News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Derick Rethans:
Dead Code
June 18, 2014 @ 10:49:56

In his latest post Derick Rethans talks about something that plagues every project, PHP or otherwise, after its grown to a large enough size: dead code. He's been asked why his Xdebug tool finds this code in places where people don't expect, so he figured he'd answer it once and for all.

The explanation for this is rather simple. Xdebug checks code coverage by adding hooks into certain opcodes. Opcodes are the building blocks of oparrays. PHP converts each element in your script - main body, method, function - to oparrays when it parses them. The PHP engine then executes those oparrays by running some code for each opcode. Opcodes are generated, but they are not optimised. Which means that it does not remove opcodes that can not be executed.

He gets down to the opcode level and shows some output from vld on how things are being executed (and what's not). Using a simple "foo" function example, he shows the execution flow and how the "branches" of executions work through the code. In his case, the "dead code" marker is coming from the line with a closing brace from an "if" statement. He points out that it entirely depends on the lines executed as to what is marked as "dead code".

0 comments voice your opinion now!
dead code xdebug path flow branch vld

Link: http://derickrethans.nl/dead-code.html

PHPMaster.com:
Data Structures for PHP Devs Graphs
August 01, 2013 @ 09:52:34

PHPMaster.com has posted the fourth article in their "Data Structures for PHP Devs" series today, this time with a focus on graphs. He introduces some of the basic concepts behind them and covers two common problems that can be solved by them.

n one of my previous articles I introduced you to the tree data structure. Now I'd like to explore a related structure - the graph. Graphs have a number of real-world applications, such as network optimization, traffic routing, and social network analysis. Google's PageRank, Facebook's Graph Search, and Amazon's and NetFlix's recommendations are some examples of graph-driven applications. In this article I'll explore two common problems in which graphs are used - the Least Number of Hops and Shortest-Path problems.

He explains graphs mathematically, describing them as a set of relationships between nodes and the "lines" that connect them. There's other things involved including directions and weight, but there's not too much detail on those. Instead he gets right into the problems. First is the "Least Number of Hops" and second the "Find the Shortest Path", each with some explanation and sample code of their implementation.

0 comments voice your opinion now!
data structure graph tutorial least hops shortest path

Link: http://phpmaster.com/data-structures-4

Anthony Ferrara:
Is Autoloading A Good Solution?
July 20, 2012 @ 15:56:30

In his most recent post Anthony Ferrara takes a look at autoloading - mostly asking the question of whether the problems it has really outweigh the benefits.

The real problem that autoloaders solve is to load dependencies. [...] The normal logic that's used to justify autoloading over manual dependency loading in production is that it only loads the classes you need. Therefore you save the parsing costs of classes that you don't need. But surely that additional run-time loading has costs. So I decided to setup a test to see how expensive that additional run-time loading costs us, and to prove whether or not autoloading is worth it in production.

He gives an example of the two methods - using the spl_autoload_register method to define a loader and loading them with a defined file path instead. He found the autoloading version slower than the hard-coded (by quite a bit) but how, when the number of files is reduced, the performance gets much closer. He also briefly looks at two other pieces of file-related functionality: file_exists and require_once.

0 comments voice your opinion now!
autoload solution performance static path fileexists requireonce


Sean Coates' Blog:
Use `env`
May 21, 2012 @ 11:58:34

Sean Coates has posted a reminder for PHP developers (and really anyone executing command-line scripts) to use "env" instead of hard-coding the path to the PHP interpreter.

These [support] scripts often run PHP in Gimme Bar land, and we make extensive use of the shebang syntax that uses common Unix practice of putting #!/path/to/interpreter at the beginning of our command-line code. Clearly, this is nothing special -lots of people do exactly this same thing with PHP scripts. One thing I have noticed, though, is that many developers of PHP scripts are not aware of the common Unix(y) environment helper, env.

The "env" alias makes use of your currently defined include path to track down a PHP binary to use to execute the script. Since there's only a "best practices" approach to places to put PHP on a server, the "env" usage makes your script more portable and it's one less thing to remember to change.

If you distribute a PHP application that has command-line scripts and shebang lines, I encourage you to adopt the practice of making your shebang line "#!/usr/bin/env php". Note that this doesn't just apply to PHP of course, but I've seen a definite lack of env in the PHP world.
0 comments voice your opinion now!
env environment include path find executable shebang


Henrik Bjørnskov' Blog:
Symfony2 Quick tip for your security configuration
December 27, 2011 @ 08:40:45

Henrik Bjørnskov has a quick new post with a security tip for those using the Symfony2 framework in its configuration.

Earlier when playing around with the Security component and SecurityBundle i found that for all paths you can specify a route name and the component will match it when check for the request paths.

Setting this up in your configuration gives you more control over the paths that are matched as well as more flexibility in defining them. He includes a note about a change you might have to make to the SecurityBundle's code to get the "check_path" part working correctly. You can find out more about the SecurityBundle's integration in this blog post from Pablo Bandin.

0 comments voice your opinion now!
symfony2 framework security bundle checkpath path


Josh Adell's Blog:
Path finding with Neo4j
June 28, 2011 @ 12:38:01

In a follow up to his previous post on using Neo4j with PHP, Josh Adell looks in a bit more detail about how to find paths in the data via a REST interface to the database.

The thing that makes graphing databases useful is the ability to find relationship paths from one node to another. There are many algorithms for finding paths efficiently, depending on the use case.

He includes some code showing the REST request (made via this client) to fetch these street-based relationships. He then creates a little sample script that provides driving directions from one intersection to another with a "findPathsTo" call. He modifies it a bit later on to use the Dijkstra algorithm.

0 comments voice your opinion now!
path find neo4j graph database tutorial rest client


DZone.com:
File Path Injection in PHP <= 5.3.6 File Update (CVE 2011-2202)
June 21, 2011 @ 08:44:02

On DZone.com's PHP on Windows section today Krzysztof Kotowicz has a new post talking about a file path injection exploit in PHP versions lower than 5.3.6.

Since the thing went public before new PHP version has been released, I present full details of the latest PHP vulnerability I reported - together with some sweet demo exploit. The issue was found with fuzzing being part of my recent file upload research. And I still have some more to show in the future :)

The issue, described in more detail here on bugs.php.net (as of the time of this post, unfortunately unavailable) and his code to reproduce the issue is here. Due to a bug in the code that should strip down the upload to just the filename, certain kinds of file paths can make it through. The real problem comes in when an application blindly uses this filename to write to, possibly overwriting important files. You can see a screenshot of it in action here.

0 comments voice your opinion now!
file path injection bug filename


Josh Adell's Blog:
Neo4j for PHP
June 17, 2011 @ 10:05:26

Josh Adell has written up a new post for his blog showing some of his experience connecting PHP to Neo4j, a graph database (and open source project). It helps to solve a problem of related datasets and the difficulties that traditional RDBMS have with them.

Lately, I've been playing around with the graph database Neo4j and its application to certain classes of problems. Graph databases are meant to solve problems in domains where data relationships can be multiple levels deep. [...] As you continue to add degrees, the query becomes increasingly unwieldy, harder to maintain, and less performant.

Graph databases, like Neo4j, handle these sorts of needs perfectly. There wasn't an official PHP interface for it, so he decided to create his own that worked with the REST interface the database provides. He includes a few code snippets showing how to connect and make a few requests - setting properties on objects, relating objects to one another and making queries that follow the paths from user to user and return them as a simple array.

0 comments voice your opinion now!
neo4j database graph tutorial rest relationship path


PHPRiot.com:
Reducing a Map Path Using Douglas-Peucker Algorithm
April 29, 2011 @ 12:40:42

On PHPRiot.com there's a new tutorial showing you how to use the Douglas-Peucker algorithm to make the pathing on your map the simplest possible (the fewer points the better) having serious benefits a wide range of users, most notably those on mobile devices.

When drawing a path on a map (for instance, the directions from point A to point B) it is important to consider the limitations of the device you're drawing the path on. In this article, I will show you how to reduce the number of points in a path so the path can be displayed with minimal loss of quality on devices such as iPhone or Android-powered devices that may struggle with an extremely large set of points.

Using the GTFS service's data, he's been creating maps for an iPhone application. Naturally, a path with 700 points would take a lot of resources to render. Using the Douglas-Peucker algorithm he can reduce it down to a much more manageable 70 points. He explains the algorithm briefly and hows how to implement it in PHP with three classes - ShapePoint, Shape and ShapeReducer. The resulting reduced dataset is then passed directly over to a Google Maps for plotting.

0 comments voice your opinion now!
douglaspeucker algorithm reduce tutorial map point path


HashBangCode.com:
Revisiting filter_var() and FILTER_VALIDATE_URL
April 04, 2011 @ 08:44:45

From the HashBangCode.com site today there's a new post that revisits filtering with the filter_var function included with the language. The focus in this article is specifically in validating URLs with the FILTER_VALIDATE_URL flag.

Quite a while ago I looked at using the filter_var() function to validate URL's using the FILTER_VALIDATE_URL flag and someone pointed out recently that this function has not only changed since the initial release, but that a number of flags can be added to change the way that this function works.

He lists some of the other flags that are now available that can be used in conjunction with FILTER_VALIDATE_URL to get more fine-grained in your filtering - checks on things like a required scheme, hostname and query string. He includes some code with a set of URLs to run through some tests and output as a table with the pass/fail rank of each URL value. You can see the resulting output here.

0 comments voice your opinion now!
filtervar url filtervalidateurl scheme hostname path query



Community Events





Don't see your event here?
Let us know!


podcast series composer security tool language conference voicesoftheelephpant opinion framework version list laravel community release introduction artisanfiles library symfony interview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework