Using Composer Without GitIgnoring Vendor/
March 12, 2014 @ 12:45:23
voice your opinion now!
In her latest post Lorna Mitchell looks at a method, when using Composer and git, to fix an issue around subdirectories that are git repositories and git thinking they should be submodules instead.
Recent additions to the joind.in API have introduced some new dependencies so we decided we'd start using Composer to manage these - but we don't want to run composer unsupervised. I'm sure this will bring the rain of "just run composer install, it's probably mostly almost safe" criticism, but actually it's quite tricky to run Composer without excluding vendor/ from source control so I thought I'd share how we did it so that anyone who wants to do so can learn from my experience!
She starts by describing the usual use of Composer - making the "composer.json", running the install and see the "vendor" directory being added. When she tried to check in the dependencies, git gave her an error about wanting them to be submodules. Instead, she figured out a way to add a line to the .gitignore to have it disregard the "vendor/.git" directory, making it work as expected.
Of HHVM, Hack and the future of PHP
March 12, 2014 @ 11:09:50
voice your opinion now!
Lukas Smith has posted some of his own thoughts on the Liip blog about the future of PHP, HHVM and Hack (related to this previous post from Anthony Ferrara) in the context of the company and the work they're doing.
I want to specifically comment on the part about HHVM and Hack. I have of course published my own opinion on the topic fairly recently on my private blog. Fellow Liiper Chregu has also done a very popular post on this very blog showing some very significant performance improvements that can be achieved with HHVM. [...] While Anthony does not recommend running HHVM in production, we are obviously getting ready to do just that. I totally agree however with the risks he points out.
He talks more about using HHVM in a production environment and some of the possible problems with it in the future (like maybe a change in it being incompatible with PHP someday). He also touches on the Hack language and how it is possible that Facebook's team will go wholly with Hack instead of PHP.
One of the big questions is why does Facebook even care about PHP mode if they are already moving their own code to Hack? To me one big reason for this could be that they actually want to use code produced in the community. [...] So maybe in the end the best way to ensure that PHP mode in HHVM remains a goal for Facebook is to keep churning out high quality PHP code?
The PHP.cc Blog:
PHPUnit 4.0 Test Proxies
March 12, 2014 @ 10:13:08
voice your opinion now!
On thePHP.cc blog today there's another post looking at an improvement in the latest release of the popular PHP unit testing tool, PHPUnit 4.0.0. In the post Sebastian Bergmann looks at test proxies.
One of the highlights of PHPUnit 4.0, which was released last week, is improved support for integration testing through so-called test proxies. [...] PHPUnit has had built-in support for stubs and mocks for quite some time. These stubs and mocks can be used in every context where an object of the original class is expected. As it should be, the code of the original class is not executed when a method is called on the stub or mock. [...] PHPUnit 4.0 introduces the concept of test proxies [...] to have an object that provides the same API for expectations as a mock object while at the same time proxying method calls to the original class.
He includes some code examples to help illustrate. He creates a "SimpleWorkflow" class and shows how to test the execution of its "doWork" function to return the correct kind of "Result".
Packagist Latest Releases for 03.12.2014
March 12, 2014 @ 08:02:54
voice your opinion now!
Recent releases from the Packagist:
- onceit/raygun-bundle (v0.0.1)
Symfony2 Raygun Bundle
- joshmoody/validation (0.3.1)
Validate individual data elements or group validation rules into sets to validate a form.
- star/collection (1.0.0)
Collection utility lib
- yan/site-utility-bundle (v1.3.0)
- imsky/holder (v2.3.2)
Holder uses the canvas element and the data URI scheme to render image placeholders entirely in browser.
- lazy/lazy (2.1.6)
- petrepatrasc/blizzard-starcraft-api (1.0.1, 1.0.0)
A PHP 5.3+ wrapper for the Starcraft 2 API
- 4d47/http-resource (v1.2, v1.1)
- piwik/piwik (2.1.1-b3, 2.1.1-b2)
Open Source Real Time Web Analytics Platform
- maxwell2022/oauth-client (v1.0.1)
- webignition/php-stripe-models (0.1.11, 0.1.10, 0.1.9, 0.1.8, 0.1.7, 0.1.6)
Models for various Stripe entities
- fbf/laravel-agegate (v0.2.0)
A Laravel 4 package for adding an agegate to a site
- prabpornpra/cakephp-mailchimp (v1.0.4)
CakePHP 2.x plugin for MailChimp
- roots/bedrock (1.1.1)
A modern WordPress stack
- fol/core (v1.5.3)
The core of FOL framework
- nick-jones/globby (v0.2.5)
Glob wildcard ' regular expression translation library
- condenast/pangea (0.0.22, 0.0.21, 0.0.20)
- bonndan/release-manager (0.5.4)
Release Manager for semantic version releases of composer packages and projects.
- irestful/concretemethodmetadatarepositories (13.11.28)
- vegasje/xero-oauth (0.3.0)
PHP class for the Xero API V2 http://developer.xero.com/getting-started/code/php/
- nymo/silex-twig-breadcrumb-extension (v1.0.0)
Twig breadcrumb extension for use in silex
- jacobbennett/sendyphp (1.1)
A PHP Library for interfacing with the Sendy newsletter system (http://sendy.co)
- chumper/datatable (2.2.2)
This is a laravel 4 package for the server and client side of datatablaes at http://datatables.net/
- unreal4u/rutverifier (v2.0.0)
This class is able to do integrity verification on chilean RUTs and RUNs
- voceconnect/voce-post-meta-media (1.1.3)
Extension of Voce Post Meta Plugin to create media meta fields
- tomkyle/package-boilerplate (1.2.0)
A package boilerplate
- frbit/validator-loader (0.1.0)
Load Laravel validator definitions from files or directories
- tomkyle/psr-log (1.0.1, 1.0.0)
- eridal/recaptcha (0.2.0)
ReCaptcha Client Library
- mazelab/phantomjsstarter (1.0.0)
Starts phantomjs sessions with webdriver support
- rawebone/ormish (v0.2.0)
A lightweight ORM
- oldsound/rabbitmq-bundle (v1.3.1)
Integrates php-amqplib with Symfony2 and RabbitMq
- soluble/db (0.8.2)
Soluble database common components
- nodge/yii2-eauth (2.1.4)
Yii2 EAuth Extension. EAuth allows to authenticate users with accounts on other websites (Google, Facebook, Twitter, etc).
- psy/psysh (v0.1.4, v0.1.3)
An interactive shell for modern PHP.
- maciek-kemnitz/shoplo-php (1.0.0)
PHP client for shoplo api
- johnshopkins/wp-supertags (0.0.1)
- simplon/doi (0.0.1)
Simple double opt-in handler w/ possibility to inject your own DB and Iface handler
- voceconnect/select-posts-widget (0.5.1)
Select posts to display in a widget with an easy drag and drop interface
- mbfisher/dimple (v0.1.0)
A simple PDO wrapper for making simple SQL queries
- despark/kohana (0.1.1, 0.1.0)
Kohana project template
- anh/taggable-bundle (v1.1.3)
Taggable symfony bundle
- h4kuna/fio (v1.1.5)
Read email or gpc file from Fio bank
- avisota/contao-core (126.96.36.199-beta1)
Avisota newslettersystem for contao
- mediasilo/phoenix-php-sdk (0.2.1, 0.1.9)
- wb/bigregister-soap (0.0.1)
php 5.3+ implementation of BIG Register SOAP interface
- franz-deleon/fdl-oauth2-provider (v1.1)
ZF2 OAuth2 Provider module
- friendsofsymfony/rest-bundle (1.3.1, 1.3.0)
This Bundle provides various tools to rapidly develop RESTful API's with Symfony2
- irestful/concretemethodannotationobjects (13.11.28)
- bit3/contao-theme-plus (4.3.5)
Theme+ for Contao OpenSource CMS
- namesco/ztal (1.5.8)
ZTal makes integrating the PHP templating system PHPTAL into Zend Framework easy.
- hrevert/ht-time-zone (0.0.1)
HtTimeZone is a Zend Framework 2 module to simplify working with timezones. This module is useful when your application users are located all around the world.
- matycz/lemo-bootstrap (1.0.4)
- irestful/methodannotationobjects (13.11.28)
- opus-online/yii-loggly (1.1.0)
Yii Loggly is a Log Writer that sends all log messages to a loggly account
- kutny/tracy-bundle (1.0.1)
Nette Tracy debugger for Symfony
- jschaedl/iban (1.1.5)
validate and generate IBANs
- pyrsmk/minisuite (1.2.0)
A mini unit testing tool
- jschaedl/bav (1.3)
- ajt/modelmanager (1.0.1, 1.0.0)
Model management library
- usu/codice-fiscale (v0.2, v0.1)
A library to calculate the italian fiscal code (codice fiscale)
- scribe/file-uploader-bundle (v1.0.0)
Multiple file uploads for Symfony2 with the BlueImp uploader.
- eliksir/sendgrid-subuser-api (0.3)
Library to easily work with the SendGrid Subuser API
- umbrella/boleto (v1.4.0)
Yet another Boleto e uma biblioteca para geraĆ§Ć£o de boletos bancĆ”rios em PHP
- watson/active (1.0.3)
Laravel 4 helper for recognising the current route, controller and action
- playsms/webservices (1.0.0)
playSMS Webservices Class
- gggeek/ezdbintegrity (v0.2.0)
Allows checking integrity of data in the database
- masnathan/template (0.0.3)
Lightweight Template class.
- mikehaertl/phpwkhtmltopdf (1.2.2)
A slim PHP wrapper around wkhtmltopdf with an easy to use and clean OOP interface
- krisanalfa/bono-blade (0.0.5, 0.0.4, 0.0.3)
Laravel Blade template engine for Bono PHP Framework
- tomkyle/exceptionhandling (1.0.0)
- evlz/pest-bundle (0.0.4, 0.0.3, 0.0.2)
Symfony2 Pest Bundle
- fire015/flintstone (v1.4.0)
A key/value database store using flat files for PHP
- rkr/logger-essentials (0.0.4, 0.0.2)
- phpunit/phpunit (4.0.6)
The PHP Unit Testing framework.
- claroline/activity-tool-bundle (1.0.4)
Claroline activity tool bundle
- phpunit/phpunit-mock-objects (2.0.3)
Mock Object library for PHPUnit
- cyberspectrum/contao-toolbox (0.6.0)
- league/csv (5.1.0)
Csv data manipulation made easy in PHP 5.4+
- madeyourday/contao-rocksolid-icon-picker (v1.0.5)
RockSolid Icon Picker Contao Extension.
- rodgermd/geotools (v0.1.0)
Geo Tools for PHP 5.4
- hexastudio/array_disk (v0.4.0, v0.3.0)
Store array as cache in hardDrive, decrease memory usage
- ponyfleisch/fpdf-stream (v0.0.4)
FPDF Version that supports streaming directly to the browser
- jetbrains/phpstorm-workshop (1.0.3)
Materials for the PhpStorm workshop. Check https://github.com/jetbrains/phpstorm-workshop/ for more info.
- gusdecool/bunga-wire (v1.6.3)
Bunga Mata CMS for Company Profile based on ProcessWire
- krisanalfa/bono-cache (0.0.1)
Laravel cache manager for Bono PHP Framework
- blueimp/jquery-file-upload (9.5.7)
File Upload widget for jQuery.
- fourmation/rest-remote-object (1.0.0-BETA3)
This library provide a REST adapter for the Remote Object pattern implemented by the ProxyManager project.
Laravel Unwrapped Session, Auth and Cache
March 11, 2014 @ 11:57:10
voice your opinion now!
On NetTuts.com today there's a new tutorial introducing you to the Laravel framework and how to use its session, authentication/authorization and caching systems.
One thing though that not a lot of programmers take advantage of is Laravel's component-based system. Since its conversion to composer-powered components, Laravel 4 has become a very modular system, similar to the verbosity of more mature frameworks like Symfony. [...] In this tutorial, we'll be diving into a group of these components, learning how they work, how they're used by the framework, and how we can extend their functionality.
First up is the session component that lets you store the data in various places (file, cookie, etc) and how service providers fit into this. Next up is the Auth component, showing how to use the service providers to hook into a custom auth handler for finding and validating user logins. Finally, there's the Cache component. He shows how to apply a service provider to configure it, passing the data off to a MongoDB database to be stored.
Michelangelo van Dam:
Bootstrapping ZF1 application in Apigilty
March 11, 2014 @ 10:42:27
voice your opinion now!
Michelangelo van Dam has a new post sharing a method he's come up with for boostrapping Zend Framework v1 components inside of an Apigility-based application.
Apigility is a Zend Framework 2 tool that provides a REST API management interface, which is very useful if you want to build an API. Apigility can directly connect with your database and offer a full REST API for your application, but in most cases you already have an application build with Zend Framework 1.x (ZF1). Let's assume you have incorporated a lot of business logic in this application so it would be a waste not to use it building a rich REST API.
He uses the gitmodules functionality to bring his entire ZF1 application into the Apigility app's structure (or, alternatively, Subversion). He shows how to use Composer to install the actual Zend Framework v1 copy and how to pull in other third-party libraries. He includes the code you'll need to use to create a "ZF2APP_PATH" constant to get to the application path of Zend Framework v2 instance. He then gets into the main part - the actual autoloading and bootstrapping of the ZF1 classes/services. He gives a brief introduction to working with Apigility to make a new service and shows the update to the resource class.
SitePoint PHP Blog:
Risks and Challenges of Password Hashing
March 11, 2014 @ 09:31:45
voice your opinion now!
The SitePoint PHP blog has a new post today about the challenges of password hashing and some of the common risks that can come with it. It's a continuation of a previous article about the actual techniques for hashing in PHP.
The fact that the output of a hash function cannot be reverted back to the input using an efficient algorithm does not mean that it cannot be cracked. Databases containing hashes of common words and short strings are usually within our reach with a simple google search. Also, common strings can be easily and quickly brute-forced or cracked with a dictionary attack.
He points to a video demonstrating a method for getting the password data and why just salted hashes aren't a secure method for storing this information. He mentions a "randomness issue" (and PHP's rand function). Instead, he shows an example with openssl_random_pseudo_bytes o pull a chunk of randomized data. He then talks some about password stretching using the PBKDF2 handling in PHP. Finally, he goes past the hashing and gets into encryption, mentioning "password tweaking" as an alternative to generating a single key for every user.
Don't see your event here?
Let us know!