Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

TutsPlus.com:
Internationalizing WordPress Projects: The Introduction
Jun 28, 2016 @ 10:38:01

The TutsPlus.com site has kicked off a new set of posts today with he first part of their series covering internationalization in WordPress applications.

A few years ago, I wrote about the process of internationalizing WordPress-based projects. Though I think there are some times when tutorials don't necessarily need updating, refreshing, or revisiting, there are other times in which we can all benefit from revisiting the topic.

After all, software changes from year to year, and we also gain experience as we continue to work with a given piece of software. WordPress is no different.

They'll be covering what internationalization is, how it works within WordPress, the difference between internationalization and localization and more. In this first part of the series, though, they briefly cover some of the functions and functionality you might see as a part of WordPress already to make internationalization possible.

tagged: internationalization wordpress tutorial series part1 introduction

Link: http://code.tutsplus.com/tutorials/internationalizing-wordpress-projects-the-introduction--cms-26636

NetTuts.com:
Kick-Start WordPress Development With Twig: Introduction
Apr 12, 2016 @ 09:14:01

On the NetTuts.com site they've posted the first part of a new series showing you how to combine WordPress and Twig to "kick-start" your development with this popular content management system.

A lot has been written about the future of WordPress, and many believe that it lacks a templating language, especially when platforms like Django, Ruby on Rails, Node.js, Laravel, and even Drupal possess one. Facts like "WordPress powers nearly 25% of the web" make it difficult to question its current PHP-based templating system. But as the modularity in code is still missing, one can ask when the core will have a templating engine.

The good news is right here! The Twig templating engine along with a plugin called Timber can help us write super-clean and modular code in WordPress.

They start with a brief introduction to Twig and a bit of history of where it came from. They also give some reasons of why you might want to use this popular templating engine (besides its popularity, of course). The tutorial then starts in talking about Timber and how it integrates with both WordPress and Twig to render the Twig templates. This first article is more of an introduction to this integration and doesn't contain much in the way of code examples. That will be coming soon in the following parts of the series, though.

tagged: wordpress twig integration tutorial series part1 timber

Link: http://code.tutsplus.com/articles/kick-start-wordpress-development-with-twig-introduction--cms-24781

SitePoint PHP Blog:
PredictionIO: Bootstrapping a Movie Recommendation App
Apr 05, 2016 @ 11:22:11

On the SitePoint PHP blog they've posted a tutorial showing you how to use the Prediction.IO server to create a movie recommendation application. Prediction.io is "an open source Machine Learning Server built on top of state-of-the-art open source stack for developers and data scientists create predictive engines for any machine learning task".

In this tutorial, I’m going to walk you through PredictionIO, an open-source machine learning server, which allows you to create applications that could do the following: recommend items (e.g. movies, products, food), predict user behavior, identify item similarity and rank items.

You can pretty much build any machine learning application with ease using PredictionIO. You don’t have to deal with numbers and algorithms and you can just concentrate on building the app itself.

The tutorial, the first part of a series, refreshes some older instructions for getting the Prediction.IO system up and running. He walks you through the creation of an AWS instance for the server a few different ways (Vagrant, Docker, etc). He then talks about the use of the Movie API from MovieDB and the two parts of the application that will be implemented on top of it: a learning phase and a recommendation phase. They show how to use Prediction.io to create the recommendation engine and make the new application on top of it. He helps you install some dependencies to use in the PHP side of the application and briefly explains what they're for.

This wraps up part one of the series. In the second part he starts putting this all to use and creates the PHP functionality to lay on top of the machine learning engine and handle learning and recommendations for users.

tagged: predictionio machinelearning server tutorial movie recommendation application part1 series

Link: http://www.sitepoint.com/predictionio-bootstrapping-a-movie-recommendation-app/

eZ Blog:
How to optimize performance of the LAMP stack with eZ (Part 1)
Mar 03, 2016 @ 11:43:51

On the eZ blog there's a new post, the first part of a series, showing how to optimize the performance of your LAMP stack with the help of some tuning on the server and software levels.

Nowadays, a website is not only a simple HTML page. Your visitors expect dynamic, personalized information fast and you need a scalable way to deliver content as quickly as possible. This, of course, puts significant pressure on page loads and response time. In this series of posts, we’ll explore eZ’s system architecture and provide recommendations on how you can optimize caching and decrease response time with eZ software.

They then talk about the various pieces of software that make up a typical environment and some tips on optimizing them:

  • Varnish
  • Apache
  • MySQL and MariaDB

Each includes the configuration changes and setup that's helped eZ get the most out of their stack and links to other tools to help you evaluate the performance differences.

tagged: optimize performance lamp stack series part1 varnish apache mysql mariadb

Link: http://ez.no/Blog/How-to-optimize-performance-of-the-LAMP-stack-with-eZ-Part-1

Nginx.com:
Maximizing PHP 7 Performance with NGINX, Part I: Web Serving and Caching
Feb 29, 2016 @ 13:55:10

On the Nginx.com site they've posted the first part of a series showing you how to maximize your performance with PHP 7 and this already speedy web server.

PHP is the most popular way to create a server-side Web application, with roughly 80% market share. (ASP.net is a distant second, and Java an even more distant third.) [...] Now the PHP team is releasing a new version, PHP 7 – more than a decade after the introduction of PHP 5. During this time, usage of the web and the demands on websites have both increased exponentially.

[...] This blog post is the first in a two-part series about maximizing the performance of your websites that use PHP 7. Here we focus on upgrading to PHP 7, implementing open source NGINX or NGINX Plus as your web server software, rewriting URLs (necessary for requests to be handled properly), caching static files, and caching dynamic files (also called application caching or microcaching).

They start by looking at why "PHP hits a wall" in its execution in high load situations, stepping through the process it follows to handle each request. They also share some of the common ways PHP developers have combatted these issues including more hardware, better server software and multi-server setups. They then get into the actual tips themselves:

  • Tip 1. Upgrade to PHP 7
  • Tip 2. Choose Open Source NGINX or NGINX Plus
  • Tip 3. Convert Apache Configuration to NGINX Syntax
  • Tip 4. Implement Static File Caching
  • Tip 5. Implement Microcaching

For each tip there's a summary with more information on why they make the suggestion and, for some, how to make the transition happen. In the next part of the series they'll get into reverse proxy servers and a multi-server Nginx implementation to boost performance even more.

tagged: performance php7 nginx series part1 maximize tutorial static cache apache conversion

Link: https://www.nginx.com/blog/maximizing-php-7-performance-with-nginx-part-i-web-serving-and-caching/

TutsPlus.com:
Fortifying Security in WordPress, Part 1
Jan 25, 2016 @ 11:19:15

The TutsPlus.com site has posted the first part of a series wanting to help you secure your WordPress installation even more effectively. In part one of the series they cover some of the basics of securing the installation itself and the environment it lives in.

Do you think WordPress is secure? It's OK if you don't, because many people think WordPress is an insecure content management system, yet it's very far from the truth... at least today. [...] I'm sorry if you think the other way, but it doesn't. Frequent patches don't necessarily mean that a piece of software is poorly coded against security threats.

[...] The important thing here is to be responsive and preemptive, and that's something that WordPress excels at. [...] Yet, nothing is a hundred percent secure. We're living in times in which scientists are about to crack the code in our brains! Nothing is impenetrable, including our brains apparently, and WordPress is no exception. But the impossibility of 100% security doesn't mean we shouldn't go for 99.999%.

The remainder of the post is broken down into two different tips with the code/configuration changes and descriptions for what you need to update:

  • Securing the .htaccess File
  • Security Tricks for the wp-config.php File and Its Contents

The second item on that list also gets into some of the constant definitions and some advice on generating good "salt keys" for the configuration.

tagged: tutorial wordpress security series part1 htaccess configuration

Link: http://code.tutsplus.com/tutorials/fortifying-security-in-wordpress-part-1--cms-25403

Ibuildings Blog:
Programming Guidelines - Part 1: Reducing Complexity
Jan 21, 2016 @ 11:53:08

On the Ibuildings blog Matthias Noback has kicked off a series that wants to help PHP developers reduce the complexity of their applications. In part one he shares some general tips along with code snippets illustrating the change.

PHP is pretty much a freestyle programming language. It's dynamic and quite forgiving towards the programmer. As a PHP developer you therefore need a lot of discipline to get your code right. Over the years I've read many programming books and discussed code style with many fellow developers. I can't remember which rules come from which book or person, but this article (and the following ones) reflect what I see as some of the most helpful rules for delivering better code: code that is future-proof, because it can be read and understood quite well. Fellow developers can reason about it with certainty, quickly spot problems, and easily use it in other parts of a code base.

The rest of the article is broken up into several changes you can make to reduce complex code including:

  • Reduce the number of branches in a function body
  • Create small logical units
  • Using single (variable) types
  • Making expressions more readable

He ends this first post in the series with a mention of a few other books to read up on around the subject of "clean" and less complex code.

tagged: reduce complexity programming guideline series part1

Link: https://www.ibuildings.nl/blog/2016/01/programming-guidelines-php-developers-part-1-reducing-complexity

Matt Stauffer:
Form array validation in Laravel 5.2
Dec 17, 2015 @ 11:23:35

Matt Stauffer has kicked off a new series on his blog about some of the new features in Laravel 5.2 and how to use them effectively. In this first part of the series he looks at form array validation and using it on more complex form submissions.

Form array validation simplifies the process of validating the somewhat abnormal shape of data HTML forms pass in when the array syntax is used. If you're not familiar with it, a common use case is when you allow a user to add multiple instances of the same type on one form.

[...] But how do we validate this? Prior to 5.2, it's a bunch of manual work. Now, Laravel understands this nesting structure and can validate against it uniquely.

He compares the new validation handling with a standard validator (for a single text string) and shows how a "dot" (period) notation can be used to define the more complex rules. You can even use asterisks for wildcard making at any level. Definitely a nice addition to the validation handling in the framework.

tagged: form validation array laravel5.2 version wildcard complex tutorial series part1

Link: https://mattstauffer.co/blog/form-array-validation-in-laravel-5-2

PHPClasses.org:
How to Create a PHP C Extension to Manipulate Arrays Part 1: Basic Array Class Exten
Aug 11, 2015 @ 10:27:24

Dmitry Mamontov has posted a the first part of a series looking at manipulating arrays in the PHP source and enhancing performance for certain handing as a PHP extension.

In PHP projects, arrays are used every where because they are useful and flexible to store all sorts of data structures. However, when you need to maximize the performance the manipulation of arrays for specific purposes, you can achieve great gains if you implement a PHP extension written in the C language. Read this tutorial to learn how to build your own basic array manipulation extension in C.

He covers all the steps you'll need to get start building the extension, introduces a few key concepts and starts on the code for the extension:

  • Building PHP from the Source
  • Building a PHP Extension (overview)
  • Brief Introduction to zval and Functions
  • Defining a Class in Our Extension
  • D for Dynamic (working with dynamic array values)

The C code needed is included through out the post. The next part in the series will build on this and show how to implement interfaces like ArrayAccess and Traversable.

tagged: extension array manipulate part1 series introduction source

Link: http://www.phpclasses.org/blog/post/304-How-to-Create-a-PHP-C-Extension-to-Manipulate-Arrays--Part-1-Basic-Array-Class-Extension.html

Check Point Blog:
Finding Vulnerabilities in Core WordPress: A Bug Hunter’s Trilogy, Part I
Aug 06, 2015 @ 11:44:14

The Check Point blog has posted the first part of a series from one of their vulnerability researchers about finding security vulnerabilities in the core WordPress code (and some of the results along with CVE numbers).

In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only ‘Subscriber’ user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS attacks on 20% of the popular web.

In this first part he focuses on the concept of "identity" in a WordPress application. He focused on the "roles and capabilities" functionality to find bypass methods in operations like editing and adding new posts. As he works through his process, code is included from the WordPress core showing where the issue(s) lie and what would be needed to exploit the issue.

tagged: bug hunt wordpress vulnerability core code part1 series checkpoint

Link: http://blog.checkpoint.com/2015/08/04/wordpress-vulnerabilities-1/