Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Laravel Excel - Lessons Learned
Mar 20, 2018 @ 10:49:33

On the Maatwebsite Medium.com site they've posted a retrospective of their last several years of work on the Laravel Excel Open Source package.

Laravel Excel (https://github.com/Maatwebsite/Laravel-Excel) turned 4 years last November and has reached almost 6 million Packagist downloads. A good time to reflect on 4,5 years of open source development.

The article starts with a bit of history behind the initial development of the package as a simple wrapper around PHPExcel. It covers some of the initial syntax of the tool and features included from the start. The project moved on to v1.x with a complete rewrite and then into v2.x with support for the Laravel v5.x framework releases. It then talks about their "support conundrum" as they reached 1 (then, later, 6) million package downloads. They cover some of the usual project support issues, a reduction in their work on the package and how they worked to "fix it for everyone".

The post also talks about their "open source rehab" and how it changed their view from its recent "because 1 million people use it" back to making a difference in developers' lives. It finishes up talking about some of the "lessons learned" in how it worked with Laravel, a retrospective on its current state and a look forward at Laravel Excel v3.0.

tagged: laravel laravelexcel package opensource lesson learn motivation

Link: https://medium.com/@maatwebsite/laravel-excel-lessons-learned-7fee2812551

Yappa Blog:
(En)queue Symfony console commands
Mar 15, 2018 @ 12:13:06

The Yappa.be blog has a tutorial posted sharing the method they used to implement queued and scheduled execution of Symfony commands. This is made possible by the Enqueue package.

At Yappa, we have always used Johannes' JMSJobQueueBundle to run and schedule Symfony console commands for background jobs.

However, we've stumbled upon a much more elegant solution called Enqueue. [...] It's packed with features, supports major brokers such as RabbitMQ, Kafka, Amazon SQS, Google PubSub, Redis etc. and has a bundle ready to be used with Symfony.

[...] One downside is that the Enqueue Symfony bundle doesn't provide an out of the box solution to queue Symfony console commands and there's no 100% straight forward way to implement this. In this post I'll cover the basics in setting up the Enqueue Symfony bundle so we can easily queue Symfony console commands!

The tutorial then walks you through the installation of the Symfony bundle, adding it to the list of installed bundles and configuring it with basic parameters and queue connection details. Next they've included the code to create the processor used when a command is pushed to the queue. To handle the other side (execution of the command when the queue is handled) they create a "QueuedCommand" value object and a command handler class. With this structure in place they show the addition of test commands to the queue and the result when the queue is consumed.

tagged: symfony console command queue package handler tutorial

Link: http://tech.yappa.be/enqueue-symfony-console-commands

Sebastian De Deyne:
Server side rendering JavaScript from PHP
Mar 13, 2018 @ 10:21:24

Sebastian De Deyne has a tutorial posted to his site showing you how to use two packages to render Javascript on the server side via PHP.

Server side rendering is a hot topic when it comes to client side applications. Unfortunately, it's not an easy thing to do, especially if you're not building things in a Node.js environment.

I published two libraries to enable server side rendering JavaScript from PHP: spatie/server-side-rendering and spatie/laravel-server-side-rendering for Laravel apps.

Let's review some server side rendering concepts, benefits and tradeoffs, and build a server renderer in PHP from first principles.

The tutorial starts with a look at what "server-side rendering" means in this case, how it works with the browser and some of the benefits. It then talks about the rendering process and some of the tradeoffs between it and just using Javascript on the frontend. From there the post gets to the examples of the actual rendering process. If creates a simple Vue.js application that outputs a "Hello, world!" template. It then includes the code to use the packages (that, in turn, use the V8JS package) to render the Javascript and output the result.

tagged: serverside render javascript tutorial package spatie v8js

Link: https://sebastiandedeyne.com/posts/2018/server-side-rendering-javascript-from-php

Using Canaries for Input Detection and Response
Feb 28, 2018 @ 11:27:51

The Websec.io site has posted a new tutorial today showing how to use "canary" values and the psecio/canary PHP package to detect and respond to potentially malicious input.

I'm sure you've heard the common phrase "a canary in a coal mine" when people talk about safety and detection of issues. When miners used to go down to work, there was a danger of trapped gasses being released as they were digging. Some of these gasses were hard for humans to detect and, if enough was breathed in, could lead to illness or even death. In order to help the miners detect and avoid these kinds of issues, they would take a canary (the bird) down into the mine with them.

[...] The idea of a "canary" value in the security world is pretty similar. A "canary" value is one that - real or faked - is somehow exposed outside of your own system. If this value is used you need to be notified immediately so you can take action and gather more information about the usage and any other associated issues.

The tutorial then introduces the psecio/canary package and shows some of its basic use detecting input and setting up notifications. It also covers some of the package's integrations for notifications with services like Slack, PagerDuty and custom Monolog handling. It also provides an example of it in a more "real world" situation of a Slim framework middleware that detects incoming GET parameters.

tagged: canary detect respond value tutorial package pseciocanary

Link: https://websec.io/2018/02/28/Canary-Input-Detect-Response.html

Cees-Jan Kiewiet:
ReactPHP with RecoilPHP: Creating for/http-middleware-psr15-adapter
Feb 09, 2018 @ 11:21:13

Cees-Jan Kiewiet is back with the latest tutorial in his series covering ReactPHP and RecoilPHP. In the previous parts he introduced some of the basic concepts and set up the first bits of code combining ReactPHP and RecoilPHP. In this latest tutorial (part three) he shows how to integrate this with a PSR-15 compliant middleware to evaluate response time.

There are more uses for coroutines than just making working with promises easier. In this post we're diving into the details on how they are used by the Friends of ReactPHP in the PSR-15 Middleware adapter for react/http.

When we started discussing how middleware for react/http should work we also look at the state of PSR-15 at the time. We decided against implementing it directly because of the fully blocking nature of PSR-15, in favour of callable. Which turned into an even better decision when return type hints where added to it to PSR-15. Now I love PSR-15, and middleware in general, which is why I created for/http-middleware-psr15-adapter to bridge the gap.

He starts with the code required to create a normal PSR-15 middleware and recreating the same functionality in a ReactPHP middleware. The article then shows how to use the package he developed to transform the middleware "on the fly" to enable it to be used both as a normal PSR-15 middleware and as a ReactPHP middleware. He ends the post with a word of caution and a bit of advice about using this method of rewriting - basically that just because you can doesn't mean you should.

tagged: reactphp recoil psr15 middleware translate onthefly package tutorial part3 series

Link: https://blog.wyrihaximus.net/2018/02/reactphp-with-recoilphp-party-three-http-middleware-psr-15-adapter/

Matin Hujer:
Consistence brings consistency to the PHP
Feb 06, 2018 @ 10:50:05

On his site today Matin Hujer has posted a tutorial covering the use of the Consistence library, a package that is designed to provide a consistent interface to PHP's functionality.

There is no argument, that PHP can sometimes be a bit inconsistent about naming stuff and maintaining order of parameters for related functions. Also, in some cases it is not strict and allows you to use the language and the functions in a wrong way. Sometimes you get false as a return value where an exception would be appropriate.

[...] Consistence provides opinionated strict wrappers with better error handling and consistent naming and consistent parameters order.

The remainder of the post goes through some of the functionality the package provides including:

  • Enums for better type safety
  • [Using] ObjectPrototype to disable magic methods
  • Consistent array manipulation functions
  • [Working with] Regular expressions

As a related piece he's also created PHPStan static analysis rules for the library to ensure it's being used correctly.

tagged: language consistency package library tutorial

Link: https://blog.martinhujer.cz/consistence-brings-consistency-to-the-php/

Laravel News:
Beautiful PHP CLI Menus for Laravel Artisan Commands
Feb 05, 2018 @ 10:33:53

On the Laravel News site today there's a post that highlights a package that makes it easier to create beautiful CLI menus for artisan commands in the Laravel framework.

Nuno Maduro, author of Laravel Zero and Collision (which nunomaduro/laravel-console-menu.

The post includes an example of code that can create the menu and its options. It also shows how you can change the look of the default menu, changing colors, the "selected" marker, padding and width. The package makes use of the php-school/cli-menu package for a lot of the base menu rendering and functionality.

tagged: tutorial menu cli artisan command laravel package

Link: https://laravel-news.com/beautiful-php-cli-menus-laravel-artisan-commands

Barry van Veen:
Package development: run a package from a local directory
Jan 31, 2018 @ 09:22:03

Barry van Veen has a quick post on his site showing the Composer users out there how they can use a package from a local directory without having to go through the hassle of pushing it and adding it to Packagist.

Suppose you run a website and want to split part of it into a package with its own repository. You start a new repository and check it out on your development machine. But now you want to see how the website and your new package integrate. How to go about this?

This article explains how you can require a package from a local path into your project with Composer. This way you can run a local copy of a repository and test any changes you make. Because the local repo will be symlinked changes are shared in real-time, there is no need for intermediate committing and updating.

He shows how to update your composer.json configuration's repositories section to add an entry with a "type" value of "path". This then points to the location on the filesystem where the package resides. Then it's just a matter of requiring the dev-develop branch and the code will be treated just like any other package. He also includes a section showing how to handle things when symlinking fails, a problem that usually happens on Windows for VM users. Usually it's related to a permissions error for whatever user is running the VM.

tagged: package local path composer configuration symlink repository devdevelop

Link: https://barryvanveen.nl/blog/44-package-development-run-a-package-from-a-local-directory

Colin O'Dell:
Optimizing colinodell/json5 with Blackfire
Jan 15, 2018 @ 09:50:37

In a post to his site Colin O'Dell shows how he used the Blackfire.io service to optimize the colinodell/json5 package he created to parse JSON5 in PHP. Blackfire.io is a performance profiling service (from the folks behind Symfony) that shows where the pain points are in your code. They also have a "developer" plan that you can use to try out the service.

Back in November, I released colinodell/json5 - a JSON5 parser for PHP. It's essentially a drop-in replacement for PHP's json_decode() function, but it allows things like comments, trailing commas, and more.

Fast forward to this weekend when I received [a] bug report from a user named Antonio [about slowness in parsing large JSON documents]. Yikes! I always knew that a PHP-based implementation would be slower than PHP's native C implementation, but execution time measured in minutes was completely unacceptable!

So I fired up Blackfire (which I've previously used to optimize league/commonmark) and got to work.

He starts off by getting a baseline to work from, executing the parsing on a custom document he created (not quite as large as in the bug report but still large). After locating a few issues he then started in on the optimizations. The first was an issue with the use of mb_substr, the second was around the remainder of the document to parse and the last an optimization for a regular expression. The post ends with a few other micro-optimizations he also made to the package and a check to use json_decode for faster parsing and only kick in the JSON5 parsing when needed.

tagged: optimize json json5 package blackfireio performance

Link: https://www.colinodell.com/blog/201801/optimizing-colinodelljson5-blackfire

Brandon Savage:
What version of PHP should my package support?
Jan 10, 2018 @ 10:09:46

In a post to his site Brandon Savage shares some of his thoughts about PHP package development and suggests how to figure out what versions of the PHP language it should support.

Everybody likes “the new hotness.” [...] Perhaps, then, it shouldn’t be so surprising that people get tremendously excited when a new version of PHP comes out. People look forward to the new features, whether they be the trailing commas in list() syntax or counting of non-countable objects.

[...] A new version of PHP can pose challenges to open source package maintainers. There are questions, like what is the minimum version we will support and how soon can we take advantage of the new features we’ve been waiting on? I want to offer up some thoughts, both as a package maintainer and a user of many open source packages.

He goes on to suggest that package authors should support down to the last currently supported version of the language (v5.6 at the time of this post). This allows users of the package that may be restricted and don't have the "new hotness" to keep using the package. He points out that this doesn't mean that you shouldn't use new features, just that older versions should be supported along with the newer ones for those depending on the package. He makes three suggestions as to how he thinks package maintainers should approach the issue:

  • maintainers should feel comfortable in bumping up the requirement to the latest (in a major release)
  • maintainers should also ensure that the support is still there for older versions that can't use the newer features
  • maintainers should bump up this minimum version when it falls out of active support
Supporting old versions of a language isn’t fun and isn’t glamorous. But it’s important. It’s important because there’a segment of the population who can’t upgrade yet. It’s important to make components accessible to a larger, broader audience who is struggling to find best practices and use modern packages. And it’s important for those users who are tied to a legacy version, and are struggling to get upgraded. But it’s the right thing to do for the community.
tagged: package version language support opinion maintainer old new

Link: https://www.brandonsavage.net/version-php-package-support/