Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Symfony Finland:
Symfony Bundle Spotlight: EasyLogHandler, eZ Migration Bundle, Netgen Layouts & Syl
Aug 23, 2016 @ 11:06:04

On the Symfony Finland blog they've posted a "spotlight" article highlighting several useful Symfony packages to help make your development life easier.

With the summer coming to an end there is increasing activity in the Symfony community in the form of bundles. Recently four interesting Symfony bundles have had interesting status updates: EasyLogHandler, eZ Migration Bundle, Netgen Layouts and Sylius.

The packages mentioned (some relatively new) are:

Each item on the list comes with a brief description of either the features of the library or a brief overview of what's changing in the package's updates.

tagged: symfony bundle spotlight easyloghandler ezmigration netgenlayouts sylius

Link: https://www.symfony.fi/entry/symfony-bundle-spotlight-easyloghandler-ez-migration-bundle-netgen-layouts-and-sylius

Stovepipe Systems:
Symfony Security Roles vs. Voters
Aug 22, 2016 @ 10:08:28

On the Stovepipe Systems blog author Iltar van der Berg has retuned with a continuation of his series on Symfony security basics with this new post covering voters and roles.

In my previous blog post I've explained the basics of authentication, authorization and how this is dealt with in Symfony. Due to the size of the post, I've left out several important topics such as roles and voters; Both an equally important part of authentication and authorization. A common misconception is that roles should be used to check permissions. In fact, they should definitely not be used to check permissions!

He goes on to explain where "roles" come into the process of authentication (not authorization) and how they describe something about the user of the system. With that defined he moves on to the "voters": functionality that "vote" on attributes related to the user/request/resource/etc. and return a pass or fail decision based on their logic. He explains why voters are probably more what most developers are looking for and some reasons to use them over roles. He then ends the post showing how to create your own custom voter and configure it into your application.

tagged: tutorial symfony authorization voter role introduction custom

Link: https://stovepipe.systems/post/symfony-security-roles-vs-voters

Symfony Finland:
Consider Docker for your Symfony projects
Aug 15, 2016 @ 11:24:35

On the Symfony Finland site there's a post that makes a recommendation for your Symfony framework based projects: give Docker a try to make setup and maintenance simpler.

During the first half of 2016 the web development community has talked about Docker quite a bit. The technology has been around since 2013, but during the last few months it has matured and started being adopted for mainstream web development. Docker is a great fit for Symfony projects too.

[...] Docker takes an approach where it wraps a piece of software into something known as a container. These containers are shipped complete with the application code, a runtime, system tools and libraries. Containers are thus guaranteed to always run the same, but can share files and networking with the host and other containers.

They then talk about how this "containerized" setup can be used to your advantage, making it simpler to get a Symfony application up and running with a few commands. The post then gets into an example setup of a Symfony Docker environment complete with Nginx, Varnish and PHP-FPM installed and linked. There's also setup for MySQL and Redis rounding out the data storage side. A quick "docker-composer up" command and, if all goes as expected, the environment is set up and waiting for your application.

tagged: symfony finland docker project tutorial setup configure

Link: https://www.symfony.fi/entry/consider-docker-for-your-symfony-projects

Symfony Blog:
We're sorry to announce the cancellation of the SymfonyLive Chicago 2016
Aug 11, 2016 @ 10:49:08

On the Symfony Blog there's a sad announcement that they are having to cancel SymfonyLive Chicago for their 2016 event.

We are very sorry to inform you that we are canceling the SymfonyLive Chicago conference this October 13th and 14th.

After much pained reflection, we realize that we have no choice. Our venue requires a minimum number of attendees, a number from which we are too far, and we know that over the next two months, we cannot possibly meet the requirement.

We have never held a SymfonyLive conference in Chicago before and were hoping to extend the Symfony community’s reach to the mid-west. Unfortunately, it just won’t be possible this year. However, we are confident that with another year of work, we will be able to bring the SymfonyLive back to the United States and hope that you will still be interested in our common goals to keep improving the framework for the benefit of everyone!

They do note, however, that both SymfonyLive London and SymfonyLive Berlin are still on and registration is open for both.

tagged: symfonylive chicago cancelation announcement conference symfony

Link: http://symfony.com/blog/we-re-sorry-to-announce-the-cancellation-of-the-symfonylive-chicago-2016

Symfony Finland:
PHP development with Windows Subsystem for Linux (WSL)
Aug 08, 2016 @ 09:48:19

On the Symfony Finland site there's a new article posted talking about the use of the Windows subsystem for Linux, an environment that allows for the execution of Linux binaries in a Windows environment.

Windows has always been somewhat of an oddball when it comes to PHP development. In the past years it has lost out on developer mindshare to UNIX-like Operating Systems like Linux and macOS.

With the release of Windows 10 Anniversary Update in August 2016 Microsoft now offers an interesting option for PHP development in the Windows environment: The Windows Subsystem for Linux (WSL). The Windows Subsystem for Linux allows the execution of Linux binaries in Windows 10. The feature is not enabled by default and is targeted for developers.

They show you how to get into the Linux-compatible shell on your Windows system after enabling it in your System Settings. From there, he says, it's basically like working in a Linux-based server and includes some of the actions he took (including installing PHP 7, Symfony and Composer). He also shows the integration the environment has back with the Windows system including access to local drives (but that there's still some tricky bits involved in using them).

tagged: development windows subsystem linux commandline install symfony environment

Link: https://www.symfony.fi/entry/php-development-with-windows-subsystem-for-linux-wsl

Auth0 Blog:
Creating your first Symfony app and adding authentication
Aug 03, 2016 @ 12:36:21

In this new post to the Auth0 blog Prosper Otemuyiwa shows you how to create a first Symfony framework based application and add in authentication with the included Guard functionality.

Symfony is a PHP framework, made up of a lot of decoupled and reusable components. It's a framework that promotes standardization and professionalism, supports best practices and interoperability of applications. In this tutorial, I'll show you how easy it is to build a web application with Symfony and add authentication to it without banging your head on a wall! Check out the repo to get the code.

They start with a brief overview of some of the components the framework is made up of (the most commonly used ones) and its concept of "bundles". He then helps you create your first Symfony application, explains its basic structure and starts in setting up controllers. Then comes the authentication and user validation pieces: registration handling, user functionality and creating its related database storage. Next up is setting up the routes for the application applying the authentication handling and finishing out the views for output. They end the post with a look at the profile debug bar, how Symfony compares to other frameworks and how to optionally integrate the Auth0 functionality in if you choose.

tagged: auth0 symfony introduction basics tutorial authentication integration

Link: https://auth0.com/blog/creating-your-first-symfony-app-and-adding-authentication/

Symfony Finland:
Choosing a front end architecture for Symfony framework projects
Aug 01, 2016 @ 11:21:42

On the Symfony Finland site there's a new post with some suggestions on choosing a frontend for your Symfony-based applications according to your needs.

Most projects created with the Symfony framework nowadays also include quite a bit of logic done on the client side. There is a large number of options on the market and this can lead to trouble choosing between the options. The JavaScript scene is full of camps and cutting through the buzz is quite a bit of work. [...] Symfony remains neutral to what is running in the front end of the project. As with most things in web development, there is no single "right" answer to which front end frameworks to use.

They talk briefly about the history of the framework and what kinds of considerations should be made for both the front and backend technology. They also remind you that there's not a "one size fits all" frontend technology out there. They describe a few different kinds of situations (backend heavy, frontend heavy, etc) and make a few suggestions as to which way you might want to go and libraries to investigate.

The next time you're faced with starting work on a front end of a web site or web application built with Symfony, you can reflect on the experience you've got from the back end. There are usually many right answers and no absolute truths.
tagged: frontend architecture symfony application suggestion opinion project

Link: https://www.symfony.fi/entry/choosing-a-front-end-architecture-for-symfony-framework-projects

Symfony Blog:
Introducing the new Symfony Documentation
Jul 29, 2016 @ 13:47:59

On the Symfony blog there's a new post introducing the new project documentation, the result of lots of work from a large number of developers to bring the framework's documentation up to date.

When the Symfony documentation was started more than 5 years ago, it was just a few short articles written by Fabien. Now, we boast more than 1,000 pages of documentation, a team of 4 maintainers and over 1,000 contributors!

As the project grew, we've tried to innovate: adding continuous integration to catch build errors, setup Platform.sh to auto-deploy every pull request and implemented a process so that all new features to Symfony's core become documented (an amazingly rare feat).

And just like with code, a project must challenge itself continuously to stay ahead of the curve. In this article, we're thrilled to introduce the new Symfony Documentation: a result of over 150 hours of volunteer work via a secret project codenamed "Project Mercury".

They talk about some of the challenges they faced with the previous version of the documentation and some of the problems they wanted to solve. Instead of splitting things up into three sections ("Book", "Cookbook" and "Components") they opted to break it up into something more approachable for two different categories of users: "Getting Started" and "Guides" (everything else). They share some about how they made this new version happen and the workflow they followed to keep everything (and everyone) in sync.

You can check out this new documentation over on the completely revamped documentation site right now.

tagged: symfony documentation project version release update

Link: http://symfony.com/blog/introducing-the-new-symfony-documentation

Codevate.com:
Securing client-side public API access with OAuth 2 and Symfony
Jul 18, 2016 @ 12:30:26

On the Codevate.com blog there's a tutorial posted by Chris Lush showing you how to secure your client-side public API with OAuth 2 (based on the Symfony platform).

Say you’ll be developing a web application for a customer to create and manage restaurant bookings, exposing restaurant information (name, opening times, menu contents etc.) and booking creation as RESTful API endpoints, which are consumed by secure admin backend. You’ll need to authorise access to the API, but there is no end-user involved since the web app is its own resource owner, so the previous flow doesn’t apply.

[...] However, you also need to develop a booking widget that will be embedded in a company or restaurant’s website for visitors to use. In this case, the client-side is no longer trusted enough to share the OAuth client secret that’s required to authenticate with your API. [...] We encountered a similar use-case for a client project recently, and this blog post details the steps taken to address it.

He then shows how to integrate the FOSOAuthServerBundle bundle into your current Symfony-based application and the updates you'll need to make to your security.yml file. He includes the code needed to create a "client" and associating it with a company already in the customer list. Next is the creation of access tokens and linking them to the restaurants in their system (a unique identifier to use externally for the restaurant rather than an ID). He shows an example of handling the token requests and the code/config changes needed to set it up. Finally he talks about scoping API requests down to certain functionality and an example cURL call to the API to show the results of it all combined.

tagged: clientside api access security oauth2 symfony tutorial bundle

Link: https://www.codevate.com/blog/12-securing-client-side-public-api-access-with-oauth-2-and-symfony

SitePoint PHP Blog:
Quick Tip: Testing Symfony Apps with a Disposable Database
Jul 14, 2016 @ 11:12:16

On the SitePoint PHP blog author Andrew Carter has shared a "quick tip" about using a disposable database in the testing of your Symfony-based applications.

Testing code that interacts with a database can be a massive pain. Some developers mock database abstractions, and thus do not test the actual query. Others create a test database for the development environment, but this can also be a pain when it comes to continuous integration and maintaining the state of this database.

In-memory databases are an alternative to these options. As they exist only in the memory of the application, they are truly disposable and great for testing. Thankfully, these are very easy to set up with Symfony applications that use Doctrine.

He talks first about the built-in functionality Symfony has to use different configuration files for different environments. This allows for easier testing in a more isolated setup than replicating development. He then shows how to use Doctrine with a SQLite in-memory database with a simple update to the config_test YAML configuration file. He also includes the code for a DatabasePrimer class that gets the Doctrine entity manager and executes the the schema tool to set up the schema in the database and "prime" it with any fixtures you might need.

tagged: tutorial symfony sqlite database inmemory testing schema fixture

Link: https://www.sitepoint.com/quick-tip-testing-symfony-apps-with-a-disposable-database/