Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Rob Allen:
Slim 3.4.0 now provides PSR-7!
May 09, 2016 @ 09:48:10

Rob Allen has a post to his site announcing the latest release of the Slim Framework - v3.4.0 - and an update that allows for full PSR-7 support, telling Composer that the framework fully supports it now as well.

I've been neglecting Slim's PR queue recently, so this weekend I dedicated a lot of time to merging all the good work that our contributors have done. As a result, I'm delighted to release version 3.4.0! This release has a larger set of changes in it than I would have ideally liked which is a direct consequence of having gone two months between releases rather than one.

One particularly interesting addition that we have a made this release is adding a provide section to our composer.json file. [...] This means that we have informed Composer that Slim provides a valid implementation of the interfaces in psr/http-message-implementation virtual package that defines the PSR-7 interfaces.

This basically means that if you're using other libraries/tools that require a PSR-7 compatible system to work correctly, they'll detect that Slim fully supports it.

tagged: slimframework slim3 psr7 support http message implementation composer

Link: https://akrabat.com/slim-3-4-0-now-provides-psr-7/

Symfony Finland:
Exotic PHP implementations: HippyVM, JPHP, Tagua VM, Peachpie
May 02, 2016 @ 09:15:37

On the Symfony Finland blog they have a recent entry looking at some of the other alternative PHP implementations with a brief overview of each.

In the past there have been alternative environment for running PHP in PIPP for Parrot VM and Quercus for JVM, but none of these have had real staying power. This changed with HHVM from Facebook in the early 2010's. It's completely separate from the Zend PHP implementation and is a fully featured alternative.

[...] Many the implementations are just proof of concept implementations and are far from supporting all the language features and rendering them to be useless for running Symfony or other contemporary applications. Regardless of whether these are immediately useful for projects it's interesting to follow these efforts.

The four covered in the post allow for PHP to be run in some pretty non-traditional environments:

There's a brief look at each of these projects included and, while most aren't close to what HHVM has to offer, you might take a look and see if they could be interesting to try out in some of your development.

tagged: implementation alternative hippyvm jphp taugavm peachpie overview

Link: https://www.symfony.fi/entry/exotic-php-implementations-hippyvm-jphp-tagua-vm-peachpie

SitePoint PHP Blog:
Implementing the Range Operator in PHP
Mar 07, 2016 @ 12:55:47

The SitePoint PHP blog has a new tutorial posted (a repost from this article used with permission) about implementing a new operator in the PHP core language: a "range" operator. This operator allows the definition of a range of values (integer/float) as an internal PHP representation.

In the post below, Thomas Punt implements the range operator in PHP. If you’ve ever been interested in PHP internals and adding features to your favorite programming language, now’s the time to learn! This article will demonstrate how to implement a new operator in PHP. The following steps will be taken to do this: updating the lexer, updating the parser, updating the compilation stage and updating the Zend VM. This article therefore seeks to provide a brief overview of a number of PHP’s internal aspects.

He starts with a look at the range operator and how the intended functionality would work (including when the errors would be thrown). He then goes through the steps listed above and makes additions to the source, complete with the C code to make each change. The article is not only a good look at how to add a custom operator but also gives a good overview of the internals of PHP and how things fit together.

tagged: range operator implementation language c thomaspunt tutorial

Link: http://www.sitepoint.com/implementing-the-range-operator-in-php/

Alejandro Celaya:
How to properly implement persistent login
Feb 10, 2016 @ 10:55:37

In his latest post to his site Alejandro Celaya shares some suggestions about how to make a good, safe persistent login feature for your application. This is usually referred to as the "remember me" handling and is widely used to help improve the overall user experience.

I'm sure you are familiar with those "remember me" checkboxes in login forms. They are a common way to allow a user to keep his/her session in a web application for an extended period of time when he is in a trusted computer.

One could think that it is a small and easy-to-implement feature, but it has indeed a lot of considerations. [...] In this article I’m not going to show you how to implement a persistent login in one or another programming language, but what are the good practices that should be followed when you implement it in the way you want.

He starts off with some thoughts about the wrong way to handle the persistent login (like just making a long-life cookie) and what some of the consequences could be. Instead he suggests using a cookie (with a random generated token) that's long running, maybe 2 weeks. The difference here is that this token is then refreshed once the token is validated and reset. This reduces the risk of an older token being used on another source too. He also shares some other security concerns to think about in this setup including the use of one-time tokens, potential multiple persistent sessions and when it might be good to re-prompt for the password.

tagged: persistent login security rememberme implementation advice options

Link: http://blog.alejandrocelaya.com/2016/02/09/how-to-properly-implement-persistent-login/

Evert Pot:
The problem with password_hash()
Feb 25, 2015 @ 10:51:04

Evert Pot has shared some of his thoughts about why he has a problem with password_hash (and friends). His thoughts are initially about this particular feature but they're actually wider than that.

The initial introduction and rfc for these functions made me uneasy, and I felt like a lone voice against many in that I thought something bad was happening. I felt that they should not be added to the PHP engine. I think that we should not extend the PHP engine, when it's possible to write the same API in userland, or there are significant benefits to do it in PHP, such as performance. Since the heavy lifting of the password functions is done by underlying libraries that are already exposed to userland-PHP, it didn't make sense to me to expose it as well in the core.

He includes a list of things he sees as drawbacks for new C-based functionality in PHP including the fact that it extends the "PHP specification" and forces other projects to implement it (like HHVM). He does include a few positives, though, such as the increased visibility and legitimacy, but still thinks they don't outweigh the negatives.

tagged: password hash core language c implementation opinion userland

Link: http://evertpot.com/password-hash-ew/

Nikita Popov:
PHP's new hashtable implementation
Dec 26, 2014 @ 10:20:10

In his latest post Nikita Popov gives a detailed look at PHP's new hashtable implementation and what kinds of improvements it offers over the previous methods. The "hashtable" handling is how the language references array values created during the execution of a script.

About three years ago I wrote an article analyzing the memory usage of arrays in PHP 5. As part of the work on the upcoming PHP 7, large parts of the Zend Engine have been rewritten with a focus on smaller data structures requiring fewer allocations. In this article I will provide an overview of the new hashtable implementation and show why it is more efficient than the previous implementation.

He starts with an introduction to the concept of hashtables, describing them as "ordered dictionaries" of key/value pairs that (internally) reference values in an array. He looks at the old method PHP used to make these links and how the new version, with the help of zval handling, is different. He talks about how it handles the order of elements, does lookups and the introduction of "packed" and "empty" hashtables. He ends the post with a look at this new implementation's memory utilization and what kind of performance gains we can expect with its introduction in PHP7.

tagged: hashtable array implementation php7 performance memory lookup

Link: http://nikic.github.io/2014/12/22/PHPs-new-hashtable-implementation.html

SitePoint PHP Blog:
Create a Movie Recommendation App with Prediction.io – Implementation
Sep 16, 2014 @ 10:54:16

The SitePoint PHP blog continues their series about creating a movie prediction engine with Prediction.io in this second part focusing on implementation. In the first part of the series they set up the server and configuration to make the jump into the code. This second part gets more into the application side and features working code linking the prediction engine with the TheMovieDB API.

He jumps right into the code, showing how to:

  • Fetch the data from the TMDB (via Flight and Guzzle)
  • Populate the data back into the Prediction.io database
  • Picking a random movie from the list (and outputting it to a page)
  • Get movies the engine predicts as recommendations

The recommendations are based on ratings on other movies in the database with most of that logic happening behind the scenes instead of in the PHP script. The results are then output to the page along with the other movie data.

tagged: movie recommendation predictionio server tutorial api implementation

Link: http://www.sitepoint.com/create-movie-recommendation-app-prediction-io-implementation/

PHP Town Hall:
Episode 30: Specs, Implementations, and New Engines OH MY!
Aug 26, 2014 @ 15:23:59

The PHP Town Hall podcast has posted their latest episode today with hosts Phil Sturgeon and Ben Edmunds with a few special guests: "Specs, Implementations, and New Engines OH MY!"

This week Ben and Phil are joined by core PHP developer extraordinaires Andrea Faulds and Levi Morrison. We discuss the new PHP engine spec, various RFCs, and all things internals. Also PHP 6 is officially dead, let’s have a moment of silence.

You can check out this latest episode either through the in-page audio player, by downloading over on YouTube.

tagged: phptownhall ep30 specs implementation engine podcast

Link: http://phptownhall.com/blog/2014/08/25/episode-30-specs-implementations-and-new-engines-oh-my/

SitePoint PHP Blog:
Best Practices REST API from Scratch – Implementation
Jul 24, 2014 @ 13:11:22

PHPMaster.com has posted the second part of their best practices in REST APIs series with this new post focusing more on the implementation part of things.

We ended the first part of this tutorial with all the basic layers of our API in place. We have our server setup, authentication system, JSON input/output, error management and a couple of dummy routes. But, most importantly, we wrote the README file that defines resources and actions. Now it’s time to deal with these resources.

They move on and add more functionality for creating (POST) and updating (PUT/PATCH) contacts in the system. They also show how to list contacts and add in some search handling allowing for sorting and returning only certain data. There's also some code for pagination handling, locating a single contact record, basic caching and simple rate limiting.

tagged: rest bestpractices api tutorial implementation contacts

Link: http://www.sitepoint.com/best-practices-rest-api-scratch-implementation/

SitePoint PHP Blog:
IronMQ and Laravel: Implementation
May 29, 2014 @ 12:11:07

The SitePoint PHP blog has posted the latest tutorial in their "IronMQ and Laravel" series (part two of two) showing you the actual implementation of the queue handling, building on the configuration and structure from the previous post.

Welcome back to the IronMQ and Laravel series – this is the second and final part in which we finalize our background-job enabled web app. [...] We will make a jobs table which has job_id, and the status of the job. When you put a job on the queue, the job status will be queued and when we receive the job, we set the status to running. Accordingly, after finishing it we will mark it finished.

They start out by creating the "jobs" table in MySQL (via a migration) and follow it with the matching model. A basic template is also included for viewing the current job information and populating its data. Finally, a "run" method is created in the controller to actually execute a job. Using this, they set up the image resize functionality, creating the "photo" table, model and template to output the results of the image manipulation. They've also included a simple version of the editing of the image, allowing the user to resize based on the inputted height and width.

tagged: orinmq laravel tutorial part2 implementation

Link: http://www.sitepoint.com/ironmq-laravel-implementation/