Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Pusher Blog:
How to Build Real-Time Laravel Apps with Pusher
Sep 23, 2015 @ 10:22:31

The Pusher blog has posted the set of tutorials they created as a part of the Laracon EU conference that shows you how to use their service to create a real-time Laravel-based application - a simple chat application.

The Laravel framework and Pusher are a great combination. Laravel helps you build elegant applications and at warp speed; Pusher helps you add real-time features to those apps in a fraction of the time it would take to build using your own infrastructure. [...] We recently wrote a set of tutorials covering How to Build Real-Time Laravel Apps with Pusher as part of a Workshop for Laracon EU. We’ve now opened up these tutorials for everybody and anybody to work through. The source has been opened up under the Commons Attribution 4.0 International License so you’re free to fork and adapt to suit your needs or even to run your own workshop.

The talk briefly about who the tutorials are targeted at and how the guide is laid out (a Gitbook). It covers some of the fundamentals of Pusher, setting it up via a Laravel bridge, debugging tips and the construction of the actual sample application.

tagged: pusher realtime application tutorial series gitbook chat laravel

Link: https://blog.pusher.com/how-to-build-real-time-laravel-apps-with-pusher/

SitePoint PHP Blog:
Drupal 8 Third Party Settings and Pseudo-Fields
Sep 15, 2015 @ 12:25:45

The SitePoint PHP blog continues their series looking at Drupal 8 with this new article from Daniel Sipos about third-party settings and pseudo-fields. Part one of the series can be found here

In the first installment of this series we started our journey towards creating some simple but powerful functionality. The goal we set was to have the possibility to load a form on each node page and to be able to choose which form type should be used on the different node bundles. [...] It follows to see how we can configure the core node types to use one of the plugins defined on the site and how to render the relevant form when viewing the node. But first, in order to have something to work with, let’s create our first ReusableForm plugin that uses a very simple form.

He starts back in with the creation of a first simple plugin to handle the form created in the previous part of the series, assigning the form to it via annotations. He then configures the node entities to be able to use the plugin via the services YAML configuration file. He then updates the .module with a function for altering node details and an entity builder. He updates the schema definition to be able to show the form and, finally, render the form out to the view with the assigned node entity types.

tagged: drupal8 series part2 thirdparty settings pseudofields form tutorial

Link: http://www.sitepoint.com/drupal-8-third-party-settings-and-pseudo-fields/

Matt Stauffer:
ACL (Access Control List) Authorization in Laravel 5.1
Sep 10, 2015 @ 09:41:45

Matt Stauffer has continued his series looking at Laravel 5.1 with a new post covering the ACL functionality recently added in 5.1.1. This functionality adds on to the pre-existing authentication handling that has been a part of the framework for a while.

The authentication that Laravel provides out-of-the-box makes it simple to get user signup, login, logout, and password resets up and running quickly and easily.

But if you needed to control access to certain sections of the site, or turn on or off particular pieces of a page for non-admins, or ensure someone can only edit their own contacts, you needed to bring in a tool like BeatSwitch Lock or hand-roll the functionality, which would be something called ACL: Access Control Lists, or basically the ability to define someone's ability to do and see certain things based on attributes of their user record. Thankfully, Taylor and Adam Wathan wrote an ACL layer in Laravel 5.1.11 that provides this functionality without any added work.

He talks about the main interface to the ACL system, the Gate class/facade, and gives a simple example of it in use. He then gets into how it works in defining abilities and checking access levels with both the facade and on the model level. He also shows how to use the checks in Blade templates and how to intercept the evaluations for custom evaluation. He ends the post talking about the concept of policies and controller authorization to allow for additional checking.

tagged: acl accesscontrol authorization laravel5 tutorial series part12 gate

Link: https://mattstauffer.co/blog/acl-access-control-list-authorization-in-laravel-5-1

Social Network with PHP: Introduction (Video Series)
Aug 28, 2015 @ 11:50:47

Codecourse.com has released a video series walking you through the creation of a simple social network site with PHP, Laravel and Bootstrap.

[This tutorial shows you how to create] a social network built with Laravel and Bootstrap. Authenticate, add and accept friend requests, post to a timeline, reply to and like statuses.

The videos are pretty "bite sized" at just a few minutes each, but they walk you through all of the code you'll need to get the site up and running as well. There's 36 videos in the playlist but with the playlist on auto-play you'll go through them quickly.

tagged: playlist video tutorial series screencast social network laravel bootstrap

Link: https://www.youtube.com/playlist?list=PLfdtiltiRHWGGxaR6uFtwZnnbcXqyq8JD

PHP 7 Up and Running (Video Series)
Aug 28, 2015 @ 10:38:14

The Laracasts site has posted a set of videos that can help you learn all about PHP7 and get you up to speed before this next major release is available for download (well, a stable release anyway).

Slated for release in October, 2015, PHP 7 brings a wealth of new features, bug fixes, and performance improvements. If you're curious, come with me, as I demonstrate what's new!

The videos cover some of the major new features coming to the language including:

More videos are coming too, including one already listed showing how to use anonymous classes. Keep an eye on this series to learn all about PHP 7 before it's even released.

tagged: php7 video series introduction major version tutorial

Link: https://laracasts.com/series/php7-up-and-running

Piotr Pasich:
Putting all pieces together and shipping with Codeship (Continuous Deployment – part I
Aug 18, 2015 @ 12:45:01

Piotr Pasich continues his series covering the integration of Docker, Elastic Beanstalk and Codeship to create a workflow for shipping and releasing code. In the first two parts of the series he set up most of the technology involved and hooked some of it together. In this latest article he finishes the process, connecting CodeShip with GitHub and your tests.

Today I will walk you through combining all the pieces together and automating the process fully. A continuous integration system will be placed between developer’s environment and final servers. I’ll present how to achieve all of that with Codeship. What make me choose this particular mechanism? The simplicity of setting up, number of additional tools ready to use without installation and finally the fact that it isn’t time consuming.

He shows how to connect CodeShip with your GitHub repository. He shows how to create a new CodeShip project to handle the build complete with a screencast to ensure things are set up as they should be. He includes a bit of "magic" you'll need to do with the CodeShip configuration to get it to work with the Docker setup, but the change is minimal. He also shows you how to set up the execution of your tests and how to see what failed when a build is broken. Finally he shows the process for setting up the deployment to the hosting provider (in this case Digital Ocean) and how to configure your Amazon credentials right in the interface.

tagged: codeship elasticbeanstalk continuous deployment series part3 docker tutorial

Link: http://piotrpasich.com/putting-all-pieces-together-and-shipping-with-codeship-continuous-deployment-part-iii/

How to Create a PHP C Extension to Manipulate Arrays Part 2: Adding ArrayAccess and
Aug 13, 2015 @ 12:33:04

Dmitry Mamontov has posted the second part of his "How to Create a PHP C Extension to Manipulate Arrays" series on PHPClasses, building on part one and adding in the ArrayAccess and Traversable interface functionality.

In the first part of this article we learned how to create an extension for PHP written in C to create a class that works like arrays. However, to make the class objects really behave as arrays you need to implement certain interfaces in the class.

Read this article to learn how to make a PHP class defined by a C extension implement ArrayAccess and Traversable interfaces, as well understand how to solve problems that you may encounter that can make your extension slower than you expect.

He takes the class he defined in part one and walks you through the addition of the two interfaces. He shows you where they're defined in the PHP source, what the code looks like and how they integrate with the class. He also shows you how to customize the object class handlers, making it possible to use the custom class (object) as an array. Adding Traversable is easier, adding an iterator return method that allows for the data internal to the class to be iterated through.

tagged: phpclasses series part2 extension class array manipulate arrayaccess traversable

Link: http://www.phpclasses.org/blog/post/306-How-to-Create-a-PHP-C-Extension-to-Manipulate-Arrays-Part-2-Adding-ArrayAccess-and-Traversable-interfaces.html

How to Create a PHP C Extension to Manipulate Arrays Part 1: Basic Array Class Exten
Aug 11, 2015 @ 10:27:24

Dmitry Mamontov has posted a the first part of a series looking at manipulating arrays in the PHP source and enhancing performance for certain handing as a PHP extension.

In PHP projects, arrays are used every where because they are useful and flexible to store all sorts of data structures. However, when you need to maximize the performance the manipulation of arrays for specific purposes, you can achieve great gains if you implement a PHP extension written in the C language. Read this tutorial to learn how to build your own basic array manipulation extension in C.

He covers all the steps you'll need to get start building the extension, introduces a few key concepts and starts on the code for the extension:

  • Building PHP from the Source
  • Building a PHP Extension (overview)
  • Brief Introduction to zval and Functions
  • Defining a Class in Our Extension
  • D for Dynamic (working with dynamic array values)

The C code needed is included through out the post. The next part in the series will build on this and show how to implement interfaces like ArrayAccess and Traversable.

tagged: extension array manipulate part1 series introduction source

Link: http://www.phpclasses.org/blog/post/304-How-to-Create-a-PHP-C-Extension-to-Manipulate-Arrays--Part-1-Basic-Array-Class-Extension.html

Piotr Pasich:
Automated deployment with AWS Elastic Beanstalk (EB) – Part II
Aug 07, 2015 @ 09:14:31

Piotr Pasich has posted the second part of his series showing you how to set up an automated deployment process for an environment that includes an Elastic Beanstalk instance. In this part of the series be builds on the process created in part one and shows the setup and configuration of the Beanstalk instance.

In the previous part we set up a dedicated Symfony application on Docker virtual containers and prepared environments that may be transferred between developers during project cycle. The next step is to prepare the application for pushing into the cloud. There are many options available on the market – Heroku, DigitalOcean and, my favorite, AWS Elastic Beanstalk.

He walks you through the Amazon side of things first, getting the Beanstalk instance set up through the AWS control panel, selected from the AWS list of services. He goes through the options you'll need to configure to get the instance all set up and running including the resources to allocate and instance type (t1.medium is recommended). He then helps set up some of the necessary environment variables for configuration information and a bit of a hack to Symfony that lets you override local parameters with ones coming from the environment. Finally he configures the Beanstalk application and setting it up for automated deployment.

tagged: series part2 elasticbeanstalk aws deployment automated tutorial

Link: http://piotrpasich.com/automated-deployment-with-aws-elastic-beanstalk-eb-part-ii

Check Point Blog:
Finding Vulnerabilities in Core WordPress: A Bug Hunter’s Trilogy, Part I
Aug 06, 2015 @ 11:44:14

The Check Point blog has posted the first part of a series from one of their vulnerability researchers about finding security vulnerabilities in the core WordPress code (and some of the results along with CVE numbers).

In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only ‘Subscriber’ user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS attacks on 20% of the popular web.

In this first part he focuses on the concept of "identity" in a WordPress application. He focused on the "roles and capabilities" functionality to find bypass methods in operations like editing and adding new posts. As he works through his process, code is included from the WordPress core showing where the issue(s) lie and what would be needed to exploit the issue.

tagged: bug hunt wordpress vulnerability core code part1 series checkpoint

Link: http://blog.checkpoint.com/2015/08/04/wordpress-vulnerabilities-1/