizae cache database

Link: http://code.tutsplus.com/tutorials/using-plugins-to-speed-up-wordpress--cms-22055

SitePoint PHP Blog:
Discover Graph Databases with Neo4j and PHP
Feb 16, 2015 @ 11:49:51

The SitePoint PHP blog has a post today about combining PHP and Neo4j, a popular graph database, and create a simple application.

In this post, we’ll be learning about Neo4j, the leading graph database, and ways to use it with PHP. In a followup post, we’ll be building a proper graph application powered by Silex. [...] For the newcomers, here is a short introduction to graph databases and Neo4j, apart from the theoretical glance we threw at it last year.

For those not familiar with some of the concepts behind graph databases, they start with a quick introduction. They illustrate the concept of relationships with a few helpful images. They also cover the basics of Cypher, the language used in Neo4j database queries. They then show how to get the Neoxygen components installed to talk with the Neo4j database (via an HTTP API) and configuring a basic connection. The remainder of the post shows how to insert data into the database, including relationships, and pulling that information back out via PHP.

tagged: graph database neo4j tutorial introduction neoxygen series part1

Link: http://www.sitepoint.com/discover-graph-databases-neo4j-php/

Resonant Core:
Building Secure Web Applications in PHP
Feb 09, 2015 @ 10:26:19

The Resonant Core blog has a post today with a selection of tips and techniques you can use to help build secure applications in PHP, preventing several of the most common issues (several as mentioned in the OWASP Top 10).

There are but two causes for the unintentional creation of insecure web applications: A lack of knowledge about security [and] bad development habits. Developers who don't know about the risks involved with writing a widget a certain way are unlikely to make the secure choice. Thanks to the work of MITRE and OWASP, the most common vulnerabilities (and their consequences) are widely known and accessible. However, when teams are under pressure to meet a tight deadline, bad habits and insecure development practices may still emerge.

Most of the examples (at least the solutions) center around a framework they've created (Tuner) but the concepts are all there and could be adapted to other tools easily. They talk about the "pain" that can come with secure coding and how the right tools can make it much easier for the developer. He talks about how the framework offers a better database interface based on PDO and prepared statements to prevent SQL injection issues (with examples for each of the CRUD operations). He also shares a list of pre-existing PHP libraries that can help make the rest of you application secure too including:

He also mentions a PHP extension that adds in scrypt support, another option for hashing strings and passwords as an alternative to bcrypt.

tagged: secure application database sqlinjection library recommended list

Link: https://resonantcore.net/blog/2015/02/building-secure-web-applications-in-php

Kevin Schroeder:
If you develop for Magento, know your indexes
Feb 02, 2015 @ 09:34:19

Kevin Schroeder makes a suggestion to all of the Magento developers out there - be sure to know your indexes and how to use them to your advantage.

When I first got into Magento development, in my mind, there were two ways of getting data from the database. You would either call Mage::getModel(‘catalog/product’)->load($id) or you would work with the collection. If you wanted to get a filtered list of something you would use the ORM to get it. But as I’ve gained more experience (fairly quickly, I might add) I realized that there was more to the puzzle. A good portion of this is because I work with Magento ECG and some of the best Magento devs and architects can be found there and I’m a quick learner.

He gives an example of going beyond the usual one-to-one relationship most people use with Magento's models. He includes an example of wanting to fetch a list of all products in the same category as another and the "anit-pattern" that comes with it. Instead he offers the solution of an index, a simple one that merges the catalog category and product index ID. This makes using a custom query with a handy join much easier and much faster.

tagged: magento database collection query index tutorial category

Link: http://www.eschrade.com/page/if-you-develop-for-magento-know-your-indexes/