Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

HHVM Blog:
Trait and interface requirements in Hack
Jun 19, 2015 @ 09:56:23

On the HHVM blog there's a recent post looking at some of the requirements around traits and interfaces in the Hack language. More specifically, they talk about type checking with traits and how interfaces can be used to help provide extra structure.

In PHP, traits are a mechanism of code reuse that, while very powerful, are also difficult to type check both efficiently and exhaustively. In this post we’ll dive more deeply into the reasons for that and see how Hack solves those problems, allowing you to use traits in a safe way without limiting their expressiveness.

They start by talking about the main problem with PHP's handling of traits (essentially copy and paste into the current class) and how they felt Hack should "just work" in allowing type checking on these "pasted" methods too. Performance limitations prevented them from handling it how they do with other variable types, so they changed things up, using a "require extends" syntax to tell the Hack engine how to allow the checking based on an interface. There's a lot more to it than this, so be sure to read the rest of the post on how they came to that conclusion.

tagged: trait interface requirement hack require extends syntax

Link: http://hhvm.com/blog/9581/trait-and-interface-requirements-in-hack

Rafael Dohms:
Installing Composer Packages
Oct 14, 2014 @ 12:04:58

Maybe you've heard about Composer and how it makes working with PHP libraries and packages easier. There's lots of articles (besides the project documentation) that can help you get started but Rafael Dohms has just shared an excellent overview of versioning and the features the tool makes available to fine tune your requirements to just the right level.

I have been putting together a new talk about Composer, and that means looking around the community, doing loads of research and trying to identify the items that need to be covered in a talk. Mostly I have been trying to identify things that people do on a regular basis that according to composer internals is either wrong or not ideal. One such thing that I have found is the proper selection of versions, and that also led me to find a new feature in composer that makes everyone’s life so much easier. So let me break this down.

He starts with a look at the selection of the actual version you'll need and how Composer treats each type of version match (strict vs wildcards vs a mix of the two). He shows an example of adding one of these version strings to a "composer,json" file, both manually and via a command line call.

tagged: composer version package require install tutorial

Link: http://blog.doh.ms/2014/10/13/installing-composer-packages/

Juozas Kaziukenas' Blog:
Scraping login requiring websites with cURL
Feb 24, 2009 @ 08:44:43

Several sites have areas that have content protected behind a login making them difficult to pull into a script. Juozas Kaziukenas has created an option to help you past this hurdle - a PHP class (that uses cURL) that can POST the login data to the script and pull back the session ID.

But how you are going to do all this work with cookies and session id? Luckily, PHP has cURL extension which simplifies connecting to remote addresses, using cookies, staying in one session, POSTing data, etc. It’s really powerful library, which basically allows you to use all HTTP headers functionality. For secure pages crawling, I’ve created very simple Secure_Crawler class.

The class uses the built-in cURL functionality to send the POST information (in this case the username and password, but it can be easily changed for whatever the form requires) and provides a get() method to use for fetching other pages once you're connected.

tagged: login require scrape curl secure crawler tutorial username password

Link:

Community News:
The PDO v2 Proposal
Jan 25, 2008 @ 08:58:00

Wez Furlong posted a request for comments to the php.internals and php.pdo mailing lists yesterday about a new ly proposed update to the current PDO functionality - PDO 2. He just wants to clear up a few things...

It became apparent over the past year or so that PDO has been a good and valuable addition to PHP. [...] We believe that having direct involvement from the data access providers would be most effective, which is why we set out to try and get them on board.

There were three steps they would need to make to push things to version two (documentation, define scope/direction and organize data provider integration methods) and the proposal that has caused a huge stir in the community - the idea of requiring a CLA contributors would need to sign.

Comments to this point from the community include:

tagged: pdo data abstraction layer version cla require

Link:

DevShed:
Auto Loading Classes in PHP 5
Dec 04, 2007 @ 09:25:00

A new tutorial on DevShed today takes a look at a handy bit of functionality that's included with PHP5 - the automatic autoloading of classes.

As you might know, the "__autoload()" function, when used in a clever way, can eliminate almost completely the need to use the "require()/require_once()" and "include()/include_once()". [...] Now is the perfect time to move forward and start learning how to put the "__autoload()" magic function to work for you, and load your classes without having to include them manually into your PHP 5 object-oriented applications.

They show the more traditional approach with a code example (just using the require/include method) then show the difference in using a custom defined autoload function to tell the script where to find the libraries.

tagged: php5 autload class tutorial require include php5 autload class tutorial require include

Link:

DevShed:
Auto Loading Classes in PHP 5
Dec 04, 2007 @ 09:25:00

A new tutorial on DevShed today takes a look at a handy bit of functionality that's included with PHP5 - the automatic autoloading of classes.

As you might know, the "__autoload()" function, when used in a clever way, can eliminate almost completely the need to use the "require()/require_once()" and "include()/include_once()". [...] Now is the perfect time to move forward and start learning how to put the "__autoload()" magic function to work for you, and load your classes without having to include them manually into your PHP 5 object-oriented applications.

They show the more traditional approach with a code example (just using the require/include method) then show the difference in using a custom defined autoload function to tell the script where to find the libraries.

tagged: php5 autload class tutorial require include php5 autload class tutorial require include

Link:

PHP Discovery Blog:
Dangers of Remote Execution
Nov 21, 2007 @ 13:48:00

On the PHP Discovery blog, there's a new post reminding PHP developers of some of the more dangerous ways that remote execution could effect your site and some of the common entry points it can have.

PHP has numerous ways to execute raw PHP code unless you the programmer stops it. Best way in preventing these methods is making sure you check the input of what your users are inputting, and making sure you escape all malicious actions that a hacker,cracker, kiddy scripter might want to do to your website.

He summarizes four of the things from the Pro PHP Security book from Apress (by Chris Snyder and Michael Southwell) that can leave holes in you application for would-be explots - preg_replace, shell_exec/exec, eval (which we all know is only one letter from "evil" anyway) and require/include.

tagged: danger remote execution pregreplace include eval shellexec exec require danger remote execution pregreplace include eval shellexec exec require

Link:

PHP Discovery Blog:
Dangers of Remote Execution
Nov 21, 2007 @ 13:48:00

On the PHP Discovery blog, there's a new post reminding PHP developers of some of the more dangerous ways that remote execution could effect your site and some of the common entry points it can have.

PHP has numerous ways to execute raw PHP code unless you the programmer stops it. Best way in preventing these methods is making sure you check the input of what your users are inputting, and making sure you escape all malicious actions that a hacker,cracker, kiddy scripter might want to do to your website.

He summarizes four of the things from the Pro PHP Security book from Apress (by Chris Snyder and Michael Southwell) that can leave holes in you application for would-be explots - preg_replace, shell_exec/exec, eval (which we all know is only one letter from "evil" anyway) and require/include.

tagged: danger remote execution pregreplace include eval shellexec exec require danger remote execution pregreplace include eval shellexec exec require

Link:

PHP-Coding-Practices.com:
Try-Catch Syntax Weirdness
Jun 22, 2007 @ 13:28:00

In working with his code recently, Tim Koschuetzki noticed something odd with a block of try/catch code:

I just noticed today, that PHP's try catch blocks require curly braces. Anybody has an idea why it is like that? I have used curly braces by default up until now, so I just stumbled upon this weirdness today.

He includes two examples, one with a curly brace after the catch clause and the other without. This is different than several other control structures (like ifs) that don't require the curly brace when there's only the one line following it.

tagged: try catch curlybrace require try catch curlybrace require

Link:

PHP-Coding-Practices.com:
Try-Catch Syntax Weirdness
Jun 22, 2007 @ 13:28:00

In working with his code recently, Tim Koschuetzki noticed something odd with a block of try/catch code:

I just noticed today, that PHP's try catch blocks require curly braces. Anybody has an idea why it is like that? I have used curly braces by default up until now, so I just stumbled upon this weirdness today.

He includes two examples, one with a curly brace after the catch clause and the other without. This is different than several other control structures (like ifs) that don't require the curly brace when there's only the one line following it.

tagged: try catch curlybrace require try catch curlybrace require

Link: