News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Qandidate.com Blog:
Fault tolerant programming in PHP
July 17, 2014 @ 10:44:04

The Qandidate.com blog has a new post today looking at fault tolerant programming in PHP applications. Essentially, this means writing your code so that error conditions are handled gracefully and with as little impact as possible.

In your application, every time you call an "external" service you are vulnerable to the failure in that service. That either might be a third party API being down, your database being unresponsive or unexpected errors from the 3rd party library you are using. With many developers and companies being interested in composing applications out of microservices at the moment, guarding for failures because of broken dependencies gets even more important.

They describe a situation where data is coming from an external source (an inventory service) and a timeout or connection failure occurs. They propose a sort of "circuit breaker" to be put in place to protect the application, fail fast on error and maybe even retry until the request is successful. They also point out a library from oDesk, Phystrix, that allows for fault tolerant execution through a wrapper that traps errors and deals with them instead of just breaking. This is the first part of a series, so in part two they'll show the library in use along with the React HTTP client.

0 comments voice your opinion now!
fault tolerant application phystrix library execution failure

Link: http://labs.qandidate.com/blog/2014/07/14/fault-tolerant-programming-in-php/

PHP Manual Masterpieces:
I Can't Spell PBKDF
November 13, 2013 @ 09:58:08

On the PHP Manual Masterpieces site has a recent post looking at PBKDF and PHP (and, more specifically, the information that's presented about it in the manual).

So why are we here? Well, a faithful follower slipped me a tip to check out the documentation. It turned out I agreed: I don't like it. [...] Let's be clear: I have read the backing C code of this feature and I see nothing wrong with the actual functionality. My issues are strictly with the documentation and the API, both of which are very PHP-ish in the sorts of ways that drive me to hateblog about a programming language on a Friday night. It turns out there are people who are totally okay with these design decisions, and I can't help that their subjective tastes are wrong, but that's just how it is.

She mentions three different major issues with the documentation currently in the manual:

  • Non-copypaste-safe cryptography
  • The fact that PHP does not fail effectively when it comes to cryptographic handling
  • The lack of units defined (like for the "length" parameter of hash_pbkdf2)
0 comments voice your opinion now!
pbkdf cryptography manual examples error failure units

Link: http://phpmanualmasterpieces.tumblr.com/post/66426423275/i-cant-spell-pbkdf

Paul Jones:
Publish Your Failures; or, The Way Of All Frameworks
October 29, 2013 @ 12:19:59

Paul Jones has an interesting post on his site today talking about how how your "framework of choice" will eventually fail even if there is long term support for it. He points to another article about trial and error and emphasizes that (as Richard Feynman has said) failures are just as important as successes.

When it comes to expanding a body of knowledge, the failures are just as important as the successes, perhaps more so in some cases. (Be careful here; they have to be "honest" failures, where you had some reason to believe in advance that it had a good chance of working.) So what is it about the "Pipe Dream" article [here] that impressed me? It is that the the author first signals his tribe membership by mentioning his "framework of choice", then proceeds to try to do some work outside of that tribe.

Paul goes on to talk about the usefulness of stepping outside of your norm - your framework of choice - and getting a wider perspective on how others do things. He looks at some of the ways that current frameworks could fail in the future and figuring out how well it will deal with it when it does. He points out that several times the failure comes from "subsystem failures" and that systems that allow the swapping out of these components would handle things more gracefully. He gives the example of the Aura framework of this, being highly component-based.

0 comments voice your opinion now!
failure framework choice future component aura

Link: http://paul-m-jones.com/archives/4757

Brandon Savage:
Consuming RabbitMQ messages with PHP
May 31, 2013 @ 09:15:47

Brandon Savage continues his look at using RabbitMQ and PHP together to queue up requests today in this latest post. In this new part of the series, he focuses on the last piece of the puzzle - consuming the requests in the queue. (Parts one and two)

Once you've created a RabbitMQ producer, it's fairly easy to create a consumer. In fact, the only difference is in exactly what commands you're using. The connection, envelope, channel and queue declarations are the same. While in RabbitMQ you publish to the exchange, you actually do consume a specific queue. As a result, the commands for consuming are part of the AMQPQueue class.

He shows you how to set up the code to sit in the background and wait for a queue request and how to fetch them in a non-blocking way. He finishes off the post with a look at handling success and error conditions (based on the status of message consumption, not the result of the processing).

0 comments voice your opinion now!
rabbitmq tutorial consume amqp library success failure nonblocking background

Link: http://www.brandonsavage.net/consuming-rabbitmq-messages-with-php

Anthony Ferrara:
Our Failure As An Industry
May 07, 2013 @ 09:19:34

Anthony Ferrara has a new post to his site today describing what he sees as a failure in our industry - letting security become an after-thought to the development process.

In the April issue of the PHPArch magazine (also published on her blog), Elizabeth Tucker Long wrote a really interesting editorial piece coining a concept she called Security-Driven-Development. She (quite correctly) identified a problem in the current development community where security has become an after-thought (if it's thought of at all). This isn't a new concept, in fact it's a concept that I and many others have been preaching for quite a while now. However I've been coming to realize that I've had it wrong the whole time. And I think the entire industry is getting it wrong today.

He talks some about the current state of web application development and how, even with more powerful technologies than ever, we still fall short in security testing. He suggests that the current way of doing things - treating security testing as a "throw it over the wall" or "someone else's job" problem - needs to stop. Security needs to be integrated with development and he suggests that managers and developers of open source projects should take the lead.

0 comments voice your opinion now!
failure industry security testing development opinion

Link: http://www.lornajane.net/posts/2013/setting-multiple-headers-in-a-php-stream-context

Anthony Ferrara:
Failure Is Always An Option - Programming With Anthony
April 01, 2013 @ 09:03:19

Anthony Ferrara has posted another video in his "Programming with Anthony" series, this time pointing out that failure is always an option.

A few days ago, I posted a video about how to become a better developer. There were a few interesting comments made, but one in particular from the Reddit threadpeaked my interest. So I decided to do a reply.

You can watch the video either in his blog or over on Youtube. He's also included the some of the contents of the Reddit post and a funny (relevant) comic about learning "C++ in 21 days".

0 comments voice your opinion now!
failure option video programming youtube reddit


Paul Reinheimer's Blog:
The Danger of Hooks
January 12, 2012 @ 09:12:18

Paul Reinheimer has a recent post to his blog talking about the danger of "hooks" in your development - the functionality several frameworks and other tools come with to allow you to add functionality to the core without having to change the main source.

I ran into hooks rather simultaneously with two very different frameworks: Code Igniter and Lithium. In both cases I was using a rather nifty hook to handle ensuring that users were properly authenticated and authorized before accessing a page. [...] One day, while messing around, I accidentally turned off the hook configuration within Code Igniter (actually I clobbered a file, and restored the wrong one). Then, things came crashing down in a horrible cacophony of... actually they didn't. Everything kept working: that was the problem.

He shows two solutions he came up with to be sure that his hooks were executed - one for Lithium and the other for CodeIgniter. The Lithium one uses a "_remap" method and the CodeIgniter example uses the magic "__invoke" method to check for an "AUTH_CHECKED" constant that's only defined as a part of his hooks.

I'm no longer entirely dependent on one configuration option or file for my security to function. Should it fail, I've got a secondary check in place; this example of defence in depth allows me to be comfortable with the hooks security system once more.
0 comments voice your opinion now!
danger hook framework codeigniter lithium failure


php|architect:
Why Software Fails
October 10, 2011 @ 10:48:10

On the php|architect site today there's an opinion piece from Marco Tabini with his thoughts on why software fails - not why the project itself fails, but why the software fails to be useful.

This is a much more common problem than engineers and architects are willing to admit. Far too often I see someone in charge of writing a piece software worry about how a product works without paying so much as a passing thought to whether it actually works the way people expect it to. The truth is that we are, by and large, stuck in a reality where software somehow equates with automation.

He goes on to talk about how easy it is for us, as developers, to forge head with features and software that may not be useful to the masses. We worry more about solving a problem that may or may not actually be there. He illustrates with the example of a to-do list, providing the automation to make list tracking easier, but no guidance of how the user can make use of it effectively.

0 comments voice your opinion now!
opinion software failure feature usefulness


Håvard Eide's Blog:
ChaosMonkey
September 19, 2011 @ 09:11:26

Håvard Eide has a new post sharing a tool he's created (based on some ideas presented in this netflix blog post) for testing a web service. Specifically, his tool helps you test a web service developed with the Slim framework.

I just pushed a example on how to create a Slim framework to github. The idea is that whenever you create a webservice with the Slim framework (which is really simple) you rarely test for failure, the ChaosMonkey class will help you to do just that. When initialized with the AbsoluteChaos plugin it will randomly kill the webservice with exceptions, garbage to the output, or just run the service for you without failure at all.

His plugin does a lot of things right now, but it's easy to extend with your own failure types - like his suggested "networkSleep" or something that could kill the connection to MySQL. He includes a code snippet in the post of how to hook Slim and ChaosMonkey together for some testing fun.

0 comments voice your opinion now!
chaosmonkey library webservice slim framework testing failure


IT World:
Lost programming skills
August 25, 2011 @ 08:50:42

On IT World there's an interesting article about the programming skills that seem to be lost in today's coders and how what they may not know might hurt them in the end.

Some of these skills aren't likely to be needed again, any more than most of us need to know how to ride a horse or (sigh) drive a manual-transmission vehicle. But other skills and "lessons learned" may still or again prove relevant, whether developers are banging their heads against legacy systems, coding for new mobile and embedded devices... or other devices and applications we haven't yet thought of. [...] Here's what some industry veterans and seasoned coders think the younger generation doesn't know ... but should.

He's broken it up into a few different sections - one dealing with the lack of general hardware knowledge by a good section of the today's developers, another noting that programming is not the same as software engineering (yes, really). He also touches on the lacking idea of "thinking before coding" and how planning for errors has become less and less of an importance.

0 comments voice your opinion now!
programming skills opinion planning hardware failure engineer performance



Community Events





Don't see your event here?
Let us know!


interview unittest tips introduction opinion update zendserver install api podcast laravel package symfony language deployment community series release framework library

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework