Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Tideways.io:
Dodge the thundering herd with file-based Opcache in PHP7
Aug 31, 2015 @ 11:55:37

The Tideways.io site has posted a tutorial showing you how to "avoid the thundering herd" of incoming requests to your application using a file-based PHP 7 opcode cache to reduce load and increase performance on your site.

In the last blog post about Fine-Tuning Opcache Configuration I mentioned the thundering herd problem that affects Opcache during cache restarts. When Opcache is restarted, either automatically or manually, all current users will attempt to regenerate the cache entries. Under load this can lead to a burst in CPU usage and significantly slower requests.

[...] In Rasmus talk at FrOsCon 2015 (Video at 12:30, Slides), he showed the persistent secondary file-based cache Opcache gets in PHP 7. It can read the generated opcodes from disk instead of having to recompile the code after cache restart. This happens only when the compiled opcaches are not found in shared memory.

They talk about the benefits that this caching can provide, not only to web-based applications but also to command line scripts. There's a mention of possible security issues if an attacker is able to read/write to the cache files (but permissions can help that). The post ends with how to install it on your own PHP 7 instance, using the --enable-opcache-file flag on compilation.

tagged: thunderherd opcode cache problem php7 example commandline

Link: https://tideways.io/profiler/blog/dodge-the-thundering-herd-with-file-based-opcache-in-php7

PHP Roundtable:
023: PHP's Major "Bus Factor" Problem
Jul 02, 2015 @ 08:27:16

The PHP Roundtable podcast has posted their latest episode - #23: PHP's Major "Bus Factor" Problem, hosted by Sammy Powers with guests from the PHP community: Samantha Quiñones, Davey Shafik, Chris Tankersly and Michelangelo van Dam.

Inspired by a lively Open Spaces session at php|tek 2015, we discuss how PHP's ecosystem could be threatened by a not-so-obvious bus factor and what we can all do to keep things thriving.

You can catch this latest episode either through the in-page video player or directly on YouTube. If you enjoy the show, be sure to subscribe to their feed too!

tagged: phproundtable podcast video ep23 busfactor language problem

Link: https://www.phproundtable.com/episode/how-the-bus-factor-may-negatively-impact-the-php-ecosystem

Frank de Jonge:
Packages vs. Components: The Dependency Problem.
Jun 26, 2015 @ 11:12:18

In a new post to his site Frank de Jonge makes a distinction between packages versus components, pointing out that components are always packages but packages are not always components, and what it really boils down to is a problem of dependency.

The PHP landscape has fully transitioned into its Package Age™ [...] However, due to PHP's nature, there are some problems. While packages are great for re-use outside of frameworks, dependencies are still an issue. Namespaces resolve conflicts between classnames, but they do not offer a solution to package versioning. Especially in a framework-context, this can become very problematic. A real-world-example for this is Guzzle.

In his Guzzle example he describes the main problem - when packages restructure or make changes incompatible with prior versions and dependencies conflict and both must be installed. He also points out that, while this is bad for just packages, it can be made even worse working with components (his name for framework-based packages). Problems he mentions are the previously mentioned dependency conflicts but also some unexpected quirks with how Composer chooses to install packages. He gives an example of this second one with the installation of the Symfony EventDispatcher component and how, upon closer inspection, Composer seems to be installing two versions of the library at once.

tagged: package component dependency problem conflict versions guzzle eventdispatcher

Link: http://blog.frankdejonge.nl/packages-vs-components/

BeMyCTO.com:
Why Doctrine ORM is not suited for PHP
May 20, 2015 @ 12:09:42

The ByMyCTO.com blog has a recent post that makes the suggestion that the Doctrine ORM isn't suited for PHP...or to put it another way why they think it's not a good option for database integration.

I know, this title sounds like a troll. But it’s not, it’s a fact. I’m not saying Doctrine is a bad technology or shouldn’t be used. I’m just saying it’s not suited for PHP and this can lead to critical problems if misused.

He covers a few different topics including:

  • Differences between Java and PHP (and the fact that Doctrine's inspiration was Hibernate)
  • The "session problem" (entity serialization)
  • Identity Map, useless in a stateless environment
  • UnitOfWork, far too complex
  • EntityManager, too magical

Despite all of these points, he does remind the reader that Doctrine isn't useless or inherently bad, it's just that he sees it as reinforcing bad behaviors and suggests using something else.

tagged: doctrine orm avoid critical problem opinion

Link: http://blog.bemycto.com/software-architecture/2015-05-17/doctrine-orm-not-suited-php/

Peter Petermann:
A few thoughts about composer and how people use it
May 18, 2015 @ 10:17:43

In the latest post to Peter Petermann's site he shares a few thoughts about Composer and how people use it in the more modern PHP ecosystem.

Composer has changed the PHP ecosystem like now other tool introduced – almost everyone is using it today. Now, I have written about Composer before, and have always been a big proponent of using it. However, as i have spend some time with looking more closely on a few things, there is a few problems (some with Composer, some with how people (ab)use Composer) that I would like to write about.

He's broken the list up into six different point, each with a bit of explanation:

  • Composer gets slow and resource hungry
  • People are using composer as an installer
  • People use their own paths
  • People don’t adhere semver
  • People don’t tag their releases / don’t release
  • People release packages with dependencies to unstable versions

He ends the post by looking at each of these points and offering a brief one-liner way to help solve the issue (or at least minimize the problem).

tagged: composer opinion problem usage ecosystem package

Link: https://devedge.wordpress.com/2015/05/16/a-few-thoughts-about-composer-and-how-people-use-it/

/Dev/Hell Podcast:
Episode 58: I Have a Mouth Problem
Apr 06, 2015 @ 12:35:29

The /Dev/Hell podcast has posted their latest episode today: Episode 58: I Have a Mouth Problem with hosts and PHP community members Chris Hartjes and Ed Finkler.

So we kinda forgot we recorded this until a month after the fact. Whoops! This ep is all about side projects, kicking off with Chris and Ed talking about CBTTool, Ed’s electronic worksheet for folks with anxiety disorders. Then we discuss Chris’ new book The Grumpy Little Book of Hack, and Ed’s experience technical editing Modern PHP by Josh Lockhart. Then we get into a boring discussion about marketing. Plus we have STICKERS!

You can listen to this latest episode either through the in-page audio player or by downloading the mp3. If you enjoy the episode, you can catch previous episodes in their archives or subscribe to their feed for the latest shows as they're released.

tagged: devhell podcast ep38 mouth problem chrishartjes edfinkler

Link: http://devhell.info/post/2015-04-04/i-have-a-mouth-problem/

Anthony Ferrara:
A Point On MVC And Architecture
Dec 02, 2014 @ 12:10:24

Anthony Ferrara has posted another in his series looking at MVC as a design pattern and as an idea for building web applications. In this latest post he goes on to make a point about MVC, how it relates to architecture and CRUD.

Last week I post a post called Alternatives To MVC. In it, I described some alternatives to MVC and why they all suck as application architectures (or more specifically, are not application architectures). I left a pretty big teaser at the end towards a next post. Well, I'm still working on it. It's a lot bigger job than I realized. But I did want to make a comment on a comment that was left on the last post.

He responds to the comment (essentially that CRUD is a solved problem) and where the need for customizations is needed. He suggests what the real problem is, though: the three classes of developers - CMS users, custom developers and users of both.

tagged: mvc architecture opinion problem crud comment response

Link: http://blog.ircmaxell.com/2014/12/a-point-on-mvc-and-architecture.html

Anthony Ferrara:
A Followup To An Open Letter To PHP-FIG
Oct 17, 2014 @ 11:51:35

Based on some of the responses to his previous open letter to the PHP-FIG (Framework Interoperability Group), Anthony Ferrara has posted a follow-up explaining some of his points made and the caching proposal in a bit more detail.

A few days ago, I wrote An Open Letter to PHP-FIG. Largely the feedback on it was positive, but not all. So I feel like I do have a few more things to say. What follows is a collection of followups to specific points of contention raised about my post. I'm going to ignore the politics and any non-technical discussion here.

He points out that while the previous post wasn't completely about the cache proposal (it was used as a "literary device") there was some confusion on it. He walks through the "unnecessary complexity" he sees with it, citing code examples, and makes points about performance, memory usage handling stampede protection and the creation of standard ways to avoid it. He ends the post with a look at group invalidation handling and two ways it could be accomplished, either via namespacing or through tagging the items and using that as a reference point for the invalidation.

tagged: open letter phpfig cache proposal detail opinion problem

Link: http://blog.ircmaxell.com/2014/10/a-followup-to-open-letter-to-php-fig.html

SitePoint PHP Blog:
MVC – a Problem or a Solution?
Jul 28, 2014 @ 11:42:36

The SitePoint PHP blog has a new post by Jeroen Meeus that wonders if MVC is a solution or a problem when it comes to developing web applications.

Repositories, Adapters, MVC with all it cousins, SOLID, RTFM… As a (PHP) developer, those words are thrown at you from every corner of the web. And I hate it, I’ve had enough. Stop telling me what to do and show me those kittens instead. [...] When solving the web-application problem, we are forced to use MVC. The dev community often frowns upon those who don’t use it, but seldom lets those they’re frowning upon ask why. [...] MVC doesn’t solve the Code complexity problem. It doesn’t solve the code reuse or no-flexibility problem either. And it doesn’t guarantee decoupled code.

He goes on to talk about how design patterns don't "solve problems". Rather they help us as developers by providing a best practice we can follow to get the job done. He suggests, though, that MVC has become "the new Singleton" but it has been used so much in so many different ways, it's boarding on the point of being abused.

Depending on the situation, and the problem at hand, different patterns can help you write robust, secure and understandable code. Just be careful using them – if you catch yourself using the MVC pattern for a 1-pager, ctrl+a del.
tagged: mvc designpattern problem solution abuse

Link: http://www.sitepoint.com/mvc-problem-solution/

Docnet.nu:
SSL And PHP Streams - Part 1: You Are Doing It Wrong™
Jun 26, 2014 @ 09:54:40

On the Docnet.nu blog today they've kicked off a series looking at the use of streams and SSL in PHP and asking if you're doing it wrong in your current applications. The focus is more on the security aspect, breaking it down into a set of common problems (and how to work around them).

The upcoming PHP 5.6 release brings with it a number of improvements to encrypted PHP streams, both internally and externally. In these articles I will try to cover the most important changes, and how they affect your code. This article will focus on how to get the best security level in code that needs to be run on PHP versions below 5.6, and highlighting some of the gaps in the currently available functionality. Version 5.4.13 is the earliest version that supports all the options described below - and if you are running something earlier than this, then you really should consider upgrading to at least the latest version of the 5.4 series 1.

Their list is made up of six different problems:

  • Problem 1: Peer Verification
  • Problem 2: Cipher Lists
  • Problem 3: Protocol Support
  • Problem 4: TLS Compression Attack Vulnerability
  • Problem 5: Cipher Order
  • Problem 6: TLS Renegotiation Attacks

Each problem comes with a brief description of what it is and why it's an issues. Some also include code snippets showing how to correct the issue, usually relatively simply.

tagged: streams problem list solution https tutorial

Link: http://www.docnet.nu/tech-portal/2014/06/26/ssl-and-php-streams-part-1-you-are-doing-it-wrongtm/C0