Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Jon LeMaitre:
A Response To PHP- The Wrong Way
Aug 22, 2016 @ 12:21:36

Jon LeMaitre has a new post to his Medium blog sharing his own response to the "PHP The Wrong Way" (phpthewrongway.com) and some of the points it makes.

For anyone who isn’t aware, there is a site call http://phptherightway.com, which is a summary of good (dare I say, best?) practices for writing PHP in 2016. In addition, there now exists http://phpthewrongway.com, whose aim is to provide a kind of counterbalance to http://phptherightway.com and what is presently mainstream PHP culture. This article is a rebuttal to the arguments found in http://phpthewrongway.com.

He starts by pointing out the three main positive points "The Wrong Way" makes:

  • keeping things simple
  • don't apply tools dogmatically
  • write secure software by default

However, as he points out, most of this advice is wrapped in "gross mischaracterizations of the PHP community, the nature of frameworks, standards, and PHP itself." Jon's post gets into a lot more detail on the various sections of "The Wrong Way", breaking them down into a series of quotes and matching responses. There's definitely some good points made here in Jon's post - I'd highly suggest balancing out the thoughts from "The Wrong Way" with it.

tagged: phpthewrongway response opinion phptherightway

Link: https://medium.com/@jon.lemaitre/a-response-to-php-the-wrong-way-fe7bb253e295#.5w6810pwg

Phil Sturgeon:
Why Care About PHP Middleware?
Jun 02, 2016 @ 10:35:39

Phil Sturgeon has a post over on his site sharing some of his thoughts on PHP middleware and why he thinks it's worth paying attention to in your applications.

Recently there has been a lot of buzz about HTTP middleware in PHP. Since PSR-7 was accepted, everyone and their friend Sherly has been knocking out middleware implementations, some of them stunning, some of them half-arsed, and some of them rolled into existing frameworks. HTTP Middleware is a wonderful thing, but the PHP-FIG is working on a specific standard for middleware, which will standardise this mess of implementations, but some folks don't seem to think that would be useful.

Let's look into middleware a little closer, to show you why it's something to smile about.

He starts with a bit of background about the history of middleware in the PHP ecosystem and where they fit in the overall execution path. He lists out some of the middlewares that have already come out based on this surge in the community including CSRF protection, debugging and rate limiting handling. With various frameworks handling the request/response slightly differently, the PHP-FIG worked up a standard to make interoperability easier. He links to some other resources about middleware that have been posted and discussions he's had with other people about their usefulness.

HTTP Middleware is awesome. It lets frameworks do far less, it lets people distribute logic in a way often unseen popularly in PHP, it lets more of your application be reusable, and it lets PHP catch up with other popular languages used to build stuff on the web. PSR-7 was a great step towards this goal, but we need another PSR to get the whole way there.
tagged: middleware opinion psr7 request response phpfig example

Link: https://philsturgeon.uk/2016/05/31/why-care-about-php-middleware/

Matthew Weier O'Phinney:
Serve PSR-7 Middleware Via React
Apr 20, 2016 @ 12:07:56

Matthew Weier O'Phinney has a post to his site showing you how to combine PSR-7 request/response handling (his examples use Zend Expressive) with React and middleawre in your application.

I've been intending to play with React for some time, but, for one reason or another, kept putting it off. This past week, I carved some time finally to experiment with it, and, specifically, to determine if serving PSR-7 middleware was possible.

He starts with a brief introduction to React and what kind of functionality it brings to the table. He includes a bit of sample code showing it in use creating a basic HTTP server responding to any request with a simple "Hello World" message. He then starts on the React+PSR-7 integration, wrapping the request and response handling from one in the other to keep the expected responses the same. He also talks about serving up static files using the React+PSR-7 handling via a middleware on the Expressive side. Finally he shares the work he's done via a library to help make it easier to reuse in other situations. He shows the installation and usage of this library and sample requests you can use to test it out.

tagged: react psr7 request response example library handler static file tutorial

Link: https://mwop.net/blog/2016-04-17-react2psr7.html

Paul Jones:
PSR-7 and Session Cookies
Apr 12, 2016 @ 13:27:06

In this post to his site Paul Jones makes some suggestions about how to handle session cookies (PHP's default session handling mechanism) and requests/responses using the PSR-7 structure.

One of the great things about PHP is its session handling capabilities. One call to session_start() and a huge amount of heavy lifting is done for you. It’s a great aid when writing page scripts.

However, as you start to need finer control over the HTTP response in your project, some of the automatic session behaviors begin to get in the way. In particular, when you are using PSR-7 to build your HTTP response, you realize that session_start() and session_regenerate_id() both automatically do the equivalent of calling setcookie() to write headers directly to the output. This means you cannot buffer those calls into the Response object for later sending.

How then can we use PHP’s session handling, when we want finer control over when and how cookies get sent?

He suggests that you do two things. First, disable PHP itself from automatically sending the cookie via some ini_set calls. The second is to do the session ID comparison manually and perform the related action (either allowing or sending a new ID on failure). He includes example code showing it in action and also mentions some of the shortcomings of the approach around cache and limiter headers.

tagged: psr7 session cookie request response header disable tutorial

Link: http://paul-m-jones.com/archives/6310

Inviqa Blog:
An Introduction to PSR-7 in Symfony
Mar 18, 2016 @ 09:58:44

The Inviqa blog has posted a tutorial that gets in to the details of using PSR-7 compatible functionality in Symfony through the introduction of middleware into your application.

The PSR-7 standard, which describes common HTTP message interfaces, is a big step towards interoperability across different PHP libraries. The standard was introduced not long ago, but you can already use libraries compatible with this recommendation within your Symfony-based application.

[...] A step toward more homogeneity was achieved when the PHP Framework Interop Group accepted PSR-7 in May 2015. This recommendation describes common HTTP message interfaces. The biggest benefit the PHP community gets from the standard is a potential for interoperability across different PHP libraries. You can already use libraries compatible with this recommendation within your Symfony-based application thanks to the Symfony PSR-7 Http Message Bridge.

The tutorial then shows how to use this message bridge to convert the current Symfony HTTP request and response instances over to follow the PSR-7 structure (essentially a wrapper around it). They then show how to use this functionality in a simple Symfony controller, taking advantage of an event listener to automatically convert the request based on type hinting in the controller method. Finally they talk about middleware, what they are and how they fit into the flow of a web request/response structure.

tagged: psr7 symfony introduction middleware bridge request response controller

Link: http://inviqa.com/blog/2016/3/3/an-introduction-to-psr-7-in-symfony

Davey Shafik:
Aug 24, 2015 @ 10:54:54

Davey Shafik has published a post about library he's created that's a sort of "recorder" for connections made with the Guzzle HTTP client - the Guzzle VCR.

A few days ago I pushed out a very small library to help with testing APIs using Guzzle: dshafik/guzzlehttp-vcr. [...] This is a simple middleware that records a request’s response the first time it’s made in a test, and then replays it in response to requests in subsequent runs.

The handler works by recording the responses from the API (ex: the JSON response data) and records them to files (again, JSON). A one-line call turns the "recording" on and points to a directory where the cached files should be stored. He shows how to use it in the constructor of your Guzzle client, setting it up as the "handler" for the requests. He also includes an example of a few unit tests that make use of the recording feature to check the response of a /test endpoint.

tagged: guzzle http client vcr recording response json cache handler

Link: http://daveyshafik.com/archives/69384-guzzlehttp-vcr.html

SitePoint PHP Blog:
From Request to Response: A Journey into Drupal 8 Internals
Aug 18, 2015 @ 10:22:33

In a post on the SitePoint PHP blog author Daniel Sipos takes you on a trip through the Drupal 8 execution structure, from request to response, in the internals of the tool.

In the first article on Drupal 8 module development we looked a bit at the routing aspect of this process. We’ve seen that creating pages with paths is now a matter of declaring routes that match up with controllers. The latter, as we’ve seen, can return a render array that gets interpreted into markup and displayed in the main content area of that page. However, did you know that under the hood, Drupal actually transforms that array into a Response object according to the dictates of Symfony’s HTTPKernelInterface?

In this article, I would like us to go deeper into the internals of Drupal 8 (and Symfony2) and look at what actually happens (and can happen) from the moment a request is made by a user to the one in which they see something returned in response.

He starts at the initial point of the request, the front controller, and talks about the creation of the Request instance and it's handling by the HTTPKernel. He moves into the kernel and talks about the events that are triggered during execution and provides an illustration of the flow of the request all the way through to the response. He then "goes deeper" into looking at render arrays and the HTMLRenderer handling to manage the output of the page on the Drupal side.

tagged: request response drupal8 internals symfony httpkernel overview

Link: http://www.sitepoint.com/from-request-to-response-a-journey-into-drupal-8-internals/

Freek Van der Herten:
Speed up a Laravel app by caching the entire response
Jul 20, 2015 @ 08:12:55

Freek Van der Herten has written up a tutorial for his site showing the Laravel users out there how to cache their entire response to speed up the overall performance of their application.

A typical request on an dynamic PHP site can do a lot of things. It’s highly likely that a bunch database queries are performed. On complex pages executing those queries and hydrating them can slow a site down. The response time can be improved by caching the entire response. The idea is that when a user visits a certain page the app stores the rendered page.

With a little help from his package it's easy to enable. Just install the package, add the service provider and you're ready to go. All successful responses will be cached unless told otherwise and cache files will be written out to files by default. He does point out that caching like this, while handy and a nice "quick fix" shouldn't be used in place of proper application tuning methods though. He also links to two other external technologies that could be used for the same purpose: Varnish and Nginx's own cache handling.

tagged: laravel application response cache output serviceprovider package

Link: https://murze.be/2015/07/speed-up-a-laravel-app-by-caching-the-entire-response/

Symfony Blog:
PSR-7 Support in Symfony is Here
Jun 01, 2015 @ 12:19:15

The Symfony project has officially announced PSR-7 support in the latest version of the framework. PSR-7 is a recently approved standard by the PHP-FIG to make a more structured HTTP request and response structure (to aid in interoperability).

Less than 2 weeks ago, the PHP community roundly accepted PSR-7, giving PHP a common set of HTTP Message Interfaces. This has huge potential for interoperability and standardization across all of PHP. This is especially true for middleware: functions that hook into the request-response process. In the future, a middleware written around these new interfaces could be used in any framework. [...] Today, a huge number of projects use Symfony's Request and Response classes (via the HttpFoundation component), including Laravel, Drupal 8 and StackPHP.

[...] For that reason, we're thrilled to announce the 0.1 release of the PSR HTTP Message Bridge: a library that can convert Symfony Request and Response objects to PSR-7 compatible objects and back. This means that once there are middleware written for PSR-7, applications using HttpFoundation will be compatible.

The bridge makes it simpler to swap out the HTTP layer by converting the HTTP objects into something other frameworks can use (or so others can be used by Symfony). They provide some examples of how to put it to use, converting objects both to and from the standard Symfony HttpFoundation versions. There's also a quick note about the RequestInterface and ResponseInterface structure that allows you to bridge your own gaps between the PSR-7 friendly components and Symfony.

tagged: psr7 support httpfoundation request response http bridge phpfig

Link: http://symfony.com/blog/psr-7-support-in-symfony-is-here

Marc Morera:
Visithor, Testing Your Routes Without Pain
May 05, 2015 @ 09:25:55

In his latest post Marc Morera shares a new tool he's created to help with testing routes for specific HTTP code responses and other attributes of your "HTTP layer" - Visithor.

Many years ago I was thinking about a simple and fast tool to test specific routes, expecting specific HTTP codes and providing an easy environment of ensuring properly your HTTP layer. So... I present you Visithor, a PHP based library that provides you this functionality, with a simple configuration definition and a very easy way of installation.

He starts with a few quick commands to get the library installed (either globally or local to the project) and how to create the first configuration file. This file defines the tests to execute as a set of URLs with allowed HTTP response codes. He also shares a Symfony2 bundle that can be used to integrate it with your current application, allowing for more flexibility in route check configuration and environment settings. He also includes a quick example of integrating it with your Travis-CI build as a "script" command to be executed.

tagged: visithor library testing http response code symfony2 bundle integration

Link: http://mmoreram.com/blog/2015/05/04/visithor/