News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ben Ramsey:
Composer Missing Distributions for Explicit References
June 18, 2015 @ 10:14:31

Ben Ramsey has shared an interesting issue he's come across when installing packages via Composer where it installed a different version than expected when he ran an install. The problem turned out to be from an unexpected place.

For applications I control that are not distributed to the public, I like to hard-lock my Composer dependencies to a specific version. [...] Sometimes a library has updates that haven't yet been released, and I need to use these right away. Composer allows me to specify the specific commit I want to use for a library. In this way, I can hard-lock a dependency to a specific state, even when there is not yet a release for the changes I need. This has worked well until today, when I tried to do a fresh composer install. After installing, one library contained files and methods that I did not expect. It turns out Composer was grabbing the HEAD of dev-master instead of the specific commit I referenced.

After some investigation into his "composer.lock" file's contents, he found the issue: a problem with the way that BitBucket handles the distribution zip files Composer requests. In his example, the zip file was of the HEAD on the repository, not of the specific commit (GitHub doesn't have this problem). His solution was using the (slower) "--prefer-source" option to grab the correct commit contents...not an ideal solution but it does what he needs.

0 comments voice your opinion now!
composer missing distribution zip file explicit reference bitbucket

Link: http://benramsey.com/blog/2015/06/composer-missing-distributions/

BitExpert Blog:
Processing CSV files in a memory efficient way
April 23, 2015 @ 10:50:59

In their latest post Florian Horn shares some of his experience in using the PHPExcel tool to parse CSV files and the performance issues he ran into. Fortunately, he found a solution...in the form of another library.

A little while ago I had to dive deeper into the performance optimized usage of PHPExcel. Our users are uploading files like Excel or CSV with a lot data to process. Initially we used the PHPEXcel instance without any tuning of the default configuration which lead to heavy memory issues on relativly small files. So I had to avoid reading all file content at ones to the buffer (like file_get_contents does).

In my research mainly optimizing the usage of PHPExcel I came across a tiny library I am grown really fond of. It is called Goodby/CSV. Both tools have a very well grounded documentation to read in and understand the basics and the usage.

He describes some of the main differences between the two tools and includes some basic benchmark results comparing memory consumption and overall speed.

0 comments voice your opinion now!
phpexcel csv file goodbycsv process performance memory benchmark

Link: https://blog.bitexpert.de/blog/processing-csv-files-in-a-memory-efficient-way/

DZone.com:
Understanding php.ini
April 03, 2015 @ 11:05:55

The Dzone.com site has a recently posted tutorial helping you understand the php.ini, the main configuration file PHP uses to set up its own internal features and settings.

our php.ini file provides a considerable amount of power over the behavior of your PHP application ecosystem. Let's jump into some of the most common declaratives and discuss how they impact your application performance and behavior. I won't go into an explanation of each setting that is available, but I'll cover the fundamental options that you should be aware of. Please keep in mind that changing any of the settings on in your php.ini can and may very well change the behavior of your application, whether positive or unfavorable. Please use caution when adjusting your settings, consult with your team, do your research, understand the implications, and, of course, test, test, and test again before deploying anything into production!

He starts with a brief introduction to what the php.ini file is and how you can use the phpinfo function to find the current settings in HTML form (on the command line it's "php -i"). He then goes through and covers some of the basics from the standpoint of security, memory handling and some general settings.

0 comments voice your opinion now!
understand phpini configuration file introduction

Link: http://php.dzone.com/articles/understanding-phpini

NetTuts.com:
Protecting Your Keys From GitHub
March 05, 2015 @ 12:03:05

On the NetTuts.com site there's a new post talking about protecting your keys when using a public site like GitHub. This relates to an easy thing to forget - removing hard-coded credentials from code before pushing it public.

In December 2014, Slashdot ran an alarming story Bots Scanning GitHub To Steal Amazon EC2 Keys, based on developer and blogger Andrew Hoffman's experience trying out Ruby on Rails on Amazon with AWS S3. He inadvertently committed an application.yml file with his AWS keys. [...] It's an easy mistake and most of us have probably done a similar thing at one point or another. And it's not just AWS keys that are at risk. As our use of cloud-based services increases, the expanding use of a broad variety of service API keys can be leveraged by hackers and spammers alike.

He goes through a solution he's found to help protect those credentials, in this case working with the configuration of a Yii framework-based application. He starts with a mention of .gitignore but points out that it could have unexpected results from "quirks" in its handling. He suggests a different option - using a configuration file that lives someplace outside of the main git directory and can be referenced directly from inside the application. He provides two kinds of examples: one using a PHP-based configuration and another based on an INI file. He finishes the post with a mention about WordPress plugins and the fact that they're (usually) stored in a database and open to exposure if a SQL injection vulnerability is found.

0 comments voice your opinion now!
github protect keys commit public exposure configuration file gitignore

Link: http://code.tutsplus.com/tutorials/protecting-your-keys-from-github--cms-23002

Derick Rethans:
Xdebug 2.3 Moar var_dump()
February 27, 2015 @ 09:58:40

Derick Rethans has a new post to his site starting a series of posts about the new features of Xdebug 2.3. In this new post he talks about an improvement that's been made to the output provided by var_dump with more information than before.

One of the new features relates to one of the first things that I added in the original Xdebug: making the var_dump() output "pretty". Xdebug replaces PHP's standard var_dump() function with its own version, as long as the xdebug.overload_var_dump setting is not set to 0. [...] Xdebug 2.3 enhances the overloading of var_dump() with the inclusion of the file name and line number where var_dump() is called at. This has been a long standing feature request.

He provides a few sample screenshots comparing the old and new output formats and mentions another handy setting, xdebug.file_link_format, that makes the resulting filename a link in a browser and lets you customize the format.

0 comments voice your opinion now!
xdebug vardump overload file path information output improvement release

Link: http://derickrethans.nl/xdebug-2.3-overload-vardump.html

Phil Sturgeon:
Composer It's ALMOST Always About the Lock File
November 05, 2014 @ 11:44:49

In his latest post Phil Sturgeon talks about a point that's been argued on both sides of the Composer users out there - whether or not to commit the "composer.lock" file. Phil talks some about it in his article and suggests that you should commit it for applications but not for components.

If you and your employees are a little vague with your composer.json specifications and you don't have a composer.lock then you can end up on different versions between you. Theoretically, if component developers are using SemVer and you're being careful then you should be fine, but keeping your lock in version control will make sure that the same version is on your dev teams computers. This will happen every time you run $ composer install. If you are on Heroku or EngineYard then this will be used for the deployment of your production components as a built in hook, which is awesome.

He mentions an article from Davey Shafik, this being his reaction to it. He suggests, though, that an absolute of "always commit for components" may be too much and could potentially cause other problems. He points out that since the "composer.lock" handling is local to the directory, you can hit up against version requirement issues between them in your application as a whole. He wonders "how strict is too strict" when defining dependencies and some things to think about (like your users) when making the choice to upgrade the libraries you use.

0 comments voice your opinion now!
composer composerlock file commit version semanticversioning semver component application

Link: https://philsturgeon.uk/blog/2014/11/composer-its-almost-always-about-the-lock-file

Zumba Tech Blog:
Caching CakePHP 2.x routes
October 28, 2014 @ 10:47:02

On the Zumba Tech Blog today there's a new post with some helpful hints around caching routes in CakePHP 2.x to help optimize the requests and response time even further.

At Zumba we are continuously looking for optimization in our applications. These optimizations help to reduce the server loads, consequently reducing the number of servers and saving money. Besides that, it gives a better user experience for the end user by serving content faster and in some cases saving on consumer bandwidth (specially for mobile users). This week we profiled our app using Xdebug profiler and we identified the router was responsible for a big part of the request time. [...] In order to optimize the routing time, we started looking at options to optimize our routing process. After some research and deep checking in our codebase as well as CakePHP's code, we found we could cache the routes easily.

Taking a cue from how FastRoute does their caching, their implementation uses a temporary file with the routes completely resolved and written out for easier handling. Since the routing is relatively static, this method works well and can be much faster than resolving them every time. They talk about some of the work done to optimize their method and some of the issues they came across during the process.

0 comments voice your opinion now!
cakephp framework cache route file resolve

Link: http://tech.zumba.com/2014/10/26/cakephp-caching-routes/

Rob Allen:
Throw an exception when simplexml_load_string fails
September 09, 2014 @ 09:27:13

In a quick post to his site Rob Allen shares a class that he's created to handle and throw an exception any time that the load from a SimpleXML parsing fails.

I keep having to look up how to stop the warning that are emitted when simplexml_load_string & simplexml_load_file fail, so this time I've written the world's simplest little class to take care of it for me from now on.

His "Xml" class wraps around the SimpleXML functionality and checks to see if the resulting object is false. If it is, it uses some internal error handling to fetch the error message result and throws it as a "RuntimeException". This error string comes from a "getXMLErrorString" function that uses the libxml_get_errors function to get the resulting error list.

0 comments voice your opinion now!
simplexml load string file fail exception error handling

Link: http://akrabat.com/php/throw-an-exception-when-simplexml_load_string-fails/

SitePoint PHP Blog:
Diffbot Crawling with Visual Machine Learning
August 01, 2014 @ 11:37:12

On the SitePoint PHP blog Bruno Skvorc has posted a tutorial showing you how to use the Diffbot service to extract data from any page. He introduces both the service itself and walks you through a simple request via Guzzle.

Have you ever wondered how social networks do URL previews so well when you share links? How do they know which images to grab, whom to cite as an author, or which tags to attach to the preview? Is it all crawling with complex regexes over source code? Actually, more often than not, it isn't. [...] If you want to build a URL preview snippet or a news aggregator, there are many automatic crawlers available online, both proprietary and open source, but you seldom find something as niche as visual machine learning. This is exactly what Diffbot is - a "visual learning robot" which renders a URL you request in full and then visually extracts data, helping itself with some metadata from the page source as needed.

He uses a combination of a Laravel installation (via a Homestead instance) and a Guzzle request using a fetched token. The service offers a 10k call limit on a 7 day free trial, so you can sign up and grab your token there. He includes code for an example request fetching a SitePoint page and parsing out the tags. He also briefly looks at the custom handling diffbot allows based on CSS-type rules.

0 comments voice your opinion now!
diffbot parse data service api guzzle homestead tutorial introduction

Link: http://www.sitepoint.com/diffbot-crawling-visual-machine-learning/

Joshua Thijssen:
Internal PHP function usage
July 28, 2014 @ 10:05:39

Curious about the usage of the various "internal" (built-in, not user defined) functions in use is a wide range of PHP applications, Joshua Thijssen did some research on GitHub and has shared the results on his site today.

How many internal PHP functions (things like count(), strpos(), array_merge() etc), does PHP have? Depending on which version you use, and how many extensions you have loaded, somewhere between 1000 and 2000 would be a good guess. But how many of these internal functions are you REALLY using?

He created a custom script to fetch the results of a custom query (one that found repos with over fifty stars), grabbed the source and parsed the results looking for these internal functions. He shares the results of his parsing from 967 repos in the remainder of the post, including: the top ten most called, some interesting facts found in the results and some of the "bad" ones in wide use (like "exec" and "mysql_connect").

0 comments voice your opinion now!
internal function usage statistics github parse query

Link: https://www.adayinthelifeof.nl/2014/07/25/internal-php-function-usage/


Community Events

Don't see your event here?
Let us know!


series list podcast composer laravel opinion configure api part2 interview framework example yii2 project community language symfony php7 introduction application

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework