News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Phil Sturgeon:
PSR-2 v CodeSniffer PSR-2 A Success Story
October 16, 2013 @ 09:34:15

In a new post to his site Phil Sturgeon talks about the "success story" around the PSR-2 PHP-FIG standard and his work to get the PHP CodeSniffer checks to be more correct for it.

I've had static analysis tools running in Sublime Text for a long time, but for most of that time I have had CodeSniffer and it's PSR-2 rules disabled. I couldn't for the life of me remember why I had done that, until I turned it back on again. All of a sudden it started complaining about code that I had always considered to be perfectly compliant. It reminded me of multiple conversations I've had with others in the FIG and the community in general, about how CodeSniffer often enforces rules in the PSR-2 spec that do not exist, or were not what was meant when it was written. Two months ago I set off on a mission, to get CodeSniffer in line with what PSR-2 really is.

He gets into a bit of the backstory around the checks and the addition of "Errata" to add to the specs that have already been defined. The goal isn't to alter what's been defined, but to help clarify some issues (or close some loopholes) that might have come up. After polling the PHP-FIG mailing list about it - and it passing unanimously - the Errata was added and the CodeSniffer rules were updated to match (PHP_CodeSniffer 1.4.7).

If you're interested in other unclear places in the PSR-2 spec and want to discuss it, check out this gist and the conversation that goes with it.

0 comments voice your opinion now!
psr2 codesniffer rule clarity errata phpfig

Link: http://philsturgeon.co.uk/blog/2013/10/psr2-v-codesniffer-psr2

Hasin Hayder:
Running Zend Framework Applications in AppFog
November 15, 2012 @ 09:28:30

Hasin Hayder has a quick post to his blog today about how you can configure an AppFog instance to be able to run Zend Framework-based projects on them.

AppFog is quite a popular polyglot PaaS (Platform as a Service) provider and it comes with a generous free plan for the developers. [...] Recently, I was looking for a solution on how to host a Zend Framework based application in AppFog. The main problem was that the url must point to the /public folder inside the app and from there it is initialized. After searching for some time, I found the clue in AppFog's doumentation which is you'll have to redirect all the traffic from the parent domain to the /public/index.php file using the URL rewrite rules.

The rewrite rules are included in the post for easy cut-and-pasting. With the recently announced closing of their phpFog service (in favor of just supporting AppFog) I'm sure this tip could come in handy for a lot of developers out there.

0 comments voice your opinion now!
zendframework application appfog htaccess rewrite rule


Joshua Thijssen's Blog:
Symfony2 Implementing ACL rules in your Data Fixtures
July 04, 2012 @ 16:33:23

Joshua Thijssen has a new post to his blog looking at a method for setting up ACL rules in fixtures for your Symfony2-based applications.

Doctrine's DataFixtures are a great way to add test data to your application. It's fairly easy to get this going: Create a fixureLoader that extends DoctrineCommonDataFixturesAbstractFixture, had a load() method and off you go. However, sometimes you want your data also to be protected by Symfony 2′s ACL layer. Since there isn't a common way to do this, here is one way on how I implemented this.

His method uses the ContainerAware interface on the fixture loader instance to be able to get at the container for the fixture. This allows you to use the usual ACL handling methods of the framework to provide restrictions based on things like usernames and roles.

0 comments voice your opinion now!
symfony2 fixture acl rule container loader tutorial


PHP.net:
PHP 5.3.12 and 5.4.2 and the CGI flaw (CVE-2012-1823)
May 07, 2012 @ 09:03:59

The PHP.net site as new post with some supplemental information for those users of the PHP CGI that might be effected by the recently announced bug, the reason for the most recent release. Unfortunately, this patch only fixes some of the cases of the problem, so they've amended their instructions to included a more effective mod_rewrite rule to help protect your applications.

PHP 5.3.12/5.4.2 do not fix all variations of the CGI issues described in CVE-2012-1823. It has also come to our attention that some sites use an insecure cgiwrapper script to run PHP. These scripts will use $* instead of "$@" to pass parameters to php-cgi which causes a number of issues. Again, people using mod_php or php-fpm are not affected.

The rewrite rule is there in the post, ready for copy and pasting into your config. Even if you're running the latest PHP 5.3.12 and 5.4.2., be sure to use this rule as a stop-gap measure for now. Another release is planned for tomorrow to fully correct the CGI flaw.

0 comments voice your opinion now!
cgi flaw bug rewrite rule protect release


PHP-Security.net:
New PHP-CGI Exploit (CVE-2012-1823)
May 04, 2012 @ 08:24:44

The PHP-Security.net site has two posts related to the recently discovered bug in PHP (hence the new versions) related to the CGI handling in certain server configurations.

In the first they detail more of what the bug is, how it could be exploited and link to the original advisory for the problem. Also included are more details on the issue, including sample avenues of attack.

In the second post they look at the recent PHP release and note that it does not completely rid the language of the problem. They point out that the Rewrite rule that's included in their post (not the one on PHP.net) should be used to prevent this issue from effecting your installations.

0 comments voice your opinion now!
exploit cgi release security rewrite rule modrewrite


Anthony Ferrara's Blog:
On Optimization in PHP
August 10, 2011 @ 08:35:38

Anthony Ferrara has a new post to his blog today looking at something that's constantly a focus of user-facing applications, PHP ones or otherwise - application optimization. He specifically discusses handling it in PHP and some things to keep an eye out for.

When it comes to optimization, there are two competing viewpoints in the PHP community. Some say that optimization should only ever be an after thought and to avoid premature optimization at all costs. Others will say that this is impractical, and you should make your application fast as you write it, since then you won't have to go back and clean it up to make it faster. While I can understand the viewpoints of both sides, I am firmly in the former category.

He talks about the "90/10 Rule" of development (most of the work is done by only a small part of the code) and what that critical 10% could be made of. He also touches on the "60/40 Rule", "instinctual optimization" and the emphasis people put on benchmarks for their tool or framework of choice.

0 comments voice your opinion now!
optimize application opinion rule benchmark


QaFoo.com Blog:
Howto write a Rule for PHPMD
March 21, 2011 @ 09:16:57

On the QaFoo blog today Manuel Pichler has written up a guide to help you write a custom rule to use with the PHP Mess Detector (PHPMD) as extended from some of the current rules (it's always easier to start from examples).

Let us start with some architecture basics behind PHPMD. All rules in PHPMD must at least implement the PHP_PMD_Rule interface. You can also extend the abstract rule base class PHP_PMD_AbstractRule which already provides an implementation of all required infrastructure methods and application logic, so that the only task which is left to you is the implementation of the concrete validation code of your rule.

He walks you through some sample code and talks about some of the common interfaces that are available to your testing. He takes one of them, IFunctionAware, and looks at it specifically, showing how to use it to detect and add violations for the validation. He includes an example of writing a rule based on an existing software metric (in this case, the number of public methods). There's also bit at the end showing how to write a rule based on the "abstract syntax tree" to be able to check just about anything in the code you're looking to test.

0 comments voice your opinion now!
phpmd mess detector rule tutorial


Manuel Pichler's Blog:
Howto create custom rule sets for PHPMD
April 09, 2010 @ 13:19:25

If you've been using the PHP Mess Detector (PHPMD) to help clean up problem areas in your applications, but have needed more than just the basic rules that it comes with, you're in luck. Manuel Pichler has put together a new post for his blog about creating custom rules sets for the tool.

PHPMD can be seen as an one level down/low level equivalent to PHP_CodeSniffer. It is a simple command line tool that can be used to check your application's source code for possible bugs, suboptimal or overcomplicated code. The current release of PHPMD ships with three default rule sets.

The first deals with code size, the second checks for unused variables and the like and the third looks at naming conventions. He shows how to take one of the structures from one of these three and create a new rule. For his example it's a measurement of cyclomatic complexity. He also shows you how to exclude certain rules that might come in another set so you don't have to completely redefine to use pre-existing rules.

The latest release of PHPMD can be pulled from pear.phpmd.org or from its github repository.

1 comment voice your opinion now!
phpmd custom rule set tutorial


Stefan Koopmanschap's Blog:
Serving frontend and backend from the same document root with symfony
March 25, 2009 @ 09:31:45

Stefan Koopmanschap has a recent post to his blog about a small oversight (and gotcha other symfony developers should watch for) that he's made a few times when trying to work with a subdomain of his main symfony-powered website:

Quite often have I been staring at my virtualhost setup for the admin subdomain of this application, wondering why the hell it kept serving the frontend. I'd set the DirectoryIndex to backend.php, so why did it keep serving the frontend?

The culprit was something that's usually one of the first things set up when you load a new framework - the mod_rewrite rules in an .htaccess. Of course, since they were the default, things would get routed back to "index.php" instead of his "backend.php" as he wanted. To fix it, he moved these options out of the .htaccess and into the virtualhost configuration.

0 comments voice your opinion now!
symfony framework htaccess frontend backend modrewrite rule


Chris Hartjes' Blog:
CakePHP + Nginx Configuration Update
January 26, 2009 @ 10:21:57

In this new post from Chris Hartjes today he continues his look at combining a CakePHP application with the Nginx web server. This time the focus is on the configuration of the web server side of things to make the CakePHP routing work.

I'm in the process of creating the website for my upcoming book *and* had recently switched back from using Apache to using Nginx again, so I thought it might be time to roll up my sleeves and figure out how to make it work in a subdirectory. After much gnashing of teeth and pissing and moaning, I figured it out.

A simple configuration example is included as a part of the post showing how to correctly configure the rewrite routes to catch everything and send it back to the index.php file. His is a two-part process: it tries to match anything with "/foo" in it then, if it wasn't caught there, it sends it off to be rerouted to the front controller.

0 comments voice your opinion now!
cakephp framework nginx webserver rewrite rule configure



Community Events





Don't see your event here?
Let us know!


opinion community package voicesoftheelephpant interview laravel list release library framework bugfix series symfony api tips introduction podcast install deployment language

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework