Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP Roundtable:
034: Debugging is more than var_dump()
Nov 17, 2015 @ 11:09:48

The PHP Roundtable podcast, with host and PHP community member Sammy Kaye Powers, has posted their latest episode with a look at why "Debugging is more than var_dump()". In this episode Sammy is joined by Derick Rethans (of Xdebug fame), Colin O'Dell and Gary Hockin.

Believe it or not, there's a lot more to debugging your PHP code than var_dump()'ing all the things. We discuss how to use debugging tools to help us comprehensively debug our codebase.

You can watch the playback of the live recording of the episode either using the in-page video player or directly on YouTube. If you enjoy the episode be sure to subscribe to their feed and follow them on Twitter to get information about new episodes as they're released and when future live recordings are happening.

tagged: phproundtable ep34 debugging vardump tools podcast

Link: https://www.phproundtable.com/episode/debugging-is-more-than-var-dump

Community News:
Rogue Wave Software Acquires Zend
Oct 06, 2015 @ 14:57:39

Zend has posted a new press release about their acquisition by Rogue Wave Software, a company specializing in tools and services "making it easy to write, test, and run complex code."

Rogue Wave Software announced today that it has acquired Zend Technologies, the leader in end-to-end PHP web and mobile application development and deployment solutions. With 50 percent of the web workload running on PHP, including Magento, Drupal, and WordPress, Zend products drive PHP in the enterprise, from code creation through production deployment.

[...] “Today’s announcement expands Rogue Wave into PHP web and mobile application development, underscoring our goal to make developers heroes by accelerating their ability to create great code,” said Brian Pierce, CEO of Rogue Wave.

It's something that's definitely taken the PHP community by surprise and left many wondering what the future of the language my hold with Zend having been such a critical part of the engine that parses and executes the PHP code we write every day. Chris Tankersly has already shared some of his thoughts on the matter and why, as he puts it, this "doesn't matter" to PHP and it's community as much as some are thinking.

tagged: zend acquire roguewavesoftware roguewave company software tools code

Link: http://www.zend.com/en/resources/news-and-events/newsroom/press/3683_rogue-wave-software-acquires-enterprise-php-leader-zend-acquisition-broadens-enterprise-strength-across-top-five-development-languages

UserSnap Blog:
A Practical Guide to Building Fast Web Applications in the Cloud
Aug 14, 2015 @ 10:44:58

On the UserSnap blog Luciano Mammino has provided a guide to building fast applications in the cloud using PHP and several tools and techniques. He offers a list of six rules to follow to make building the applications fast (and fast applications).

In this post Luciano highlighted some of the most common principles you should consider while building high performing web applications (specifically on the backend part). The following concepts discussed here can be applied to any language and framework. Though this post will cover some concrete examples, design patterns and tools that are mostly used in the PHP ecosystem.

His list of rules includes tips like:

  • Avoid premature optimization
  • Defer the work you don’t need to do immediately
  • Use cache when you can
  • Prepare your app for horizontal scalability when possible

Each point comes with a paragraph or two of explanation as to why it's an issue to watch out for and some tips to help prevent it as well as tools that can help.

tagged: guide practical fast application top6 tips tools

Link: http://usersnap.com/blog/building-web-applications-cloud/

SitePoint PHP Blog:
The State of Accessibility in PHP Tools
Aug 03, 2015 @ 11:19:21

On the SitePoint PHP blog Parham Doustdar has posted a look at accessibility in PHP tools or how easy they make it for those with disabilities (such as his own blindness) to do their development work.

Usually when I tell people that I’m blind, many people ask me how I can use the computer. “Is someone reading you my messages?” I remember someone asking. Many people imagine that I have this super-nifty speech recognition software that I can just talk to, and it would do anything, even write code. Imagine dictating code to a speech recognition system! [...] I gave an answer on Quora, to someone who had asked How does a visually impaired computer programmer do programming? I recommend you go through that answer to have a better context on what I’ll be talking about in this post.

He starts with a look at how visually impaired people could normally use a computer using screen readers, interaction with the software (all through the keyboard) and some things that just can't be done with this setup. He covers some of the issues screen readers have when parsing web applications and links to the WebAIM articles page for more information there. He then gets into the IDE comparison covering essential, assistance and supplementary features as well as community engagement around accessibility issues. He compares:

  • PHPStorm
  • SublimeText
  • NetBeans
  • Eclipse-based IDEs (Zend Studio, Eclipse PDT)
  • Notepad++

Unfortunately, most of the software on his list received a rating of "zero" on the scale with the exception of Notepad++, though it still has places it falls flat.

tagged: accessibility tools blind programming ide comparison screenreader

Link: http://www.sitepoint.com/the-state-of-accessibility-in-php-tools/

Easy Laravel Book:
How Laravel 5 Prevents SQL Injection, CSRF, and XSS
Jul 23, 2015 @ 16:05:15

Jason Gilmore has posted an article to the Easy Laravel Book site with a bit more detail about how the framework prevents some common security issues including SQL injection and cross-site request forgery.

A reader recently e-mailed me and asked about Laravel 5’s native security features. While I talk about various security-related matters throughout the book, this information isn’t consolidated into any particular chapter and so I thought it would be useful to do so in a single blog post. Laravel helps to secure your web application by protecting against three serious security risks: SQL injection, cross-site request forgery, and cross-site scripting.

He goes through each of the types and talks about the built-in functionality Laravel includes to protect against each one. A bit of code is tossed in when needed to help clarify the point too. Fortunately for the user, a good bit of the technical pieces of these protections are behind the scenes and don't need much effort to use.

tagged: laravel5 sqlinjection csrf xss prevention framework tools

Link: http://www.easylaravelbook.com/blog/2015/07/22/how-laravel-5-prevents-sql-injection-cross-site-request-forgery-and-cross-site-scripting/

ServerGrove Blog:
Linters for PHP projects
Jun 03, 2015 @ 12:34:53

In a new post to the ServerGrove blog they look at linting tools for various circumstances including standard PHP, Twig templates and Composer configuration.

Today’s projects are built up from dozens of different components, configuration files, third-party libraries, tests, build scripts, etc. And even if you have the greatest test suite, bad things can happen sometimes. It’s important to catch bugs as early as possible, and syntax validators can be a great (and easy) addition to your continuous integration system. You would be surprised at how many problems are caused by syntax errors. At ServerGrove, we see these kind of problems with our clients almost every day.

Their list shows you how to lint (syntax check) several different types of content:

  • standard PHP code
  • Twig templates
  • Composer configuration
  • XML files
  • Bash scripts
  • JSON files
  • YAML files

Some of them use tools that already come built-in (like PHP's "-l" or Twig's "twig:lint") but others require the use of external software such as xmllint or melody. Command examples are also included for each.

tagged: lint project types twig bash composer xml json yaml tools

Link: http://blog.servergrove.com/2015/06/02/linters-php-projects/

Sound of Symfony Podcast:
Episode 7 - Talking about tools
Apr 20, 2015 @ 11:52:19

The Sound of Symfony podcast has returned with a new episode (#7) where they talk about tools and catch up on some of the news they missed while they were out.

In this much delayed episode we discuss the huge backlog of news that we've missed, we talk to Benjamin Eberlei about development tools, and we talk about the upcoming Symfony conferences. Next episode will be released on May 17th.

You can listen to this latest episode either through the in-page audio player or by downloading the mp3. If you enjoy the show be sure to subscribe to their feed to get the latest shows as they're released.

tagged: soundofsymfony podcast ep7 tools benjamineberlei symfony

Link: http://www.soundofsymfony.com/episode/episode-7/

Developer Drive:
40+ tools for writing better PHP
Apr 01, 2015 @ 10:56:43

The Developer Drive site has posted their top 40+ list of libraries and tools that can help developers write better PHP. Their selections range from templating libraries to request handling and even testing tools.

There are scads of PHP tools available over the internet for php developers, but finding an appropriate PHP tool is quite an arduous task and demands effort and time. Today we’ve collected 45 handy PHP development tools for developers.

Included in their list are tools such as:

Several of the libraries can be installed via Composer (another tool in their list) but other items are stand-alone software that would need to be set up outside of the application.

tagged: tools list top40 libraries software testing template framework ide server

Link: http://www.developerdrive.com/2015/03/40-tools-for-writing-better-php/

ServerGrove Blog:
Security tools for PHP projects
Mar 23, 2015 @ 12:19:13

On the ServerGrove blog there's a new post looking at some of the currently available PHP security tools you can use to help keep your applications safe.

Security is getting more and more important, and the PHP community has been doing great improvements in this topic during the last few years. From better configuration settings to provide some level of security by default to frameworks providing functionality to avoid common attacks such as XSS, CSRF or SQL injection. [...] Well, any piece of software can have bugs, and obviously open source projects are not an exception. The good point is that security researchers, once they find a vulnerability, it is reported and added to a database of known vulnerabilities. We basically need to find a way to avoid using code with known vulnerabilities, and there are some interesting tools out there to help us.

They list four tools that focus on different areas of the security of your application to help provide good basic coverage:

One thing to note, these are all automated tools so they shouldn't be relied upon exclusively to ensure the security of your application. Testing and evaluation of the codebase with these and other testing tools should always be done as well.

tagged: security tools list checker advisories roave composer iniscan versionscan

Link: http://blog.servergrove.com/2015/03/23/security-tools-php-projects/

Loosely Coupled:
Episode 19: How We Work
Feb 13, 2015 @ 09:45:50

The Loosely Coupled podcast has posted their latest episode today - Episode #19, How We Work. Join hosts Jeff Carouth and Matt Frost as they talk about work life, personal life and what tools, processes and techniques they've used during their careers to get the job done.

In this episode Jeff and Matt explore how they go about organizing their work life and our personal lives. They cover the idea of how the process evolves depending on your environment and even your personal inclinations. In 2011, Jeff wrote a blog post about the tools he used back then and realized that it has changed a little but for the most part works for him. They cover some pitfalls of processes that require tickets/stories to be broken down into parts where developers cannot understand what they’re doing or why, and how they’ve learned over time to get to that information. They also talked about learning how to be professionals and defend against situations that would impact your work or your code in negative ways. Finally they touch on Matt’s work scheduling experiment which is inspired by the Makers Schedule versus the Managers Schedule and how it has helped him be more productive.

You can listen to this latest episode either by using the in-page audio player or by downloading the episode directly and listening at your leisure. Be sure to subscribe to their feed or follow them on Twitter for the latest updates and show announcements.

tagged: looselycoupled podcast ep19 work advice tools pitfalls process professional

Link: http://looselycoupled.info/blog/2015/02/12/episode-19-how-we-work/