Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Andrew Carter:
PSR-7 Objects Are Not Immutable
May 24, 2016 @ 10:28:05

Andrew Carter has written up a new post about PSR-7 objects (the PHP-FIG defined standard for handling requests and responses in PHP applications) and how the objects themselves are immutable.

What’s happening [in the provided example] is that the Zend Expressive framework is rendering the error page to the same object that you wrote your message to. Whilst the actual message object itself is immutable, the body stream that it references is not. Even when this object is cloned or “modified” (to become a new object) it will still use the same stream.

He explains a bit about what this means in a more practical sense and why the PSR-7 standard and why this happens (as defined after much discussion). Then he gets into a more recent debate happening in the PHP-FIG about PSR-7 middleware and the proposal for a standard structure in its creation. He points to some of the thoughts from Anthony Ferrara on the topic and an example from Woody Gilk showing an exception handler and how having the stream always appending content is a bad thing in that particular case.

tagged: psr7 object immutability output zendexpressive middleware stream

Link: http://andrewcarteruk.github.io/programming/2016/05/22/psr-7-is-not-immutable.html

Anthony Ferrara:
All About Middleware
May 23, 2016 @ 11:06:10

Anthony Ferrara has written up a post for his site sharing more information about middleware and the PSR-7 proposal that's being discussed to help standardize interfaces with this popular form of application processing.

Last week, a proposal to standardize middleware for PSR-7 was introduced to the PHP-FIG. The general concept of middleware is not a new one, and has been in use in the PHP world for many years. Several people have raised significant concerns with the proposal, which have gone completely unheeded by the author. Let me go through the most major of these concerns, as well as show what a better proposal might look like.

He starts off with a brief look at the current proposal - the interface it defines and an example of a real world usage of it to check some attributes on the request/response. He gives a few more examples before getting into what he sees as the fundamental problem with the interface: that it passes in a response instance rather than creating its own ("what does $response mean inside the middleware?"). He's mostly talking about context and not knowing from one middleware to the next what kind of changes may have been made to the response. He also includes some of the arguments on the "for" side of including the parameter and an interesting list of middleware that does this modification prior to the next() call, making it difficult to determine the actual state.

He ends the post with a few other issue he has with the proposal including the use of the __invoke method name, a restriction on typing and the next method being callable. He makes a few suggestions of modifications to the proposal that he thinks could help make it better, correcting these issues.

tagged: middleware psr7 proposal opinion example problem

Link: http://blog.ircmaxell.com/2016/05/all-about-middleware.html

That Podcast:
Episode 31: Middlewares!
May 20, 2016 @ 10:20:45

In the latest episode of That Podcast, hosts and PHP community members Dave Marshall and Beau Simensen talk about middleware and topics from some previous episodes.

Beau and Dave recap Episode 20 from last year, discussing the PHP FIG PSR-7 middlewares proposal.

Other topics mentioned in this episode include:

You can listen to this latest episode either through the in-page audio player or by downloading the mp3 directly.

tagged: thatpodcast ep31 middleware beausimensen davemarshall

Link: https://thatpodcast.io/episodes/episode-31-middlewares

Rob Allen:
Filtering the PSR-7 body in middleware
May 16, 2016 @ 09:25:30

Rob Allen has a post to his site showing how you can filter the body content of your response in a PSR-7 compatible system via some simple middleware.

Sometimes, there's a requirement to alter the data in the Response's body after it has been created by your controller action. For example, we may want to ensure that our brand name is consistently capitalised. One way to do this is to create middleware that [uses str_ireplace to replace a string]. That's great, but what happens if the new string is shorter than the old one? For instance, suppose I want to replace all uses of "nineteen feet" with "19FT".

In his example, replacing that part of the content would result in an odd string because of how they'd be replaced in the stream. He shows how to use the in-memory handling of PHP's fopen to create a new content instance to push back into the response and back out to the waiting application.

tagged: psr7 middleware filter content strireplace stream fopen tutorial

Link: https://akrabat.com/filtering-the-psr-7-body-in-middleware/

Zend Framework Bites:
Episode 1 (Zend Expressive & Middleware)
Mar 30, 2016 @ 11:51:40

There's a new podcast to add to the mix that's posted its first episode: Zend Framework Bites from Matthew Setter of the Free The Geek podcast.

Quick bites of Zend Framework. Find out what's going on, what's new, and how to use it, in less time than it takes to drink a coffee. [...] Today let’s look at the latest iteration of Zend Framework - Zend Expressive. Specifically, I'm talking about one of the core concepts - middleware.

You can listen to this quick bite of quality Zend Framework content using the in-page audio player or you can subscribe a few different ways including iTunes and RSS.

tagged: zendframeworkbites ep1 zendexpressive middleware briefsfm

Link: https://www.briefs.fm/zend-framework-bites/2

Inviqa Blog:
An Introduction to PSR-7 in Symfony
Mar 18, 2016 @ 09:58:44

The Inviqa blog has posted a tutorial that gets in to the details of using PSR-7 compatible functionality in Symfony through the introduction of middleware into your application.

The PSR-7 standard, which describes common HTTP message interfaces, is a big step towards interoperability across different PHP libraries. The standard was introduced not long ago, but you can already use libraries compatible with this recommendation within your Symfony-based application.

[...] A step toward more homogeneity was achieved when the PHP Framework Interop Group accepted PSR-7 in May 2015. This recommendation describes common HTTP message interfaces. The biggest benefit the PHP community gets from the standard is a potential for interoperability across different PHP libraries. You can already use libraries compatible with this recommendation within your Symfony-based application thanks to the Symfony PSR-7 Http Message Bridge.

The tutorial then shows how to use this message bridge to convert the current Symfony HTTP request and response instances over to follow the PSR-7 structure (essentially a wrapper around it). They then show how to use this functionality in a simple Symfony controller, taking advantage of an event listener to automatically convert the request based on type hinting in the controller method. Finally they talk about middleware, what they are and how they fit into the flow of a web request/response structure.

tagged: psr7 symfony introduction middleware bridge request response controller

Link: http://inviqa.com/blog/2016/3/3/an-introduction-to-psr-7-in-symfony

Matthew Weier O'Phinney:
Expressive 1.0 in the Wild!
Jan 29, 2016 @ 09:33:08

In a new post to his site Matthew Weier O'Phinney has announced the release of Expressive v1.0 from Zend. The Expressive framework is PSR-7 based with a heavy emphasis on middleware and the reuse of other components to make a basic framework structure.

A few hours ago, we pushed Expressive 1.0.

This is a huge milestone for the ZF3 initiative; I've even called it the cornerstone. It signals a huge shift in direction for the project, returning to its roots as a component library. Expressive itself, however, also signals the future of PHP applications we envision: composed of layered, single-purpose PSR-7 middleware.

He also links to this post on the Zend Framework blog with more information about the release including what's new in 1.0.0 (hint: not much) and what you can look forward to in the future from the framework. He mentions some of the other PSR-7 frameworks out in the PHP ecosystem right now and some of the reasoning behind the project being created in the first place. He also talks some about how it was started and some of the feedback/contributions they've received since then.

tagged: expressive zend release stable framework psr7 middleware component

Link: https://mwop.net/blog/2016-01-28-expressive-stable.html

Abdul Malik Ikhsan:
Using Routed Middleware class as Controller with multi actions in Expressive
Jan 06, 2016 @ 11:54:38

In this post to his site Abdul Malik Ikhsan shows you how to use a middleware class that does some extra routing as a "controller" in your Zend Expressive application.

If you are familiar with frameworks with provide controller with multi actions functionality, like in Zend Framework 1 and 2, you may want to apply it when you use ZendExpressive microframework as well. Usually, we need to define 1 routed middleware, 1 __invoke() with 3 parameters ( request, response, next ). [...] What if we want to use only one middleware class which facilitate [multiple] pages?

He shows how to take a sample route configuration for an "album" endpoint and handle it via an AbstractPage class that performs a bit of reflection on the request to route things the right way. Then the "controller" is created by extending this abstract class and functions are defined for each action, complete with access to the request, response and next middleware objects.

tagged: zend zendexpressive routing middleware controller reflection actions tutorial

Link: https://samsonasik.wordpress.com/2016/01/03/using-routed-middleware-class-as-controller-with-multi-actions-in-expressive/

Matt Stauffer:
Middleware groups in Laravel 5.2
Dec 23, 2015 @ 09:28:31

In the next part of his series spotlighting features in the most recent release of the Laravel framework (5.2), Matt Stauffer continues with a look at middleware groups.

When you are creating a site of any significant size in Laravel, your routes file will often get pretty large. One of the first things I do in a new site is group my routes by logically distinct sections like "admin", "auth", "public". Usually each of these groups get their own set of middleware—admin, for example, gets auth. Maybe the API group gets a different auth middleware, and it might get an API-specific rate limiter or something else.

Laravel 5.2 has introduced something called middleware groups, which are essentially a shortcut to applying a larger group of middleware, using a single key.

He takes his example above and makes an "admin" middleware group that lets you combine individual middlewares into a single callable set. He shows how to update your HttpKernel.php file with the new "auth" group and nest the "web" and "auth" middleware inside. He talks briefly about how this handling has changed from 5.1, pointing out that things without the "web" middleware will not have access to cookies/sessions/CSRF handling. He then includes an example showing how to use this "admin" grouping in your routes, either directly on a route or through a route grouping.

tagged: laravel route middleware group tutorial

Link: https://mattstauffer.co/blog/middleware-groups-in-laravel-5-2

Matt Stauffer:
API rate limiting in Laravel 5.2
Dec 21, 2015 @ 09:34:33

Matt Stauffer continues his series looking at the improvements in Laravel 5.2 with this new post talking about the included rate limiting functionality.

More and more of my work in Laravel lately has been creating APIs. I have a manual rate limiter class I've been using, but I've had a sense that there's a cleaner way to do it. Unsurprisingly, when Taylor set out to write a rate limiter middleware for Laravel, he did it cleaner and better than I had.

Matt briefly introduces the concept of rate limiting and how some optional headers (in the X- family) can be used to let the end user/script know when their requests will be rate limited: X-RateLimit-Limit, X-RateLimit-Remaining and Retry-After. He then gets into the example of it in use, showing how to simply add the middleware to the routing and the results in the HTTP response. He ends the post with a bit on customizing the middleware, updating both the times per minute setting and a "block" time limit for when to completely block out the user.

tagged: rate limit laravel v52 api middleware tutorial example

Link: https://mattstauffer.co/blog/api-rate-limiting-in-laravel-5-2