Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Alejandro Celaya:
Dispatch REST-like requests with a single controller class in Zend Expressive
Jun 27, 2016 @ 10:21:25

In a new post to his site Alejandro Celaya shows you how to dispatch REST-like requests in Zend Expressive using a single-controller method.

I was digging into Zend Expressive and how to use controllers that allow me to share dependencies between different routes, instead of having to use different middlewares every time. Abdul wrote a great article on this subject that you can find here, which also became part of Expressive's cookbook some time later.

This is a perfect approach that easily allows to reuse some code, but then I thought how to do something similar in a rest environment, having a single class with different dispatchable methods that will be called depending on the request's HTTP method. This is a possible solution based on ZF2's AbstractRestfulController.

He starts by creating an AbstractRestController class to handle the basics of the REST handling, essentially matching verbs to their actions. He then extends this with a RestUserController class that overrides the necessary methods for only the HTTP verbs you want to change. He then shows how to register the route so it can be used by any request verb type (GET, POST, PUT, etc).

tagged: zendexpressive tutorial rest request verb http zendframework2 abstractcontroller

Link: http://blog.alejandrocelaya.com/2016/06/24/dispatch-rest-like-requests-with-a-single-controller-class-in-zend-expressive/

Phil Sturgeon:
Why Care About PHP Middleware?
Jun 02, 2016 @ 10:35:39

Phil Sturgeon has a post over on his site sharing some of his thoughts on PHP middleware and why he thinks it's worth paying attention to in your applications.

Recently there has been a lot of buzz about HTTP middleware in PHP. Since PSR-7 was accepted, everyone and their friend Sherly has been knocking out middleware implementations, some of them stunning, some of them half-arsed, and some of them rolled into existing frameworks. HTTP Middleware is a wonderful thing, but the PHP-FIG is working on a specific standard for middleware, which will standardise this mess of implementations, but some folks don't seem to think that would be useful.

Let's look into middleware a little closer, to show you why it's something to smile about.

He starts with a bit of background about the history of middleware in the PHP ecosystem and where they fit in the overall execution path. He lists out some of the middlewares that have already come out based on this surge in the community including CSRF protection, debugging and rate limiting handling. With various frameworks handling the request/response slightly differently, the PHP-FIG worked up a standard to make interoperability easier. He links to some other resources about middleware that have been posted and discussions he's had with other people about their usefulness.

HTTP Middleware is awesome. It lets frameworks do far less, it lets people distribute logic in a way often unseen popularly in PHP, it lets more of your application be reusable, and it lets PHP catch up with other popular languages used to build stuff on the web. PSR-7 was a great step towards this goal, but we need another PSR to get the whole way there.
tagged: middleware opinion psr7 request response phpfig example

Link: https://philsturgeon.uk/2016/05/31/why-care-about-php-middleware/

Matthew Weier O'Phinney:
Serve PSR-7 Middleware Via React
Apr 20, 2016 @ 12:07:56

Matthew Weier O'Phinney has a post to his site showing you how to combine PSR-7 request/response handling (his examples use Zend Expressive) with React and middleawre in your application.

I've been intending to play with React for some time, but, for one reason or another, kept putting it off. This past week, I carved some time finally to experiment with it, and, specifically, to determine if serving PSR-7 middleware was possible.

He starts with a brief introduction to React and what kind of functionality it brings to the table. He includes a bit of sample code showing it in use creating a basic HTTP server responding to any request with a simple "Hello World" message. He then starts on the React+PSR-7 integration, wrapping the request and response handling from one in the other to keep the expected responses the same. He also talks about serving up static files using the React+PSR-7 handling via a middleware on the Expressive side. Finally he shares the work he's done via a library to help make it easier to reuse in other situations. He shows the installation and usage of this library and sample requests you can use to test it out.

tagged: react psr7 request response example library handler static file tutorial

Link: https://mwop.net/blog/2016-04-17-react2psr7.html

Paul Jones:
PSR-7 and Session Cookies
Apr 12, 2016 @ 13:27:06

In this post to his site Paul Jones makes some suggestions about how to handle session cookies (PHP's default session handling mechanism) and requests/responses using the PSR-7 structure.

One of the great things about PHP is its session handling capabilities. One call to session_start() and a huge amount of heavy lifting is done for you. It’s a great aid when writing page scripts.

However, as you start to need finer control over the HTTP response in your project, some of the automatic session behaviors begin to get in the way. In particular, when you are using PSR-7 to build your HTTP response, you realize that session_start() and session_regenerate_id() both automatically do the equivalent of calling setcookie() to write headers directly to the output. This means you cannot buffer those calls into the Response object for later sending.

How then can we use PHP’s session handling, when we want finer control over when and how cookies get sent?

He suggests that you do two things. First, disable PHP itself from automatically sending the cookie via some ini_set calls. The second is to do the session ID comparison manually and perform the related action (either allowing or sending a new ID on failure). He includes example code showing it in action and also mentions some of the shortcomings of the approach around cache and limiter headers.

tagged: psr7 session cookie request response header disable tutorial

Link: http://paul-m-jones.com/archives/6310

Inviqa Blog:
An Introduction to PSR-7 in Symfony
Mar 18, 2016 @ 09:58:44

The Inviqa blog has posted a tutorial that gets in to the details of using PSR-7 compatible functionality in Symfony through the introduction of middleware into your application.

The PSR-7 standard, which describes common HTTP message interfaces, is a big step towards interoperability across different PHP libraries. The standard was introduced not long ago, but you can already use libraries compatible with this recommendation within your Symfony-based application.

[...] A step toward more homogeneity was achieved when the PHP Framework Interop Group accepted PSR-7 in May 2015. This recommendation describes common HTTP message interfaces. The biggest benefit the PHP community gets from the standard is a potential for interoperability across different PHP libraries. You can already use libraries compatible with this recommendation within your Symfony-based application thanks to the Symfony PSR-7 Http Message Bridge.

The tutorial then shows how to use this message bridge to convert the current Symfony HTTP request and response instances over to follow the PSR-7 structure (essentially a wrapper around it). They then show how to use this functionality in a simple Symfony controller, taking advantage of an event listener to automatically convert the request based on type hinting in the controller method. Finally they talk about middleware, what they are and how they fit into the flow of a web request/response structure.

tagged: psr7 symfony introduction middleware bridge request response controller

Link: http://inviqa.com/blog/2016/3/3/an-introduction-to-psr-7-in-symfony

Rob Allen:
Testing Slim Framework actions
Mar 14, 2016 @ 10:45:52

Rob Allen has a quick post to his site showing you how to test Slim actions using PHPUnit and some simple pieces of the Slim framework itself to set up the needed environment.

To test a Slim Framework action, you need a request and a response object and mock whatever is in the action. This is one way to do this.

He gives an example of a simple endpoint that just returns a JSON string. He shows the code for this endpoint and how it registers with the application for an /echo route. He then gets in to the testing on the route's matching class, making an instance of the Request class and an Environment for it to work in. He ends the post by sharing teh code to pull all of these pieces together in a simple PHPUnit test that uses the assertSame assertion to verify the JSON response output.

tagged: slimframework action unittest phpunit testing tutorial request environment

Link: https://akrabat.com/testing-slim-framework-actions/

Rob Allen:
PSR-7 file uploads in Slim 3
Feb 05, 2016 @ 11:08:23

In a post to his site Rob Allen explains how to handle file uploads in a PSR-7 structure, specifically illustrating with an example using the Slim (v3) framework.

Handling file uploads in Slim 3 is reasonably easy as it uses the PSR-7 Request object, so let's take a look.

He shows how to create a simple index route in a Slim application and render a view containing just a simple form with an upload field and submit button. When the form submits, he uses the getUploadedFiles method on the Slim Request object to get the file information for the upload. He also shows how to check for errors on the upload using the file data as an object and calling the getError method.

tagged: slim3 file upload tutorial handling error psr7 request

Link: https://akrabat.com/psr-7-file-uploads-in-slim-3/

Lorna Mitchell:
OAuth2 with PHP's built in Streams Functions
Jan 07, 2016 @ 10:56:54

In a quick post to her site Lorna Mitchell reminds us that you can modify the options on the internal PHP streams (like for HTTP requests), more specifically to add a "Bearer" token value for OAuth2 integration.

For OAuth2, all I had to be able to do was to send an Authorization header with my web request from PHP. My second-favourite way of making API calls from PHP is to use PHP's stream handling, so I did that. It's not code you see very often but it's super-simple and it works on every PHP platform I've tried so far

She gives a few lines of code to show how to modify the options to add in the token value, basically using an array of options and a call to stream_context_create to create the context. This can then be used in future calls (like the file_get_contents she shows) to automagically send this information along with the request.

tagged: oauth2 http stream request builtin options bearer tutorial

Link: http://www.lornajane.net/posts/2016/oauth2-phps-built-streams-functions

Setting the Context in a Laravel Application
Sep 24, 2015 @ 13:39:46

Continuing on their series about context in Laravel applications, the Culttt.com blog has posted the next part talking about setting the context of the application. In this case the term "context" relates to the "operating environment" the request is happening in (not to be confused with the environment, things like the server/software installed).

Last week we looked at managing context in a Laravel application. Context is a very important aspect of a web application as this foundational structure will be relied upon for almost every piece of code. Setting the context usually involves checking against the business rules of the application.

For example, does the current user have access to this group? Does the current task belong to this project? Can this user create a new post in this thread? These kind of foundational business rules need to be addressed whenever a request enters the application.

He starts by talking about the importance of the URL the user is requesting, pointing out that it should be both useful to identify the resource and provide a "sense of hierarchy" for the application. He then shows how to, using the "Guard" handling in Laravel, to define the context and ensure that the user is operating within an allowed context. Full code is included to set up the system and creating the objects to resolve the group and request information into something useful.

tagged: context laravel application tutorial group request guard

Link: http://culttt.com/2015/09/21/setting-the-context-in-a-laravel-application/

Symfony Blog:
How we Auto-Deploy Documentation Pull Requests with Platform.sh
Sep 10, 2015 @ 12:42:38

On the Symfony blog Ryan Weaver shares a "behind the scenes" look at how the project handles and has automated their documentation generation process with the help of the Platform.sh service.

[Symfony's documentation](https://github.com/symfony/symfony-docs) is an open source project with more than 800 contributors. That’s great! But our goal is to always make it easier to contribute and faster to merge in changes. And today, we’ve started doing something really cool to improve our workflow: integration with [Platform.sh](https://platform.sh).

Platform.sh is a hosting solution that provides out-of-the-box continuous deployment for Symfony, Drupal and any other PHP applications. It extends the concept of a Git branch at the infrastructure level. Basically, this means that it’s easy to deploy every branch and/or Pull Request to its own URL.

He talks about the documentation's format (Sphinx) and how, while it does provide flexibility it also can lead to maintenance issues too. Changes can't be seen immediately and it's difficult to review. Instead they worked up a process where each pull request was automatically deployed to its own unique URL. This reduces both issues they were setting around instant feedback and review problems and provides a better experience for the developer overall.

tagged: integration platformsh documentation request pull symfony continuous deployment

Link: http://symfony.com/blog/how-we-auto-deploy-documentation-pull-requests-with-platform-sh